|
Collaboration diagram for Prelude logging module:
|
|
Defines | |
| #define | NUFW_ANALYZER_MANUFACTURER "http://www.nufw.org/" |
| #define | NUFW_ANALYZER_CLASS "Firewall" |
| #define | NUFW_ANALYZER_VERSION VERSION |
| #define | NUFW_ANALYZER_MODEL "NuFW" |
| #define | CLIENT_ANALYZER_NAME "libnuclient" |
| #define | CLIENT_ANALYZER_MANUFACTURER NUFW_ANALYZER_MANUFACTURER |
| #define | CLIENT_ANALYZER_CLASS "NuFW client" |
| #define | CLIENT_ANALYZER_MODEL "NuFW" |
Functions | |
| G_MODULE_EXPORT uint32_t | get_api_version () |
| G_MODULE_EXPORT gchar * | unload_module_with_params (gpointer params_ptr) |
| void | update_prelude_timer () |
| G_MODULE_EXPORT void | g_module_unload (GModule *module) |
| void | destroy_idmef (idmef_message_t *idmef) |
| G_MODULE_EXPORT gboolean | init_module_from_conf (module_t *module) |
| static void | del_idmef_object (idmef_message_t *message, const char *object) |
| static int | add_idmef_object (idmef_message_t *message, const char *object, const char *value) |
| static int | feed_template (idmef_message_t *idmef) |
| static idmef_message_t * | create_alert_template () |
| static idmef_message_t * | create_packet_template () |
| static void | feed_source_libnuclient (idmef_message_t *idmef) |
| static void | feed_target_nuauth (idmef_message_t *idmef) |
| static idmef_message_t * | create_autherr_template () |
| static idmef_message_t * | create_session_template () |
| idmef_message_t * | create_from_template (idmef_message_t *tpl, connection_t *conn) |
| static void | set_os_infos (idmef_message_t *idmef, const char *osname, const char *osrelease, const char *osversion) |
| static void | set_nufw_infos (idmef_message_t *idmef, const char *nufw_address, const char *nufw_port) |
| void | set_source0_address (idmef_message_t *idmef, struct in6_addr *addr) |
| static idmef_message_t * | create_message_packet (idmef_message_t *tpl, tcp_state_t state, connection_t *conn, char *state_text, char *impact, char *severity) |
| static void | add_user_information (idmef_message_t *idmef, user_session_t *session, int userid_is_valid) |
| static idmef_message_t * | create_message_session (idmef_message_t *tpl, user_session_t *session, char *state_text, char *impact, char *severity) |
| static idmef_message_t * | create_message_autherr (idmef_message_t *tpl, user_session_t *session, const char *text, const char *severity) |
| G_MODULE_EXPORT gint | user_packet_logs (void *pelement, tcp_state_t state, gpointer params_ptr) |
| G_MODULE_EXPORT int | user_session_logs (user_session_t *c_session, session_state_t state, gpointer params_ptr) |
| G_MODULE_EXPORT gchar * | g_module_check_init () |
| G_MODULE_EXPORT void | auth_error_log (user_session_t *session, nuauth_auth_error_t error, const char *text, gpointer params_ptr) |
Variables | |
| GMutex * | global_client_mutex |
| prelude_client_t * | global_client |
| #define CLIENT_ANALYZER_CLASS "NuFW client" |
Definition at line 43 of file nuprelude.c.
| #define CLIENT_ANALYZER_MANUFACTURER NUFW_ANALYZER_MANUFACTURER |
Definition at line 42 of file nuprelude.c.
| #define CLIENT_ANALYZER_MODEL "NuFW" |
Definition at line 44 of file nuprelude.c.
| #define CLIENT_ANALYZER_NAME "libnuclient" |
Definition at line 41 of file nuprelude.c.
| #define NUFW_ANALYZER_CLASS "Firewall" |
| #define NUFW_ANALYZER_MANUFACTURER "http://www.nufw.org/" |
| #define NUFW_ANALYZER_MODEL "NuFW" |
| #define NUFW_ANALYZER_VERSION VERSION |
| static int add_idmef_object | ( | idmef_message_t * | message, | |
| const char * | object, | |||
| const char * | value | |||
| ) | [static] |
Add an IDMEF object
Definition at line 134 of file nuprelude.c.
References DEBUG, DEBUG_AREA_MAIN, and log_message.
Referenced by add_user_information(), create_message_autherr(), create_message_packet(), create_message_session(), feed_source_libnuclient(), feed_target_nuauth(), feed_template(), set_nufw_infos(), set_os_infos(), and set_source0_address().
| static void add_user_information | ( | idmef_message_t * | idmef, | |
| user_session_t * | session, | |||
| int | userid_is_valid | |||
| ) | [static] |
Add NuFW client informations to an IDMEF message: user name and identifier
Definition at line 544 of file nuprelude.c.
References add_idmef_object(), del_idmef_object(), secure_snprintf(), and session.
