suricata
Data Structures | Typedefs | Functions
defrag.h File Reference
#include "threads.h"
#include "util-pool.h"
#include "threadvars.h"
#include "decode.h"
Include dependency graph for defrag.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  DefragContext_
 
struct  Frag_
 
struct  DefragTracker_
 

Typedefs

typedef struct DefragContext_ DefragContext
 
typedef struct Frag_ Frag
 
typedef struct DefragTracker_ DefragTracker
 

Functions

int DefragRbFragCompare (struct Frag_ *a, struct Frag_ *b)
 
 RB_HEAD (IP_FRAGMENTS, Frag_)
 
 RB_PROTOTYPE (IP_FRAGMENTS, Frag_, rb, DefragRbFragCompare)
 
void DefragInit (void)
 
void DefragDestroy (void)
 
uint8_t DefragGetOsPolicy (Packet *)
 Get the defrag policy based on the destination address of the packet. More...
 
void DefragTrackerFreeFrags (DefragTracker *)
 Free all frags associated with a tracker. More...
 
PacketDefrag (ThreadVars *, DecodeThreadVars *, Packet *)
 Entry point for IPv4 and IPv6 fragments. More...
 
void DefragRegisterTests (void)
 

Detailed Description

Author
Endace Technology Limited, Jason Ish jason.nosp@m..ish.nosp@m.@enda.nosp@m.ce.c.nosp@m.om

Definition in file defrag.h.

Typedef Documentation

◆ DefragContext

typedef struct DefragContext_ DefragContext

A context for an instance of a fragmentation re-assembler, in case we ever need more than one.

◆ DefragTracker

typedef struct DefragTracker_ DefragTracker

A defragmentation tracker. Used to track fragments that make up a single packet.

◆ Frag

typedef struct Frag_ Frag

Storage for an individual fragment.

Function Documentation

◆ Defrag()

Packet* Defrag ( ThreadVars tv,
DecodeThreadVars dtv,
Packet p 
)

Entry point for IPv4 and IPv6 fragments.

Parameters
tvThreadVars for the calling decoder.
pThe packet fragment.
Return values
Anew Packet resembling the re-assembled packet if the most recent fragment allowed the packet to be re-assembled, otherwise NULL is returned.

Definition at line 1064 of file defrag.c.

References af.

◆ DefragDestroy()

void DefragDestroy ( void  )

Definition at line 1133 of file defrag.c.

References DefragHashShutdown().

Here is the call graph for this function:

◆ DefragGetOsPolicy()

uint8_t DefragGetOsPolicy ( Packet p)

Get the defrag policy based on the destination address of the packet.

Parameters
pThe packet used to get the destination address.
Return values
Thedefrag policy to use.

Definition at line 986 of file defrag.c.

◆ DefragInit()

void DefragInit ( void  )

Definition at line 1113 of file defrag.c.

References ConfGetInt(), DEFAULT_DEFRAG_HASH_SIZE, and DefragPolicyLoadFromConfig().

Referenced by PreRunInit().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ DefragRbFragCompare()

int DefragRbFragCompare ( struct Frag_ a,
struct Frag_ b 
)

The RB_TREE compare function for fragments.

When it comes to adding fragments, we want subsequent ones with the same offset to be treated as greater than, so we don't have an equal return value here.

Definition at line 538 of file defrag.c.

References Frag_::offset.

◆ DefragRegisterTests()

void DefragRegisterTests ( void  )

Definition at line 3179 of file defrag.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ DefragTrackerFreeFrags()

void DefragTrackerFreeFrags ( DefragTracker )

Free all frags associated with a tracker.

Definition at line 132 of file defrag.c.

References SCMutexLock.

Referenced by DefragTrackerClearMemory().

Here is the caller graph for this function:

◆ RB_HEAD()

RB_HEAD ( IP_FRAGMENTS  ,
Frag_   
)

◆ RB_PROTOTYPE()

RB_PROTOTYPE ( IP_FRAGMENTS  ,
Frag_  ,
rb  ,
DefragRbFragCompare   
)