Go to the documentation of this file.
37 #define PARSE_REGEX "^\\s*([0-9]+)\\s*$"
48 static void DetectSNMPPduTypeRegisterTests(
void);
50 static int g_snmp_pdu_type_buffer_id = 0;
53 uint8_t,
void *,
void *,
const Signature *,
105 rs_snmp_tx_get_pdu_type(txv, &pdu_type);
127 char value1[20] =
"";
130 pcre2_match_data *match = NULL;
137 pcre2len =
sizeof(value1);
138 res = pcre2_substring_copy_bynumber(match, 1, (PCRE2_UCHAR8 *)value1, &pcre2len);
140 SCLogError(
"pcre2_substring_copy_bynumber failed");
149 dd->
pdu_type = strtoul(value1, &endptr, 10);
150 if (endptr == NULL || *endptr !=
'\0') {
152 "to snmp.pdu_type keyword");
156 pcre2_match_data_free(match);
161 pcre2_match_data_free(match);
188 dd = DetectSNMPPduTypeParse(rawstr);
201 sm->
ctx = (
void *)dd;
208 DetectSNMPPduTypeFree(
de_ctx, dd);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
void SigMatchAppendSMToList(Signature *s, SigMatch *new, const int list)
Append a SigMatch to the list type.
void(* Free)(DetectEngineCtx *, void *)
main detection engine ctx
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int DetectParsePcreExec(DetectParseRegex *parse_regex, pcre2_match_data **match, const char *str, int start_offset, int options)
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
#define SIG_FLAG_TOSERVER
struct DetectSNMPPduTypeData_ DetectSNMPPduTypeData
void DetectSetupParseRegexes(const char *parse_str, DetectParseRegex *detect_parse)
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
SigMatch * SigMatchAlloc(void)
@ DETECT_AL_SNMP_PDU_TYPE
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
#define SCLogError(...)
Macro used to log ERROR messages.
a single match condition for a signature
void DetectSNMPPduTypeRegister(void)
void(* RegisterTests)(void)