suricata
defrag-config.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Giuseppe Longo <giuseppelng@gmail.com>
22  *
23  */
24 
25 #include "suricata-common.h"
26 #include "queue.h"
27 #include "suricata.h"
28 #include "conf.h"
29 #include "util-debug.h"
30 #include "util-misc.h"
31 #include "defrag-config.h"
32 
33 static SCRadixTree *defrag_tree = NULL;
34 
35 static int default_timeout = 0;
36 
37 static void DefragPolicyFreeUserData(void *data)
38 {
39  if (data != NULL)
40  SCFree(data);
41 
42  return;
43 }
44 
45 static void DefragPolicyAddHostInfo(char *host_ip_range, uint64_t timeout)
46 {
47  uint64_t *user_data = NULL;
48 
49  if ( (user_data = SCMalloc(sizeof(uint64_t))) == NULL) {
50  SCLogError(SC_ERR_FATAL, "Error allocating memory. Exiting");
51  exit(EXIT_FAILURE);
52  }
53 
54  *user_data = timeout;
55 
56  if (strchr(host_ip_range, ':') != NULL) {
57  SCLogDebug("adding ipv6 host %s", host_ip_range);
58  if (SCRadixAddKeyIPV6String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
59  SCLogWarning(SC_ERR_INVALID_VALUE,
60  "failed to add ipv6 host %s", host_ip_range);
61  }
62  } else {
63  SCLogDebug("adding ipv4 host %s", host_ip_range);
64  if (SCRadixAddKeyIPV4String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
65  SCLogWarning(SC_ERR_INVALID_VALUE,
66  "failed to add ipv4 host %s", host_ip_range);
67  }
68  }
69 }
70 
71 static int DefragPolicyGetIPv4HostTimeout(uint8_t *ipv4_addr)
72 {
73  void *user_data = NULL;
74  (void)SCRadixFindKeyIPV4BestMatch(ipv4_addr, defrag_tree, &user_data);
75  if (user_data == NULL)
76  return -1;
77 
78  return *((int *)user_data);
79 }
80 
81 static int DefragPolicyGetIPv6HostTimeout(uint8_t *ipv6_addr)
82 {
83  void *user_data = NULL;
84  (void)SCRadixFindKeyIPV6BestMatch(ipv6_addr, defrag_tree, &user_data);
85  if (user_data == NULL)
86  return -1;
87 
88  return *((int *)user_data);
89 }
90 
91 int DefragPolicyGetHostTimeout(Packet *p)
92 {
93  int timeout = 0;
94 
95  if (PKT_IS_IPV4(p))
96  timeout = DefragPolicyGetIPv4HostTimeout((uint8_t *)GET_IPV4_DST_ADDR_PTR(p));
97  else if (PKT_IS_IPV6(p))
98  timeout = DefragPolicyGetIPv6HostTimeout((uint8_t *)GET_IPV6_DST_ADDR(p));
99 
100  if (timeout <= 0)
101  timeout = default_timeout;
102 
103  return timeout;
104 }
105 
106 static void DefragParseParameters(ConfNode *n)
107 {
108  ConfNode *si;
109  uint64_t timeout = 0;
110 
111  TAILQ_FOREACH(si, &n->head, next) {
112  if (strcasecmp("timeout", si->name) == 0) {
113  SCLogDebug("timeout value %s", si->val);
114  if (ParseSizeStringU64(si->val, &timeout) < 0) {
115  SCLogError(SC_ERR_SIZE_PARSE, "Error parsing timeout "
116  "from conf file");
117  }
118  }
119  if (strcasecmp("address", si->name) == 0) {
120  ConfNode *pval;
121  TAILQ_FOREACH(pval, &si->head, next) {
122  DefragPolicyAddHostInfo(pval->val, timeout);
123  }
124  }
125  }
126 }
127 
128 void DefragSetDefaultTimeout(intmax_t timeout)
129 {
130  default_timeout = timeout;
131  SCLogDebug("default timeout %d", default_timeout);
132 }
133 
134 void DefragPolicyLoadFromConfig(void)
135 {
136  SCEnter();
137 
138  defrag_tree = SCRadixCreateRadixTree(DefragPolicyFreeUserData, NULL);
139  if (defrag_tree == NULL) {
140  SCLogError(SC_ERR_MEM_ALLOC,
141  "Can't alloc memory for the defrag config tree.");
142  exit(EXIT_FAILURE);
143  }
