suricata
flow-var.h
Go to the documentation of this file.
1 /* Copyright (C) 2007-2013 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  * \author Pablo Rincon <pablo.rincon.crespo@gmail.com>
23  */
24 
25 #ifndef SURICATA_FLOW_VAR_H
26 #define SURICATA_FLOW_VAR_H
27 
28 #include "flow.h"
29 #include "util-var.h"
30 
31 /** Available data types for Flowvars */
32 
33 #define FLOWVAR_TYPE_STR 1
34 #define FLOWVAR_TYPE_INT 2
35 
36 typedef uint8_t FlowVarKeyLenType;
37 /** Struct used to hold the string data type for flowvars */
38 typedef struct FlowVarTypeStr {
39  uint8_t *value;
40  uint16_t value_len;
41 } FlowVarTypeStr;
42 
43 /** Struct used to hold the integer data type for flowvars */
44 typedef struct FlowVarTypeInt_ {
45  uint32_t value;
46 } FlowVarTypeInt;
47 
48 /** Generic Flowvar Structure */
49 typedef struct FlowVar_ {
50  uint16_t type; /* type, DETECT_FLOWVAR in this case */
51  uint8_t datatype;
52  FlowVarKeyLenType keylen;
53  uint32_t idx; /* name idx */
54  GenericVar *next; /* right now just implement this as a list,
55  * in the long run we have think of something
56  * faster. */
57  union {
58  FlowVarTypeStr fv_str;
59  FlowVarTypeInt fv_int;
60  } data;
61  uint8_t *key;
62 } FlowVar;
63 
64 /** Flowvar Interface API */
65 
66 void FlowVarAddIdValue(Flow *, uint32_t id, uint8_t *value, uint16_t size);
67 void FlowVarAddKeyValue(
68  Flow *f, uint8_t *key, FlowVarKeyLenType keylen, uint8_t *value, uint16_t size);
69 
70 void FlowVarAddIntNoLock(Flow *, uint32_t, uint32_t);
71 void FlowVarAddInt(Flow *, uint32_t, uint32_t);
72 FlowVar *FlowVarGet(Flow *, uint32_t);
73 FlowVar *FlowVarGetByKey(Flow *f, const uint8_t *key, FlowVarKeyLenType keylen);
74 void FlowVarFree(FlowVar *);
75 void FlowVarPrint(GenericVar *);
76 
77 #endif /* SURICATA_FLOW_VAR_H */
FlowVarAddInt
void FlowVarAddInt(Flow *, uint32_t, uint32_t)
Definition: flow-var.c:157
FlowVarTypeStr::value_len
uint16_t value_len
Definition: flow-var.h:40
FlowVarFree
void FlowVarFree(FlowVar *)
Definition: flow-var.c:162
FlowVarAddIdValue
void FlowVarAddIdValue(Flow *, uint32_t id, uint8_t *value, uint16_t size)
Definition: flow-var.c:114
FlowVarTypeInt_
Definition: flow-var.h:44
Flow_
Flow data structure.
Definition: flow.h:354
FlowVar_::fv_str
FlowVarTypeStr fv_str
Definition: flow-var.h:58
FlowVar_::keylen
FlowVarKeyLenType keylen
Definition: flow-var.h:52
util-var.h
FlowVar_::fv_int
FlowVarTypeInt fv_int
Definition: flow-var.h:59
FlowVarAddKeyValue
void FlowVarAddKeyValue(Flow *f, uint8_t *key, FlowVarKeyLenType keylen, uint8_t *value, uint16_t size)
Definition: flow-var.c:94
FlowVar_::idx
uint32_t idx
Definition: flow-var.h:53
FlowVar_::key
uint8_t * key
Definition: flow-var.h:61
FlowVarAddIntNoLock
void FlowVarAddIntNoLock(Flow *, uint32_t, uint32_t)
Definition: flow-var.c:136
FlowVarTypeInt_::value
uint32_t value
Definition: flow-var.h:45
FlowVar
struct FlowVar_ FlowVar
FlowVar_::data
union FlowVar_::@107 data
FlowVarTypeStr::value
uint8_t * value
Definition: flow-var.h:39
GenericVar_
Definition: util-var.h:49
FlowVarKeyLenType
uint8_t FlowVarKeyLenType
Definition: flow-var.h:36
FlowVar_::next
GenericVar * next
Definition: flow-var.h:54
FlowVarGetByKey
FlowVar * FlowVarGetByKey(Flow *f, const uint8_t *key, FlowVarKeyLenType keylen)
get the flowvar with index 'idx' from the flow
Definition: flow-var.c:54
FlowVar_::type
uint16_t type
Definition: flow-var.h:50
FlowVarGet
FlowVar * FlowVarGet(Flow *, uint32_t)
get the flowvar with index 'idx' from the flow
Definition: flow-var.c:78
FlowVarTypeStr
struct FlowVarTypeStr FlowVarTypeStr
FlowVarTypeInt
struct FlowVarTypeInt_ FlowVarTypeInt
flow.h
FlowVarPrint
void FlowVarPrint(GenericVar *)
Definition: flow-var.c:175
FlowVar_
Definition: flow-var.h:49
FlowVar_::datatype
uint8_t datatype
Definition: flow-var.h:51
FlowVarTypeStr
Definition: flow-var.h:38