Go to the documentation of this file.
46 #define FTP_MPM mpm_default_matcher
48 static MpmCtx *ftp_mpm_ctx = NULL;
116 static void FTPParseMemcap(
void)
118 const char *conf_val;
121 if ((
ConfGet(
"app-layer.protocols.ftp.memcap", &conf_val)) == 1)
125 "from conf file - %s. Killing engine",
138 if ((
ConfGet(
"app-layer.protocols.ftp.max-tx", &conf_val)) == 1) {
141 "from conf file - %s.",
147 if ((
ConfGet(
"app-layer.protocols.ftp.max-line-length", &conf_val)) == 1) {
149 SCLogError(
"Error parsing ftp.max-line-length from conf file - %s.", conf_val);
155 static void FTPIncrMemuse(uint64_t size)
161 static void FTPDecrMemuse(uint64_t size)
185 static int FTPCheckMemcap(uint64_t size)
193 static void *FTPCalloc(
size_t n,
size_t size)
195 if (FTPCheckMemcap((uint32_t)(n * size)) == 0)
203 FTPIncrMemuse((uint64_t)(n * size));
207 static void *FTPRealloc(
void *ptr,
size_t orig_size,
size_t size)
211 if (FTPCheckMemcap((uint32_t)(size - orig_size)) == 0)
218 if (size > orig_size) {
219 FTPIncrMemuse(size - orig_size);
221 FTPDecrMemuse(orig_size - size);
227 static void FTPFree(
void *ptr,
size_t size)
231 FTPDecrMemuse((uint64_t)size);
242 FTPFree(
str->str,
str->len);
248 static void *FTPLocalStorageAlloc(
void)
257 if (td->
pmq == NULL) {
270 static void FTPLocalStorageFree(
void *ptr)
274 if (td->
pmq != NULL) {
307 SCLogDebug(
"new transaction %p (state tx cnt %"PRIu64
")", tx, state->
tx_cnt);
315 if (tx->
tx_data.de_state != NULL) {
333 FTPFree(tx,
sizeof(*tx));
343 static AppLayerResult FTPGetLineForDirection(
352 uint8_t *lf_idx = memchr(input->
buf + input->
consumed, 0x0a, input->
len);
354 if (lf_idx == NULL) {
356 *current_line_truncated =
true;
364 }
else if (*current_line_truncated) {
366 *current_line_truncated =
false;
376 uint32_t o_consumed = input->
consumed;
382 line->
buf = input->
buf + o_consumed;
384 *current_line_truncated =
true;
409 static int FTPParseRequestCommand(
424 *cmd_descriptor = NULL;
439 static void FtpTransferCmdFree(
void *data)
444 if (
cmd->file_name) {
445 FTPFree(
cmd->file_name,
cmd->file_len + 1);
450 static uint32_t CopyCommandLine(uint8_t **dest,
FtpLineState *line)
453 uint8_t *where = FTPCalloc(line->
len + 1,
sizeof(
char));
457 memcpy(where, line->
buf, line->
len);
460 while (line->
len && isspace((
unsigned char)where[line->
len - 1])) {
464 where[line->
len] =
'\0';
468 return line->
len ? line->
len + 1 : 0;
481 StreamSlice stream_slice,
void *local_data)
491 const uint8_t *input = StreamSliceGetData(&stream_slice);
492 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
496 }
else if (input == NULL || input_len == 0) {
500 FtpInput ftpi = { .
buf = input, .len = input_len, .orig_len = input_len, .consumed = 0 };
501 FtpLineState line = { .
buf = NULL, .len = 0, .delim_len = 0, .lf_found =
false };
507 if (res.status == 1) {
509 }
else if (res.status == -1) {
514 if (!FTPParseRequestCommand(thread_data, &line, &cmd_descriptor)) {
580 data->
DFree = FtpTransferCmdFree;
586 #if SC_FILENAME_MAX > UINT16_MAX
587 #error SC_FILENAME_MAX is greater than UINT16_MAX
589 data->
file_name = FTPCalloc(file_name_len + 1,
sizeof(
char));
591 FtpTransferCmdFree(data);
595 data->
file_len = (uint16_t)file_name_len;
603 FtpTransferCmdFree(data);
607 SCLogDebug(
"Expectation created [direction: %s, dynamic port %"PRIu16
"].",
608 state->
active ?
