[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

linker set patch

To: firestorm@xxxxxxxxxxxxxxxx
Subject: linker set patch
From: Sergey Lyubka <ioannvelikiy@xxxxxxxxx>
Date: Mon, 19 Jul 2004 18:33:08 +0000
Delivered-to: mailing list firestorm@scaramanga.co.uk
Mailing-list: contact firestorm-help@scaramanga.co.uk; run by ezmlm

the patch allows static linkage of all plugins
I have not patched autoconf stuff yet, I hate autoconf

key changes:

	o include/plugin.h, struct plugin_desc have been added 	references for
exported targets,protocols,fields, etc etc

	o loader.c now exports plugin_list, the global plugin list,
	to the outside world.

	o single linker set, for exported plugins, is used.

To try it:

	1. un-tar 0.5.5 source tree
	2. run configure there
	3. add -DUSE_LINKER_SET to the src/Makefile
	4. make the libfirestorm
	5. make -f nids.mk
	6. ./nids

If this is OK, then probably it may be integrated into autoconf build,
using conditionals.

tested on freebsd -current

diff -ruN firestorm-0.5.5/capdev_plugins/fagrouter.c firestorm/capdev_plugins/fagrouter.c
--- firestorm-0.5.5/capdev_plugins/fagrouter.c	Wed Jul 14 10:48:22 2004
+++ firestorm/capdev_plugins/fagrouter.c	Mon Jul 19 15:55:37 2004
@@ -469,7 +469,7 @@
 	}
 }
 
-struct capdev firestorm_capdevs[]={
+PLUGIN struct capdev firestorm_capdevs[]={
 	{
 		.name = "fagrouter",
 		.desc = "TCP stream reassembly test rig",
@@ -481,7 +481,7 @@
 	{.name = NULL},
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "capture.fagrouter",
 	.desc		= "TCP stream test rig",
@@ -489,4 +489,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 0,
 	.ver_minor	= 1,
+	.capdevs	= firestorm_capdevs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/capdev_plugins/linux.c firestorm/capdev_plugins/linux.c
--- firestorm-0.5.5/capdev_plugins/linux.c	Wed Jul 14 10:48:22 2004
+++ firestorm/capdev_plugins/linux.c	Mon Jul 19 15:36:46 2004
@@ -387,7 +387,7 @@
 	}
 }
 
-struct capdev firestorm_capdevs[]={
+PLUGIN struct capdev firestorm_capdevs[]={
 	{
 		.name = "linux",
 		.desc = "Fast live capture for Linux",
@@ -399,7 +399,7 @@
 	{ .name = NULL }
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "capture.linux",
 	.desc		= "Linux mmap() packet socket()",
@@ -407,4 +407,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 0,
+	.capdevs	= firestorm_capdevs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/capdev_plugins/pcap.c firestorm/capdev_plugins/pcap.c
--- firestorm-0.5.5/capdev_plugins/pcap.c	Wed Jul 14 10:48:22 2004
+++ firestorm/capdev_plugins/pcap.c	Mon Jul 19 15:30:54 2004
@@ -240,7 +240,7 @@
 		c->state = CAP_STATE_STOP;
 }
 
-struct capdev firestorm_capdevs[]={
+PLUGIN struct capdev firestorm_capdevs[]={
 	{
 		.name = "pcap",
 		.desc = "libpcap live capture",
@@ -260,7 +260,7 @@
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "capture.pcap",
 	.desc		= "libpcap capture",
@@ -268,4 +268,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 0,
+	.capdevs	= firestorm_capdevs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/capdev_plugins/tcpdump.c firestorm/capdev_plugins/tcpdump.c
--- firestorm-0.5.5/capdev_plugins/tcpdump.c	Wed Jul 14 10:48:22 2004
+++ firestorm/capdev_plugins/tcpdump.c	Mon Jul 19 15:36:24 2004
@@ -279,7 +279,7 @@
 	}
 }
 
-struct capdev firestorm_capdevs[]={
+PLUGIN struct capdev firestorm_capdevs[]={
 	{
 		.name = "tcpdump",
 		.desc = "A faster tcpdump file reader",
@@ -291,7 +291,7 @@
 	{ .name = NULL }
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "capture.tcpdump",
 	.desc		= "Reads packets in from tcpdump files",
@@ -299,4 +299,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.capdevs	= firestorm_capdevs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/arp.c firestorm/decode_plugins/arp.c
--- firestorm-0.5.5/decode_plugins/arp.c	Mon May 24 06:17:00 2004
+++ firestorm/decode_plugins/arp.c	Mon Jul 19 17:13:34 2004
@@ -244,13 +244,13 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &arp_p, .preq = arp_r},
 	{.proto = &rarp_p, .preq = rarp_r},
 	{.proto = NULL},
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.arp",
 	.desc		= "ARP/RARP",
@@ -258,4 +258,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 1,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/ether.c firestorm/decode_plugins/ether.c
--- firestorm-0.5.5/decode_plugins/ether.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/ether.c	Mon Jul 19 17:14:31 2004
@@ -241,7 +241,7 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &ether_p, .preq = ether_r},
 	{.proto = &mac_p, .preq = mac_r},
 	{.proto = &nw_p, .preq = mac_r},
@@ -250,7 +250,7 @@
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.ether",
 	.desc		= "Ethernet II, 802.3, LLC and SNAP",
@@ -258,4 +258,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 1,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/gre.c firestorm/decode_plugins/gre.c
--- firestorm-0.5.5/decode_plugins/gre.c	Mon May 24 06:17:00 2004
+++ firestorm/decode_plugins/gre.c	Mon Jul 19 17:17:07 2004
@@ -53,12 +53,12 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &gre_p, .preq = gre_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.gre",
 	.desc		= "Generic Routing Encapsulation",
@@ -66,4 +66,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/http.c firestorm/decode_plugins/http.c
--- firestorm-0.5.5/decode_plugins/http.c	Mon May 24 06:17:00 2004
+++ firestorm/decode_plugins/http.c	Mon Jul 19 17:19:18 2004
@@ -852,17 +852,17 @@
 	null_request()
 };
 
-struct proto_table firestorm_protocols[] = {
+PLUGIN struct proto_table firestorm_protocols[] = {
 	{.proto = &http_p, .preq = http_r},
 	{.proto = NULL}
 };
 
-struct preproc firestorm_preprocs[] = {
+PLUGIN struct preproc firestorm_preprocs[] = {
 	{.name = "http_normalize", .init = nads_init},
 	{.name = NULL },
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.http",
 	.desc		= "Hyper-text Transfer Protocol",
@@ -871,4 +871,7 @@
 	.ver_major	= 0,
 	.ver_minor	= 2,
 	.fini		= http_normalize_fini,
+	.protos		= firestorm_protocols,
+	.preprocs	= firestorm_preprocs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/igmp.c firestorm/decode_plugins/igmp.c
--- firestorm-0.5.5/decode_plugins/igmp.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/igmp.c	Mon Jul 19 17:28:49 2004
@@ -32,12 +32,12 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &igmp_p, .preq = igmp_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.igmp",
 	.desc		= "Internet Group Messaging Protocol",
@@ -45,4 +45,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/ipx.c firestorm/decode_plugins/ipx.c
--- firestorm-0.5.5/decode_plugins/ipx.c	Sun Apr 25 22:10:23 2004
+++ firestorm/decode_plugins/ipx.c	Mon Jul 19 17:18:26 2004
@@ -163,12 +163,12 @@
 	return detect_add_sig(&ipx_root, x, r->num_criteria, a);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &ipx_p, .preq = ipx_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.ipx",
 	.desc		= "Internetwork Packet eXchange",
@@ -176,4 +176,6 @@
 	.author_email	= "john@xxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 1,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/irda.c firestorm/decode_plugins/irda.c
--- firestorm-0.5.5/decode_plugins/irda.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/irda.c	Mon Jul 19 17:23:14 2004
@@ -34,12 +34,12 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &irda_p, .preq = irda_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.irda",
 	.desc		= "IRDA (Infra-Red)",
@@ -47,4 +47,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 0,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/rpc.c firestorm/decode_plugins/rpc.c
--- firestorm-0.5.5/decode_plugins/rpc.c	Sun Apr 25 22:10:23 2004
+++ firestorm/decode_plugins/rpc.c	Mon Jul 19 17:20:28 2004
@@ -245,12 +245,12 @@
 	{.name = NULL }
 };
 
