1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
/* Copyright (C) 2007-2010 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
/**
* \file
*
* \author Danny Browning <danny.browning@protectwise.com>
*/
#include "suricata-common.h"
#include "source-pcap-file-helper.h"
#include "queue.h"
#ifndef __SOURCE_PCAP_FILE_DIRECTORY_HELPER_H__
#define __SOURCE_PCAP_FILE_DIRECTORY_HELPER_H__
typedef struct PendingFile_
{
char *filename;
struct timespec modified_time;
TAILQ_ENTRY(PendingFile_) next;
} PendingFile;
/**
* Data specific to a directory of pcap files
*/
typedef struct PcapFileDirectoryVars_
{
char *filename;
DIR *directory;
PcapFileFileVars *current_file;
bool should_loop;
bool should_recurse;
uint8_t cur_dir_depth;
time_t delay;
time_t poll_interval;
TAILQ_HEAD(PendingFiles, PendingFile_) directory_content;
PcapFileSharedVars *shared;
} PcapFileDirectoryVars;
/**
* Cleanup resources associated with a PendingFile object
* @param pending Object to be cleaned up
*/
void CleanupPendingFile(PendingFile *pending);
/**
* Cleanup resources associated with a PcapFileDirectoryVars object
* @param ptv Object to be cleaned up
*/
void CleanupPcapFileDirectoryVars(PcapFileDirectoryVars *ptv);
/**
* Determine if a given string represents a file or directory. If a directory,
* populate the directory object.
* @param filename String to check
* @param directory Directory point to populate if directory
* @return TM_ECODE_OK if string or directory
*/
TmEcode PcapDetermineDirectoryOrFile(char *filename, DIR **directory);
/**
* Dispatch a directory for processing, where information for processing the
* directory is contained in a PcapFileDirectoryVars object
* @param ptv PcapFileDirectoryVars object containing information for processing
* the directory
* @return
*/
TmEcode PcapDirectoryDispatch(PcapFileDirectoryVars *ptv);
#endif /* __SOURCE_PCAP_FILE_DIRECTORY_HELPER_H__ */
|
