123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554 |
-
-
-
-
-
-
-
-
- #ifndef included_snfCFGmgr_hpp
- #define included_snfCFGmgr_hpp
-
- #include "GBUdb.hpp"
- #include "snf_HeaderFinder.hpp"
-
- #include "configuration.hpp"
- #include "threading.hpp"
- #include <string>
- #include <set>
-
- using namespace std;
-
- const unsigned long int HeaderDirectiveBypass = 0x00000001;
- const unsigned long int HeaderDirectiveWhite = 0x00000002;
- const unsigned long int HeaderDirectiveDrillDown = 0x00000004;
- const unsigned long int HeaderDirectiveSource = 0x00000008;
- const unsigned long int HeaderDirectiveContext = 0x80000000;
-
- class HeaderDirectiveHandler : public Configurator {
- public:
-
- HeaderDirectiveSet HeaderDirectives;
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
-
- if(HeaderDirectiveContext == ContextInput.Directive) {
- ContextInput.Context = HeaderDirectives.size() + 1;
- DirectiveInput.Context = ContextInput.Context;
- HeaderDirectives.insert(ContextInput);
- ContextInput.clear();
- }
-
- HeaderDirectives.insert(DirectiveInput);
- DirectiveInput.clear();
- }
-
- HeaderFinderPattern ContextInput;
- HeaderFinderPattern DirectiveInput;
-
- void reset() {
- HeaderDirectives.clear();
- ContextInput.clear();
- DirectiveInput.clear();
- }
-
- };
-
- class HeaderDirectiveInitializer : public Configurator {
- private:
-
- HeaderDirectiveHandler* MyTarget;
-
- public:
-
- HeaderDirectiveInitializer() : MyTarget(NULL) {}
-
- void setTarget(HeaderDirectiveHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->reset();
- }
- }
- };
-
- class HeaderDirectiveWhiteHeaderInitializer : public Configurator {
- private:
-
- HeaderDirectiveHandler* MyTarget;
-
- public:
-
- HeaderDirectiveWhiteHeaderInitializer() : MyTarget(NULL) {}
-
- void setTarget(HeaderDirectiveHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->ContextInput.clear();
- MyTarget->DirectiveInput.clear();
- MyTarget->DirectiveInput.Directive = HeaderDirectiveWhite;
- }
- }
- };
-
- class HeaderDirectiveBypassHeaderInitializer : public Configurator {
- private:
-
- HeaderDirectiveHandler* MyTarget;
-
- public:
-
- HeaderDirectiveBypassHeaderInitializer() : MyTarget(NULL) {}
-
- void setTarget(HeaderDirectiveHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->ContextInput.clear();
- MyTarget->DirectiveInput.clear();
- MyTarget->DirectiveInput.Directive = HeaderDirectiveBypass;
- }
- }
- };
-
- class HeaderDirectiveDrilldownInitializer : public Configurator {
- private:
-
- HeaderDirectiveHandler* MyTarget;
-
- public:
-
- HeaderDirectiveDrilldownInitializer() : MyTarget(NULL) {}
-
- void setTarget(HeaderDirectiveHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->ContextInput.clear();
- MyTarget->DirectiveInput.clear();
- MyTarget->DirectiveInput.Directive = HeaderDirectiveDrillDown;
- MyTarget->DirectiveInput.Header = "Received:";
- }
- }
- };
-
- class HeaderDirectiveSourceHeaderInitializer : public Configurator {
- private:
-
- HeaderDirectiveHandler* MyTarget;
-
- public:
-
- HeaderDirectiveSourceHeaderInitializer() : MyTarget(NULL) {}
-
- void setTarget(HeaderDirectiveHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->ContextInput.clear();
- MyTarget->DirectiveInput.clear();
- MyTarget->ContextInput.Directive = HeaderDirectiveContext;
- MyTarget->ContextInput.Header = "Received:";
- MyTarget->DirectiveInput.Directive = HeaderDirectiveSource;
- }
- }
- };
-
- class RangePoint {
- public:
-
- RangePoint() :
- Confidence(0.0),
- Probability(0.0) {}
-
- RangePoint(double C, double P) :
- Confidence(C),
- Probability(P) {}
-
- double Probability;
- double Confidence;
-
- bool operator<(const RangePoint& right) const {
- return (Confidence < right.Confidence);
- }
- bool operator>(const RangePoint& right) const {
- return (Confidence > right.Confidence);
