00001 #include "test_udp_content.h"
00002 #include <stdio.h>
00003 #include <string.h>
00004 #include <stdlib.h>
00005 #include "../decoders/decode_udp.h"
00006 #include "../packets/packet.h"
00007 #include "../engine/jtree.h"
00008 #include <arpa/inet.h>
00009
00010 extern GlobalVars Globals;
00011
00012 typedef struct udp_content_data{
00013 unsigned char udp_content[MAX_CONTENT_LEN];
00014 } UDPContentData;
00015
00016
00017
00018
00019 int UDPDecoderID;
00020 JTree UDPContentTree;
00021
00022 #ifdef OLD_MATCH
00023
00024
00025
00026 int MatchString(char* Candidate, int CLen, char* Packet, int PLen){
00027 int i;
00028 int j;
00029 #ifdef DEBUGPATH
00030 printf("In MatchString\n");
00031 #endif
00032
00033 if (CLen<PLen) return FALSE;
00034
00035 for (i=0;i<PLen-CLen+1;i++){
00036 if (Packet[i]==Candidate[0]){
00037 for (j=1;j<CLen-1;j++){
00038 if (Packet[j+i]!=Candidate[j]) break;
00039 }
00040 if (j==(CLen-1)) return TRUE;
00041 }
00042 }
00043
00044 return FALSE;
00045 }
00046 #endif
00047
00048
00049
00050
00051 int TestUDPContent(int PacketSlot, TestNode* Nodes){
00052 PacketRec* p;
00053 #ifdef DEBUGMATCH
00054 int i;
00055 #endif
00056
00057 #ifdef DEBUGPATH
00058 printf("In TestUDPContent\n");
00059 #endif
00060
00061 #ifdef DEBUG
00062 printf("Testing UDP Content\n");
00063 #endif
00064
00065 p=&Globals.Packets[PacketSlot];
00066
00067 if (!Nodes) return FALSE;
00068
00069 #ifdef DEBUGMATCH
00070 printf("**************************************\n");
00071 printf("Before applying udp content tests\n");
00072 for (i=0;i<Globals.NumRules;i++)
00073 if (RuleIsActive(PacketSlot,i))
00074 printf("Rule %i is active\n",i);
00075 else
00076 printf("Rule %i is inactive\n",i);
00077 printf("**************************************\n");
00078 #endif
00079
00080 MatchStrings(&UDPContentTree, p->RuleBits, p->RawPacket+p->BeginData, p->PacketLen - p->BeginData);
00081
00082 #ifdef DEBUGMATCH
00083 printf("**************************************\n");
00084 for (i=0;i<Globals.NumRules;i++)
00085 if (RuleIsActive(PacketSlot,i))
00086 printf("Rule %i is active\n",i);
00087 else
00088 printf("Rule %i is inactive\n",i);
00089 printf("**************************************\n");
00090 #endif
00091
00092 return TRUE;
00093 }
00094
00095
00096
00097
00098 int UDPContentAddNode(int TestID, int RuleID, char* Args){
00099 UDPContentData* data;
00100
00101 #ifdef DEBUGPATH
00102 printf("In UDPContentAddNode\n");
00103 #endif
00104
00105 #ifdef DEBUG
00106 printf("Addding a Node with args %s\n",Args);
00107 #endif
00108
00109 data=calloc(sizeof(UDPContentData),1);
00110 snprintf(data->udp_content, MAX_CONTENT_LEN, Args);
00111
00112 if (!AddStringJTree(&UDPContentTree, Args, strlen(Args), RuleID)){
00113 printf("Failed to add to tree\n");
00114 free(data);
00115 data=NULL;
00116 return FALSE;
00117 }
00118
00119 return TestAddNode(TestID, RuleID, (void*)data);
00120 }
00121
00122
00123
00124
00125 int TestUDPContentFinishedSetup(){
00126 #ifdef DEBUGPATH
00127 printf("In TestUDPContentFinishedSetup\n");
00128 #endif
00129
00130 return FinalizeJTree(&UDPContentTree);
00131 }
00132
00133
00134
00135
00136 int InitTestUDPContent(){
00137 int TestID;
00138
00139 #ifdef DEBUGPATH
00140 printf("In InitTestUDPContent\n");
00141 #endif
00142
00143 InitJTree(&UDPContentTree, FALSE);
00144
00145 TestID=CreateTest("UDPContent");
00146 if (TestID==TEST_NONE) return FALSE;
00147
00148 if (!BindTestToDecoder(TestID, "UDP")){
00149 printf("Failed to Bind to UDP\n");
00150 return FALSE;
00151 }
00152
00153 snprintf(Globals.Tests[TestID].ShortName, MAX_NAME_LEN, "content");
00154 Globals.Tests[TestID].AddNode=UDPContentAddNode;
00155 Globals.Tests[TestID].TestFunc=TestUDPContent;
00156 Globals.Tests[TestID].FinishedSetup=TestUDPContentFinishedSetup;
00157
00158 UDPDecoderID=GetDecoderByName("UDP");
00159
00160 return TRUE;
00161 }
