Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 196 lines (151 sloc) 5.147 kB
423acab @binf Added Support for remote syslog logging thanks to legacy plugin provi…
binf authored
1
1912fdf @firnsy initial import.
authored
2 /*
3 ** Copyright (C) 2002-2009 Sourcefire, Inc.
4 ** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
5 **
6 ** This program is free software; you can redistribute it and/or modify
7 ** it under the terms of the GNU General Public License Version 2 as
8 ** published by the Free Software Foundation. You may not use, modify or
9 ** distribute this program under any other version of the GNU General
10 ** Public License.
11 **
12 ** This program is distributed in the hope that it will be useful,
13 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
14 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 ** GNU General Public License for more details.
16 **
17 ** You should have received a copy of the GNU General Public License
18 ** along with this program; if not, write to the Free Software
19 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20 */
21
22 /* $Id$ */
23 #ifndef __PLUGBASE_H__
24 #define __PLUGBASE_H__
25
26 #ifdef HAVE_CONFIG_H
27 # include "config.h"
28 #endif
29
30 //#include "rules.h"
31 #include "sf_types.h"
32 #include "debug.h"
33
34 #ifndef WIN32
35 # include <sys/ioctl.h>
36 #endif /* !WIN32 */
37
38 #ifdef ENABLE_SSL
39 # ifdef Free
40 /* Free macro in radix.h if defined, will conflict with OpenSSL definition */
41 # undef Free
42 # endif
43 #endif
44
45 #if defined(FREEBSD) || defined(OPENBSD)
46 # include <sys/socket.h>
47 #endif
48
f71a8d3 @binf added: support for compiling under cygwin.
binf authored
49 #if !defined(__SOLARIS__) && !defined(__CYGWIN32__) && !defined(__CYGWIN__) && \
50 !defined( __CYGWIN64__)
1912fdf @firnsy initial import.
authored
51 #include <net/route.h>
f71a8d3 @binf added: support for compiling under cygwin.
binf authored
52 #endif
1912fdf @firnsy initial import.
authored
53
54 #ifdef ENABLE_SSL
55 # undef Free
56 #endif
57
58 #if defined(SOLARIS) || defined(FREEBSD) || defined(OPENBSD)
59 # include <sys/param.h>
60 #endif
61
62 #if defined(FREEBSD) || defined(OPENBSD) || defined(NETBSD) || defined(OSF1)
63 # include <sys/mbuf.h>
64 #endif
65
66 #ifndef IFNAMSIZ /* IFNAMSIZ is defined in all platforms I checked.. */
67 # include <net/if.h>
68 #endif
69
70 #include "decode.h"
71
72 #define SMALLBUFFER 32
73
74 typedef enum _InputType
75 {
76 INPUT_TYPE__UNIFIED_LOG = 1,
77 INPUT_TYPE__UNIFIED_ALERT,
78 INPUT_TYPE__UNIFIED,
79 INPUT_TYPE__UNIFIED2,
80 INPUT_TYPE__MAX
81
82 } InputType;
83
84 typedef enum _OutputType
85 {
86 OUTPUT_TYPE__ALERT = 1,
87 OUTPUT_TYPE__LOG,
88 OUTPUT_TYPE__SPECIAL,
89 OUTPUT_TYPE__MAX
90
91 } OutputType;
92
93 typedef enum _OutputTypeFlag
94 {
95 OUTPUT_TYPE_FLAG__ALERT = 0x00000001,
96 OUTPUT_TYPE_FLAG__LOG = 0x00000002,
97 OUTPUT_TYPE_FLAG__ALL = 0x7fffffff
98
99 } OutputTypeFlag;
100
101
102 /***************************** Input Plugin API ******************************/
103 typedef void (*InputConfigFunc)(char *);
104 typedef int (*InputReadHeaderFunc)(void *);
105 typedef int (*InputReadRecordFunc)(void *);
106
107 typedef struct _InputConfigFuncNode
108 {
109 char *keyword;
110 InputConfigFunc func;
111 struct _InputConfigFuncNode *next;
112
113 } InputConfigFuncNode;
114
115 typedef struct _InputFuncNode
116 {
117 char *keyword;
118 int configured_flag;
119
120 void *arg;
121 int (*readRecordHeader)(void *);
122 int (*readRecord)(void *);
123
124 struct _InputFuncNode *next;
125 } InputFuncNode;
126
127 void RegisterInputPlugins(void);
128 void InitInputPlugins();
129 int ActivateInputPlugin(char *plugin_name, char *plugin_options);
130 void RegisterInputPlugin(char *, InputConfigFunc);
131 InputConfigFunc GetInputConfigFunc(char *);
132 InputFuncNode *GetInputPlugin(char *);
133 void DumpInputPlugins();
134 int AddArgToInputList(char *plugin_name, void *arg);
135
136 int AddReadRecordHeaderFuncToInputList(char *plugin_name, int (*readRecordHeader)(void *));
137 int AddReadRecordFuncToInputList(char *plugin_name, int (*readRecord)(void *));
138
139 int InputFuncNodeConfigured(InputFuncNode *ifn);
140
141
142 /***************************** Output Plugin API *****************************/
143 typedef void (*OutputConfigFunc)(char *);
144 typedef void (*OutputFunc)(Packet *, void *, uint32_t, void *);
145
146 typedef struct _OutputConfigFuncNode
147 {
148 char *keyword;
149 int output_type_flags;
150 OutputConfigFunc func;
151 struct _OutputConfigFuncNode *next;
152
153 } OutputConfigFuncNode;
154
155 typedef struct _OutputFuncNode
156 {
157 void *arg;
158 OutputFunc func;
159 struct _OutputFuncNode *next;
160
161 } OutputFuncNode;
162
163 void RegisterOutputPlugins(void);
164 void RegisterOutputPlugin(char *, int, OutputConfigFunc);
165 OutputConfigFunc GetOutputConfigFunc(char *);
166 int GetOutputTypeFlags(char *);
167 void DumpOutputPlugins(void);
168 void AddFuncToOutputList(OutputFunc, OutputType, void *);
169 void FreeOutputConfigFuncs(void);
170 void FreeOutputList(OutputFuncNode *);
171 void CallOutputPlugins(OutputType, Packet *, void *, uint32_t);
172
173
174 /*************************** Miscellaneous API ***************************/
175 typedef void (*PluginSignalFunc)(int, void *);
176
177 typedef struct _PluginSignalFuncNode
178 {
179 void *arg;
180 PluginSignalFunc func;
181 struct _PluginSignalFuncNode *next;
182
183 } PluginSignalFuncNode;
184
185 /* Used for both rule options and output. Preprocessors have their own */
186 void AddFuncToRestartList(PluginSignalFunc, void *);
187 void AddFuncToCleanExitList(PluginSignalFunc, void *);
188 void AddFuncToShutdownList(PluginSignalFunc, void *);
189 void AddFuncToPostConfigList(PluginSignalFunc, void *);
190 void AddFuncToSignalList(PluginSignalFunc, void *, PluginSignalFuncNode **);
191 void PostConfigInitPlugins(PluginSignalFuncNode *);
192 void FreePluginSigFuncs(PluginSignalFuncNode *);
193
194 #endif /* __PLUGBASE_H__ */
195
Something went wrong with that request. Please try again.