suricata
detect-engine-sigorder.h
Go to the documentation of this file.
1 /* Copyright (C) 2007-2010 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Anoop Saldanha <anoopsaldanha@gmail.com>
22  */
23 
24 #ifndef __DETECT_ENGINE_SIGORDER_H__
25 #define __DETECT_ENGINE_SIGORDER_H__
26 
27 /**
28  * \brief Different kinds of helper data that can be used by the signature
29  * ordering module. Used by the "user" field in SCSigSignatureWrapper
30  */
31 typedef enum{
40 
41 /**
42  * \brief Signature wrapper used by signature ordering module while ordering
43  * signatures
44  */
45 typedef struct SCSigSignatureWrapper_ {
46  /* the wrapped signature */
48 
49  /* used as the lower limit SCSigSignatureWrapper that is used by the next
50  * ordering function, which will order the incoming Sigwrapper after this
51  * (min) wrapper */
53  /* used as the upper limit SCSigSignatureWrapper that is used by the next
54  * ordering function, which will order the incoming Sigwrapper below this
55  * (max) wrapper */
57 
58  /* user data that is to be associated with this sigwrapper */
60 
64 
65 /**
66  * \brief Structure holding the signature ordering function used by the
67  * signature ordering module
68  */
69 typedef struct SCSigOrderFunc_ {
70  /* Pointer to the Signature Ordering function */
71  int (*SWCompare)(SCSigSignatureWrapper *sw1, SCSigSignatureWrapper *sw2);
72 
75 
80 
81 #endif /* __DETECT_ENGINE_SIGORDER_H__ */
struct SCSigOrderFunc_ SCSigOrderFunc
Structure holding the signature ordering function used by the signature ordering module.
Signature container.
Definition: detect.h:495
main detection engine ctx
Definition: detect.h:723
struct SCSigOrderFunc_ * next
void SCSigSignatureOrderingModuleCleanup(DetectEngineCtx *)
De-registers all the signature ordering functions registered.
struct SCSigSignatureWrapper_ * min
struct SCSigSignatureWrapper_ * next
Signature wrapper used by signature ordering module while ordering signatures.
void SCSigOrderSignatures(DetectEngineCtx *)
Orders the signatures.
void SCSigRegisterSignatureOrderingFuncs(DetectEngineCtx *)
Lets you register the Signature ordering functions. The order in which the functions are registered...
struct SCSigSignatureWrapper_ * prev
struct SCSigSignatureWrapper_ SCSigSignatureWrapper
Signature wrapper used by signature ordering module while ordering signatures.
Structure holding the signature ordering function used by the signature ordering module.
struct SCSigSignatureWrapper_ * max
int user[SC_RADIX_USER_DATA_MAX]
SCRadixUserDataType
Different kinds of helper data that can be used by the signature ordering module. Used by the "user" ...
void SCSigRegisterSignatureOrderingTests(void)