suricata
Functions | Variables
util-debug-filters.c File Reference
#include "suricata-common.h"
#include "util-debug-filters.h"
#include "threads.h"
#include "util-debug.h"
Include dependency graph for util-debug-filters.c:

Go to the source code of this file.

Functions

int SCLogMatchFGFilterWL (const char *file, const char *function, int line)
 Checks if there is a match for the incoming log_message with any of the FG filters. If there is a match, it allows the message to be logged, else it rejects that message. More...
 
int SCLogMatchFGFilterBL (const char *file, const char *function, int line)
 Checks if there is a match for the incoming log_message with any of the FG filters. If there is a match it rejects the logging for that messages, else it allows that message to be logged. More...
 
int SCLogAddFGFilterWL (const char *file, const char *function, int line)
 Adds a Whitelist(WL) fine-grained(FG) filter. A FG filter WL filter allows messages that match this filter, to be logged, while the filter is defined using a file_name, function_name and line_number. More...
 
int SCLogAddFGFilterBL (const char *file, const char *function, int line)
 Adds a Blacklist(BL) fine-grained(FG) filter. A FG filter BL filter allows messages that don't match this filter, to be logged, while the filter is defined using a file_name, function_name and line_number. More...
 
void SCLogReleaseFGFilters (void)
 
int SCLogPrintFGFilters (void)
 Prints the FG filters(both WL and BL). Used for debugging purposes. More...
 
int SCLogMatchFDFilter (const char *function)
 Checks if there is a match for the incoming log_message with any of the FD filters. More...
 
int SCLogCheckFDFilterEntry (const char *function)
 Updates a FD filter, based on whether the function that calls this function, is registered as a FD filter or not. This is called by a function only on its entry. More...
 
void SCLogCheckFDFilterExit (const char *function)
 Updates a FD filter, based on whether the function that calls this function, is registered as a FD filter or not. This is called by a function only before its exit. More...
 
int SCLogAddFDFilter (const char *function)
 Adds a Function-Dependent(FD) filter. More...
 
void SCLogReleaseFDFilters (void)
 Releases all the FD filters added to the logging module. More...
 
int SCLogRemoveFDFilter (const char *function)
 Removes a Function-Dependent(FD) filter. More...
 
int SCLogPrintFDFilters (void)
 Prints the FG filters(both WL and BL). Used for debugging purposes. More...
 
void SCLogAddToFGFFileList (SCLogFGFilterFile *fgf_file, const char *file, const char *function, int line, int listtype)
 Helper function used internally to add a FG filter. This function is called when the file component of the incoming filter has no entry in the filter list. More...
 
void SCLogAddToFGFFuncList (SCLogFGFilterFile *fgf_file, SCLogFGFilterFunc *fgf_func, const char *function, int line)
 Helper function used internally to add a FG filter. This function is called when the file component of the incoming filter has an entry in the filter list, but the function component doesn't have an entry for the corresponding file component. More...
 
void SCLogAddToFGFLineList (SCLogFGFilterFunc *fgf_func, SCLogFGFilterLine *fgf_line, int line)
 Helper function used internally to add a FG filter. This function is called when the file and function components of the incoming filter have an entry in the filter list, but the line component doesn't have an entry for the corresponding function component. More...
 
void SCLogReleaseFDFilter (SCLogFDFilter *fdf)
 Releases the memory alloted to a FD filter. More...
 

Variables

int sc_log_module_initialized
 Used to indicate whether the logging module has been init or not. More...
 
int sc_log_module_cleaned
 Used to indicate whether the logging module has been cleaned or not. More...
 
int sc_log_fg_filters_present = 0
 
int sc_log_fd_filters_present = 0
 
SCLogFGFilterFilesc_log_fg_filters [SC_LOG_FILTER_MAX] = { NULL, NULL }
 Holds the fine-grained filters. More...
 

Detailed Description

Author
Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Debug filter utility functions

Definition in file util-debug-filters.c.

Function Documentation

◆ SCLogAddFDFilter()

int SCLogAddFDFilter ( const char *  function)

Adds a Function-Dependent(FD) filter.

Parameters
Nameof the function for which a FD filter has to be registered
Return values
0on success
-1on failure

Definition at line 665 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

◆ SCLogAddFGFilterBL()

int SCLogAddFGFilterBL ( const char *  file,
const char *  function,
int  line 
)

Adds a Blacklist(BL) fine-grained(FG) filter. A FG filter BL filter allows messages that don't match this filter, to be logged, while the filter is defined using a file_name, function_name and line_number.

