suricata
Functions
detect-replace.c File Reference
#include "suricata-common.h"
#include "runmodes.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-content.h"
#include "detect-replace.h"
#include "app-layer.h"
#include "detect-engine-mpm.h"
#include "detect-engine.h"
#include "detect-engine-build.h"
#include "util-checksum.h"
#include "util-unittest.h"
#include "util-debug.h"
#include "detect-engine-alert.h"
#include "packet.h"
Include dependency graph for detect-replace.c:

Go to the source code of this file.

Functions

void DetectReplaceRegister (void)
 
DetectReplaceListDetectReplaceAddToList (DetectReplaceList *replist, uint8_t *found, const DetectContentData *cd)
 
void DetectReplaceExecuteInternal (Packet *p, DetectReplaceList *replist)
 
void DetectReplaceFreeInternal (DetectReplaceList *replist)
 

Detailed Description

Author
Eric Leblond eric@.nosp@m.regi.nosp@m.t.org

Replace part of the detection engine.

If previous filter is of content type, replace can be used to change the matched part to a new value.

Definition in file detect-replace.c.

Function Documentation

◆ DetectReplaceAddToList()

DetectReplaceList* DetectReplaceAddToList ( DetectReplaceList replist,
uint8_t *  found,
const DetectContentData cd 
)

Definition at line 168 of file detect-replace.c.

References DetectReplaceList_::cd, DetectContentData_::content_len, DetectReplaceList_::found, DetectReplaceList_::next, DetectContentData_::replace_len, SCLogDebug, SCMalloc, and unlikely.

◆ DetectReplaceExecuteInternal()

void DetectReplaceExecuteInternal ( Packet p,
DetectReplaceList replist 
)

Definition at line 185 of file detect-replace.c.

References DetectReplaceList_::cd, Packet_::flags, DetectReplaceList_::found, DetectReplaceList_::next, PKT_STREAM_MODIFIED, ReCalculateChecksum(), DetectContentData_::replace, DetectContentData_::replace_len, SCFree, and SCLogDebug.

Here is the call graph for this function:

◆ DetectReplaceFreeInternal()

void DetectReplaceFreeInternal ( DetectReplaceList replist)

Definition at line 202 of file detect-replace.c.

References DetectReplaceList_::next, SCFree, and SCLogDebug.

◆ DetectReplaceRegister()

void DetectReplaceRegister ( void  )

Definition at line 58 of file detect-replace.c.

References SigTableElmt_::desc, DETECT_REPLACE, SigTableElmt_::Match, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function: