suricata
detect-dsize.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  DetectDsizeData_
 

Macros

#define DETECTDSIZE_LT   0
 
#define DETECTDSIZE_EQ   1
 
#define DETECTDSIZE_GT   2
 
#define DETECTDSIZE_RA   3
 

Typedefs

typedef struct DetectDsizeData_ DetectDsizeData
 

Functions

void DetectDsizeRegister (void)
 Registration function for dsize: keyword. More...
 
int SigParseGetMaxDsize (const Signature *s)
 get max dsize "depth" More...
 
void SigParseSetDsizePair (Signature *s)
 set prefilter dsize pair More...
 
void SigParseApplyDsizeToContent (Signature *s)
 Apply dsize as depth to content matches in the rule. More...
 

Detailed Description

Macro Definition Documentation

#define DETECTDSIZE_EQ   1
#define DETECTDSIZE_GT   2
#define DETECTDSIZE_LT   0
#define DETECTDSIZE_RA   3

Typedef Documentation

Function Documentation

void DetectDsizeRegister ( void  )
int SigParseGetMaxDsize ( const Signature s)

get max dsize "depth"

Parameters
ssignature to get dsize value from
Return values
depthor negative value

Definition at line 381 of file detect-dsize.c.

References SigMatch_::ctx, DETECTDSIZE_EQ, DETECTDSIZE_GT, DETECTDSIZE_LT, DETECTDSIZE_RA, DetectDsizeData_::dsize, DetectDsizeData_::dsize2, SignatureInitData_::dsize_sm, Signature_::flags, Signature_::init_data, DetectDsizeData_::mode, SCReturnInt, and SIG_FLAG_DSIZE.

Referenced by DetectContentPMATCHValidateCallback(), and SigParseApplyDsizeToContent().

Here is the caller graph for this function:

void SigParseSetDsizePair ( Signature s)