|
suricata
|
|
suricata
|
Go to the source code of this file.
Macros | |
| #define | COPY_TIMESTAMP(src, dst) ((dst)->tv_sec = (src)->tv_sec, (dst)->tv_usec = (src)->tv_usec) |
| #define | RESET_COUNTERS(f) |
| #define | FLOW_INITIALIZE(f) |
| #define | FLOW_RECYCLE(f) |
| macro to recycle a flow before it goes into the spare queue for reuse. More... | |
| #define | FLOW_DESTROY(f) |
| #define | FLOW_CHECK_MEMCAP(size) ((((uint64_t)SC_ATOMIC_GET(flow_memuse) + (uint64_t)(size)) <= SC_ATOMIC_GET(flow_config.memcap))) |
| check if a memory alloc would fit in the memcap More... | |
Functions | |
| Flow * | FlowAlloc (void) |
| allocate a flow More... | |
| Flow * | FlowAllocDirect (void) |
| void | FlowFree (Flow *) |
| cleanup & free the memory of a flow More... | |
| uint8_t | FlowGetProtoMapping (uint8_t) |
| Function to map the protocol to the defined FLOW_PROTO_* enumeration. More... | |
| void | FlowInit (Flow *, const Packet *) |
| uint8_t | FlowGetReverseProtoMapping (uint8_t rproto) |
Definition in file flow-util.h.
| #define COPY_TIMESTAMP | ( | src, | |
| dst | |||
| ) | ((dst)->tv_sec = (src)->tv_sec, (dst)->tv_usec = (src)->tv_usec) |
Definition at line 30 of file flow-util.h.
Referenced by FlowHandlePacketUpdate(), FlowInit(), and UTHBuildPacketReal().
| #define FLOW_CHECK_MEMCAP | ( | size | ) | ((((uint64_t)SC_ATOMIC_GET(flow_memuse) + (uint64_t)(size)) <= SC_ATOMIC_GET(flow_config.memcap))) |
check if a memory alloc would fit in the memcap
| size | memory allocation size to check |
| 1 | it fits |
| 0 | no fit |
Definition at line 131 of file flow-util.h.
Referenced by FlowAlloc(), FlowInitConfig(), FlowSetupPacket(), FlowUpdateState(), and TmModuleFlowRecyclerRegister().
| #define FLOW_DESTROY | ( | f | ) |
Definition at line 115 of file flow-util.h.
Referenced by DetectBypassRegister(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectFlowbitsAnalyze(), DetectFtpbounceRegister(), DetectHostbitFree(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectProtoContainsProto(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FlowFree(), FTPAtExitPrintStats(), IPOnlyAddSignature(), RegisterDCERPCParsers(), RegisterDNP3Parsers(), RegisterENIPTCPParsers(), RegisterModbusParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SMTPParserCleanup(), TagTimeoutCheck(), and TmModuleFlowRecyclerRegister().
| #define FLOW_INITIALIZE | ( | f | ) |
Definition at line 39 of file flow-util.h.
Referenced by AppLayerParserStreamTruncated(), DetectBypassRegister(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectFlowbitsAnalyze(), DetectFtpbounceRegister(), DetectHostbitFree(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectProtoContainsProto(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FlowAlloc(), FTPAtExitPrintStats(), IPOnlyAddSignature(), RegisterDCERPCParsers(), RegisterDCERPCUDPParsers(), RegisterModbusParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SCSigSignatureOrderingModuleCleanup(), SMTPParserCleanup(), TagTimeoutCheck(), TmModuleFlowRecyclerRegister(), and UTHBuildFlow().
| #define FLOW_RECYCLE | ( | f | ) |
macro to recycle a flow before it goes into the spare queue for reuse.
Note that the lnext, lprev, hnext, hprev fields are untouched, those are managed by the queueing code. Same goes for fb (FlowBucket ptr) field.
Definition at line 81 of file flow-util.h.
Referenced by FlowClearMemory().
| #define RESET_COUNTERS | ( | f | ) |
Definition at line 32 of file flow-util.h.
| Flow* FlowAlloc | ( | void | ) |
allocate a flow
We check against the memuse counter. If it passes that check we increment the counter first, then we try to alloc.
| f | the flow or NULL on out of memory |
Definition at line 51 of file flow-util.c.
References FLOW_CHECK_MEMCAP, FLOW_INITIALIZE, FlowStorageSize(), SC_ATOMIC_ADD, SC_ATOMIC_SUB, SCMalloc, and unlikely.
Referenced by FlowInitConfig(), FlowSetupPacket(), FlowStorageRegister(), FlowUpdateSpareFlows(), and TagTimeoutCheck().
| Flow* FlowAllocDirect | ( | void | ) |
| void FlowFree | ( | Flow * | f | ) |
cleanup & free the memory of a flow
| f | flow to clear & destroy |
Definition at line 80 of file flow-util.c.
