#include "decode.h"
#include "decode-tcp.h"
#include "decode-sctp.h"
#include "decode-udp.h"

Include dependency graph for decode-icmpv4.h:

This graph shows which files directly or indirectly include this file:

Data Structures
struct	ICMPV4Hdr_

struct	ICMPV4ExtHdr_

struct	ICMPV4Vars_

Macros
#define	ICMPV4_HEADER_LEN 8

#define	ICMPV4_GET_TYPE(p) (p)->icmpv4h->type

#define	ICMPV4_GET_CODE(p) (p)->icmpv4h->code

#define	CLEAR_ICMPV4_PACKET(p)

#define	ICMPV4_HEADER_PKT_OFFSET 8

#define	ICMPV4_GET_TYPE(p) (p)->icmpv4h->type

#define	ICMPV4_GET_CODE(p) (p)->icmpv4h->code

#define	ICMPV4_GET_RAW_CSUM(p) SCNtohs((p)->icmpv4h->checksum)

#define	ICMPV4_GET_CSUM(p) (p)->icmpv4h->checksum

#define	ICMPV4_GET_ID(p) ((p)->icmpv4vars.id)

#define	ICMPV4_GET_SEQ(p) ((p)->icmpv4vars.seq)

#define	ICMPV4_GET_EMB_PROTO(p) (p)->icmpv4vars.emb_ip4_proto

#define	ICMPV4_GET_EMB_IPV4(p) (p)->icmpv4vars.emb_ipv4h

#define	ICMPV4_GET_EMB_TCP(p) (p)->icmpv4vars.emb_tcph

#define	ICMPV4_GET_EMB_UDP(p) (p)->icmpv4vars.emb_udph

#define	ICMPV4_GET_EMB_ICMPV4H(p) (p)->icmpv4vars.emb_icmpv4h

#define	ICMPV4_DEST_UNREACH_IS_VALID(p)

#define	ICMPV4_IS_ERROR_MSG(p)

Typedefs
typedef struct ICMPV4ExtHdr_	ICMPV4ExtHdr

typedef struct ICMPV4Vars_	ICMPV4Vars

Functions
struct ICMPV4Hdr_	__attribute__ ((__packed__)) ICMPV4Hdr
	DNP3 link header. More...

void	DecodeICMPV4RegisterTests (void)
	Registers ICMPV4 unit test. More...

int	ICMPv4GetCounterpart (uint8_t type)

Variables
uint8_t	type

uint8_t	code

uint16_t	checksum

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file decode-icmpv4.h.

Macro Definition Documentation

#define CLEAR_ICMPV4_PACKET ( p )

Value:

do { \
    (p)->level4_comp_csum = -1;     \
    PACKET_CLEAR_L4VARS((p));       \
    (p)->icmpv4h = NULL;            \
} while(0)

Definition at line 206 of file decode-icmpv4.h.

#define ICMPV4_DEST_UNREACH_IS_VALID ( p )

Value:

( \
    (!((p)->flags & PKT_IS_INVALID)) && \
    ((p)->icmpv4h != NULL) && \
    (ICMPV4_GET_TYPE((p)) == ICMP_DEST_UNREACH) && \
    (ICMPV4_GET_EMB_IPV4((p)) != NULL) && \
    ((ICMPV4_GET_EMB_TCP((p)) != NULL) || \
     (ICMPV4_GET_EMB_UDP((p)) != NULL)))

macro for checking if a ICMP DEST UNREACH packet is valid for use in other parts of the engine, such as the flow engine.

Warning: use only after the decoder has processed the packet

Definition at line 247 of file decode-icmpv4.h.

Referenced by SigMatchSignaturesGetSgh().

#define ICMPV4_GET_CODE ( p ) (p)->icmpv4h->code

marco for icmpv4 code access

macro for icmpv4 "code" access

Definition at line 217 of file decode-icmpv4.h.

Referenced by DetectICodeFree().

#define ICMPV4_GET_CODE ( p ) (p)->icmpv4h->code

marco for icmpv4 code access

macro for icmpv4 "code" access

Definition at line 217 of file decode-icmpv4.h.

#define ICMPV4_GET_CSUM ( p ) (p)->icmpv4h->checksum

Definition at line 220 of file decode-icmpv4.h.

#define ICMPV4_GET_EMB_ICMPV4H ( p ) (p)->icmpv4vars.emb_icmpv4h

macro for icmpv4 embedded "icmpv4h" header access

Definition at line 240 of file decode-icmpv4.h.

#define ICMPV4_GET_EMB_IPV4 ( p ) (p)->icmpv4vars.emb_ipv4h

macro for icmpv4 embedded "ipv4h" header access

Definition at line 234 of file decode-icmpv4.h.

#define ICMPV4_GET_EMB_PROTO ( p ) (p)->icmpv4vars.emb_ip4_proto

macro for icmpv4 embedded "protocol" access

Definition at line 232 of file decode-icmpv4.h.

#define ICMPV4_GET_EMB_TCP ( p ) (p)->icmpv4vars.emb_tcph

macro for icmpv4 embedded "tcph" header access

Definition at line 236 of file decode-icmpv4.h.

#define ICMPV4_GET_EMB_UDP ( p ) (p)->icmpv4vars.emb_udph

macro for icmpv4 embedded "udph" header access

Definition at line 238 of file decode-icmpv4.h.

#define ICMPV4_GET_ID ( p ) ((p)->icmpv4vars.id)

macro for icmpv4 "id" access

Definition at line 225 of file decode-icmpv4.h.

Referenced by DetectIcmpIdRegister().

#define ICMPV4_GET_RAW_CSUM ( p ) SCNtohs((p)->icmpv4h->checksum)

macro for icmpv4 "csum" access

Definition at line 219 of file decode-icmpv4.h.

#define ICMPV4_GET_SEQ ( p ) ((p)->icmpv4vars.seq)

macro for icmpv4 "seq" access

Definition at line 227 of file decode-icmpv4.h.

Referenced by DetectIcmpSeqRegister().

#define ICMPV4_GET_TYPE ( p ) (p)->icmpv4h->type

marco for icmpv4 type access

macro for icmpv4 "type" access

Definition at line 215 of file decode-icmpv4.h.

Referenced by DetectIcmpIdRegister(), DetectIcmpSeqRegister(), and DetectITypeFree().

#define ICMPV4_GET_TYPE ( p ) (p)->icmpv4h->type

marco for icmpv4 type access

macro for icmpv4 "type" access

Definition at line 215 of file decode-icmpv4.h.

#define ICMPV4_HEADER_LEN 8

Definition at line 32 of file decode-icmpv4.h.

Referenced by DecodeICMPV4().

#define ICMPV4_HEADER_PKT_OFFSET 8

Definition at line 212 of file decode-icmpv4.h.

Referenced by DecodeICMPV4().

#define ICMPV4_IS_ERROR_MSG ( p )

Value:

(ICMPV4_GET_TYPE((p)) == ICMP_DEST_UNREACH || \
        ICMPV4_GET_TYPE((p)) == ICMP_SOURCE_QUENCH || \
        ICMPV4_GET_TYPE((p)) == ICMP_REDIRECT || \
        ICMPV4_GET_TYPE((p)) == ICMP_TIME_EXCEEDED || \
        ICMPV4_GET_TYPE((p)) == ICMP_PARAMETERPROB)

marco for checking if a ICMP packet is an error message or an query message.

Todo:: This check is used in the flow engine and needs to be as cheap as possible. Consider setting a bitflag at the decoder stage so we can to a bit check instead of the more expensive check below.

Definition at line 264 of file decode-icmpv4.h.

Referenced by FlowGetPacketDirection(), and FlowSetupPacket().