defrag.c File Reference
#include "suricata-common.h"#include "queue.h"#include "suricata.h"#include "threads.h"#include "conf.h"#include "decode-ipv6.h"#include "util-hashlist.h"#include "util-pool.h"#include "util-time.h"#include "util-print.h"#include "util-debug.h"#include "util-fix_checksum.h"#include "util-random.h"#include "stream-tcp-private.h"#include "stream-tcp-reassemble.h"#include "util-host-os-info.h"#include "util-validate.h"#include "defrag.h"#include "defrag-hash.h"#include "defrag-config.h"#include "tmqh-packetpool.h"#include "decode.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "packet.h"
Include dependency graph for defrag.c:
Go to the source code of this file.
Macros | |
| #define | DEFAULT_DEFRAG_HASH_SIZE 0xffff |
| #define | DEFAULT_DEFRAG_POOL_SIZE 0xffff |
| #define | TIMEOUT_DEFAULT 60 |
| #define | TIMEOUT_MAX (60 * 60 * 24) |
| #define | TIMEOUT_MIN 1 |
| #define | IP_MF 0x2000 |
| #define | D_1 'A', 'A', 'A', 'A', 'A', 'A', 'A', 'A' |
| #define | D_2 'B', 'B', 'B', 'B', 'B', 'B', 'B', 'B' |
| #define | D_3 'C', 'C', 'C', 'C', 'C', 'C', 'C', 'C' |
| #define | D_3_1 'D', 'D', 'D', 'D', 'D', 'D', 'D', 'D' |
| #define | D_3_2 'E', 'E', 'E', 'E', 'E', 'E', 'E', 'E' |
| #define | D_3_3 'F', 'F', 'F', 'F', 'F', 'F', 'F', 'F' |
| #define | D_3_4 'G', 'G', 'G', 'G', 'G', 'G', 'G', 'G' |
| #define | D_3_5 'H', 'H', 'H', 'H', 'H', 'H', 'H', 'H' |
| #define | D_3_6 'I', 'I', 'I', 'I', 'I', 'I', 'I', 'I' |
| #define | D_4 'J', 'J', 'J', 'J', 'J', 'J', 'J', 'J' |
| #define | D_5 'K', 'K', 'K', 'K', 'K', 'K', 'K', 'K' |
| #define | D_6 'L', 'L', 'L', 'L', 'L', 'L', 'L', 'L' |
| #define | D_7 'M', 'M', 'M', 'M', 'M', 'M', 'M', 'M' |
| #define | D_8 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N' |
| #define | D_9 'O', 'O', 'O', 'O', 'O', 'O', 'O', 'O' |
| #define | D_10 'P', 'P', 'P', 'P', 'P', 'P', 'P', 'P' |
| #define | D_11 'Q', 'Q', 'Q', 'Q', 'Q', 'Q', 'Q', 'Q' |
Enumerations | |
| enum | defrag_policies { DEFRAG_POLICY_FIRST = 1, DEFRAG_POLICY_LAST, DEFRAG_POLICY_BSD, DEFRAG_POLICY_BSD_RIGHT, DEFRAG_POLICY_LINUX, DEFRAG_POLICY_WINDOWS, DEFRAG_POLICY_SOLARIS, DEFRAG_POLICY_DEFAULT = DEFRAG_POLICY_BSD } |
Functions | |
| RB_GENERATE (IP_FRAGMENTS, Frag_, rb, DefragRbFragCompare) | |
| void | DefragTrackerFreeFrags (DefragTracker *tracker) |
| Free all frags associated with a tracker. More... | |
| int | DefragRbFragCompare (struct Frag_ *a, struct Frag_ *b) |
| uint8_t | DefragGetOsPolicy (Packet *p) |
| Get the defrag policy based on the destination address of the packet. More... | |
| Packet * | Defrag (ThreadVars *tv, DecodeThreadVars *dtv, Packet *p) |
| Entry point for IPv4 and IPv6 fragments. More... | |
| void | DefragInit (void) |
| void | DefragDestroy (void) |
| void | DefragRegisterTests (void) |
Variables | |
| ThreadVars | test_tv = { 0 } |
| DecodeThreadVars | test_dtv = { 0 } |
Detailed Description
Defragmentation module. References:
- RFC 815
- OpenBSD PF's IP normalization (pf_norm.c)
- Todo:
pool for frag packet storage
policy bsd-right
profile hash function
log anomalies
Definition in file defrag.c.
Macro Definition Documentation
◆ D_1
◆ D_10
◆ D_11
◆ D_2
◆ D_3
◆ D_3_1
◆ D_3_2
◆ D_3_3
◆ D_3_4
◆ D_3_5
◆ D_3_6
◆ D_4
◆ D_5
◆ D_6
◆ D_7
◆ D_8
◆ D_9
◆ DEFAULT_DEFRAG_HASH_SIZE
◆ DEFAULT_DEFRAG_POOL_SIZE
◆ IP_MF
◆ TIMEOUT_DEFAULT
| #define TIMEOUT_DEFAULT 60 |
◆ TIMEOUT_MAX
| #define TIMEOUT_MAX (60 * 60 * 24) |
◆ TIMEOUT_MIN
Enumeration Type Documentation
◆ defrag_policies
| enum defrag_policies |
Function Documentation
◆ Defrag()
| Packet* Defrag | ( | ThreadVars * | tv, |
| DecodeThreadVars * | dtv, | ||
| Packet * | p | ||
| ) |
Entry point for IPv4 and IPv6 fragments.
- Parameters
-
tv ThreadVars for the calling decoder. p The packet fragment.
- Return values
-
A new Packet resembling the re-assembled packet if the most recent fragment allowed the packet to be re-assembled, otherwise NULL is returned.
Definition at line 1063 of file defrag.c.
References af.
◆ DefragDestroy()
| void DefragDestroy | ( | void | ) |
Definition at line 1129 of file defrag.c.
References DefragHashShutdown().
Here is the call graph for this function:
◆ DefragGetOsPolicy()
| uint8_t DefragGetOsPolicy | ( | Packet * | p | ) |
◆ DefragInit()
| void DefragInit | ( | void | ) |
Definition at line 1109 of file defrag.c.
References DEFAULT_DEFRAG_HASH_SIZE, DefragPolicyLoadFromConfig(), and SCConfGetInt().
Referenced by PreRunInit().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ DefragRbFragCompare()
The RB_TREE compare function for fragments.
When it comes to adding fragments, we want subsequent ones with the same offset to be treated as greater than, so we don't have an equal return value here.
Definition at line 537 of file defrag.c.
References Frag_::offset.
◆ DefragRegisterTests()
| void DefragRegisterTests | ( | void | ) |
Definition at line 3111 of file defrag.c.
References UtRegisterTest().
Here is the call graph for this function:
◆ DefragTrackerFreeFrags()
| void DefragTrackerFreeFrags | ( | DefragTracker * | tracker | ) |
Free all frags associated with a tracker.
Definition at line 132 of file defrag.c.
References SCMutexLock.
Referenced by DefragTrackerClearMemory().
Here is the caller graph for this function:
◆ RB_GENERATE()
| RB_GENERATE | ( | IP_FRAGMENTS | , |
| Frag_ | , | ||
| rb | , | ||
| DefragRbFragCompare | |||
| ) |
Variable Documentation
◆ test_dtv
| DecodeThreadVars test_dtv = { 0 } |
◆ test_tv
| ThreadVars test_tv = { 0 } |
