suricata
Functions
detect-engine-threshold.c File Reference
Thresholding
#include "suricata-common.h"
#include "detect.h"
#include "flow.h"
#include "host.h"
#include "host-storage.h"
#include "ippair.h"
#include "ippair-storage.h"
#include "detect-parse.h"
#include "detect-engine-sigorder.h"
#include "detect-engine-siggroup.h"
#include "detect-engine-address.h"
#include "detect-engine-port.h"
#include "detect-engine-mpm.h"
#include "detect-engine-iponly.h"
#include "detect-engine.h"
#include "detect-engine-threshold.h"
#include "detect-content.h"
#include "detect-uricontent.h"
#include "util-hash.h"
#include "util-time.h"
#include "util-error.h"
#include "util-debug.h"
#include "util-var-name.h"
#include "tm-threads.h"
#include "action-globals.h"
Include dependency graph for detect-engine-threshold.c:

Go to the source code of this file.

Functions

HostStorageId ThresholdHostStorageId (void)
 
void ThresholdInit (void)
 
int ThresholdHostHasThreshold (Host *host)
 
int ThresholdIPPairHasThreshold (IPPair *pair)
 
const DetectThresholdDataSigGetThresholdTypeIter (const Signature *sig, const SigMatchData **psm, int list)
 Return next DetectThresholdData for signature. More...
 
int ThresholdHostTimeoutCheck (Host *host, SCTime_t ts)
 
int ThresholdIPPairTimeoutCheck (IPPair *pair, SCTime_t ts)
 
int PacketAlertThreshold (DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const DetectThresholdData *td, Packet *p, const Signature *s, PacketAlert *pa)
 Make the threshold logic for signatures. More...
 
void ThresholdHashInit (DetectEngineCtx *de_ctx)
 Init threshold context hash tables. More...
 
void ThresholdHashAllocate (DetectEngineCtx *de_ctx)
 Allocate threshold context hash tables. More...
 
void ThresholdContextDestroy (DetectEngineCtx *de_ctx)
 Destroy threshold context hash tables. More...
 
void ThresholdListFree (void *ptr)
 this function will free all the entries of a list DetectTagDataEntry More...
 

Detailed Description

Author
Breno Silva breno.nosp@m..sil.nosp@m.va@gm.nosp@m.ail..nosp@m.com
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Threshold part of the detection engine.

Definition in file detect-engine-threshold.c.