#include "suricata-common.h"
#include "threads.h"
#include "decode.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-parser.h"
#include "app-layer-smtp.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-state.h"
#include "detect-app-layer-event.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "decode-events.h"
#include "util-byte.h"
#include "util-debug.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "stream-tcp-util.h"
#include "stream-tcp-private.h"
#include "stream-tcp-reassemble.h"
#include "stream-tcp.h"

Include dependency graph for detect-app-layer-event.c:

Macros
#define	MAX_ALPROTO_NAME 50

#define	APP_LAYER_EVENT_TEST_MAP_EVENT1 0

#define	APP_LAYER_EVENT_TEST_MAP_EVENT2 1

#define	APP_LAYER_EVENT_TEST_MAP_EVENT3 2

#define	APP_LAYER_EVENT_TEST_MAP_EVENT4 3

#define	APP_LAYER_EVENT_TEST_MAP_EVENT5 4

#define	APP_LAYER_EVENT_TEST_MAP_EVENT6 5

Functions
void	DetectAppLayerEventRegister (void)
	Registers the keyword handlers for the "app-layer-event" keyword. More...

int	DetectAppLayerEventPrepare (DetectEngineCtx de_ctx, Signature s)

Variables
SCEnumCharMap	app_layer_event_test_map []

Detailed Description

Author: Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file detect-app-layer-event.c.

Macro Definition Documentation

◆ APP_LAYER_EVENT_TEST_MAP_EVENT1

#define APP_LAYER_EVENT_TEST_MAP_EVENT1 0

Definition at line 388 of file detect-app-layer-event.c.

◆ APP_LAYER_EVENT_TEST_MAP_EVENT2

#define APP_LAYER_EVENT_TEST_MAP_EVENT2 1

Definition at line 389 of file detect-app-layer-event.c.

◆ APP_LAYER_EVENT_TEST_MAP_EVENT3

#define APP_LAYER_EVENT_TEST_MAP_EVENT3 2

Definition at line 390 of file detect-app-layer-event.c.

◆ APP_LAYER_EVENT_TEST_MAP_EVENT4

#define APP_LAYER_EVENT_TEST_MAP_EVENT4 3

Definition at line 391 of file detect-app-layer-event.c.

◆ APP_LAYER_EVENT_TEST_MAP_EVENT5

#define APP_LAYER_EVENT_TEST_MAP_EVENT5 4

Definition at line 392 of file detect-app-layer-event.c.

◆ APP_LAYER_EVENT_TEST_MAP_EVENT6

#define APP_LAYER_EVENT_TEST_MAP_EVENT6 5

Definition at line 393 of file detect-app-layer-event.c.

◆ MAX_ALPROTO_NAME

#define MAX_ALPROTO_NAME 50

Definition at line 50 of file detect-app-layer-event.c.

Function Documentation

◆ DetectAppLayerEventPrepare()

int DetectAppLayerEventPrepare	(	DetectEngineCtx *	de_ctx,
		Signature *	s
	)

Definition at line 349 of file detect-app-layer-event.c.

References Signature_::init_data, and SignatureInitData_::smlists.

◆ DetectAppLayerEventRegister()

void DetectAppLayerEventRegister ( void )

Registers the keyword handlers for the "app-layer-event" keyword.

Definition at line 66 of file detect-app-layer-event.c.

References SigTableElmt_::desc, DETECT_AL_APP_LAYER_EVENT, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function:

Variable Documentation

◆ app_layer_event_test_map

SCEnumCharMap app_layer_event_test_map[]

Initial value:

= {
    { "event1", APP_LAYER_EVENT_TEST_MAP_EVENT1 },
    { "event2", APP_LAYER_EVENT_TEST_MAP_EVENT2 },
    { "event3", APP_LAYER_EVENT_TEST_MAP_EVENT3 },
    { "event4", APP_LAYER_EVENT_TEST_MAP_EVENT4 },
    { "event5", APP_LAYER_EVENT_TEST_MAP_EVENT5 },
    { "event6", APP_LAYER_EVENT_TEST_MAP_EVENT6 },
}

Definition at line 394 of file detect-app-layer-event.c.

Macros

Functions

Variables