suricata
defrag-config.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Giuseppe Longo <giuseppelng@gmail.com>
22  *
23  */
24 
25 #include "suricata-common.h"
26 #include "defrag-config.h"
27 #include "util-misc.h"
28 #include "util-radix-tree.h"
29 
30 static SCRadixTree *defrag_tree = NULL;
31 
32 static int default_timeout = 0;
33 
34 static void DefragPolicyFreeUserData(void *data)
35 {
36  if (data != NULL)
37  SCFree(data);
38 
39  return;
40 }
41 
42 static void DefragPolicyAddHostInfo(char *host_ip_range, uint64_t timeout)
43 {
44  uint64_t *user_data = NULL;
45 
46  if ( (user_data = SCMalloc(sizeof(uint64_t))) == NULL) {
47  FatalError(SC_ERR_FATAL, "Error allocating memory. Exiting");
48  }
49 
50  *user_data = timeout;
51 
52  if (strchr(host_ip_range, ':') != NULL) {
53  SCLogDebug("adding ipv6 host %s", host_ip_range);
54  if (SCRadixAddKeyIPV6String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
55  SCLogWarning(SC_ERR_INVALID_VALUE,
56  "failed to add ipv6 host %s", host_ip_range);
57  }
58  } else {
59  SCLogDebug("adding ipv4 host %s", host_ip_range);
60  if (SCRadixAddKeyIPV4String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
61  SCLogWarning(SC_ERR_INVALID_VALUE,
62  "failed to add ipv4 host %s", host_ip_range);
63  }
64  }
65 }
66 
67 static int DefragPolicyGetIPv4HostTimeout(uint8_t *ipv4_addr)
68 {
69  void *user_data = NULL;
70  (void)SCRadixFindKeyIPV4BestMatch(ipv4_addr, defrag_tree, &user_data);
71  if (user_data == NULL)
72  return -1;
73 
74  return *((int *)user_data);
75 }
76 
77 static int DefragPolicyGetIPv6HostTimeout(uint8_t *ipv6_addr)
78 {
79  void *user_data = NULL;
80  (void)SCRadixFindKeyIPV6BestMatch(ipv6_addr, defrag_tree, &user_data);
81  if (user_data == NULL)
82  return -1;
83 
84  return *((int *)user_data);
85 }
86 
87 int DefragPolicyGetHostTimeout(Packet *p)
88 {
89  int timeout = 0;
90 
91  if (PKT_IS_IPV4(p))
92  timeout = DefragPolicyGetIPv4HostTimeout((uint8_t *)GET_IPV4_DST_ADDR_PTR(p));
93  else if (PKT_IS_IPV6(p))
94  timeout = DefragPolicyGetIPv6HostTimeout((uint8_t *)GET_IPV6_DST_ADDR(p));
95 
96  if (timeout <= 0)
97  timeout = default_timeout;
98 
99  return timeout;
100 }
101 
102 static void DefragParseParameters(ConfNode *n)
103 {
104  ConfNode *si;
105  uint64_t timeout = 0;
106 
107  TAILQ_FOREACH(si, &n->head, next) {
108  if (strcasecmp("timeout", si->name) == 0) {
109  SCLogDebug("timeout value %s", si->val);
110  if (ParseSizeStringU64(si->val, &timeout) < 0) {
111  SCLogError(SC_ERR_SIZE_PARSE, "Error parsing timeout "
112  "from conf file");
113  }
114  }
115  if (strcasecmp("address", si->name) == 0) {
116  ConfNode *pval;
117  TAILQ_FOREACH(pval, &si->head, next) {
118  DefragPolicyAddHostInfo(pval->val, timeout);
119  }
120  }
121  }
122 }
123 
124 void DefragSetDefaultTimeout(intmax_t timeout)
125 {
126  default_timeout = timeout;
127  SCLogDebug("default timeout %d", default_timeout);
128 }
129 
130 void DefragPolicyLoadFromConfig(void)
131 {
132  SCEnter();
133 
134  defrag_tree = SCRadixCreateRadixTree(DefragPolicyFreeUserData, NULL);
135  if (defrag_tree == NULL) {
136  FatalError(SC_ERR_FATAL,
137  "Can't alloc memory for the defrag config tree.");
138  }
139 
140  ConfNode *server_config = ConfGetNode("defrag.host-config");
141  if (server_config == NULL) {
142  SCLogDebug("failed to read host config");
143  SCReturn;
144  }
145 
146  SCLogDebug("configuring host config %p", server_config);
147  ConfNode *sc;
148 
149  TAILQ_FOREACH(sc, &server_config->head, next) {
150  ConfNode *p = NULL;
151 
152  TAILQ_FOREACH(p, &sc->head, next) {
153  SCLogDebug("parsing configuration for %s", p->name);
154  DefragParseParameters(p);
155  }
156  }
157 }
158 
159 void DefragTreeDestroy(void)
160 {
161  if (defrag_tree != NULL) {
162  SCRadixReleaseRadixTree(defrag_tree);
163  }
164  defrag_tree = NULL;
165 }
SC_ERR_INVALID_VALUE
@ SC_ERR_INVALID_VALUE
Definition: util-error.h:160
PKT_IS_IPV6
#define PKT_IS_IPV6(p)
Definition: decode.h:246
ConfNode_::val
char * val
Definition: conf.h:34
SCRadixAddKeyIPV4String
SCRadixNode * SCRadixAddKeyIPV4String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV4/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:965
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:296
SCRadixAddKeyIPV6String
SCRadixNode * SCRadixAddKeyIPV6String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV6/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:1026
ParseSizeStringU64
int ParseSizeStringU64(const char *size, uint64_t *res)
Definition: util-misc.c:200
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:0
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:176
SCRadixTree_
Structure for the radix tree.
Definition: util-radix-tree.h:86
TAILQ_FOREACH
#define TAILQ_FOREACH(var, head, field)
Definition: queue.h:252
SCRadixFindKeyIPV4BestMatch
SCRadixNode * SCRadixFindKeyIPV4BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV4 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1542
defrag-config.h
DefragPolicyGetHostTimeout
int DefragPolicyGetHostTimeout(Packet *p)
Definition: defrag-config.c:87
SCRadixFindKeyIPV6BestMatch
SCRadixNode * SCRadixFindKeyIPV6BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV6 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1600
GET_IPV6_DST_ADDR
#define GET_IPV6_DST_ADDR(p)
Definition: decode.h:214
SC_ERR_SIZE_PARSE
@ SC_ERR_SIZE_PARSE
Definition: util-error.h:230
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:209
SCRadixReleaseRadixTree
void SCRadixReleaseRadixTree(SCRadixTree *tree)
Frees a Radix tree and all its nodes.
Definition: util-radix-tree.c:465
SCEnter
#define SCEnter(...)
Definition: util-debug.h:298
SCRadixCreateRadixTree
SCRadixTree * SCRadixCreateRadixTree(void(*Free)(void *), void(*PrintData)(void *))
Creates a new Radix tree.
Definition: util-radix-tree.c:426
SCReturn
#define SCReturn
Definition: util-debug.h:300
Packet_
Definition: decode.h:428
util-radix-tree.h
DefragTreeDestroy
void DefragTreeDestroy(void)
Definition: defrag-config.c:159
suricata-common.h
ConfNode_::name
char * name
Definition: conf.h:33
SCLogError
#define SCLogError(err_code,...)
Macro used to log ERROR messages.
Definition: util-debug.h:255
FatalError
#define FatalError(x,...)
Definition: util-debug.h:530
DefragPolicyLoadFromConfig
void DefragPolicyLoadFromConfig(void)
Definition: defrag-config.c:130
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
SCLogWarning
#define SCLogWarning(err_code,...)
Macro used to log WARNING messages.
Definition: util-debug.h:242
SCFree
#define SCFree(p)
Definition: util-mem.h:61
ConfNode_
Definition: conf.h:32
SC_ERR_FATAL
@ SC_ERR_FATAL
Definition: util-error.h:203
util-misc.h
DefragSetDefaultTimeout
void DefragSetDefaultTimeout(intmax_t timeout)
Definition: defrag-config.c:124
PKT_IS_IPV4
#define PKT_IS_IPV4(p)
Definition: decode.h:245