detect-engine-prefilter.h File Reference

#include "detect.h"
#include "detect-engine-state.h"

Include dependency graph for detect-engine-prefilter.h:

Go to the source code of this file.

Data Structures
struct	DetectTransaction_
struct	PrefilterStore_

Typedefs
typedef struct DetectTransaction_	DetectTransaction
typedef struct PrefilterStore_	PrefilterStore

Functions
void	Prefilter (DetectEngineThreadCtx *, const SigGroupHead *, Packet *p, const uint8_t flags)
int	PrefilterAppendEngine (DetectEngineCtx *de_ctx, SigGroupHead *sgh, void(*Prefilter)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx), void *pectx, void(*FreeFunc)(void *pectx), const char *name)
int	PrefilterAppendPayloadEngine (DetectEngineCtx *de_ctx, SigGroupHead *sgh, void(*Prefilter)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx), void *pectx, void(*FreeFunc)(void *pectx), const char *name)
int	PrefilterAppendTxEngine (DetectEngineCtx *de_ctx, SigGroupHead *sgh, PrefilterTxFn PrefilterTxFunc, const AppProto alproto, const int tx_min_progress, void *pectx, void(*FreeFunc)(void *pectx), const char *name)
int	PrefilterAppendFrameEngine (DetectEngineCtx *de_ctx, SigGroupHead *sgh, PrefilterFrameFn PrefilterFrameFunc, AppProto alproto, uint8_t frame_type, void *pectx, void(*FreeFunc)(void *pectx), const char *name)
void	DetectRunPrefilterTx (DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh, Packet *p, const uint8_t ipproto, const uint8_t flow_flags, const AppProto alproto, void *alstate, DetectTransaction *tx)
	run prefilter engines on a transaction More...
void	PrefilterFreeEnginesList (PrefilterEngineList *list)
void	PrefilterSetupRuleGroup (DetectEngineCtx *de_ctx, SigGroupHead *sgh)
void	PrefilterCleanupRuleGroup (const DetectEngineCtx *de_ctx, SigGroupHead *sgh)
const char *	PrefilterStoreGetName (const uint32_t id)
void	PrefilterInit (DetectEngineCtx *de_ctx)
void	PrefilterDeinit (DetectEngineCtx *de_ctx)
int	PrefilterGenericMpmRegister (DetectEngineCtx *de_ctx, SigGroupHead *sgh, MpmCtx *mpm_ctx, const DetectBufferMpmRegistry *mpm_reg, int list_id)
int	PrefilterGenericMpmPktRegister (DetectEngineCtx *de_ctx, SigGroupHead *sgh, MpmCtx *mpm_ctx, const DetectBufferMpmRegistry *mpm_reg, int list_id)

Detailed Description

Author

Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-engine-prefilter.h.

Typedef Documentation

DetectTransaction

typedef struct DetectTransaction_ DetectTransaction

PrefilterStore

typedef struct PrefilterStore_ PrefilterStore

Function Documentation

DetectRunPrefilterTx()

void DetectRunPrefilterTx	(	DetectEngineThreadCtx *	det_ctx,
		const SigGroupHead *	sgh,
		Packet *	p,
		const uint8_t	ipproto,
		const uint8_t	flow_flags,
		const AppProto	alproto,
		void *	alstate,
		DetectTransaction *	tx
	)

run prefilter engines on a transaction

Definition at line 93 of file detect-engine-prefilter.c.

References PrefilterEngine_::alproto, BIT_U64, PrefilterEngine_::cb, PrefilterEngine_::ctx, Packet_::flow, PrefilterEngine_::gid, PrefilterEngine_::is_last, PrefilterEngine_::is_last_for_progress, likely, next, PACKET_PROFILING_DETECT_START, Packet_::pcap_cnt, PrefilterEngine_::pectx, DetectEngineThreadCtx_::pmq, DetectTransaction_::prefilter_flags, PREFILTER_PROFILING_END, PREFILTER_PROFILING_START, PrefilterEngine_::PrefilterTx, PROF_DETECT_PF_SORT1, PrefilterRuleStore_::rule_id_array_cnt, SCLogDebug, DetectTransaction_::tx_data_ptr, SigGroupHead_::tx_engines, DetectTransaction_::tx_id, PrefilterEngine_::tx_min_progress, DetectTransaction_::tx_progress, and DetectTransaction_::tx_ptr.

