📄 dce2_config.c
字号:
break; } } else { uint8_t *port_array = NULL; unsigned int i; switch (dflag) { case DCE2_DETECT_FLAG__SMB: DCE2_ClearPorts(sc->http_server_ports); return; case DCE2_DETECT_FLAG__TCP: DCE2_ClearPorts(sc->http_server_ports); port_array = sc->auto_tcp_ports; break; case DCE2_DETECT_FLAG__UDP: DCE2_ClearPorts(sc->http_server_ports); port_array = sc->auto_udp_ports; break; case DCE2_DETECT_FLAG__HTTP_PROXY: DCE2_ClearPorts(sc->http_server_ports); return; case DCE2_DETECT_FLAG__HTTP_SERVER: DCE2_ClearPorts(sc->http_server_ports); port_array = sc->auto_http_server_ports; break; default: DCE2_Die("%s(%d) => %s: Invalid transport type.\n", __FILE__, __LINE__, DCE2_GNAME); break; } /* By default, only autodetect on ports 1025 and above, * and not on SMB or RPC over HTTP proxy */ for (i = DCE2_AUTO_PORTS__START; i < DCE2_PORTS__MAX; i++) DCE2_SetPort(port_array, (uint16_t)i); }}/******************************************************************** * Function: DCE2_CreateDefaultServerConfig() * * Creates a default server configuration for non-matching specific * server configurations. * * Arguments: None * * Returns: None * ********************************************************************/void DCE2_CreateDefaultServerConfig(void){ if (dce2_dconfig != NULL) return; dce2_dconfig = (DCE2_ServerConfig *)DCE2_Alloc(sizeof(DCE2_ServerConfig), DCE2_MEM_TYPE__CONFIG); if (dce2_dconfig == NULL) { DCE2_Die("%s: Failed to alloc memory for default server config.\n", DCE2_SNAME); } DCE2_ScInitConfig(dce2_dconfig);}/******************************************************************** * Function: DCE2_ServerConfigure() * * Parses the DCE/RPC server configuration and stores values in * server configuration. * * Arguments: * char * * snort.conf argument line for the dcerpc2 preprocessor. * * Returns: None * ********************************************************************/void DCE2_ServerConfigure(char *args){ DCE2_ServerConfig *sc; DCE2_Queue *ip_queue; DCE2_Ret status; if (dce2_gconfig == NULL) { DCE2_Die("%s(%d) => %s: \"%s\" must be configured first.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME, DCE2_GNAME); } /* Must have arguments */ if (DCE2_IsEmptyStr(args)) { DCE2_Die("%s(%d) => %s: No arguments to server configuration. Must " "have a \"%s\" or \"%s\" argument.\n,", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME, DCE2_SOPT__DEFAULT, DCE2_SOPT__NET ); } /* Alloc server config */ sc = (DCE2_ServerConfig *)DCE2_Alloc(sizeof(DCE2_ServerConfig), DCE2_MEM_TYPE__CONFIG); if (sc == NULL) { DCE2_Die("%s(%d) => %s: Failed to alloc memory for server config.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); } DCE2_ScInitConfig(sc); /* The ip queue stores the IPs from a specific server configuration * for adding to the routing tables */ ip_queue = DCE2_QueueNew(DCE2_ScIpListDataFree, DCE2_MEM_TYPE__CONFIG); if (ip_queue == NULL) { DCE2_Die("%s(%d) => %s: Failed to allocate memory for IP queue.\n", __FILE__, __LINE__, DCE2_GNAME); } status = DCE2_ScParseConfig(sc, args, ip_queue); if (status != DCE2_RET__SUCCESS) { DCE2_Die("%s(%d) => %s: Error parsing server configuration.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); } /* Check for overlapping detect ports */ DCE2_ScCheckPortOverlap(sc); if ((sc != dce2_dconfig) && DCE2_ScAddToRoutingTable(sc, ip_queue) != DCE2_RET__SUCCESS) { DCE2_Die("%s(%d) => %s: Error parsing server configuration.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); } DCE2_ScPrintConfig(sc, ip_queue); DCE2_QueueDestroy(ip_queue);}/******************************************************************** * Function: DCE2_ScParseConfig() * * Main parsing of a server configuration. Parses options and * passes off to individual option handling. * * Arguments: * DCE2_ServerConfig * * Pointer to a server configuration structure. * char * * Pointer to the configuration line. * DCE2_Queue * * Pointer to a queue for storing IPs. * * Returns: * DCE2_Ret * DCE2_RET__SUCCESS if parsing completed without error. * DCE2_RET__ERROR