-/* @(#) $Id: decoder.c,v 1.42 2009/06/24 17:06:23 dcid Exp $ */
+/* @(#) $Id$ */
/* Copyright (C) 2009 Trend Micro Inc.
* All rights reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
* Foundation.
*
* License details at the LICENSE file included with OSSEC or
#ifdef TESTRULE
- print_out("\n**Phase 2: Completed decoding.");
+ if(!alert_only)
+ {
+ print_out("\n**Phase 2: Completed decoding.");
+ }
#endif
do
#ifdef TESTRULE
- print_out(" decoder: '%s'", nnode->name);
+ if(!alert_only)print_out(" decoder: '%s'", nnode->name);
#endif
}while((node=node->next) != NULL);
#ifdef TESTRULE
- print_out(" No decoder matched.");
+ if(!alert_only)
+ {
+ print_out(" No decoder matched.");
+ }
#endif
}
void *DstUser_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" dstuser: '%s'", field);
+ if(!alert_only)print_out(" dstuser: '%s'", field);
#endif
lf->dstuser = field;
void *SrcUser_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" srcuser: '%s'", field);
+ if(!alert_only)print_out(" srcuser: '%s'", field);
#endif
lf->srcuser = field;
void *SrcIP_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" srcip: '%s'", field);
+ if(!alert_only)print_out(" srcip: '%s'", field);
#endif
lf->srcip = field;
void *DstIP_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" dstip: '%s'", field);
+ if(!alert_only)print_out(" dstip: '%s'", field);
#endif
lf->dstip = field;
void *SrcPort_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" srcport: '%s'", field);
+ if(!alert_only)print_out(" srcport: '%s'", field);
#endif
lf->srcport = field;
void *DstPort_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" dstport: '%s'", field);
+ if(!alert_only)print_out(" dstport: '%s'", field);
#endif
lf->dstport = field;
void *Protocol_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" proto: '%s'", field);
+ if(!alert_only)print_out(" proto: '%s'", field);
#endif
lf->protocol = field;
void *Action_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" action: '%s'", field);
+ if(!alert_only)print_out(" action: '%s'", field);
#endif
lf->action = field;
void *ID_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" id: '%s'", field);
+ if(!alert_only)print_out(" id: '%s'", field);
#endif
lf->id = field;
void *Url_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" url: '%s'", field);
+ if(!alert_only)print_out(" url: '%s'", field);
#endif
lf->url = field;
void *Data_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" extra_data: '%s'", field);
+ if(!alert_only)print_out(" extra_data: '%s'", field);
#endif
lf->data = field;
void *Status_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" status: '%s'", field);
+ if(!alert_only)print_out(" status: '%s'", field);
#endif
lf->status = field;
void *SystemName_FP(Eventinfo *lf, char *field)
{
#ifdef TESTRULE
- print_out(" system_name: '%s'", field);
+ if(!alert_only)print_out(" system_name: '%s'", field);
#endif
lf->systemname = field;