suricata
Macros | Typedefs | Enumerations | Functions | Variables
flow-private.h File Reference
#include "flow-hash.h"
#include "flow-queue.h"
#include "util-atomic.h"
Include dependency graph for flow-private.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define FLOW_EMERGENCY   0x01
 
#define FLOW_DEFAULT_NEW_TIMEOUT   30
 
#define FLOW_DEFAULT_EST_TIMEOUT   300
 
#define FLOW_DEFAULT_CLOSED_TIMEOUT   0
 
#define FLOW_DEFAULT_BYPASSED_TIMEOUT   100
 
#define FLOW_IPPROTO_TCP_NEW_TIMEOUT   30
 
#define FLOW_IPPROTO_TCP_EST_TIMEOUT   300
 
#define FLOW_IPPROTO_TCP_CLOSED_TIMEOUT   10
 
#define FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT   100
 
#define FLOW_IPPROTO_UDP_NEW_TIMEOUT   30
 
#define FLOW_IPPROTO_UDP_EST_TIMEOUT   300
 
#define FLOW_IPPROTO_UDP_BYPASSED_TIMEOUT   100
 
#define FLOW_IPPROTO_ICMP_NEW_TIMEOUT   30
 
#define FLOW_IPPROTO_ICMP_EST_TIMEOUT   300
 
#define FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT   100
 
#define FLOW_DEFAULT_EMERG_NEW_TIMEOUT   10
 
#define FLOW_DEFAULT_EMERG_EST_TIMEOUT   100
 
#define FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT   0
 
#define FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT   50
 
#define FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT   10
 
#define FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT   100
 
#define FLOW_IPPROTO_TCP_EMERG_CLOSED_TIMEOUT   5
 
#define FLOW_IPPROTO_UDP_EMERG_NEW_TIMEOUT   10
 
#define FLOW_IPPROTO_UDP_EMERG_EST_TIMEOUT   100
 
#define FLOW_IPPROTO_ICMP_EMERG_NEW_TIMEOUT   10
 
#define FLOW_IPPROTO_ICMP_EMERG_EST_TIMEOUT   100
 
#define FLOW_BYPASSED_TIMEOUT   100
 
#define FLOW_PROTO_APPLAYER_MAX   FLOW_PROTO_UDP + 1
 

Typedefs

typedef FlowProtoTimeoutFlowProtoTimeoutPtr
 

Enumerations

enum  {
  FLOW_PROTO_TCP = 0, FLOW_PROTO_UDP, FLOW_PROTO_ICMP, FLOW_PROTO_DEFAULT,
  FLOW_PROTO_MAX
}
 

Functions

 SC_ATOMIC_EXTERN (uint64_t, flow_memuse)
 
 SC_ATOMIC_EXTERN (FlowProtoTimeoutPtr, flow_timeouts)
 

Variables

FlowProtoTimeout flow_timeouts_normal [FLOW_PROTO_MAX]
 
FlowProtoTimeout flow_timeouts_emerg [FLOW_PROTO_MAX]
 
FlowProtoFreeFunc flow_freefuncs [FLOW_PROTO_MAX]
 
FlowQueue flow_recycle_q
 
FlowBucket * flow_hash
 
FlowConfig flow_config
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file flow-private.h.

Macro Definition Documentation

◆ FLOW_BYPASSED_TIMEOUT

#define FLOW_BYPASSED_TIMEOUT   100

Definition at line 68 of file flow-private.h.

◆ FLOW_DEFAULT_BYPASSED_TIMEOUT

#define FLOW_DEFAULT_BYPASSED_TIMEOUT   100

Definition at line 44 of file flow-private.h.

◆ FLOW_DEFAULT_CLOSED_TIMEOUT

#define FLOW_DEFAULT_CLOSED_TIMEOUT   0

Definition at line 43 of file flow-private.h.

◆ FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT

#define FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT   50

Definition at line 59 of file flow-private.h.

◆ FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT

#define FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT   0

Definition at line 58 of file flow-private.h.

◆ FLOW_DEFAULT_EMERG_EST_TIMEOUT

#define FLOW_DEFAULT_EMERG_EST_TIMEOUT   100

Definition at line 57 of file flow-private.h.

◆ FLOW_DEFAULT_EMERG_NEW_TIMEOUT

#define FLOW_DEFAULT_EMERG_NEW_TIMEOUT   10

Definition at line 56 of file flow-private.h.

◆ FLOW_DEFAULT_EST_TIMEOUT

#define FLOW_DEFAULT_EST_TIMEOUT   300

Definition at line 42 of file flow-private.h.

◆ FLOW_DEFAULT_NEW_TIMEOUT

#define FLOW_DEFAULT_NEW_TIMEOUT   30

Definition at line 41 of file flow-private.h.

◆ FLOW_EMERGENCY

#define FLOW_EMERGENCY   0x01

Flow engine is in emergency mode. This means it doesn't have enough spare flows for new flows and/or it's memcap limit it reached. In this state the flow engine with evaluate flows with lower timeout settings.

Definition at line 38 of file flow-private.h.

◆ FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT

#define FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT   100

Definition at line 54 of file flow-private.h.

◆ FLOW_IPPROTO_ICMP_EMERG_EST_TIMEOUT

#define FLOW_IPPROTO_ICMP_EMERG_EST_TIMEOUT   100

Definition at line 66 of file flow-private.h.

◆ FLOW_IPPROTO_ICMP_EMERG_NEW_TIMEOUT

#define FLOW_IPPROTO_ICMP_EMERG_NEW_TIMEOUT   10

Definition at line 65 of file flow-private.h.

◆ FLOW_IPPROTO_ICMP_EST_TIMEOUT

#define FLOW_IPPROTO_ICMP_EST_TIMEOUT   300

Definition at line 53 of file flow-private.h.

◆ FLOW_IPPROTO_ICMP_NEW_TIMEOUT

#define FLOW_IPPROTO_ICMP_NEW_TIMEOUT   30

Definition at line 52 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT

#define FLOW_IPPROTO_TCP_BYPASSED_TIMEOUT   100

Definition at line 48 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_CLOSED_TIMEOUT

#define FLOW_IPPROTO_TCP_CLOSED_TIMEOUT   10

Definition at line 47 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_EMERG_CLOSED_TIMEOUT

#define FLOW_IPPROTO_TCP_EMERG_CLOSED_TIMEOUT   5

Definition at line 62 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT

#define FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT   100

Definition at line 61 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT

#define FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT   10

Definition at line 60 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_EST_TIMEOUT

#define FLOW_IPPROTO_TCP_EST_TIMEOUT   300

Definition at line 46 of file flow-private.h.

◆ FLOW_IPPROTO_TCP_NEW_TIMEOUT

#define FLOW_IPPROTO_TCP_NEW_TIMEOUT   30

Definition at line 45 of file flow-private.h.

◆ FLOW_IPPROTO_UDP_BYPASSED_TIMEOUT

#define FLOW_IPPROTO_UDP_BYPASSED_TIMEOUT   100

Definition at line 51 of file flow-private.h.

◆ FLOW_IPPROTO_UDP_EMERG_EST_TIMEOUT

#define FLOW_IPPROTO_UDP_EMERG_EST_TIMEOUT   100

Definition at line 64 of file flow-private.h.

◆ FLOW_IPPROTO_UDP_EMERG_NEW_TIMEOUT

#define FLOW_IPPROTO_UDP_EMERG_NEW_TIMEOUT   10

Definition at line 63 of file flow-private.h.

◆ FLOW_IPPROTO_UDP_EST_TIMEOUT

#define FLOW_IPPROTO_UDP_EST_TIMEOUT   300

Definition at line 50 of file flow-private.h.

◆ FLOW_IPPROTO_UDP_NEW_TIMEOUT

#define FLOW_IPPROTO_UDP_NEW_TIMEOUT   30

Definition at line 49 of file flow-private.h.

◆ FLOW_PROTO_APPLAYER_MAX

#define FLOW_PROTO_APPLAYER_MAX   FLOW_PROTO_UDP + 1

Definition at line 80 of file flow-private.h.

Typedef Documentation

◆ FlowProtoTimeoutPtr

typedef FlowProtoTimeout* FlowProtoTimeoutPtr

Definition at line 103 of file flow-private.h.

Enumeration Type Documentation

◆ anonymous enum

anonymous enum
Enumerator
FLOW_PROTO_TCP 
FLOW_PROTO_UDP 
FLOW_PROTO_ICMP 
FLOW_PROTO_DEFAULT 
FLOW_PROTO_MAX 

Definition at line 69 of file flow-private.h.

Function Documentation

◆ SC_ATOMIC_EXTERN() [1/2]

SC_ATOMIC_EXTERN ( FlowProtoTimeoutPtr  ,
flow_timeouts   
)

◆ SC_ATOMIC_EXTERN() [2/2]

SC_ATOMIC_EXTERN ( uint64_t  ,
flow_memuse   
)

flow memuse counter (atomic), for enforcing memcap limit

Variable Documentation

◆ flow_config

FlowConfig flow_config

Definition at line 99 of file flow.c.

Referenced by FlowGetExistingFlowFromFlowId(), FlowGetExistingFlowFromHash(), FlowGetFlowFromHash(), FlowGetFromFlowKey(), FlowGetMemcap(), FlowInitConfig(), FlowKeyGetHash(), FlowReset(), FlowSetMemcap(), FlowShutdown(), and FlowSparePoolUpdate().

◆ flow_freefuncs

FlowProtoFreeFunc flow_freefuncs[FLOW_PROTO_MAX]

Definition at line 97 of file flow.c.

Referenced by FlowClearMemory(), FlowInitFlowProto(), and FlowSetProtoFreeFunc().

◆ flow_hash

FlowBucket* flow_hash

Definition at line 57 of file flow-hash.c.

Referenced by FlowGetExistingFlowFromFlowId(), FlowGetExistingFlowFromHash(), FlowGetFlowFromHash(), FlowGetFromFlowKey(), FlowInitConfig(), FlowReset(), and FlowShutdown().

◆ flow_recycle_q

FlowQueue flow_recycle_q

spare/unused/prealloced flows live here queue to pass flows to cleanup/log thread(s)

queue to pass flows to cleanup/log thread(s)

Definition at line 81 of file flow-manager.c.

Referenced by FlowInitConfig(), and FlowShutdown().

◆ flow_timeouts_emerg

FlowProtoTimeout flow_timeouts_emerg[FLOW_PROTO_MAX]

Definition at line 95 of file flow.c.

Referenced by FlowInitFlowProto(), and FlowTimeoutsEmergency().

◆ flow_timeouts_normal

FlowProtoTimeout flow_timeouts_normal[FLOW_PROTO_MAX]

FlowProto specific timeouts and free/state functions

Definition at line 94 of file flow.c.

Referenced by FlowInitFlowProto(), and FlowTimeoutsInit().