X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Fanalysisd%2Fdecoders%2Fdecoder.h;fp=src%2Fanalysisd%2Fdecoders%2Fdecoder.h;h=cc008daf8f2b071caad2942785f1e4a70e49efa1;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=84e9e8645f626d64113eba4a7afc024487cc9370;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git diff --git a/src/analysisd/decoders/decoder.h b/src/analysisd/decoders/decoder.h old mode 100755 new mode 100644 index 84e9e86..cc008da --- a/src/analysisd/decoders/decoder.h +++ b/src/analysisd/decoders/decoder.h @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/analysisd/decoders/decoder.h, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -8,18 +5,11 @@ * and/or modify it under the terms of the GNU General Public * License (version 2) as published by the FSF - Free Software * Foundation. - * - * License details at the LICENSE file included with OSSEC or - * online at: http://www.ossec.net/en/licensing.html */ - #ifndef __DECODER_H - #define __DECODER_H - -/* We need the eventinfo and os_regex in here */ #include "shared.h" #include "os_regex/os_regex.h" @@ -28,11 +18,11 @@ #define AFTER_PREVREGEX 0x004 /* 4 */ #define AFTER_ERROR 0x010 +struct _Eventinfo; /* Decoder structure */ -typedef struct -{ +typedef struct { u_int8_t get_next; u_int8_t type; u_int8_t use_own_name; @@ -42,37 +32,47 @@ typedef struct u_int16_t prematch_offset; int fts; + int accumulate; char *parent; char *name; char *ftscomment; + char **fields; + + OSRegex *regex; OSRegex *prematch; OSMatch *program_name; + OSPcre2 *pcre2; + OSPcre2 *prematch_pcre2; + OSPcre2 *program_name_pcre2; + void (*plugindecoder)(void *lf); - void (**order)(void *lf, char *field); -}OSDecoderInfo; + void* (**order)(struct _Eventinfo *, char *, int); +} OSDecoderInfo; /* List structure */ -typedef struct _OSDecoderNode -{ +typedef struct _OSDecoderNode { struct _OSDecoderNode *next; struct _OSDecoderNode *child; OSDecoderInfo *osdecoder; -}OSDecoderNode; - - +} OSDecoderNode; -/* Functions to Create the list, Add a osdecoder to the - * list and to get the first osdecoder. +/* Functions to Create the list, add a osdecoder to the + * list and to get the first osdecoder */ -void OS_CreateOSDecoderList(); +void OS_CreateOSDecoderList(void); int OS_AddOSDecoder(OSDecoderInfo *pi); -OSDecoderNode *OS_GetFirstOSDecoder(char *pname); -int getDecoderfromlist(char *name); +OSDecoderNode *OS_GetFirstOSDecoder(const char *pname); +int getDecoderfromlist(const char *name); +char *GetGeoInfobyIP(char *ip_addr); +int SetDecodeXML(void); +void HostinfoInit(void); +void SyscheckInit(void); +void RootcheckInit(void); +int ReadDecodeXML(const char *file); #endif -/* EOF */