suricata
detect-engine-sigorder.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  SCSigSignatureWrapper_
 Signature wrapper used by signature ordering module while ordering signatures. More...
 
struct  SCSigOrderFunc_
 Structure holding the signature ordering function used by the signature ordering module. More...
 

Typedefs

typedef struct SCSigSignatureWrapper_ SCSigSignatureWrapper
 Signature wrapper used by signature ordering module while ordering signatures. More...
 
typedef struct SCSigOrderFunc_ SCSigOrderFunc
 Structure holding the signature ordering function used by the signature ordering module. More...
 

Enumerations

enum  SCRadixUserDataType {
  SC_RADIX_USER_DATA_FLOWBITS, SC_RADIX_USER_DATA_FLOWVAR, SC_RADIX_USER_DATA_PKTVAR, SC_RADIX_USER_DATA_FLOWINT,
  SC_RADIX_USER_DATA_HOSTBITS, SC_RADIX_USER_DATA_IPPAIRBITS, SC_RADIX_USER_DATA_MAX
}
 Different kinds of helper data that can be used by the signature ordering module. Used by the "user" field in SCSigSignatureWrapper. More...
 

Functions

void SCSigOrderSignatures (DetectEngineCtx *)
 Orders the signatures. More...
 
void SCSigRegisterSignatureOrderingFuncs (DetectEngineCtx *)
 Lets you register the Signature ordering functions. The order in which the functions are registered shows the priority. The first function registered provides more priority than the function registered after it. To add a new registration function, register it by listing it in the correct position in the below sequence, based on the priority you would want to offer to that keyword. More...
 
void SCSigRegisterSignatureOrderingTests (void)
 
void SCSigSignatureOrderingModuleCleanup (DetectEngineCtx *)
 De-registers all the signature ordering functions registered. More...
 

Detailed Description

Typedef Documentation

◆ SCSigOrderFunc

Structure holding the signature ordering function used by the signature ordering module.

◆ SCSigSignatureWrapper

Signature wrapper used by signature ordering module while ordering signatures.

Enumeration Type Documentation

◆ SCRadixUserDataType

Different kinds of helper data that can be used by the signature ordering module. Used by the "user" field in SCSigSignatureWrapper.

Enumerator
SC_RADIX_USER_DATA_FLOWBITS 
SC_RADIX_USER_DATA_FLOWVAR 
SC_RADIX_USER_DATA_PKTVAR 
SC_RADIX_USER_DATA_FLOWINT 
SC_RADIX_USER_DATA_HOSTBITS 
SC_RADIX_USER_DATA_IPPAIRBITS 
SC_RADIX_USER_DATA_MAX 

Definition at line 31 of file detect-engine-sigorder.h.

Function Documentation

◆ SCSigOrderSignatures()

void SCSigOrderSignatures ( DetectEngineCtx de_ctx)

Orders the signatures.

Parameters
de_ctxPointer to the Detection Engine Context that holds the signatures to be ordered

Definition at line 731 of file detect-engine-sigorder.c.

References de_ctx, SCLogDebug, and DetectEngineCtx_::sig_list.

Referenced by UTHMatchPackets().

Here is the caller graph for this function:

◆ SCSigRegisterSignatureOrderingFuncs()

void SCSigRegisterSignatureOrderingFuncs ( DetectEngineCtx de_ctx)

Lets you register the Signature ordering functions. The order in which the functions are registered shows the priority. The first function registered provides more priority than the function registered after it. To add a new registration function, register it by listing it in the correct position in the below sequence, based on the priority you would want to offer to that keyword.

Parameters
de_ctxPointer to the detection engine context from which the signatures have to be ordered.

Definition at line 803 of file detect-engine-sigorder.c.

References SCLogDebug.

Referenced by UTHMatchPackets().

Here is the caller graph for this function:

◆ SCSigRegisterSignatureOrderingTests()

void SCSigRegisterSignatureOrderingTests ( void  )

Definition at line 1971 of file detect-engine-sigorder.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ SCSigSignatureOrderingModuleCleanup()

void SCSigSignatureOrderingModuleCleanup ( DetectEngineCtx de_ctx)

De-registers all the signature ordering functions registered.

Parameters
de_ctxPointer to the detection engine context from which the signatures were ordered.

Definition at line 823 of file detect-engine-sigorder.c.

References de_ctx, SCSigOrderFunc_::next, DetectEngineCtx_::sc_sig_order_funcs, and SCFree.

Referenced by DetectEngineCtxFree(), and UTHMatchPackets().

Here is the caller graph for this function: