suricata
Data Structures | Macros | Typedefs | Functions
detect-file-data.c File Reference
#include "suricata-common.h"
#include "threads.h"
#include "debug.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-state.h"
#include "detect-engine-prefilter.h"
#include "detect-engine-content-inspection.h"
#include "detect-file-data.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-smtp.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "util-debug.h"
#include "util-spm-bm.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-file-decompression.h"
#include "tests/detect-file-data.c"
Include dependency graph for detect-file-data.c:

Go to the source code of this file.

Data Structures

struct  PrefilterMpmFiledata
 

Macros

#define FILEDATA_CONTENT_LIMIT   100000
 
#define FILEDATA_CONTENT_INSPECT_MIN_SIZE   32768
 
#define FILEDATA_CONTENT_INSPECT_WINDOW   4096
 

Typedefs

typedef struct PrefilterMpmFiledata PrefilterMpmFiledata
 

Functions

int PrefilterMpmFiledataRegister (DetectEngineCtx *de_ctx, SigGroupHead *sgh, MpmCtx *mpm_ctx, const DetectMpmAppLayerRegistery *mpm_reg, int list_id)
 
void DetectFiledataRegister (void)
 Registration function for keyword: file_data. More...
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-file-data.c.

Macro Definition Documentation

#define FILEDATA_CONTENT_INSPECT_MIN_SIZE   32768

Definition at line 133 of file detect-file-data.c.

#define FILEDATA_CONTENT_INSPECT_WINDOW   4096

Definition at line 134 of file detect-file-data.c.

#define FILEDATA_CONTENT_LIMIT   100000

Definition at line 132 of file detect-file-data.c.

Typedef Documentation

typedef struct PrefilterMpmFiledata PrefilterMpmFiledata

Function Documentation

void DetectFiledataRegister ( void  )

Registration function for keyword: file_data.

Definition at line 81 of file detect-file-data.c.

References SigTableElmt_::alias, ALPROTO_HTTP, ALPROTO_SMB, ALPROTO_SMTP, SigTableElmt_::desc, DETECT_FILE_DATA, DetectAppLayerInspectEngineRegister2(), DetectAppLayerMpmRegister2(), DetectBufferTypeGetByName(), DetectBufferTypeRegisterSetupCallback(), DetectBufferTypeSetDescriptionByName(), DetectEngineInspectBufferGeneric(), DetectFiledataRegisterTests(), DOC_URL, DOC_VERSION, SigTableElmt_::flags, SigTableElmt_::name, PrefilterGenericMpmRegister(), PrefilterMpmFiledataRegister(), SigTableElmt_::RegisterTests, SigTableElmt_::Setup, SIG_FLAG_TOCLIENT, SIG_FLAG_TOSERVER, SIGMATCH_NOOPT, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function:

int PrefilterMpmFiledataRegister ( DetectEngineCtx de_ctx,
SigGroupHead sgh,
MpmCtx mpm_ctx,
const DetectMpmAppLayerRegistery mpm_reg,
int  list_id 
)

Definition at line 518 of file detect-file-data.c.

References DetectMpmAppLayerRegistery_::alproto, PrefilterMpmFiledata::list_id, PrefilterMpmFiledata::mpm_ctx, DetectMpmAppLayerRegistery_::pname, PrefilterAppendTxEngine(), SCCalloc, PrefilterMpmFiledata::transforms, DetectMpmAppLayerRegistery_::transforms, DetectMpmAppLayerRegistery_::tx_min_progress, and DetectMpmAppLayerRegistery_::v2.

Referenced by DetectFiledataRegister().

Here is the call graph for this function:

Here is the caller graph for this function: