⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 match_http.c

📁 Firestorm NIDS是一个性能非常高的网络入侵检测系统 (NIDS)。目前
💻 C
字号:
🔍 
#include <stdlib.h>#include <stdio.h>#include <string.h>#include <netinet/in.h>#include <errno.h>#include <firestorm.h>#include <packet.h>#include <alert.h>#include <signature.h>#include <matcher.h>#include <decode.h>#include <plugin.h>PLUGIN_STD_DEFS();proc_template template_shortrange;proc_decode_proto decode_proto;struct proto *http_proto=NULL;int http_compare(void *p1, void *p2){	size_t *l1=p1;	char *m1=p1+sizeof(*l1);	size_t *l2=p2;	char *m2=p2+sizeof(*l2);	if ( *l1==*l2 && !memcmp(m1, m2, *l1) ) return 0;	return 1;}int http_method(struct packet *p, void *priv, unsigned int l, int n){	size_t *len=priv;	char *method=priv+sizeof(*len);	struct http_session *s;	l+=2;	if ( l>=p->llen ) return n^0;	if ( p->layer[l].proto!=http_proto ) return 0;	if ( !(s=p->layer[l].session) ) return 0;	if ( *len!=s->method_len ) return n^0;	/* TODO: case insensitive */	if ( memcmp(s->method, method, *len) ) return n^0;	return n^1;}proc_match_match http_method_v(char *arg, void **ptr,	struct criteria *m, u_int32_t *c){	char *p;	size_t *sz;	size_t len;	char *end;	if ( !http_proto && !(http_proto=decode_proto("http")) ) return NULL;	if ( !arg ) return NULL;	len=strlen(arg);	if ( !(p=malloc(len+sizeof(*sz))) ) return NULL;	sz=(size_t *)p;	*sz=len;	*ptr=p;	p+=sizeof(*sz);	for(end=arg+len; arg<end; p++, arg++) {		*p=toupper(*arg);	}	return http_method;}struct matcher http_matchers[]={	matcher_init("http_method", MCOST_APP, http_method_v, http_compare, MATCHER_FREE),	matcher_null()};int PLUGIN_MATCHER (struct matcher_api *m){	object_check(m);	if ( !m->matcher_add(http_matchers) )		return PLUGIN_ERR_FAIL;	return PLUGIN_ERR_OK;}int PLUGIN_INIT (struct plugin_in *in, struct plugin_out *out){	plugin_check(in, out);	PLUGIN_ID("match.http", "HTTP matching routines");	PLUGIN_VERSION(0, 1);	PLUGIN_AUTHOR("Gianni Tedesco", "gianni@scaramanga.co.uk");	PLUGIN_LICENSE("GPL");	return PLUGIN_ERR_OK;}int PLUGIN_UNLOAD (int code) {	return PLUGIN_ERR_OK;}

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -