|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "debug.h"#include "decode.h"#include "detect.h"#include "detect-ipproto.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-engine-siggroup.h"#include "detect-engine-address.h"#include "util-byte.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-debug.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^([!<>]?)\\s*([^\\s]+)$" |
| Regex for parsing our options. More... | |
| #define | MAX_SUBSTRINGS 30 |
Functions | |
| void | DetectIPProtoRegister (void) |
| Registration function for ip_proto keyword. More... | |
| void | DetectIPProtoRemoveAllSMs (Signature *s) |
Implements the ip_proto keyword
Definition in file detect-ipproto.c.
| #define MAX_SUBSTRINGS 30 |
Referenced by DetectIPProtoRegister().
| #define PARSE_REGEX "^([!<>]?)\\s*([^\\s]+)$" |
Regex for parsing our options.
Definition at line 49 of file detect-ipproto.c.
Referenced by DetectIPProtoRegister().
| void DetectIPProtoRegister | ( | void | ) |
Registration function for ip_proto keyword.
Definition at line 58 of file detect-ipproto.c.
References ByteExtractStringUint8(), SigMatch_::ctx, SigTableElmt_::desc, DETECT_IPPROTO, DETECT_IPPROTO_OP_EQ, DETECT_IPPROTO_OP_GT, DETECT_IPPROTO_OP_LT, DETECT_IPPROTO_OP_NOT, DETECT_PROTO_ANY, DETECT_PROTO_IPV4, DETECT_PROTO_IPV6, DETECT_SM_LIST_MATCH, DetectSetupParseRegexes(), DOC_URL, DOC_VERSION, DetectProto_::flags, Signature_::flags, SigTableElmt_::flags, SigTableElmt_::Free, Signature_::init_data, SignatureInitData_::init_flags, SigTableElmt_::Match, MAX_SUBSTRINGS, SigTableElmt_::name, SigMatch_::next, DetectIPProtoData_::op, PARSE_REGEX, DetectIPProtoData_::proto, DetectProto_::proto, Signature_::proto, SigTableElmt_::RegisterTests, res, SC_ERR_INVALID_SIGNATURE, SC_ERR_INVALID_VALUE, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCFree, SCLogError, SCMalloc, SigTableElmt_::Setup, SIG_FLAG_INIT_FIRST_IPPROTO_SEEN, SIG_FLAG_REQUIRE_PACKET, SIGMATCH_QUOTES_OPTIONAL, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SignatureInitData_::smlists, SigMatch_::type, unlikely, and SigTableElmt_::url.
Referenced by SigTableSetup().
| void DetectIPProtoRemoveAllSMs | ( | Signature * | s | ) |
Definition at line 429 of file detect-ipproto.c.
References DE_QUIET, DecodeEthernet(), DETECT_IPPROTO, DETECT_PROTO_ANY, DETECT_SM_LIST_MATCH, DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), FAIL_IF, FAIL_IF_NOT, FAIL_IF_NULL, DetectProto_::flags, DetectEngineCtx_::flags, FLOW_QUIET, FlowInitConfig(), FlowShutdown(), Signature_::init_data, SignatureInitData_::init_flags, mpm_default_matcher, DetectEngineCtx_::mpm_matcher, SigMatch_::next, PacketAlertCheck(), PASS, DetectProto_::proto, Packet_::proto, Signature_::proto, SCFree, SCMalloc, SIG_FLAG_INIT_FIRST_IPPROTO_SEEN, DetectEngineCtx_::sig_list, SigAlloc(), SigCleanSignatures(), SigFree(), SigGroupBuild(), SigGroupCleanup(), SigInit(), SigMatchFree(), SigMatchRemoveSMFromList(), SigMatchSignatures(), SIZE_OF_PACKET, SignatureInitData_::smlists, SigMatch_::type, unlikely, UTHBuildPacket(), UTHFreePacket(), UTHGenericTest(), and UtRegisterTest().
Referenced by SigMatchListSMBelongsTo().
1.8.11