Prefilter()

void Prefilter	(	DetectEngineThreadCtx *	,
		const SigGroupHead *	,
		Packet *	p,
		const uint8_t	flags
	)

Definition at line 143 of file detect-engine-prefilter.c.

References Flow_::alparser, Flow_::alproto, ALPROTO_UNKNOWN, PrefilterEngine_::cb, flags, Packet_::flags, Packet_::flow, SigGroupHead_::frame_engines, PrefilterEngine_::gid, PrefilterEngine_::is_last, likely, PACKET_PROFILING_DETECT_END, PACKET_PROFILING_DETECT_START, SigGroupHead_::payload_engines, Packet_::payload_len, PrefilterEngine_::pectx, PKT_DETECT_HAS_STREAMDATA, SigGroupHead_::pkt_engines, PKT_NOPAYLOAD_INSPECTION, DetectEngineThreadCtx_::pmq, PrefilterEngine_::Prefilter, PREFILTER_PROFILING_END, PREFILTER_PROFILING_START, PROF_DETECT_PF_PAYLOAD, PROF_DETECT_PF_PKT, PROF_DETECT_PF_RECORD, PROF_DETECT_PF_SORT1, Packet_::proto, PrefilterRuleStore_::rule_id_array_cnt, SCEnter, and SCLogDebug.

PrefilterAppendEngine()

int PrefilterAppendEngine	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		void(*)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx)	Prefilter,
		void *	pectx,
		void(*)(void *pectx)	FreeFunc,
		const char *	name
	)

Definition at line 202 of file detect-engine-prefilter.c.

References CLS, PrefilterEngineList_::Free, PrefilterEngineList_::gid, PrefilterEngineList_::id, SigGroupHead_::init, PrefilterEngineList_::name, PrefilterEngineList_::next, PrefilterEngineList_::pectx, SigGroupHeadInitData_::pkt_engines, PrefilterEngineList_::Prefilter, and SCMallocAligned.

Referenced by PrefilterGenericMpmPktRegister().

Here is the caller graph for this function:

PrefilterAppendFrameEngine()

int PrefilterAppendFrameEngine	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		PrefilterFrameFn	PrefilterFrameFunc,
		AppProto	alproto,
		uint8_t	frame_type,
		void *	pectx,
		void(*)(void *pectx)	FreeFunc,
		const char *	name
	)

Definition at line 307 of file detect-engine-prefilter.c.

References PrefilterEngineList_::alproto, CLS, SigGroupHeadInitData_::frame_engines, PrefilterEngineList_::frame_type, PrefilterEngineList_::Free, PrefilterEngineList_::gid, PrefilterEngineList_::id, SigGroupHead_::init, PrefilterEngineList_::name, PrefilterEngineList_::next, PrefilterEngineList_::pectx, PrefilterEngineList_::PrefilterFrame, and SCMallocAligned.

Referenced by PrefilterGenericMpmFrameRegister().

Here is the caller graph for this function:

PrefilterAppendPayloadEngine()

int PrefilterAppendPayloadEngine	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		void(*)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx)	Prefilter,
		void *	pectx,
		void(*)(void *pectx)	FreeFunc,
		const char *	name
	)

Definition at line 236 of file detect-engine-prefilter.c.

References CLS, PrefilterEngineList_::Free, PrefilterEngineList_::gid, PrefilterEngineList_::id, SigGroupHead_::init, PrefilterEngineList_::name, PrefilterEngineList_::next, SigGroupHeadInitData_::payload_engines, PrefilterEngineList_::pectx, PrefilterEngineList_::Prefilter, and SCMallocAligned.

Referenced by PrefilterPktPayloadRegister(), and PrefilterPktStreamRegister().

Here is the caller graph for this function:

PrefilterAppendTxEngine()

int PrefilterAppendTxEngine	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		PrefilterTxFn	PrefilterTxFunc,
		const AppProto	alproto,
		const int	tx_min_progress,
		void *	pectx,
		void(*)(void *pectx)	FreeFunc,
		const char *	name
	)

Definition at line 270 of file detect-engine-prefilter.c.

References PrefilterEngineList_::alproto, CLS, DEBUG_VALIDATE_BUG_ON, PrefilterEngineList_::Free, PrefilterEngineList_::gid, PrefilterEngineList_::id, SigGroupHead_::init, PrefilterEngineList_::name, PrefilterEngineList_::next, PrefilterEngineList_::pectx, PrefilterEngineList_::PrefilterTx, SCMallocAligned, SigGroupHeadInitData_::tx_engines, and PrefilterEngineList_::tx_min_progress.

