Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Move DebugLogger to zeek namespaces

Browse source
This commit is contained in:
Tim Wojtulewicz 2020-07-21 14:16:42 -07:00
parent a2a435360a
commit 886fc102b8
40 changed files with 358 additions and 317 deletions
Download patch file Download diff file Expand all files Collapse all files

34
src/RuleMatcher.cc
View file

@ -637,7 +637,7 @@ RuleFileMagicState* RuleMatcher::InitFileMagic() const
bool RuleMatcher::AllRulePatternsMatched(const Rule* r, MatchPos matchpos,
const AcceptingMatchSet& ams)
{
DBG_LOG(DBG_RULES, "Checking rule: %s", r->id);
DBG_LOG(zeek::DBG_RULES, "Checking rule: %s", r->id);
// Check whether all patterns of the rule have matched.
for ( const auto& pattern : r->patterns )
@ -652,7 +652,7 @@ bool RuleMatcher::AllRulePatternsMatched(const Rule* r, MatchPos matchpos,
// FIXME: How to check for offset ??? ###
}
DBG_LOG(DBG_RULES, "All patterns of rule satisfied");
DBG_LOG(zeek::DBG_RULES, "All patterns of rule satisfied");
return true;
}
@ -671,11 +671,11 @@ RuleMatcher::MIME_Matches* RuleMatcher::Match(RuleFileMagicState* state,
}
#ifdef DEBUG
if ( debug_logger.IsEnabled(DBG_RULES) )
if ( debug_logger.IsEnabled(zeek::DBG_RULES) )
{
const char* s = fmt_bytes(reinterpret_cast<const char*>(data),
min(40, static_cast<int>(len)));
DBG_LOG(DBG_RULES, "Matching %s rules on |%s%s|",
DBG_LOG(zeek::DBG_RULES, "Matching %s rules on |%s%s|",
Rule::TypeToString(Rule::FILE_MAGIC), s,
len > 40 ? "..." : "");
}
@ -692,7 +692,7 @@ RuleMatcher::MIME_Matches* RuleMatcher::Match(RuleFileMagicState* state,
if ( ! newmatch )
return rval;
DBG_LOG(DBG_RULES, "New pattern match found");
DBG_LOG(zeek::DBG_RULES, "New pattern match found");
AcceptingMatchSet accepted_matches;
@ -753,7 +753,7 @@ RuleEndpointState* RuleMatcher::InitEndpoint(zeek::analyzer::Analyzer* analyzer,
{
RuleHdrTest* hdr_test = tests[h];
DBG_LOG(DBG_RULES, "HdrTest %d matches (%s%s)", hdr_test->id,
DBG_LOG(zeek::DBG_RULES, "HdrTest %d matches (%s%s)", hdr_test->id,
hdr_test->pattern_rules ? "+" : "-",
hdr_test->pure_rules ? "+" : "-");
@ -868,12 +868,12 @@ void RuleMatcher::Match(RuleEndpointState* state, Rule::PatternType type,
bool newmatch = false;
#ifdef DEBUG
if ( debug_logger.IsEnabled(DBG_RULES) )
if ( debug_logger.IsEnabled(zeek::DBG_RULES) )
{
const char* s =
fmt_bytes((const char *) data, min(40, data_len));
DBG_LOG(DBG_RULES, "Matching %s rules [%d,%d] on |%s%s|",
DBG_LOG(zeek::DBG_RULES, "Matching %s rules [%d,%d] on |%s%s|",
Rule::TypeToString(type), bol, eol, s,
data_len > 40 ? "..." : "");
}
@ -904,7 +904,7 @@ void RuleMatcher::Match(RuleEndpointState* state, Rule::PatternType type,
if ( ! newmatch )
return;
DBG_LOG(DBG_RULES, "New pattern match found");
DBG_LOG(zeek::DBG_RULES, "New pattern match found");
AcceptingMatchSet accepted_matches;
@ -940,17 +940,17 @@ void RuleMatcher::Match(RuleEndpointState* state, Rule::PatternType type,
{
Rule* r = *it;
DBG_LOG(DBG_RULES, "Accepted rule: %s", r->id);
DBG_LOG(zeek::DBG_RULES, "Accepted rule: %s", r->id);
for ( const auto& h : state->hdr_tests )
{
DBG_LOG(DBG_RULES, "Checking for accepted rule on HdrTest %d", h->id);
DBG_LOG(zeek::DBG_RULES, "Checking for accepted rule on HdrTest %d", h->id);
// Skip if rule does not belong to this node.
if ( ! h->ruleset->Contains(r->Index()) )
continue;
DBG_LOG(DBG_RULES, "On current node");
DBG_LOG(zeek::DBG_RULES, "On current node");
// Skip if rule already fired for this connection.
if ( is_member_of(state->matched_rules, r->Index()) )
@ -964,7 +964,7 @@ void RuleMatcher::Match(RuleEndpointState* state, Rule::PatternType type,
state->matched_text.push_back(s);
}
DBG_LOG(DBG_RULES, "And has not already fired");
DBG_LOG(zeek::DBG_RULES, "And has not already fired");
// Eval additional conditions.
if ( ! EvalRuleConditions(r, state, data, data_len, false) )
continue;
@ -1006,11 +1006,11 @@ bool RuleMatcher::ExecRulePurely(Rule* r, zeek::String* s,
if ( is_member_of(state->matched_rules, r->Index()) )
return false;
DBG_LOG(DBG_RULES, "Checking rule %s purely", r->ID());
DBG_LOG(zeek::DBG_RULES, "Checking rule %s purely", r->ID());
if ( EvalRuleConditions(r, state, nullptr, 0, eos) )
{
DBG_LOG(DBG_RULES, "MATCH!");
DBG_LOG(zeek::DBG_RULES, "MATCH!");
if ( s )
ExecRuleActions(r, state, s->Bytes(), s->Len(), eos);
@ -1026,7 +1026,7 @@ bool RuleMatcher::ExecRulePurely(Rule* r, zeek::String* s,
bool RuleMatcher::EvalRuleConditions(Rule* r, RuleEndpointState* state,
const u_char* data, int len, bool eos)
{
DBG_LOG(DBG_RULES, "Evaluating conditions for rule %s", r->ID());
DBG_LOG(zeek::DBG_RULES, "Evaluating conditions for rule %s", r->ID());
// Check for other rules which have to match first.
for ( const auto& pc : r->preconds )
@ -1063,7 +1063,7 @@ bool RuleMatcher::EvalRuleConditions(Rule* r, RuleEndpointState* state,
if ( ! cond->DoMatch(r, state, data, len) )
return false;
DBG_LOG(DBG_RULES, "Conditions met: MATCH! %s", r->ID());
DBG_LOG(zeek::DBG_RULES, "Conditions met: MATCH! %s", r->ID());
return true;
}