If a particular paramter in the fg-filter(file, function and line), shouldn't be considered while logging the message, one can supply NULL for the file_name or function_name and a negative line_no.

Parameters
fileFile_name of the filter
functionFunction_name of the filter
lineLine number of the filter
Return values
0on successfully adding the filter
-1on failure

Definition at line 354 of file util-debug-filters.c.

◆ SCLogAddFGFilterWL()

int SCLogAddFGFilterWL ( const char *  file,
const char *  function,
int  line 
)

Adds a Whitelist(WL) fine-grained(FG) filter. A FG filter WL filter allows messages that match this filter, to be logged, while the filter is defined using a file_name, function_name and line_number.

If a particular paramter in the fg-filter(file, function and line), shouldn't be considered while logging the message, one can supply NULL for the file_name or function_name and a negative line_no.

Parameters
fileFile_name of the filter
functionFunction_name of the filter
lineLine number of the filter
Return values
0on successfully adding the filter;
-1on failure

Definition at line 333 of file util-debug-filters.c.

◆ SCLogAddToFGFFileList()

void SCLogAddToFGFFileList ( SCLogFGFilterFile fgf_file,
const char *  file,
const char *  function,
int  line,
int  listtype 
)

Helper function used internally to add a FG filter. This function is called when the file component of the incoming filter has no entry in the filter list.

Parameters
fgf_fileThe file component(basically the position in the list) from the filter list, after which the new filter has to be added
fileFile_name of the filter
functionFunction_name of the filter
lineLine number of the filter
listtypeThe filter listtype. Can be either a blacklist or whitelist filter listtype(SC_LOG_FILTER_BL or SC_LOG_FILTER_WL)

Definition at line 858 of file util-debug-filters.c.

References FatalError, SCLogFGFilterFile_::file, SCLogFGFilterFunc_::func, SCLogFGFilterFile_::func, SCLogFGFilterLine_::line, SCLogFGFilterFunc_::line, SCLogFGFilterFile_::next, sc_log_fg_filters, SCMalloc, and SCStrdup.

◆ SCLogAddToFGFFuncList()

void SCLogAddToFGFFuncList ( SCLogFGFilterFile fgf_file,
SCLogFGFilterFunc fgf_func,
const char *  function,
int  line 
)

Helper function used internally to add a FG filter. This function is called when the file component of the incoming filter has an entry in the filter list, but the function component doesn't have an entry for the corresponding file component.

Parameters
fgf_fileThe file component from the filter list to which the new filter has to be added
fgf_funcThe function component(basically the position in the list), from the filter list, after which the new filter has to be added
functionFunction_name of the filter
lineLine number of the filter

Definition at line 921 of file util-debug-filters.c.

References FatalError, SCLogFGFilterFunc_::func, SCLogFGFilterFile_::func, SCLogFGFilterLine_::line, SCLogFGFilterFunc_::line, SCLogFGFilterFunc_::next, SCMalloc, and SCStrdup.

◆ SCLogAddToFGFLineList()

void SCLogAddToFGFLineList ( SCLogFGFilterFunc fgf_func,
SCLogFGFilterLine fgf_line,
int  line 
)

Helper function used internally to add a FG filter. This function is called when the file and function components of the incoming filter have an entry in the filter list, but the line component doesn't have an entry for the corresponding function component.

Parameters
fgf_funcThe function component from the filter list to which the new filter has to be added
fgf_lineThe function component(basically the position in the list), from the filter list, after which the new filter has to be added
lineLine number of the filter

Definition at line 969 of file util-debug-filters.c.

References FatalError, SCLogFGFilterLine_::line, SCLogFGFilterFunc_::line, SCLogFGFilterLine_::next, and SCMalloc.

◆ SCLogCheckFDFilterEntry()

int SCLogCheckFDFilterEntry ( const char *  function)

Updates a FD filter, based on whether the function that calls this function, is registered as a FD filter or not. This is called by a function only on its entry.

Parameters
functionFunction_name from where the log_message originated
Return values
1Since it is a hack to get things working inside the macros

Definition at line 532 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

◆ SCLogCheckFDFilterExit()

void SCLogCheckFDFilterExit ( const char *  function)

Updates a FD filter, based on whether the function that calls this function, is registered as a FD filter or not. This is called by a function only before its exit.

Parameters
functionFunction_name from where the log_message originated

Definition at line 606 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

◆ SCLogMatchFDFilter()

int SCLogMatchFDFilter ( const char *  function)

Checks if there is a match for the incoming log_message with any of the FD filters.

