#include "suricata-common.h"#include "suricata.h"#include "decode.h"#include "detect.h"#include "detect-parse.h"#include "detect-engine-prefilter.h"#include "detect-engine-prefilter-common.h"#include "flow-var.h"#include "decode-events.h"#include "app-layer.h"#include "app-layer-detect-proto.h"#include "detect-fragbits.h"#include "util-unittest.h"#include "util-debug.h"#include "pkt-var.h"#include "host.h"#include "util-profiling.h"#include "util-unittest-helper.h"#include "packet.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^(?:([\\+\\*!]))?\\s*([MDR]+)" |
| #define | MODIFIER_NOT 1 |
| #define | MODIFIER_PLUS 2 |
| #define | MODIFIER_ANY 3 |
| #define | FRAGBITS_HAVE_MF 0x01 |
| #define | FRAGBITS_HAVE_DF 0x02 |
| #define | FRAGBITS_HAVE_RF 0x04 |
Functions | |
| void | DetectFragBitsRegister (void) |
| Registration function for fragbits: keyword. More... | |
Detailed Description
Implements fragbits keyword
Definition in file detect-fragbits.c.
Macro Definition Documentation
◆ FRAGBITS_HAVE_DF
| #define FRAGBITS_HAVE_DF 0x02 |
Definition at line 66 of file detect-fragbits.c.
◆ FRAGBITS_HAVE_MF
| #define FRAGBITS_HAVE_MF 0x01 |
Definition at line 65 of file detect-fragbits.c.
◆ FRAGBITS_HAVE_RF
| #define FRAGBITS_HAVE_RF 0x04 |
Definition at line 67 of file detect-fragbits.c.
◆ MODIFIER_ANY
| #define MODIFIER_ANY 3 |
Definition at line 63 of file detect-fragbits.c.
◆ MODIFIER_NOT
| #define MODIFIER_NOT 1 |
FragBits args[0] *(3) +(2) !(1)
Definition at line 61 of file detect-fragbits.c.
◆ MODIFIER_PLUS
| #define MODIFIER_PLUS 2 |
Definition at line 62 of file detect-fragbits.c.
◆ PARSE_REGEX
| #define PARSE_REGEX "^(?:([\\+\\*!]))?\\s*([MDR]+)" |
Regex fragbits: [!+*](MDR)
Definition at line 54 of file detect-fragbits.c.
Function Documentation
◆ DetectFragBitsRegister()
| void DetectFragBitsRegister | ( | void | ) |
Registration function for fragbits: keyword.
Registration function for fragbits: keyword
Definition at line 85 of file detect-fragbits.c.
References SigTableElmt_::desc, DETECT_FRAGBITS, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
