1 /* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License Version 2 as 4 * published by the Free Software Foundation. You may not use, modify or 5 * distribute this program under any other version of the GNU General 6 * Public License. 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 * 13 * You should have received a copy of the GNU General Public License 14 * along with this program; if not, write to the Free Software 15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 16 * 17 * Copyright (C) 2014-2021 Cisco and/or its affiliates. All rights reserved. 18 * Copyright (C) 2005-2013 Sourcefire, Inc. 19 * 20 */ 21 #ifndef _SF_DYNAMIC_COMMON_H_ 22 #define _SF_DYNAMIC_COMMON_H_ 23 24 #ifndef WIN32 25 #include <sys/types.h> 26 #else 27 #include <stdint.h> 28 #endif 29 30 typedef enum { 31 SF_FLAG_ALT_DECODE = 0x0001, 32 SF_FLAG_ALT_DETECT = 0x0002, 33 SF_FLAG_DETECT_ALL = 0xffff 34 } SFDetectFlagType; 35 36 #ifdef SF_WCHAR 37 #include <wchar.h> 38 typedef void (*DebugWideMsgFunc)(uint64_t, const wchar_t *, ...); 39 #endif 40 typedef uint32_t (*GetSnortInstance)(void); 41 42 #define STD_BUF 1024 43 44 #ifndef DECODE_BLEN 45 #define DECODE_BLEN 65535 46 #define MAX_URI 8192 47 /* must be defined the same as in detection_util.h */ 48 typedef enum 49 { 50 HTTP_BUFFER_NONE, 51 HTTP_BUFFER_URI, 52 HTTP_BUFFER_HEADER, 53 HTTP_BUFFER_CLIENT_BODY, 54 HTTP_BUFFER_METHOD, 55 HTTP_BUFFER_COOKIE, 56 HTTP_BUFFER_STAT_CODE, 57 HTTP_BUFFER_STAT_MSG, 58 HTTP_BUFFER_RAW_URI, 59 HTTP_BUFFER_RAW_HEADER, 60 HTTP_BUFFER_RAW_COOKIE, 61 HTTP_BUFFER_MAX 62 } HTTP_BUFFER; 63 #endif 64 65 /* Reasons for packet verdict indicating snort/preprocessor module that blocks a packet. 66 * Any change here should also be reflected in pkt_trace.c file. */ 67 typedef enum { 68 VERDICT_REASON_INFO, /* Not blocking packet; used by module to send packet information to tracer */ 69 VERDICT_REASON_SSNSTR, /* Not blocking packet; used to update session debug info */ 70 VERDICT_REASON_NO_BLOCK, /* Not blocking packet; all enum defined after this indicates blocking */ 71 VERDICT_REASON_UNKNOWN, /* Module blocking the packet is not known or traced */ 72 VERDICT_REASON_DAQRETRY, /* Wait for another re-transmitted packet from DAQ */ 73 VERDICT_REASON_SNORT, 74 VERDICT_REASON_APPID, 75 VERDICT_REASON_SFSSL, 76 VERDICT_REASON_FIREWALL, 77 VERDICT_REASON_CPORTAL, 78 VERDICT_REASON_SAFESEARCH, 79 VERDICT_REASON_SI, 80 VERDICT_REASON_PREFILTER, 81 VERDICT_REASON_FTP, 82 VERDICT_REASON_STREAM, 83 VERDICT_REASON_SESSION, 84 VERDICT_REASON_DEFRAG, 85 VERDICT_REASON_REACT, 86 VERDICT_REASON_RESPONSE, 87 VERDICT_REASON_REPUTATION, 88 VERDICT_REASON_XLINK2STATE, 89 VERDICT_REASON_BO, 90 VERDICT_REASON_SMB, 91 VERDICT_REASON_FILE, 92 VERDICT_REASON_IPS, 93 VERDICT_REASON_FASTBLOCK, 94 95 MAX_VERDICT_REASON 96 } Verdict_Reason; 97 98 typedef struct { 99 const uint8_t *data; 100 uint16_t len; 101 } SFDataPointer; 102 103 typedef struct { 104 uint8_t data[DECODE_BLEN]; 105 uint16_t len; 106 } SFDataBuffer; 107 108 typedef void (*LogMsgFunc)(const char *, ...); 109 typedef void (*DebugMsgFunc)(uint64_t, const char *, ...); 110 typedef int (*GetAltDetectFunc)(uint8_t **, uint16_t *); 111 typedef void (*SetAltDetectFunc)(uint8_t *,uint16_t ); 112 typedef int (*IsDetectFlagFunc)(SFDetectFlagType); 113 typedef void (*DetectFlagDisableFunc)(SFDetectFlagType); 114 typedef void (*SetHttpBufferFunc)(HTTP_BUFFER, const uint8_t*, unsigned); 115 typedef const uint8_t* (*GetHttpBufferFunc)(HTTP_BUFFER, unsigned*); 116 117 #endif /* _SF_DYNAMIC_COMMON_H_ */ 118