#include "app-layer-events.h"
#include "util-file.h"
#include "rust.h"
#include "util-config.h"

Include dependency graph for app-layer-parser.h:

Data Structures
struct	AppLayerGetTxIterState

Macros
#define	APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

#define	APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

#define	APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

#define	APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

#define	APP_LAYER_PARSER_EOF_TS BIT_U16(5)

#define	APP_LAYER_PARSER_EOF_TC BIT_U16(6)

#define	APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

#define	APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

#define	APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

#define	APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

#define	APP_LAYER_TX_SKIP_INSPECT_TS BIT_U8(0)

#define	APP_LAYER_TX_SKIP_INSPECT_TC BIT_U8(1)

#define	APP_LAYER_TX_INSPECTED_TS BIT_U8(2)

#define	APP_LAYER_TX_INSPECTED_TC BIT_U8(3)

#define	APP_LAYER_TX_ACCEPT BIT_U8(4)

#define	APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

#define	APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

#define	APP_LAYER_INCOMPLETE(c, n) (AppLayerResult) { 1, (c), (n) }

Typedefs
typedef struct AppLayerParserThreadCtx_	AppLayerParserThreadCtx

typedef AppLayerResult(*	AppLayerParserFPtr) (Flow f, void protocol_state, AppLayerParserState pstate, StreamSlice stream_slice, void local_storage)
	Prototype for parsing functions. More...

typedef struct AppLayerGetTxIterState	AppLayerGetTxIterState

typedef AppLayerGetTxIterTuple(*	AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState state)
	tx iterator prototype More...

typedef int(*	AppLayerParserGetStateIdByNameFn) (const char *name, const uint8_t direction)

typedef const char (	AppLayerParserGetStateNameByIdFn) (const int id, const uint8_t direction)

typedef int(*	AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

typedef const char (	AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Functions
int	AppLayerParserProtoIsRegistered (uint8_t ipproto, AppProto alproto)

int	AppLayerParserSetup (void)

void	AppLayerParserPostStreamSetup (void)

int	AppLayerParserDeSetup (void)

AppLayerParserThreadCtx *	AppLayerParserThreadCtxAlloc (void)
	Gets a new app layer protocol's parser thread context. More...

void	AppLayerParserThreadCtxFree (AppLayerParserThreadCtx *tctx)
	Destroys the app layer parser thread context obtained using AppLayerParserThreadCtxAlloc(). More...

int	AppLayerParserConfParserEnabled (const char ipproto, const char alproto_name)
	Given a protocol name, checks if the parser is enabled in the conf file. More...

enum ExceptionPolicy	AppLayerErrorGetExceptionPolicy (void)

int	AppLayerParserPreRegister (void(*Register)(void))

int	AppLayerParserRegisterParser (uint8_t ipproto, AppProto alproto, uint8_t direction, AppLayerParserFPtr Parser)
	Register app layer parser for the protocol. More...

void	AppLayerParserRegisterParserAcceptableDataDirection (uint8_t ipproto, AppProto alproto, uint8_t direction)

void	AppLayerParserRegisterOptionFlags (uint8_t ipproto, AppProto alproto, uint32_t flags)

void	AppLayerParserRegisterStateFuncs (uint8_t ipproto, AppProto alproto, void (StateAlloc)(void , AppProto), void(StateFree)(void *))

void	AppLayerParserRegisterLocalStorageFunc (uint8_t ipproto, AppProto proto, void (LocalStorageAlloc)(void), void(LocalStorageFree)(void ))

void	AppLayerParserRegisterGetTxFilesFunc (uint8_t ipproto, AppProto alproto, AppLayerGetFileState(GetTxFiles)(void , uint8_t))

void	AppLayerParserRegisterLogger (uint8_t ipproto, AppProto alproto)

void	AppLayerParserRegisterLoggerBits (uint8_t ipproto, AppProto alproto, LoggerId bits)

void	AppLayerParserRegisterGetStateProgressFunc (uint8_t ipproto, AppProto alproto, int(StateGetStateProgress)(void alstate, uint8_t direction))

