#include "suricata-common.h"#include "detect.h"#include "flow.h"#include "detect-content.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-engine-build.h"#include "detect-fast-pattern.h"#include "util-error.h"#include "util-byte.h"#include "util-debug.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "detect-engine-alert.h"#include "detect-engine-buffer.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^(\\s*only\\s*)|\\s*([0-9]+)\\s*,\\s*([0-9]+)\\s*$" |
Functions | |
| int | FastPatternSupportEnabledForSigMatchList (const DetectEngineCtx *de_ctx, const int list_id) |
| Checks if a particular buffer is in the list of lists that need to be searched for a keyword that has fp support. More... | |
| void | SupportFastPatternForSigMatchList (int list_id, int priority) |
| Lets one add a sm list id to be searched for potential fp supported keywords later. More... | |
| void | DetectEngineRegisterFastPatternForId (DetectEngineCtx *de_ctx, int list_id, int priority) |
| void | SupportFastPatternForSigMatchTypes (void) |
| Registers the keywords(SMs) that should be given fp support. More... | |
| void | DetectEngineInitializeFastPatternList (DetectEngineCtx *de_ctx) |
| void | DetectEngineFreeFastPatternList (DetectEngineCtx *de_ctx) |
| void | DetectFastPatternRegister (void) |
| Registration function for fast_pattern keyword. More... | |
Detailed Description
Implements the fast_pattern keyword
Definition in file detect-fast-pattern.c.
Macro Definition Documentation
◆ PARSE_REGEX
| #define PARSE_REGEX "^(\\s*only\\s*)|\\s*([0-9]+)\\s*,\\s*([0-9]+)\\s*$" |
Definition at line 43 of file detect-fast-pattern.c.
Function Documentation
◆ DetectEngineFreeFastPatternList()
| void DetectEngineFreeFastPatternList | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 171 of file detect-fast-pattern.c.
References de_ctx, DetectEngineCtx_::fp_support_smlist_list, next, HtpBodyChunk_::next, and SCFree.
Referenced by DetectEngineCtxFree().
◆ DetectEngineInitializeFastPatternList()
| void DetectEngineInitializeFastPatternList | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 149 of file detect-fast-pattern.c.
◆ DetectEngineRegisterFastPatternForId()
| void DetectEngineRegisterFastPatternForId | ( | DetectEngineCtx * | de_ctx, |
| int | list_id, | ||
| int | priority | ||
| ) |
Definition at line 134 of file detect-fast-pattern.c.
Referenced by DetectAppLayerMpmRegisterByParentId(), DetectEngineFrameMpmRegister(), DetectFrameMpmRegisterByParentId(), and DetectPktMpmRegisterByParentId().
◆ DetectFastPatternRegister()
| void DetectFastPatternRegister | ( | void | ) |
Registration function for fast_pattern keyword.
Definition at line 184 of file detect-fast-pattern.c.
References SigTableElmt_::desc, DETECT_FAST_PATTERN, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
◆ FastPatternSupportEnabledForSigMatchList()
| int FastPatternSupportEnabledForSigMatchList | ( | const DetectEngineCtx * | de_ctx, |
| const int | list_id | ||
| ) |
Checks if a particular buffer is in the list of lists that need to be searched for a keyword that has fp support.
- Parameters
-
list_id The list id.
- Return values
-
1 If supported. 0 If not.
Definition at line 64 of file detect-fast-pattern.c.
References de_ctx, DETECT_SM_LIST_PMATCH, DetectEngineBufferTypeSupportsMpmGetById(), and DetectEngineCtx_::fp_support_smlist_list.
Referenced by RetrieveFPForSig().
◆ SupportFastPatternForSigMatchList()
| void SupportFastPatternForSigMatchList | ( | int | list_id, |
| int | priority | ||
| ) |
Lets one add a sm list id to be searched for potential fp supported keywords later.
- Parameters
-
list_id SM list id. priority Priority for this list.
Definition at line 129 of file detect-fast-pattern.c.
Referenced by SupportFastPatternForSigMatchTypes().
◆ SupportFastPatternForSigMatchTypes()
| void SupportFastPatternForSigMatchTypes | ( | void | ) |
Registers the keywords(SMs) that should be given fp support.
Definition at line 142 of file detect-fast-pattern.c.
References DETECT_SM_LIST_PMATCH, and SupportFastPatternForSigMatchList().
Referenced by GlobalsInitPreConfig().