if an error occurred during parsing. * ********************************************************************/static DCE2_Ret DCE2_ScParseConfig(DCE2_ServerConfig *sc, char *args, DCE2_Queue *ip_queue){ DCE2_ScState state = DCE2_SC_STATE__ROPT_START; char *ptr, *end; char *opt_start = args; char last_char = 0; int option_mask = 0; ptr = args; end = ptr + strlen(args) + 1; /* Include NULL byte for state */ while (ptr < end) { char c = *ptr; switch (state) { case DCE2_SC_STATE__ROPT_START: if (DCE2_IsWordChar(c, DCE2_WORD_CHAR_POSITION__START)) { opt_start = ptr; state = DCE2_SC_STATE__ROPT; } else if (!DCE2_IsSpaceChar(c)) { _dpd.logMsg("%s(%d) => %s: Invalid option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_STATE__ROPT: if (!DCE2_IsWordChar(c, DCE2_WORD_CHAR_POSITION__MIDDLE)) { DCE2_ScOptFlag opt_flag; DCE2_Ret status; if (!DCE2_IsWordChar(last_char, DCE2_WORD_CHAR_POSITION__END)) { _dpd.logMsg("%s(%d) => %s: Invalid option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } opt_flag = DCE2_ScParseOption(opt_start, ptr, &option_mask); switch (opt_flag) { case DCE2_SC_OPT_FLAG__DEFAULT: if (dce2_dconfig != NULL) { _dpd.logMsg("%s(%d) => %s: Can only configure default " "configuration once.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } dce2_dconfig = sc; break; case DCE2_SC_OPT_FLAG__NET: status = DCE2_ParseIpList(&ptr, end, ip_queue); if (status != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server net.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; default: _dpd.logMsg("%s(%d) => %s: Invalid first option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } state = DCE2_SC_STATE__OPT_END; continue; } break; case DCE2_SC_STATE__OPT_START: if (DCE2_IsWordChar(c, DCE2_WORD_CHAR_POSITION__START)) { opt_start = ptr; state = DCE2_SC_STATE__OPT; } else if (!DCE2_IsSpaceChar(c)) { _dpd.logMsg("%s(%d) => %s: Invalid option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_STATE__OPT: if (!DCE2_IsWordChar(c, DCE2_WORD_CHAR_POSITION__MIDDLE)) { DCE2_ScOptFlag opt_flag; if (!DCE2_IsWordChar(last_char, DCE2_WORD_CHAR_POSITION__END)) { _dpd.logMsg("%s(%d) => %s: Invalid option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } opt_flag = DCE2_ScParseOption(opt_start, ptr, &option_mask); switch (opt_flag) { case DCE2_SC_OPT_FLAG__POLICY: if (DCE2_ScParsePolicy(sc, &ptr, end) != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server policy.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_OPT_FLAG__DETECT: if (DCE2_ScParseDetect(sc, &ptr, end, 0) != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server detect.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_OPT_FLAG__AUTODETECT: if (DCE2_ScParseDetect(sc, &ptr, end, 1) != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server detect.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_OPT_FLAG__NO_AUTODETECT_HTTP_PROXY_PORTS: sc->autodetect_http_proxy_ports = DCE2_CS__DISABLED; break; case DCE2_SC_OPT_FLAG__SMB_INVALID_SHARES: sc->smb_invalid_shares = DCE2_ListNew(DCE2_LIST_TYPE__NORMAL, DCE2_ScSmbShareCompare, DCE2_ScSmbShareFree, DCE2_ScSmbShareFree, DCE2_LIST_FLAG__NO_DUPS | DCE2_LIST_FLAG__INS_TAIL, DCE2_MEM_TYPE__CONFIG); if (sc->smb_invalid_shares == NULL) { _dpd.logMsg("%s(%d) => %s: %s: Failed to allocate memory " "for invalid share list.\n", __FILE__, __LINE__, DCE2_SNAME, DCE2_SOPT__SMB_INVALID_SHARES); return DCE2_RET__ERROR; } if (DCE2_ScParseSmbShares(sc, &ptr, end) != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server smb shares.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; case DCE2_SC_OPT_FLAG__SMB_MAX_CHAIN: if (DCE2_ScParseSmbMaxChain(sc, &ptr, end) != DCE2_RET__SUCCESS) { _dpd.logMsg("%s(%d) => %s: Failed to parse server smb max chain.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } break; default: _dpd.logMsg("%s(%d) => %s: Invalid option.\n", *_dpd.config_file, *_dpd.config_line, DCE2_SNAME); return DCE2_RET__ERROR; } state = DCE2_SC_STATE__OPT_END; continue; }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -