1 /* Copyright (C) 2009-2019 Trend Micro Inc. 2 * All rights reserved. 3 * 4 * This program is a free software; you can redistribute it 5 * and/or modify it under the terms of the GNU General Public 6 * License (version 2) as published by the FSF - Free Software 7 * Foundation. 8 */ 9 10 /* Global Definitions */ 11 12 #ifndef __OS_HEADERS 13 #define __OS_HEADERS 14 15 #define TRUE 1 16 #define FALSE 0 17 18 #define READ 1 19 #define WRITE 2 20 21 #define OS_BINARY 0 22 #define OS_TEXT 1 23 24 /* Size limit control */ 25 #define OS_SIZE_8192 8192 26 #define OS_SIZE_6144 6144 27 #define OS_SIZE_4096 4096 28 #define OS_SIZE_2048 2048 29 #define OS_SIZE_1024 1024 30 #define OS_SIZE_256 256 31 #define OS_SIZE_128 128 32 33 #define OS_MAXSTR OS_SIZE_6144 /* Size for logs, sockets, etc */ 34 #define OS_BUFFER_SIZE OS_SIZE_2048 /* Size of general buffers */ 35 #define OS_FLSIZE OS_SIZE_256 /* Maximum file size */ 36 #define OS_HEADER_SIZE OS_SIZE_128 /* Maximum header size */ 37 #define OS_LOG_HEADER OS_SIZE_256 /* Maximum log header size */ 38 #define IPSIZE INET6_ADDRSTRLEN /* IP Address size */ 39 40 /* Some global names */ 41 #define __ossec_name "OSSEC HIDS" 42 #define __version "v3.6.0" 43 #define __author "OSSEC Foundation" 44 #define __contact "contact@ossec.net" 45 #define __site "https://www.ossec.net" 46 #define __license "\ 47 This program is free software; you can redistribute it and/or modify\n\ 48 it under the terms of the GNU General Public License (version 2) as \n\ 49 published by the Free Software Foundation. For more details, go to \n\ 50 http://www.ossec.net/main/license/\n" 51 52 /* Maximum allowed PID */ 53 #ifdef SOLARIS 54 #define MAX_PID 29999 55 #else 56 #define MAX_PID 32768 57 #endif 58 59 /* Limit of 256 agents */ 60 #ifndef MAX_AGENTS 61 #define MAX_AGENTS 256 62 #endif 63 64 /* First ID assigned by authd */ 65 #ifndef AUTHD_FIRST_ID 66 #define AUTHD_FIRST_ID 1024 67 #endif 68 69 /* Notify the manager */ 70 #define NOTIFY_TIME 600 /* ... every 600 seconds (10 minutes) */ 71 72 /* User Configuration */ 73 #ifndef MAILUSER 74 #define MAILUSER "ossecm" 75 #endif 76 77 #ifndef USER 78 #define USER "ossec" 79 #endif 80 81 #ifndef REMUSER 82 #define REMUSER "ossecr" 83 #endif 84 85 #ifndef GROUPGLOBAL 86 #define GROUPGLOBAL "ossec" 87 #endif 88 89 #ifndef DEFAULTDIR 90 #define DEFAULTDIR "/var/ossec" 91 #endif 92 93 /* Default queue */ 94 #define DEFAULTQUEUE "/queue/ossec/queue" 95 96 /* Active Response files */ 97 #ifndef WIN32 98 #define DEFAULTAR "/etc/shared/ar.conf" 99 #define AR_BINDIR "/active-response/bin" 100 #define AGENTCONFIGINT "/etc/shared/agent.conf" 101 #define AGENTCONFIG DEFAULTDIR "/etc/shared/agent.conf" 102 #else 103 #define DEFAULTAR "shared/ar.conf" 104 #define AR_BINDIR "active-response/bin" 105 #define AGENTCONFIG "shared/agent.conf" 106 #define AGENTCONFIGINT "shared/agent.conf" 107 #endif 108 109 /* Exec queue */ 110 #define EXECQUEUE "/queue/alerts/execq" 111 112 /* Active Response queue */ 113 #define ARQUEUE "/queue/alerts/ar" 114 115 /* Decoder file */ 116 #define XML_DECODER "/etc/decoder.xml" 117 #define XML_LDECODER "/etc/local_decoder.xml" 118 119 /* Agent information location */ 120 #define AGENTINFO_DIR "/queue/agent-info" 121 122 /* Syscheck directory */ 123 #define SYSCHECK_DIR "/queue/syscheck" 124 125 /* Rootcheck directory */ 126 #define ROOTCHECK_DIR "/queue/rootcheck" 127 128 /* Diff queue */ 129 #define DIFF_DIR "/queue/diff" 130 #define DIFF_DIR_PATH DEFAULTDIR DIFF_DIR 131 #define DIFF_NEW_FILE "new-entry" 132 #define DIFF_LAST_FILE "last-entry" 133 134 /* Syscheck data */ 135 #define SYSCHECK "syscheck" 136 #define SYSCHECK_REG "syscheck-registry" 137 138 /* Rule path */ 139 #define RULEPATH "/rules" 140 141 /* Wait file */ 142 #ifndef WIN32 143 #define WAIT_FILE "/queue/ossec/.wait" 144 #else 145 #define WAIT_FILE ".wait" 146 #endif 147 148 /* Agent information file */ 149 #ifndef WIN32 150 #define AGENT_INFO_FILE "/queue/ossec/.agent_info" 151 #define AGENT_INFO_FILEP DEFAULTDIR AGENT_INFO_FILE 152 #else 153 #define AGENT_INFO_FILE ".agent_info" 154 #define AGENT_INFO_FILEP AGENT_INFO_FILE 155 #endif 156 157 /* Syscheck restart */ 158 #ifndef WIN32 159 #define SYSCHECK_RESTART "/var/run/.syscheck_run" 160 #define SYSCHECK_RESTART_PATH DEFAULTDIR SYSCHECK_RESTART 161 #else 162 #define SYSCHECK_RESTART "syscheck/.syscheck_run" 163 #define SYSCHECK_RESTART_PATH "syscheck/.syscheck_run" 164 #endif 165 166 /* Agentless directories */ 167 #define AGENTLESSDIR "/agentless" 168 #define AGENTLESSPASS "/agentless/.passlist" 169 #define AGENTLESS_ENTRYDIR "/queue/agentless" 170 171 /* Internal definitions files */ 172 #ifndef WIN32 173 #define OSSEC_DEFINES "/etc/internal_options.conf" 174 #define OSSEC_LDEFINES "/etc/local_internal_options.conf" 175 #else 176 #define OSSEC_DEFINES "internal_options.conf" 177 #define OSSEC_LDEFINES "local_internal_options.conf" 178 #endif 179 180 /* Log directories */ 181 #define EVENTS "/logs/archives" 182 #define EVENTS_DAILY "/logs/archives/archives.log" 183 #define ALERTS "/logs/alerts" 184 #define ALERTS_PATH DEFAULTDIR ALERTS 185 #define ALERTS_DAILY "/logs/alerts/alerts.log" 186 #define ALERTSJSON_DAILY "/logs/alerts/alerts.json" 187 #define FWLOGS "/logs/firewall" 188 #define FWLOGS_DAILY "/logs/firewall/firewall.log" 189 #define EVENTSJSON_DAILY "/logs/archives/archives.json" 190 191 /* Stats directories */ 192 #define STATWQUEUE "/stats/weekly-average" 193 #define STATQUEUE "/stats/hourly-average" 194 #define STATSAVED "/stats/totals" 195 196 /* Authentication keys file */ 197 #ifndef WIN32 198 #define KEYS_FILE "/etc/client.keys" 199 #define AUTHD_PASS "/etc/authd.pass" 200 #define KEYSFILE_PATH DEFAULTDIR KEYS_FILE 201 #define AUTHDPASS_PATH DEFAULTDIR AUTHD_PASS 202 #else 203 #define KEYS_FILE "client.keys" 204 #define KEYSFILE_PATH KEYS_FILE 205 #define AUTHD_PASS "authd.pass" 206 #define AUTHDPASS_PATH AUTHD_PASS 207 #endif 208 209 #ifndef AUTH_FILE 210 #define AUTH_FILE KEYS_FILE 211 #endif 212 213 /* Shared config directory */ 214 #ifndef WIN32 215 #define SHAREDCFG_DIR "/etc/shared" 216 #else 217 #define SHAREDCFG_DIR "shared" 218 #endif 219 220 /* Built-in defines */ 221 #define DEFAULTQPATH DEFAULTDIR DEFAULTQUEUE 222 223 #ifndef WIN32 224 #define OSSECCONF "/etc/ossec.conf" 225 #define DEFAULTCPATH DEFAULTDIR OSSECCONF 226 #else 227 #define OSSECCONF "ossec.conf" 228 #define DEFAULTCPATH "ossec.conf" 229 #endif 230 231 #ifndef WIN32 232 #define DEFAULTARPATH DEFAULTDIR DEFAULTAR 233 #define AR_BINDIRPATH DEFAULTDIR AR_BINDIR 234 #define AGENTLESSDIRPATH DEFAULTDIR AGENTLESSDIR 235 #define AGENTLESSPASSPATH DEFAULTDIR AGENTLESSPASS 236 #define AGENTLESS_ENTRYDIRPATH DEFAULTDIR AGENTLESS_ENTRYDIR 237 #else 238 #define DEFAULTARPATH "shared/ar.conf" 239 #define AR_BINDIRPATH "active-response/bin" 240 #define AGENTLESSDIRPATH AGENTLESSDIR 241 #define AGENTLESSPASSPATH AGENTLESSPASS 242 #define AGENTLESS_ENTRYDIRPATH AGENTLESS_ENTRYDIR 243 #endif 244 #define EXECQUEUEPATH DEFAULTDIR EXECQUEUE 245 246 #ifdef WIN32 247 #define SHAREDCFG_DIRPATH SHAREDCFG_DIR 248 #else 249 #define SHAREDCFG_DIRPATH DEFAULTDIR SHAREDCFG_DIR 250 #endif 251 252 #define SHAREDCFG_FILE SHAREDCFG_DIR "/merged.mg" 253 #define SHAREDCFG_FILEPATH SHAREDCFG_DIRPATH "/merged.mg" 254 #define SHAREDCFG_FILENAME "merged.mg" 255 256 #define WAIT_FILE_PATH DEFAULTDIR WAIT_FILE 257 258 #define TMP_DIR "tmp" 259 260 /* Windows COMSPEC */ 261 #define COMSPEC "C:\\Windows\\System32\\cmd.exe" 262 263 /* Default ports */ 264 #ifndef DEFAULT_SECURE 265 #define DEFAULT_SECURE "1514" /* Default encrypted */ 266 #endif 267 268 #ifndef DEFAULT_SYSLOG 269 #define DEFAULT_SYSLOG "514" /* Default syslog port - udp */ 270 #endif 271 272 /* XML global elements */ 273 #ifndef xml_global 274 #define xml_global "global" 275 #endif 276 277 #ifndef xml_alerts 278 #define xml_alerts "alerts" 279 #endif 280 281 #ifndef xml_rules 282 #define xml_rules "rules" 283 #endif 284 285 #ifndef xml_localfile 286 #define xml_localfile "localfile" 287 #endif 288 289 #ifndef xml_remote 290 #define xml_remote "remote" 291 #endif 292 293 #ifndef xml_client 294 #define xml_client "client" 295 #endif 296 297 #ifndef xml_execd 298 #define xml_execd "execd" 299 #endif 300 301 #ifndef xml_syscheck 302 #define xml_syscheck "syscheck" 303 #endif 304 305 #ifndef xml_rootcheck 306 #define xml_rootcheck "rootcheck" 307 #endif 308 309 #ifndef xml_command 310 #define xml_command "command" 311 #endif 312 313 #ifndef xml_ar 314 #define xml_ar "active-response" 315 #endif 316 317 #endif /* __OS_HEADERS */ 318