suricata
detect-engine-helper.h
Go to the documentation of this file.
1 /* Copyright (C) 2023 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Philippe Antoine <p.antoine@catenacyber.fr>
22  */
23 
24 #ifndef SURICATA_DETECT_ENGINE_HELPER_H
25 #define SURICATA_DETECT_ENGINE_HELPER_H
26 
27 #include "app-layer-protos.h"
28 #include "detect.h"
29 #include "rust.h"
30 
31 int SCDetectHelperNewKeywordId(void);
32 
33 int DetectHelperKeywordRegister(const SCSigTableAppLiteElmt *kw);
34 void DetectHelperKeywordAliasRegister(int kwid, const char *alias);
35 int DetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction);
36 
37 typedef bool (*SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *);
38 
39 InspectionBuffer *DetectHelperGetData(struct DetectEngineThreadCtx_ *det_ctx,
40  const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
41  const int list_id, SimpleGetTxBuffer GetBuf);
42 int DetectHelperBufferMpmRegister(const char *name, const char *desc, AppProto alproto,
43  uint8_t direction, InspectionBufferGetDataPtr GetData);
44 int DetectHelperMultiBufferMpmRegister(const char *name, const char *desc, AppProto alproto,
45  uint8_t direction, InspectionMultiBufferGetDataPtr GetData);
46 int DetectHelperMultiBufferProgressMpmRegister(const char *name, const char *desc, AppProto alproto,
47  uint8_t direction, InspectionMultiBufferGetDataPtr GetData, int progress);
48 
49 int DetectHelperTransformRegister(const SCTransformTableElmt *kw);
50 const uint8_t *InspectionBufferPtr(InspectionBuffer *buf);
51 uint32_t InspectionBufferLength(InspectionBuffer *buf);
52 
53 #endif /* SURICATA_DETECT_ENGINE_HELPER_H */
DetectHelperMultiBufferMpmRegister
int DetectHelperMultiBufferMpmRegister(const char *name, const char *desc, AppProto alproto, uint8_t direction, InspectionMultiBufferGetDataPtr GetData)
Definition: detect-engine-helper.c:97
DetectHelperTransformRegister
int DetectHelperTransformRegister(const SCTransformTableElmt *kw)
Definition: detect-engine-helper.c:146
DetectEngineTransforms
Definition: detect.h:415
DetectHelperBufferRegister
int DetectHelperBufferRegister(const char *name, AppProto alproto, uint8_t direction)
Definition: detect-engine-helper.c:33
AppProto
uint16_t AppProto
Definition: app-layer-protos.h:85
InspectionBuffer
Definition: detect.h:380
FrameStreamData::list_id
int list_id
Definition: detect-engine-frame.c:48
Flow_
Flow data structure.
Definition: flow.h:356
InspectionBufferGetDataPtr
InspectionBuffer *(* InspectionBufferGetDataPtr)(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id)
Definition: detect.h:421
FrameStreamData::det_ctx
DetectEngineThreadCtx * det_ctx
Definition: detect-engine-frame.c:45
InspectionBufferLength
uint32_t InspectionBufferLength(InspectionBuffer *buf)
Definition: detect-engine-helper.c:174
rust.h
InspectionBufferPtr
const uint8_t * InspectionBufferPtr(InspectionBuffer *buf)
Definition: detect-engine-helper.c:169
DetectHelperKeywordAliasRegister
void DetectHelperKeywordAliasRegister(int kwid, const char *alias)
Definition: detect-engine-helper.c:141
DetectEngineThreadCtx_
Definition: detect.h:1223
SimpleGetTxBuffer
bool(* SimpleGetTxBuffer)(void *, uint8_t, const uint8_t **, uint32_t *)
Definition: detect-engine-helper.h:37
DetectHelperGetData
InspectionBuffer * DetectHelperGetData(struct DetectEngineThreadCtx_ *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const int list_id, SimpleGetTxBuffer GetBuf)
detect.h
FrameStreamData::transforms
const DetectEngineTransforms * transforms
Definition: detect-engine-frame.c:46
SCDetectHelperNewKeywordId
int SCDetectHelperNewKeywordId(void)
Definition: detect-engine-helper.c:103
DetectHelperMultiBufferProgressMpmRegister
int DetectHelperMultiBufferProgressMpmRegister(const char *name, const char *desc, AppProto alproto, uint8_t direction, InspectionMultiBufferGetDataPtr GetData, int progress)
Definition: detect-engine-helper.c:83
InspectionMultiBufferGetDataPtr
bool(* InspectionMultiBufferGetDataPtr)(struct DetectEngineThreadCtx_ *det_ctx, const void *txv, const uint8_t flow_flags, uint32_t local_id, const uint8_t **buf, uint32_t *buf_len)
Definition: detect.h:427
name
const char * name
Definition: tm-threads.c:2123
DetectHelperKeywordRegister
int DetectHelperKeywordRegister(const SCSigTableAppLiteElmt *kw)
Definition: detect-engine-helper.c:120
DetectHelperBufferMpmRegister
int DetectHelperBufferMpmRegister(const char *name, const char *desc, AppProto alproto, uint8_t direction, InspectionBufferGetDataPtr GetData)
Definition: detect-engine-helper.c:64
app-layer-protos.h