sfportobject.c

著名的入侵检测系统snort的最新版本的源码

		return 0;

    /* Dup the Name */
    if( po->name )
        ponew->name = strdup(po->name);
    else
        ponew->name = strdup("dup");

    if( !ponew->name )
    {
        free( ponew );
        return NULL;    
    }
   
    /* Dup the Item List */
    if( po->item_list )
    {
	  for(poi =(PortObjectItem*)sflist_firstpos(po->item_list,&lpos);
	      poi!=0;
	      poi =(PortObjectItem*)sflist_nextpos(po->item_list,&lpos) )
	  {
        poinew = PortObjectItemDup( poi );
	    if(!poinew)
	  	    return 0;
	    PortObjectAddItem( ponew, poinew );
	  }
    }
	return ponew;
}

/*
 * Dup the PortObjects Item List, Name, and RuleList->RuleHash
 */
PortObject2 * PortObjectDup2( PortObject * po )
{
	PortObject2    * ponew = NULL;
    PortObjectItem * poi = NULL;
    PortObjectItem * poinew = NULL;
	SF_LNODE       * lpos = NULL;
    int            * prid = NULL;
    int            * prule = NULL;

    if( !po ) 
        return NULL;
    
    if( !po->rule_list )
        return NULL;
    
	ponew = PortObjectNew2(po->rule_list->count + PO_EXTRA_RULE_CNT);
	if( !ponew )
		return NULL;

    /* Dup the Name */
    if( po->name )
        ponew->name = strdup(po->name);
    else
        ponew->name = strdup("dup");

    if( !ponew->name )
    {
        free( ponew );
        return NULL;    
    }
   
    /* Dup the Item List */
    if( po->item_list )
    {
	  for(poi =(PortObjectItem*)sflist_firstpos(po->item_list,&lpos);
	      poi!=0;
	      poi =(PortObjectItem*)sflist_nextpos(po->item_list,&lpos) )
	  {
        poinew = PortObjectItemDup( poi );
	    if(!poinew)
	  	    return 0;
	    
        PortObjectAddItem( (PortObject*)ponew, poinew );
	  }
    }

    /* Dup the input rule list */
    if( po->rule_list )
    {
	  for(prid  = (int*)sflist_firstpos(po->rule_list,&lpos);
	      prid != 0;
	      prid  = (int*)sflist_nextpos(po->rule_list,&lpos) )
	  {
          prule = calloc(1,sizeof(int));
          if(!prule)
          {
             return NULL;
          }
          *prule = *prid;
          if( sfghash_add( ponew->rule_hash, prule, prule ) != SFGHASH_OK )
          {
              free( prule );
          }
	  }
    }
	return ponew;
}

/*
   Add a Port to a PortObject
*/
int PortObjectAddPort( PortObject * po, int port, int not_flag )
{
   PortObjectItem * poi;

   poi = PortObjectItemNew();
   if( !poi )
	   return -1;

   poi->type = PORT_OBJECT_PORT;

   if( not_flag )
	   poi->flags = PORT_OBJECT_NOT_FLAG;

   poi->lport = (unsigned short)port;
   poi->hport = (unsigned short)port;

   return  sflist_add_tail( po->item_list, poi );
}

/*
   Add a Port Range to a PortObject
*/
int PortObjectAddRange( PortObject * po, int lport, int hport, int not_flag )
{
   PortObjectItem * poi;

   poi = PortObjectItemNew();
   if( !poi )
	   return -1;

   poi->type = PORT_OBJECT_RANGE;

   if( not_flag )
	   poi->flags = PORT_OBJECT_NOT_FLAG;

   poi->lport = (unsigned short)lport;
   poi->hport = (unsigned short)hport;

   return  sflist_add_tail( po->item_list, poi );
}
/*
   Add ANY port
*/
int PortObjectAddPortAny( PortObject * po )
{
   PortObjectItem * poi;

   if(!po)
       return -1 ;

   poi = PortObjectItemNew();
   if( !poi )
	   return -1;

   poi->type = PORT_OBJECT_ANY;

   poi->lport = 0;
   poi->hport = 65535;

   if(!po->name)
       po->name = strdup("any");

   if(!po->name)
   {
       free(poi);
	   return -1;
   }
   return  sflist_add_tail( po->item_list, poi );
}

/*
 *  Check if we have any ANY ports 
 */
int PortObjectHasAny (PortObject * po )
{
     PortObjectItem *poi;

     if( !po )
         return 0;
     
     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
         if( poi->type == PORT_OBJECT_ANY ) 
             return 1;
     }
     return 0;
}
int PortObjectHasNot (PortObject * po )
{
     PortObjectItem *poi;

     if( !po )
         return 0;
     
     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
	     if ( poi->flags== PORT_OBJECT_NOT_FLAG) return 1;
     }
     return 0;
}
int PortObjectIsPureNot (PortObject * po )
{
     PortObjectItem *poi;
     int cnt=0;

     if( !po )
         return 0;
     
     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
         cnt++;
	     if ( poi->flags != PORT_OBJECT_NOT_FLAG)
              return 0;
     }

     if( cnt == 0 ) return 0;
     
     return 1;
}

/*
 * This does NOT return true if the object is an ANY port 
*/
int PortObjectHasPort (PortObject * po, int port )
{
     PortObjectItem *poi;

     if( !po )
         return 0;

