00001 /* $Id$ */ 00002 /* 00003 ** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com> 00004 ** 00005 ** This program is free software; you can redistribute it and/or modify 00006 ** it under the terms of the GNU General Public License as published by 00007 ** the Free Software Foundation; either version 2 of the License, or 00008 ** (at your option) any later version. 00009 ** 00010 ** This program is distributed in the hope that it will be useful, 00011 ** but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00013 ** GNU General Public License for more details. 00014 ** 00015 ** You should have received a copy of the GNU General Public License 00016 ** along with this program; if not, write to the Free Software 00017 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 00018 */ 00019 00020 #ifndef __SPP_SESSION_H__ 00021 #define __SPP_SESSION_H__ 00022 00023 /******************************************* 00024 * Assigns a conversation pointer to each unique packet 00025 ********************************************/ 00026 #ifndef WIN32 00027 #include <sys/time.h> 00028 #endif /* WIN32 */ 00029 00030 #include "mempool.h" 00031 #include "ubi_SplayTree.h" 00032 #include "snort.h" 00033 00034 #define CONV_NONE 0x0000 00035 #define CONV_FORWARD 0x0001 00036 #define CONV_REVERSED 0x0002 00037 #define CONV_TALKER_SIP 0x0004 00038 #define CONV_TALKER_DIP 0x0008 00039 #define CONV_MULIPACKETS 0x0010 /* is this an older session */ 00040 00041 typedef struct _StateRecord 00042 { 00043 ubi_trNode Node; /* used for ubi_ */ 00044 MemBucket *bucket; /* the container that we are in */ 00045 00046 00047 u_int32_t sip; 00048 u_int32_t dip; 00049 unsigned short sport; 00050 unsigned short dport; 00051 unsigned char ip_proto; 00052 00053 struct timeval last_time; 00054 struct timeval first_time; 00055 00056 /* packet tallys */ 00057 unsigned long bytes_sent; 00058 unsigned long bytes_recv; 00059 00060 /* payload tallys */ 00061 unsigned long dsize_sent; 00062 unsigned long dsize_recv; 00063 00064 unsigned long pkts_sent; 00065 unsigned long pkts_recv; 00066 00067 u_int32_t conv_flags; /* This conversation started out reversed */ 00068 } StateRecord; 00069 00070 typedef struct _conversationData 00071 { 00072 int isInitialized; 00073 unsigned int max_convs; /* # of conversations to support @ once */ 00074 unsigned int timeout; /* Number of seconds before we time out */ 00075 00076 MemPool state_records; 00077 00078 ubi_trRoot cache; 00079 ubi_trRootPtr cachePtr; 00080 00081 /* lots of the tiny little options */ 00082 char keepstats; 00083 char alert_odd_protocols; 00084 char allowed_ip_protocols[256]; 00085 char watch_scans; 00086 struct timeval prune_time; 00087 } ConversationData; 00088 00089 void SetupConv(void); 00090 void ConvDelete(StateRecord *sr); 00091 00092 extern ConversationData conv_data; 00093 #endif
1.4.2