144 
145  ConfNode *server_config = ConfGetNode("defrag.host-config");
146  if (server_config == NULL) {
147  SCLogDebug("failed to read host config");
148  SCReturn;
149  }
150 
151  SCLogDebug("configuring host config %p", server_config);
152  ConfNode *sc;
153 
154  TAILQ_FOREACH(sc, &server_config->head, next) {
155  ConfNode *p = NULL;
156 
157  TAILQ_FOREACH(p, &sc->head, next) {
158  SCLogDebug("parsing configuration for %s", p->name);
159  DefragParseParameters(p);
160  }
161  }
162 }
163 
164 void DefragTreeDestroy(void)
165 {
166  if (defrag_tree != NULL) {
167  SCRadixReleaseRadixTree(defrag_tree);
168  }
169  defrag_tree = NULL;
170 }
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:335
TAILQ_FOREACH
#define TAILQ_FOREACH(var, head, field)
Definition: queue.h:350
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:515
DefragPolicyGetHostTimeout
int DefragPolicyGetHostTimeout(Packet *p)
Definition: defrag-config.c:91
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:215
PKT_IS_IPV6
#define PKT_IS_IPV6(p)
Definition: decode.h:252
SCRadixFindKeyIPV6BestMatch
SCRadixNode * SCRadixFindKeyIPV6BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV6 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1556
SCRadixCreateRadixTree
SCRadixTree * SCRadixCreateRadixTree(void(*Free)(void *), void(*PrintData)(void *))
Creates a new Radix tree.
Definition: util-radix-tree.c:426
ConfNode_::val
char * val
Definition: conf.h:34
PKT_IS_IPV4
#define PKT_IS_IPV4(p)
Definition: decode.h:251
ParseSizeStringU64
int ParseSizeStringU64(const char *size, uint64_t *res)
Definition: util-misc.c:203
SCRadixAddKeyIPV6String
SCRadixNode * SCRadixAddKeyIPV6String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV6/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:985
SCRadixReleaseRadixTree
void SCRadixReleaseRadixTree(SCRadixTree *tree)
Frees a Radix tree and all its nodes.
Definition: util-radix-tree.c:465
GET_IPV6_DST_ADDR
#define GET_IPV6_DST_ADDR(p)
Definition: decode.h:220
DefragTreeDestroy
void DefragTreeDestroy(void)
Definition: defrag-config.c:164
SCLogError
#define SCLogError(err_code,...)
Macro used to log ERROR messages.
Definition: util-debug.h:294
SCEnter
#define SCEnter(...)
Definition: util-debug.h:337
SCRadixAddKeyIPV4String
SCRadixNode * SCRadixAddKeyIPV4String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV4/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:936
Packet_
Definition: decode.h:407
SCLogWarning
#define SCLogWarning(err_code,...)
Macro used to log WARNING messages.
Definition: util-debug.h:281
SCRadixFindKeyIPV4BestMatch
SCRadixNode * SCRadixFindKeyIPV4BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV4 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1490
ConfNode_
Definition: conf.h:32
SCMalloc
#define SCMalloc(a)
Definition: util-mem.h:222
SCFree
#define SCFree(a)
Definition: util-mem.h:322
DefragSetDefaultTimeout
void DefragSetDefaultTimeout(intmax_t timeout)
Definition: defrag-config.c:128
ConfNode_::name
char * name
Definition: conf.h:33
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:176
SCReturn
#define SCReturn
Definition: util-debug.h:339
SCRadixTree_
Structure for the radix tree.
Definition: util-radix-tree.h:86
DefragPolicyLoadFromConfig
void DefragPolicyLoadFromConfig(void)
Definition: defrag-config.c:134