engine/parse_rules.c

Go to the documentation of this file.
00001 //#define DEBUG
00002 
00003 #include "parse_rules.h"
00004 #include "parse_config.h"
00005 #include "hlbrlib.h"
00006 #include "../decoders/decode.h"
00007 #include "../actions/action.h"
00008 #include <string.h>
00009 #include "message.h"
00010 #include <stdlib.h>
00011 
00012 extern GlobalVars Globals;
00013 
00014 
00015 int ParseDecoderLine(char* DecoderLine, int RuleNum);
00016 
00017 
00024 int SetAction(int RuleID, char* ActionName)
00025 {
00026         int i;
00027 
00028         DEBUGPATH;
00029 
00030         for (i = 0; i < Globals.NumActions; i++) {
00031                 if (strcasecmp(ActionName, Globals.Actions[i].Name) == 0) {
00032                         return i;
00033                 }
00034         }
00035 
00036         return ACTION_NONE;
00037 }
00038 
00042 int ParseRule(FILE* fp)
00043 {
00044         char            LineBuff[10240];
00045         int             RuleNum;
00046         char            ActionSet;
00047         char            MessageSet;
00048         char            DefaultRule[256];
00049         int             GID;
00050         int             Revision;
00051 
00052         DEBUGPATH;
00053 
00054         RuleNum = Globals.NumRules;
00055         snprintf(DefaultRule, MAX_MESSAGE_LEN, "Rule %i\n", RuleNum);
00056         GID = USER_RULE_START + RuleNum;
00057         Revision=1;
00058 
00059         ActionSet = FALSE;
00060         MessageSet = FALSE;
00061         while(GetLine(fp, LineBuff, 10240)) {
00062                 if (strcasecmp(LineBuff, "</rule>") == 0) {
00063                         DBG( PRINT("All done with this rule\n") );
00064                         if (!ActionSet) {
00065                                 PRINTERROR1("Warning: Action defaults to drop for rule %d\n", RuleNum);
00066                         }
00067                         if (!MessageSet) {
00068                                 PRINTERROR2("Warning: Message defaults to \"%s\" for rule %d\n", DefaultRule, RuleNum);
00069                                 Globals.Rules[RuleNum].MessageFormat = ParseMessageString(DefaultRule);
00070                         }
00071 
00072                         Globals.NumRules++;
00073                         return TRUE;
00074                 } else if (strncasecmp(LineBuff,"action=",7) == 0) {
00075                         if (ActionSet) {
00076                                 PRINTERROR1("Warning: Action was already set to %s\n",
00077                                         Globals.Actions[Globals.Rules[RuleNum].Action].Name);
00078                         }
00079 
00080                         if ( (Globals.Rules[RuleNum].Action = SetAction(RuleNum, LineBuff+7)) != ACTION_NONE) {
00081                                 ActionSet = TRUE;
00082                         DBG( PRINT1("Setting Action %s\n", Globals.Actions[Globals.Rules[RuleNum].Action].Name) );
00083                         }
00084 
00085                         if (!ActionSet) {
00086                                 PRINTERROR1("Error: Couldn't find action %s\n", LineBuff+7);
00087                                 return FALSE;
00088                         }
00089                 } else if (strncasecmp(LineBuff, "message=", 8) == 0) {
00090                         DBG( PRINT1("Setting message to \"%s\"\n", LineBuff+8) );
00091                         if (MessageSet)
00092                                 PRINTERROR("Warning: Message was already set\n");
00093 
00094                         Globals.Rules[RuleNum].MessageFormat = ParseMessageString(LineBuff+8);
00095                         MessageSet = TRUE;
00096                 } else if (strncasecmp(LineBuff, "GID=", 4) == 0) {
00097                         Globals.Rules[RuleNum].GlobalID = atoi(LineBuff+4);
00098                         DBG( PRINT1("Setting GID To %i\n", Globals.Rules[RuleNum].GlobalID) );
00099                 } else if (strncasecmp(LineBuff, "rev=", 4) == 0) {
00100                         Globals.Rules[RuleNum].Revision = atoi(LineBuff+4);
00101                         DBG( PRINT1("Setting Rev To %i\n", Globals.Rules[RuleNum].Revision) );
00102                 } else {
00103                         if (!ParseDecoderLine(LineBuff, RuleNum)) {
00104                                 PRINTERROR1("Warning: Couldn't understand rule option: %s\n", LineBuff);
00105                         } else {
00106                                 PRINTERROR("I don't eat raisins.");
00107                         }
00108                 }
00109         }
00110 
00111         return FALSE;
00112 }
00113 
00114 
00120 int ParseDecoderLine(char* DecoderLine, int RuleNum)
00121 {
00122         char            Line[10240];
00123         int             DecoderID;
00124         char*           DecoderName;
00125         char*           TestName;
00126         char*           Args;
00127         char*           Delim;
00128         DecoderRec*     Decoder;
