detect-engine-enip.h File Reference
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Functions | |
| uint8_t | DetectEngineInspectCIP (DetectEngineCtx *de_ctx, DetectEngineThreadCtx *, const struct DetectEngineAppInspectionEngine_ *, const Signature *, Flow *, uint8_t, void *, void *, uint64_t) |
| Do the content inspection & validation for a signature. More... | |
| uint8_t | DetectEngineInspectENIP (DetectEngineCtx *de_ctx, DetectEngineThreadCtx *, const struct DetectEngineAppInspectionEngine_ *, const Signature *, Flow *, uint8_t, void *, void *, uint64_t) |
| Do the content inspection & validation for a signature. More... | |
Detailed Description
Definition in file detect-engine-enip.h.
Function Documentation
◆ DetectEngineInspectCIP()
| uint8_t DetectEngineInspectCIP | ( | DetectEngineCtx * | de_ctx, |
| DetectEngineThreadCtx * | det_ctx, | ||
| const struct DetectEngineAppInspectionEngine_ * | engine, | ||
| const Signature * | s, | ||
| Flow * | f, | ||
| uint8_t | flags, | ||
| void * | alstate, | ||
| void * | txv, | ||
| uint64_t | tx_id | ||
| ) |
Do the content inspection & validation for a signature.
- Parameters
-
de_ctx Detection engine context det_ctx Detection engine thread context s Signature to inspect ( and sm: SigMatch to inspect) f Flow flags App layer flags alstate App layer state txv Pointer to ENIP Transaction structure
- Return values
-
0 no match or 1 match
Definition at line 221 of file detect-engine-enip.c.
References SigMatchData_::ctx, SCEnter, SCLogDebug, SCReturnInt, and DetectEngineAppInspectionEngine_::smd.
◆ DetectEngineInspectENIP()
| uint8_t DetectEngineInspectENIP | ( | DetectEngineCtx * | de_ctx, |
| DetectEngineThreadCtx * | det_ctx, | ||
| const struct DetectEngineAppInspectionEngine_ * | engine, | ||
| const Signature * | s, | ||
| Flow * | f, | ||
| uint8_t | flags, | ||
| void * | alstate, | ||
| void * | txv, | ||
| uint64_t | tx_id | ||
| ) |
Do the content inspection & validation for a signature.
- Parameters
-
de_ctx Detection engine context det_ctx Detection engine thread context s Signature to inspect ( and sm: SigMatch to inspect) f Flow flags App layer flags alstate App layer state txv Pointer to ENIP Transaction structure
- Return values
-
0 no match or 1 match
Definition at line 260 of file detect-engine-enip.c.
References ENIPEncapHdr_::command, SigMatchData_::ctx, DetectEnipCommandData_::enipcommand, ENIPTransaction_::header, SCEnter, SCLogDebug, SCReturnInt, and DetectEngineAppInspectionEngine_::smd.
