detect-engine-file.h File Reference
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Functions | |
| uint8_t | DetectFileInspectGeneric (DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *_alstate, void *tx, uint64_t tx_id) |
| Inspect the file inspecting keywords against the state. More... | |
Detailed Description
Definition in file detect-engine-file.h.
Function Documentation
◆ DetectFileInspectGeneric()
| uint8_t DetectFileInspectGeneric | ( | DetectEngineCtx * | de_ctx, |
| DetectEngineThreadCtx * | det_ctx, | ||
| const struct DetectEngineAppInspectionEngine_ * | engine, | ||
| const Signature * | s, | ||
| Flow * | f, | ||
| uint8_t | flags, | ||
| void * | alstate, | ||
| void * | tx, | ||
| uint64_t | tx_id | ||
| ) |
Inspect the file inspecting keywords against the state.
- Parameters
-
det_ctx detection engine thread ctx f flow s signature to inspect alstate state flags direction flag
- Return values
-
0 no match 1 match 2 can't match 3 can't match filestore signature
- Note
- flow is not locked at this time
Definition at line 182 of file detect-engine-file.c.
References Flow_::alstate, AppLayerParserGetTxFiles(), DEBUG_VALIDATE_BUG_ON, DETECT_ENGINE_INSPECT_SIG_CANT_MATCH_FILES, DETECT_ENGINE_INSPECT_SIG_NO_MATCH, flags, FileContainer_::head, Signature_::id, SCEnter, SCLogDebug, and SCReturnInt.
Here is the call graph for this function:
