detect-app-layer-event.h File Reference

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	DetectAppLayerEventData_

Typedefs
typedef struct DetectAppLayerEventData_	DetectAppLayerEventData

Functions
int	DetectAppLayerEventPrepare (Signature *s)
void	DetectAppLayerEventRegister (void)
	Registers the keyword handlers for the "app-layer-event" keyword. More...

Detailed Description

Author

Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file detect-app-layer-event.h.

Typedef Documentation

typedef struct DetectAppLayerEventData_ DetectAppLayerEventData

Function Documentation

int DetectAppLayerEventPrepare

(

Signature *

s

)

Definition at line 352 of file detect-app-layer-event.c.

References Signature_::init_data, SigMatch_::next, SigMatch_::prev, SigMatchFree(), SignatureInitData_::smlists, and SignatureInitData_::smlists_tail.

Referenced by SigMatchList2DataArray().

Here is the call graph for this function:

Here is the caller graph for this function:

void DetectAppLayerEventRegister

(

void

)

Registers the keyword handlers for the "app-layer-event" keyword.

Definition at line 66 of file detect-app-layer-event.c.

References DetectAppLayerEventData_::alproto, Flow_::alproto, ALPROTO_UNKNOWN, APP_LAYER_EVENT_TYPE_PACKET, Packet_::app_layer_events, AppLayerGetPktEventInfo(), AppLayerGetProtoByName(), AppLayerParserGetEventInfo(), AppLayerParserGetEventsByTx(), AppLayerParserGetStateProgress(), AppLayerParserGetStateProgressCompletionStatus(), DetectAppLayerEventData_::arg, SigMatch_::ctx, SigMatchData_::ctx, SigTableElmt_::desc, DETECT_AL_APP_LAYER_EVENT, DETECT_ENGINE_INSPECT_SIG_CANT_MATCH, DETECT_ENGINE_INSPECT_SIG_MATCH, DETECT_ENGINE_INSPECT_SIG_NO_MATCH, DETECT_SM_LIST_MATCH, DetectAppLayerInspectEngineRegister(), DetectBufferTypeGetByName(), DetectEngineGetEventInfo(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, DetectAppLayerEventData_::event_id, event_type, FALSE, flags, Signature_::flags, SigTableElmt_::Free, SigMatchData_::is_last, KEYWORD_PROFILING_END, KEYWORD_PROFILING_START, SigTableElmt_::Match, MAX_ALPROTO_NAME, SigTableElmt_::name, DetectAppLayerEventData_::needs_detctx, DetectProto_::proto, Flow_::proto, Signature_::proto, SigTableElmt_::RegisterTests, SC_ERR_INVALID_SIGNATURE, SCFree, SCLogError, SCMalloc, SCStrdup, SigTableElmt_::Setup, SIG_FLAG_APPLAYER, SIG_FLAG_TOCLIENT, SIG_FLAG_TOSERVER, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SigMatchFree(), strlcpy(), TRUE, tx_id, SigMatch_::type, SigMatchData_::type, unlikely, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function: