suricata
defrag-config.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Giuseppe Longo <giuseppelng@gmail.com>
22  *
23  */
24 
25 #include "suricata-common.h"
26 #include "queue.h"
27 #include "suricata.h"
28 #include "conf.h"
29 #include "util-debug.h"
30 #include "util-misc.h"
31 #include "defrag-config.h"
32 
33 static SCRadixTree *defrag_tree = NULL;
34 
35 static int default_timeout = 0;
36 
37 static void DefragPolicyFreeUserData(void *data)
38 {
39  if (data != NULL)
40  SCFree(data);
41 
42  return;
43 }
44 
45 static void DefragPolicyAddHostInfo(char *host_ip_range, uint64_t timeout)
46 {
47  uint64_t *user_data = NULL;
48 
49  if ( (user_data = SCMalloc(sizeof(uint64_t))) == NULL) {
50  FatalError(SC_ERR_FATAL, "Error allocating memory. Exiting");
51  }
52 
53  *user_data = timeout;
54 
55  if (strchr(host_ip_range, ':') != NULL) {
56  SCLogDebug("adding ipv6 host %s", host_ip_range);
57  if (SCRadixAddKeyIPV6String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
58  SCLogWarning(SC_ERR_INVALID_VALUE,
59  "failed to add ipv6 host %s", host_ip_range);
60  }
61  } else {
62  SCLogDebug("adding ipv4 host %s", host_ip_range);
63  if (SCRadixAddKeyIPV4String(host_ip_range, defrag_tree, (void *)user_data) == NULL) {
64  SCLogWarning(SC_ERR_INVALID_VALUE,
65  "failed to add ipv4 host %s", host_ip_range);
66  }
67  }
68 }
69 
70 static int DefragPolicyGetIPv4HostTimeout(uint8_t *ipv4_addr)
71 {
72  void *user_data = NULL;
73  (void)SCRadixFindKeyIPV4BestMatch(ipv4_addr, defrag_tree, &user_data);
74  if (user_data == NULL)
75  return -1;
76 
77  return *((int *)user_data);
78 }
79 
80 static int DefragPolicyGetIPv6HostTimeout(uint8_t *ipv6_addr)
81 {
82  void *user_data = NULL;
83  (void)SCRadixFindKeyIPV6BestMatch(ipv6_addr, defrag_tree, &user_data);
84  if (user_data == NULL)
85  return -1;
86 
87  return *((int *)user_data);
88 }
89 
90 int DefragPolicyGetHostTimeout(Packet *p)
91 {
92  int timeout = 0;
93 
94  if (PKT_IS_IPV4(p))
95  timeout = DefragPolicyGetIPv4HostTimeout((uint8_t *)GET_IPV4_DST_ADDR_PTR(p));
96  else if (PKT_IS_IPV6(p))
97  timeout = DefragPolicyGetIPv6HostTimeout((uint8_t *)GET_IPV6_DST_ADDR(p));
98 
99  if (timeout <= 0)
100  timeout = default_timeout;
101 
102  return timeout;
103 }
104 
105 static void DefragParseParameters(ConfNode *n)
106 {
107  ConfNode *si;
108  uint64_t timeout = 0;
109 
110  TAILQ_FOREACH(si, &n->head, next) {
111  if (strcasecmp("timeout", si->name) == 0) {
112  SCLogDebug("timeout value %s", si->val);
113  if (ParseSizeStringU64(si->val, &timeout) < 0) {
114  SCLogError(SC_ERR_SIZE_PARSE, "Error parsing timeout "
115  "from conf file");
116  }
117  }
118  if (strcasecmp("address", si->name) == 0) {
119  ConfNode *pval;
120  TAILQ_FOREACH(pval, &si->head, next) {
121  DefragPolicyAddHostInfo(pval->val, timeout);
122  }
123  }
124  }
125 }
126 
127 void DefragSetDefaultTimeout(intmax_t timeout)
128 {
129  default_timeout = timeout;
130  SCLogDebug("default timeout %d", default_timeout);
131 }
132 
133 void DefragPolicyLoadFromConfig(void)
134 {
135  SCEnter();
136 
137  defrag_tree = SCRadixCreateRadixTree(DefragPolicyFreeUserData, NULL);
138  if (defrag_tree == NULL) {
139  FatalError(SC_ERR_FATAL,
140  "Can't alloc memory for the defrag config tree.");
141  }
142 
143  ConfNode *server_config = ConfGetNode("defrag.host-config");
144  if (server_config == NULL) {
145  SCLogDebug("failed to read host config");
146  SCReturn;
147  }
148 
149  SCLogDebug("configuring host config %p", server_config);
