Go to the documentation of this file.
37 static int mqtt_protocol_version_id = 0;
91 version = rs_mqtt_tx_get_protocol_version(state);
132 rs_detect_u8_free(
de);
146 rs_detect_u8_free(de_ptr);
160 static int MQTTProtocolVersionTestParse01 (
void)
166 "alert ip any any -> any any (mqtt.protocol_version:3; sid:1; rev:1;)");
170 "alert ip any any -> any any (mqtt.protocol_version:3; sid:2; rev:1;)");
184 static int MQTTProtocolVersionTestParse02 (
void)
190 "alert ip any any -> any any (mqtt.protocol_version:>3; sid:1; rev:1;)");
194 "alert ip any any -> any any (mqtt.protocol_version:<44; sid:2; rev:1;)");
208 static int MQTTProtocolVersionTestParse03 (
void)
214 "alert ip any any -> any any (mqtt.protocol_version:; sid:1; rev:1;)");
228 static int MQTTProtocolVersionTestParse04 (
void)
234 "alert ip any any -> any any (mqtt.protocol_version:<444; sid:1; rev:1;)");
250 UtRegisterTest(
"MQTTProtocolVersionTestParse01", MQTTProtocolVersionTestParse01);
251 UtRegisterTest(
"MQTTProtocolVersionTestParse02", MQTTProtocolVersionTestParse02);
252 UtRegisterTest(
"MQTTProtocolVersionTestParse03", MQTTProtocolVersionTestParse03);
253 UtRegisterTest(
"MQTTProtocolVersionTestParse04", MQTTProtocolVersionTestParse04);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
void DetectMQTTProtocolVersionRegister(void)
Registration function for mqtt.protocol_version: keyword.
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
void SigMatchAppendSMToList(Signature *s, SigMatch *new, const int list)
Append a SigMatch to the list type.
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
DetectUintData_u8 * DetectU8Parse(const char *u8str)
This function is used to parse u8 options passed via some u8 keyword.
#define SIG_FLAG_TOSERVER
#define FAIL_IF_NOT_NULL(expr)
Fail a test if expression evaluates to non-NULL.
#define PASS
Pass the test.
DetectUintData_u8 DetectU8Data
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
@ DETECT_AL_MQTT_PROTOCOL_VERSION
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int DetectU8Match(const uint8_t parg, const DetectUintData_u8 *du8)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
void MQTTProtocolVersionRegisterTests(void)
this function registers unit tests for MQTTProtocolVersion
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
a single match condition for a signature
DetectEngineCtx * DetectEngineCtxInit(void)
void DetectMQTTProtocolVersionFree(DetectEngineCtx *de_ctx, void *)
void(* RegisterTests)(void)