"to server" :
"to client",
629 static int FTPParsePassiveResponse(
Flow *f,
FtpState *state,
const uint8_t *input, uint32_t input_len)
631 uint16_t dyn_port = rs_ftp_pasv_response(input, input_len);
635 SCLogDebug(
"FTP passive mode (v4): dynamic port %"PRIu16
"", dyn_port);
644 static int FTPParsePassiveResponseV6(
Flow *f,
FtpState *state,
const uint8_t *input, uint32_t input_len)
646 uint16_t dyn_port = rs_ftp_epsv_response(input, input_len);
650 SCLogDebug(
"FTP passive mode (v6): dynamic port %"PRIu16
"", dyn_port);
667 static inline bool FTPIsPPR(
const uint8_t *input, uint32_t input_len)
669 return input_len >= 4 && isdigit(input[0]) && input[0] ==
'1' &&
670 isdigit(input[1]) && isdigit(input[2]) && isspace(input[3]);
683 StreamSlice stream_slice,
void *local_data)
687 const uint8_t *input = StreamSliceGetData(&stream_slice);
688 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
693 FtpInput ftpi = { .
buf = input, .len = input_len, .orig_len = input_len, .consumed = 0 };
694 FtpLineState line = { .
buf = NULL, .len = 0, .delim_len = 0, .lf_found =
false };
700 if (res.status == 1) {
702 }
else if (res.status == -1) {
707 tx = FTPTransactionCreate(state);
736 SCLogDebug(
"FTP active mode (v6): dynamic port %" PRIu16
"", dyn_port);
748 SCLogDebug(
"FTP active mode (v4): dynamic port %" PRIu16
"", dyn_port);
753 FTPParsePassiveResponse(f, ftp_state, line.
buf, line.
len);
759 FTPParsePassiveResponseV6(f, ftp_state, line.
buf, line.
len);
769 response->
len = CopyCommandLine(&response->
str, &line);
773 &tx->
tx_data.events, FtpEventResponseCommandTooLong);
783 if (FTPIsPPR(line.
buf, line.
len)) {
801 static uint64_t ftp_state_memuse = 0;
802 static uint64_t ftp_state_memcnt = 0;
805 static void *FTPStateAlloc(
void *orig_state,
AppProto proto_orig)
807 void *s = FTPCalloc(1,
sizeof(
FtpState));
823 static void FTPStateFree(
void *s)
832 SCLogDebug(
"[%s] state %p id %" PRIu64
", Freeing %d bytes at %p",
835 FTPTransactionFree(tx);
858 SCLogDebug(
"NULL state object; no transactions available");
875 SCLogDebug(
"Returning OLDEST tx %p id %"PRIu64, lasttx, lasttx->
tx_id);
879 static void *FTPGetTx(
void *state, uint64_t tx_id)
885 if (ftp_state->
curr_tx == NULL)
891 if (tx->
tx_id == tx_id)
904 static AppLayerStateData *FTPGetStateData(
void *vstate)
910 static void FTPStateTransactionFree(
void *state, uint64_t tx_id)
915 if (tx_id < tx->tx_id)
917 else if (tx_id > tx->
tx_id)
923 FTPTransactionFree(tx);
928 static uint64_t FTPGetTxCnt(
void *state)
939 static int FTPGetAlstateProgress(
void *vtx, uint8_t
direction)
955 static int FTPRegisterPatternsForProtocolDetection(
void)
958 IPPROTO_TCP,
ALPROTO_FTP,
"220 (", 5, 0, STREAM_TOCLIENT) < 0) {
962 IPPROTO_TCP,
ALPROTO_FTP,
"FEAT", 4, 0, STREAM_TOSERVER) < 0) {
966 IPPROTO_TCP,
ALPROTO_FTP,
"USER ", 5, 0, STREAM_TOSERVER) < 0) {
970 IPPROTO_TCP,
ALPROTO_FTP,
"PASS ", 5, 0, STREAM_TOSERVER) < 0) {
974 IPPROTO_TCP,
ALPROTO_FTP,
"PORT ", 5, 0, STREAM_TOSERVER) < 0) {
994 const uint8_t *input = StreamSliceGetData(&stream_slice);
995 uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
996 const bool eof = (
direction & STREAM_TOSERVER)
1001 if (ftpdata_state->
tx_data.file_tx == 0)
1002 ftpdata_state->
tx_data.file_tx =
direction & (STREAM_TOSERVER | STREAM_TOCLIENT);
1009 (
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient", eof ?
"true" :
"false");
1012 if (input_len && ftpdata_state->
files == NULL) {
1022 SCLogDebug(
"input %u not for our direction (%s): %s/%s", input_len,
1023 (
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient",
1025 (data->
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient");
1030 if (ftpdata_state->
files == NULL) {
1041 switch (data->
cmd) {
1045 (ftpdata_state->
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient");
1050 (ftpdata_state->
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient");
1059 0ULL, (uint8_t *) ftpdata_state->
file_name,
1061 input, input_len,
flags) != 0) {
1066 ftpdata_state->
tx_data.files_opened = 1;
1077 SCLogDebug(
"input %u not for us (%s): %s/%s", input_len,
1078 (
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient",
1080 (ftpdata_state->
direction & STREAM_TOSERVER) ?
"toserver" :
"toclient");
1083 if (input_len != 0) {
1087 SCLogDebug(
"FileAppendData() - file no longer being extracted");
1089 }
else if (ret < 0) {
1090 SCLogDebug(
"FileAppendData() failed: %d", ret);
1101 SCLogDebug(
"closed because of eof: state now FTPDATA_STATE_FINISHED");
1111 StreamSlice stream_slice,
void *local_data)
1113 return FTPDataParse(f, ftp_state, pstate, stream_slice, local_data, STREAM_TOSERVER);
1117 StreamSlice stream_slice,
void *local_data)
1119 return FTPDataParse(f, ftp_state, pstate, stream_slice, local_data, STREAM_TOCLIENT);
1124 static uint64_t ftpdata_state_memuse = 0;
1125 static uint64_t ftpdata_state_memcnt = 0;
1128 static void *FTPDataStateAlloc(
void *orig_state,
AppProto proto_orig)
1139 ftpdata_state_memcnt++;
1146 static void FTPDataStateFree(
void *s)
1150 if (fstate->
tx_data.de_state != NULL) {
1162 ftpdata_state_memcnt--;
1174 static AppLayerStateData *FTPDataGetStateData(
void *vstate)
1180 static void FTPDataStateTransactionFree(
void *state, uint64_t tx_id)
1185 static void *FTPDataGetTx(
void *state, uint64_t tx_id)
1191 static uint64_t FTPDataGetTxCnt(
void *state)
1197 static int FTPDataGetAlstateProgress(
void *tx, uint8_t
direction)
1201 return ftpdata_state->
state;
1206 static AppLayerGetFileState FTPDataStateGetTxFiles(
void *_state,
void *tx, uint8_t
direction)
1209 AppLayerGetFileState files = { .fc = NULL, .cfg = &sbcfg };
1212 files.fc = ftpdata_state->
files;
1217 static void FTPSetMpmState(
void)
1220 if (
unlikely(ftp_mpm_ctx == NULL)) {
1228 if (
cmd->command_length == 0)
1232 (uint8_t *)
cmd->command_name,
1233 cmd->command_length,
1242 static void FTPFreeMpmState(
void)
1244 if (ftp_mpm_ctx != NULL) {
1255 static AppLayerGetTxIterTuple FTPGetTxIterator(
const uint8_t ipproto,
const AppProto alproto,
1259 AppLayerGetTxIterTuple no_tuple = { NULL, 0,
false };
1262 if (state->
un.
ptr == NULL) {
1268 while (tx_ptr->
tx_id < min_tx_id) {
1274 if (tx_ptr->
tx_id >= max_tx_id) {
1278 AppLayerGetTxIterTuple tuple = {
1281 .has_next = (state->
un.
ptr != NULL),
1291 const char *proto_name =
"ftp";
1292 const char *proto_data_name =
"ftp-data";
1297 if (FTPRegisterPatternsForProtocolDetection() < 0 )
1318 FTPLocalStorageFree);
1328 FTPDataParseRequest);
1330 FTPDataParseResponse);
1352 sbcfg.
Calloc = FTPCalloc;
1354 sbcfg.