void	AppLayerParserRegisterTxFreeFunc (uint8_t ipproto, AppProto alproto, void(StateTransactionFree)(void , uint64_t))

void	AppLayerParserRegisterGetTxCnt (uint8_t ipproto, AppProto alproto, uint64_t(StateGetTxCnt)(void alstate))

void	AppLayerParserRegisterGetTx (uint8_t ipproto, AppProto alproto, void (StateGetTx)(void alstate, uint64_t tx_id))

void	AppLayerParserRegisterGetTxIterator (uint8_t ipproto, AppProto alproto, AppLayerGetTxIteratorFunc Func)

void	AppLayerParserRegisterStateProgressCompletionStatus (AppProto alproto, const int ts, const int tc)

void	AppLayerParserRegisterGetEventInfo (uint8_t ipproto, AppProto alproto, int(StateGetEventInfo)(const char event_name, uint8_t event_id, AppLayerEventType event_type))

void	AppLayerParserRegisterGetEventInfoById (uint8_t ipproto, AppProto alproto, int(StateGetEventInfoById)(uint8_t event_id, const char event_name, AppLayerEventType event_type))

void	AppLayerParserRegisterGetFrameFuncs (uint8_t ipproto, AppProto alproto, AppLayerParserGetFrameIdByNameFn GetFrameIdByName, AppLayerParserGetFrameNameByIdFn GetFrameNameById)

void	AppLayerParserRegisterSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void(SetStreamDepthFlag)(void tx, uint8_t flags))

void	AppLayerParserRegisterGetStateFuncs (uint8_t ipproto, AppProto alproto, AppLayerParserGetStateIdByNameFn GetStateIdByName, AppLayerParserGetStateNameByIdFn GetStateNameById)

void	AppLayerParserRegisterTxDataFunc (uint8_t ipproto, AppProto alproto, AppLayerTxData (GetTxData)(void *tx))

void	AppLayerParserRegisterApplyTxConfigFunc (uint8_t ipproto, AppProto alproto, bool(ApplyTxConfig)(void state, void *tx, int mode, AppLayerTxConfig))

void	AppLayerParserRegisterStateDataFunc (uint8_t ipproto, AppProto alproto, AppLayerStateData (GetStateData)(void *state))

AppLayerGetTxIteratorFunc	AppLayerGetTxIterator (const uint8_t ipproto, const AppProto alproto)

void *	AppLayerParserGetProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto)

void	AppLayerParserDestroyProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto, void *local_data)

uint64_t	AppLayerParserGetTransactionLogId (AppLayerParserState *pstate)

void	AppLayerParserSetTransactionLogId (AppLayerParserState *pstate, uint64_t tx_id)

uint64_t	AppLayerParserGetTransactionInspectId (AppLayerParserState *pstate, uint8_t direction)

void	AppLayerParserSetTransactionInspectId (const Flow f, AppLayerParserState pstate, void *alstate, const uint8_t flags, bool tag_txs_as_inspected)

AppLayerDecoderEvents *	AppLayerParserGetDecoderEvents (AppLayerParserState *pstate)

AppLayerDecoderEvents *	AppLayerParserGetEventsByTx (uint8_t ipproto, AppProto alproto, void *tx)

AppLayerGetFileState	AppLayerParserGetTxFiles (const Flow f, void tx, const uint8_t direction)

int	AppLayerParserGetStateProgress (uint8_t ipproto, AppProto alproto, void *alstate, uint8_t direction)
	get the progress value for a tx/protocol More...

uint64_t	AppLayerParserGetTxCnt (const Flow , void alstate)

void *	AppLayerParserGetTx (uint8_t ipproto, AppProto alproto, void *alstate, uint64_t tx_id)

int	AppLayerParserGetStateProgressCompletionStatus (AppProto alproto, uint8_t direction)

int	AppLayerParserGetEventInfo (uint8_t ipproto, AppProto alproto, const char event_name, uint8_t event_id, AppLayerEventType *event_type)

int	AppLayerParserGetEventInfoById (uint8_t ipproto, AppProto alproto, uint8_t event_id, const char *event_name, AppLayerEventType event_type)

uint64_t	AppLayerParserGetTransactionActive (const Flow f, AppLayerParserState pstate, uint8_t direction)

uint8_t	AppLayerParserGetFirstDataDir (uint8_t ipproto, AppProto alproto)

bool	AppLayerParserSupportsFiles (uint8_t ipproto, AppProto alproto)

AppLayerTxData *	AppLayerParserGetTxData (uint8_t ipproto, AppProto alproto, void *tx)

uint8_t	AppLayerParserGetTxDetectProgress (AppLayerTxData *txd, const uint8_t dir)

AppLayerStateData *	AppLayerParserGetStateData (uint8_t ipproto, AppProto alproto, void *state)

void	AppLayerParserApplyTxConfig (uint8_t ipproto, AppProto alproto, void state, void tx, enum ConfigAction mode, AppLayerTxConfig)

int	AppLayerParserParse (ThreadVars tv, AppLayerParserThreadCtx tctx, Flow f, AppProto alproto, uint8_t flags, const uint8_t input, uint32_t input_len)

void	AppLayerParserSetEOF (AppLayerParserState *pstate)

bool	AppLayerParserHasDecoderEvents (AppLayerParserState *pstate)

int	AppLayerParserProtocolHasLogger (uint8_t ipproto, AppProto alproto)

LoggerId	AppLayerParserProtocolGetLoggerBits (uint8_t ipproto, AppProto alproto)

void	AppLayerParserTriggerRawStreamInspection (Flow *f, int direction)

void	AppLayerParserSetStreamDepth (uint8_t ipproto, AppProto alproto, uint32_t stream_depth)

uint32_t	AppLayerParserGetStreamDepth (const Flow *f)

void	AppLayerParserSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void *state, uint64_t tx_id, uint8_t flags)

int	AppLayerParserIsEnabled (AppProto alproto)
	simple way to globally test if a alproto is registered and fully enabled in the configuration. More...

int	AppLayerParserGetFrameIdByName (uint8_t ipproto, AppProto alproto, const char *name)

const char *	AppLayerParserGetFrameNameById (uint8_t ipproto, AppProto alproto, const uint8_t id)

int	AppLayerParserGetStateIdByName (uint8_t ipproto, AppProto alproto, const char *name, uint8_t direction)

const char *	AppLayerParserGetStateNameById (uint8_t ipproto, AppProto alproto, const int id, uint8_t direction)

void	AppLayerParserStateProtoCleanup (uint8_t protomap, AppProto alproto, void alstate, AppLayerParserState pstate)

void	AppLayerParserStateCleanup (const Flow f, void alstate, AppLayerParserState *pstate)

void	AppLayerParserRegisterProtocolParsers (void)

void	AppLayerParserStateSetFlag (AppLayerParserState *pstate, uint16_t flag)

uint16_t	AppLayerParserStateIssetFlag (AppLayerParserState *pstate, uint16_t flag)

AppLayerParserState *	AppLayerParserStateAlloc (void)

void	AppLayerParserStateFree (AppLayerParserState *pstate)

void	AppLayerParserTransactionsCleanup (Flow *f, const uint8_t pkt_dir)
	remove obsolete (inspected and logged) transactions More...

void	AppLayerParserRegisterProtocolUnittests (uint8_t ipproto, AppProto alproto, void(*RegisterUnittests)(void))

void	AppLayerParserRegisterUnittests (void)

void	UTHAppLayerParserStateGetIds (void ptr, uint64_t i1, uint64_t i2, uint64_t log, uint64_t *min)

void	AppLayerFramesFreeContainer (Flow *f)

void	FileApplyTxFlags (const AppLayerTxData txd, const uint8_t direction, File file)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t; Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-parser.h.

Macro Definition Documentation

◆ APP_LAYER_ERROR

#define APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

parser has hit an unrecoverable error. Returning this to the API leads to no further calls to the parser.

