suricata
defrag-config.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Giuseppe Longo <giuseppelng@gmail.com>
22  *
23  */
24 
25 #include "suricata-common.h"
26 #include "defrag-config.h"
27 #include "util-misc.h"
28 #include "util-radix-tree.h"
29 #include "conf.h"
30 
31 static SCRadixTree *defrag_tree = NULL;
32 
33 static int default_timeout = 0;
34 
35 static void DefragPolicyFreeUserData(void *data)
36 {
37  if (data != NULL)
38  SCFree(data);
39 }
40 
41 static void DefragPolicyAddHostInfo(char *host_ip_range, uint64_t timeout)
42 {
43  uint64_t *user_data = NULL;
44 
45  if ( (user_data = SCMalloc(sizeof(uint64_t))) == NULL) {
46  FatalError("Error allocating memory. Exiting");
47  }
48 
49  *user_data = timeout;
50 
51  if (strchr(host_ip_range, ':') != NULL) {
52  SCLogDebug("adding ipv6 host %s", host_ip_range);
53  if (!SCRadixAddKeyIPV6String(host_ip_range, defrag_tree, (void *)user_data)) {
54  SCFree(user_data);
55  if (sc_errno != SC_EEXIST) {
56  SCLogWarning("failed to add ipv6 host %s", host_ip_range);
57  }
58  }
59  } else {
60  SCLogDebug("adding ipv4 host %s", host_ip_range);
61  if (!SCRadixAddKeyIPV4String(host_ip_range, defrag_tree, (void *)user_data)) {
62  SCFree(user_data);
63  if (sc_errno != SC_EEXIST) {
64  SCLogWarning("failed to add ipv4 host %s", host_ip_range);
65  }
66  }
67  }
68 }
69 
70 static int DefragPolicyGetIPv4HostTimeout(uint8_t *ipv4_addr)
71 {
72  void *user_data = NULL;
73  (void)SCRadixFindKeyIPV4BestMatch(ipv4_addr, defrag_tree, &user_data);
74  if (user_data == NULL)
75  return -1;
76 
77  return *((int *)user_data);
78 }
79 
80 static int DefragPolicyGetIPv6HostTimeout(uint8_t *ipv6_addr)
81 {
82  void *user_data = NULL;
83  (void)SCRadixFindKeyIPV6BestMatch(ipv6_addr, defrag_tree, &user_data);
84  if (user_data == NULL)
85  return -1;
86 
87  return *((int *)user_data);
88 }
89 
90 int DefragPolicyGetHostTimeout(Packet *p)
91 {
92  int timeout = 0;
93 
94  if (PacketIsIPv4(p))
95  timeout = DefragPolicyGetIPv4HostTimeout((uint8_t *)GET_IPV4_DST_ADDR_PTR(p));
96  else if (PacketIsIPv6(p))
97  timeout = DefragPolicyGetIPv6HostTimeout((uint8_t *)GET_IPV6_DST_ADDR(p));
98 
99  if (timeout <= 0)
100  timeout = default_timeout;
101 
102  return timeout;
103 }
104 
105 static void DefragParseParameters(ConfNode *n)
106 {
107  ConfNode *si;
108  uint64_t timeout = 0;
109 
110  TAILQ_FOREACH(si, &n->head, next) {
111  if (strcasecmp("timeout", si->name) == 0) {
112  SCLogDebug("timeout value %s", si->val);
113  if (ParseSizeStringU64(si->val, &timeout) < 0) {
114  SCLogError("Error parsing timeout "
115  "from conf file");
116  }
117  }
118  if (strcasecmp("address", si->name) == 0) {
119  ConfNode *pval;
120  TAILQ_FOREACH(pval, &si->head, next) {
121  DefragPolicyAddHostInfo(pval->val, timeout);
122  }
123  }
124  }
125 }
126 
127 void DefragSetDefaultTimeout(int timeout)
128 {
129  default_timeout = timeout;
130  SCLogDebug("default timeout %d", default_timeout);
131 }
132 
133 void DefragPolicyLoadFromConfig(void)
134 {
135  SCEnter();
136 
137  defrag_tree = SCRadixCreateRadixTree(DefragPolicyFreeUserData, NULL);
138  if (defrag_tree == NULL) {
139  FatalError("Can't alloc memory for the defrag config tree.");
140  }
141 
142  ConfNode *server_config = ConfGetNode("defrag.host-config");
143  if (server_config == NULL) {
144  SCLogDebug("failed to read host config");
145  SCReturn;
146  }
147 
148  SCLogDebug("configuring host config %p", server_config);
149  ConfNode *sc;
150 
151  TAILQ_FOREACH(sc, &server_config->head, next) {
152  ConfNode *p = NULL;
153 
154  TAILQ_FOREACH(p, &sc->head, next) {
155  SCLogDebug("parsing configuration for %s", p->name);
156  DefragParseParameters(p);
157  }
158  }
159 }
160 
161 void DefragTreeDestroy(void)
162 {
163  if (defrag_tree != NULL) {
164  SCRadixReleaseRadixTree(defrag_tree);
165  }
166  defrag_tree = NULL;
167 }
SCRadixAddKeyIPV6String
bool SCRadixAddKeyIPV6String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV6/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:1063
ConfNode_::val
char * val
Definition: conf.h:34
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:269
ParseSizeStringU64
int ParseSizeStringU64(const char *size, uint64_t *res)
Definition: util-misc.c:190
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:0
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:181
SCRadixTree_
Structure for the radix tree.
Definition: util-radix-tree.h:86
TAILQ_FOREACH
#define TAILQ_FOREACH(var, head, field)
Definition: queue.h:252
SCRadixFindKeyIPV4BestMatch
SCRadixNode * SCRadixFindKeyIPV4BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV4 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1565
defrag-config.h
DefragPolicyGetHostTimeout
int DefragPolicyGetHostTimeout(Packet *p)
Definition: defrag-config.c:90
SCRadixFindKeyIPV6BestMatch
SCRadixNode * SCRadixFindKeyIPV6BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV6 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1623
GET_IPV6_DST_ADDR
#define GET_IPV6_DST_ADDR(p)
Definition: decode.h:206
SCRadixAddKeyIPV4String
bool SCRadixAddKeyIPV4String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV4/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:988
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:201
SCRadixReleaseRadixTree
void SCRadixReleaseRadixTree(SCRadixTree *tree)
Frees a Radix tree and all its nodes.
Definition: util-radix-tree.c:440
SCEnter
#define SCEnter(...)
Definition: util-debug.h:271
SCLogWarning
#define SCLogWarning(...)
Macro used to log WARNING messages.
Definition: util-debug.h:249
SCRadixCreateRadixTree
SCRadixTree * SCRadixCreateRadixTree(void(*Free)(void *), void(*PrintData)(void *))
Creates a new Radix tree.
Definition: util-radix-tree.c:405
DefragSetDefaultTimeout
void DefragSetDefaultTimeout(int timeout)
Definition: defrag-config.c:127
SCReturn
#define SCReturn
Definition: util-debug.h:273
Packet_
Definition: decode.h:479
conf.h
util-radix-tree.h
DefragTreeDestroy
void DefragTreeDestroy(void)
Definition: defrag-config.c:161
suricata-common.h
ConfNode_::name
char * name
Definition: conf.h:33
FatalError
#define FatalError(...)
Definition: util-debug.h:502
DefragPolicyLoadFromConfig
void DefragPolicyLoadFromConfig(void)
Definition: defrag-config.c:133
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
SC_EEXIST
@ SC_EEXIST
Definition: util-error.h:32
SCLogError
#define SCLogError(...)
Macro used to log ERROR messages.
Definition: util-debug.h:261
SCFree
#define SCFree(p)
Definition: util-mem.h:61
ConfNode_
Definition: conf.h:32
sc_errno
thread_local SCError sc_errno
Definition: util-error.c:31
util-misc.h