#include "app-layer-events.h"
#include "util-file.h"
#include "rust.h"
#include "util-config.h"

Include dependency graph for app-layer-parser.h:

Data Structures
struct	AppLayerGetTxIterState

Macros
#define	APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

#define	APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

#define	APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

#define	APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

#define	APP_LAYER_PARSER_EOF_TS BIT_U16(5)

#define	APP_LAYER_PARSER_EOF_TC BIT_U16(6)

#define	APP_LAYER_PARSER_TRUNC_TS BIT_U16(7)

#define	APP_LAYER_PARSER_TRUNC_TC BIT_U16(8)

#define	APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

#define	APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

#define	APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

#define	APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

#define	APP_LAYER_TX_RESERVED1_FLAG BIT_U64(48)

#define	APP_LAYER_TX_RESERVED2_FLAG BIT_U64(49)

#define	APP_LAYER_TX_RESERVED3_FLAG BIT_U64(50)

#define	APP_LAYER_TX_RESERVED4_FLAG BIT_U64(51)

#define	APP_LAYER_TX_RESERVED5_FLAG BIT_U64(52)

#define	APP_LAYER_TX_RESERVED6_FLAG BIT_U64(53)

#define	APP_LAYER_TX_RESERVED7_FLAG BIT_U64(54)

#define	APP_LAYER_TX_RESERVED8_FLAG BIT_U64(55)

#define	APP_LAYER_TX_RESERVED9_FLAG BIT_U64(56)

#define	APP_LAYER_TX_RESERVED10_FLAG BIT_U64(57)

#define	APP_LAYER_TX_RESERVED11_FLAG BIT_U64(58)

#define	APP_LAYER_TX_RESERVED12_FLAG BIT_U64(59)

#define	APP_LAYER_TX_RESERVED13_FLAG BIT_U64(60)

#define	APP_LAYER_TX_RESERVED14_FLAG BIT_U64(61)

#define	APP_LAYER_TX_RESERVED_FLAGS

#define	APP_LAYER_TX_SKIP_INSPECT_FLAG BIT_U64(62)

#define	APP_LAYER_TX_INSPECTED_FLAG BIT_U64(63)

#define	APP_LAYER_TX_PREFILTER_MASK ~(APP_LAYER_TX_INSPECTED_FLAG \| APP_LAYER_TX_RESERVED_FLAGS)

#define	APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

#define	APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

#define	APP_LAYER_INCOMPLETE(c, n) (AppLayerResult) { 1, (c), (n) }

Typedefs
typedef struct AppLayerParserThreadCtx_	AppLayerParserThreadCtx

typedef AppLayerResult(*	AppLayerParserFPtr) (Flow f, void protocol_state, AppLayerParserState pstate, StreamSlice stream_slice, void local_storage)
	Prototype for parsing functions. More...

typedef struct AppLayerGetTxIterState	AppLayerGetTxIterState

typedef AppLayerGetTxIterTuple(*	AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState state)
	tx iterator prototype More...

typedef int(*	AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

typedef const char (	AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Functions
int	AppLayerParserProtoIsRegistered (uint8_t ipproto, AppProto alproto)

int	AppLayerParserSetup (void)

void	AppLayerParserPostStreamSetup (void)

int	AppLayerParserDeSetup (void)

AppLayerParserThreadCtx *	AppLayerParserThreadCtxAlloc (void)
	Gets a new app layer protocol's parser thread context. More...

void	AppLayerParserThreadCtxFree (AppLayerParserThreadCtx *tctx)
	Destroys the app layer parser thread context obtained using AppLayerParserThreadCtxAlloc(). More...

int	AppLayerParserConfParserEnabled (const char ipproto, const char alproto_name)
	Given a protocol name, checks if the parser is enabled in the conf file. More...

int	AppLayerParserRegisterParser (uint8_t ipproto, AppProto alproto, uint8_t direction, AppLayerParserFPtr Parser)
	Register app layer parser for the protocol. More...

void	AppLayerParserRegisterParserAcceptableDataDirection (uint8_t ipproto, AppProto alproto, uint8_t direction)

void	AppLayerParserRegisterOptionFlags (uint8_t ipproto, AppProto alproto, uint32_t flags)

void	AppLayerParserRegisterStateFuncs (uint8_t ipproto, AppProto alproto, void (StateAlloc)(void , AppProto), void(StateFree)(void *))

void	AppLayerParserRegisterLocalStorageFunc (uint8_t ipproto, AppProto proto, void (LocalStorageAlloc)(void), void(LocalStorageFree)(void ))

void	AppLayerParserRegisterGetTxFilesFunc (uint8_t ipproto, AppProto alproto, AppLayerGetFileState(GetTxFiles)(void , void *, uint8_t))

void	AppLayerParserRegisterLogger (uint8_t ipproto, AppProto alproto)

void	AppLayerParserRegisterLoggerBits (uint8_t ipproto, AppProto alproto, LoggerId bits)

void	AppLayerParserRegisterTruncateFunc (uint8_t ipproto, AppProto alproto, void(Truncate)(void , uint8_t))

void	AppLayerParserRegisterGetStateProgressFunc (uint8_t ipproto, AppProto alproto, int(StateGetStateProgress)(void alstate, uint8_t direction))

void	AppLayerParserRegisterTxFreeFunc (uint8_t ipproto, AppProto alproto, void(StateTransactionFree)(void , uint64_t))

void	AppLayerParserRegisterGetTxCnt (uint8_t ipproto, AppProto alproto, uint64_t(StateGetTxCnt)(void alstate))

void	AppLayerParserRegisterGetTx (uint8_t ipproto, AppProto alproto, void (StateGetTx)(void alstate, uint64_t tx_id))

void	AppLayerParserRegisterGetTxIterator (uint8_t ipproto, AppProto alproto, AppLayerGetTxIteratorFunc Func)

void	AppLayerParserRegisterStateProgressCompletionStatus (AppProto alproto, const int ts, const int tc)

void	AppLayerParserRegisterGetEventInfo (uint8_t ipproto, AppProto alproto, int(StateGetEventInfo)(const char event_name, int event_id, AppLayerEventType event_type))

void	AppLayerParserRegisterGetEventInfoById (uint8_t ipproto, AppProto alproto, int(StateGetEventInfoById)(int event_id, const char event_name, AppLayerEventType event_type))

void	AppLayerParserRegisterGetFrameFuncs (uint8_t ipproto, AppProto alproto, AppLayerParserGetFrameIdByNameFn GetFrameIdByName, AppLayerParserGetFrameNameByIdFn GetFrameNameById)

void	AppLayerParserRegisterSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void(SetStreamDepthFlag)(void tx, uint8_t flags))

void	AppLayerParserRegisterTxDataFunc (uint8_t ipproto, AppProto alproto, AppLayerTxData (GetTxData)(void *tx))

void	AppLayerParserRegisterApplyTxConfigFunc (uint8_t ipproto, AppProto alproto, bool(ApplyTxConfig)(void state, void *tx, int mode, AppLayerTxConfig))

void	AppLayerParserRegisterStateDataFunc (uint8_t ipproto, AppProto alproto, AppLayerStateData (GetStateData)(void *state))

AppLayerGetTxIteratorFunc	AppLayerGetTxIterator (const uint8_t ipproto, const AppProto alproto)

void *	AppLayerParserGetProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto)

void	AppLayerParserDestroyProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto, void *local_data)

uint64_t	AppLayerParserGetTransactionLogId (AppLayerParserState *pstate)

void	AppLayerParserSetTransactionLogId (AppLayerParserState *pstate, uint64_t tx_id)

uint64_t	AppLayerParserGetTransactionInspectId (AppLayerParserState *pstate, uint8_t direction)

void	AppLayerParserSetTransactionInspectId (const Flow f, AppLayerParserState pstate, void *alstate, const uint8_t flags, bool tag_txs_as_inspected)

AppLayerDecoderEvents *	AppLayerParserGetDecoderEvents (AppLayerParserState *pstate)

AppLayerDecoderEvents *	AppLayerParserGetEventsByTx (uint8_t ipproto, AppProto alproto, void *tx)

AppLayerGetFileState	AppLayerParserGetTxFiles (const Flow f, void state, void *tx, const uint8_t direction)

int	AppLayerParserGetStateProgress (uint8_t ipproto, AppProto alproto, void *alstate, uint8_t direction)
	get the progress value for a tx/protocol More...

