Main Page | Modules | Class List | Directories | File List | Class Members | File Members | Related Pages
src / preprocessors

spp_xlink2state.c

Go to the documentation of this file.
00001 /* $Id$ */
00002 /* Snort Preprocessor Plugin Source File for XLINK2STATE */
00003 
00004 /* spp_xlink2state 
00005  * 
00006  * Copyright (C) 2005 Sourcefire,Inc.
00007  *
00008  */
00009 
00010 #include <stdlib.h>
00011 
00012 /*
00013  * If you're going to issue any alerts from this preproc you 
00014  * should include generators.h and event_wrapper.h
00015  */
00016 #include "generators.h"
00017 #include "event_wrapper.h"
00018 
00019 #include "util.h"
00020 #include "plugbase.h"
00021 #include "parser.h"
00022 
00023 /*
00024  * put in other includes as necessary
00025  */
00026 #include "debug.h"
00027 
00028 /* 
00029  * your preprocessor header file goes here if necessary, don't forget
00030  * to include the header file in plugbase.h too!
00031  */
00032 #include "spp_xlink2state.h"
00033 
00034 /*
00035  * define any needed data structs for things like configuration
00036  */
00037 #include "xlink2state.h"
00038 
00039 /* 
00040  * If you need to instantiate the preprocessor's 
00041  * data structure, do it here 
00042  */
00043 
00044 /* 
00045  * function prototypes go here
00046  */
00047 
00048 static void XLINK2STATEInit(u_char *);
00049 static void XLINK2STATEDetect(Packet *, void *context);
00050 static void XLINK2STATECleanExitFunction(int, void *);
00051 static void XLINK2STATERestartFunction(int, void *);
00052 
00053 
00054 
00055 /*
00056  * Function: SetupXLINK2STATE()
00057  *
00058  * Purpose: Registers the preprocessor keyword and initialization 
00059  *          function into the preprocessor list.  This is the function that
00060  *          gets called from InitPreprocessors() in plugbase.c.
00061  *
00062  * Arguments: None.
00063  *
00064  * Returns: void function
00065  *
00066  */
00067 void SetupXLINK2STATE()
00068 {
00069     /* 
00070      * link the preprocessor keyword to the init function in
00071      * the preproc list
00072      */
00073     RegisterPreprocessor("xlink2state", XLINK2STATEInit);
00074 }
00075 
00076 
00077 /*
00078  * Function: XLINK2STATEInit(u_char *)
00079  *
00080  * Purpose: Calls the argument parsing function, performs final setup on data
00081  *          structs, links the preproc function into the function list.
00082  *
00083  * Arguments: args => ptr to argument string
00084  *
00085  * Returns: void function
00086  *
00087  */
00088 static void XLINK2STATEInit(u_char *args)
00089 {
00090     int bFirstConfig = 1;
00091 
00092     /* 
00093      * Parse the argument list from the rules file 
00094      */
00095     XLINK2STATE_ParseArgs(args);
00096 
00097     /* 
00098      * Perform any other initialization functions that are required here
00099      */
00100     XLINK2STATE_Init();
00101 
00102     /* 
00103      * Put the preprocessor function into the function list 
00104      */
00105     if ( bFirstConfig )
00106     {
00107         AddFuncToPreprocList(XLINK2STATEDetect);
00108         AddFuncToCleanExitList(XLINK2STATECleanExitFunction, NULL);
00109         AddFuncToRestartList(XLINK2STATERestartFunction, NULL);
00110         bFirstConfig = 0;
00111     }
00112 }
00113 
00114 
00115 
00116 
00117 /*
00118  * Function: XLINK2STATEDetect(Packet *)
00119  *
00120  * Purpose: Perform the preprocessor's intended function.  This can be
00121  *          simple (statistics collection) or complex (IP defragmentation)
00122  *          as you like.  Try not to destroy the performance of the whole
00123  *          system by trying to do too much....
00124  *
00125  * Arguments: p => pointer to the current packet data struct 
00126  *
00127  * Returns: void function
00128  *
00129  */
00130 static void XLINK2STATEDetect(Packet *p, void *context)
00131 {
00132     if(!PacketIsTCP(p))
00133     {
00134         return;
00135     }
00136 
00137     SnortXLINK2STATE(p);
00138 
00139     /* 
00140      * if you need to issue an alert from your preprocessor, check out 
00141      * event_wrapper.h, there are some useful helper functions there
00142      */
00143 }
00144 
00145 
00146 /* 
00147  * Function: XLINK2STATECleanExitFunction(int, void *)
00148  *
00149  * Purpose: This function gets called when Snort is exiting, if there's
00150  *          any cleanup that needs to be performed (e.g. closing files)
00151  *          it should be done here.
00152  *
00153  * Arguments: signal => the code of the signal that was issued to Snort
00154  *            data => any arguments or data structs linked to this 
00155  *                    function when it was registered, may be
00156  *                    needed to properly exit
00157  *       
00158  * Returns: void function
00159  */                   
00160 static void XLINK2STATECleanExitFunction(int signal, void *data)
00161 {    
00162     
00163 }
00164 
00165 
00166 /* 
00167  * Function: XLINK2STATERestartFunction(int, void *)
00168  *
00169  * Purpose: This function gets called when Snort is restarting on a SIGHUP,
00170  *          if there's any initialization or cleanup that needs to happen
00171  *          it should be done here.
00172  *
00173  * Arguments: signal => the code of the signal that was issued to Snort
00174  *            data => any arguments or data structs linked to this 
00175  *                    functioin when it was registered, may be
00176  *                    needed to properly exit
00177  *       
00178  * Returns: void function
00179  */                   
00180 static void XLINK2STATERestartFunction(int signal, void *foo)
00181 {
00182        /* restart code goes here */
00183 }
00184 
00185
Generated on Sun May 14 14:51:17 2006 by  doxygen 1.4.2