suricata
Data Structures | Macros | Typedefs | Functions
detect-itype.c File Reference
#include "suricata-common.h"
#include "debug.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine-prefilter-common.h"
#include "detect-itype.h"
#include "util-byte.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-debug.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
Include dependency graph for detect-itype.c:

Go to the source code of this file.

Data Structures

struct  DetectITypeData_
 

Macros

#define PARSE_REGEX   "^\\s*(<|>)?\\s*([0-9]+)\\s*(?:<>\\s*([0-9]+))?\\s*$"
 Regex for parsing our itype options. More...
 
#define DETECT_ITYPE_EQ   PREFILTER_U8HASH_MODE_EQ
 
#define DETECT_ITYPE_LT   PREFILTER_U8HASH_MODE_LT
 
#define DETECT_ITYPE_GT   PREFILTER_U8HASH_MODE_GT
 
#define DETECT_ITYPE_RN   PREFILTER_U8HASH_MODE_RA
 

Typedefs

typedef struct DetectITypeData_ DetectITypeData
 

Functions

void DetectITypeRegisterTests (void)
 this function registers unit tests for DetectIType More...
 
void DetectITypeFree (DetectEngineCtx *de_ctx, void *ptr)
 this function will free memory associated with DetectITypeData More...
 
void DetectITypeRegister (void)
 Registration function for itype: keyword. More...
 

Detailed Description

Author
Gerardo Iglesias igles.nosp@m.iasg.nosp@m.@gmai.nosp@m.l.co.nosp@m.m

Implements itype keyword support

Definition in file detect-itype.c.

Macro Definition Documentation

◆ DETECT_ITYPE_EQ

#define DETECT_ITYPE_EQ   PREFILTER_U8HASH_MODE_EQ

"equal" operator

Definition at line 77 of file detect-itype.c.

◆ DETECT_ITYPE_GT

#define DETECT_ITYPE_GT   PREFILTER_U8HASH_MODE_GT

"greater than" operator

Definition at line 79 of file detect-itype.c.

◆ DETECT_ITYPE_LT

#define DETECT_ITYPE_LT   PREFILTER_U8HASH_MODE_LT

"less than" operator

Definition at line 78 of file detect-itype.c.

◆ DETECT_ITYPE_RN

#define DETECT_ITYPE_RN   PREFILTER_U8HASH_MODE_RA

"range" operator

Definition at line 80 of file detect-itype.c.

◆ PARSE_REGEX

#define PARSE_REGEX   "^\\s*(<|>)?\\s*([0-9]+)\\s*(?:<>\\s*([0-9]+))?\\s*$"

Regex for parsing our itype options.

Definition at line 45 of file detect-itype.c.

Typedef Documentation

◆ DetectITypeData

typedef struct DetectITypeData_ DetectITypeData

Function Documentation

◆ DetectITypeFree()

void DetectITypeFree ( DetectEngineCtx de_ctx,
void *  ptr 
)

this function will free memory associated with DetectITypeData

Parameters
ptrpointer to DetectITypeData

Definition at line 281 of file detect-itype.c.

References SCFree.

◆ DetectITypeRegister()

void DetectITypeRegister ( void  )

Registration function for itype: keyword.

Definition at line 60 of file detect-itype.c.

References SigTableElmt_::desc, DETECT_ITYPE, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function:

◆ DetectITypeRegisterTests()

void DetectITypeRegisterTests ( void  )

this function registers unit tests for DetectIType

Definition at line 586 of file detect-itype.c.

References UtRegisterTest().

Here is the call graph for this function: