suricata
defrag-config.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Giuseppe Longo <giuseppelng@gmail.com>
22  *
23  */
24 
25 #include "suricata-common.h"
26 #include "defrag-config.h"
27 #include "util-misc.h"
28 #include "util-radix-tree.h"
29 
30 static SCRadixTree *defrag_tree = NULL;
31 
32 static int default_timeout = 0;
33 
34 static void DefragPolicyFreeUserData(void *data)
35 {
36  if (data != NULL)
37  SCFree(data);
38 
39  return;
40 }
41 
42 static void DefragPolicyAddHostInfo(char *host_ip_range, uint64_t timeout)
43 {
44  uint64_t *user_data = NULL;
45 
46  if ( (user_data = SCMalloc(sizeof(uint64_t))) == NULL) {
47  FatalError("Error allocating memory. Exiting");
48  }
49 
50  *user_data = timeout;
51 
52  if (strchr(host_ip_range, ':') != NULL) {
53  SCLogDebug("adding ipv6 host %s", host_ip_range);
54  if (SCRadixAddKeyIPV6String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
55  SCLogWarning("failed to add ipv6 host %s", host_ip_range);
56  }
57  } else {
58  SCLogDebug("adding ipv4 host %s", host_ip_range);
59  if (SCRadixAddKeyIPV4String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
60  SCLogWarning("failed to add ipv4 host %s", host_ip_range);
61  }
62  }
63 }
64 
65 static int DefragPolicyGetIPv4HostTimeout(uint8_t *ipv4_addr)
66 {
67  void *user_data = NULL;
68  (void)SCRadixFindKeyIPV4BestMatch(ipv4_addr, defrag_tree, &user_data);
69  if (user_data == NULL)
70  return -1;
71 
72  return *((int *)user_data);
73 }
74 
75 static int DefragPolicyGetIPv6HostTimeout(uint8_t *ipv6_addr)
76 {
77  void *user_data = NULL;
78  (void)SCRadixFindKeyIPV6BestMatch(ipv6_addr, defrag_tree, &user_data);
79  if (user_data == NULL)
80  return -1;
81 
82  return *((int *)user_data);
83 }
84 
85 int DefragPolicyGetHostTimeout(Packet *p)
86 {
87  int timeout = 0;
88 
89  if (PKT_IS_IPV4(p))
90  timeout = DefragPolicyGetIPv4HostTimeout((uint8_t *)GET_IPV4_DST_ADDR_PTR(p));
91  else if (PKT_IS_IPV6(p))
92  timeout = DefragPolicyGetIPv6HostTimeout((uint8_t *)GET_IPV6_DST_ADDR(p));
93 
94  if (timeout <= 0)
95  timeout = default_timeout;
96 
97  return timeout;
98 }
99 
100 static void DefragParseParameters(ConfNode *n)
101 {
102  ConfNode *si;
103  uint64_t timeout = 0;
104 
105  TAILQ_FOREACH(si, &n->head, next) {
106  if (strcasecmp("timeout", si->name) == 0) {
107  SCLogDebug("timeout value %s", si->val);
108  if (ParseSizeStringU64(si->val, &timeout) < 0) {
109  SCLogError("Error parsing timeout "
110  "from conf file");
111  }
112  }
113  if (strcasecmp("address", si->name) == 0) {
114  ConfNode *pval;
115  TAILQ_FOREACH(pval, &si->head, next) {
116  DefragPolicyAddHostInfo(pval->val, timeout);
117  }
118  }
119  }
120 }
121 
122 void DefragSetDefaultTimeout(intmax_t timeout)
123 {
124  default_timeout = timeout;
125  SCLogDebug("default timeout %d", default_timeout);
126 }
127 
128 void DefragPolicyLoadFromConfig(void)
129 {
130  SCEnter();
131 
132  defrag_tree = SCRadixCreateRadixTree(DefragPolicyFreeUserData, NULL);
133  if (defrag_tree == NULL) {
134  FatalError("Can't alloc memory for the defrag config tree.");
135  }
136 
137  ConfNode *server_config = ConfGetNode("defrag.host-config");
138  if (server_config == NULL) {
139  SCLogDebug("failed to read host config");
140  SCReturn;
141  }
142 
143  SCLogDebug("configuring host config %p", server_config);
144  ConfNode *sc;
145 
146  TAILQ_FOREACH(sc, &server_config->head, next) {
147  ConfNode *p = NULL;
148 
149  TAILQ_FOREACH(p, &sc->head, next) {
150  SCLogDebug("parsing configuration for %s", p->name);
151  DefragParseParameters(p);
152  }
153  }
154 }
155 
156 void DefragTreeDestroy(void)
157 {
158  if (defrag_tree != NULL) {
159  SCRadixReleaseRadixTree(defrag_tree);
160  }
161  defrag_tree = NULL;
162 }
PKT_IS_IPV6
#define PKT_IS_IPV6(p)
Definition: decode.h:247
ConfNode_::val
char * val
Definition: conf.h:34
SCRadixAddKeyIPV4String
SCRadixNode * SCRadixAddKeyIPV4String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV4/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:966
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:269
SCRadixAddKeyIPV6String
SCRadixNode * SCRadixAddKeyIPV6String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV6/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:1027
ParseSizeStringU64
int ParseSizeStringU64(const char *size, uint64_t *res)
Definition: util-misc.c:198
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:0
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:181
SCRadixTree_
Structure for the radix tree.
Definition: util-radix-tree.h:86
TAILQ_FOREACH
#define TAILQ_FOREACH(var, head, field)
Definition: queue.h:252
SCRadixFindKeyIPV4BestMatch
SCRadixNode * SCRadixFindKeyIPV4BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV4 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1543
defrag-config.h
DefragPolicyGetHostTimeout
int DefragPolicyGetHostTimeout(Packet *p)
Definition: defrag-config.c:85
SCRadixFindKeyIPV6BestMatch
SCRadixNode * SCRadixFindKeyIPV6BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV6 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1601
GET_IPV6_DST_ADDR
#define GET_IPV6_DST_ADDR(p)
Definition: decode.h:215
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:210
SCRadixReleaseRadixTree
void SCRadixReleaseRadixTree(SCRadixTree *tree)
Frees a Radix tree and all its nodes.
Definition: util-radix-tree.c:464
SCEnter
#define SCEnter(...)
Definition: util-debug.h:271
SCLogWarning
#define SCLogWarning(...)
Macro used to log WARNING messages.
Definition: util-debug.h:249
SCRadixCreateRadixTree
SCRadixTree * SCRadixCreateRadixTree(void(*Free)(void *), void(*PrintData)(void *))
Creates a new Radix tree.
Definition: util-radix-tree.c:426
SCReturn
#define SCReturn
Definition: util-debug.h:273
Packet_
Definition: decode.h:429
util-radix-tree.h
DefragTreeDestroy
void DefragTreeDestroy(void)
Definition: defrag-config.c:156
suricata-common.h
ConfNode_::name
char * name
Definition: conf.h:33
FatalError
#define FatalError(...)
Definition: util-debug.h:502
DefragPolicyLoadFromConfig
void DefragPolicyLoadFromConfig(void)
Definition: defrag-config.c:128
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
SCLogError
#define SCLogError(...)
Macro used to log ERROR messages.
Definition: util-debug.h:261
SCFree
#define SCFree(p)
Definition: util-mem.h:61
ConfNode_
Definition: conf.h:32
util-misc.h
DefragSetDefaultTimeout
void DefragSetDefaultTimeout(intmax_t timeout)
Definition: defrag-config.c:122
PKT_IS_IPV4
#define PKT_IS_IPV4(p)
Definition: decode.h:246