#include "suricata-common.h"#include "threads.h"#include "flow-var.h"#include "flow.h"#include "detect.h"#include "util-debug.h"
Go to the source code of this file.
Functions | |
| FlowVar * | FlowVarGetByKey (Flow *f, const uint8_t *key, uint16_t keylen) |
| get the flowvar with index 'idx' from the flow More... | |
| FlowVar * | FlowVarGet (Flow *f, uint32_t idx) |
| get the flowvar with index 'idx' from the flow More... | |
| void | FlowVarAddKeyValue (Flow *f, uint8_t *key, uint16_t keysize, uint8_t *value, uint16_t size) |
| void | FlowVarAddIdValue (Flow *f, uint32_t idx, uint8_t *value, uint16_t size) |
| void | FlowVarAddIntNoLock (Flow *f, uint32_t idx, uint32_t value) |
| void | FlowVarAddInt (Flow *f, uint32_t idx, uint32_t value) |
| void | FlowVarFree (FlowVar *fv) |
| void | FlowVarPrint (GenericVar *gv) |
Detailed Description
Flow level variable support for complex detection rules Supported types atm are String and Integers
Definition in file flow-var.c.
Function Documentation
◆ FlowVarAddIdValue()
| void FlowVarAddIdValue | ( | Flow * | , |
| uint32_t | id, | ||
| uint8_t * | value, | ||
| uint16_t | size | ||
| ) |
Flowvar Interface API
Definition at line 113 of file flow-var.c.
References FlowVar_::data, FlowVar_::datatype, DETECT_FLOWVAR, Flow_::flowvar, FLOWVAR_TYPE_STR, FlowVarGet(), FlowVar_::fv_str, GenericVarAppend(), FlowVar_::idx, FlowVar_::next, SCCalloc, FlowVar_::type, unlikely, FlowVarTypeStr::value, and FlowVarTypeStr::value_len.
◆ FlowVarAddInt()
| void FlowVarAddInt | ( | Flow * | f, |
| uint32_t | idx, | ||
| uint32_t | value | ||
| ) |
Definition at line 156 of file flow-var.c.
References FlowVarAddIntNoLock().
◆ FlowVarAddIntNoLock()
| void FlowVarAddIntNoLock | ( | Flow * | f, |
| uint32_t | idx, | ||
| uint32_t | value | ||
| ) |
Definition at line 135 of file flow-var.c.
References FlowVar_::data, FlowVar_::datatype, DETECT_FLOWVAR, Flow_::flowvar, FLOWVAR_TYPE_INT, FlowVarGet(), FlowVar_::fv_int, GenericVarAppend(), FlowVar_::idx, FlowVar_::next, SCMalloc, FlowVar_::type, unlikely, and FlowVarTypeInt_::value.
Referenced by DetectFlowintMatch(), and FlowVarAddInt().
◆ FlowVarAddKeyValue()
| void FlowVarAddKeyValue | ( | Flow * | f, |
| uint8_t * | key, | ||
| uint16_t | keysize, | ||
| uint8_t * | value, | ||
| uint16_t | size | ||
| ) |
Definition at line 94 of file flow-var.c.
References FlowVar_::data, FlowVar_::datatype, DETECT_FLOWVAR, Flow_::flowvar, FLOWVAR_TYPE_STR, FlowVar_::fv_str, GenericVarAppend(), FlowVar_::idx, FlowVar_::key, FlowVar_::keylen, FlowVar_::next, SCCalloc, FlowVar_::type, unlikely, FlowVarTypeStr::value, and FlowVarTypeStr::value_len.
◆ FlowVarFree()
| void FlowVarFree | ( | FlowVar * | fv | ) |
Definition at line 161 of file flow-var.c.
References FlowVar_::data, FlowVar_::datatype, FLOWVAR_TYPE_STR, FlowVar_::fv_str, SCFree, and FlowVarTypeStr::value.
Referenced by GenericVarFree().
◆ FlowVarGet()
get the flowvar with index 'idx' from the flow
- Note
- flow is not locked by this function, caller is responsible
Definition at line 78 of file flow-var.c.
References DETECT_FLOWVAR, Flow_::flowvar, GenericVar_::idx, GenericVar_::next, and GenericVar_::type.
Referenced by DetectFlowintMatch(), DetectFlowvarMatch(), FlowVarAddIdValue(), and FlowVarAddIntNoLock().
◆ FlowVarGetByKey()
get the flowvar with index 'idx' from the flow
- Note
- flow is not locked by this function, caller is responsible
Definition at line 54 of file flow-var.c.
References DETECT_FLOWVAR, Flow_::flowvar, GenericVar_::idx, FlowVar_::key, FlowVar_::keylen, GenericVar_::next, and GenericVar_::type.
◆ FlowVarPrint()
| void FlowVarPrint | ( | GenericVar * | gv | ) |
Definition at line 173 of file flow-var.c.
References FlowVar_::data, FlowVar_::datatype, DETECT_FLOWINT, DETECT_FLOWVAR, FLOWVAR_TYPE_INT, FLOWVAR_TYPE_STR, FlowVarPrint(), FlowVar_::fv_int, FlowVar_::fv_str, FlowVar_::idx, GenericVar_::next, SCLogDebug, SCLogDebugEnabled(), GenericVar_::type, FlowVarTypeStr::value, FlowVarTypeInt_::value, and FlowVarTypeStr::value_len.
Referenced by FlowVarPrint().
