X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Fconfig%2Fsyscheck-config.h;h=51ca01a051be2924252524b97e5000732742fc82;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=a56ad80656dae1abf1e564316599ff309c096920;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git diff --git a/src/config/syscheck-config.h b/src/config/syscheck-config.h old mode 100755 new mode 100644 index a56ad80..51ca01a --- a/src/config/syscheck-config.h +++ b/src/config/syscheck-config.h @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/config/syscheck-config.h, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,16 +7,13 @@ * Foundation */ - #ifndef __SYSCHECKC_H #define __SYSCHECKC_H - #define MAX_DIR_SIZE 64 #define MAX_DIR_ENTRY 128 #define SYSCHECK_WAIT 300 - /* Checking options */ #define CHECK_MD5SUM 0000001 #define CHECK_PERM 0000002 @@ -29,61 +23,71 @@ #define CHECK_SHA1SUM 0000040 #define CHECK_REALTIME 0000100 #define CHECK_SEECHANGES 0000200 +#define CHECK_SHA256SUM 0000400 +#define CHECK_GENERIC 0001000 +#define CHECK_NORECURSE 0002000 #include -typedef struct _rtfim -{ + +#include "os_regex/os_regex.h" + +typedef struct _rtfim { int fd; - void *dirtb; - #ifdef WIN32 + OSHash *dirtb; +#ifdef WIN32 HANDLE evt; - #endif -}rtfim; +#endif +} rtfim; -typedef struct _config -{ - int tsleep; /* sleep for sometime for daemon to settle */ +typedef struct _config { + unsigned int tsleep; /* sleep for sometime for daemon to settle */ int sleep_after; - int rootcheck; /* set to 0 when rootcheck is disabled */ - int disabled; /* is syscheck disabled? */ + int rootcheck; /* set to 0 when rootcheck is disabled */ + int disabled; /* is syscheck disabled? */ int scan_on_start; int realtime_count; + short skip_nfs; - int time; /* frequency (secs) for syscheck to run */ - int queue; /* file descriptor of socket to write to queue */ + int time; /* frequency (secs) for syscheck to run */ + int queue; /* file descriptor of socket to write to queue */ - int *opts; /* attributes set in the tag element */ + int *opts; /* attributes set in the tag element */ - char *workdir; /* set to the DEFAULTDIR (/var/ossec) */ char *remote_db; char *db; - char *scan_day; /* run syscheck on this day */ - char *scan_time; /* run syscheck at this time */ + char *scan_day; /* run syscheck on this day */ + char *scan_time; /* run syscheck at this time */ + + char **ignore; /* list of files/dirs to ignore */ + OSMatch **ignore_regex; /* regex of files/dirs to ignore */ - char **ignore; /* list of files/dirs to ignore */ - void **ignore_regex; /* regex of files/dirs to ignore */ + char **nodiff; /* list of files/dirs to never output diff */ + OSMatch **nodiff_regex; /* regex of files/dirs to never output diff */ - char **dir; /* array of directories to be scanned */ - void **filerestrict; + char **dir; /* array of directories to be scanned */ + OSMatch **filerestrict; /* Windows only registry checking */ - #ifdef WIN32 +#ifdef WIN32 char **registry_ignore; /* list of registry entries to ignore */ void **registry_ignore_regex; /* regex of registry entries to ignore */ char **registry; /* array of registry entries to be scanned */ FILE *reg_fp; - #endif +#endif - void *fp; + OSHash *fp; rtfim *realtime; char *prefilter_cmd; -}syscheck_config; +} syscheck_config; -#endif +int dump_syscheck_entry(syscheck_config *syscheck, const char *entry, int vals, int reg, const char *restrictfile) __attribute__((nonnull(1, 2))); + +char *syscheck_opts2str(char *buf, int buflen, int opts); + +#endif /* __SYSCHECKC_H */ -/* EOF */