|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "debug.h"#include "decode.h"#include "decode-ipv4.h"#include "decode-ipv6.h"#include "detect.h"#include "detect-parse.h"#include "detect-engine-prefilter-common.h"#include "detect-fragoffset.h"#include "util-byte.h"#include "util-unittest.h"#include "util-debug.h"#include "detect-engine.h"#include "detect-engine-mpm.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^\\s*(?:(<|>))?\\s*([0-9]+)" |
| #define | MAX_SUBSTRINGS 30 |
Functions | |
| void | DetectFragOffsetRegisterTests (void) |
| void | DetectFragOffsetFree (void *ptr) |
| this function will free memory associated with DetectFragOffsetData More... | |
| void | DetectFragOffsetRegister (void) |
| Registration function for fragoffset. More... | |
Implements fragoffset keyword
Definition in file detect-fragoffset.c.
| #define MAX_SUBSTRINGS 30 |
Referenced by DetectFragOffsetRegister().
| #define PARSE_REGEX "^\\s*(?:(<|>))?\\s*([0-9]+)" |
Definition at line 42 of file detect-fragoffset.c.
Referenced by DetectFragOffsetRegister().
| void DetectFragOffsetFree | ( | void * | ptr | ) |
this function will free memory associated with DetectFragOffsetData
| ptr | pointer to DetectFragOffsetData |
Definition at line 251 of file detect-fragoffset.c.
References DE_QUIET, DETECT_FRAGOFFSET, DETECT_SM_LIST_MATCH, DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), Packet_::dst, FALSE, Address_::family, DetectEngineCtx_::flags, FLOW_QUIET, FlowInitConfig(), FlowShutdown(), FRAG_MORE, DetectFragOffsetData_::frag_off, Signature_::init_data, Packet_::ip4h, IPV4Hdr_::ip_off, IPV4_GET_IPOFFSET, IPV6_EXTHDR_GET_FH_OFFSET, IPV6_EXTHDR_ISSET_FH, DetectFragOffsetData_::mode, SigMatch_::next, Signature_::next, PacketAlertCheck(), PKT_IS_IPV4, PKT_IS_IPV6, PKT_IS_PSEUDOPKT, DetectEngineThreadCtx_::pmq, PrefilterSetupPacketHeader(), SCFree, SCLogDebug, SCMalloc, DetectEngineCtx_::sig_list, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigInit(), SigMatchSignatures(), PrefilterPacketHeaderCtx_::sigs_array, PrefilterPacketHeaderCtx_::sigs_cnt, SIZE_OF_PACKET, SignatureInitData_::smlists, Packet_::src, TRUE, SigMatch_::type, PrefilterPacketHeaderValue::u16, PrefilterPacketHeaderValue::u8, unlikely, and PrefilterPacketHeaderCtx_::v1.
Referenced by DetectFragOffsetRegister().
| void DetectFragOffsetRegister | ( | void | ) |
Registration function for fragoffset.
Definition at line 59 of file detect-fragoffset.c.
References ByteExtractStringUint16(), SigMatch_::ctx, SigTableElmt_::desc, DETECT_FRAGOFFSET, DETECT_SM_LIST_MATCH, DetectFragOffsetFree(), DetectFragOffsetRegisterTests(), DetectSetupParseRegexes(), DOC_URL, DOC_VERSION, Signature_::flags, FRAG_LESS, FRAG_MORE, DetectFragOffsetData_::frag_off, SigTableElmt_::Free, IPV4_GET_IPOFFSET, IPV6_EXTHDR_GET_FH_OFFSET, IPV6_EXTHDR_ISSET_FH, SigTableElmt_::Match, MAX_SUBSTRINGS, DetectFragOffsetData_::mode, SigTableElmt_::name, PARSE_REGEX, PKT_IS_IPV4, PKT_IS_IPV6, PKT_IS_PSEUDOPKT, SigTableElmt_::RegisterTests, res, SC_ERR_INVALID_ARGUMENT, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCFree, SCLogDebug, SCLogError, SCMalloc, SigTableElmt_::Setup, SigTableElmt_::SetupPrefilter, SIG_FLAG_REQUIRE_PACKET, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SigTableElmt_::SupportsPrefilter, SigMatch_::type, unlikely, and SigTableElmt_::url.
Referenced by SigTableSetup().
| void DetectFragOffsetRegisterTests | ( | void | ) |
Definition at line 452 of file detect-fragoffset.c.
References UtRegisterTest().
Referenced by DetectFragOffsetRegister().
1.8.11