Go to the source code of this file.
Functions | |
| DetectAddress * | DetectAddressInit (void) |
| Creates and returns a new instance of a DetectAddress. More... | |
| void | DetectAddressFree (DetectAddress *) |
| Frees a DetectAddress instance. More... | |
| DetectAddress * | DetectAddressCopy (DetectAddress *) |
| copy a DetectAddress More... | |
| int | DetectAddressParse (const DetectEngineCtx *, DetectAddressHead *, const char *) |
| Parses an address group sent as a character string and updates the DetectAddressHead sent as the argument with the relevant address ranges from the parsed string. More... | |
| void | DetectAddressHeadCleanup (DetectAddressHead *) |
| Cleans a DetectAddressHead. The functions frees the address group heads(ipv4 and ipv6) inside the DetectAddressHead instance. More... | |
| bool | DetectAddressListsAreEqual (DetectAddress *list1, DetectAddress *list2) |
| Checks if two address group lists are equal. More... | |
| DetectAddress * | DetectAddressLookupInHead (const DetectAddressHead *, Address *) |
| Find the group matching address in a group head. More... | |
| int | DetectAddressCmp (DetectAddress *, DetectAddress *) |
| Used to compare 2 address ranges. More... | |
| int | DetectAddressMatchIPv4 (const DetectMatchAddressIPv4 *, uint16_t, const Address *) |
| Match a packets address against a signatures addrs array. More... | |
| int | DetectAddressMatchIPv6 (const DetectMatchAddressIPv6 *, uint16_t, const Address *) |
| Match a packets address against a signatures addrs array. More... | |
| int | DetectAddressTestConfVars (void) |
| void | DetectAddressTests (void) |
| int | DetectAddressMapInit (DetectEngineCtx *de_ctx) |
| void | DetectAddressMapFree (DetectEngineCtx *de_ctx) |
| const DetectAddressHead * | DetectParseAddress (DetectEngineCtx *de_ctx, const char *string, bool *contains_negation) |
Detailed Description
Definition in file detect-engine-address.h.
Function Documentation
◆ DetectAddressCmp()
| int DetectAddressCmp | ( | DetectAddress * | a, |
| DetectAddress * | b | ||
| ) |
Used to compare 2 address ranges.
- Parameters
-
a Pointer to the first DetectAddressData to be compared. b Pointer to the second DetectAddressData to be compared.
Definition at line 1578 of file detect-engine-address.c.
References ADDRESS_ER, DetectAddressCmpIPv4(), DetectAddressCmpIPv6(), Address_::family, and DetectAddress_::ip.
Referenced by DetectAddressListsAreEqual().
◆ DetectAddressCopy()
| DetectAddress* DetectAddressCopy | ( | DetectAddress * | orig | ) |
copy a DetectAddress
- Parameters
-
orig Pointer to the instance of DetectAddress that contains the address data to be copied to the new instance.
- Return values
-
ag Pointer to the new instance of DetectAddress that contains the copied address.
Definition at line 128 of file detect-engine-address.c.
References COPY_ADDRESS, DetectAddressInit(), DetectAddress_::flags, DetectAddress_::ip, and DetectAddress_::ip2.
Referenced by DetectThresholdDataCopy().
◆ DetectAddressFree()
| void DetectAddressFree | ( | DetectAddress * | ag | ) |
Frees a DetectAddress instance.
- Parameters
-
ag Pointer to the DetectAddress instance to be freed.
Definition at line 82 of file detect-engine-address.c.
References SCFree.
Referenced by DetectAddressCutIPv4().
◆ DetectAddressHeadCleanup()
| void DetectAddressHeadCleanup | ( | DetectAddressHead * | gh | ) |
Cleans a DetectAddressHead. The functions frees the address group heads(ipv4 and ipv6) inside the DetectAddressHead instance.
- Parameters
-
gh Pointer to the DetectAddressHead instance that has to be cleaned.
Definition at line 1490 of file detect-engine-address.c.
References DetectAddressHead_::ipv4_head.
◆ DetectAddressInit()
| DetectAddress* DetectAddressInit | ( | void | ) |
Creates and returns a new instance of a DetectAddress.
- Return values
-
ag Pointer to the newly created DetectAddress on success; NULL on failure.
Definition at line 69 of file detect-engine-address.c.
References SCCalloc, and unlikely.
