4.12 DynamicPreprocessorData

DynamicPreprocessorData结构体中定义了预处理插件用来和Snort交互的相关接口。包括注册预处理插件的配置解析接口、重启接口、退出和处理接口；它还包括记录日志、错误信息和调试信息等日志处理模块；还有一些在串联模式下丢弃和访问StreamAPI接口；它还提供了访问非常规http数据接口和一个可选的数据缓存。这个数据结构在预处理插件加载时，被初始化。它定义在sf_dynamic_preprocessor.h中。

typedef struct _DynamicPreprocessorData
{
int version;
int size;

SFDataBuffer *altBuffer;
SFDataPointer *altDetect;
SFDataPointer *fileDataBuf;

LogMsgFunc logMsg;
LogMsgFunc errMsg;
LogMsgFunc fatalMsg;
DebugMsgFunc debugMsg;

PreprocRegisterFunc registerPreproc;
#ifdef SNORT_RELOAD
GetRelatedReloadDataFunc getRelatedReloadData;
#endif
AddPreprocFunc addPreproc;
AddPreprocFunc addPreprocAllPolicies;
GetSnortInstance getSnortInstance;
AddPreprocExit addPreprocExit;
AddPreprocConfCheck addPreprocConfCheck;
RegisterPreprocRuleOpt preprocOptRegister;
AddPreprocProfileFunc addPreprocProfileFunc;
ProfilingFunc profilingPreprocsFunc;
void *totalPerfStats;

AlertQueueAdd alertAdd;
GenSnortEvent genSnortEvent;
ThresholdCheckFunc thresholdCheck;
InlineDropFunc  inlineDropAndReset;
#ifdef ACTIVE_RESPONSE
ActiveEnableFunc activeSetEnabled;
#endif

DetectFunc detect;
DisableDetectFunc disableDetect;
DisableDetectFunc disableAllDetect;
DisableDetectFunc disablePacketAnalysis;

EnablePreprocessorFunc enablePreprocessor;

SessionAPI *sessionAPI;
StreamAPI *streamAPI;
SearchAPI *searchAPI;

char **config_file;
int *config_line;
printfappendfunc printfappend;
TokenSplitFunc tokenSplit;
TokenFreeFunc tokenFree;

GetRuleInfoByNameFunc getRuleInfoByName;
GetRuleInfoByIdFunc getRuleInfoById;
#ifdef SF_WCHAR
DebugWideMsgFunc debugWideMsg;
#endif

PreprocessFunc preprocess;

char **debugMsgFile;
int *debugMsgLine;

PreprocStatsRegisterFunc registerPreprocStats;
AddPreprocReset addPreprocReset;
AddPreprocResetStats addPreprocResetStats;
DisablePreprocessorsFunc disablePreprocessors;

IP6BuildFunc ip6Build;
IP6SetCallbacksFunc ip6SetCallbacks;

AlertQueueLog logAlerts;
AlertQueueControl resetAlerts;
AlertQueueControl pushAlerts;
AlertQueueControl popAlerts;

#ifdef TARGET_BASED
FindProtocolReferenceFunc findProtocolReference;
AddProtocolReferenceFunc addProtocolReference;
#if defined(FEAT_OPEN_APPID)
FindProtocolNameFunc findProtocolName;
#endif /* defined(FEAT_OPEN_APPID) */
IsAdaptiveConfiguredFunc isAdaptiveConfigured;
IsAdaptiveConfiguredForSnortConfigFunc isAdaptiveConfiguredForSnortConfig;
#endif

AddKeywordOverrideFunc preprocOptOverrideKeyword;
AddKeywordByteOrderFunc preprocOptByteOrderKeyword;
IsPreprocEnabledFunc isPreprocEnabled;

PortArrayFunc portObjectCharPortArray;

GetPolicyFunc getNapRuntimePolicy;
GetPolicyFunc getIpsRuntimePolicy;
GetParserPolicyFunc getParserPolicy;
GetPolicyFunc getDefaultPolicy;
SetPolicyFunc setParserPolicy;
SetFileDataPtrFunc setFileDataPtr;
DetectResetFunc DetectReset;
SetAltDecodeFunc SetAltDecode;
GetAltDetectFunc GetAltDetect;
SetAltDetectFunc SetAltDetect;
IsDetectFlagFunc Is_DetectFlag;
DetectFlagDisableFunc DetectFlag_Disable;
DynamicStrtol SnortStrtol;
DynamicStrtoul SnortStrtoul;
DynamicStrnStr SnortStrnStr;
DynamicStrncpy SnortStrncpy;
DynamicStrnPbrk SnortStrnPbrk;
DynamicStrcasestr SnortStrcasestr;
EvalRTNFunc fpEvalRTN;

