00001 #include "test_tcp_dst.h"
00002 #include <stdio.h>
00003 #include <string.h>
00004 #include <stdlib.h>
00005 #include "../decoders/decode_tcp.h"
00006 #include "../packets/packet.h"
00007 #include <arpa/inet.h>
00008 #include "../engine/num_list.h"
00009 #include "../engine/bits.h"
00010
00011 extern GlobalVars Globals;
00012
00013 typedef struct tcp_dst_data {
00014 NumList* Ports;
00015 unsigned char RuleBits[MAX_RULES/8];
00016 struct tcp_dst_data* Next;
00017 } TCPDstData;
00018
00019
00020
00021
00022 int TCPDecoderID;
00023 TCPDstData* TCPDstHead;
00024
00028 int TestTCPDstOld(int PacketSlot, TestNode* Nodes)
00029 {
00030 unsigned short TCPDst;
00031 TCPDstData* data;
00032 TCPData* TData;
00033 TestNode* Node;
00034 int i;
00035 PacketRec* p;
00036
00037 DEBUGPATH;
00038
00039 if (!Nodes)
00040 return FALSE;
00041
00042 p = &Globals.Packets[PacketSlot];
00043
00044
00045 if (!GetDataByID(PacketSlot, TCPDecoderID, (void**)&TData)) {
00046 PRINTERROR("Failed to get TCP header data\n");
00047 return FALSE;
00048 }
00049
00050 TCPDst = ntohs(TData->Header->dest);
00051
00052 if (i == -1) {
00053 DBG( PRINTERROR("Couldn't find the tcp header\n") );
00054 return FALSE;
00055 }
00056
00057 #ifdef DEBUGMATCH
00058 printf("**************************************\n");
00059 printf("Before applying tcp dst tests\n");
00060 for (i=0;i<Globals.NumRules;i++)
00061 if (RuleIsActive(PacketSlot,i))
00062 printf("Rule %i is active\n",i);
00063 else
00064 printf("Rule %i is inactive\n",i);
00065 printf("**************************************\n");
00066 #endif
00067
00068 Node = Nodes;
00069 while(Node) {
00070 if (RuleIsActive(PacketSlot, Node->RuleID)) {
00071 data = (TCPDstData*)Node->Data;
00072 if (!IsInList(data->Ports, TCPDst)) {
00073 #ifdef DEBUGMATCH
00074 printf("TCP Dst %u doesn't match\n", TCPDst);
00075 printf("Other order is %u\n",ntohs(TCPDst));
00076 #endif
00077 SetRuleInactive(PacketSlot, Node->RuleID);
00078 }
00079 #ifdef DEBUGMATCH
00080 else {
00081 printf("TCP Dst Matches\n");
00082 }
00083 } else {
00084 printf("Rule is inactive\n");
00085 #endif
00086 }
00087 Node = Node->Next;
00088 }
00089
00090 #ifdef DEBUGMATCH
00091 printf("**************************************\n");
00092 for (i=0;i<Globals.NumRules;i++)
00093 if (RuleIsActive(PacketSlot,i))
00094 printf("Rule %i is active\n",i);
00095 else
00096 printf("Rule %i is inactive\n",i);
00097 printf("**************************************\n");
00098 #endif
00099
00100 return TRUE;
00101 }
00102
00106 int TestTCPDst(int PacketSlot, TestNode* Nodes)
00107 {
00108 unsigned short TCPDst;
00109 TCPDstData* t;
00110 TCPData* TData;
00111 int i;
00112 PacketRec* p;
00113
00114 DEBUGPATH;
00115
00116 if (!Nodes)
00117 return FALSE;
00118
00119 p = &Globals.Packets[PacketSlot];
00120
00121
00122 if (!GetDataByID(PacketSlot, TCPDecoderID, (void**)&TData)) {
00123 PRINTERROR("Failed to get TCP header data\n");
00124 return FALSE;
00125 }
00126
00127 TCPDst = ntohs(TData->Header->dest);
00128
00129 if (i == -1) {
