suricata
|
#include "suricata-common.h"
#include "conf.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-htp-xff.h"
#include "util-memrchr.h"
#include "util-misc.h"
#include "util-unittest.h"
Go to the source code of this file.
Macros | |
#define | XFF_CHAIN_MINLEN 7 |
#define | XFF_CHAIN_MAXLEN 256 |
#define | XFF_DEFAULT "X-Forwarded-For" |
Functions | |
int | HttpXFFGetIPFromTx (const Flow *f, uint64_t tx_id, HttpXFFCfg *xff_cfg, char *dstbuf, int dstbuflen) |
Function to return XFF IP if any in the selected transaction. The caller needs to lock the flow. More... | |
int | HttpXFFGetIP (const Flow *f, HttpXFFCfg *xff_cfg, char *dstbuf, int dstbuflen) |
Function to return XFF IP if any. The caller needs to lock the flow. More... | |
void | HttpXFFGetCfg (ConfNode *conf, HttpXFFCfg *result) |
Function to return XFF configuration from a configuration node. More... | |
void | HTPXFFParserRegisterTests (void) |
Definition in file app-layer-htp-xff.c.
#define XFF_CHAIN_MAXLEN 256 |
XFF header value maximum length
Definition at line 43 of file app-layer-htp-xff.c.
#define XFF_CHAIN_MINLEN 7 |
XFF header value minimal length
Definition at line 41 of file app-layer-htp-xff.c.
#define XFF_DEFAULT "X-Forwarded-For" |
Default XFF header name
Definition at line 45 of file app-layer-htp-xff.c.
void HTPXFFParserRegisterTests | ( | void | ) |
Definition at line 336 of file app-layer-htp-xff.c.
References UtRegisterTest().
void HttpXFFGetCfg | ( | ConfNode * | conf, |
HttpXFFCfg * | result | ||
) |
Function to return XFF configuration from a configuration node.
Definition at line 205 of file app-layer-htp-xff.c.
References BUG_ON, ConfNodeChildValueIsTrue(), ConfNodeLookupChild(), ConfNodeLookupChildValue(), HttpXFFCfg_::flags, HttpXFFCfg_::header, SCLogWarning, XFF_DEFAULT, XFF_DISABLED, XFF_EXTRADATA, XFF_FORWARD, XFF_OVERWRITE, and XFF_REVERSE.
int HttpXFFGetIP | ( | const Flow * | f, |
HttpXFFCfg * | xff_cfg, | ||
char * | dstbuf, | ||
int | dstbuflen | ||
) |
Function to return XFF IP if any. The caller needs to lock the flow.
1 | if the IP has been found and returned in dstbuf |
0 | if the IP has not being found or error |
Definition at line 180 of file app-layer-htp-xff.c.
int HttpXFFGetIPFromTx | ( | const Flow * | f, |
uint64_t | tx_id, | ||
HttpXFFCfg * | xff_cfg, | ||
char * | dstbuf, | ||
int | dstbuflen | ||
) |
Function to return XFF IP if any in the selected transaction. The caller needs to lock the flow.
1 | if the IP has been found and returned in dstbuf |
0 | if the IP has not being found or error |
Get the last IP address from the chain
Get the first IP address from the chain
Definition at line 116 of file app-layer-htp-xff.c.
References XFF_CHAIN_MAXLEN.