Free = FTPFree;
1358 SCLogInfo(
"Parsed disabled for %s protocol. Protocol detection"
1359 "still on.", proto_name);
1373 SCLogDebug(
"ftp_state_memcnt %"PRIu64
", ftp_state_memuse %"PRIu64
"",
1374 ftp_state_memcnt, ftp_state_memuse);
1399 if (!buffer || *buffer ==
'\0') {
1403 char *c = strchr(buffer,
'\n');
1404 return c == NULL ?
len : (uint16_t)(c - buffer + 1);
1410 jb_open_object(jb,
"ftp_data");
1413 jb_set_string_from_bytes(jb,
"filename", ftp_state->
file_name, ftp_state->
file_len);
1442 static int FTPParserTest01(
void)
1445 uint8_t ftpbuf[] =
"PORT 192,168,1,1,0,80\r\n";
1446 uint32_t ftplen =
sizeof(ftpbuf) - 1;
1450 memset(&f, 0,
sizeof(f));
1451 memset(&ssn, 0,
sizeof(ssn));
1454 f.
proto = IPPROTO_TCP;
1460 STREAM_TOSERVER | STREAM_EOF, ftpbuf, ftplen);
1473 static int FTPParserTest11(
void)
1476 uint8_t ftpbuf1[] =
"PORT 192,168,1,1,0,80\r\n";
1477 uint8_t ftpbuf2[] =
"RETR\r\n";
1478 uint8_t ftpbuf3[] =
"227 OK\r\n";
1483 memset(&f, 0,
sizeof(f));
1484 memset(&ssn, 0,
sizeof(ssn));
1487 f.
proto = IPPROTO_TCP;
1493 STREAM_TOSERVER | STREAM_START, ftpbuf1,
1494 sizeof(ftpbuf1) - 1);
1501 sizeof(ftpbuf3) - 1);
1505 STREAM_TOSERVER, ftpbuf2,
1506 sizeof(ftpbuf2) - 1);
1520 static int FTPParserTest12(
void)
1523 uint8_t ftpbuf1[] =
"PORT 192,168,1,1,0,80\r\n";
1524 uint8_t ftpbuf2[] =
"STOR\r\n";
1525 uint8_t ftpbuf3[] =
"227 OK\r\n";
1530 memset(&f, 0,
sizeof(f));
1531 memset(&ssn, 0,
sizeof(ssn));
1534 f.
proto = IPPROTO_TCP;
1540 STREAM_TOSERVER | STREAM_START, ftpbuf1,
1541 sizeof(ftpbuf1) - 1);
1548 sizeof(ftpbuf3) - 1);
1552 STREAM_TOSERVER, ftpbuf2,
1553 sizeof(ftpbuf2) - 1);
void MpmInitThreadCtx(MpmThreadCtx *mpm_thread_ctx, uint16_t matcher)
void PmqReset(PrefilterRuleStore *pmq)
Reset a Pmq for reusage. Meant to be called after a single search.
void AppLayerParserRegisterGetStateProgressFunc(uint8_t ipproto, AppProto alproto, int(*StateGetProgress)(void *alstate, uint8_t direction))
const FtpCommand * command_descriptor
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
int AppLayerProtoDetectPMRegisterPatternCI(uint8_t ipproto, AppProto alproto, const char *pattern, uint16_t depth, uint16_t offset, uint8_t direction)
Registers a case-insensitive pattern for protocol detection.
union AppLayerGetTxIterState::@15 un
void AppLayerParserRegisterLocalStorageFunc(uint8_t ipproto, AppProto alproto, void *(*LocalStorageAlloc)(void), void(*LocalStorageFree)(void *))
#define SC_ATOMIC_INIT(name)
wrapper for initializing an atomic variable.
const FtpCommand FtpCommands[FTP_COMMAND_MAX+1]
FileContainer * FileContainerAlloc(void)
allocate a FileContainer
void *(* Calloc)(size_t n, size_t size)
struct FtpState_ FtpState
bool AppLayerRequestProtocolTLSUpgrade(Flow *f)
request applayer to wrap up this protocol and rerun protocol detection with expectation of TLS....
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
FlowStorageId AppLayerExpectationGetFlowId(void)
structure for storing potential rule matches
int ParseSizeStringU64(const char *size, uint64_t *res)
struct HtpBodyChunk_ * next
FtpRequestCommand command
int AppLayerParserConfParserEnabled(const char *ipproto, const char *alproto_name)
check if a parser is enabled in the config Returns enabled always if: were running unittests
#define STREAMING_BUFFER_CONFIG_INITIALIZER
void FileContainerFree(FileContainer *ffc, const StreamingBufferConfig *cfg)
Free a FileContainer.
