#include "detect-parse.h"
Go to the source code of this file.
Data Structures | |
| struct | DetectPcreData_ |
Macros | |
| #define | DETECT_PCRE_RELATIVE 0x00001 |
| #define | DETECT_PCRE_RAWBYTES 0x00002 |
| #define | DETECT_PCRE_CASELESS 0x00004 |
| #define | DETECT_PCRE_MATCH_LIMIT 0x00020 |
| #define | DETECT_PCRE_RELATIVE_NEXT 0x00040 |
| #define | DETECT_PCRE_NEGATE 0x00080 |
| #define | DETECT_PCRE_CAPTURE_MAX 8 |
| #define | SC_MATCH_LIMIT_DEFAULT 3500 |
| #define | SC_MATCH_LIMIT_RECURSION_DEFAULT 1500 |
Typedefs | |
| typedef struct DetectPcreData_ | DetectPcreData |
Functions | |
| int | DetectPcrePayloadMatch (DetectEngineThreadCtx *, const Signature *, const SigMatchData *, Packet *, Flow *, const uint8_t *, uint32_t) |
| Match a regex on a single payload. More... | |
| void | DetectPcreRegister (void) |
Detailed Description
Definition in file detect-pcre.h.
Macro Definition Documentation
◆ DETECT_PCRE_CAPTURE_MAX
| #define DETECT_PCRE_CAPTURE_MAX 8 |
Definition at line 39 of file detect-pcre.h.
◆ DETECT_PCRE_CASELESS
| #define DETECT_PCRE_CASELESS 0x00004 |
Definition at line 33 of file detect-pcre.h.
◆ DETECT_PCRE_MATCH_LIMIT
| #define DETECT_PCRE_MATCH_LIMIT 0x00020 |
Definition at line 35 of file detect-pcre.h.
◆ DETECT_PCRE_NEGATE
| #define DETECT_PCRE_NEGATE 0x00080 |
Definition at line 37 of file detect-pcre.h.
◆ DETECT_PCRE_RAWBYTES
| #define DETECT_PCRE_RAWBYTES 0x00002 |
Definition at line 32 of file detect-pcre.h.
◆ DETECT_PCRE_RELATIVE
| #define DETECT_PCRE_RELATIVE 0x00001 |
Definition at line 30 of file detect-pcre.h.
◆ DETECT_PCRE_RELATIVE_NEXT
| #define DETECT_PCRE_RELATIVE_NEXT 0x00040 |
Definition at line 36 of file detect-pcre.h.
◆ SC_MATCH_LIMIT_DEFAULT
| #define SC_MATCH_LIMIT_DEFAULT 3500 |
Definition at line 41 of file detect-pcre.h.
◆ SC_MATCH_LIMIT_RECURSION_DEFAULT
| #define SC_MATCH_LIMIT_RECURSION_DEFAULT 1500 |
Definition at line 42 of file detect-pcre.h.
Typedef Documentation
◆ DetectPcreData
| typedef struct DetectPcreData_ DetectPcreData |
Function Documentation
◆ DetectPcrePayloadMatch()
| int DetectPcrePayloadMatch | ( | DetectEngineThreadCtx * | det_ctx, |
| const Signature * | s, | ||
| const SigMatchData * | smd, | ||
| Packet * | p, | ||
| Flow * | f, | ||
| const uint8_t * | payload, | ||
| uint32_t | payload_len | ||
| ) |
Match a regex on a single payload.
- Parameters
-
det_ctx Thread detection ctx. s Signature. sm Sig match to match against. p Packet to set PktVars if any. f Flow to set FlowVars if any. payload Payload to inspect. payload_len Length of the payload.
- Return values
-
1 Match. 0 No match.
Definition at line 175 of file detect-pcre.c.
References DetectEngineThreadCtx_::buffer_offset, SigMatchData_::ctx, DETECT_PCRE_RELATIVE, DetectThreadCtxGetKeywordThreadCtx(), DetectPcreData_::flags, len, DetectParseRegex::match, payload_len, DetectEngineThreadCtx_::pcre_match_start_offset, SCEnter, and DetectPcreData_::thread_ctx_id.
Referenced by DetectEngineContentInspection().
◆ DetectPcreRegister()
| void DetectPcreRegister | ( | void | ) |
Definition at line 96 of file detect-pcre.c.
References SigTableElmt_::desc, DETECT_PCRE, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.
Referenced by SigTableSetup().
