;; ! THIS FILE CONTAINS AN INITIALIZATION SCHEME FOR CONFIG READER ;; ! PLEASE DO NOT MODIFY THIS FILE (version 1000) (serializator "filters" ;;; Defines enumerator without args (define "scoring" "Scoring" ["mode"]) (define "attempts" "Attempts" ["mode"]) (define "instant" "Instant" ["mode"]) ;;; --- VARs (procedure "search/window" (arg "l_searchwindow" (int)) ) (procedure "retry" (arg "l_retry" (uint)) ) (procedure "score" (arg "l_score" (uint)) ) (procedure "bantime" (arg "l_bantime" (int)) ) (procedure "ignore/hosts" (arg "l_ignore_hosts" (vector (string))) ) (procedure "ignore/users" (arg "l_ignore_users" (vector (string))) ) (procedure "var" (proc "l_filter_sw" ["search/window"] (proc-allow [optional])) (proc "l_filter_retry" ["retry"] (proc-allow [optional])) (proc "l_filter_score" ["score"] (proc-allow [optional])) (proc "l_filter_bantime" ["bantime"] (proc-allow [optional])) (proc "l_filter_ign_h" ["ignore/hosts"] (proc-allow [optional])) (proc "l_filter_ign_u" ["ignore/users"] (proc-allow [optional])) ) (struct "LdFilterOverrides" "var" (field "search_win" (f/optional (f/int64 ["l_filter_sw" "l_searchwindow"]))) (field "retry_cnt" (f/optional (f/uint64 ["l_filter_retry" "l_retry"]))) (field "max_score" (f/optional (f/uint64 ["l_filter_score" "l_score"]))) (field "ban_time" (f/optional (f/int64 ["l_filter_bantime" "l_bantime"]))) (field "ign_hosts" (f/optional (f/vector (f/string ["l_filter_ign_h" "l_ignore_hosts"])))) (field "ign_users" (f/optional (f/vector (f/string ["l_filter_ign_u" "l_ignore_users"])))) ) ;;; ---- RULESET < (ANY ALL NOT REGEX LITERAL) + DESCR SCORE, ACTION, SUBPROGS ;;; --- (ANY ALL NOT REGEX LITERAL) (procedure "severity" (arg "l_severity" (uint)) ) (procedure "descr" (arg "l_descr" (string)) ) (procedure "literal" (arg "l_literal" (string)) (proc "l_literal_severity" ["severity"] (proc-allow [optional])) (proc "l_literal_descr" ["descr"] (proc-allow [optional])) ) (procedure "regex" (arg "l_regex" (string)) (proc "l_literal_severity" ["severity"] (proc-allow [optional])) (proc "l_literal_descr" ["descr"] (proc-allow [optional])) ) (procedure "any" (proc "l_any" ["literal" "regex" "all" "not"] (proc-allow [collection optional])) ) (procedure "all" (proc "l_all" ["literal" "regex" "any" "not"] (proc-allow [collection optional])) ) (procedure "not" (proc "l_not" ["literal" "regex" "any" "all"] (proc-allow [collection optional])) ) (enum "RuleGroupType" ["any" "all" "not" "regex" "literal"] (enum-opt-tuple "any" "Any" (enum-opt-fields (field anon (f/vector (f/enum ["l_any"]))) ) ) (enum-opt-tuple "not" "Not" (enum-opt-fields (field anon (f/vector (f/enum ["l_not"]))) ) ) (enum-opt-tuple "all" "All" (enum-opt-fields (field anon (f/vector (f/enum ["l_all"]))) ) ) (enum-opt-struct "regex" "Regex" (enum-opt-fields (field "regex" (f/string ["l_regex"])) (field "score" (f/optional (f/uint64 ["l_literal_severity" "l_severity"]))) (field "descr" (f/optional (f/string ["l_literal_descr" "l_descr"]))) ) ) (enum-opt-struct "literal" "Literal" (enum-opt-fields (field "literal" (f/string ["l_literal"])) (field "score" (f/optional (f/uint64 ["l_literal_severity" "l_severity"]))) (field "descr" (f/optional (f/string ["l_literal_descr" "l_descr"]))) ) ) ) ;;; --- ACTION (procedure "override" (arg "l_override_key" (string)) (arg "l_override_val" (string)) ) (struct "LdMonFilActsOver" "override" (field "key" (f/string ["l_override_key"])) (field "val" (f/string ["l_override_val"])) ) (procedure "action" (arg "l_act_name" (string)) (proc "l_act_override" ["override"] (proc-allow [optional collection])) ) (struct "LdMonFilActs" "action" (field "action_name" (f/string ["l_act_name"])) (field "override_map" (f/optional (f/vector (f/struct ["l_act_override"])))) ) ;;; --- SUBPROGS (procedure "sub-appnames" (arg "l_sub_appnames" (vector (string))) ) ;;; --- RULESET (procedure "ruleset" (arg "l_ruleset_name" (string)) (proc "l_ruleset_sub_appname" ["sub-appnames"] (proc-allow [optional])) (proc "l_ruleset_actions" ["action"] (proc-allow [collection optional])) (proc "l_ruleset_group" ["all" "any" "not"] (proc-allow [collection])) ) (struct "LdFilterRuleset" "ruleset" (field "ruleset_name" (f/string ["l_ruleset_name"])) (field "sub_appnames" (f/optional (f/hashset (f/string ["l_ruleset_sub_appname" "l_sub_appnames"])))) (field "actions" (f/optional (f/vector (f/struct ["l_ruleset_actions"])))) (field "rules" (f/vector (f/enum ["l_ruleset_group"]))) ) ;;; ---- MODE (procedure "mode" (arg "l_mode" (symbol (string))) ) ;;; ---- DEFINE (procedure "define" (arg "l_define_key" (string)) (arg "l_define_val" (string)) ) (struct "LdFilterDefs" "define" (field "key" (f/string ["l_define_key"])) (field "val" (f/string ["l_define_val"])) ) ;;; ---- USE (procedure "use" (arg "l_use" (string)) ) ;;; ---- USES < SET (procedure "set" (arg "l_set_title" (string)) (arg "l_set_list" (vector (string))) ) (procedure "uses" (proc "l_uses" ["set"] (proc-allow [collection optional])) ) (struct "LdFilterSets" "set" (field "title" (f/string ["l_set_title"])) (field "list" (f/hashset (f/string ["l_set_list"]))) ) ;;; APPNAME (procedure "appname" (arg "l_appname" (string)) ) ;;; ---- ROOT (rootprocedure (proc "l_root_mode" ["mode"]) (proc "l_root_overrides" ["var"] (proc-allow [optional])) (proc "l_root_defines" ["define"] (proc-allow [collection optional])) (proc "l_root_sets" ["uses"] (proc-allow [optional])) (proc "l_root_use" ["use"] (proc-allow [optional])) (proc "l_root_appname" ["appname"] (proc-allow [optional])) (proc "l_root_rules" ["ruleset"] (proc-allow [collection])) ) (rootstruct "LdFilter" (field "mode" (f/string ["l_root_mode" "l_mode"])) (field "overr_vars" (f/optional (f/struct ["l_root_overrides"]))) (field "defmap" (f/optional (f/vector (f/struct ["l_root_defines"])))) (field "decsets" (f/optional (f/hashset (f/struct ["l_root_sets" "l_uses"])))) (field "usesets" (f/optional (f/string ["l_root_use" "l_use"]))) (field "appname" (f/optional (f/string ["l_root_appname" "l_appname"]))) (field "rulesets" (f/hashset (f/struct ["l_root_rules"]))) ) )