suricata
app-layer-register.h
Go to the documentation of this file.
1 /* Copyright (C) 2017 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Pierre Chifflier <chifflier@wzdftpd.net>
22  */
23 
24 #ifndef SURICATA_APP_LAYER_REGISTER_H
25 #define SURICATA_APP_LAYER_REGISTER_H
26 
27 #include "app-layer-detect-proto.h"
28 
29 typedef struct AppLayerParser {
30  const char *name;
31  const char *default_port;
32  uint8_t ip_proto;
33 
34  ProbingParserFPtr ProbeTS;
35  ProbingParserFPtr ProbeTC;
36 
37  uint16_t min_depth;
38  uint16_t max_depth;
39 
40  void *(*StateAlloc)(void *, AppProto);
41  void (*StateFree)(void *);
42 
43  AppLayerParserFPtr ParseTS;
44  AppLayerParserFPtr ParseTC;
45 
46  uint64_t (*StateGetTxCnt)(void *alstate);
47  void *(*StateGetTx)(void *alstate, uint64_t tx_id);
48  void (*StateTransactionFree)(void *, uint64_t);
49 
50  const int complete_ts;
51  const int complete_tc;
52  int (*StateGetProgress)(void *alstate, uint8_t direction);
53 
54  int (*StateGetEventInfo)(
55  const char *event_name, uint8_t *event_id, AppLayerEventType *event_type);
56  int (*StateGetEventInfoById)(
57  uint8_t event_id, const char **event_name, AppLayerEventType *event_type);
58 
59  void *(*LocalStorageAlloc)(void);
60  void (*LocalStorageFree)(void *);
61 
62  AppLayerGetFileState (*GetTxFiles)(void *, uint8_t);
63 
64  AppLayerGetTxIterTuple (*GetTxIterator)(const uint8_t ipproto,
65  const AppProto alproto, void *alstate, uint64_t min_tx_id,
66  uint64_t max_tx_id, AppLayerGetTxIterState *istate);
67 
68  AppLayerStateData *(*GetStateData)(void *state);
69  AppLayerTxData *(*GetTxData)(void *tx);
70  bool (*ApplyTxConfig)(void *state, void *tx, int mode, AppLayerTxConfig);
71 
72  uint32_t flags;
73 
74  AppLayerParserGetFrameIdByNameFn GetFrameIdByName;
75  AppLayerParserGetFrameNameByIdFn GetFrameNameById;
76 
77 } AppLayerParser;
78 
79 /**
80  * \brief App layer protocol detection function.
81  *
82  * \param parser The parser declaration structure.
83  * \param enable_default A boolean to indicate if default port configuration should be used if none given
84  *
85  * \retval The AppProto constant if successful. On error, this function never returns.
86  */
87 AppProto AppLayerRegisterProtocolDetection(const struct AppLayerParser *parser, int enable_default);
88 
89 /**
90  * \brief App layer protocol registration function.
91  *
92  * \param parser The parser declaration structure.
93  * \param alproto The application layer protocol identifier.
94  *
95  * \retval 0 if successful. On error, this function never returns.
96  */
97 int AppLayerRegisterParser(const struct AppLayerParser *p, AppProto alproto);
98 
99 int AppLayerRegisterParserAlias(const char *proto_name, const char *proto_alias);
100 
101 #endif /* SURICATA_APP_LAYER_REGISTER_H */
AppLayerParser::ip_proto
uint8_t ip_proto
Definition: app-layer-register.h:32
AppLayerParser::default_port
const char * default_port
Definition: app-layer-register.h:31
AppLayerParser::max_depth
uint16_t max_depth
Definition: app-layer-register.h:38
AppLayerParser
struct AppLayerParser AppLayerParser
AppProto
uint16_t AppProto
Definition: app-layer-protos.h:81
AppLayerParser::ProbeTS
ProbingParserFPtr ProbeTS
Definition: app-layer-register.h:34
ProbingParserFPtr
AppProto(* ProbingParserFPtr)(Flow *f, uint8_t flags, const uint8_t *input, uint32_t input_len, uint8_t *rdir)
Definition: app-layer-detect-proto.h:33
AppLayerParser::ParseTS
AppLayerParserFPtr ParseTS
Definition: app-layer-register.h:43
AppLayerParser::StateFree
void(* StateFree)(void *)
Definition: app-layer-register.h:41
AppLayerParserFPtr
AppLayerResult(* AppLayerParserFPtr)(Flow *f, void *protocol_state, AppLayerParserState *pstate, StreamSlice stream_slice, void *local_storage)
Prototype for parsing functions.
Definition: app-layer-parser.h:140
app-layer-detect-proto.h
AppLayerParser::StateGetProgress
int(* StateGetProgress)(void *alstate, uint8_t direction)
Definition: app-layer-register.h:52
AppLayerParser
Definition: app-layer-register.h:29
AppLayerParser::GetFrameNameById
AppLayerParserGetFrameNameByIdFn GetFrameNameById
Definition: app-layer-register.h:75
AppLayerParser::StateTransactionFree
void(* StateTransactionFree)(void *, uint64_t)
Definition: app-layer-register.h:48
AppLayerParser::min_depth
uint16_t min_depth
Definition: app-layer-register.h:37
AppLayerParser::ProbeTC
ProbingParserFPtr ProbeTC
Definition: app-layer-register.h:35
AppLayerParser::LocalStorageFree
void(* LocalStorageFree)(void *)
Definition: app-layer-register.h:60
AppLayerRegisterParserAlias
int AppLayerRegisterParserAlias(const char *proto_name, const char *proto_alias)
Definition: app-layer-register.c:194
AppLayerGetTxIterState
Definition: app-layer-parser.h:143
AppLayerParser::StateGetEventInfoById
int(* StateGetEventInfoById)(uint8_t event_id, const char **event_name, AppLayerEventType *event_type)
Definition: app-layer-register.h:56
AppLayerTxData
struct AppLayerTxData AppLayerTxData
Definition: detect.h:1367
AppLayerParserGetFrameNameByIdFn
const char *(* AppLayerParserGetFrameNameByIdFn)(const uint8_t id)
Definition: app-layer-parser.h:159
AppLayerRegisterParser
int AppLayerRegisterParser(const struct AppLayerParser *p, AppProto alproto)
App layer protocol registration function.
Definition: app-layer-register.c:97
AppLayerRegisterProtocolDetection
AppProto AppLayerRegisterProtocolDetection(const struct AppLayerParser *parser, int enable_default)
App layer protocol detection function.
Definition: app-layer-register.c:38
AppLayerParser::name
const char * name
Definition: app-layer-register.h:30
AppLayerParser::ParseTC
AppLayerParserFPtr ParseTC
Definition: app-layer-register.h:44
AppLayerParser::StateGetEventInfo
int(* StateGetEventInfo)(const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
Definition: app-layer-register.h:54
AppLayerParser::StateGetTxCnt
uint64_t(* StateGetTxCnt)(void *alstate)
Definition: app-layer-register.h:46
AppLayerParser::complete_tc
const int complete_tc
Definition: app-layer-register.h:51
AppLayerParser::GetTxIterator
AppLayerGetTxIterTuple(* GetTxIterator)(const uint8_t ipproto, const AppProto alproto, void *alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState *istate)
Definition: app-layer-register.h:64
AppLayerParser::ApplyTxConfig
bool(* ApplyTxConfig)(void *state, void *tx, int mode, AppLayerTxConfig)
Definition: app-layer-register.h:70
AppLayerParser::flags
uint32_t flags
Definition: app-layer-register.h:72
AppLayerParser::complete_ts
const int complete_ts
Definition: app-layer-register.h:50
AppLayerParserGetFrameIdByNameFn
int(* AppLayerParserGetFrameIdByNameFn)(const char *frame_name)
Definition: app-layer-parser.h:158
AppLayerParser::GetFrameIdByName
AppLayerParserGetFrameIdByNameFn GetFrameIdByName
Definition: app-layer-register.h:74
AppLayerParser::GetTxFiles
AppLayerGetFileState(* GetTxFiles)(void *, uint8_t)
Definition: app-layer-register.h:62