1 //-------------------------------------------------------------------------- 2 // Copyright (C) 2015-2021 Cisco and/or its affiliates. All rights reserved. 3 // 4 // This program is free software; you can redistribute it and/or modify it 5 // under the terms of the GNU General Public License Version 2 as published 6 // by the Free Software Foundation. You may not use, modify or distribute 7 // this program under any other version of the GNU General Public License. 8 // 9 // This program is distributed in the hope that it will be useful, but 10 // WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 // General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License along 15 // with this program; if not, write to the Free Software Foundation, Inc., 16 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 17 //-------------------------------------------------------------------------- 18 19 // tcp_normalizers.h author davis mcpherson <davmcphe@cisco.com> 20 // Created on: Sep 22, 2015 21 22 #ifndef TCP_NORMALIZERS_H 23 #define TCP_NORMALIZERS_H 24 25 #include "stream/tcp/tcp_normalizer.h" 26 27 class TcpStreamSession; 28 class TcpStreamSession; 29 30 class TcpNormalizerFactory 31 { 32 public: 33 static void initialize(); 34 static void term(); 35 static TcpNormalizer* get_instance(StreamPolicy); 36 37 private: 38 TcpNormalizerFactory() = delete; 39 40 static TcpNormalizer* normalizers[StreamPolicy::OS_END_OF_LIST]; 41 }; 42 43 class TcpNormalizerPolicy 44 { 45 public: 46 TcpNormalizerPolicy() = default; 47 ~TcpNormalizerPolicy() = default; 48 49 void init(StreamPolicy os, TcpStreamSession* ssn, TcpStreamTracker* trk, TcpStreamTracker* peer); reset()50 void reset() 51 { init(StreamPolicy::OS_DEFAULT, nullptr, nullptr, nullptr); } 52 packet_dropper(TcpSegmentDescriptor & tsd,NormFlags nflags)53 bool packet_dropper(TcpSegmentDescriptor& tsd, NormFlags nflags) 54 { return norm->packet_dropper(tns, tsd, nflags); } 55 56 bool trim_syn_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0) 57 { return norm->trim_syn_payload(tns, tsd, max); } 58 59 void trim_rst_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0) 60 { norm->trim_rst_payload(tns, tsd, max); } 61 62 void trim_win_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0, bool force = false) 63 { norm->trim_win_payload(tns, tsd, max, force); } 64 65 void trim_mss_payload(TcpSegmentDescriptor& tsd, uint32_t max = 0) 66 { norm->trim_mss_payload(tns, tsd, max); } 67 ecn_tracker(const snort::tcp::TCPHdr * tcph,bool req3way)68 void ecn_tracker(const snort::tcp::TCPHdr* tcph, bool req3way) 69 { norm->ecn_tracker(tns, tcph, req3way); } 70 ecn_stripper(TcpSegmentDescriptor & tsd)71 void ecn_stripper(TcpSegmentDescriptor& tsd) 72 { norm->ecn_stripper(tns, tsd); } 73 get_stream_window(TcpSegmentDescriptor & tsd)74 uint32_t get_stream_window(TcpSegmentDescriptor& tsd) 75 { return norm->get_stream_window(tns, tsd); } 76 get_tcp_timestamp(TcpSegmentDescriptor & tsd,bool strip)77 uint32_t get_tcp_timestamp(TcpSegmentDescriptor& tsd, bool strip) 78 { return norm->get_tcp_timestamp(tns, tsd, strip); } 79 handle_paws(TcpSegmentDescriptor & tsd)80 int handle_paws(TcpSegmentDescriptor& tsd) 81 { return norm->handle_paws(tns, tsd); } 82 validate_rst(TcpSegmentDescriptor & tsd)83 bool validate_rst(TcpSegmentDescriptor& tsd) 84 { return norm->validate_rst(tns, tsd); } 85 handle_repeated_syn(TcpSegmentDescriptor & tsd)86 int handle_repeated_syn(TcpSegmentDescriptor& tsd) 87 { return norm->handle_repeated_syn(tns, tsd); } 88 set_urg_offset(const snort::tcp::TCPHdr * tcph,uint16_t dsize)89 uint16_t set_urg_offset(const snort::tcp::TCPHdr* tcph, uint16_t dsize) 90 { return norm->set_urg_offset(tns, tcph, dsize); } 91 get_os_policy()92 StreamPolicy get_os_policy() const 93 { return tns.os_policy; } 94 is_paws_drop_zero_ts()95 bool is_paws_drop_zero_ts() const 96 { return tns.paws_drop_zero_ts; } 97 get_paws_ts_fudge()98 int32_t get_paws_ts_fudge() const 99 { return tns.paws_ts_fudge; } 100 get_opt_block()101 int8_t get_opt_block() const 102 { return tns.opt_block; } 103 get_strip_ecn()104 int8_t get_strip_ecn() const 105 { return tns.strip_ecn; } 106 get_tcp_block()107 int8_t get_tcp_block() const 108 { return tns.tcp_block; } 109 get_trim_rst()110 int8_t get_trim_rst() const 111 { return tns.trim_rst; } 112 get_trim_syn()113 int8_t get_trim_syn() const 114 { return tns.trim_syn; } 115 get_trim_mss()116 int8_t get_trim_mss() const 117 { return tns.trim_mss; } 118 get_trim_win()119 int8_t get_trim_win() const 120 { return tns.trim_win; } 121 is_tcp_ips_enabled()122 bool is_tcp_ips_enabled() const 123 { return tns.tcp_ips_enabled; } 124 handling_timestamps()125 bool handling_timestamps() const 126 { return tns.tcp_ts_flags != TF_NONE; } 127 get_timestamp_flags()128 uint32_t get_timestamp_flags() 129 { return tns.tcp_ts_flags; } 130 131 private: 132 TcpNormalizer* norm = nullptr; 133 TcpNormalizerState tns; 134 }; 135 136 #endif 137 138