Go to the documentation of this file.
26 static int DetectFlowAgeMatch(
29 if (p->
flow == NULL) {
40 rs_detect_u32_free(ptr);
51 DetectFlowAgeFree(
de_ctx, du32);
64 static void PrefilterPacketFlowAgeMatch(
68 if (!PrefilterPacketHeaderExtraMatch(ctx, p))
72 du32.mode = ctx->
v1.
u8[0];
73 du32.arg1 = ctx->
v1.
u32[1];
74 du32.arg2 = ctx->
v1.
u32[2];
75 if (DetectFlowAgeMatch(det_ctx, p, NULL, (
const SigMatchCtx *)&du32)) {
86 static bool PrefilterFlowAgeIsPrefilterable(
const Signature *s)
void SigMatchAppendSMToList(Signature *s, SigMatch *new, const int list)
Append a SigMatch to the list type.
int DetectU32Match(const uint32_t parg, const DetectUintData_u32 *du32)
void(* Free)(DetectEngineCtx *, void *)
Container for matching data for a signature group.
DetectUintData_u32 * DetectU32Parse(const char *u32str)
This function is used to parse u32 options passed via some u32 keyword.
void PrefilterPacketU32Set(PrefilterPacketHeaderValue *v, void *smctx)
main detection engine ctx
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int(* SetupPrefilter)(DetectEngineCtx *de_ctx, struct SigGroupHead_ *sgh)
void DetectFlowAgeRegister(void)
bool PrefilterPacketU32Compare(PrefilterPacketHeaderValue v, void *smctx)
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
DetectUintData_u32 DetectU32Data
int PrefilterSetupPacketHeader(DetectEngineCtx *de_ctx, SigGroupHead *sgh, int sm_type, void(*Set)(PrefilterPacketHeaderValue *v, void *), bool(*Compare)(PrefilterPacketHeaderValue v, void *), void(*Match)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx))
bool(* SupportsPrefilter)(const Signature *s)
a single match condition for a signature
#define SIG_FLAG_REQUIRE_PACKET