return (0);
}
-static int snort_read(user_data_t *ud){
- instance_definition_t *id;
- metric_definition_t *md;
-
+static int snort_read_buffer (instance_definition_t *id,
+ char const *buffer, size_t buffer_size)
+{
int i;
- int fd;
- int metrics_num;
char **metrics;
- char **metrics_t;
+ int metrics_num;
- struct stat sb;
- char *buf, *buf_t;
+ char *buf, *buf_ptr;
/* mmap, char pointers */
- char *p_start;
- char *p_end;
-
- id = ud->data;
- DEBUG("snort plugin: snort_read (instance = %s)", id->name);
-
- fd = open(id->path, O_RDONLY);
- if (fd == -1){
- ERROR("snort plugin: Unable to open `%s'.", id->path);
- return (-1);
- }
-
- if ((fstat(fd, &sb) != 0) || (!S_ISREG(sb.st_mode))){
- ERROR("snort plugin: `%s' is not a file.", id->path);
- return (-1);
- }
-
- if (sb.st_size == 0){
- ERROR("snort plugin: `%s' is empty.", id->path);
- return (-1);
- }
-
- p_start = mmap(/* addr = */ NULL, sb.st_size, PROT_READ, MAP_SHARED, fd,
- /* offset = */ 0);
- if (p_start == MAP_FAILED){
- ERROR("snort plugin: mmap error");
- return (-1);
- }
+ char const *p_end;
/* Set the start value count. */
metrics_num = 1;
/* Set the pointer to the last line of the file and count the fields.
(Skip the last two characters of the buffer: `\n' and `\0') */
- for (p_end = (p_start + sb.st_size) - 2; p_end > p_start; --p_end){
+ for (p_end = (buffer + buffer_size) - 2; p_end > buffer; --p_end){
if (*p_end == ','){
++metrics_num;
} else if (*p_end == '\n'){
}
/* Copy the line to the buffer */
- buf_t = buf = strdup(p_end);
-
- /* Done with mmap and file pointer */
- close(fd);
- munmap(p_start, sb.st_size);
+ buf = strdup(p_end);
/* Create a list of all values */
metrics = calloc (metrics_num, sizeof (*metrics));
if (metrics == NULL) {
ERROR ("snort plugin: calloc failed.");
- return (-1);
+ sfree (buf);
+ return (ENOMEM);
}
- for (metrics_t = metrics; (*metrics_t = strsep(&buf_t, ",")) != NULL;)
- if (**metrics_t != '\0')
- if (++metrics_t >= &metrics[metrics_num])
- break;
+ buf_ptr = buf;
+ i = 0;
+ while (buf_ptr != NULL) {
+ char *next = strchr (buf_ptr, ',');
+ if (next != NULL) {
+ *next = 0;
+ next++;
+ }
+ metrics[i] = buf_ptr;
+ buf_ptr = next;
+ i++;
+ }
+ assert (i == metrics_num);
/* Set last time */
id->last = TIME_T_TO_CDTIME_T(strtol(*metrics, NULL, 0));
/* Register values */
for (i = 0; i < id->metric_list_len; ++i){
- md = id->metric_list[i];
+ metric_definition_t *md = id->metric_list[i];
if (md->index >= metrics_num) {
ERROR ("snort plugin: Metric \"%s\": Request for index %i when "
return (0);
}
+static int snort_read(user_data_t *ud){
+ instance_definition_t *id;
+
+ int fd;
+
+ struct stat sb;
+
+ /* mmap, char pointers */
+ char *p_start;
+
+ id = ud->data;
+ DEBUG("snort plugin: snort_read (instance = %s)", id->name);
+
+ fd = open(id->path, O_RDONLY);
+ if (fd == -1){
+ ERROR("snort plugin: Unable to open `%s'.", id->path);
+ return (-1);
+ }
+
+ if ((fstat(fd, &sb) != 0) || (!S_ISREG(sb.st_mode))){
+ ERROR("snort plugin: `%s' is not a file.", id->path);
+ close (fd);
+ return (-1);
+ }
+
+ if (sb.st_size == 0){
+ ERROR("snort plugin: `%s' is empty.", id->path);
+ close (fd);
+ return (-1);
+ }
+
+ p_start = mmap(/* addr = */ NULL, sb.st_size, PROT_READ, MAP_SHARED, fd,
+ /* offset = */ 0);
+ if (p_start == MAP_FAILED){
+ ERROR("snort plugin: mmap error");
+ close (fd);
+ return (-1);
+ }
+
+ snort_read_buffer (id, p_start, (size_t) sb.st_size);
+
+ /* Done with mmap and file pointer */
+ close(fd);
+ munmap(p_start, sb.st_size);
+ return (0);
+}
+
static void snort_metric_definition_destroy(void *arg){
metric_definition_t *md;
int status = 0;
int i;
- if ((ci->values_num != 1) || (ci->values[0].type != OCONFIG_TYPE_STRING)){
- WARNING("snort plugin: The `Metric' config option needs exactly one string argument.");
- return (-1);
- }
-
md = (metric_definition_t *)malloc(sizeof(*md));
if (md == NULL)
return (-1);
memset(md, 0, sizeof(*md));
- md->name = strdup(ci->values[0].value.string);
- if (md->name == NULL){
- free(md);
+ md->name = NULL;
+ status = cf_util_get_string (ci, &md->name);
+ if (status != 0) {
+ sfree (md);
return (-1);
}
/* Retrieve the data source type from the types db. */
ds = plugin_get_ds(md->type);
if (ds == NULL){
- WARNING("snort plugin: `Type' must be defined in `types.db'.");
+ ERROR ("snort plugin: Failed to look up type \"%s\". "
+ "It may not be defined in the types.db file. "
+ "Please read the types.db(5) manual page for more details.",
+ md->type);
snort_metric_definition_destroy(md);
return (-1);
+ } else if (ds->ds_num != 1) {
+ ERROR ("snort plugin: The type \"%s\" has %i data sources. "
+ "Only types with a single data soure are supported.",
+ ds->type, ds->ds_num);
+ return (-1);
} else {
md->data_source_type = ds->ds->type;
}