- }
- bool operator==(const RangePoint& right) const {
- return (Confidence == right.Confidence);
- }
- bool operator<=(const RangePoint& right) const {
- return (Confidence <= right.Confidence);
- }
- bool operator>=(const RangePoint& right) const {
- return (Confidence >= right.Confidence);
- }
- };
-
- class RangeHandler : public Configurator {
- public:
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- EdgeMap.insert(EdgeInput);
- }
-
- bool On_Off;
- int Symbol;
- int Priority;
-
- RangePoint EdgeInput;
- set<RangePoint> EdgeMap;
-
- bool isInWhite(RangePoint& x);
- bool isInBlack(RangePoint& x);
-
- void reset() { EdgeMap.clear(); }
-
- };
-
- class RangeInitializer : public Configurator {
- private:
-
- RangeHandler* MyTarget;
-
- public:
-
- RangeInitializer() : MyTarget(NULL) {}
-
- void setTarget(RangeHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->reset();
- }
- }
- };
-
- class IntegerSetHandler : public Configurator {
- public:
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- IntegerSet.insert(IntegerInput);
- }
-
- int IntegerInput;
- set<int> IntegerSet;
-
- bool isListed(int x);
-
- void reset() { IntegerSet.clear(); }
- };
-
- class IntegerSetInitializer : public Configurator {
- private:
-
- IntegerSetHandler* MyTarget;
-
- public:
-
- IntegerSetInitializer() : MyTarget(NULL) {}
-
- void setTarget(IntegerSetHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->reset();
- }
- }
- };
-
- class XHDRSymbol {
- public:
- int Symbol;
- string Header;
- XHDRSymbol(int FreshSymbol, string FreshHeader) :
- Symbol(FreshSymbol),
- Header(FreshHeader) {}
-
- bool operator<(const XHDRSymbol& right) const {
- return (Symbol < right.Symbol);
- }
- };
-
- class XHDRSymbolsHandler : public Configurator {
- public:
- set<XHDRSymbol> SymbolHeaders;
-
- void reset() { SymbolHeaders.clear(); }
-
- string HeaderForSymbol(int S) {
- string MatchingHeader = "";
- set<XHDRSymbol>::iterator iS = SymbolHeaders.find(XHDRSymbol(S,""));
- if(SymbolHeaders.end() != iS) {
- MatchingHeader = (*iS).Header;
- }
- return MatchingHeader;
- }
-
- bool OnOff;
- int Symbol;
- string Header;
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(OnOff) {
- SymbolHeaders.insert(XHDRSymbol(Symbol, Header));
- }
- }
- };
-
- class XHDRSymbolsInitializer : public Configurator {
- private:
-
- XHDRSymbolsHandler* MyTarget;
-
- public:
-
- XHDRSymbolsInitializer() : MyTarget(NULL) {}
-
- void setTarget(XHDRSymbolsHandler& H) { MyTarget = &H; }
-
- void operator()(ConfigurationElement& E, ConfigurationData& D) {
- if(NULL!=MyTarget) {
- MyTarget->reset();
- }
- }
- };
-
- enum snfIPRange {
- Unknown,
- White,
- Normal,
- New,
- Caution,
- Black,
- Truncate
- };
-
- const int ScanLogMatches_All = 2;
- const int ScanLogMatches_Unique = 1;
- const int ScanLogMatches_None = 0;
-
- const int LogOutputMode_None = 0;
- const int LogOutputMode_API = 1;
- const int LogOutputMode_File = 2;
- const int LogOutputMode_Inject = 3;
-
- class snfCFGData {
- private:
-
- ConfigurationElement MyCFGReader;
-
- public:
-
- snfCFGData();
-
- void initializeFromFile(const char* FileName);
-
- int Generation;
-
-
-
- string ConfigFilePath;
- string RuleFilePath;
- string SecurityKey;
-
-
-
- string node_identity;
- string node_licenseid;
- string node_authentication;
-
-
-
- string paths_workspace_path;
- string paths_rulebase_path;
- string paths_log_path;
-
-
-
- bool Logs_Rotation_LocalTime_OnOff;
-
- bool Status_SecondReport_Log_OnOff;
- bool Status_SecondReport_Append_OnOff;
- bool Status_MinuteReport_Log_OnOff;
- bool Status_MinuteReport_Append_OnOff;
- bool Status_HourReport_Log_OnOff;
- bool Status_HourReport_Append_OnOff;
-
- bool Scan_Identifier_Force_Message_Id;
-
- int Scan_Classic_Mode;
- bool Scan_Classic_Rotate;
- int Scan_Classic_Matches;
-
- int Scan_XML_Mode;
