X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fconfig%2Fsyscheck-config.h;h=51ca01a051be2924252524b97e5000732742fc82;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=b380e8ba7f251c4d50d3cbb1421dfa2012c8438f;hpb=301048b51990573e58a30dc4a5bb4ec285cad554;p=ossec-hids.git diff --git a/src/config/syscheck-config.h b/src/config/syscheck-config.h old mode 100755 new mode 100644 index b380e8b..51ca01a --- a/src/config/syscheck-config.h +++ b/src/config/syscheck-config.h @@ -1,5 +1,3 @@ -/* @(#) $Id$ */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -8,17 +6,14 @@ * License (version 2) as published by the FSF - Free Software * Foundation */ - #ifndef __SYSCHECKC_H #define __SYSCHECKC_H - #define MAX_DIR_SIZE 64 #define MAX_DIR_ENTRY 128 #define SYSCHECK_WAIT 300 - /* Checking options */ #define CHECK_MD5SUM 0000001 #define CHECK_PERM 0000002 @@ -28,59 +23,71 @@ #define CHECK_SHA1SUM 0000040 #define CHECK_REALTIME 0000100 #define CHECK_SEECHANGES 0000200 +#define CHECK_SHA256SUM 0000400 +#define CHECK_GENERIC 0001000 +#define CHECK_NORECURSE 0002000 #include -typedef struct _rtfim -{ + +#include "os_regex/os_regex.h" + +typedef struct _rtfim { int fd; - void *dirtb; - #ifdef WIN32 + OSHash *dirtb; +#ifdef WIN32 HANDLE evt; - #endif -}rtfim; +#endif +} rtfim; -typedef struct _config -{ - int tsleep; +typedef struct _config { + unsigned int tsleep; /* sleep for sometime for daemon to settle */ int sleep_after; - int rootcheck; - int disabled; + int rootcheck; /* set to 0 when rootcheck is disabled */ + int disabled; /* is syscheck disabled? */ int scan_on_start; int realtime_count; - - int time; - int queue; - - int *opts; + short skip_nfs; + + int time; /* frequency (secs) for syscheck to run */ + int queue; /* file descriptor of socket to write to queue */ + + int *opts; /* attributes set in the tag element */ - char *workdir; char *remote_db; char *db; - char *scan_day; - char *scan_time; - - char **ignore; - void **ignore_regex; - - char **dir; - void **filerestrict; + char *scan_day; /* run syscheck on this day */ + char *scan_time; /* run syscheck at this time */ + + char **ignore; /* list of files/dirs to ignore */ + OSMatch **ignore_regex; /* regex of files/dirs to ignore */ + + char **nodiff; /* list of files/dirs to never output diff */ + OSMatch **nodiff_regex; /* regex of files/dirs to never output diff */ + + char **dir; /* array of directories to be scanned */ + OSMatch **filerestrict; /* Windows only registry checking */ - #ifdef WIN32 - char **registry_ignore; - void **registry_ignore_regex; - char **registry; +#ifdef WIN32 + char **registry_ignore; /* list of registry entries to ignore */ + void **registry_ignore_regex; /* regex of registry entries to ignore */ + char **registry; /* array of registry entries to be scanned */ FILE *reg_fp; - #endif - - void *fp; +#endif + + OSHash *fp; rtfim *realtime; -}config; + char *prefilter_cmd; -#endif +} syscheck_config; + +int dump_syscheck_entry(syscheck_config *syscheck, const char *entry, int vals, int reg, const char *restrictfile) __attribute__((nonnull(1, 2))); + +char *syscheck_opts2str(char *buf, int buflen, int opts); + +#endif /* __SYSCHECKC_H */ -/* EOF */