suricata
Data Structures | Macros | Typedefs | Functions
detect-file-data.c File Reference
#include "suricata-common.h"
#include "threads.h"
#include "debug.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-state.h"
#include "detect-engine-prefilter.h"
#include "detect-engine-content-inspection.h"
#include "detect-file-data.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-smtp.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "util-debug.h"
#include "util-spm-bm.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-file-decompression.h"
#include "tests/detect-file-data.c"
Include dependency graph for detect-file-data.c:

Go to the source code of this file.

Data Structures

struct  PrefilterMpmFiledata
 

Macros

#define FILEDATA_CONTENT_LIMIT   100000
 
#define FILEDATA_CONTENT_INSPECT_MIN_SIZE   32768
 
#define FILEDATA_CONTENT_INSPECT_WINDOW   4096
 

Typedefs

typedef struct PrefilterMpmFiledata PrefilterMpmFiledata
 

Functions

int PrefilterMpmFiledataRegister (DetectEngineCtx *de_ctx, SigGroupHead *sgh, MpmCtx *mpm_ctx, const DetectBufferMpmRegistery *mpm_reg, int list_id)
 
void DetectFiledataRegister (void)
 Registration function for keyword: file_data. More...
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-file-data.c.

Macro Definition Documentation

◆ FILEDATA_CONTENT_INSPECT_MIN_SIZE

#define FILEDATA_CONTENT_INSPECT_MIN_SIZE   32768

Definition at line 167 of file detect-file-data.c.

◆ FILEDATA_CONTENT_INSPECT_WINDOW

#define FILEDATA_CONTENT_INSPECT_WINDOW   4096

Definition at line 168 of file detect-file-data.c.

◆ FILEDATA_CONTENT_LIMIT

#define FILEDATA_CONTENT_LIMIT   100000

Definition at line 166 of file detect-file-data.c.

Typedef Documentation

◆ PrefilterMpmFiledata

typedef struct PrefilterMpmFiledata PrefilterMpmFiledata

Function Documentation

◆ DetectFiledataRegister()

void DetectFiledataRegister ( void  )

Registration function for keyword: file_data.

Definition at line 85 of file detect-file-data.c.

References SigTableElmt_::alias, SigTableElmt_::desc, DETECT_FILE_DATA, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function:

◆ PrefilterMpmFiledataRegister()

int PrefilterMpmFiledataRegister ( DetectEngineCtx de_ctx,
SigGroupHead sgh,
MpmCtx mpm_ctx,
const DetectBufferMpmRegistery mpm_reg,
int  list_id 
)

Definition at line 700 of file detect-file-data.c.

References PrefilterMpmFiledata::base_list_id, de_ctx, PrefilterMpmFiledata::list_id, PrefilterMpmFiledata::mpm_ctx, PrefilterAppendTxEngine(), SCCalloc, DetectBufferMpmRegistery_::sm_list_base, PrefilterMpmFiledata::transforms, and DetectBufferMpmRegistery_::transforms.

Here is the call graph for this function: