suricata
Functions
detect-engine-proto.c File Reference
#include "suricata-common.h"
#include "decode.h"
#include "detect.h"
#include "app-layer-parser.h"
#include "flow-util.h"
#include "flow-var.h"
#include "detect-engine-siggroup.h"
#include "detect-engine-state.h"
#include "util-cidr.h"
#include "util-byte.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-debug.h"
#include "detect-engine.h"
#include "detect-parse.h"
#include "detect-engine-mpm.h"
Include dependency graph for detect-engine-proto.c:

Go to the source code of this file.

Functions

int DetectProtoParse (DetectProto *dp, const char *str)
 Parses a protocol sent as a string. More...
 
int DetectProtoContainsProto (const DetectProto *dp, int proto)
 see if a DetectProto contains a certain proto More...
 
void DetectProtoTests (void)
 this function registers unit tests for DetectProto More...
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Proto part of the detection engine.

Todo:
move this out of the detection plugin structure

Definition in file detect-engine-proto.c.

Function Documentation

◆ DetectProtoContainsProto()

int DetectProtoContainsProto ( const DetectProto dp,
int  proto 
)

see if a DetectProto contains a certain proto

Parameters
dpdetect proto to inspect
protoprotocol (such as IPPROTO_TCP) to look for
Return values
0protocol not in the set
1protocol is in the set

Definition at line 135 of file detect-engine-proto.c.

References DETECT_PROTO_ANY, DetectProto_::flags, proto, and DetectProto_::proto.

Referenced by IPOnlyMatchPacket().

Here is the caller graph for this function:

◆ DetectProtoParse()

int DetectProtoParse ( DetectProto dp,
const char *  str 
)

Parses a protocol sent as a string.

Parameters
dpPointer to the DetectProto instance which will be updated with the incoming protocol information.
strPointer to the string containing the protocol name.
Return values
>=0If proto is detected, -1 otherwise.
Todo:
are numeric protocols even valid?

Definition at line 56 of file detect-engine-proto.c.

References ByteExtractStringUint8(), DETECT_PROTO_ANY, DETECT_PROTO_IPV4, DETECT_PROTO_IPV6, DETECT_PROTO_ONLY_PKT, DETECT_PROTO_ONLY_STREAM, DetectProto_::flags, proto, DetectProto_::proto, SCLogDebug, and str.

Here is the call graph for this function:

◆ DetectProtoTests()

void DetectProtoTests ( void  )

this function registers unit tests for DetectProto

Definition at line 454 of file detect-engine-proto.c.

References UtRegisterTest().

Here is the call graph for this function: