Go to the documentation of this file.
51 Flow *, uint8_t,
void *,
void *,
55 static int g_ftp_request_list_id = 0;
86 static int DetectFtpbounceMatchArgs(
94 int octet_ascii_len = 0;
118 while (i <
payload_len && !isdigit((
unsigned char)c[i])) i++;
120 for (;i <
payload_len && octet_ascii_len < 4 ;i++) {
121 if (isdigit((
unsigned char)c[i])) {
122 octet =(c[i] -
'0') + octet * 10;
130 if (isspace((
unsigned char)c[i]))
131 while (i <
payload_len && isspace((
unsigned char)c[i]) ) i++;
136 ip =(ip << 8) + octet;
139 SCLogDebug(
"Unrecognized character '%c'", c[i]);
147 SCLogDebug(
"Different ip, so Matched ip:%d <-> ip_orig:%d",
173 void *state,
void *txv,
179 if (ftp_state == NULL) {
186 ret = DetectFtpbounceMatchArgs(ftp_state->
port_line,
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
void SigMatchAppendSMToList(Signature *s, SigMatch *new, const int list)
Append a SigMatch to the list type.
uint32_t address_un_data32[4]
FtpRequestCommand command
main detection engine ctx
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define SIG_FLAG_TOSERVER
union FlowAddress_::@114 address
FtpRequestCommandArgOfs arg_offset
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
Data structures and function prototypes for keeping state for the detection engine.
void DetectFtpbounceRegister(void)
Registration function for ftpbounce: keyword.
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int DetectBufferTypeRegister(const char *name)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
a single match condition for a signature