uint64_t	AppLayerParserGetTxCnt (const Flow , void alstate)

void *	AppLayerParserGetTx (uint8_t ipproto, AppProto alproto, void *alstate, uint64_t tx_id)

int	AppLayerParserGetStateProgressCompletionStatus (AppProto alproto, uint8_t direction)

int	AppLayerParserGetEventInfo (uint8_t ipproto, AppProto alproto, const char event_name, int event_id, AppLayerEventType *event_type)

int	AppLayerParserGetEventInfoById (uint8_t ipproto, AppProto alproto, int event_id, const char *event_name, AppLayerEventType event_type)

uint64_t	AppLayerParserGetTransactionActive (const Flow f, AppLayerParserState pstate, uint8_t direction)

uint8_t	AppLayerParserGetFirstDataDir (uint8_t ipproto, AppProto alproto)

bool	AppLayerParserSupportsFiles (uint8_t ipproto, AppProto alproto)

AppLayerTxData *	AppLayerParserGetTxData (uint8_t ipproto, AppProto alproto, void *tx)

uint64_t	AppLayerParserGetTxDetectFlags (AppLayerTxData *txd, const uint8_t dir)

AppLayerStateData *	AppLayerParserGetStateData (uint8_t ipproto, AppProto alproto, void *state)

void	AppLayerParserApplyTxConfig (uint8_t ipproto, AppProto alproto, void state, void tx, enum ConfigAction mode, AppLayerTxConfig)

int	AppLayerParserParse (ThreadVars tv, AppLayerParserThreadCtx tctx, Flow f, AppProto alproto, uint8_t flags, const uint8_t input, uint32_t input_len)

void	AppLayerParserSetEOF (AppLayerParserState *pstate)

bool	AppLayerParserHasDecoderEvents (AppLayerParserState *pstate)

int	AppLayerParserProtocolHasLogger (uint8_t ipproto, AppProto alproto)

LoggerId	AppLayerParserProtocolGetLoggerBits (uint8_t ipproto, AppProto alproto)

void	AppLayerParserTriggerRawStreamReassembly (Flow *f, int direction)

void	AppLayerParserSetStreamDepth (uint8_t ipproto, AppProto alproto, uint32_t stream_depth)

uint32_t	AppLayerParserGetStreamDepth (const Flow *f)

void	AppLayerParserSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void *state, uint64_t tx_id, uint8_t flags)

int	AppLayerParserIsEnabled (AppProto alproto)
	simple way to globally test if a alproto is registered and fully enabled in the configuration. More...

int	AppLayerParserGetFrameIdByName (uint8_t ipproto, AppProto alproto, const char *name)

const char *	AppLayerParserGetFrameNameById (uint8_t ipproto, AppProto alproto, const uint8_t id)

void	AppLayerParserStateProtoCleanup (uint8_t protomap, AppProto alproto, void alstate, AppLayerParserState pstate)

void	AppLayerParserStateCleanup (const Flow f, void alstate, AppLayerParserState *pstate)

void	AppLayerParserRegisterProtocolParsers (void)

void	AppLayerParserStateSetFlag (AppLayerParserState *pstate, uint16_t flag)

uint16_t	AppLayerParserStateIssetFlag (AppLayerParserState *pstate, uint16_t flag)

AppLayerParserState *	AppLayerParserStateAlloc (void)

void	AppLayerParserStateFree (AppLayerParserState *pstate)

void	AppLayerParserTransactionsCleanup (Flow *f, const uint8_t pkt_dir)
	remove obsolete (inspected and logged) transactions More...

void	AppLayerParserRegisterProtocolUnittests (uint8_t ipproto, AppProto alproto, void(*RegisterUnittests)(void))

void	AppLayerParserRegisterUnittests (void)

void	AppLayerParserBackupParserTable (void)

void	AppLayerParserRestoreParserTable (void)

void	UTHAppLayerParserStateGetIds (void ptr, uint64_t i1, uint64_t i2, uint64_t log, uint64_t *min)

void	AppLayerFramesFreeContainer (Flow *f)

void	FileApplyTxFlags (const AppLayerTxData txd, const uint8_t direction, File file)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t; Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-parser.h.