-struct field_reg firestorm_fields[] = {
+PLUGIN struct field_reg firestorm_fields[] = {
 	{ .field = builtin_fields },
 	{ .field = NULL }
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.rpc",
 	.desc		= "RPC matching routines",
@@ -258,4 +258,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.fields		= firestorm_fields,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/sap.c firestorm/decode_plugins/sap.c
--- firestorm-0.5.5/decode_plugins/sap.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/sap.c	Mon Jul 19 17:22:41 2004
@@ -59,12 +59,12 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &sap_p, .preq = sap_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.sap",
 	.desc		= "Service Advertising Protocol",
@@ -72,4 +72,6 @@
 	.author_email	= "john@xxxxxxxxxxxxxxx",
 	.ver_major	= 0,
 	.ver_minor	= 2,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/sll.c firestorm/decode_plugins/sll.c
--- firestorm-0.5.5/decode_plugins/sll.c	Mon Jul 12 23:36:44 2004
+++ firestorm/decode_plugins/sll.c	Mon Jul 19 17:19:46 2004
@@ -247,14 +247,14 @@
 	null_request()
 };
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &sll_p, .preq = sll_r},
 	{.proto = &lsll_p, .preq = lsll_r},
 	{.proto = &null_p, .preq = null_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.sll",
 	.desc		= "Linux SLL and others",
@@ -262,4 +262,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 1,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/smtp.c firestorm/decode_plugins/smtp.c
--- firestorm-0.5.5/decode_plugins/smtp.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/smtp.c	Mon Jul 19 17:17:44 2004
@@ -126,12 +126,12 @@
 	null_request()
 };
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &smtp_p, .preq = smtp_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.smtp",
 	.desc		= "Simple Mail Transfer Protocol",
@@ -139,4 +139,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 0,
 	.ver_minor	= 1,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/tcpip.c firestorm/decode_plugins/tcpip.c
--- firestorm-0.5.5/decode_plugins/tcpip.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/tcpip.c	Mon Jul 19 17:15:40 2004
@@ -20,7 +20,7 @@
 		tcpstream_free();
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &ipv4_p, .preq = ipv4_r},
 	{.proto = &icmp_p, .preq = icmp_r},
 	{.proto = &tcp_p, .preq = tcp_r},
@@ -28,13 +28,13 @@
 	{.proto = NULL},
 };
 
-struct preproc firestorm_preprocs[]={
+PLUGIN struct preproc firestorm_preprocs[]={
 	{.name = "ipfrag", .init = ipfrag_init},
 	{.name = "tcpstream", .init = tcpstream_init},
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.tcpip",
 	.desc		= "The Internet Protocol Suite",
@@ -43,4 +43,7 @@
 	.ver_major	= 2,
 	.ver_minor	= 0,
 	.fini		= tcpip_fini,
+	.protos		= firestorm_protocols,
+	.preprocs	= firestorm_preprocs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/decode_plugins/vlan.c firestorm/decode_plugins/vlan.c
--- firestorm-0.5.5/decode_plugins/vlan.c	Sun Apr  4 13:00:01 2004
+++ firestorm/decode_plugins/vlan.c	Mon Jul 19 17:16:32 2004
@@ -79,12 +79,12 @@
 	dispatch(p);
 }
 
-struct proto_table firestorm_protocols[]={
+PLUGIN struct proto_table firestorm_protocols[]={
 	{.proto = &vlan_p, .preq = vlan_r},
 	{.proto = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "decode.vlan",
 	.desc		= "802.1q aka vlan",
@@ -92,4 +92,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 0,
+	.protos		= firestorm_protocols,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/include/loader.h firestorm/include/loader.h
--- firestorm-0.5.5/include/loader.h	Sun Apr  4 13:00:01 2004
+++ firestorm/include/loader.h	Mon Jul 19 16:17:50 2004
@@ -21,4 +21,6 @@
 int loader_load(const char *fn);
 void loader_find_syms(const char *sym, loader_cb_t cb);
 
+extern struct plugin *plugin_list;
+
 #endif /* __LOADER_HEADER_INCLUDED__ */
diff -ruN firestorm-0.5.5/include/plugin.h firestorm/include/plugin.h
--- firestorm-0.5.5/include/plugin.h	Sun Apr  4 13:00:01 2004
+++ firestorm/include/plugin.h	Mon Jul 19 17:30:29 2004
@@ -17,6 +17,37 @@
 	short ver_minor;
 	void (*init)(void);
 	void (*fini)(void);
+
+	struct proto_table	*protos;
+	struct capdev		*capdevs;
+	struct preproc		*preprocs;
+	struct field_reg	*fields;
+	struct parser		*parsers;
+	struct target		*targets;
 };
+
+#ifdef USE_LINKER_SET
+
+/* Assign symbol to linker set */
+#define MKLSET(set,sym)                                                 \
+        static void const * const __set_ ## set ## _  ## sym            \
+	__attribute__((__section__("set_" # set))) __unused = &sym
+
+#define	DECLARE_LSET(set)						\
+		extern void const *const __start_set_ ## set;		\
+		extern void const *const __stop_set_ ## set
+
+#define	PLUGIN	static
+
+DECLARE_LSET(plugin);
+
+#else
+
+#define	MKLSET(set,sym)
+#define	PLUGIN
+
+#endif /* USE_LINKER_SET */
+
+#define	DECLARE_PLUGIN(sym)		MKLSET(plugin, sym)
 
 #endif /* __PLUGIN_HEADER_INCLUDED__ */
diff -ruN firestorm-0.5.5/matcher_plugins/match_str.c firestorm/matcher_plugins/match_str.c
--- firestorm-0.5.5/matcher_plugins/match_str.c	Sun Apr 25 22:10:23 2004
+++ firestorm/matcher_plugins/match_str.c	Mon Jul 19 17:53:22 2004
@@ -574,13 +574,13 @@
 	{.name = NULL }
 };
 
-struct field_reg firestorm_fields[] = {
+PLUGIN struct field_reg firestorm_fields[] = {
 	{ .field = builtin_fields },
 	{ .field = NULL }
 };
 