References FLOW_DESTROY, FlowStorageSize(), SC_ATOMIC_SUB, and SCFree.
Referenced by AppLayerParserStreamTruncated(), FlowShutdown(), FlowStorageRegister(), FlowUpdateSpareFlows(), and UTHFreeFlow().
| uint8_t FlowGetProtoMapping | ( | uint8_t | proto | ) |
Function to map the protocol to the defined FLOW_PROTO_* enumeration.
| proto | protocol which is needed to be mapped |
Definition at line 95 of file flow-util.c.
References FLOW_PROTO_DEFAULT, FLOW_PROTO_ICMP, FLOW_PROTO_SCTP, FLOW_PROTO_TCP, and FLOW_PROTO_UDP.
Referenced by AppLayerGetTxIterator(), AppLayerParserDestroyProtocolParserLocalStorage(), AppLayerParserGetEventInfo(), AppLayerParserGetEventsByTx(), AppLayerParserGetFiles(), AppLayerParserGetFirstDataDir(), AppLayerParserGetProtocolParserLocalStorage(), AppLayerParserGetStateProgress(), AppLayerParserGetTx(), AppLayerParserGetTxDetectFlags(), AppLayerParserGetTxDetectState(), AppLayerParserParse(), AppLayerParserProtocolGetLoggerBits(), AppLayerParserProtocolHasLogger(), AppLayerParserProtocolIsTxAware(), AppLayerParserProtocolIsTxEventAware(), AppLayerParserProtocolSupportsTxs(), AppLayerParserProtoIsRegistered(), AppLayerParserRegisterDetectFlagsFuncs(), AppLayerParserRegisterDetectStateFuncs(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventsFunc(), AppLayerParserRegisterGetFilesFunc(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterGetTxIterator(), AppLayerParserRegisterLocalStorageFunc(), AppLayerParserRegisterLogger(), AppLayerParserRegisterLoggerBits(), AppLayerParserRegisterLoggerFuncs(), AppLayerParserRegisterOptionFlags(), AppLayerParserRegisterParser(), AppLayerParserRegisterParserAcceptableDataDirection(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTruncateFunc(), AppLayerParserRegisterTxFreeFunc(), AppLayerParserRestoreParserTable(), AppLayerParserSetStreamDepth(), AppLayerParserSetTxDetectFlags(), AppLayerParserSetTxLogged(), AppLayerParserStateCleanup(), AppLayerParserStreamTruncated(), AppLayerParserSupportsFiles(), AppLayerParserSupportsTxDetectState(), AppLayerProtoDetectUnittestCtxRestore(), AppLayerRegisterThreadCounters(), AppLayerSetupCounters(), DetectDnsQueryRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), FlowInit(), FlowSetProtoFreeFunc(), FlowShutdown(), FlowUpdateState(), RegisterDCERPCUDPParsers(), and TagTimeoutCheck().
| uint8_t FlowGetReverseProtoMapping | ( | uint8_t | rproto | ) |
Definition at line 111 of file flow-util.c.
References FLOW_PROTO_ICMP, FLOW_PROTO_SCTP, FLOW_PROTO_TCP, FLOW_PROTO_UDP, Flow_::icmp_d, Flow_::icmp_s, ICMPv4GetCounterpart(), and ICMPv6GetCounterpart().
Referenced by AppLayerParserThreadCtxAlloc(), and AppLayerParserThreadCtxFree().
Definition at line 147 of file flow-util.c.
References COPY_TIMESTAMP, Flow_::dp, Flow_::dst, Flow_::flags, FLOW_IPV4, FLOW_IPV6, FLOW_SET_IPV4_DST_ADDR_FROM_PACKET, FLOW_SET_IPV4_SRC_ADDR_FROM_PACKET, FLOW_SET_IPV6_DST_ADDR_FROM_PACKET, FLOW_SET_IPV6_SRC_ADDR_FROM_PACKET, FlowGetProtoMapping(), Flow_::icmp_s, Packet_::icmp_s, Packet_::icmpv4h, Packet_::icmpv6h, IPV4_GET_IPTTL, IPV6_GET_HLIM, Flow_::max_ttl_toserver, Flow_::min_ttl_toserver, PKT_IS_IPV4, PKT_IS_IPV6, Flow_::proto, Packet_::proto, Flow_::protomap, Flow_::recursion_level, Packet_::recursion_level, SCEnter, SCLogDebug, SCReturn, Packet_::sctph, SET_SCTP_DST_PORT, SET_SCTP_SRC_PORT, SET_TCP_DST_PORT, SET_TCP_SRC_PORT, SET_UDP_DST_PORT, SET_UDP_SRC_PORT, Flow_::sp, Flow_::src, Flow_::startts, Packet_::tcph, Packet_::ts, Packet_::udph, Flow_::vlan_id, and Packet_::vlan_id.
Referenced by FlowGetFlowFromHash(), and FlowSetupPacket().
1.8.11 