#define SC_ATOMIC_ADD(name, val)
add a value to our atomic variable
void AppLayerParserRegisterStateProgressCompletionStatus(AppProto alproto, const int ts, const int tc)
void AppLayerParserRegisterParserAcceptableDataDirection(uint8_t ipproto, AppProto alproto, uint8_t direction)
bool current_line_truncated_tc
void AppLayerParserRegisterTxFreeFunc(uint8_t ipproto, AppProto alproto, void(*StateTransactionFree)(void *, uint64_t))
#define TAILQ_FOREACH(var, head, field)
FtpRequestCommand command
uint64_t FTPMemuseGlobalCounter(void)
void AppLayerParserThreadCtxFree(AppLayerParserThreadCtx *tctx)
Destroys the app layer parser thread context obtained using AppLayerParserThreadCtxAlloc().
void AppLayerDecoderEventsFreeEvents(AppLayerDecoderEvents **events)
FtpRequestCommand command
#define SCMUTEX_INITIALIZER
void AppLayerParserRegisterGetTxFilesFunc(uint8_t ipproto, AppProto alproto, AppLayerGetFileState(*GetTxFiles)(void *, void *, uint8_t))
const char * command_name
#define TAILQ_INSERT_TAIL(head, elm, field)
#define APP_LAYER_PARSER_EOF_TS
SC_ATOMIC_DECLARE(uint64_t, ftp_memuse)
void FTPParserCleanup(void)
Free memory allocated for global FTP parser state.
bool EveFTPDataAddMetadata(void *vtx, JsonBuilder *jb)
@ FTPDATA_STATE_IN_PROGRESS
void MpmInitCtx(MpmCtx *mpm_ctx, uint8_t matcher)
uint32_t ftp_max_line_len
int ConfGet(const char *name, const char **vptr)
Retrieve the value of a configuration node.
void StreamTcpInitConfig(bool)
To initialize the stream global configuration data.
#define APP_LAYER_INCOMPLETE(c, n)
#define TAILQ_REMOVE(head, elm, field)
void MpmDestroyThreadCtx(MpmThreadCtx *mpm_thread_ctx, const uint16_t matcher)
#define JB_SET_STRING(jb, key, val)
#define TAILQ_FIRST(head)
#define PASS
Pass the test.
#define SCMutexUnlock(mut)
AppLayerStateData state_data
AppLayerParserThreadCtx * alp_tctx
void AppLayerParserRegisterStateFuncs(uint8_t ipproto, AppProto alproto, void *(*StateAlloc)(void *, AppProto), void(*StateFree)(void *))
AppLayerStateData state_data
#define SC_ATOMIC_SUB(name, val)
sub a value from our atomic variable
void FTPParserRegisterTests(void)
void RegisterFTPParsers(void)
void AppLayerParserRegisterProtocolUnittests(uint8_t ipproto, AppProto alproto, void(*RegisterUnittests)(void))
int AppLayerExpectationCreate(Flow *f, int direction, Port src, Port dst, AppProto alproto, void *data)
#define APP_LAYER_PARSER_EOF_TC
uint64_t ftp_config_memcap
void AppLayerRegisterExpectationProto(uint8_t proto, AppProto alproto)
int(* Prepare)(struct MpmCtx_ *)
void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto, int(*StateGetEventInfo)(const char *event_name, int *event_id, AppLayerEventType *event_type))
int FileOpenFileWithId(FileContainer *ffc, const StreamingBufferConfig *sbcfg, uint32_t track_id, const uint8_t *name, uint16_t name_len, const uint8_t *data, uint32_t data_len, uint16_t flags)
Open a new File.
void AppLayerProtoDetectRegisterProtocol(AppProto alproto, const char *alproto_name)
Registers a protocol for protocol detection phase.
struct FtpDataState_ FtpDataState
int FileAppendData(FileContainer *ffc, const StreamingBufferConfig *sbcfg, const uint8_t *data, uint32_t data_len)
Store/handle a chunk of file data in the File structure The last file in the FileContainer will be us...
uint64_t FTPMemcapGlobalCounter(void)
uint32_t(* Search)(const struct MpmCtx_ *, struct MpmThreadCtx_ *, PrefilterRuleStore *, const uint8_t *, uint32_t)
struct FtpInput_ FtpInput
#define SCLogInfo(...)
