detect-engine-file.c File Reference
#include "suricata-common.h"#include "decode.h"#include "detect.h"#include "detect-engine.h"#include "detect-parse.h"#include "detect-engine-state.h"#include "detect-filestore.h"#include "detect-engine-dcepayload.h"#include "detect-engine-file.h"#include "stream-tcp.h"#include "stream-tcp-private.h"#include "stream-tcp-reassemble.h"#include "app-layer-parser.h"#include "app-layer-protos.h"#include "app-layer-htp.h"#include "app-layer-smtp.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-profiling.h"#include "util-validate.h"
Include dependency graph for detect-engine-file.c:
Go to the source code of this file.
Functions | |
| uint8_t | DetectFileInspectGeneric (DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id) |
| Inspect the file inspecting keywords against the state. More... | |
Detailed Description
Definition in file detect-engine-file.c.
Function Documentation
◆ DetectFileInspectGeneric()
| uint8_t DetectFileInspectGeneric | ( | DetectEngineCtx * | de_ctx, |
| DetectEngineThreadCtx * | det_ctx, | ||
| const struct DetectEngineAppInspectionEngine_ * | engine, | ||
| const Signature * | s, | ||
| Flow * | f, | ||
| uint8_t | flags, | ||
| void * | alstate, | ||
| void * | tx, | ||
| uint64_t | tx_id | ||
| ) |
Inspect the file inspecting keywords against the state.
- Parameters
-
det_ctx detection engine thread ctx f flow s signature to inspect alstate state flags direction flag
- Return values
-
0 no match 1 match 2 can't match 3 can't match filestore signature
- Note
- flow is not locked at this time
Definition at line 182 of file detect-engine-file.c.
References Flow_::alstate, AppLayerParserGetTxFiles(), DEBUG_VALIDATE_BUG_ON, DETECT_ENGINE_INSPECT_SIG_CANT_MATCH_FILES, DETECT_ENGINE_INSPECT_SIG_NO_MATCH, flags, FileContainer_::head, Signature_::id, SCEnter, SCLogDebug, and SCReturnInt.
Here is the call graph for this function:
