Go to the documentation of this file.
38 #define PARSE_REGEX "^\\s*([0-9]+)?\\s*,s*([0-9]+)?\\s*$"
136 SCLogError(
"parse error, ret %" PRId32
"", ret);
140 pcre2len =
sizeof(arg1);
141 ret = pcre2_substring_copy_bynumber(parse_regex.
match, 1, (PCRE2_UCHAR8 *)arg1, &pcre2len);
143 SCLogError(
"pcre2_substring_copy_bynumber failed");
148 pcre2len =
sizeof(arg2);
149 ret = pcre2_substring_copy_bynumber(parse_regex.
match, 2, (PCRE2_UCHAR8 *)arg2, &pcre2len);
151 SCLogError(
"pcre2_substring_copy_bynumber failed");
185 if (templated == NULL)
190 DetectTemplateFree(
de_ctx, templated);
195 sm->
ctx = (
void *)templated;
void DetectTemplateRegister(void)
Registration function for template: keyword.
int DetectParsePcreExec(DetectParseRegex *parse_regex, const char *str, int start_offset, int options)
void(* Free)(DetectEngineCtx *, void *)
#define PKT_IS_PSEUDOPKT(p)
return 1 if the packet is a pseudo packet
main detection engine ctx
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
void DetectSetupParseRegexes(const char *parse_str, DetectParseRegex *detect_parse)
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int ByteExtractStringUint8(uint8_t *res, int base, size_t len, const char *str)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
#define PARSE_REGEX
Regex for parsing our keyword options.
#define SCLogError(...)
Macro used to log ERROR messages.
a single match condition for a signature
void DetectTemplateRegisterTests(void)
this function registers unit tests for DetectTemplate
void SigMatchAppendSMToList(Signature *s, SigMatch *new, int list)
Append a SigMatch to the list type.
void(* RegisterTests)(void)
#define SIG_FLAG_REQUIRE_PACKET