#include "suricata-common.h"#include "suricata.h"#include "decode.h"#include "detect.h"#include "host.h"#include "detect-detection-filter.h"#include "detect-threshold.h"#include "detect-parse.h"#include "util-byte.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-debug.h"#include "detect-engine-build.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-engine-threshold.h"#include "detect-engine-alert.h"#include "util-time.h"#include "util-hashlist.h"#include "action-globals.h"#include "packet.h"
Include dependency graph for detect-detection-filter.c:
Go to the source code of this file.
Macros | |
| #define | TRACK_DST 1 |
| #define | TRACK_SRC 2 |
| #define | PARSE_REGEX |
| Regex for parsing our detection_filter options. More... | |
Functions | |
| void | DetectDetectionFilterRegister (void) |
| Registration function for detection_filter: keyword. More... | |
Detailed Description
Implements the detection_filter keyword
Definition in file detect-detection-filter.c.
Macro Definition Documentation
◆ PARSE_REGEX
| #define PARSE_REGEX |
Value:
"^\\s*(track|count|seconds)\\s+(by_src|by_dst|\\d+)\\s*,\\s*(track|count|seconds)\\s+(by_src|" \
"by_dst|\\d+)\\s*,\\s*(track|count|seconds)\\s+(by_src|by_dst|\\d+)\\s*$"
Regex for parsing our detection_filter options.
Definition at line 50 of file detect-detection-filter.c.
◆ TRACK_DST
| #define TRACK_DST 1 |
Definition at line 44 of file detect-detection-filter.c.
◆ TRACK_SRC
| #define TRACK_SRC 2 |
Definition at line 45 of file detect-detection-filter.c.
Function Documentation
◆ DetectDetectionFilterRegister()
| void DetectDetectionFilterRegister | ( | void | ) |
Registration function for detection_filter: keyword.
Registration function for detection_filter: keyword
Definition at line 66 of file detect-detection-filter.c.
References SigTableElmt_::desc, DETECT_DETECTION_FILTER, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
Here is the caller graph for this function:
