#include "app-layer-frames.h"
Go to the source code of this file.
Functions | |
| void | DetectRunPrefilterFrame (DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh, Packet *p, const Frames *frames, const Frame *frame, const AppProto alproto) |
| bool | DetectRunFrameInspectRule (ThreadVars *tv, DetectEngineThreadCtx *det_ctx, const Signature *s, Flow *f, Packet *p, const Frames *frames, const Frame *frame) |
| int | DetectEngineInspectFrameBufferGeneric (DetectEngineThreadCtx *det_ctx, const DetectEngineFrameInspectionEngine *engine, const Signature *s, Packet *p, const Frames *frames, const Frame *frame) |
| Do the content inspection & validation for a signature. More... | |
Detailed Description
Definition in file detect-engine-frame.h.
Function Documentation
◆ DetectEngineInspectFrameBufferGeneric()
| int DetectEngineInspectFrameBufferGeneric | ( | DetectEngineThreadCtx * | det_ctx, |
| const DetectEngineFrameInspectionEngine * | engine, | ||
| const Signature * | s, | ||
| Packet * | p, | ||
| const Frames * | frames, | ||
| const Frame * | frame | ||
| ) |
Do the content inspection & validation for a signature.
- Parameters
-
de_ctx Detection engine context det_ctx Detection engine thread context s Signature to inspect p Packet frame stream frame to inspect
- Return values
-
0 no match. 1 match.
Definition at line 560 of file detect-engine-frame.c.
References FrameStreamData::list_id, DetectEngineFrameInspectionEngine::mpm, FrameStreamData::p, Packet_::proto, SCLogDebug, DetectEngineFrameInspectionEngine::sm_list, FrameStreamData::transforms, DetectEngineFrameInspectionEngine::transforms, and DetectEngineFrameInspectionEngine::v1.
◆ DetectRunFrameInspectRule()
| bool DetectRunFrameInspectRule | ( | ThreadVars * | tv, |
| DetectEngineThreadCtx * | det_ctx, | ||
| const Signature * | s, | ||
| Flow * | f, | ||
| Packet * | p, | ||
| const Frames * | frames, | ||
| const Frame * | frame | ||
| ) |
Definition at line 228 of file detect-engine-frame.c.
References Flow_::alproto, AppLayerParserGetFrameNameById(), DEBUG_VALIDATE_BUG_ON, FrameStreamData::det_ctx, FrameStreamData::frame, Signature_::frame_inspect, Frame::id, Signature_::id, DetectEngineFrameInspectionEngine::next, FrameStreamData::p, Flow_::proto, FrameStreamData::s, SCLogDebug, and Frame::type.
◆ DetectRunPrefilterFrame()
| void DetectRunPrefilterFrame | ( | DetectEngineThreadCtx * | det_ctx, |
| const SigGroupHead * | sgh, | ||
| Packet * | p, | ||
| const Frames * | frames, | ||
| const Frame * | frame, | ||
| const AppProto | alproto | ||
| ) |
Definition at line 73 of file detect-engine-frame.c.
References PrefilterEngine_::alproto, ALPROTO_UNKNOWN, PrefilterEngine_::cb, PrefilterEngine_::ctx, FRAME_ANY_TYPE, SigGroupHead_::frame_engines, PrefilterEngine_::frame_type, PrefilterEngine_::gid, PrefilterEngine_::is_last, Packet_::pcap_cnt, PrefilterEngine_::pectx, PREFILTER_PROFILING_END, PREFILTER_PROFILING_START, PrefilterEngine_::PrefilterFrame, SCLogDebug, and Frame::type.
