suricata
detect-engine-helper.h
Go to the documentation of this file.
1 /* Copyright (C) 2023 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Philippe Antoine <p.antoine@catenacyber.fr>
22  */
23 
24 #ifndef SURICATA_DETECT_ENGINE_HELPER_H
25 #define SURICATA_DETECT_ENGINE_HELPER_H
26 
27 #include "app-layer-protos.h"
28 #include "detect.h"
29 #include "rust.h"
30 
31 int DetectHelperKeywordRegister(const SCSigTableElmt *kw);
32 int DetectHelperBufferRegister(const char *name, AppProto alproto, bool toclient, bool toserver);
33 
34 typedef bool (*SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *);
35 typedef bool (*MultiGetTxBuffer)(void *, uint8_t, uint32_t, const uint8_t **, uint32_t *);
36 
37 InspectionBuffer *DetectHelperGetData(struct DetectEngineThreadCtx_ *det_ctx,
38  const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
39  const int list_id, SimpleGetTxBuffer GetBuf);
40 int DetectHelperBufferMpmRegister(const char *name, const char *desc, AppProto alproto,
41  bool toclient, bool toserver, InspectionBufferGetDataPtr GetData);
42 int DetectHelperMultiBufferMpmRegister(const char *name, const char *desc, AppProto alproto,
43  bool toclient, bool toserver, InspectionMultiBufferGetDataPtr GetData);
44 
45 InspectionBuffer *DetectHelperGetMultiData(struct DetectEngineThreadCtx_ *det_ctx,
46  const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
47  const int list_id, uint32_t index, MultiGetTxBuffer GetBuf);
48 
49 int DetectHelperTransformRegister(const SCTransformTableElmt *kw);
50 const uint8_t *InspectionBufferPtr(InspectionBuffer *buf);
51 uint32_t InspectionBufferLength(InspectionBuffer *buf);
52 
53 #endif /* SURICATA_DETECT_ENGINE_HELPER_H */
DetectHelperKeywordRegister
int DetectHelperKeywordRegister(const SCSigTableElmt *kw)
Definition: detect-engine-helper.c:98
DetectHelperTransformRegister
int DetectHelperTransformRegister(const SCTransformTableElmt *kw)
Definition: detect-engine-helper.c:124
DetectEngineTransforms
Definition: detect.h:408
AppProto
uint16_t AppProto
Definition: app-layer-protos.h:81
InspectionMultiBufferGetDataPtr
InspectionBuffer *(* InspectionMultiBufferGetDataPtr)(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, const uint32_t local_id)
Definition: detect.h:419
InspectionBuffer
Definition: detect.h:373
FrameStreamData::list_id
int list_id
Definition: detect-engine-frame.c:48
Flow_
Flow data structure.
Definition: flow.h:356
InspectionBufferGetDataPtr
InspectionBuffer *(* InspectionBufferGetDataPtr)(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id)
Definition: detect.h:414
FrameStreamData::det_ctx
DetectEngineThreadCtx * det_ctx
Definition: detect-engine-frame.c:45
InspectionBufferLength
uint32_t InspectionBufferLength(InspectionBuffer *buf)
Definition: detect-engine-helper.c:180
rust.h
DetectHelperGetMultiData
InspectionBuffer * DetectHelperGetMultiData(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, uint32_t index, MultiGetTxBuffer GetBuf)
Definition: detect-engine-helper.c:151
InspectionBufferPtr
const uint8_t * InspectionBufferPtr(InspectionBuffer *buf)
Definition: detect-engine-helper.c:175
MultiGetTxBuffer
bool(* MultiGetTxBuffer)(void *, uint8_t, uint32_t, const uint8_t **, uint32_t *)
Definition: detect-engine-helper.h:35
DetectEngineThreadCtx_
Definition: detect.h:1093
SimpleGetTxBuffer
bool(* SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *)
Definition: detect-engine-helper.h:34
DetectHelperGetData
InspectionBuffer * DetectHelperGetData(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, SimpleGetTxBuffer GetBuf)
detect.h
FrameStreamData::transforms
const DetectEngineTransforms * transforms
Definition: detect-engine-frame.c:46
DetectHelperBufferRegister
int DetectHelperBufferRegister(const char *name, AppProto alproto, bool toclient, bool toserver)
Definition: detect-engine-helper.c:33
app-layer-protos.h
DetectHelperBufferMpmRegister
int DetectHelperBufferMpmRegister(const char *name, const char *desc, AppProto alproto, bool toclient, bool toserver, InspectionBufferGetDataPtr GetData)
Definition: detect-engine-helper.c:65
DetectHelperMultiBufferMpmRegister
int DetectHelperMultiBufferMpmRegister(const char *name, const char *desc, AppProto alproto, bool toclient, bool toserver, InspectionMultiBufferGetDataPtr GetData)
Definition: detect-engine-helper.c:84