- bool Scan_XML_Rotate;
- int Scan_XML_Matches;
- bool Scan_XML_Performance;
- bool Scan_XML_GBUdb;
-
-
-
- int XHDROutput_Mode;
-
- bool XHDRVersion_OnOff;
- string XHDRVersion_Header;
-
- bool XHDRLicense_OnOff;
- string XHDRLicense_Header;
-
- bool XHDRRulebase_OnOff;
- string XHDRRulebase_Header;
-
- bool XHDRIdentifier_OnOff;
- string XHDRIdentifier_Header;
-
- bool XHDRGBUdb_OnOff;
- string XHDRGBUdb_Header;
-
- bool XHDRResult_OnOff;
- string XHDRResult_Header;
-
- bool XHDRMatches_OnOff;
- string XHDRMatches_Header;
-
- bool XHDRBlack_OnOff;
- string XHDRBlack_Header;
-
- bool XHDRWhite_OnOff;
- string XHDRWhite_Header;
-
- bool XHDRClean_OnOff;
- string XHDRClean_Header;
-
- XHDRSymbolsHandler XHDRSymbolHeaders;
- XHDRSymbolsInitializer XHDRSymbolHeadersInitializer;
-
-
-
- string PlatformElementContents;
-
-
-
- int network_sync_secs;
- string network_sync_host;
- int network_sync_port;
-
- bool update_script_on_off;
- string update_script_call;
- int update_script_guard_time;
-
-
-
- int gbudb_database_condense_minimum_seconds_between;
- bool gbudb_database_condense_time_trigger_on_off;
- int gbudb_database_condense_time_trigger_seconds;
- bool gbudb_database_condense_posts_trigger_on_off;
- int gbudb_database_condense_posts_trigger_posts;
- bool gbudb_database_condense_records_trigger_on_off;
- int gbudb_database_condense_records_trigger_records;
- bool gbudb_database_condense_size_trigger_on_off;
- int gbudb_database_condense_size_trigger_megabytes;
-
- bool gbudb_database_checkpoint_on_off;
- int gbudb_database_checkpoint_secs;
-
- RangeHandler WhiteRangeHandler;
- RangeInitializer WhiteRangeInitializer;
-
- bool gbudb_regions_white_panic_on_off;
- int gbudb_regions_white_panic_rule_range;
-
- RangeHandler BlackRangeHandler;
- RangeInitializer BlackRangeInitializer;
-
- bool gbudb_regions_black_sample_on_off;
- double gbudb_regions_black_sample_probability;
- int gbudb_regions_black_sample_grab_one_in;
- bool gbudb_regions_black_sample_passthrough;
- int gbudb_regions_black_sample_passthrough_symbol;
- int gbudb_regions_black_truncate_symbol;
-
- bool gbudb_regions_black_truncate_on_off;
- double gbudb_regions_black_truncate_probability;
- int gbudb_regions_black_truncate_peek_one_in;
-
- RangeHandler CautionRangeHandler;
- RangeInitializer CautionRangeInitializer;
-
- snfIPRange RangeEvaluation(GBUdbRecord& R);
- snfIPRange RangeEvaluation(RangePoint& p);
-
- HeaderDirectiveHandler HeaderDirectivesHandler;
- HeaderDirectiveInitializer HeaderDirectivesInitializer;
- HeaderDirectiveSourceHeaderInitializer HDSourceHeaderInitializer;
- HeaderDirectiveDrilldownInitializer HDDrilldownInitializer;
- HeaderDirectiveBypassHeaderInitializer HDBypassHeaderInitializer;
- HeaderDirectiveWhiteHeaderInitializer HDWhiteHeaderInitializer;
-
- IntegerSetHandler TrainingBypassRuleHandler;
- IntegerSetInitializer TrainingBypassRuleInitializer;
-
- IntegerSetHandler TrainingWhiteRuleHandler;
- IntegerSetInitializer TrainingWhiteRuleInitializer;
-
- bool GBUdbTrainingOn_Off;
-
- IntegerSetHandler RulePanicHandler;
- IntegerSetInitializer RulePanicInitializer;
-
- bool XCI_OnOff;
- int XCI_Port;
-
- bool MessageFileTypeCGP_on_off;
-
- };
-
- class snfCFGmgr {
-
- private:
-
- Mutex myMutex;
-
- snfCFGData A;
- snfCFGData B;
-
- volatile bool AisActive;
-
- void swapCFGData();
- snfCFGData& ActiveData();
- snfCFGData& InactiveData();
-
- string InitFileName;
- string InitLicenseId;
- string InitAuthentication;
-
- string ConfigurationPath;
-
- public:
-
- snfCFGmgr();
-
- void initialize(
- const char* FileName,
- const char* LicenseId,
- const char* Authentication
- );
-
- class LoadFailure {};
-
- void load();
-
-
-
- string RuleFilePath();
- string SecurityKey();
-
- snfCFGData* ActiveConfiguration();
-
- };
-
- #include "snfCFGmgr.inline.hpp"
-
- #endif
|