1 /*
2 ** Copyright (C) 2014-2021 Cisco and/or its affiliates. All rights reserved.
3 ** Copyright (C) 1998-2013 Sourcefire, Inc.
4 **
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU General Public License Version 2 as
7 ** published by the Free Software Foundation.  You may not use, modify or
8 ** distribute this program under any other version of the GNU General
9 ** Public License.
10 **
11 ** This program is distributed in the hope that it will be useful,
12 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
13 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14 ** GNU General Public License for more details.
15 **
16 ** You should have received a copy of the GNU General Public License
17 ** along with this program; if not, write to the Free Software
18 ** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19 */
20 
21 /*
22  * Adam Keeton
23  * sf_ipvar.h
24  * 11/17/06
25 */
26 
27 
28 #ifndef SF_IPVAR_H
29 #define SF_IPVAR_H
30 
31 /* Flags */
32 #define SFIP_NEGATED  1
33 #define SFIP_ANY      2
34 
35 #include <stdio.h>
36 #include "sf_ip.h"
37 
38 /* Selects which mode a given variable is using to
39  * store and lookup IP addresses */
40 typedef enum _modes {
41     SFIP_LIST,
42     SFIP_TABLE
43 } MODES;
44 
45 /* Used by the "list" mode.  A doubly linked list of sfcidr_t objects. */
46 typedef struct _ip_node {
47     sfcidr_t *ip;
48     struct _ip_node *next;
49     int flags;
50                     // XXX
51     int addr_flags; /* Flags used exlusively by Snort */
52                     /* Keeping these variables seperate keeps
53                      * this from stepping on Snort's toes. */
54                     /* Should merge them later */
55 } sfip_node_t;
56 
57 /* An IP variable onkect */
58 typedef struct _var_t {
59     /* Selects whether or not to use the list, the table,
60      * or any other method added later */
61     MODES mode;
62 
63     /* Linked lists.  Switch to something faster later */
64     sfip_node_t *head;
65     sfip_node_t *neg_head;
66 
67     /* The mode above will select whether to use the sfip_node_t linked list
68      * or the IP routing table */
69 //    sfrt rt;
70 
71     /* Linked list of IP variables for the variable table */
72     struct _var_t *next;
73 
74     uint16_t head_count;
75     uint16_t neg_head_count;
76     uint32_t id;
77     char *name;
78     char *value;
79 } sfip_var_t;
80 
81 /* A variable table for storing and looking up variables */
82 /* Expand later to use a faster data structure */
83 typedef struct _vartable_t {
84     sfip_var_t *head;
85     uint32_t id;
86 } vartable_t;
87 
88 /* Creates a new variable that is an alias of another variable
89  * Does a "deep" copy so it owns it's own pointers */
90 sfip_var_t * sfvar_create_alias(const sfip_var_t *alias_from, const char *alias_to);
91 
92 /* Returns 1 if the two variables are aliases of each other, 0 otherwise */
93 int sfvar_is_alias(const sfip_var_t *one, const sfip_var_t *two);
94 
95 /* Allocates a new variable as according to "str" */
96 sfip_var_t *sfvar_alloc(vartable_t *table, char *str, SFIP_RET *status);
97 
98 /* Makes sure there are no IP address conflicts in the variable */
99 /* Returns SFIP_CONFLICT if so */
100 SFIP_RET sfvar_validate(sfip_var_t *var);
101 
102 /* Parses an IP list described by 'str' and saves the results in 'var'. */
103 SFIP_RET sfvar_parse_iplist(vartable_t *table, sfip_var_t *var,
104                                 char *str, int negation);
105 
106 /* Allocaties and returns an IP node described by 'str' */
107 sfip_node_t *sfipnode_alloc(char *str, SFIP_RET *status);
108 
109 /* Adds a deep copy of src to dst */
110 /* Ordering is not necessarily preserved */
111 SFIP_RET sfvar_add(sfip_var_t *dst, sfip_var_t *src);
112 
113 /* Adds the nodes in 'src' to the variable 'dst' */
114 /* The mismatch of types is for ease-of-supporting Snort4 and
115  * Snort6 simultaneously */
116 SFIP_RET sfvar_add_node(sfip_var_t *dst, sfip_node_t *src, int negated);
117 
118 /* Compares two variables.  Necessary when building RTN structure */
119 SFIP_RET sfvar_compare(const sfip_var_t *one, const sfip_var_t *two);
120 
121 /* Deep copy. Returns identical, new, linked list of sfipnodes. */
122 sfip_var_t *sfvar_deep_copy(const sfip_var_t *src);
123 
124 /* Free an allocated variable */
125 void sfvar_free(sfip_var_t *var);
126 
127 /* Returns non-zero if ip is contained in 'var', 0 otherwise */
128 /* If either argument is NULL, 0 is returned. */
129 int sfvar_ip_in(sfip_var_t *var, sfaddr_t *ip);
130 
131 /* Prints the variable "var" to the file descriptor 'f' */
132 void sfvar_print(const char *prefix, sfip_var_t *var);
133 void sfip_set_print(const char *prefix, sfip_node_t *head);
134 
135 void sfvar_print_to_file(FILE *f, sfip_var_t *var);
136 void sfip_set_print_to_file(FILE *f, sfip_node_t *head);
137 
138 /* Returns the node's flags */
139 int sfvar_flags(sfip_node_t *node);
140 
141 #endif
142