#include "suricata-common.h"#include "detect.h"#include "flow.h"#include "detect-content.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-fast-pattern.h"#include "util-error.h"#include "util-debug.h"#include "util-unittest.h"#include "util-unittest-helper.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^(\\s*only\\s*)|\\s*([0-9]+)\\s*,\\s*([0-9]+)\\s*$" |
Functions | |
| void | DetectFastPatternRegisterTests (void) |
| int | FastPatternSupportEnabledForSigMatchList (const DetectEngineCtx *de_ctx, const int list_id) |
| Checks if a particular list(Signature->sm_lists[]) is in the list of lists that need to be searched for a keyword that has fp support. More... | |
| void | SupportFastPatternForSigMatchList (int list_id, int priority) |
| Lets one add a sm list id to be searched for potential fp supported keywords later. More... | |
| void | SupportFastPatternForSigMatchTypes (void) |
| Registers the keywords(SMs) that should be given fp support. More... | |
| void | DetectFastPatternRegister (void) |
| Registration function for fast_pattern keyword. More... | |
Variables | |
| SCFPSupportSMList * | sm_fp_support_smlist_list = NULL |
Detailed Description
Implements the fast_pattern keyword
Definition in file detect-fast-pattern.c.
Macro Definition Documentation
◆ PARSE_REGEX
| #define PARSE_REGEX "^(\\s*only\\s*)|\\s*([0-9]+)\\s*,\\s*([0-9]+)\\s*$" |
Definition at line 41 of file detect-fast-pattern.c.
Function Documentation
◆ DetectFastPatternRegister()
| void DetectFastPatternRegister | ( | void | ) |
Registration function for fast_pattern keyword.
Definition at line 164 of file detect-fast-pattern.c.
References SigTableElmt_::desc, DETECT_FAST_PATTERN, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
◆ DetectFastPatternRegisterTests()
| void DetectFastPatternRegisterTests | ( | void | ) |
Definition at line 18865 of file detect-fast-pattern.c.
◆ FastPatternSupportEnabledForSigMatchList()
| int FastPatternSupportEnabledForSigMatchList | ( | const DetectEngineCtx * | de_ctx, |
| const int | list_id | ||
| ) |
Checks if a particular list(Signature->sm_lists[]) is in the list of lists that need to be searched for a keyword that has fp support.
- Parameters
-
list_id The list id.
- Return values
-
1 If supported. 0 If not.
Definition at line 60 of file detect-fast-pattern.c.
References de_ctx, DETECT_SM_LIST_PMATCH, DetectBufferTypeSupportsMpmGetById(), SCFPSupportSMList_::list_id, SCFPSupportSMList_::next, and sm_fp_support_smlist_list.
Referenced by RetrieveFPForSig().
◆ SupportFastPatternForSigMatchList()
| void SupportFastPatternForSigMatchList | ( | int | list_id, |
| int | priority | ||
| ) |
Lets one add a sm list id to be searched for potential fp supported keywords later.
- Parameters
-
list_id SM list id. priority Priority for this list.
Definition at line 90 of file detect-fast-pattern.c.
References SCFPSupportSMList_::next, SCLogDebug, SCMalloc, sm_fp_support_smlist_list, and unlikely.
Referenced by DetectAppLayerMpmRegisterByParentId(), DetectPktMpmRegisterByParentId(), and SupportFastPatternForSigMatchTypes().
◆ SupportFastPatternForSigMatchTypes()
| void SupportFastPatternForSigMatchTypes | ( | void | ) |
Registers the keywords(SMs) that should be given fp support.
Definition at line 143 of file detect-fast-pattern.c.
References DETECT_SM_LIST_PMATCH, SCFPSupportSMList_::list_id, SCFPSupportSMList_::next, SCFPSupportSMList_::priority, sm_fp_support_smlist_list, and SupportFastPatternForSigMatchList().
Referenced by GlobalsInitPreConfig().
Variable Documentation
◆ sm_fp_support_smlist_list
| SCFPSupportSMList* sm_fp_support_smlist_list = NULL |
Definition at line 49 of file detect-fast-pattern.c.
Referenced by FastPatternSupportEnabledForSigMatchList(), SupportFastPatternForSigMatchList(), and SupportFastPatternForSigMatchTypes().
