suricata
Macros | Functions
app-layer-htp-xff.c File Reference
#include "suricata-common.h"
#include "conf.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-htp-libhtp.h"
#include "app-layer-htp-xff.h"
#include "util-memrchr.h"
#include "util-misc.h"
#include "util-unittest.h"
Include dependency graph for app-layer-htp-xff.c:

Go to the source code of this file.

Macros

#define XFF_CHAIN_MINLEN   7
 
#define XFF_CHAIN_MAXLEN   256
 
#define XFF_DEFAULT   "X-Forwarded-For"
 

Functions

int HttpXFFGetIPFromTx (const Flow *f, uint64_t tx_id, HttpXFFCfg *xff_cfg, char *dstbuf, int dstbuflen)
 Function to return XFF IP if any in the selected transaction. The caller needs to lock the flow. More...
 
int HttpXFFGetIP (const Flow *f, HttpXFFCfg *xff_cfg, char *dstbuf, int dstbuflen)
 Function to return XFF IP if any. The caller needs to lock the flow. More...
 
void HttpXFFGetCfg (ConfNode *conf, HttpXFFCfg *result)
 Function to return XFF configuration from a configuration node. More...
 
void HTPXFFParserRegisterTests (void)
 

Detailed Description

Author
Ignacio Sanchez sanch.nosp@m.ezma.nosp@m.rtin..nosp@m.ji@g.nosp@m.mail..nosp@m.com
Duarte Silva duart.nosp@m.e.si.nosp@m.lva@s.nosp@m.eria.nosp@m.lizin.nosp@m.g.me

Definition in file app-layer-htp-xff.c.

Macro Definition Documentation

◆ XFF_CHAIN_MAXLEN

#define XFF_CHAIN_MAXLEN   256

XFF header value maximum length

Definition at line 44 of file app-layer-htp-xff.c.

◆ XFF_CHAIN_MINLEN

#define XFF_CHAIN_MINLEN   7

XFF header value minimal length

Definition at line 42 of file app-layer-htp-xff.c.

◆ XFF_DEFAULT

#define XFF_DEFAULT   "X-Forwarded-For"

Default XFF header name

Definition at line 46 of file app-layer-htp-xff.c.

Function Documentation

◆ HTPXFFParserRegisterTests()

void HTPXFFParserRegisterTests ( void  )

Definition at line 337 of file app-layer-htp-xff.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ HttpXFFGetCfg()

void HttpXFFGetCfg ( ConfNode conf,
HttpXFFCfg result 
)

Function to return XFF configuration from a configuration node.

Definition at line 206 of file app-layer-htp-xff.c.

References BUG_ON, ConfNodeChildValueIsTrue(), ConfNodeLookupChild(), ConfNodeLookupChildValue(), HttpXFFCfg_::flags, HttpXFFCfg_::header, SCLogWarning, XFF_DEFAULT, XFF_DISABLED, XFF_EXTRADATA, XFF_FORWARD, XFF_OVERWRITE, and XFF_REVERSE.

Here is the call graph for this function:

◆ HttpXFFGetIP()

int HttpXFFGetIP ( const Flow f,
HttpXFFCfg xff_cfg,
char *  dstbuf,
int  dstbuflen 
)

Function to return XFF IP if any. The caller needs to lock the flow.

Return values
1if the IP has been found and returned in dstbuf
0if the IP has not being found or error

Definition at line 181 of file app-layer-htp-xff.c.

◆ HttpXFFGetIPFromTx()

int HttpXFFGetIPFromTx ( const Flow f,
uint64_t  tx_id,
HttpXFFCfg xff_cfg,
char *  dstbuf,
int  dstbuflen 
)

Function to return XFF IP if any in the selected transaction. The caller needs to lock the flow.

Return values
1if the IP has been found and returned in dstbuf
0if the IP has not being found or error

Get the last IP address from the chain

Get the first IP address from the chain

Definition at line 117 of file app-layer-htp-xff.c.

References XFF_CHAIN_MAXLEN.