Go to the documentation of this file.
37 static int mqtt_protocol_version_id = 0;
91 version = rs_mqtt_tx_get_protocol_version(state);
119 mqtt_protocol_version_id) == NULL) {
127 rs_detect_u8_free(
de);
139 rs_detect_u8_free(de_ptr);
153 static int MQTTProtocolVersionTestParse01 (
void)
159 "alert ip any any -> any any (mqtt.protocol_version:3; sid:1; rev:1;)");
163 "alert ip any any -> any any (mqtt.protocol_version:3; sid:2; rev:1;)");
177 static int MQTTProtocolVersionTestParse02 (
void)
183 "alert ip any any -> any any (mqtt.protocol_version:>3; sid:1; rev:1;)");
187 "alert ip any any -> any any (mqtt.protocol_version:<44; sid:2; rev:1;)");
201 static int MQTTProtocolVersionTestParse03 (
void)
207 "alert ip any any -> any any (mqtt.protocol_version:; sid:1; rev:1;)");
221 static int MQTTProtocolVersionTestParse04 (
void)
227 "alert ip any any -> any any (mqtt.protocol_version:<444; sid:1; rev:1;)");
243 UtRegisterTest(
"MQTTProtocolVersionTestParse01", MQTTProtocolVersionTestParse01);
244 UtRegisterTest(
"MQTTProtocolVersionTestParse02", MQTTProtocolVersionTestParse02);
245 UtRegisterTest(
"MQTTProtocolVersionTestParse03", MQTTProtocolVersionTestParse03);
246 UtRegisterTest(
"MQTTProtocolVersionTestParse04", MQTTProtocolVersionTestParse04);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
void DetectMQTTProtocolVersionRegister(void)
Registration function for mqtt.protocol_version: keyword.
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
DetectUintData_u8 * DetectU8Parse(const char *u8str)
This function is used to parse u8 options passed via some u8 keyword.
#define SIG_FLAG_TOSERVER
#define FAIL_IF_NOT_NULL(expr)
Fail a test if expression evaluates to non-NULL.
#define PASS
Pass the test.
DetectUintData_u8 DetectU8Data
@ DETECT_AL_MQTT_PROTOCOL_VERSION
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int DetectU8Match(const uint8_t parg, const DetectUintData_u8 *du8)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
void MQTTProtocolVersionRegisterTests(void)
this function registers unit tests for MQTTProtocolVersion
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
DetectEngineCtx * DetectEngineCtxInit(void)
void DetectMQTTProtocolVersionFree(DetectEngineCtx *de_ctx, void *)
void DetectAppLayerInspectEngineRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr Callback, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
void(* RegisterTests)(void)