Go to the documentation of this file.
46 static void DetectCipServiceRegisterTests(
void);
48 static int g_cip_buffer_id = 0;
64 = DetectCipServiceRegisterTests;
87 const char delims[] =
",";
109 uint8_t input[3] = { 0, 0, 0 };
112 token = strtok_r(rulestr, delims, &save);
113 while (token != NULL)
123 if (!isdigit((
int) *token))
137 if (!isdigit((
int) *token))
145 unsigned long num = atol(token);
160 sscanf(token,
"%2" SCNu8, &var);
163 token = strtok_r(NULL, delims, &save);
179 SCLogDebug(
"DetectCipServiceParse - match attribute %d",
181 SCLogDebug(
"DetectCipServiceParse - attribute %d",
215 cipserviced = DetectCipServiceParse(rulestr);
216 if (cipserviced == NULL)
220 g_cip_buffer_id) == NULL) {
226 if (cipserviced != NULL)
227 DetectCipServiceFree(
de_ctx, cipserviced);
247 static int DetectCipServiceParseTest01 (
void)
250 cipserviced = DetectCipServiceParse(
"7");
253 DetectCipServiceFree(NULL, cipserviced);
260 static int DetectCipServiceSignatureTest01 (
void)
273 static void DetectCipServiceRegisterTests(
void)
276 DetectCipServiceParseTest01);
278 DetectCipServiceSignatureTest01);
292 static void DetectEnipCommandRegisterTests(
void);
294 static int g_enip_buffer_id = 0;
303 =
"rules for detecting EtherNet/IP command";
310 = DetectEnipCommandRegisterTests;
337 if (!(isdigit((
int) *rulestr))) {
338 SCLogError(
"invalid ENIP command %s", rulestr);
378 enipcmdd = DetectEnipCommandParse(rulestr);
379 if (enipcmdd == NULL)
389 if (enipcmdd != NULL)
390 DetectEnipCommandFree(
de_ctx, enipcmdd);
411 static int DetectEnipCommandParseTest01 (
void)
415 enipcmdd = DetectEnipCommandParse(
"1");
419 DetectEnipCommandFree(NULL, enipcmdd);
426 static int DetectEnipCommandSignatureTest01 (
void)
441 static void DetectEnipCommandRegisterTests(
void)
444 DetectEnipCommandParseTest01);
446 DetectEnipCommandSignatureTest01);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
main detection engine ctx
int StringParseUint16(uint16_t *res, int base, size_t len, const char *str)
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
int DetectBufferTypeGetByName(const char *name)
#define MAX_CIP_ATTRIBUTE
#define SIG_FLAG_TOSERVER
#define PASS
Pass the test.
#define SCReturnPtr(x, type)
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
void DetectCipServiceRegister(void)
Registration function for cip_service: keyword.
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
uint8_t DetectEngineInspectCIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
void DetectEnipCommandRegister(void)
Registration function for enip_command: keyword.
uint8_t DetectEngineInspectENIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
#define SCLogError(...)
Macro used to log ERROR messages.
DetectEngineCtx * DetectEngineCtxInit(void)
void DetectAppLayerInspectEngineRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr Callback, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
void(* RegisterTests)(void)