suricata
Macros | Functions
detect-ftpdata.c File Reference
#include "suricata-common.h"
#include "util-unittest.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-state.h"
#include "app-layer-ftp.h"
#include "detect-ftpdata.h"
Include dependency graph for detect-ftpdata.c:

Go to the source code of this file.

Macros

#define PARSE_REGEX   "^\\s*(stor|retr)\\s*$"
 Regex for parsing our keyword options. More...
 
#define MAX_SUBSTRINGS   30
 

Functions

void DetectFtpdataRegister (void)
 Registration function for ftpcommand: keyword. More...
 

Detailed Description

Author
Eric Leblond eric@.nosp@m.regi.nosp@m.t.org

Match on ftp command used to trigger a ftp data transfer

Definition in file detect-ftpdata.c.

Macro Definition Documentation

#define MAX_SUBSTRINGS   30

Referenced by DetectFtpdataRegister().

#define PARSE_REGEX   "^\\s*(stor|retr)\\s*$"

Regex for parsing our keyword options.

Definition at line 40 of file detect-ftpdata.c.

Referenced by DetectFtpdataRegister().

Function Documentation

void DetectFtpdataRegister ( void  )

Registration function for ftpcommand: keyword.

registers the keyword into the engine. Called from detect.c::SigTableSetup()

This function is called once in the 'lifetime' of the engine.

Definition at line 63 of file detect-ftpdata.c.

References ALPROTO_FTPDATA, SigTableElmt_::AppLayerTxMatch, DetectFtpdataData_::command, FtpDataState_::command, SigMatch_::ctx, SigTableElmt_::desc, DETECT_FTPDATA, DetectAppLayerInspectEngineRegister(), DetectBufferTypeGetByName(), DetectEngineAppendSig(), DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineInspectGenericList(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, FAIL_IF, FAIL_IF_NOT_NULL, FAIL_IF_NULL, flags, SigTableElmt_::Free, FTP_COMMAND_RETR, FTP_COMMAND_STOR, m, MAX_SUBSTRINGS, SigTableElmt_::name, PARSE_REGEX, PASS, SigTableElmt_::RegisterTests, res, SC_ERR_NOT_SUPPORTED, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCFree, SCLogDebug, SCLogError, SCMalloc, SigTableElmt_::Setup, SIG_FLAG_TOCLIENT, SIG_FLAG_TOSERVER, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), str, STREAM_TOCLIENT, STREAM_TOSERVER, tx_id, SigMatch_::type, unlikely, SigTableElmt_::url, and UtRegisterTest().

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function: