1 //--------------------------------------------------------------------------
2 // Copyright (C) 2014-2021 Cisco and/or its affiliates. All rights reserved.
3 // Copyright (C) 2006-2013 Sourcefire, Inc.
4 //
5 // This program is free software; you can redistribute it and/or modify it
6 // under the terms of the GNU General Public License Version 2 as published
7 // by the Free Software Foundation.  You may not use, modify or distribute
8 // this program under any other version of the GNU General Public License.
9 //
10 // This program is distributed in the hope that it will be useful, but
11 // WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13 // General Public License for more details.
14 //
15 // You should have received a copy of the GNU General Public License along
16 // with this program; if not, write to the Free Software Foundation, Inc.,
17 // 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
18 //--------------------------------------------------------------------------
19 
20 // snort_protocols.h derived from sftarget_protocol_reference.h by Steven Sturges
21 
22 #ifndef SNORT_PROTOCOLS_H
23 #define SNORT_PROTOCOLS_H
24 
25 #include <string>
26 #include <vector>
27 #include <unordered_map>
28 
29 #include "main/snort_types.h"
30 
31 using SnortProtocolId = uint16_t;
32 
33 // these protocols are always defined because
34 // they are used as consts in switch statements
35 // other protos are added dynamically as used
36 enum SnortProtocols : SnortProtocolId
37 {
38     //  The is_*_protocol functions depend on the order of these enums.
39     SNORT_PROTO_IP = 1,
40     SNORT_PROTO_ICMP,
41     SNORT_PROTO_TCP,
42     SNORT_PROTO_UDP,
43     SNORT_PROTO_FILE,
44     SNORT_PROTO_MAX
45 };
46 
47 constexpr SnortProtocolId UNKNOWN_PROTOCOL_ID = 0;
48 constexpr SnortProtocolId INVALID_PROTOCOL_ID = 0xffff;
49 
is_network_protocol(SnortProtocolId proto)50 inline bool is_network_protocol(SnortProtocolId proto)
51 { return (proto >= SNORT_PROTO_IP and proto <= SNORT_PROTO_UDP); }
52 
is_builtin_protocol(SnortProtocolId proto)53 inline bool is_builtin_protocol(SnortProtocolId proto)
54 { return proto < SNORT_PROTO_MAX; }
55 
is_service_protocol(SnortProtocolId proto)56 inline bool is_service_protocol(SnortProtocolId proto)
57 { return proto > SNORT_PROTO_UDP; }
58 
59 // A mapping between names and IDs.
60 namespace snort
61 {
62 class SO_PUBLIC ProtocolReference
63 {
64 public:
65     ProtocolReference();
66     ~ProtocolReference();
67 
68     ProtocolReference(ProtocolReference* old_proto_ref);
69 
70     ProtocolReference(const ProtocolReference&)  = delete;
71     ProtocolReference& operator=(const ProtocolReference&)  = delete;
72 
73     SnortProtocolId get_count() const;
74 
75     const char* get_name(SnortProtocolId id) const;
76     const char* get_name_sorted(SnortProtocolId id);
77 
78     SnortProtocolId add(const char* protocol);
79     SnortProtocolId find(const char* protocol) const;
80 
81     bool operator()(SnortProtocolId a, SnortProtocolId b);
82 
83 private:
84     std::vector<std::string> id_map;
85     std::vector<SnortProtocolId> ind_map;
86     std::unordered_map<std::string, SnortProtocolId> ref_table;
87 
88     SnortProtocolId protocol_number = 0;
89 
90     void init(const ProtocolReference* old_proto_ref);
91 };
92 }
93 #endif
94 
95