Parameters
functionFunction_name from where the log_message originated
Return values
1if there is a match
0on no match;

Definition at line 479 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

Referenced by SCLog(), and SCLogErr().

Here is the caller graph for this function:

◆ SCLogMatchFGFilterBL()

int SCLogMatchFGFilterBL ( const char *  file,
const char *  function,
int  line 
)

Checks if there is a match for the incoming log_message with any of the FG filters. If there is a match it rejects the logging for that messages, else it allows that message to be logged.

\praram file File_name from where the log_message originated

Parameters
functionFunction_name from where the log_message originated
lineLine number from where the log_message originated
Return values
1if there is a match
0on no match
-1on failure

Definition at line 312 of file util-debug-filters.c.

Referenced by SCLog(), and SCLogErr().

Here is the caller graph for this function:

◆ SCLogMatchFGFilterWL()

int SCLogMatchFGFilterWL ( const char *  file,
const char *  function,
int  line 
)

Checks if there is a match for the incoming log_message with any of the FG filters. If there is a match, it allows the message to be logged, else it rejects that message.

Parameters
fileFile_name from where the log_message originated
functionFunction_name from where the log_message originated
lineLine number from where the log_message originated
Return values
1if there is a match
0on no match
-1on failure

Definition at line 294 of file util-debug-filters.c.

Referenced by SCLog(), and SCLogErr().

Here is the caller graph for this function:

◆ SCLogPrintFDFilters()

int SCLogPrintFDFilters ( void  )

Prints the FG filters(both WL and BL). Used for debugging purposes.

Return values
countThe no of FG filters

Definition at line 814 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

◆ SCLogPrintFGFilters()

int SCLogPrintFGFilters ( void  )

Prints the FG filters(both WL and BL). Used for debugging purposes.

Return values
countThe no of FG filters

Definition at line 411 of file util-debug-filters.c.

References SC_LOG_FILTER_MAX, sc_log_module_initialized, and SCMutexLock.

◆ SCLogReleaseFDFilter()

void SCLogReleaseFDFilter ( SCLogFDFilter fdf)

Releases the memory alloted to a FD filter.

Parameters
Pointerto the FD filter that has to be freed

Definition at line 996 of file util-debug-filters.c.

References SCLogFDFilter_::func, and SCFree.

◆ SCLogReleaseFDFilters()

void SCLogReleaseFDFilters ( void  )

Releases all the FD filters added to the logging module.

Definition at line 725 of file util-debug-filters.c.

References SCMutexLock.

◆ SCLogReleaseFGFilters()

void SCLogReleaseFGFilters ( void  )

Definition at line 359 of file util-debug-filters.c.

References SC_LOG_FILTER_MAX, and SCMutexLock.

◆ SCLogRemoveFDFilter()

int SCLogRemoveFDFilter ( const char *  function)

Removes a Function-Dependent(FD) filter.

Parameters
Nameof the function for which a FD filter has to be unregistered
Return values
0on success(the filter was removed or the filter was not present)
-1on failure/error

Definition at line 754 of file util-debug-filters.c.

References sc_log_module_initialized, and SCMutexLock.

Variable Documentation

◆ sc_log_fd_filters_present

int sc_log_fd_filters_present = 0

Definition at line 39 of file util-debug-filters.c.

Referenced by SCLog(), and SCLogErr().

◆ sc_log_fg_filters

SCLogFGFilterFile* sc_log_fg_filters[SC_LOG_FILTER_MAX] = { NULL, NULL }

Holds the fine-grained filters.

Definition at line 44 of file util-debug-filters.c.

Referenced by SCLogAddToFGFFileList().

◆ sc_log_fg_filters_present

int sc_log_fg_filters_present = 0

Definition at line 36 of file util-debug-filters.c.

Referenced by SCLog(), and SCLogErr().

◆ sc_log_module_cleaned

int sc_log_module_cleaned

Used to indicate whether the logging module has been cleaned or not.

Definition at line 111 of file util-debug.c.

◆ sc_log_module_initialized

int sc_log_module_initialized

Used to indicate whether the logging module has been init or not.

Definition at line 106 of file util-debug.c.

Referenced by SCLogAddFDFilter(), SCLogCheckFDFilterEntry(), SCLogCheckFDFilterExit(), SCLogMatchFDFilter(), SCLogPrintFDFilters(), SCLogPrintFGFilters(), and SCLogRemoveFDFilter().