00129         TestRec*        Test;
00130 
00131         DEBUGPATH;
00132 
00133         // parse the line
00134         snprintf(Line, 10240, "%s", DecoderLine);
00135         DecoderName = Line;
00136         Delim = strchr(Line, ' ');
00137         if (!Delim) {
00138                 PRINTERROR1("Warning: Invalid line %s\n",Line);
00139                 return FALSE;
00140         }
00141 
00142         *Delim = 0x00;
00143         TestName = Delim+1;
00144 
00145         // find that decoder
00146         DBG( PRINT1("Decoder Name is %s\n",DecoderName) );
00147         DecoderID = GetDecoderByName(DecoderName);
00148         if (DecoderID == DECODER_NONE) {
00149                 PRINTERROR1("There is no decoder %s\n", DecoderName);
00150                 return FALSE;
00151         }
00152         Decoder = &Globals.Decoders[DecoderID];
00153 
00154         // find the test in that decoder
00155         if (!Decoder->Tests) {
00156                 PRINTERROR1("There are no known tests for decoder %s\n", Decoder->Name);
00157                 return FALSE;
00158         }
00159 
00160         Delim = strchr(TestName, '(');
00161         if (!Delim) {
00162                 PRINTERROR("Error: Expected (\n");
00163                 return FALSE;
00164         } else {
00165                 *Delim = 0x00;
00166                 Args = Delim+1;
00167         }
00168 
00169         Delim = &Args[strlen(Args)-1];
00170         if (*Delim != ')') {
00171                 PRINTERROR("Error: Expected )\n");
00172                 return FALSE;
00173         } else {
00174                 *Delim=0x00;
00175         }
00176 
00177         Test = Decoder->Tests;
00178         while (Test) {
00179                 if (
00180                         (strcasecmp(TestName, Test->Name) == 0) ||
00181                         (strcasecmp(TestName, Test->ShortName) == 0)
00182                 ) {
00183                         DBG( PRINT1("Found test %s\n", TestName) );
00184                         if (Test->AddNode)
00185                                 return Test->AddNode(Test->ID, RuleNum, Args);
00186                         return FALSE;
00187                 }
00188                 Test = Test->Next;
00189         }
00190 
00191         PRINTERROR2("Warning: There is no test \"%s\" for decoder \"%s\"\n",
00192                     TestName, DecoderName);
00193         return FALSE;
00194 }
00195 
00196 
00197 /***********************************
00198 * Make sense out of the rules file
00199 ***********************************/
00200 int ParseRules(char* FName){
00201         FILE*           fp;
00202         char            LineBuff[10240];
00203         char*           End;
00204         char*           Start;
00205         char            Name[512];
00206         char            FDir[512];
00207         int                     i;
00208 
00209         DEBUGPATH;
00210 
00211 #ifdef DEBUG
00212         printf("About to parse rule file %s\n", FName);
00213 #endif
00214 
00215 
00216 
00217         fp=fopen(FName, "r");
00218         if (!fp){
00219                 //Extract path of Rules file...
00220                 strcpy(FDir, Globals.RulesFilename);
00221                 for (i = strlen(FDir); i >= 0 && FDir[i] != '/'; i--);
00222         FDir[i+1] = 0;
00223                 strcat(FDir, FName);
00224                 fp=fopen(FDir, "r");
00225                 if (!fp){
00226                         snprintf(Name, 512, "rules/%s", FName);
00227                         fp=fopen(Name, "r");
00228                         if (!fp){
00229                                 printf("Couldn't open rules file %s\n",FName);
00230                                 return FALSE;
00231                         }
00232                 }
00233         }
00234 
00235         while (GetLine(fp, LineBuff, 10240)){
00236                 if (strncasecmp(LineBuff, "<rule>",6)==0){
00237                         /*Process the system options*/
00238                         if (!ParseRule(fp)) return FALSE;
00239                 }else if(strncasecmp(LineBuff, "<include",8)==0){
00240                         Start=LineBuff+8;
00241                         while (*Start==' ') Start++;
00242                         if (*Start=='>'){
00243                                 printf("Error parsing %s\nFormat <include FILENAME>\n",LineBuff);
00244                                 return FALSE;
00245                         }
00246                         End=strchr(LineBuff+8,'>');
00247                         if (!End){
00248                                 printf("Expected \">\"\n");
00249                                 return FALSE;
00250                         }
00251                         *End=0x00;
00252                         if (!ParseRules(Start)) return FALSE;
00253         }
00254         }
00255 
00256         fclose(fp);
00257 
00258         return TRUE;
00259 }

Generated on Sat Jul 7 23:33:10 2007 for HLBR by  doxygen 1.5.2