Referenced by create_message_autherr(), and create_message_session().
Here is the call graph for this function:
| G_MODULE_EXPORT void auth_error_log | ( | user_session_t * | session, | |
| nuauth_auth_error_t | error, | |||
| const char * | text, | |||
| gpointer | params_ptr | |||
| ) |
Definition at line 826 of file nuprelude.c.
References AUTH_ERROR_CREDENTIALS, log_prelude_params::autherr_tpl, create_autherr_template(), create_message_autherr(), global_client, global_client_mutex, and session.
Here is the call graph for this function:
| static idmef_message_t* create_alert_template | ( | ) | [static] |
Create Prelude alert message template.
Definition at line 229 of file nuprelude.c.
References feed_template().
Referenced by create_autherr_template(), create_packet_template(), and create_session_template().
Here is the call graph for this function:
| static idmef_message_t* create_autherr_template | ( | ) | [static] |
Create Prelude authentication error message template
Definition at line 299 of file nuprelude.c.
References create_alert_template(), feed_source_libnuclient(), and feed_target_nuauth().
Referenced by auth_error_log().
Here is the call graph for this function:
| idmef_message_t* create_from_template | ( | idmef_message_t * | tpl, | |
| connection_t * | conn | |||
| ) |
Create an IDMEF message from a template and set common parameters
Definition at line 331 of file nuprelude.c.
References connection_t::timestamp.
Referenced by create_message_autherr(), create_message_packet(), and create_message_session().
| static idmef_message_t* create_message_autherr | ( | idmef_message_t * | tpl, | |
| user_session_t * | session, | |||
| const char * | text, | |||
| const char * | severity | |||
| ) | [static] |
Definition at line 611 of file nuprelude.c.
References add_idmef_object(), add_user_information(), create_from_template(), format_ipv6(), secure_snprintf(), session, and set_source0_address().
Referenced by auth_error_log().
Here is the call graph for this function:
| static idmef_message_t* create_message_packet | ( | idmef_message_t * | tpl, | |
| tcp_state_t | state, | |||
| connection_t * | conn, | |||
| char * | state_text, | |||
| char * | impact, | |||
| char * | severity | |||
| ) | [static] |
Create IDMEF message for NuFW packet message
Definition at line 418 of file nuprelude.c.
References add_idmef_object(), connection_t::app_name, nuauth_params::authreq_port, create_from_template(), tracking_t::daddr, del_idmef_object(), tracking_t::dest, format_ipv6(), nuauthconf, connection_t::os_release, connection_t::os_sysname, connection_t::os_version, nufw_session_t::peername, tracking_t::protocol, tracking_t::saddr, secure_snprintf(), set_nufw_infos(), set_os_infos(), set_source0_address(), tracking_t::source, TCP_STATE_DROP, TCP_STATE_ESTABLISHED, connection_t::tls, connection_t::tracking, connection_t::user_id, and connection_t::username.
Referenced by user_packet_logs().
Here is the call graph for this function:
| static idmef_message_t* create_message_session | ( | idmef_message_t * | tpl, | |
| user_session_t * | session, | |||
| char * | state_text, | |||
| char * | impact, | |||
| char * | severity | |||
| ) | [static] |
Create IDMEF message for a NuFW session message
Definition at line 573 of file nuprelude.c.
References add_idmef_object(), add_user_information(), create_from_template(), format_ipv6(), secure_snprintf(), session, set_os_infos(), and set_source0_address().
Referenced by user_session_logs().
Here is the call graph for this function:
| static idmef_message_t* create_packet_template | ( | ) | [static] |
Create Prelude packet message template
Definition at line 254 of file nuprelude.c.
References create_alert_template().
Referenced by user_packet_logs().
Here is the call graph for this function:
| static idmef_message_t* create_session_template | ( | ) | [static] |
Create Prelude session message template
Definition at line 316 of file nuprelude.c.
References create_alert_template(), feed_source_libnuclient(), and feed_target_nuauth().
Referenced by user_session_logs().
Here is the call graph for this function:
| static void del_idmef_object | ( | idmef_message_t * | message, | |
| const char * | object | |||
| ) | [static] |
Delete an IDMEF object
Definition at line 117 of file nuprelude.c.
Referenced by add_user_information(), and create_message_packet().
| void destroy_idmef | ( | idmef_message_t * | idmef | ) |
Destroy a private IDMEF message when a thread stops.
Definition at line 94 of file nuprelude.c.
Referenced by init_module_from_conf().
| static void feed_source_libnuclient | ( | idmef_message_t * | idmef | ) | [static] |
Set libnuclient as IDMEF source #0: protocol version and service name
Definition at line 265 of file nuprelude.c.
References add_idmef_object().
Referenced by create_autherr_template(), and create_session_template().
Here is the call graph for this function:
| static void feed_target_nuauth | ( | idmef_message_t * | idmef | ) | [static] |
Set nuauth as IDMEF target #0: process path and pid, source IPv6, protocol
Definition at line 276 of file nuprelude.c.