ObfuscationApi *obApi;

EncodeNew encodeNew;
EncodeDelete encodeDelete;
EncodeFormat encodeFormat;
EncodeUpdate encodeUpdate;

NewGrinderPktPtr newGrinderPkt;
DeleteGrinderPktPtr deleteGrinderPkt;

AddPreprocFunc addDetect;
PafEnabledFunc isPafEnabled;
SCPacketTimeFunc pktTime;
SCGetPktTimeOfDay getPktTimeOfDay;
#ifdef SIDE_CHANNEL
SCEnabledFunc isSCEnabled;
SCRegisterRXHandlerFunc scRegisterRXHandler;
SCPreallocMessageTXFunc scAllocMessageTX;
SCEnqueueMessageTXFunc scEnqueueMessageTX;
#endif

GetLogDirectory getLogDirectory;

ControlSocketRegisterHandlerFunc controlSocketRegisterHandler;
RegisterIdleHandler registerIdleHandler;

GetPolicyFromIdFunc getPolicyFromId;
ChangePolicyFunc changeNapRuntimePolicy;
ChangePolicyFunc changeIpsRuntimePolicy;
InlineDropFunc  inlineForceDropPacket;
InlineDropFunc  inlineForceDropAndReset;
DynamicIsStrEmpty SnortIsStrEmpty;
AddMetaEvalFunc addMetaEval;
#ifdef ACTIVE_RESPONSE
DynamicSendBlockResponse dynamicSendBlockResponse;
#endif
DynamicSetFlowId dynamicSetFlowId;
AddPeriodicCheck addPeriodicCheck;
AddPostConfigFuncs addPostConfigFunc;
AddToPostConfList addFuncToPostConfigList;
char **snort_conf_dir;
AddOutPutModule addOutputModule;
CanWhitelist canWhitelist;
FileAPI *fileAPI;
DisableAllPoliciesFunc disableAllPolicies;
ReenablePreprocBitFunc reenablePreprocBit;
DynamicCheckValueInRangeFunc checkValueInRange;

SetHttpBufferFunc setHttpBuffer;
GetHttpBufferFunc getHttpBuffer;

#ifdef ACTIVE_RESPONSE
ActiveInjectDataFunc activeInjectData;
#endif
InlineDropFunc inlineDropPacket;
GetSSLCallbackFunc getSSLCallback;
SetSSLCallbackFunc setSSLCallback;
SslAppIdLookupFunc         sslAppIdLookup;
RegisterSslAppIdLookupFunc registerSslAppIdLookup;

GetAppIdFunc getAppId;
RegisterGetAppIdFunc registerGetAppId;

UrlQueryCreateFunc urlQueryCreate;
UrlQueryDestroyFunc urlQueryDestroy;
UrlQueryMatchFunc urlQueryMatch;
RegisterUrlQueryFunc registerUrlQuery;

UserGroupIdGetFunc userGroupIdGet;
RegisterUserGroupIdGetFunc registerUserGroupIdGet;

GeoIpAddressLookupFunc geoIpAddressLookup;
RegisterGeoIpAddressLookupFunc registerGeoIpAddressLookup;

UpdateSSLSSnLogDataFunc updateSSLSSnLogData;
RegisterUpdateSSLSSnLogDataFunc registerUpdateSSLSSnLogData;

EndSSLSSnLogDataFunc endSSLSSnLogData;
RegisterEndSSLSSnLogDataFunc registerEndSSLSSnLogData;

GetSSLActualActionFunc getSSLActualAction;
RegisterGetSSLActualActionFunc registerGetSSLActualAction;

GetIntfDataFunc getIntfData;
RegisterGetIntfDataFunc registerGetIntfData;
DynamicReadyForProcessFunc readyForProcess;
DynamicIsSSLPolicyEnabledFunc isSSLPolicyEnabled;
DynamicSetSSLPolicyEnabledFunc setSSLPolicyEnabled;
IsTestModeFunc isTestMode;

} DynamicPreprocessorData;