HLBR: tests/test_tcp_port.c Source File

00001 #include "test_tcp_port.h"
00002 #include <stdio.h>
00003 #include <string.h>
00004 #include <stdlib.h>
00005 #include "../decoders/decode_tcp.h"
00006 #include "../packets/packet.h"
00007 #include <arpa/inet.h>
00008 #include "../engine/num_list.h"
00009 
00010 extern GlobalVars       Globals;
00011 
00012 typedef struct tcp_port_data{
00013         NumList*                Ports;
00014 } TCPPortData;
00015 
00016 //#define DEBUG
00017 //#define DEBUGMATCH
00018 
00019 int TCPDecoderID;
00020 
00021 /******************************************
00022 * Apply the Test
00023 ******************************************/
00024 int TestTCPPort(int PacketSlot, TestNode* Nodes){
00025         unsigned short          TCPSrc;
00026         unsigned short          TCPDst;
00027         TCPPortData*            data;
00028         TCPData*                        TData;
00029         TestNode*                       Node;
00030         int                                     i;
00031         PacketRec*                      p;
00032 
00033 #ifdef DEBUGPATH
00034         printf("In TestTCPPort\n");
00035 #endif
00036 
00037 #ifdef DEBUG
00038         printf("Testing TCP Port\n");
00039 #endif  
00040         
00041         p=&Globals.Packets[PacketSlot];
00042         
00043         if (!Nodes) return FALSE;
00044         
00045         /*get the port out of the tcp header*/
00046         /*todo: make this more efficient*/
00047         for (i=p->NumDecoderData; i>=0;i--){
00048                 if (p->DecoderInfo[i].DecoderID==TCPDecoderID){
00049                         TData=(TCPData*)p->DecoderInfo[i].Data;
00050                         TCPSrc=ntohs(TData->Header->source);
00051                         TCPDst=ntohs(TData->Header->dest);
00052                         break;
00053                 }
00054         }
00055         
00056         if (i==-1){
00057 #ifdef DEBUG    
00058                 printf("Couldn't find the tcp header\n");
00059 #endif          
00060                 return FALSE;
00061         }
00062 
00063 #ifdef DEBUGMATCH
00064         printf("**************************************\n");
00065         printf("Before applying tcp port tests\n");
00066         for (i=0;i<Globals.NumRules;i++)
00067         if (RuleIsActive(p,i))
00068                 printf("Rule %i is active\n",i);
00069         else
00070                 printf("Rule %i is inactive\n",i);
00071         printf("**************************************\n");
00072 #endif  
00073         
00074         Node=Nodes;
00075         while(Node){
00076                 if (RuleIsActive(PacketSlot, Node->RuleID)){
00077                         data=(TCPPortData*)Node->Data;
00078                         if ( (!IsInList(data->Ports, TCPSrc)) && (!IsInList(data->Ports, TCPDst)) ){
00079 #ifdef DEBUGMATCH
00080                                 printf("TCP Port %u doesn't match %u\n", data->tcp_port, TCPPort);
00081 #endif                  
00082                                 SetRuleInactive(PacketSlot, Node->RuleID);
00083                         }
00084 #ifdef DEBUGMATCH                       
00085                         else{
00086                                 printf("TCP Port Matches\n");
00087                         }
00088                 }else{
00089                         printf("Rule is inactive\n");
00090 #endif                  
00091                 }
00092                 Node=Node->Next;
00093         }
00094         
00095 #ifdef DEBUGMATCH
00096         printf("**************************************\n");
00097         for (i=0;i<Globals.NumRules;i++)
00098         if (RuleIsActive(p,i))
00099                 printf("Rule %i is active\n",i);
00100         else
00101                 printf("Rule %i is inactive\n",i);
00102         printf("**************************************\n");
00103 #endif  
00104                 
00105         return TRUE;
00106 }
00107 
00108 /******************************************
00109 * Add a rule node to this test
00110 ******************************************/
00111 int TCPPortAddNode(int TestID, int RuleID, char* Args){
00112         TCPPortData*                    data;
00113 
00114 #ifdef DEBUGPATH
00115         printf("In TCPPortAddNode\n");
00116 #endif
00117 
00118 #ifdef DEBUG
00119         printf("Addding a Node with args %s\n",Args);
00120 #endif
00121 
00122         data=calloc(sizeof(TCPPortData),1);
00123 
00124         /*set up the number list*/
00125         data->Ports=InitNumList(LIST_TYPE_NORMAL);
00126         if (!AddRangesString(data->Ports, Args, NULL, 0)){
00127                 free(data);
00128                 data=NULL;
00129                 return FALSE;
00130         }
00131         
00132         return TestAddNode(TestID, RuleID, (void*)data);
00133 
00134 }
00135 
00136 /****************************************
00137 * Set up the test of the TCP Port Field
00138 *****************************************/
00139 int InitTestTCPPort(){
00140         int     TestID;
00141 
00142 #ifdef DEBUGPATH
00143         printf("In InitTestTCPPort\n");
00144 #endif
00145 
00146         TestID=CreateTest("TCPPort");
00147         if (TestID==TEST_NONE) return FALSE;
00148         
00149         if (!BindTestToDecoder(TestID, "TCP")){
00150                 printf("Failed to Bind to TCP\n");
00151                 return FALSE;
00152         } 
00153         
00154         snprintf(Globals.Tests[TestID].ShortName, MAX_NAME_LEN, "port");
00155         Globals.Tests[TestID].AddNode=TCPPortAddNode;
00156         Globals.Tests[TestID].TestFunc=TestTCPPort;
00157         
00158         TCPDecoderID=GetDecoderByName("TCP");
00159 
00160         return TRUE;
00161 }