 /* Wu-Mamber setwise string matching */
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "matcher.str",
 	.desc		= "String matching routines",
@@ -588,4 +588,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.fields		= firestorm_fields,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/nids.mk firestorm/nids.mk
--- firestorm-0.5.5/nids.mk	Thu Jan  1 00:00:00 1970
+++ firestorm/nids.mk	Mon Jul 19 17:57:31 2004
@@ -0,0 +1,63 @@
+
+CFLAGS=	-g -Wall -Werror -Iinclude -I. -DHAVE_CONFIG_H -DUSE_LINKER_SET
+SRCS=	src/s_alert.c				\
+	src/s_mesg.c				\
+	src/sensor.c				\
+	src/conf.c				\
+	preproc_plugins/spoon.c 		\
+	preproc_plugins/dataset.c		\
+	preproc_plugins/bad.c			\
+	preproc_plugins/macwatch.c		\
+	preproc_plugins/interpolation.c		\
+	preproc_plugins/network.c		\
+	capdev_plugins/fagrouter.c		\
+	capdev_plugins/pcap.c			\
+	capdev_plugins/tcpdump.c		\
+	decode_plugins/arp.c			\
+	decode_plugins/match_ip_frag.c		\
+	decode_plugins/ether.c			\
+	decode_plugins/match_ip_opts.c		\
+	decode_plugins/gre.c			\
+	decode_plugins/match_tcp_flags.c	\
+	decode_plugins/http.c			\
+	decode_plugins/match_tcp_flow.c		\
+	decode_plugins/http_emulator.c		\
+	decode_plugins/rpc.c			\
+	decode_plugins/http_normalize.c		\
+	decode_plugins/sap.c			\
+	decode_plugins/http_serialize.c		\
+	decode_plugins/sll.c			\
+	decode_plugins/icmp.c			\
+	decode_plugins/smtp.c			\
+	decode_plugins/igmp.c			\
+	decode_plugins/tcp.c			\
+	decode_plugins/ip.c			\
+	decode_plugins/tcpip.c			\
+	decode_plugins/ipfrag.c			\
+	decode_plugins/tcpip_fields.c		\
+	decode_plugins/ipx.c			\
+	decode_plugins/tcpstream.c		\
+	decode_plugins/irda.c			\
+	decode_plugins/udp.c			\
+	decode_plugins/match_ip_addr.c		\
+	decode_plugins/vlan.c			\
+	parser_plugins/snort.c			\
+	target_plugins/elog.c			\
+	target_plugins/dump.c			\
+	target_plugins/log.c			\
+	matcher_plugins/match_str.c		\
+	matcher_plugins/mwm.c	
+
+OBJS=	$(SRCS:%.c=%.o)
+PROG=	nids
+
+all:	$(PROG)
+	
+$(PROG): $(OBJS)
+	$(CC) $(OBJS) -Lsrc/.libs -lfirestorm -lm -lpcap -o $@
+
+.c.o:
+	$(CC) -c $(CFLAGS) $< -o $@
+
+clean:
+	rm -f $(OBJS)
diff -ruN firestorm-0.5.5/parser_plugins/snort.c firestorm/parser_plugins/snort.c
--- firestorm-0.5.5/parser_plugins/snort.c	Mon May 24 06:17:00 2004
+++ firestorm/parser_plugins/snort.c	Mon Jul 19 17:50:32 2004
@@ -1140,12 +1140,12 @@
 	return 1;
 }
 
-struct parser firestorm_parsers[]={
+PLUGIN struct parser firestorm_parsers[]={
 	{ .name="snort", .load_file=snort_run},
 	{.name = NULL }
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "parser.snort",
 	.desc		= "Snort ruleset loader",
@@ -1153,4 +1153,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 2,
 	.ver_minor	= 0,
+	.parsers	= firestorm_parsers,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/preproc_plugins/bad.c firestorm/preproc_plugins/bad.c
--- firestorm-0.5.5/preproc_plugins/bad.c	Fri Apr 23 15:08:07 2004
+++ firestorm/preproc_plugins/bad.c	Mon Jul 19 15:36:01 2004
@@ -388,17 +388,19 @@
 /* the api stuff */
 /*****************/
 
-struct preproc firestorm_preprocs[] = {
+PLUGIN struct preproc firestorm_preprocs[] = {
 	{.name = "bad", .init = bad_init},
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "preproc.bad", 
 	.desc		= "B.A.D. - Bottleneck Anomoly Detector",
 	.author_name	= "Jamie Twycross", 
 	.author_email	= "milieu3@xxxxxxxxxxxxxx",
 	.ver_major	= 0,
-	.ver_minor	= 3
+	.ver_minor	= 3,
+	.preprocs	= firestorm_preprocs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/preproc_plugins/macwatch.c firestorm/preproc_plugins/macwatch.c
--- firestorm-0.5.5/preproc_plugins/macwatch.c	Fri Apr 23 15:08:07 2004
+++ firestorm/preproc_plugins/macwatch.c	Mon Jul 19 17:24:13 2004
@@ -346,17 +346,19 @@
 				macwatch_free, NULL);
 }
 
-struct preproc firestorm_preprocs[] = {
+PLUGIN struct preproc firestorm_preprocs[] = {
 	{.name = "macwatch", .init = macwatch_init},
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
-	.size = sizeof(firestorm_plugin_desc),
-	.name = "preproc.macwatch",
-	.desc = "MAC address change watcher",
-	.author_name = "John Leach",
-	.author_email = "john@xxxxxxxxxxxxxxx",
-	.ver_major = 0,
-	.ver_minor = 6,
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
+	.size		= sizeof(firestorm_plugin_desc),
+	.name		= "preproc.macwatch",
+	.desc		= "MAC address change watcher",
+	.author_name	= "John Leach",
+	.author_email	= "john@xxxxxxxxxxxxxxx",
+	.ver_major	= 0,
+	.ver_minor	= 6,
+	.preprocs	= firestorm_preprocs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/preproc_plugins/network.c firestorm/preproc_plugins/network.c
--- firestorm-0.5.5/preproc_plugins/network.c	Fri Nov 14 10:25:54 2003
+++ firestorm/preproc_plugins/network.c	Mon Jul 19 13:11:38 2004
@@ -11,7 +11,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <malloc.h>
 #include <math.h>
 
 /************/
diff -ruN firestorm-0.5.5/preproc_plugins/spoon.c firestorm/preproc_plugins/spoon.c
--- firestorm-0.5.5/preproc_plugins/spoon.c	Sun Apr  4 13:00:01 2004
+++ firestorm/preproc_plugins/spoon.c	Mon Jul 19 15:34:59 2004
@@ -101,12 +101,12 @@
 	}
 }
 
-struct preproc firestorm_preprocs[]={
+PLUGIN struct preproc firestorm_preprocs[]={
 	{.name = "spoon", .init = spoon_init},
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size 		= sizeof(firestorm_plugin_desc),
 	.name 		= "preproc.spoon",
 	.desc 		= "S.P.O.O.N. Anomaly Detection",
@@ -114,4 +114,6 @@
 	.author_email 	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major 	= 0,
 	.ver_minor 	= 1,
+	.preprocs	= firestorm_preprocs,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/src/capdev.c firestorm/src/capdev.c
--- firestorm-0.5.5/src/capdev.c	Mon Jul 12 21:42:36 2004
+++ firestorm/src/capdev.c	Mon Jul 19 17:08:41 2004
@@ -49,7 +49,15 @@
 
 void capdev_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->capdevs)
+			capdev_add(p, p->d->capdevs);
+
+#if 0
 	loader_find_syms("firestorm_capdevs", (loader_cb_t)capdev_add);
+#endif
 }
 
 /* Find a capdev with the specified name */
diff -ruN firestorm-0.5.5/src/conf.c firestorm/src/conf.c
--- firestorm-0.5.5/src/conf.c	Mon May 24 06:17:00 2004
+++ firestorm/src/conf.c	Mon Jul 19 17:36:23 2004
@@ -409,6 +409,31 @@
 			firestorm_exit(EXIT_FAILURE, "/: chdir(): %s", sys_err());
 	}
 
+#ifdef USE_LINKER_SET
+	struct plugin_desc **pp = (struct plugin_desc **) &__start_set_plugin;
+	do {
+		struct plugin *p = calloc(1, sizeof(*p));
+
+		if (!p)
+			break;
+
+		p->d = *pp;
+		
+		/* Run the init function */
+		if (p->d->init )
+			p->d->init();
+
+		mesg(M_INFO, "plugin: %s[%i.%i]: %s",
+				p->d->name,
+				p->d->ver_major,
+				p->d->ver_minor,
+				p->d->desc);
+		
+		p->next = plugin_list;
+		plugin_list = p;
+
+	} while (++pp < (struct plugin_desc **) &__stop_set_plugin);
+#else
 	/* load plugins from directories */
 	while(cnf_plugins) {
 		c=cnf_plugins;
@@ -428,6 +453,7 @@
 		free(c->data);
 		free(c);
 	}
+#endif /* !USE_LINKER_SET */
 
 	/* Load in the actual objects that we want */
 	decode_load();
diff -ruN firestorm-0.5.5/src/decode.c firestorm/src/decode.c
--- firestorm-0.5.5/src/decode.c	Mon Apr 26 00:59:58 2004
+++ firestorm/src/decode.c	Mon Jul 19 17:01:35 2004
@@ -217,7 +217,15 @@
 
 void decode_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->protos)
+			decode_register(p, p->d->protos);
+
+#if 0
 	loader_find_syms("firestorm_protocols", (loader_cb_t)decode_register);
+#endif /* USE_LINKER_SET */
 	decode_resolve_all();
 }
 
diff -ruN firestorm-0.5.5/src/field.c firestorm/src/field.c
--- firestorm-0.5.5/src/field.c	Fri May 21 20:18:36 2004
+++ firestorm/src/field.c	Mon Jul 19 17:26:37 2004
@@ -234,7 +234,14 @@
 
 void field_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->fields)
+			field_register(p, p->d->fields);
+#if 0
 	loader_find_syms("firestorm_fields", (loader_cb_t)field_register);
+#endif
 }
 
 void __private field_init(void)
diff -ruN firestorm-0.5.5/src/loader.c firestorm/src/loader.c
--- firestorm-0.5.5/src/loader.c	Sun Apr  4 13:00:01 2004
+++ firestorm/src/loader.c	Mon Jul 19 16:17:36 2004
@@ -43,7 +43,7 @@
 #define LINK_MODE RTLD_LAZY
 #endif
 
-static struct plugin *plugin_list=NULL;
+struct plugin *plugin_list=NULL;
 
 static void loader_cleanup(struct packet *pkt, int l, void *priv)
 {
diff -ruN firestorm-0.5.5/src/parser.c firestorm/src/parser.c
--- firestorm-0.5.5/src/parser.c	Sun Jul  4 16:38:10 2004
+++ firestorm/src/parser.c	Mon Jul 19 17:27:05 2004
@@ -45,5 +45,12 @@
 
 void parser_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->parsers)
+			parser_add(p, p->d->parsers);
+#if 0
 	loader_find_syms("firestorm_parsers", (loader_cb_t)parser_add);
+#endif
 }
diff -ruN firestorm-0.5.5/src/preproc.c firestorm/src/preproc.c
--- firestorm-0.5.5/src/preproc.c	Sun Apr  4 13:00:01 2004
+++ firestorm/src/preproc.c	Mon Jul 19 17:45:59 2004
@@ -75,7 +75,14 @@
 
 void preproc_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->preprocs) 
+			preproc_add(p, p->d->preprocs);
+#if 0
 	loader_find_syms("firestorm_preprocs", (loader_cb_t)preproc_add);
+#endif
 }
 
 void dispatch(struct packet *p)
diff -ruN firestorm-0.5.5/src/target.c firestorm/src/target.c
--- firestorm-0.5.5/src/target.c	Mon Apr 26 20:08:56 2004
+++ firestorm/src/target.c	Mon Jul 19 17:43:39 2004
@@ -26,7 +26,14 @@
 /* Load all target plugins */
 void target_load(void)
 {
+	struct plugin	*p;
+
+	for (p = plugin_list; p; p = p->next)
+		if (p->d->targets)
+			target_add(p, p->d->targets);
+#if 0
 	loader_find_syms("firestorm_targets", (loader_cb_t)target_add);
+#endif
 }
 
 /* Find a target by its name */
diff -ruN firestorm-0.5.5/target_plugins/ascii.c firestorm/target_plugins/ascii.c
--- firestorm-0.5.5/target_plugins/ascii.c	Tue Apr 27 17:11:25 2004
+++ firestorm/target_plugins/ascii.c	Mon Jul 19 17:32:13 2004
@@ -221,7 +221,7 @@
 	return ret;
 }
 
-struct target firestorm_targets[]={
+PLUGIN struct target firestorm_targets[]={
 	{
 		.name = "ascii",
 		.desc = "detailed ascii text with optional hex dumps",
@@ -233,7 +233,7 @@
 	{.name = NULL},
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "target.ascii",
 	.desc		= "Detailed ASCII logs",
@@ -241,4 +241,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 1,
+	.targets	= firestorm_targets,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/target_plugins/dump.c firestorm/target_plugins/dump.c
--- firestorm-0.5.5/target_plugins/dump.c	Tue Apr 27 17:11:25 2004
+++ firestorm/target_plugins/dump.c	Mon Jul 19 17:33:07 2004
@@ -258,7 +258,7 @@
 	return ret;
 }
 
-struct target firestorm_targets[]={
+PLUGIN struct target firestorm_targets[]={
 	{
 		.name = "dump",
 		.desc =  "libpcap (tcpdump) files.",
@@ -270,7 +270,7 @@
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "target.dump",
 	.desc		= "Log to a tcpdump file",
@@ -278,4 +278,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 1,
 	.ver_minor	= 0,
+	.targets	= firestorm_targets,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/target_plugins/elog.c firestorm/target_plugins/elog.c
--- firestorm-0.5.5/target_plugins/elog.c	Mon Jul 12 21:42:36 2004
+++ firestorm/target_plugins/elog.c	Mon Jul 19 17:34:16 2004
@@ -125,7 +125,7 @@
 	return ret;
 }
 
-struct target firestorm_targets[]={
+PLUGIN struct target firestorm_targets[]={
 	{
 		.name = "elog",
 		.desc = "Firestorm extended log (elog) files.",
@@ -137,7 +137,7 @@
 	{.name = NULL,}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "target.elog",
 	.desc		= "Firestorm exetended logs (elog)",
@@ -145,4 +145,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 0,
 	.ver_minor	= 1,
+	.targets	= firestorm_targets,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);
diff -ruN firestorm-0.5.5/target_plugins/log.c firestorm/target_plugins/log.c
--- firestorm-0.5.5/target_plugins/log.c	Tue Apr 27 17:11:25 2004
+++ firestorm/target_plugins/log.c	Mon Jul 19 17:33:41 2004
@@ -316,7 +316,7 @@
 	return ret;
 }
 
-struct target firestorm_targets[]={
+PLUGIN struct target firestorm_targets[]={
 	{
 		.name = "log",
 		.desc = "one line per packet textual format",
@@ -338,7 +338,7 @@
 	{.name = NULL}
 };
 
-struct plugin_desc firestorm_plugin_desc = {
+PLUGIN struct plugin_desc firestorm_plugin_desc = {
 	.size		= sizeof(firestorm_plugin_desc),
 	.name		= "target.log",
 	.desc		= "TCP/IP based log plugin",
@@ -346,4 +346,6 @@
 	.author_email	= "gianni@xxxxxxxxxxxxxxxx",
 	.ver_major	= 0,
 	.ver_minor	= 1,
+	.targets	= firestorm_targets,
 };
+DECLARE_PLUGIN(firestorm_plugin_desc);

Prev by Date: #include <malloc.h> in preproc_plugins/network.c
Next by Date: firestorm...slackware...not run?
Previous by thread: #include <malloc.h> in preproc_plugins/network.c
Next by thread: firestorm...slackware...not run?
Index(es):
- Date
- Thread