Macro Definition Documentation

◆ APP_LAYER_ERROR

#define APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

parser has hit an unrecoverable error. Returning this to the API leads to no further calls to the parser.

Definition at line 93 of file app-layer-parser.h.

◆ APP_LAYER_INCOMPLETE

#define APP_LAYER_INCOMPLETE	(	c,
		n
	)	(AppLayerResult) { 1, (c), (n) }

parser needs more data. Through 'c' it will indicate how many of the input bytes it has consumed. Through 'n' it will indicate how many more bytes it needs before getting called again.

Note: consumed (c) should never be more than the input len needed (n) + consumed (c) should be more than the input len

Definition at line 101 of file app-layer-parser.h.

◆ APP_LAYER_OK

#define APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

parser has successfully processed in the input, and has consumed all of it.

Definition at line 89 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_BYPASS_READY

#define APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

Definition at line 39 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TC

#define APP_LAYER_PARSER_EOF_TC BIT_U16(6)

Definition at line 41 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TS

#define APP_LAYER_PARSER_EOF_TS BIT_U16(5)

Definition at line 40 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_INT_STREAM_DEPTH_SET

#define APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

Definition at line 50 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION

#define APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

Definition at line 36 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD

#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

Definition at line 38 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_REASSEMBLY

#define APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

Definition at line 37 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_OPT_ACCEPT_GAPS

#define APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

Definition at line 48 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TC

#define APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

Definition at line 45 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TS

#define APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

Definition at line 44 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_TRUNC_TC

#define APP_LAYER_PARSER_TRUNC_TC BIT_U16(8)

Definition at line 43 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_TRUNC_TS

#define APP_LAYER_PARSER_TRUNC_TS BIT_U16(7)

Definition at line 42 of file app-layer-parser.h.

◆ APP_LAYER_TX_INSPECTED_FLAG

#define APP_LAYER_TX_INSPECTED_FLAG BIT_U64(63)

is tx fully inspected?

Definition at line 82 of file app-layer-parser.h.

◆ APP_LAYER_TX_PREFILTER_MASK

#define APP_LAYER_TX_PREFILTER_MASK ~(APP_LAYER_TX_INSPECTED_FLAG | APP_LAYER_TX_RESERVED_FLAGS)

other 63 bits are for tracking which prefilter engine is already completely inspected

Definition at line 85 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED10_FLAG

#define APP_LAYER_TX_RESERVED10_FLAG BIT_U64(57)

Definition at line 64 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED11_FLAG

#define APP_LAYER_TX_RESERVED11_FLAG BIT_U64(58)

Definition at line 65 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED12_FLAG

#define APP_LAYER_TX_RESERVED12_FLAG BIT_U64(59)

Definition at line 66 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED13_FLAG

#define APP_LAYER_TX_RESERVED13_FLAG BIT_U64(60)

Definition at line 67 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED14_FLAG

#define APP_LAYER_TX_RESERVED14_FLAG BIT_U64(61)

Definition at line 68 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED1_FLAG

#define APP_LAYER_TX_RESERVED1_FLAG BIT_U64(48)

reserved for future use

Definition at line 55 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED2_FLAG

#define APP_LAYER_TX_RESERVED2_FLAG BIT_U64(49)

Definition at line 56 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED3_FLAG

#define APP_LAYER_TX_RESERVED3_FLAG BIT_U64(50)

Definition at line 57 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED4_FLAG

#define APP_LAYER_TX_RESERVED4_FLAG BIT_U64(51)

Definition at line 58 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED5_FLAG

#define APP_LAYER_TX_RESERVED5_FLAG BIT_U64(52)

Definition at line 59 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED6_FLAG

#define APP_LAYER_TX_RESERVED6_FLAG BIT_U64(53)

Definition at line 60 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED7_FLAG

#define APP_LAYER_TX_RESERVED7_FLAG BIT_U64(54)

Definition at line 61 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED8_FLAG

#define APP_LAYER_TX_RESERVED8_FLAG BIT_U64(55)

Definition at line 62 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED9_FLAG

#define APP_LAYER_TX_RESERVED9_FLAG BIT_U64(56)

Definition at line 63 of file app-layer-parser.h.

◆ APP_LAYER_TX_RESERVED_FLAGS

#define APP_LAYER_TX_RESERVED_FLAGS

Value:

    (APP_LAYER_TX_RESERVED1_FLAG | APP_LAYER_TX_RESERVED2_FLAG | APP_LAYER_TX_RESERVED3_FLAG |     \
            APP_LAYER_TX_RESERVED4_FLAG | APP_LAYER_TX_RESERVED5_FLAG |                            \
            APP_LAYER_TX_RESERVED6_FLAG | APP_LAYER_TX_RESERVED7_FLAG |                            \
            APP_LAYER_TX_RESERVED8_FLAG | APP_LAYER_TX_RESERVED9_FLAG |                            \
            APP_LAYER_TX_RESERVED10_FLAG | APP_LAYER_TX_RESERVED11_FLAG |                          \
            APP_LAYER_TX_RESERVED12_FLAG | APP_LAYER_TX_RESERVED13_FLAG |                          \
            APP_LAYER_TX_RESERVED14_FLAG)

Definition at line 70 of file app-layer-parser.h.

◆ APP_LAYER_TX_SKIP_INSPECT_FLAG

#define APP_LAYER_TX_SKIP_INSPECT_FLAG BIT_U64(62)

should inspection be skipped in that direction

Definition at line 80 of file app-layer-parser.h.

Typedef Documentation

◆ AppLayerGetTxIteratorFunc

typedef AppLayerGetTxIterTuple(* AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void *alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState *state)

tx iterator prototype

Definition at line 152 of file app-layer-parser.h.

◆ AppLayerGetTxIterState

typedef struct AppLayerGetTxIterState AppLayerGetTxIterState

◆ AppLayerParserFPtr

typedef AppLayerResult(* AppLayerParserFPtr) (Flow *f, void *protocol_state, AppLayerParserState *pstate, StreamSlice stream_slice, void *local_storage)

Prototype for parsing functions.

Definition at line 141 of file app-layer-parser.h.

◆ AppLayerParserGetFrameIdByNameFn

typedef int(* AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

Definition at line 159 of file app-layer-parser.h.

◆ AppLayerParserGetFrameNameByIdFn

typedef const char*(* AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Definition at line 160 of file app-layer-parser.h.

◆ AppLayerParserThreadCtx

typedef struct AppLayerParserThreadCtx_ AppLayerParserThreadCtx

Definition at line 108 of file app-layer-parser.h.

Function Documentation

◆ AppLayerFramesFreeContainer()

void AppLayerFramesFreeContainer ( Flow * f )

Definition at line 168 of file app-layer-parser.c.

References Flow_::alparser, and AppLayerParserState_::frames.

◆ AppLayerGetTxIterator()

AppLayerGetTxIteratorFunc AppLayerGetTxIterator	(	const uint8_t	ipproto,
		const AppProto	alproto
	)

Definition at line 690 of file app-layer-parser.c.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserApplyTxConfig()

void AppLayerParserApplyTxConfig	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		void *	tx,
		enum ConfigAction	mode,
		AppLayerTxConfig
	)

Definition at line 1196 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserBackupParserTable()

void AppLayerParserBackupParserTable ( void )

Definition at line 1880 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserConfParserEnabled()

int AppLayerParserConfParserEnabled	(	const char *	ipproto,
		const char *	alproto_name
	)

Given a protocol name, checks if the parser is enabled in the conf file.

Parameters

alproto_name Name of the app layer protocol.

Return values

1	If enabled.
0	If disabled.

Given a protocol name, checks if the parser is enabled in the conf file.

Definition at line 326 of file app-layer-parser.c.

References ConfGetNode(), ConfValIsFalse(), ConfValIsTrue(), FatalError, RunmodeIsUnittests(), SCEnter, SCLogDebug, SCLogError, SCReturnInt, and ConfNode_::val.

Referenced by HTPFreeConfig().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserDeSetup()

int AppLayerParserDeSetup ( void )

Definition at line 275 of file app-layer-parser.c.

References FTPParserCleanup(), SCEnter, SCReturnInt, and SMTPParserCleanup().

Referenced by AppLayerDeSetup().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserDestroyProtocolParserLocalStorage()

void AppLayerParserDestroyProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	local_data
	)

Definition at line 640 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxFree().

Here is the caller graph for this function:

◆ AppLayerParserGetDecoderEvents()

AppLayerDecoderEvents* AppLayerParserGetDecoderEvents ( AppLayerParserState * pstate )

Definition at line 847 of file app-layer-parser.c.

References AppLayerParserState_::decoder_events, SCEnter, and SCReturnPtr.

Referenced by AppLayerParserHasDecoderEvents().

Here is the caller graph for this function:

◆ AppLayerParserGetEventInfo()

int AppLayerParserGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	event_name,
		int *	event_id,
		AppLayerEventType *	event_type
	)

Definition at line 1123 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventInfoById()

int AppLayerParserGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		int	event_id,
		const char **	event_name,
		AppLayerEventType *	event_type
	)

Definition at line 1133 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventsByTx()

AppLayerDecoderEvents* AppLayerParserGetEventsByTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 855 of file app-layer-parser.c.

References AppLayerParserGetTxData(), AppLayerDecoderEvents_::events, SCEnter, and SCReturnPtr.

Here is the call graph for this function:

◆ AppLayerParserGetFirstDataDir()

uint8_t AppLayerParserGetFirstDataDir	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1144 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetFrameIdByName()

int AppLayerParserGetFrameIdByName	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	name
	)

Definition at line 1597 of file app-layer-parser.c.

◆ AppLayerParserGetFrameNameById()

const char* AppLayerParserGetFrameNameById	(	uint8_t	ipproto,
		AppProto	alproto,
		const uint8_t	id
	)

Definition at line 1606 of file app-layer-parser.c.

Referenced by DetectRunFrameInspectRule(), and FrameJsonLogOneFrame().

Here is the caller graph for this function:

◆ AppLayerParserGetProtocolParserLocalStorage()

void* AppLayerParserGetProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 625 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxAlloc().

Here is the caller graph for this function:

◆ AppLayerParserGetStateData()

AppLayerStateData* AppLayerParserGetStateData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state
	)

Definition at line 1185 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetStateProgress()

int AppLayerParserGetStateProgress	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint8_t	flags
	)

get the progress value for a tx/protocol

If the stream is disrupted, we return the 'completion' value.

Definition at line 1086 of file app-layer-parser.c.

References flags, IS_DISRUPTED, SCEnter, and unlikely.

Referenced by AppLayerParserSetTransactionInspectId(), and DetectEngineInspectBufferGeneric().

Here is the caller graph for this function:

◆ AppLayerParserGetStateProgressCompletionStatus()

int AppLayerParserGetStateProgressCompletionStatus	(	AppProto	alproto,
		uint8_t	direction
	)

Definition at line 1115 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId(), and OutputRegisterTxLogger().

Here is the caller graph for this function:

◆ AppLayerParserGetStreamDepth()

uint32_t AppLayerParserGetStreamDepth ( const Flow * f )

Definition at line 1578 of file app-layer-parser.c.

References SCReturnInt.

◆ AppLayerParserGetTransactionActive()

uint64_t AppLayerParserGetTransactionActive	(	const Flow *	f,
		AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 1151 of file app-layer-parser.c.

References AppLayerParserState_::inspect_id, AppLayerParserState_::log_id, and SCEnter.

Referenced by FlowForceReassemblyNeedReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionInspectId()

uint64_t AppLayerParserGetTransactionInspectId	(	AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 715 of file app-layer-parser.c.

References AppLayerParserState_::inspect_id, SCEnter, and SCReturnCT.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionLogId()

uint64_t AppLayerParserGetTransactionLogId ( AppLayerParserState * pstate )

Definition at line 698 of file app-layer-parser.c.

References AppLayerParserState_::log_id, SCEnter, and SCReturnCT.

◆ AppLayerParserGetTx()

void* AppLayerParserGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint64_t	tx_id
	)

Definition at line 1108 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetStreamDepthFlag().

Here is the caller graph for this function:

◆ AppLayerParserGetTxCnt()

uint64_t AppLayerParserGetTxCnt	(	const Flow *	,
		void *	alstate
	)

Definition at line 1101 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId(), and FlowForceReassemblyNeedReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTxData()

AppLayerTxData* AppLayerParserGetTxData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 1178 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserGetEventsByTx(), AppLayerParserSetTransactionInspectId(), and DetectRunStoreStateTx().

