#include "suricata-common.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "detect-parse.h"#include "detect-engine.h"#include "util-byte.h"#include "pkt-var.h"#include "util-profiling.h"#include "app-layer-enip-common.h"
Go to the source code of this file.
Functions | |
| int | DecodeENIPPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data) |
| Decode ENIP Encapsulation Header. More... | |
| int | DecodeCommonPacketFormatPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode Common Packet Format. More... | |
| int | DecodeCIPPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode CIP packet. More... | |
| int | DecodeCIPRequestPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode CIP Request. More... | |
| int | DecodeCIPRequestPathPDU (const uint8_t *input, uint32_t input_len, CIPServiceEntry *node, uint16_t offset) |
| Decode CIP Request Path. More... | |
| int | DecodeCIPResponsePDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode CIP Response. More... | |
| int | DecodeCIPRequestMSPPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode CIP Request Multi Service Packet. More... | |
| int | DecodeCIPResponseMSPPDU (const uint8_t *input, uint32_t input_len, ENIPTransaction *enip_data, uint16_t offset) |
| Decode CIP Response MultiService Packet. More... | |
Detailed Description
App-layer parser for ENIP protocol common code
Definition in file app-layer-enip-common.c.
Function Documentation
◆ DecodeCIPPDU()
| int DecodeCIPPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode CIP packet.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 414 of file app-layer-enip-common.c.
References DecodeCIPRequestPDU(), DecodeCIPResponsePDU(), ENIPTransaction_::encap_data_item, ENIPEncapDataItem_::length, offset, and SCLogDebug.
Referenced by DecodeCIPRequestMSPPDU(), and DecodeCIPResponseMSPPDU().
◆ DecodeCIPRequestMSPPDU()
| int DecodeCIPRequestMSPPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode CIP Request Multi Service Packet.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 869 of file app-layer-enip-common.c.
References BYTE_LITTLE_ENDIAN, ByteExtractUint16(), DecodeCIPPDU(), offset, and SCLogDebug.
◆ DecodeCIPRequestPathPDU()
| int DecodeCIPRequestPathPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| CIPServiceEntry * | node, | ||
| uint16_t | offset | ||
| ) |
Decode CIP Request Path.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet cipserviced the cip service rule
- Returns
- 1 Packet matches
- 0 Packet not match
Definition at line 577 of file app-layer-enip-common.c.
References CIPServiceEntry_::request.
◆ DecodeCIPRequestPDU()
| int DecodeCIPRequestPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode CIP Request.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 458 of file app-layer-enip-common.c.
References ENIPTransaction_::encap_data_item, ENIPEncapDataItem_::length, and SCLogDebug.
Referenced by DecodeCIPPDU().
◆ DecodeCIPResponseMSPPDU()
| int DecodeCIPResponseMSPPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode CIP Response MultiService Packet.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 921 of file app-layer-enip-common.c.
References BYTE_LITTLE_ENDIAN, ByteExtractUint16(), DecodeCIPPDU(), offset, and SCLogDebug.
◆ DecodeCIPResponsePDU()
| int DecodeCIPResponsePDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode CIP Response.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 750 of file app-layer-enip-common.c.
References ENIPTransaction_::encap_data_item, ENIPEncapDataItem_::length, and SCLogDebug.
Referenced by DecodeCIPPDU().
◆ DecodeCommonPacketFormatPDU()
| int DecodeCommonPacketFormatPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data, | ||
| uint16_t | offset | ||
| ) |
Decode Common Packet Format.
- Parameters
-
input,input_len data stream enip_data stores data from Packet offset current point in the packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 294 of file app-layer-enip-common.c.
References ENIPTransaction_::header, ENIPEncapHdr_::length, and SCLogDebug.
◆ DecodeENIPPDU()
| int DecodeENIPPDU | ( | const uint8_t * | input, |
| uint32_t | input_len, | ||
| ENIPTransaction * | enip_data | ||
| ) |
Decode ENIP Encapsulation Header.
- Parameters
-
input,input_len data stream enip_data stores data from Packet
- Returns
- 1 Packet ok
- 0 Packet has errors
Definition at line 193 of file app-layer-enip-common.c.
