1 //--------------------------------------------------------------------------
2 // Copyright (C) 2015-2021 Cisco and/or its affiliates. All rights reserved.
3 //
4 // This program is free software; you can redistribute it and/or modify it
5 // under the terms of the GNU General Public License Version 2 as published
6 // by the Free Software Foundation.  You may not use, modify or distribute
7 // this program under any other version of the GNU General Public License.
8 //
9 // This program is distributed in the hope that it will be useful, but
10 // WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12 // General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License along
15 // with this program; if not, write to the Free Software Foundation, Inc.,
16 // 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
17 //--------------------------------------------------------------------------
18 
19 // tcp_normalizers.h author davis mcpherson <davmcphe@cisco.com>
20 // Created on: Sep 22, 2015
21 
22 #ifndef TCP_NORMALIZERS_H
23 #define TCP_NORMALIZERS_H
24 
25 #include "stream/tcp/tcp_normalizer.h"
26 
27 class TcpStreamSession;
28 class TcpStreamSession;
29 
30 class TcpNormalizerFactory
31 {
32 public:
33     static void initialize();
34     static void term();
35     static TcpNormalizer* get_instance(StreamPolicy);
36 
37 private:
38     TcpNormalizerFactory() = delete;
39 
40     static TcpNormalizer* normalizers[StreamPolicy::OS_END_OF_LIST];
41 };
42 
43 class TcpNormalizerPolicy
44 {
45 public:
46     TcpNormalizerPolicy() = default;
47     ~TcpNormalizerPolicy() = default;
48 
49     void init(StreamPolicy os, TcpStreamSession* ssn, TcpStreamTracker* trk, TcpStreamTracker* peer);
reset()50     void reset()
51     { init(StreamPolicy::OS_DEFAULT, nullptr, nullptr, nullptr); }
52 
packet_dropper(TcpSegmentDescriptor & tsd,NormFlags nflags)53     bool packet_dropper(TcpSegmentDescriptor& tsd, NormFlags nflags)
54     { return norm->packet_dropper(tns, tsd, nflags); }
55 
56     bool trim_syn_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0)
57     { return norm->trim_syn_payload(tns, tsd, max); }
58 
59     void trim_rst_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0)
60     { norm->trim_rst_payload(tns, tsd, max); }
61 
62     void trim_win_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0, bool force = false)
63     { norm->trim_win_payload(tns, tsd, max, force); }
64 
65     void trim_mss_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0)
66     { norm->trim_mss_payload(tns, tsd, max); }
67 
ecn_tracker(const snort::tcp::TCPHdr * tcph,bool req3way)68     void ecn_tracker(const snort::tcp::TCPHdr* tcph, bool req3way)
69     { norm->ecn_tracker(tns, tcph, req3way); }
70 
ecn_stripper(TcpSegmentDescriptor & tsd)71     void ecn_stripper(TcpSegmentDescriptor& tsd)
72     { norm->ecn_stripper(tns, tsd); }
73 
get_stream_window(TcpSegmentDescriptor & tsd)74     uint32_t get_stream_window(TcpSegmentDescriptor& tsd)
75     { return norm->get_stream_window(tns, tsd); }
76 
get_tcp_timestamp(TcpSegmentDescriptor & tsd,bool strip)77     uint32_t get_tcp_timestamp(TcpSegmentDescriptor& tsd, bool strip)
78     { return norm->get_tcp_timestamp(tns, tsd, strip); }
79 
handle_paws(TcpSegmentDescriptor & tsd)80     int handle_paws(TcpSegmentDescriptor& tsd)
81     { return norm->handle_paws(tns, tsd); }
82 
validate_rst(TcpSegmentDescriptor & tsd)83     bool validate_rst(TcpSegmentDescriptor& tsd)
84     { return norm->validate_rst(tns, tsd); }
85 
handle_repeated_syn(TcpSegmentDescriptor & tsd)86     int handle_repeated_syn(TcpSegmentDescriptor& tsd)
87     { return norm->handle_repeated_syn(tns, tsd); }
88 
set_urg_offset(const snort::tcp::TCPHdr * tcph,uint16_t dsize)89     uint16_t set_urg_offset(const snort::tcp::TCPHdr* tcph, uint16_t dsize)
90     { return norm->set_urg_offset(tns, tcph, dsize); }
91 
get_os_policy()92     StreamPolicy get_os_policy() const
93     { return tns.os_policy; }
94 
is_paws_drop_zero_ts()95     bool is_paws_drop_zero_ts() const
96     { return tns.paws_drop_zero_ts; }
97 
get_paws_ts_fudge()98     int32_t get_paws_ts_fudge() const
99     { return tns.paws_ts_fudge; }
100 
get_opt_block()101     int8_t get_opt_block() const
102     { return tns.opt_block; }
103 
get_strip_ecn()104     int8_t get_strip_ecn() const
105     { return tns.strip_ecn; }
106 
get_tcp_block()107     int8_t get_tcp_block() const
108     { return tns.tcp_block; }
109 
get_trim_rst()110     int8_t get_trim_rst() const
111     { return tns.trim_rst; }
112 
get_trim_syn()113     int8_t get_trim_syn() const
114     { return tns.trim_syn; }
115 
get_trim_mss()116     int8_t get_trim_mss() const
117     { return tns.trim_mss; }
118 
get_trim_win()119     int8_t get_trim_win() const
120     { return tns.trim_win; }
121 
is_tcp_ips_enabled()122     bool is_tcp_ips_enabled() const
123     { return tns.tcp_ips_enabled; }
124 
handling_timestamps()125     bool handling_timestamps() const
126     { return tns.tcp_ts_flags != TF_NONE; }
127 
get_timestamp_flags()128     uint32_t get_timestamp_flags()
129     { return tns.tcp_ts_flags; }
130 
131 private:
132     TcpNormalizer* norm = nullptr;
133     TcpNormalizerState tns;
134 };
135 
136 #endif
137 
138