aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main-7.0.x
main-8.0.x
main
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bac8016d17'
${ noResults }
suricata/scripts/setup-simple-detect.sh

128 lines
3.1 KiB
Bash
Raw Blame History

#!/bin/bash
#
# Script to setup a new 'simple' detect module.
# Written by Victor Julien <victor@inliniac.net>
#
set -e
#set -x
function Usage {
echo
echo "$(basename $0) -- script to provision a detect module. The script"
echo "makes a copy of detect-template, sets the name and updates"
echo "the build system."
echo
echo "Call from the 'src' directory, with one argument: the detect module"
echo "name."
echo
echo "E.g. inside 'src': ../scripts/$(basename $0) helloworld"
echo
}
function Done {
echo
echo "Detect module $NR has been set up in $FILE_C and $FILE_H"
echo "and the build system has been updated."
echo
echo "The detect module should now compile cleanly. Try running 'make'."
echo
echo "Next steps are to edit the files to implement the actual"
echo "detection logic of $NR."
echo
}
# Make sure we are running from the correct directory.
set_dir() {
if [ -e ./suricata.c ]; then
# Do nothing.
true
elif [ -e ./src/suricata.c ]; then
cd src
else
echo "error: this does not appear to be a suricata source directory."
exit 1
fi
}
if [ $# -ne "1" ]; then
Usage
echo "ERROR: call with one argument"
exit 1
fi
INPUT=$1
# lowercase
LC=${INPUT,,}
#echo $LC
# UPPERCASE
UC=${LC^^}
#echo $UC
# Normal
NR=${LC^}
#echo $NR
FILE_C="detect-${LC}.c"
FILE_H="detect-${LC}.h"
set_dir
if [ ! -e detect-template.c ] || [ ! -e detect-template.h ]; then
Usage
echo "ERROR: input files detect-template.c and/or detect-template.h are missing"
exit 1
fi
if [ -e $FILE_C ] || [ -e $FILE_H ]; then
Usage
echo "ERROR: file(s) $FILE_C and/or $FILE_H already exist, won't overwrite"
exit 1
fi
FILE_C="tests/detect-${LC}.c"
if [ ! -e tests/detect-template.c ]; then
Usage
echo "ERROR: input file tests/detect-template.c is missing"
exit 1
fi
if [ -e $FILE_C ]; then
Usage
echo "ERROR: file $FILE_C already exist, won't overwrite"
exit 1
fi
FILE_C="detect-${LC}.c"
FILE_H="detect-${LC}.h"
cp detect-template.c $FILE_C
cp detect-template.h $FILE_H
# search and replaces
sed -i "s/TEMPLATE/${UC}/g" $FILE_C
sed -i "s/TEMPLATE/${UC}/g" $FILE_H
sed -i "s/Template/${NR}/g" $FILE_C
sed -i "s/Template/${NR}/g" $FILE_H
sed -i "s/template/${LC}/g" $FILE_C
sed -i "s/template/${LC}/g" $FILE_H
# add to Makefile.am
sed -i "s/detect-template.c detect-template.h \\\/detect-template.c detect-template.h \\\\\n${FILE_C} ${FILE_H} \\\/g" Makefile.am
# update enum
sed -i "s/DETECT_TEMPLATE,/DETECT_TEMPLATE,\\n DETECT_${UC},/g" detect-engine-register.h
# add include to detect-engine-register.c
sed -i "s/#include \"detect-template.h\"/#include \"detect-template.h\"\\n#include \"${FILE_H}\"/g" detect-engine-register.c
# add reg func to detect-engine-register.c
sed -i "s/DetectTemplateRegister();/DetectTemplateRegister();\\n Detect${NR}Register();/g" detect-engine-register.c
# tests file
FILE_C="tests/detect-${LC}.c"
cp tests/detect-template.c $FILE_C
# search and replaces
sed -i "s/TEMPLATE/${UC}/g" $FILE_C
sed -i "s/Template/${NR}/g" $FILE_C
sed -i "s/template/${LC}/g" $FILE_C
Done
exit 0
Reference in New Issue View Git Blame Copy Permalink