00130 DBG( PRINTERROR("Couldn't find the tcp header\n") );
00131 return FALSE;
00132 }
00133
00134 #ifdef DEBUGMATCH
00135 printf("**************************************\n");
00136 printf("Before applying tcp dst tests\n");
00137 for (i=0;i<Globals.NumRules;i++)
00138 if (RuleIsActive(PacketSlot,i))
00139 printf("Rule %i is active\n",i);
00140 else
00141 printf("Rule %i is inactive\n",i);
00142 printf("**************************************\n");
00143 #endif
00144
00145 t = TCPDstHead;
00146 while (t) {
00147 if (!IsInList(t->Ports, TCPDst)){
00148
00149 NotAndBitFields(p->RuleBits, t->RuleBits, p->RuleBits, Globals.NumRules);
00150 }
00151 t = t->Next;
00152 }
00153
00154 #ifdef DEBUGMATCH
00155 printf("**************************************\n");
00156 for (i=0;i<Globals.NumRules;i++)
00157 if (RuleIsActive(PacketSlot,i))
00158 printf("Rule %i is active\n",i);
00159 else
00160 printf("Rule %i is inactive\n",i);
00161 printf("**************************************\n");
00162 #endif
00163
00164 return TRUE;
00165 }
00166
00170 int TCPDstAddNode(int TestID, int RuleID, char* Args)
00171 {
00172 TCPDstData* data;
00173 TCPDstData* t;
00174 TCPDstData* last;
00175
00176 DEBUGPATH;
00177
00178 data = calloc(sizeof(TCPDstData),1);
00179
00180
00181 data->Ports = InitNumList(LIST_TYPE_NORMAL);
00182 if (!AddRangesString(data->Ports, Args, NULL, 0)) {
00183 free(data);
00184 data = NULL;
00185 return FALSE;
00186 }
00187
00188
00189 if (!TCPDstHead) {
00190 DBG( PRINTERROR("First TCP Dest\n") );
00191 TCPDstHead = data;
00192 SetBit(data->RuleBits, Globals.NumRules, RuleID, 1);
00193 return TestAddNode(TestID, RuleID, (void*)data);
00194 } else {
00195 t = TCPDstHead;
00196 last = t;
00197 while (t) {
00198 if (NumListCompare(data->Ports, t->Ports)) {
00199 printf("This is a duplicate\n");
00200 DestroyNumList(data->Ports);
00201 free(data);
00202 data = NULL;
00203 SetBit(t->RuleBits, Globals.NumRules, RuleID, 1);
00204 #ifdef DEBUG
00205 for (i = 0; i < Globals.NumRules + 1; i++)
00206 if (GetBit(t->RuleBits, Globals.NumRules, i))
00207 PRINTERROR1("Bit %i is set\n",i);
00208 #endif
00209 return TestAddNode(TestID, RuleID, (void*)t);
00210 }
00211
00212 last = t;
00213 t = t->Next;
00214 }
00215
00216 DBG( PRINTERROR("This is a new one\n") );
00217 last->Next = data;
00218 SetBit(data->RuleBits, Globals.NumRules, RuleID, 1);
00219 return TestAddNode(TestID, RuleID, (void*)data);
00220 }
00221 }
00222
00226 int InitTestTCPDst()
00227 {
00228 int TestID;
00229
00230 DEBUGPATH;
00231
00232 TCPDstHead = NULL;
00233
00234 TestID = CreateTest("TCPDst");
00235 if (TestID == TEST_NONE)
00236 return FALSE;
00237
00238 if (!BindTestToDecoder(TestID, "TCP")) {
00239 PRINTERROR("Failed to Bind to TCP\n");
00240 return FALSE;
00241 }
00242
00243 snprintf(Globals.Tests[TestID].ShortName, MAX_NAME_LEN, "dst");
00244 Globals.Tests[TestID].AddNode = TCPDstAddNode;
00245 Globals.Tests[TestID].TestFunc = TestTCPDst;
00246
00247 TCPDecoderID = GetDecoderByName("TCP");
00248
00249 return TRUE;
00250 }