     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
		switch( poi->type )
		{
        case PORT_OBJECT_ANY:
			return 0;

        case PORT_OBJECT_PORT:
			if( poi->lport == (u_int16_t)(port&0xffff) )
				return 1;
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
			    return 1;
			break;

        case PORT_OBJECT_RANGE:
			if( (u_int16_t)port >= poi->lport && 
                (u_int16_t)port <= poi->hport )
				return 1;
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
                return 1;
			break;
		}
     }
     return 0;
}
/* 
 * This returns true if the object is an ANY port 
 */
int PortObjectIncludesPort (PortObject * po, int port )
{
     PortObjectItem *poi;

     if( !po )
         return 0;

     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
		switch( poi->type )
		{
        case PORT_OBJECT_ANY:
			return 1;

        case PORT_OBJECT_PORT:
			if( poi->lport == (u_int16_t)port )
				return 1;
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
				return 1;
			break;

        case PORT_OBJECT_RANGE:
			if( (u_int16_t)port >= poi->lport && 
                (u_int16_t)port <= poi->hport )
				return 1;
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
				return 1;
			break;
		}
     }
     return 0;
}

/*
 *  Locate a PortObject by Port number , this only locates the 1st one
 *  This was a hack fro testing....
 */
PortObject * PortTableFindPortObjectByPort(  PortTable * p , int port )
{
   PortObject * po;
   SF_LNODE   * pos;

   for(po =(PortObject*)sflist_firstpos(p->pt_polist,&pos);
	   po!=0;
	   po =(PortObject*)sflist_nextpos(p->pt_polist,&pos) )
	{
      if( PortObjectHasPort ( po, port ) )
      {
         return po;
      }
   }
   return 0;
}
#ifdef XXXXX
void PortObjectSetAny( PortObject * po )
{
     PortObjectItem *poi;

     if( !po )
         return ;

     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
         poi->type = PORT_OBJECT_ANY;
         return ;
     }

     /* Must add an ANY port Item */
     PortObjectAddPortAny( po );
}
#endif
/*
 * Calcs number of ports in this object,
 * object do not have to  be normalized,
 * but if the same ports are referenced 
 * twice, the count will be off.
 * 
 * returns:
 *  any = -1
 *  0   = none/empty
 *  >0  = number of ports
*/
int PortObjectPortCount (PortObject * po )
{
     PortObjectItem *poi;
     int cnt=0;
     int nports;
     
     if( !po )
         return 0;

     for(poi=(PortObjectItem*)sflist_first(po->item_list);
         poi != 0;
         poi=(PortObjectItem*)sflist_next(po->item_list) )
     {
		switch( poi->type )
		{
        case PORT_OBJECT_ANY:
			return -1;

        case PORT_OBJECT_PORT:
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
            {
                cnt--;
            }
            else
            {
                cnt++;
            }
			break;

        case PORT_OBJECT_RANGE:
			nports = poi->hport - poi->lport + 1; 
            if( poi->flags & PORT_OBJECT_NOT_FLAG  )
            {
                cnt-=nports;
            }
            else
            {
                cnt+=nports;
            }
		}
     }

     if( cnt < 0 )
     {
         /* we have a pure not port or port range 
          *
          * !80    = -1, add 64K (65535 -1 = 65534)
          * !80:81 = -2, (65535 - 2 = 65533)
          *
          * [:1023,!80]  = 1024 - 1 = 1023 ports
          * 
          */
         cnt += 64*1024; /* add back in the acceptable ports */
     }
     
     return cnt;
}

/*
 *  Build a PortMap Char Array 
 *  returns:  0 if an  ANY port.
 *            n number of unique ports.
 */
char * PortObjectCharPortArray ( char * parray, PortObject * po, int * nports )
{
     int cnt = 0; 
     int not_cnt=0;
     PortObjectItem * poi;
	 SF_LNODE * pos;

     if( PortObjectHasAny ( po ) )
     {
         return 0; /* ANY =64K */
     }

     if( !parray )
     {
         parray = (char*) calloc(1,SFPO_MAX_PORTS);
         if( !parray )
             return 0;
     }

     for(poi=(PortObjectItem*)sflist_firstpos(po->item_list,&pos);
         poi != 0;
         poi=(PortObjectItem*)sflist_nextpos(po->item_list,&pos) )
     {
         /* Add ports that are not NOT'd */
         if( poi->flags & PORT_OBJECT_NOT_FLAG  )
		 {
			 not_cnt++;
             continue;
		 }
         
         if( poi->type == PORT_OBJECT_PORT  ) 
         {
             if( !parray[poi->lport] ) 
		  cnt++;

             parray[poi->lport] = 1;
         }

         else if( poi->type == PORT_OBJECT_RANGE )
         {
             int i;
             for(i=poi->lport;i<=poi->hport;i++)
             {
                if( !parray[i] ) 
		 cnt++;
                parray[i] = 1;
             }
         }
     }
    
     /* Remove any NOT'd ports that may have been added above */
     for(poi=(PortObjectItem*)sflist_firstpos(po->item_list,&pos);
         poi != 0;
         poi=(PortObjectItem*)sflist_nextpos(po->item_list,&pos) )
     {
         if( !( poi->flags & PORT_OBJECT_NOT_FLAG)  )
             continue;
         
         if( poi->type == PORT_OBJECT_PORT  ) 
         {
              if( parray[poi->lport] ) 
		  cnt--;

              parray[poi->lport] =0;
         }
         else if( poi->type == PORT_OBJECT_RANGE )
         {
              int i;

              for(i=poi->lport;i<=poi->hport;i++)
              {
                 if( parray[i] )
   		     cnt--;
                 parray[i] = 0;
              }
         }
     }


    /* A pure Not list */
    if( po->item_list->count == not_cnt )
	{
		int i;

		/* enable all of the ports */
        for(i=0;i<SFPO_MAX_PORTS;i++)
        {
            parray[i] =1;
			cnt++;
		}

		/* disable the NOT'd ports */