suricata: src/detect-pcre.h File Reference

suricata

#include "detect-parse.h"

Include dependency graph for detect-pcre.h:

Go to the source code of this file.

Data Structures
struct	DetectPcreData_

Macros
#define	DETECT_PCRE_RELATIVE 0x00001

#define	DETECT_PCRE_RAWBYTES 0x00002

#define	DETECT_PCRE_CASELESS 0x00004

#define	DETECT_PCRE_MATCH_LIMIT 0x00020

#define	DETECT_PCRE_RELATIVE_NEXT 0x00040

#define	DETECT_PCRE_NEGATE 0x00080

#define	DETECT_PCRE_CAPTURE_MAX 8

Typedefs
typedef struct DetectPcreData_	DetectPcreData

Functions
int	DetectPcrePayloadMatch (DetectEngineThreadCtx , const Signature , const SigMatchData , Packet , Flow , const uint8_t , uint32_t)
	Match a regex on a single payload. More...

void	DetectPcreRegister (void)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-pcre.h.

Macro Definition Documentation

◆ DETECT_PCRE_CAPTURE_MAX

#define DETECT_PCRE_CAPTURE_MAX 8

Definition at line 38 of file detect-pcre.h.

◆ DETECT_PCRE_CASELESS

#define DETECT_PCRE_CASELESS 0x00004

Definition at line 32 of file detect-pcre.h.

◆ DETECT_PCRE_MATCH_LIMIT

#define DETECT_PCRE_MATCH_LIMIT 0x00020

Definition at line 34 of file detect-pcre.h.

◆ DETECT_PCRE_NEGATE

#define DETECT_PCRE_NEGATE 0x00080

Definition at line 36 of file detect-pcre.h.

◆ DETECT_PCRE_RAWBYTES

#define DETECT_PCRE_RAWBYTES 0x00002

Definition at line 31 of file detect-pcre.h.

◆ DETECT_PCRE_RELATIVE

#define DETECT_PCRE_RELATIVE 0x00001

Definition at line 30 of file detect-pcre.h.

◆ DETECT_PCRE_RELATIVE_NEXT

#define DETECT_PCRE_RELATIVE_NEXT 0x00040

Definition at line 35 of file detect-pcre.h.

Typedef Documentation

◆ DetectPcreData

typedef struct DetectPcreData_ DetectPcreData

Function Documentation

◆ DetectPcrePayloadMatch()

int DetectPcrePayloadMatch	(	DetectEngineThreadCtx *	det_ctx,
		const Signature *	s,
		const SigMatchData *	smd,
		Packet *	p,
		Flow *	f,
		const uint8_t *	payload,
		uint32_t	payload_len
	)

Match a regex on a single payload.

Parameters

det_ctx	Thread detection ctx.
s	Signature.
sm	Sig match to match against.
p	Packet to set PktVars if any.
f	Flow to set FlowVars if any.
payload	Payload to inspect.
payload_len	Length of the payload.

Return values

1	Match.
0	No match.

Definition at line 190 of file detect-pcre.c.

References DetectEngineThreadCtx_::buffer_offset, SigMatchData_::ctx, DETECT_PCRE_RELATIVE, DetectPcreData_::flags, len, MAX_SUBSTRINGS, payload_len, DetectEngineThreadCtx_::pcre_match_start_offset, and SCEnter.

Referenced by DetectEngineContentInspection().

Here is the caller graph for this function:

◆ DetectPcreRegister()

void DetectPcreRegister ( void )

Definition at line 115 of file detect-pcre.c.

References SigTableElmt_::desc, DETECT_PCRE, SigTableElmt_::Match, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function:

src
detect-pcre.h
Generated on Fri Feb 26 2021 23:30:51 for suricata by 1.8.18