app-layer-events.c File Reference

#include "suricata-common.h"
#include "decode.h"
#include "flow.h"
#include "app-layer-events.h"
#include "app-layer-parser.h"
#include "util-enum.h"

Include dependency graph for app-layer-events.c:

Go to the source code of this file.

Macros
#define	DECODER_EVENTS_BUFFER_STEPS   8

Functions
int	AppLayerGetEventInfoById (int event_id, const char **event_name, AppLayerEventType *event_type)
int	AppLayerGetPktEventInfo (const char *event_name, int *event_id)
void	AppLayerDecoderEventsSetEventRaw (AppLayerDecoderEvents **sevents, uint8_t event)
	Set an app layer decoder event. More...
void	AppLayerDecoderEventsResetEvents (AppLayerDecoderEvents *events)
void	AppLayerDecoderEventsFreeEvents (AppLayerDecoderEvents **events)

Variables
SCEnumCharMap	app_layer_event_pkt_table []

Detailed Description

Author

Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-events.c.

Macro Definition Documentation

DECODER_EVENTS_BUFFER_STEPS

#define DECODER_EVENTS_BUFFER_STEPS   8

Definition at line 81 of file app-layer-events.c.

Function Documentation

AppLayerDecoderEventsFreeEvents()

void AppLayerDecoderEventsFreeEvents

(

AppLayerDecoderEvents **

events

)

Definition at line 132 of file app-layer-events.c.

References SCFree.

Referenced by AppLayerParserStateFree(), and PacketDestructor().

Here is the caller graph for this function:

AppLayerDecoderEventsResetEvents()

void AppLayerDecoderEventsResetEvents

(

AppLayerDecoderEvents *

events

)

Definition at line 123 of file app-layer-events.c.

References AppLayerDecoderEvents_::cnt, and AppLayerDecoderEvents_::event_last_logged.

Referenced by PacketReinit().

Here is the caller graph for this function:

AppLayerDecoderEventsSetEventRaw()

void AppLayerDecoderEventsSetEventRaw	(	AppLayerDecoderEvents **	sevents,
		uint8_t	event
	)

Set an app layer decoder event.

Parameters

sevents	Pointer to a AppLayerDecoderEvents pointer. If *sevents is NULL memory will be allocated.
event	The event to be stored.

Definition at line 89 of file app-layer-events.c.

References DECODER_EVENTS_BUFFER_STEPS, SCMalloc, and SCRealloc.

Referenced by DetectEngineSetEvent().

Here is the caller graph for this function:

AppLayerGetEventInfoById()

int AppLayerGetEventInfoById	(	int	event_id,
		const char **	event_name,
		AppLayerEventType *	event_type
	)

Definition at line 51 of file app-layer-events.c.

References app_layer_event_pkt_table, APP_LAYER_EVENT_TYPE_PACKET, SC_ERR_INVALID_ENUM_MAP, SCLogError, and SCMapEnumValueToName().

Here is the call graph for this function:

AppLayerGetPktEventInfo()

int AppLayerGetPktEventInfo	(	const char *	event_name,
		int *	event_id
	)

Definition at line 67 of file app-layer-events.c.

References app_layer_event_pkt_table, SC_ERR_INVALID_ENUM_MAP, SCLogError, and SCMapEnumNameToValue().

Here is the call graph for this function:

Variable Documentation

app_layer_event_pkt_table

SCEnumCharMap app_layer_event_pkt_table[]

Initial value:

= {
    { "APPLAYER_MISMATCH_PROTOCOL_BOTH_DIRECTIONS",
      APPLAYER_MISMATCH_PROTOCOL_BOTH_DIRECTIONS },
    { "APPLAYER_WRONG_DIRECTION_FIRST_DATA",
      APPLAYER_WRONG_DIRECTION_FIRST_DATA },
    { "APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION",
      APPLAYER_DETECT_PROTOCOL_ONLY_ONE_DIRECTION },
    { "APPLAYER_PROTO_DETECTION_SKIPPED",
      APPLAYER_PROTO_DETECTION_SKIPPED },
    { "APPLAYER_NO_TLS_AFTER_STARTTLS",
      APPLAYER_NO_TLS_AFTER_STARTTLS },
    { "APPLAYER_UNEXPECTED_PROTOCOL",
      APPLAYER_UNEXPECTED_PROTOCOL },
    { NULL,
      -1 },
}

Definition at line 34 of file app-layer-events.c.

Referenced by AppLayerGetEventInfoById(), and AppLayerGetPktEventInfo().