Go to the documentation of this file.
26 static int DetectFlowAgeMatch(
29 if (p->
flow == NULL) {
40 rs_detect_u32_free(ptr);
51 DetectFlowAgeFree(
de_ctx, du32);
59 static void PrefilterPacketFlowAgeMatch(
63 if (!PrefilterPacketHeaderExtraMatch(ctx, p))
67 du32.mode = ctx->
v1.
u8[0];
68 du32.arg1 = ctx->
v1.
u32[1];
69 du32.arg2 = ctx->
v1.
u32[2];
70 if (DetectFlowAgeMatch(det_ctx, p, NULL, (
const SigMatchCtx *)&du32)) {
81 static bool PrefilterFlowAgeIsPrefilterable(
const Signature *s)
int DetectU32Match(const uint32_t parg, const DetectUintData_u32 *du32)
void(* Free)(DetectEngineCtx *, void *)
Container for matching data for a signature group.
DetectUintData_u32 * DetectU32Parse(const char *u32str)
This function is used to parse u32 options passed via some u32 keyword.
void PrefilterPacketU32Set(PrefilterPacketHeaderValue *v, void *smctx)
main detection engine ctx
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int(* SetupPrefilter)(DetectEngineCtx *de_ctx, struct SigGroupHead_ *sgh)
void DetectFlowAgeRegister(void)
bool PrefilterPacketU32Compare(PrefilterPacketHeaderValue v, void *smctx)
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
DetectUintData_u32 DetectU32Data
int PrefilterSetupPacketHeader(DetectEngineCtx *de_ctx, SigGroupHead *sgh, int sm_type, void(*Set)(PrefilterPacketHeaderValue *v, void *), bool(*Compare)(PrefilterPacketHeaderValue v, void *), void(*Match)(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx))
bool(* SupportsPrefilter)(const Signature *s)
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
#define SIG_FLAG_REQUIRE_PACKET