Here is the caller graph for this function:

◆ AppLayerParserGetTxDetectFlags()

uint64_t AppLayerParserGetTxDetectFlags	(	AppLayerTxData *	txd,
		const uint8_t	dir
	)

inline

Definition at line 725 of file app-layer-parser.c.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserGetTxFiles()

AppLayerGetFileState AppLayerParserGetTxFiles	(	const Flow *	f,
		void *	state,
		void *	tx,
		const uint8_t	direction
	)

Definition at line 871 of file app-layer-parser.c.

References SCEnter.

Referenced by DetectEngineInspectFiledata(), and DetectFileInspectGeneric().

Here is the caller graph for this function:

◆ AppLayerParserHasDecoderEvents()

bool AppLayerParserHasDecoderEvents ( AppLayerParserState * pstate )

Definition at line 1512 of file app-layer-parser.c.

References AppLayerParserGetDecoderEvents(), AppLayerDecoderEvents_::cnt, AppLayerParserState_::decoder_events, and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserIsEnabled()

int AppLayerParserIsEnabled ( AppProto alproto )

simple way to globally test if a alproto is registered and fully enabled in the configuration.

Definition at line 1530 of file app-layer-parser.c.

References FLOW_PROTO_APPLAYER_MAX.

Referenced by OutputRegisterTxLogger().

Here is the caller graph for this function:

◆ AppLayerParserParse()

int AppLayerParserParse	(	ThreadVars *	tv,
		AppLayerParserThreadCtx *	alp_tctx,
		Flow *	f,
		AppProto	alproto,
		uint8_t	flags,
		const uint8_t *	input,
		uint32_t	input_len
	)

Return values

int	-1 in case of unrecoverable error. App-layer tracking stops for this flow.
int	0 ok: we did not update app_progress
int	1 ok: we updated app_progress

Definition at line 1286 of file app-layer-parser.c.

References Flow_::alparser, BUG_ON, FlowGetProtoMapping(), Flow_::proto, Flow_::protomap, and SCEnter.

Referenced by LLVMFuzzerTestOneInput().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserPostStreamSetup()

void AppLayerParserPostStreamSetup ( void )

Definition at line 261 of file app-layer-parser.c.

References ALPROTO_MAX, and FLOW_PROTO_DEFAULT.

Referenced by PreRunInit().

Here is the caller graph for this function:

◆ AppLayerParserProtocolGetLoggerBits()

LoggerId AppLayerParserProtocolGetLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1548 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtocolHasLogger()

int AppLayerParserProtocolHasLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1540 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtoIsRegistered()

int AppLayerParserProtoIsRegistered	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 223 of file app-layer-parser.c.

References FlowGetProtoMapping().

Here is the call graph for this function:

◆ AppLayerParserRegisterApplyTxConfigFunc()

void AppLayerParserRegisterApplyTxConfigFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		bool()(void state, void *tx, int mode, AppLayerTxConfig)	ApplyTxConfig
	)

Definition at line 603 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfo()

void AppLayerParserRegisterGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(const char event_name, int event_id, AppLayerEventType event_type)	StateGetEventInfo
	)

Definition at line 571 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfoById()

void AppLayerParserRegisterGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(int event_id, const char event_name, AppLayerEventType event_type)	StateGetEventInfoById
	)

Definition at line 549 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetFrameFuncs()

void AppLayerParserRegisterGetFrameFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerParserGetFrameIdByNameFn	GetFrameIdByName,
		AppLayerParserGetFrameNameByIdFn	GetFrameNameById
	)

Definition at line 561 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetStateProgressFunc()

void AppLayerParserRegisterGetStateProgressFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(void alstate, uint8_t direction)	StateGetStateProgress
	)

Definition at line 482 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTx()

void AppLayerParserRegisterGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	StateGetTx)(void *alstate, uint64_t tx_id
	)

Definition at line 515 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxCnt()

void AppLayerParserRegisterGetTxCnt	(	uint8_t	ipproto,
		AppProto	alproto,
		uint64_t()(void alstate)	StateGetTxCnt
	)

Definition at line 504 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxFilesFunc()

void AppLayerParserRegisterGetTxFilesFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetFileState()(void , void *, uint8_t)	GetTxFiles
	)

Definition at line 444 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxIterator()

void AppLayerParserRegisterGetTxIterator	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetTxIteratorFunc	Func
	)

Definition at line 526 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLocalStorageFunc()

void AppLayerParserRegisterLocalStorageFunc	(	uint8_t	ipproto,
		AppProto	proto,
		void ()(void)	LocalStorageAlloc,
		void()(void )	LocalStorageFree
	)

Definition at line 430 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLogger()

void AppLayerParserRegisterLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 463 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLoggerBits()

void AppLayerParserRegisterLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto,
		LoggerId	bits
	)

Definition at line 454 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterOptionFlags()

void AppLayerParserRegisterOptionFlags	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	flags
	)

Definition at line 407 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParser()

int AppLayerParserRegisterParser	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction,
		AppLayerParserFPtr	Parser
	)

Register app layer parser for the protocol.

Return values

0	On success.
-1	On failure.

Definition at line 384 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParserAcceptableDataDirection()

void AppLayerParserRegisterParserAcceptableDataDirection	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction
	)

Definition at line 396 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterProtocolParsers()

void AppLayerParserRegisterProtocolParsers ( void )

IMAP

Definition at line 1720 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerSetup(), and LLVMFuzzerTestOneInput().

Here is the caller graph for this function:

◆ AppLayerParserRegisterProtocolUnittests()

void AppLayerParserRegisterProtocolUnittests	(	uint8_t	ipproto,
		AppProto	alproto,
		void(*)(void)	RegisterUnittests
	)

Definition at line 1871 of file app-layer-parser.c.

Referenced by RegisterIKEParsers(), and RegisterModbusParsers().

Here is the caller graph for this function:

◆ AppLayerParserRegisterSetStreamDepthFlag()

void AppLayerParserRegisterSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void tx, uint8_t flags)	SetStreamDepthFlag
	)

Definition at line 613 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateDataFunc()

void AppLayerParserRegisterStateDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerStateData ()(void *state)	GetStateData
	)

Definition at line 593 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateFuncs()

void AppLayerParserRegisterStateFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		void ()(void *, AppProto)	StateAlloc,
		void()(void )	StateFree
	)

Definition at line 417 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateProgressCompletionStatus()

void AppLayerParserRegisterStateProgressCompletionStatus	(	AppProto	alproto,
		const int	ts,
		const int	tc
	)

Definition at line 534 of file app-layer-parser.c.

References BUG_ON, and ts.

◆ AppLayerParserRegisterTruncateFunc()

void AppLayerParserRegisterTruncateFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void , uint8_t)	Truncate
	)

Definition at line 472 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterTxDataFunc()

void AppLayerParserRegisterTxDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerTxData ()(void *tx)	GetTxData
	)

Definition at line 583 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterTxFreeFunc()

void AppLayerParserRegisterTxFreeFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void , uint64_t)	StateTransactionFree
	)

Definition at line 493 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterUnittests()

void AppLayerParserRegisterUnittests ( void )

Definition at line 1983 of file app-layer-parser.c.

References ALPROTO_MAX, FLOW_PROTO_DEFAULT, and SCEnter.

◆ AppLayerParserRestoreParserTable()

void AppLayerParserRestoreParserTable ( void )

Definition at line 1888 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserSetEOF()

void AppLayerParserSetEOF ( AppLayerParserState * pstate )

Definition at line 1496 of file app-layer-parser.c.

References APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, AppLayerParserStateSetFlag(), SCEnter, SCLogDebug, and SCReturn.

Here is the call graph for this function:

◆ AppLayerParserSetStreamDepth()

void AppLayerParserSetStreamDepth	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	stream_depth
	)

Definition at line 1567 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserSetStreamDepthFlag()

void AppLayerParserSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		uint64_t	tx_id,
		uint8_t	flags
	)

Definition at line 1583 of file app-layer-parser.c.

References AppLayerParserGetTx(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserSetTransactionInspectId()

void AppLayerParserSetTransactionInspectId	(	const Flow *	f,
		AppLayerParserState *	pstate,
		void *	alstate,
		const uint8_t	flags,
		bool	tag_txs_as_inspected
	)