Definition at line 68 of file app-layer-parser.h.

◆ APP_LAYER_INCOMPLETE

#define APP_LAYER_INCOMPLETE	(	c,
		n
	)	(AppLayerResult) { 1, (c), (n) }

parser needs more data. Through 'c' it will indicate how many of the input bytes it has consumed. Through 'n' it will indicate how many more bytes it needs before getting called again.

Note: consumed (c) should never be more than the input len needed (n) + consumed (c) should be more than the input len

Definition at line 76 of file app-layer-parser.h.

◆ APP_LAYER_OK

#define APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

parser has successfully processed in the input, and has consumed all of it.

Definition at line 64 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_BYPASS_READY

#define APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

Definition at line 39 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TC

#define APP_LAYER_PARSER_EOF_TC BIT_U16(6)

Definition at line 41 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TS

#define APP_LAYER_PARSER_EOF_TS BIT_U16(5)

Definition at line 40 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_INT_STREAM_DEPTH_SET

#define APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

Definition at line 49 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION

#define APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

Definition at line 36 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD

#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

Definition at line 38 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_REASSEMBLY

#define APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

Definition at line 37 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_OPT_ACCEPT_GAPS

#define APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

Definition at line 47 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TC

#define APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

Definition at line 44 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TS

#define APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

Definition at line 43 of file app-layer-parser.h.

◆ APP_LAYER_TX_ACCEPT

#define APP_LAYER_TX_ACCEPT BIT_U8(4)

accept is applied to entire tx

Definition at line 60 of file app-layer-parser.h.

◆ APP_LAYER_TX_INSPECTED_TC

#define APP_LAYER_TX_INSPECTED_TC BIT_U8(3)

Definition at line 58 of file app-layer-parser.h.

◆ APP_LAYER_TX_INSPECTED_TS

#define APP_LAYER_TX_INSPECTED_TS BIT_U8(2)

is tx fully inspected?

Definition at line 57 of file app-layer-parser.h.

◆ APP_LAYER_TX_SKIP_INSPECT_TC

#define APP_LAYER_TX_SKIP_INSPECT_TC BIT_U8(1)

Definition at line 55 of file app-layer-parser.h.

◆ APP_LAYER_TX_SKIP_INSPECT_TS

#define APP_LAYER_TX_SKIP_INSPECT_TS BIT_U8(0)

should inspection be skipped in that direction

Definition at line 54 of file app-layer-parser.h.

Typedef Documentation

◆ AppLayerGetTxIteratorFunc

typedef AppLayerGetTxIterTuple(* AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void *alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState *state)

tx iterator prototype

Definition at line 129 of file app-layer-parser.h.

◆ AppLayerGetTxIterState

typedef struct AppLayerGetTxIterState AppLayerGetTxIterState

◆ AppLayerParserFPtr

typedef AppLayerResult(* AppLayerParserFPtr) (Flow *f, void *protocol_state, AppLayerParserState *pstate, StreamSlice stream_slice, void *local_storage)

Prototype for parsing functions.

Definition at line 118 of file app-layer-parser.h.

◆ AppLayerParserGetFrameIdByNameFn

typedef int(* AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

Definition at line 147 of file app-layer-parser.h.

◆ AppLayerParserGetFrameNameByIdFn

typedef const char*(* AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Definition at line 148 of file app-layer-parser.h.

◆ AppLayerParserGetStateIdByNameFn

typedef int(* AppLayerParserGetStateIdByNameFn) (const char *name, const uint8_t direction)

Parameters

name	progress name to get the id for
direction	STREAM_TOSERVER/STREAM_TOCLIENT

Definition at line 140 of file app-layer-parser.h.

◆ AppLayerParserGetStateNameByIdFn

typedef const char*(* AppLayerParserGetStateNameByIdFn) (const int id, const uint8_t direction)

Parameters

id	progress value id to get the name for
direction	STREAM_TOSERVER/STREAM_TOCLIENT

Definition at line 145 of file app-layer-parser.h.

◆ AppLayerParserThreadCtx

typedef struct AppLayerParserThreadCtx_ AppLayerParserThreadCtx

Definition at line 83 of file app-layer-parser.h.

Function Documentation

◆ AppLayerErrorGetExceptionPolicy()

enum ExceptionPolicy AppLayerErrorGetExceptionPolicy ( void )

Definition at line 155 of file app-layer-parser.c.

◆ AppLayerFramesFreeContainer()

void AppLayerFramesFreeContainer ( Flow * f )

Definition at line 174 of file app-layer-parser.c.

References Flow_::alparser, and AppLayerParserState_::frames.

◆ AppLayerGetTxIterator()

AppLayerGetTxIteratorFunc AppLayerGetTxIterator	(	const uint8_t	ipproto,
		const AppProto	alproto
	)

Definition at line 706 of file app-layer-parser.c.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserApplyTxConfig()

void AppLayerParserApplyTxConfig	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		void *	tx,
		enum ConfigAction	mode,
		AppLayerTxConfig
	)

Definition at line 1200 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserConfParserEnabled()

int AppLayerParserConfParserEnabled	(	const char *	ipproto,
		const char *	alproto_name
	)

Given a protocol name, checks if the parser is enabled in the conf file.

Parameters

alproto_name Name of the app layer protocol.

Return values

1	If enabled.
0	If disabled.

Given a protocol name, checks if the parser is enabled in the conf file.

Definition at line 343 of file app-layer-parser.c.

References FatalError, RunmodeIsUnittests(), SCConfGetNode(), SCConfValIsFalse(), SCConfValIsTrue(), SCEnter, SCLogDebug, SCLogError, SCReturnInt, and SCConfNode_::val.

Referenced by HTPFreeConfig().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserDeSetup()

int AppLayerParserDeSetup ( void )

Definition at line 283 of file app-layer-parser.c.

References SCEnter, and SCFree.

Referenced by AppLayerDeSetup().

Here is the caller graph for this function:

◆ AppLayerParserDestroyProtocolParserLocalStorage()

void AppLayerParserDestroyProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	local_data
	)

Definition at line 659 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxFree().

Here is the caller graph for this function:

◆ AppLayerParserGetDecoderEvents()

AppLayerDecoderEvents* AppLayerParserGetDecoderEvents ( AppLayerParserState * pstate )

Definition at line 848 of file app-layer-parser.c.

References AppLayerParserState_::decoder_events, SCEnter, and SCReturnPtr.

Referenced by AppLayerParserHasDecoderEvents().

Here is the caller graph for this function:

◆ AppLayerParserGetEventInfo()

int AppLayerParserGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	event_name,
		uint8_t *	event_id,
		AppLayerEventType *	event_type
	)

Definition at line 1123 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventInfoById()

int AppLayerParserGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	event_id,
		const char **	event_name,
		AppLayerEventType *	event_type
	)

Definition at line 1135 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventsByTx()

AppLayerDecoderEvents* AppLayerParserGetEventsByTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 856 of file app-layer-parser.c.

References AppLayerParserGetTxData(), AppLayerDecoderEvents_::events, SCEnter, and SCReturnPtr.

Here is the call graph for this function:

◆ AppLayerParserGetFirstDataDir()

uint8_t AppLayerParserGetFirstDataDir	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1148 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetFrameIdByName()

int AppLayerParserGetFrameIdByName	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	name
	)

Definition at line 1626 of file app-layer-parser.c.

◆ AppLayerParserGetFrameNameById()

const char* AppLayerParserGetFrameNameById	(	uint8_t	ipproto,
		AppProto	alproto,
		const uint8_t	id
	)

Definition at line 1635 of file app-layer-parser.c.

Referenced by DetectRunFrameInspectRule(), and FrameJsonLogOneFrame().

Here is the caller graph for this function:

◆ AppLayerParserGetProtocolParserLocalStorage()

void* AppLayerParserGetProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 647 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxAlloc().

Here is the caller graph for this function:

◆ AppLayerParserGetStateData()

AppLayerStateData* AppLayerParserGetStateData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state
	)

Definition at line 1189 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetStateIdByName()

int AppLayerParserGetStateIdByName	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	name,
		const uint8_t	direction
	)

Parameters

name	progress name to get the id for
direction	STREAM_TOSERVER/STREAM_TOCLIENT
id	progress value id to get the name for
direction	STREAM_TOSERVER/STREAM_TOCLIENT

Definition at line 1601 of file app-layer-parser.c.

◆ AppLayerParserGetStateNameById()

const char* AppLayerParserGetStateNameById	(	uint8_t	ipproto,
		AppProto	alproto,
		const int	id,
		const uint8_t	direction
	)

Parameters

id	progress value id to get the name for
direction	STREAM_TOSERVER/STREAM_TOCLIENT

Definition at line 1616 of file app-layer-parser.c.

Referenced by DetectRegisterAppLayerHookLists(), DetectRunPrefilterTx(), and ListAppLayerHooks().

Here is the caller graph for this function:

◆ AppLayerParserGetStateProgress()

int AppLayerParserGetStateProgress	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint8_t	flags
	)

get the progress value for a tx/protocol

If the stream is disrupted, we return the 'completion' value.

Definition at line 1086 of file app-layer-parser.c.

References flags, IS_DISRUPTED, SCEnter, and unlikely.

Referenced by AppLayerParserSetTransactionInspectId(), DetectEngineInspectBufferGeneric(), DetectEngineInspectBufferSingle(), DetectEngineInspectFiledata(), and DetectEngineInspectMultiBufferGeneric().

Here is the caller graph for this function:

◆ AppLayerParserGetStateProgressCompletionStatus()

int AppLayerParserGetStateProgressCompletionStatus	(	AppProto	alproto,
		uint8_t	direction
	)

Definition at line 1115 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId(), DetectRegisterAppLayerHookLists(), and ListAppLayerHooks().

Here is the caller graph for this function:

◆ AppLayerParserGetStreamDepth()

uint32_t AppLayerParserGetStreamDepth ( const Flow * f )

Definition at line 1578 of file app-layer-parser.c.

References SCReturnInt.

◆ AppLayerParserGetTransactionActive()

uint64_t AppLayerParserGetTransactionActive	(	const Flow *	f,
		AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 1155 of file app-layer-parser.c.

References AppLayerParserState_::inspect_id, AppLayerParserState_::log_id, and SCEnter.

Referenced by FlowNeedsReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionInspectId()

uint64_t AppLayerParserGetTransactionInspectId	(	AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 731 of file app-layer-parser.c.

References DEBUG_VALIDATE_BUG_ON, AppLayerParserState_::inspect_id, SCEnter, and SCReturnCT.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionLogId()

uint64_t AppLayerParserGetTransactionLogId ( AppLayerParserState * pstate )

Definition at line 714 of file app-layer-parser.c.

References AppLayerParserState_::log_id, SCEnter, and SCReturnCT.

◆ AppLayerParserGetTx()

void* AppLayerParserGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint64_t	tx_id
	)

Definition at line 1108 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetStreamDepthFlag(), and LuaExtensionsMatchSetup().

Here is the caller graph for this function:

◆ AppLayerParserGetTxCnt()

uint64_t AppLayerParserGetTxCnt	(	const Flow *	,
		void *	alstate
	)

Definition at line 1101 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId(), and FlowNeedsReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTxData()

AppLayerTxData* AppLayerParserGetTxData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 1182 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserGetEventsByTx(), AppLayerParserSetTransactionInspectId(), and DetectRunStoreStateTx().

Here is the caller graph for this function:

◆ AppLayerParserGetTxDetectProgress()

uint8_t AppLayerParserGetTxDetectProgress	(	AppLayerTxData *	txd,
		const uint8_t	dir
	)

inline

Definition at line 742 of file app-layer-parser.c.

◆ AppLayerParserGetTxFiles()

AppLayerGetFileState AppLayerParserGetTxFiles	(	const Flow *	f,
		void *	tx,
		const uint8_t	direction
	)

Definition at line 872 of file app-layer-parser.c.

References SCEnter.

Referenced by DetectEngineInspectFiledata(), and DetectFileInspectGeneric().

Here is the caller graph for this function:

◆ AppLayerParserHasDecoderEvents()

bool AppLayerParserHasDecoderEvents ( AppLayerParserState * pstate )

Definition at line 1512 of file app-layer-parser.c.

References AppLayerParserGetDecoderEvents(), AppLayerDecoderEvents_::cnt, AppLayerParserState_::decoder_events, and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserIsEnabled()

int AppLayerParserIsEnabled ( AppProto alproto )

simple way to globally test if a alproto is registered and fully enabled in the configuration.

Definition at line 1530 of file app-layer-parser.c.

References FLOW_PROTO_APPLAYER_MAX.

◆ AppLayerParserParse()

int AppLayerParserParse	(	ThreadVars *	tv,
		AppLayerParserThreadCtx *	alp_tctx,
		Flow *	f,
		AppProto	alproto,
		uint8_t	flags,
		const uint8_t *	input,
		uint32_t	input_len
	)

Return values

int	-1 in case of unrecoverable error. App-layer tracking stops for this flow.
int	0 ok: we did not update app_progress
int	1 ok: we updated app_progress

Definition at line 1290 of file app-layer-parser.c.

References Flow_::alparser, BUG_ON, FlowGetProtoMapping(), Flow_::proto, Flow_::protomap, and SCEnter.

Referenced by LLVMFuzzerTestOneInput().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserPostStreamSetup()

void AppLayerParserPostStreamSetup ( void )

Definition at line 270 of file app-layer-parser.c.

References FLOW_PROTO_DEFAULT, and g_alproto_max.

Referenced by PreRunInit().

Here is the caller graph for this function:

◆ AppLayerParserPreRegister()

int AppLayerParserPreRegister ( void(*)(void) Register )

Definition at line 1752 of file app-layer-parser.c.

◆ AppLayerParserProtocolGetLoggerBits()

LoggerId AppLayerParserProtocolGetLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1548 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtocolHasLogger()

int AppLayerParserProtocolHasLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1540 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtoIsRegistered()

int AppLayerParserProtoIsRegistered	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 226 of file app-layer-parser.c.

References FlowGetProtoMapping().

Here is the call graph for this function:

◆ AppLayerParserRegisterApplyTxConfigFunc()

void AppLayerParserRegisterApplyTxConfigFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		bool()(void state, void *tx, int mode, AppLayerTxConfig)	ApplyTxConfig
	)

Definition at line 625 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfo()

void AppLayerParserRegisterGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(const char event_name, uint8_t event_id, AppLayerEventType event_type)	StateGetEventInfo
	)

Definition at line 594 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfoById()

void AppLayerParserRegisterGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(uint8_t event_id, const char event_name, AppLayerEventType event_type)	StateGetEventInfoById
	)

Definition at line 562 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetFrameFuncs()

void AppLayerParserRegisterGetFrameFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerParserGetFrameIdByNameFn	GetFrameIdByName,
		AppLayerParserGetFrameNameByIdFn	GetFrameNameById
	)

Definition at line 584 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetStateFuncs()

void AppLayerParserRegisterGetStateFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerParserGetStateIdByNameFn	GetStateIdByName,
		AppLayerParserGetStateNameByIdFn	GetStateNameById
	)

Definition at line 574 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetStateProgressFunc()

void AppLayerParserRegisterGetStateProgressFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(void alstate, uint8_t direction)	StateGetStateProgress
	)

Definition at line 499 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTx()

void AppLayerParserRegisterGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	StateGetTx)(void *alstate, uint64_t tx_id
	)

Definition at line 529 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxCnt()

void AppLayerParserRegisterGetTxCnt	(	uint8_t	ipproto,
		AppProto	alproto,
		uint64_t()(void alstate)	StateGetTxCnt
	)

Definition at line 519 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxFilesFunc()

void AppLayerParserRegisterGetTxFilesFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetFileState()(void , uint8_t)	GetTxFiles
	)

Definition at line 471 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxIterator()

void AppLayerParserRegisterGetTxIterator	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetTxIteratorFunc	Func
	)

Definition at line 539 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLocalStorageFunc()

void AppLayerParserRegisterLocalStorageFunc	(	uint8_t	ipproto,
		AppProto	proto,
		void ()(void)	LocalStorageAlloc,
		void()(void )	LocalStorageFree
	)

Definition at line 459 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLogger()

void AppLayerParserRegisterLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 490 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLoggerBits()

void AppLayerParserRegisterLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto,
		LoggerId	bits
	)

Definition at line 481 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterOptionFlags()

void AppLayerParserRegisterOptionFlags	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	flags
	)

Definition at line 424 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParser()

int AppLayerParserRegisterParser	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction,
		AppLayerParserFPtr	Parser
	)

Register app layer parser for the protocol.

Return values

0	On success.
-1	On failure.

Definition at line 401 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParserAcceptableDataDirection()

void AppLayerParserRegisterParserAcceptableDataDirection	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction
	)

Definition at line 413 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterProtocolParsers()

void AppLayerParserRegisterProtocolParsers ( void )

Definition at line 1768 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterProtocolUnittests()

void AppLayerParserRegisterProtocolUnittests	(	uint8_t	ipproto,
		AppProto	alproto,
		void(*)(void)	RegisterUnittests
	)

Definition at line 1840 of file app-layer-parser.c.

Referenced by RegisterIKEParsers(), and RegisterModbusParsers().

Here is the caller graph for this function:

◆ AppLayerParserRegisterSetStreamDepthFlag()

void AppLayerParserRegisterSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void tx, uint8_t flags)	SetStreamDepthFlag
	)

Definition at line 635 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateDataFunc()

void AppLayerParserRegisterStateDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerStateData ()(void *state)	GetStateData
	)

Definition at line 615 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateFuncs()

void AppLayerParserRegisterStateFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		void ()(void *, AppProto)	StateAlloc,
		void()(void )	StateFree
	)

Definition at line 434 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateProgressCompletionStatus()

void AppLayerParserRegisterStateProgressCompletionStatus	(	AppProto	alproto,
		const int	ts,
		const int	tc
	)

Definition at line 547 of file app-layer-parser.c.

References BUG_ON, and ts.

◆ AppLayerParserRegisterTxDataFunc()

void AppLayerParserRegisterTxDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerTxData ()(void *tx)	GetTxData
	)

Definition at line 605 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterTxFreeFunc()

void AppLayerParserRegisterTxFreeFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void , uint64_t)	StateTransactionFree
	)

Definition at line 509 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterUnittests()

void AppLayerParserRegisterUnittests ( void )

Definition at line 1848 of file app-layer-parser.c.

References ctx, FLOW_PROTO_DEFAULT, g_alproto_max, and SCEnter.

◆ AppLayerParserSetEOF()

void AppLayerParserSetEOF ( AppLayerParserState * pstate )

Definition at line 1496 of file app-layer-parser.c.

References APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, AppLayerParserStateSetFlag(), SCEnter, SCLogDebug, and SCReturn.

Here is the call graph for this function:

◆ AppLayerParserSetStreamDepth()

void AppLayerParserSetStreamDepth	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	stream_depth
	)

Definition at line 1567 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserSetStreamDepthFlag()

void AppLayerParserSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		uint64_t	tx_id,
		uint8_t	flags
	)

Definition at line 1583 of file app-layer-parser.c.

References AppLayerParserGetTx(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserSetTransactionInspectId()

void AppLayerParserSetTransactionInspectId	(	const Flow *	f,
		AppLayerParserState *	pstate,
		void *	alstate,
		const uint8_t	flags,
		bool	tag_txs_as_inspected
	)