150  ConfNode *sc;
151 
152  TAILQ_FOREACH(sc, &server_config->head, next) {
153  ConfNode *p = NULL;
154 
155  TAILQ_FOREACH(p, &sc->head, next) {
156  SCLogDebug("parsing configuration for %s", p->name);
157  DefragParseParameters(p);
158  }
159  }
160 }
161 
162 void DefragTreeDestroy(void)
163 {
164  if (defrag_tree != NULL) {
165  SCRadixReleaseRadixTree(defrag_tree);
166  }
167  defrag_tree = NULL;
168 }
SC_ERR_INVALID_VALUE
@ SC_ERR_INVALID_VALUE
Definition: util-error.h:160
PKT_IS_IPV6
#define PKT_IS_IPV6(p)
Definition: decode.h:260
ConfNode_::val
char * val
Definition: conf.h:34
SCRadixAddKeyIPV4String
SCRadixNode * SCRadixAddKeyIPV4String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV4/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:934
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:298
SCRadixAddKeyIPV6String
SCRadixNode * SCRadixAddKeyIPV6String(const char *str, SCRadixTree *tree, void *user)
Adds a new IPV6/netblock to the Radix tree from a string.
Definition: util-radix-tree.c:983
ParseSizeStringU64
int ParseSizeStringU64(const char *size, uint64_t *res)
Definition: util-misc.c:200
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:0
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:175
SCRadixTree_
Structure for the radix tree.
Definition: util-radix-tree.h:86
TAILQ_FOREACH
#define TAILQ_FOREACH(var, head, field)
Definition: queue.h:253
SCRadixFindKeyIPV4BestMatch
SCRadixNode * SCRadixFindKeyIPV4BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV4 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1488
defrag-config.h
DefragPolicyGetHostTimeout
int DefragPolicyGetHostTimeout(Packet *p)
Definition: defrag-config.c:90
SCRadixFindKeyIPV6BestMatch
SCRadixNode * SCRadixFindKeyIPV6BestMatch(uint8_t *key_stream, SCRadixTree *tree, void **user_data_result)
Checks if an IPV6 address is present in the tree under a netblock.
Definition: util-radix-tree.c:1554
GET_IPV6_DST_ADDR
#define GET_IPV6_DST_ADDR(p)
Definition: decode.h:228
SC_ERR_SIZE_PARSE
@ SC_ERR_SIZE_PARSE
Definition: util-error.h:230
util-debug.h
GET_IPV4_DST_ADDR_PTR
#define GET_IPV4_DST_ADDR_PTR(p)
Definition: decode.h:223
SCRadixReleaseRadixTree
void SCRadixReleaseRadixTree(SCRadixTree *tree)
Frees a Radix tree and all its nodes.
Definition: util-radix-tree.c:463
SCEnter
#define SCEnter(...)
Definition: util-debug.h:300
SCRadixCreateRadixTree
SCRadixTree * SCRadixCreateRadixTree(void(*Free)(void *), void(*PrintData)(void *))
Creates a new Radix tree.
Definition: util-radix-tree.c:424
SCReturn
#define SCReturn
Definition: util-debug.h:302
Packet_
Definition: decode.h:414
conf.h
queue.h
DefragTreeDestroy
void DefragTreeDestroy(void)
Definition: defrag-config.c:162
suricata-common.h
ConfNode_::name
char * name
Definition: conf.h:33
SCLogError
#define SCLogError(err_code,...)
Macro used to log ERROR messages.
Definition: util-debug.h:257
FatalError
#define FatalError(x,...)
Definition: util-debug.h:532
DefragPolicyLoadFromConfig
void DefragPolicyLoadFromConfig(void)
Definition: defrag-config.c:133
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
SCLogWarning
#define SCLogWarning(err_code,...)
Macro used to log WARNING messages.
Definition: util-debug.h:244
SCFree
#define SCFree(p)
Definition: util-mem.h:61
ConfNode_
Definition: conf.h:32
SC_ERR_FATAL
@ SC_ERR_FATAL
Definition: util-error.h:203
suricata.h
util-misc.h
DefragSetDefaultTimeout
void DefragSetDefaultTimeout(intmax_t timeout)
Definition: defrag-config.c:127
PKT_IS_IPV4
#define PKT_IS_IPV4(p)
Definition: decode.h:259