Macro used to log INFORMATIONAL messages.
void * FlowGetStorageById(const Flow *f, FlowStorageId id)
int AppLayerParserRegisterParser(uint8_t ipproto, AppProto alproto, uint8_t direction, AppLayerParserFPtr Parser)
Register app layer parser for the protocol.
void DetectEngineStateFree(DetectEngineState *state)
Frees a DetectEngineState object.
#define SCRealloc(ptr, sz)
AppLayerParserThreadCtx * AppLayerParserThreadCtxAlloc(void)
Gets a new app layer protocol's parser thread context.
void AppLayerParserRegisterGetTx(uint8_t ipproto, AppProto alproto, void *(StateGetTx)(void *alstate, uint64_t tx_id))
struct AppLayerTxData AppLayerTxData
#define SCReturnStruct(x)
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
void StreamTcpFreeConfig(bool quiet)
int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *alp_tctx, Flow *f, AppProto alproto, uint8_t flags, const uint8_t *input, uint32_t input_len)
uint32_t ftp_config_maxtx
void AppLayerDecoderEventsSetEventRaw(AppLayerDecoderEvents **sevents, uint8_t event)
Set an app layer decoder event.
#define TAILQ_NEXT(elm, field)
void AppLayerParserRegisterStateDataFunc(uint8_t ipproto, AppProto alproto, AppLayerStateData *(*GetStateData)(void *state))
void AppLayerParserRegisterTxDataFunc(uint8_t ipproto, AppProto alproto, AppLayerTxData *(*GetTxData)(void *tx))
void FTPAtExitPrintStats(void)
int ParseSizeStringU32(const char *size, uint32_t *res)
struct SCLogConfig_ SCLogConfig
Holds the config state used by the logging api.
void AppLayerParserRegisterGetTxIterator(uint8_t ipproto, AppProto alproto, AppLayerGetTxIteratorFunc Func)
#define SCLogError(...)
Macro used to log ERROR messages.
void(* DestroyCtx)(struct MpmCtx_ *)
void FlowFreeStorageById(Flow *f, FlowStorageId id)
int FileCloseFile(FileContainer *ffc, const StreamingBufferConfig *sbcfg, const uint8_t *data, uint32_t data_len, uint16_t flags)
Close a File.
void(* Free)(void *ptr, size_t size)
void AppLayerParserRegisterGetEventInfoById(uint8_t ipproto, AppProto alproto, int(*StateGetEventInfoById)(int event_id, const char **event_name, AppLayerEventType *event_type))
bool current_line_truncated_ts
MpmTableElmt mpm_table[MPM_TABLE_SIZE]
void AppLayerParserRegisterGetTxCnt(uint8_t ipproto, AppProto alproto, uint64_t(*StateGetTxCnt)(void *alstate))
void PmqFree(PrefilterRuleStore *pmq)
Cleanup and free a Pmq.
#define SC_ATOMIC_GET(name)
Get the value from the atomic variable.
uint16_t JsonGetNextLineFromBuffer(const char *buffer, const uint16_t len)
uint16_t FileFlowFlagsToFlags(const uint16_t flow_file_flags, uint8_t direction)
struct FTPThreadCtx_ FTPThreadCtx
uint16_t AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag)
AppProto alproto
application level protocol
int MpmAddPatternCI(struct MpmCtx_ *mpm_ctx, uint8_t *pat, uint16_t patlen, uint16_t offset, uint16_t depth, uint32_t pid, SigIntId sid, uint8_t flags)
#define SCMemcmp(a, b, c)
int AppLayerProtoDetectConfProtoDetectionEnabled(const char *ipproto, const char *alproto)
Given a protocol name, checks if proto detection is enabled in the conf file.
MpmThreadCtx * ftp_mpm_thread_ctx
#define DEBUG_VALIDATE_BUG_ON(exp)
int PmqSetup(PrefilterRuleStore *pmq)
Setup a pmq.
void *(* Realloc)(void *ptr, size_t orig_size, size_t size)