Referenced by PrefilterGenericMpmRegister(), and PrefilterMpmFiledataRegister().

Here is the caller graph for this function:

PrefilterCleanupRuleGroup()

void PrefilterCleanupRuleGroup	(	const DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh
	)

Definition at line 378 of file detect-engine-prefilter.c.

References SigGroupHead_::pkt_engines.

Referenced by SigGroupHeadFree().

Here is the caller graph for this function:

PrefilterDeinit()

void PrefilterDeinit

(

DetectEngineCtx *

de_ctx

)

Definition at line 618 of file detect-engine-prefilter.c.

References de_ctx, HashListTableFree(), and DetectEngineCtx_::prefilter_hash_table.

Here is the call graph for this function:

PrefilterFreeEnginesList()

void PrefilterFreeEnginesList

(

PrefilterEngineList *

list

)

Definition at line 350 of file detect-engine-prefilter.c.

Referenced by SigGroupHeadInitDataFree().

Here is the caller graph for this function:

PrefilterGenericMpmPktRegister()

int PrefilterGenericMpmPktRegister	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		MpmCtx *	mpm_ctx,
		const DetectBufferMpmRegistry *	mpm_reg,
		int	list_id
	)

Definition at line 815 of file detect-engine-prefilter.c.

References de_ctx, PrefilterMpmPktCtx::GetData, PrefilterMpmPktCtx::list_id, PrefilterMpmPktCtx::mpm_ctx, DetectBufferMpmRegistry_::pkt_v1, PrefilterAppendEngine(), SCCalloc, SCEnter, DetectBufferMpmRegistry_::transforms, and PrefilterMpmPktCtx::transforms.

Here is the call graph for this function:

PrefilterGenericMpmRegister()

int PrefilterGenericMpmRegister	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		MpmCtx *	mpm_ctx,
		const DetectBufferMpmRegistry *	mpm_reg,
		int	list_id
	)

Definition at line 745 of file detect-engine-prefilter.c.

References DetectBufferMpmRegistry_::app_v2, de_ctx, PrefilterMpmCtx::GetData, PrefilterMpmCtx::list_id, PrefilterMpmCtx::mpm_ctx, PrefilterAppendTxEngine(), SCCalloc, SCEnter, DetectBufferMpmRegistry_::transforms, and PrefilterMpmCtx::transforms.

Here is the call graph for this function:

PrefilterInit()

void PrefilterInit

(

DetectEngineCtx *

de_ctx

)

Definition at line 625 of file detect-engine-prefilter.c.

References BUG_ON, de_ctx, HashListTableInit(), and DetectEngineCtx_::prefilter_hash_table.

Here is the call graph for this function:

PrefilterSetupRuleGroup()

void PrefilterSetupRuleGroup	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh
	)

Definition at line 413 of file detect-engine-prefilter.c.

References PrefilterEngineList_::alproto, PrefilterEngine_::alproto, PrefilterEngine_::cb, CLS, cnt, PrefilterEngine_::ctx, de_ctx, DETECT_PREFILTER_AUTO, DETECT_TBLSIZE, FatalError, PrefilterEngineList_::gid, PrefilterEngine_::gid, PrefilterEngineList_::id, SigGroupHead_::init, PrefilterEngine_::is_last, PrefilterEngine_::local_id, PrefilterEngineList_::next, PatternMatchPrepareGroup(), SigGroupHeadInitData_::payload_engines, SigGroupHead_::payload_engines, PrefilterEngineList_::pectx, PrefilterEngine_::pectx, SigGroupHeadInitData_::pkt_engines, SigGroupHead_::pkt_engines, PrefilterEngineList_::Prefilter, PrefilterEngine_::Prefilter, DetectEngineCtx_::prefilter_setting, PrefilterEngineList_::PrefilterTx, PrefilterEngine_::PrefilterTx, SCMallocAligned, SigTableElmt_::SetupPrefilter, sigmatch_table, DetectEngineCtx_::sm_types_prefilter, SigGroupHeadInitData_::tx_engines, SigGroupHead_::tx_engines, PrefilterEngineList_::tx_min_progress, and PrefilterEngine_::tx_min_progress.

Referenced by SigPrepareStage4().

Here is the call graph for this function:

Here is the caller graph for this function:

PrefilterStoreGetName()

const char* PrefilterStoreGetName

(

const uint32_t

id

)

Definition at line 690 of file detect-engine-prefilter.c.