Referenced by DetectAddressCopy(), DetectAddressCutIPv4(), and DetectAddressCutNotIPv4().
◆ DetectAddressListsAreEqual()
| bool DetectAddressListsAreEqual | ( | DetectAddress * | list1, |
| DetectAddress * | list2 | ||
| ) |
Checks if two address group lists are equal.
- Parameters
-
list1 Pointer to the first address group list. list2 Pointer to the second address group list.
- Return values
-
true On success. false On failure.
Definition at line 367 of file detect-engine-address.c.
References ADDRESS_EQ, DetectAddressCmp(), and DetectAddress_::next.
◆ DetectAddressLookupInHead()
| DetectAddress* DetectAddressLookupInHead | ( | const DetectAddressHead * | gh, |
| Address * | a | ||
| ) |
Find the group matching address in a group head.
- Parameters
-
gh Pointer to the address group head(DetectAddressHead instance). a Pointer to an Address instance.
- Return values
-
g On success pointer to an DetectAddress if we find a match for the Address "a", in the DetectAddressHead "gh".
Definition at line 1816 of file detect-engine-address.c.
References Address_::family, DetectAddressHead_::ipv4_head, DetectAddressHead_::ipv6_head, DetectAddress_::next, SCEnter, SCLogDebug, and SCReturnPtr.
◆ DetectAddressMapFree()
| void DetectAddressMapFree | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 1358 of file detect-engine-address.c.
References DetectEngineCtx_::address_table, de_ctx, and HashListTableFree().
◆ DetectAddressMapInit()
| int DetectAddressMapInit | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 1347 of file detect-engine-address.c.
References DetectEngineCtx_::address_table, de_ctx, and HashListTableInit().
◆ DetectAddressMatchIPv4()
| int DetectAddressMatchIPv4 | ( | const DetectMatchAddressIPv4 * | addrs, |
| uint16_t | addrs_cnt, | ||
| const Address * | a | ||
| ) |
Match a packets address against a signatures addrs array.
- Parameters
-
addrs array of DetectMatchAddressIPv4's addrs_cnt array size in members a packets address
- Return values
-
0 no match 1 match
- Note
- addresses in addrs are in host order
- Todo:
- array should be ordered, so we can break out of the loop
Definition at line 1605 of file detect-engine-address.c.
References SCEnter, SCNtohl, and SCReturnInt.
◆ DetectAddressMatchIPv6()
| int DetectAddressMatchIPv6 | ( | const DetectMatchAddressIPv6 * | addrs, |
| uint16_t | addrs_cnt, | ||
| const Address * | a | ||
| ) |
Match a packets address against a signatures addrs array.
- Parameters
-
addrs array of DetectMatchAddressIPv6's addrs_cnt array size in members a packets address
- Return values
-
0 no match 1 match
- Note
- addresses in addrs are in host order
- Todo:
- array should be ordered, so we can break out of the loop
Definition at line 1638 of file detect-engine-address.c.
References SCEnter, SCNtohl, and SCReturnInt.
◆ DetectAddressParse()
| int DetectAddressParse | ( | const DetectEngineCtx * | de_ctx, |
| DetectAddressHead * | gh, | ||
| const char * | str | ||
| ) |
Parses an address group sent as a character string and updates the DetectAddressHead sent as the argument with the relevant address ranges from the parsed string.
- Parameters
-
de_ctx Pointer to the detection engine context gh Pointer to the DetectAddressHead. str Pointer to the character string containing the address group that has to be parsed.
- Return values
-
1 On success. Contained negation. 0 On success. Did not contain negation. -1 On failure.
Definition at line 1411 of file detect-engine-address.c.
References SCLogDebug, and str.
◆ DetectAddressTestConfVars()
| int DetectAddressTestConfVars | ( | void | ) |
Definition at line 1235 of file detect-engine-address.c.
References ConfGetNode(), ConfNode_::name, next, SCLogDebug, TAILQ_FOREACH, TAILQ_HEAD_INITIALIZER, and ConfNode_::val.
◆ DetectAddressTests()
| void DetectAddressTests | ( | void | ) |
◆ DetectParseAddress()
| const DetectAddressHead* DetectParseAddress | ( | DetectEngineCtx * | de_ctx, |
| const char * | string, | ||
| bool * | contains_negation | ||
| ) |
Definition at line 1451 of file detect-engine-address.c.
References res.
