Go to the documentation of this file.
51 Flow *, uint8_t,
void *,
void *,
55 static int g_ftp_request_list_id = 0;
83 static int DetectFtpbounceMatchArgs(
91 int octet_ascii_len = 0;
115 while (i <
payload_len && !isdigit((
unsigned char)c[i])) i++;
117 for (;i <
payload_len && octet_ascii_len < 4 ;i++) {
118 if (isdigit((
unsigned char)c[i])) {
119 octet =(c[i] -
'0') + octet * 10;
127 if (isspace((
unsigned char)c[i]))
128 while (i <
payload_len && isspace((
unsigned char)c[i]) ) i++;
133 ip =(ip << 8) + octet;
136 SCLogDebug(
"Unrecognized character '%c'", c[i]);
144 SCLogDebug(
"Different ip, so Matched ip:%d <-> ip_orig:%d",
170 void *state,
void *txv,
176 if (ftp_state == NULL) {
182 if (ftp_state->
command == FTP_COMMAND_PORT) {
183 ret = DetectFtpbounceMatchArgs(ftp_state->
port_line,
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
SigTableElmt * sigmatch_table
uint32_t address_un_data32[4]
FtpRequestCommand command
main detection engine ctx
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
union FlowAddress_::@117 address
FtpRequestCommandArgOfs arg_offset
Data structures and function prototypes for keeping state for the detection engine.
void DetectFtpbounceRegister(void)
Registration function for ftpbounce: keyword.
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.