#include "suricata-common.h"
#include "threads.h"
#include "debug.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-state.h"
#include "detect-engine-prefilter.h"
#include "detect-engine-content-inspection.h"
#include "detect-file-data.h"
#include "app-layer-parser.h"
#include "app-layer-htp.h"
#include "app-layer-smtp.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "util-debug.h"
#include "util-spm-bm.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-file-decompression.h"
#include "tests/detect-file-data.c"

Include dependency graph for detect-file-data.c:

Data Structures
struct	PrefilterMpmFiledata

Macros
#define	FILEDATA_CONTENT_LIMIT 100000

#define	FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768

#define	FILEDATA_CONTENT_INSPECT_WINDOW 4096

Typedefs
typedef struct PrefilterMpmFiledata	PrefilterMpmFiledata

Functions
int	PrefilterMpmFiledataRegister (DetectEngineCtx de_ctx, SigGroupHead sgh, MpmCtx mpm_ctx, const DetectBufferMpmRegistery mpm_reg, int list_id)

void	DetectFiledataRegister (void)
	Registration function for keyword: file_data. More...

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-file-data.c.

Macro Definition Documentation

#define FILEDATA_CONTENT_INSPECT_MIN_SIZE 32768

Definition at line 129 of file detect-file-data.c.

#define FILEDATA_CONTENT_INSPECT_WINDOW 4096

Definition at line 130 of file detect-file-data.c.

#define FILEDATA_CONTENT_LIMIT 100000

Definition at line 128 of file detect-file-data.c.

Typedef Documentation

typedef struct PrefilterMpmFiledata PrefilterMpmFiledata

Function Documentation

void DetectFiledataRegister ( void )

Registration function for keyword: file_data.

Definition at line 81 of file detect-file-data.c.

References SigTableElmt_::alias, ALPROTO_HTTP, ALPROTO_SMB, ALPROTO_SMTP, SigTableElmt_::desc, DETECT_FILE_DATA, DetectAppLayerInspectEngineRegister2(), DetectAppLayerMpmRegister2(), DetectBufferTypeGetByName(), DetectBufferTypeRegisterSetupCallback(), DetectBufferTypeSetDescriptionByName(), DetectEngineInspectBufferGeneric(), DetectFiledataRegisterTests(), DOC_URL, DOC_VERSION, SigTableElmt_::flags, SigTableElmt_::name, PrefilterGenericMpmRegister(), PrefilterMpmFiledataRegister(), SigTableElmt_::RegisterTests, SigTableElmt_::Setup, SIG_FLAG_TOCLIENT, SIG_FLAG_TOSERVER, SIGMATCH_NOOPT, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function:

int PrefilterMpmFiledataRegister	(	DetectEngineCtx *	de_ctx,
		SigGroupHead *	sgh,
		MpmCtx *	mpm_ctx,
		const DetectBufferMpmRegistery *	mpm_reg,
		int	list_id
	)

Definition at line 515 of file detect-file-data.c.

References DetectBufferMpmRegistery_::app_v2, PrefilterMpmFiledata::list_id, PrefilterMpmFiledata::mpm_ctx, DetectBufferMpmRegistery_::pname, PrefilterAppendTxEngine(), SCCalloc, PrefilterMpmFiledata::transforms, and DetectBufferMpmRegistery_::transforms.

Referenced by DetectFiledataRegister().

Here is the call graph for this function:

Here is the caller graph for this function:

Data Structures

Macros

Typedefs

Functions

Detailed Description

Macro Definition Documentation

Typedef Documentation

Function Documentation