References add_idmef_object(), nuauthconf, nuauthdatas, nuauth_datas::program_fullpath, secure_snprintf(), and nuauth_params::userpckt_port.
Referenced by create_autherr_template(), and create_session_template().
Here is the call graph for this function:
| static int feed_template | ( | idmef_message_t * | idmef | ) | [static] |
Set default values in an IDMEF template
Definition at line 174 of file nuprelude.c.
References add_idmef_object(), global_client, NUFW_ANALYZER_CLASS, NUFW_ANALYZER_MANUFACTURER, NUFW_ANALYZER_MODEL, and NUFW_ANALYZER_VERSION.
Referenced by create_alert_template().
Here is the call graph for this function:
| G_MODULE_EXPORT gchar* g_module_check_init | ( | ) |
Function called only once: when the module is loaded.
Definition at line 768 of file nuprelude.c.
References cleanup_func_push(), DEBUG_AREA_MAIN, global_client, global_client_mutex, log_message, nuauthdatas, PRELUDE_VERSION_REQUIRE, nuauth_datas::program_fullpath, and update_prelude_timer().
Here is the call graph for this function:
| G_MODULE_EXPORT void g_module_unload | ( | GModule * | module | ) |
Function called only once: when the module is unloaded.
Definition at line 76 of file nuprelude.c.
References cleanup_func_remove(), DEBUG_AREA_MAIN, global_client, global_client_mutex, log_message, and update_prelude_timer().
Here is the call graph for this function:
| G_MODULE_EXPORT uint32_t get_api_version | ( | ) |
| G_MODULE_EXPORT gboolean init_module_from_conf | ( | module_t * | module | ) |
Definition at line 99 of file nuprelude.c.
References DEBUG_AREA_MAIN, destroy_idmef(), log_message, log_prelude_params::packet_tpl, module_t::params, log_prelude_params::session_tpl, and TRUE.
Here is the call graph for this function:
| static void set_nufw_infos | ( | idmef_message_t * | idmef, | |
| const char * | nufw_address, | |||
| const char * | nufw_port | |||
| ) | [static] |
Set information on NuFW (ip address, port)
Definition at line 393 of file nuprelude.c.
References add_idmef_object(), and secure_snprintf().
Referenced by create_message_packet().
Here is the call graph for this function:
| static void set_os_infos | ( | idmef_message_t * | idmef, | |
| const char * | osname, | |||
| const char * | osrelease, | |||
| const char * | osversion | |||
| ) | [static] |
Set operating system information on the client (OS type and version)
Definition at line 380 of file nuprelude.c.
References add_idmef_object(), and secure_snprintf().
Referenced by create_message_packet(), and create_message_session().
Here is the call graph for this function:
| void set_source0_address | ( | idmef_message_t * | idmef, | |
| struct in6_addr * | addr | |||
| ) |
Definition at line 403 of file nuprelude.c.
References add_idmef_object(), and format_ipv6().
Referenced by create_message_autherr(), create_message_packet(), and create_message_session().
Here is the call graph for this function:
| G_MODULE_EXPORT gchar* unload_module_with_params | ( | gpointer | params_ptr | ) |
Definition at line 58 of file nuprelude.c.
| void update_prelude_timer | ( | ) |
Function called every second to update timer (Prelude "heartbeat")
Definition at line 66 of file nuprelude.c.
Referenced by g_module_check_init(), and g_module_unload().
| G_MODULE_EXPORT gint user_packet_logs | ( | void * | pelement, | |
| tcp_state_t | state, | |||
| gpointer | params_ptr | |||
| ) |
Definition at line 646 of file nuprelude.c.
References create_message_packet(), create_packet_template(), global_client, global_client_mutex, log_prelude_params::packet_tpl, TCP_STATE_CLOSE, TCP_STATE_DROP, TCP_STATE_ESTABLISHED, TCP_STATE_OPEN, and connection_t::username.
Here is the call graph for this function:
| G_MODULE_EXPORT int user_session_logs | ( | user_session_t * | c_session, | |
| session_state_t | state, | |||
| gpointer | params_ptr | |||
| ) |
Definition at line 710 of file nuprelude.c.
References create_message_session(), create_session_template(), global_client, global_client_mutex, SESSION_CLOSE, SESSION_OPEN, log_prelude_params::session_tpl, and user_session_t::user_name.
Here is the call graph for this function:
| prelude_client_t* global_client |
Definition at line 47 of file nuprelude.c.
Referenced by auth_error_log(), feed_template(), g_module_check_init(), g_module_unload(), user_packet_logs(), and user_session_logs().
| GMutex* global_client_mutex |
Definition at line 46 of file nuprelude.c.
Referenced by auth_error_log(), g_module_check_init(), g_module_unload(), user_packet_logs(), and user_session_logs().
1.4.7