Go to the documentation of this file.
37 #define PARSE_REGEX "^\\s*([0-9]+)\\s*$"
48 static void DetectSNMPPduTypeRegisterTests(
void);
50 static int g_snmp_pdu_type_buffer_id = 0;
53 uint8_t,
void *,
void *,
const Signature *,
105 rs_snmp_tx_get_pdu_type(txv, &pdu_type);
125 int ret = 0, res = 0;
127 char value1[20] =
"";
136 pcre2len =
sizeof(value1);
137 res = pcre2_substring_copy_bynumber(parse_regex.
match, 1, (PCRE2_UCHAR8 *)value1, &pcre2len);
139 SCLogError(
"pcre2_substring_copy_bynumber failed");
148 dd->
pdu_type = strtoul(value1, &endptr, 10);
149 if (endptr == NULL || *endptr !=
'\0') {
151 "to snmp.pdu_type keyword");
183 dd = DetectSNMPPduTypeParse(rawstr);
196 sm->
ctx = (
void *)dd;
203 DetectSNMPPduTypeFree(
de_ctx, dd);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
int DetectParsePcreExec(DetectParseRegex *parse_regex, const char *str, int start_offset, int options)
void(* Free)(DetectEngineCtx *, void *)
main detection engine ctx
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
#define SIG_FLAG_TOSERVER
struct DetectSNMPPduTypeData_ DetectSNMPPduTypeData
void DetectSetupParseRegexes(const char *parse_str, DetectParseRegex *detect_parse)
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
SigMatch * SigMatchAlloc(void)
@ DETECT_AL_SNMP_PDU_TYPE
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
#define SCLogError(...)
Macro used to log ERROR messages.
a single match condition for a signature
void DetectSNMPPduTypeRegister(void)
void SigMatchAppendSMToList(Signature *s, SigMatch *new, int list)
Append a SigMatch to the list type.
void(* RegisterTests)(void)