HLBR: actions/action.c Source File

00001 #include "action.h"
00002 #include <stdio.h>
00003 #include <string.h>
00004 #ifdef _SOLARIS_
00005 #include <strings.h>
00006 #endif
00007 #include "../packets/packet.h"
00008 /************include plugins here**********/
00009 #include "action_drop.h"
00010 #include "action_alert_console.h"
00011 #include "action_alert_file.h"
00012 #include "action_dump_packet.h"
00013 #include "action_route_sip.h"
00014 #include "action_bns.h"
00015 #include "action_alert_syslog.h"
00016 #include "action_alert_email.h"
00017 #include "action_alert_socket.h"
00018 #include "action_alert_listensocket.h"
00019 
00020 //#define DEBUG
00021 
00022 extern GlobalVars Globals;
00023 
00024 /**********************************
00025 * Set up all the actions
00026 **********************************/
00027 int InitActions(){
00028 #ifdef DEBUGPATH
00029         printf("In InitActions\n");
00030 #endif
00031 
00032         if (!InitActionDrop()) return FALSE;
00033         if (!InitActionAlertConsole()) return FALSE;
00034         if (!InitActionAlertFile()) return FALSE;
00035         if (!InitActionDumpPacket()) return FALSE;
00036         if (!InitActionRouteSIP()) return FALSE;
00037         if (!InitActionBNS()) return FALSE;
00038         if (!InitActionAlertSyslog()) return FALSE;
00039         if (!InitActionAlertEMail()) return FALSE;
00040         if (!InitActionAlertSocket()) return FALSE;
00041         if (!InitActionAlertListenSocket()) return FALSE;
00042 
00043         return TRUE;
00044 }
00045 
00046 /***********************************
00047 * Given an action's name, return
00048 * its ID
00049 ***********************************/
00050 int     GetActionByName(char* Name){
00051         int     i;
00052 
00053 #ifdef DEBUGPATH
00054         printf("GetActionByName\n");
00055 #endif
00056 
00057         for (i=0;i<Globals.NumActionItems;i++){
00058                 if (strcasecmp(Name, Globals.ActionItems[i].Name)==0){
00059                         return i;
00060                 }
00061         }
00062 
00063         return ACTION_NONE;
00064 }
00065 
00066 /********************************
00067 * Get a New Action from the List
00068 *********************************/
00069 int CreateAction(char* Name){
00070         int ActionID;
00071         
00072 #ifdef DEBUGPATH
00073         printf("In CreateAction\n");
00074 #endif
00075 
00076         /*check to see if this name is already used*/
00077         ActionID=GetActionByName(Name);
00078         if (ActionID!=ACTION_NONE){
00079                 printf("Action %s already exists\n",Name);
00080                 return ACTION_NONE;
00081         }
00082         
00083         ActionID=Globals.NumActionItems;
00084         Globals.NumActionItems++;
00085         
00086         bzero(&Globals.ActionItems[ActionID], sizeof(ActionItem));
00087         Globals.ActionItems[ActionID].ID=ActionID;
00088         snprintf(Globals.ActionItems[ActionID].Name, MAX_NAME_LEN, Name);
00089         
00090 #ifdef DEBUG
00091         printf("Allocated Action \"%s\" at number %i\n",Name, ActionID);
00092 #endif  
00093         
00094         return ActionID;
00095 }
00096 
00097 /****************************************************
00098 * Expand all the macros for the Message string
00099 ****************************************************/
00100 int BuildMessageString(char* Message, int PacketSlot, char* TargetBuff, int TargetBuffLen){
00101 #ifdef DEBUGPATH
00102         printf("In BuildMessageString\n");
00103 #endif
00104 
00105         
00106 
00107         return FALSE;
00108 }
00109 
00110 /************************************
00111 * We've got rules matches, perform
00112 * the actions
00113 ************************************/
00114 int PerformActions(int PacketSlot){
00115         int     i;
00116         int j;
00117         ActionRec*      Action;
00118         PacketRec*      p;
00119 
00120 #ifdef DEBUGPATH
00121         printf("In PerformActions\n");
00122 #endif
00123 
00124         p=&Globals.Packets[PacketSlot];
00125         Globals.AlertCount++;
00126 
00127 #ifdef DEBUG
00128         printf("----------------------------\n");
00129         printf("Results:\n");
00130 #endif  
00131         for (i=0;i<Globals.NumRules;i++){
00132                 if (RuleIsActive(PacketSlot, i)){
00133 #ifdef DEBUG            
00134                         printf("Rule %i Matches\n", i);
00135                         printf("ActionID is %i\n",Globals.Rules[i].Action);
00136                         printf("There are %i items\n",Globals.Actions[Globals.Rules[i].Action].NumItems);
00137 #endif                  
00138                         /*call all of the actions*/
00139                         Action=&Globals.Actions[Globals.Rules[i].Action];
00140                         for (j=0;j<Action->NumItems;j++){
00141                                 if (Globals.ActionItems[Action->ActionItems[j]].ActionFunc)
00142                                         Globals.ActionItems[Action->ActionItems[j]].ActionFunc(i,PacketSlot,Globals.Actions[Globals.Rules[i].Action].ActionItemData[j]);
00143                         }
00144                 }
00145         }
00146 #ifdef DEBUG    
00147         printf("-----------------------------\n");
00148 #endif
00149                 
00150         return TRUE;
00151 }
00152 
00159 int     LogMessageAllActions(char* Message)
00160 {
00161         int             i,j;
00162         ActionRec*      Action;
00163 
00164         DEBUGPATH;
00165 
00166         for (i = 0; i < Globals.NumActions; i++) {
00167                 Action = &Globals.Actions[i];
00168                 for (j = 0; j < Action->NumItems; j++) {
00169                         if (Globals.ActionItems[Action->ActionItems[j]].MessageFunc)
00170                                 Globals.ActionItems[Action->ActionItems[j]].MessageFunc(Message, Globals.Actions[Globals.Rules[i].Action].ActionItemData[j]);
00171                 }
00172         }
00173         
00174         return FALSE;
00175 }