suricata
Data Structures | Typedefs | Functions
detect-app-layer-event.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  DetectAppLayerEventData_
 

Typedefs

typedef struct DetectAppLayerEventData_ DetectAppLayerEventData
 

Functions

int DetectAppLayerEventPrepare (Signature *s)
 
void DetectAppLayerEventRegister (void)
 Registers the keyword handlers for the "app-layer-event" keyword. More...
 

Detailed Description

Author
Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file detect-app-layer-event.h.

Typedef Documentation

typedef struct DetectAppLayerEventData_ DetectAppLayerEventData

Function Documentation

int DetectAppLayerEventPrepare ( Signature s)

Definition at line 349 of file detect-app-layer-event.c.

References Signature_::init_data, SigMatch_::next, SigMatch_::prev, SigMatchFree(), SignatureInitData_::smlists, and SignatureInitData_::smlists_tail.

Referenced by SigMatchList2DataArray().

Here is the call graph for this function:

Here is the caller graph for this function:

void DetectAppLayerEventRegister ( void  )

Registers the keyword handlers for the "app-layer-event" keyword.

Definition at line 66 of file detect-app-layer-event.c.

References DetectAppLayerEventData_::alproto, Flow_::alproto, ALPROTO_UNKNOWN, APP_LAYER_EVENT_TYPE_PACKET, Packet_::app_layer_events, AppLayerGetPktEventInfo(), AppLayerGetProtoByName(), AppLayerParserGetEventInfo(), AppLayerParserGetEventsByTx(), AppLayerParserGetStateProgress(), AppLayerParserGetStateProgressCompletionStatus(), DetectAppLayerEventData_::arg, SigMatch_::ctx, SigMatchData_::ctx, DETECT_AL_APP_LAYER_EVENT, DETECT_ENGINE_INSPECT_SIG_CANT_MATCH, DETECT_ENGINE_INSPECT_SIG_MATCH, DETECT_ENGINE_INSPECT_SIG_NO_MATCH, DETECT_SM_LIST_MATCH, DetectAppLayerInspectEngineRegister(), DetectBufferTypeGetByName(), DetectEngineGetEventInfo(), DetectSignatureSetAppProto(), DetectAppLayerEventData_::event_id, event_type, FALSE, flags, Signature_::flags, SigTableElmt_::Free, SigMatchData_::is_last, KEYWORD_PROFILING_END, KEYWORD_PROFILING_START, SigTableElmt_::Match, MAX_ALPROTO_NAME, SigTableElmt_::name, DetectAppLayerEventData_::needs_detctx, DetectProto_::proto, Flow_::proto, Signature_::proto, SigTableElmt_::RegisterTests, SC_ERR_INVALID_SIGNATURE, SCFree, SCLogError, SCMalloc, SCStrdup, SigTableElmt_::Setup, SIG_FLAG_APPLAYER, SIG_FLAG_TOCLIENT, SIG_FLAG_TOSERVER, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SigMatchFree(), strlcpy(), TRUE, tx_id, SigMatch_::type, SigMatchData_::type, and unlikely.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function: