suricata
Typedefs | Functions
detect-engine-helper.h File Reference
#include "app-layer-protos.h"
#include "detect.h"
#include "rust.h"
Include dependency graph for detect-engine-helper.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef bool(* SimpleGetTxBuffer) (void *, uint8_t, const uint8_t **, uint32_t *)
 
typedef bool(* MultiGetTxBuffer) (void *, uint8_t, uint32_t, const uint8_t **, uint32_t *)
 

Functions

int DetectHelperKeywordRegister (const SCSigTableElmt *kw)
 
int DetectHelperBufferRegister (const char *name, AppProto alproto, bool toclient, bool toserver)
 
InspectionBufferDetectHelperGetData (struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, SimpleGetTxBuffer GetBuf)
 
int DetectHelperBufferMpmRegister (const char *name, const char *desc, AppProto alproto, bool toclient, bool toserver, InspectionBufferGetDataPtr GetData)
 
int DetectHelperMultiBufferMpmRegister (const char *name, const char *desc, AppProto alproto, bool toclient, bool toserver, InspectionMultiBufferGetDataPtr GetData)
 
InspectionBufferDetectHelperGetMultiData (struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, uint32_t index, MultiGetTxBuffer GetBuf)
 
int DetectHelperTransformRegister (const SCTransformTableElmt *kw)
 
const uint8_t * InspectionBufferPtr (InspectionBuffer *buf)
 
uint32_t InspectionBufferLength (InspectionBuffer *buf)
 

Detailed Description

Author
Philippe Antoine p.ant.nosp@m.oine.nosp@m.@cate.nosp@m.nacy.nosp@m.ber.f.nosp@m.r

Definition in file detect-engine-helper.h.

Typedef Documentation

◆ MultiGetTxBuffer

typedef bool(* MultiGetTxBuffer) (void *, uint8_t, uint32_t, const uint8_t **, uint32_t *)

Definition at line 35 of file detect-engine-helper.h.

◆ SimpleGetTxBuffer

typedef bool(* SimpleGetTxBuffer) (void *, uint8_t, const uint8_t **, uint32_t *)

Definition at line 34 of file detect-engine-helper.h.

Function Documentation

◆ DetectHelperBufferMpmRegister()

int DetectHelperBufferMpmRegister ( const char *  name,
const char *  desc,
AppProto  alproto,
bool  toclient,
bool  toserver,
InspectionBufferGetDataPtr  GetData 
)

Definition at line 65 of file detect-engine-helper.c.

◆ DetectHelperBufferRegister()

int DetectHelperBufferRegister ( const char *  name,
AppProto  alproto,
bool  toclient,
bool  toserver 
)

Definition at line 33 of file detect-engine-helper.c.

References DetectAppLayerInspectEngineRegister(), DetectBufferTypeRegister(), DetectEngineInspectGenericList(), SIG_FLAG_TOCLIENT, and SIG_FLAG_TOSERVER.

Here is the call graph for this function:

◆ DetectHelperGetData()

InspectionBuffer* DetectHelperGetData ( struct DetectEngineThreadCtx_ det_ctx,
const DetectEngineTransforms transforms,
Flow f,
const uint8_t  flow_flags,
void *  txv,
const int  list_id,
SimpleGetTxBuffer  GetBuf 
)

◆ DetectHelperGetMultiData()

InspectionBuffer* DetectHelperGetMultiData ( struct DetectEngineThreadCtx_ det_ctx,
const DetectEngineTransforms transforms,
Flow f,
const uint8_t  flow_flags,
void *  txv,
const int  list_id,
uint32_t  index,
MultiGetTxBuffer  GetBuf 
)

Definition at line 151 of file detect-engine-helper.c.

References FrameStreamData::det_ctx, DETECT_CI_FLAGS_SINGLE, InspectionBuffer::flags, InspectionBuffer::initialized, InspectionBufferMultipleForListGet(), InspectionBufferSetupMulti(), InspectionBufferSetupMultiEmpty(), FrameStreamData::list_id, and FrameStreamData::transforms.

Here is the call graph for this function:

◆ DetectHelperKeywordRegister()

int DetectHelperKeywordRegister ( const SCSigTableElmt *  kw)

Definition at line 98 of file detect-engine-helper.c.

References SigTableElmt_::AppLayerTxMatch, ctx, de, SigTableElmt_::desc, FrameStreamData::det_ctx, DETECT_TBLSIZE, DETECT_TBLSIZE_IDX, DETECT_TBLSIZE_STEP, flags, SigTableElmt_::flags, SigTableElmt_::Free, SigTableElmt_::name, FrameStreamData::s, SCRealloc, SigTableElmt_::Setup, sigmatch_table, unlikely, and SigTableElmt_::url.

◆ DetectHelperMultiBufferMpmRegister()

int DetectHelperMultiBufferMpmRegister ( const char *  name,
const char *  desc,
AppProto  alproto,
bool  toclient,
bool  toserver,
InspectionMultiBufferGetDataPtr  GetData 
)

Definition at line 84 of file detect-engine-helper.c.

◆ DetectHelperTransformRegister()

int DetectHelperTransformRegister ( const SCTransformTableElmt *  kw)

Definition at line 124 of file detect-engine-helper.c.

References de, SigTableElmt_::desc, DETECT_TBLSIZE, DETECT_TBLSIZE_IDX, DETECT_TBLSIZE_STEP, SigTableElmt_::flags, SigTableElmt_::Free, SigTableElmt_::name, FrameStreamData::s, SCRealloc, SigTableElmt_::Setup, sigmatch_table, SigTableElmt_::Transform, SigTableElmt_::TransformValidate, unlikely, and SigTableElmt_::url.

◆ InspectionBufferLength()

uint32_t InspectionBufferLength ( InspectionBuffer buf)

Definition at line 180 of file detect-engine-helper.c.

References InspectionBuffer::inspect_len.

◆ InspectionBufferPtr()

const uint8_t* InspectionBufferPtr ( InspectionBuffer buf)

Definition at line 175 of file detect-engine-helper.c.

References InspectionBuffer::inspect.