Go to the documentation of this file.
37 static int mqtt_protocol_version_id = 0;
67 1, DetectEngineInspectMQTTProtocolVersionGeneric, NULL);
103 version = rs_mqtt_tx_get_protocol_version(state);
173 static int MQTTProtocolVersionTestParse01 (
void)
179 "alert ip any any -> any any (mqtt.protocol_version:3; sid:1; rev:1;)");
183 "alert ip any any -> any any (mqtt.protocol_version:3; sid:2; rev:1;)");
197 static int MQTTProtocolVersionTestParse02 (
void)
203 "alert ip any any -> any any (mqtt.protocol_version:>3; sid:1; rev:1;)");
207 "alert ip any any -> any any (mqtt.protocol_version:<44; sid:2; rev:1;)");
221 static int MQTTProtocolVersionTestParse03 (
void)
227 "alert ip any any -> any any (mqtt.protocol_version:; sid:1; rev:1;)");
241 static int MQTTProtocolVersionTestParse04 (
void)
247 "alert ip any any -> any any (mqtt.protocol_version:<444; sid:1; rev:1;)");
263 UtRegisterTest(
"MQTTProtocolVersionTestParse01", MQTTProtocolVersionTestParse01);
264 UtRegisterTest(
"MQTTProtocolVersionTestParse02", MQTTProtocolVersionTestParse02);
265 UtRegisterTest(
"MQTTProtocolVersionTestParse03", MQTTProtocolVersionTestParse03);
266 UtRegisterTest(
"MQTTProtocolVersionTestParse04", MQTTProtocolVersionTestParse04);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
void DetectMQTTProtocolVersionRegister(void)
Registration function for mqtt.protocol_version: keyword.
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
void(* Free)(DetectEngineCtx *, void *)
int DetectEngineInspectGenericList(const DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatchData *smd, Flow *f, const uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int DetectU8Match(const uint8_t parg, const DetectU8Data *du8)
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
#define SIG_FLAG_TOSERVER
#define FAIL_IF_NOT_NULL(expr)
Fail a test if expression evaluates to non-NULL.
#define PASS
Pass the test.
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
@ DETECT_AL_MQTT_PROTOCOL_VERSION
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
Signature * DetectEngineAppendSig(DetectEngineCtx *de_ctx, const char *sigstr)
Parse and append a Signature into the Detection Engine Context signature list.
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
void MQTTProtocolVersionRegisterTests(void)
this function registers unit tests for MQTTProtocolVersion
DetectU8Data * DetectU8Parse(const char *u8str)
This function is used to parse u8 options passed via some u8 keyword.
a single match condition for a signature
DetectEngineCtx * DetectEngineCtxInit(void)
void DetectMQTTProtocolVersionFree(DetectEngineCtx *de_ctx, void *)
void SigMatchAppendSMToList(Signature *s, SigMatch *new, int list)
Append a SigMatch to the list type.
void(* RegisterTests)(void)