suricata
Data Structures | Macros | Typedefs | Functions
reputation.h File Reference
#include "host.h"
#include "util-radix-tree.h"
Include dependency graph for reputation.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  SRepCIDRTree_
 
struct  SReputation_
 

Macros

#define SREP_MAX_CATS   60
 
#define SREP_MAX_VAL   127
 

Typedefs

typedef struct SRepCIDRTree_ SRepCIDRTree
 
typedef struct SReputation_ SReputation
 

Functions

void SRepFreeHostData (Host *h)
 
uint8_t SRepCatGetByShortname (char *shortname)
 
int SRepInit (struct DetectEngineCtx_ *de_ctx)
 init reputation More...
 
void SRepDestroy (struct DetectEngineCtx_ *de_ctx)
 
void SRepReloadComplete (void)
 Increment effective reputation version after a rule/reputation reload is complete. More...
 
int SRepHostTimedOut (Host *)
 Check if a Host is timed out wrt ip rep, meaning a new version is in place. More...
 
int8_t SRepCIDRGetIPRepSrc (SRepCIDRTree *cidr_ctx, Packet *p, uint8_t cat, uint32_t version)
 
int8_t SRepCIDRGetIPRepDst (SRepCIDRTree *cidr_ctx, Packet *p, uint8_t cat, uint32_t version)
 
void SRepResetVersion (void)
 
int SRepLoadCatFileFromFD (FILE *fp)
 
int SRepLoadFileFromFD (SRepCIDRTree *cidr_ctx, FILE *fp)
 
void SCReputationRegisterTests (void)
 

Detailed Description

Author
Pablo Rincon Crespo pablo.nosp@m..rin.nosp@m.con.c.nosp@m.resp.nosp@m.o@gma.nosp@m.il.c.nosp@m.om
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t Original Idea by Matt Jonkman

Definition in file reputation.h.

Macro Definition Documentation

◆ SREP_MAX_CATS

#define SREP_MAX_CATS   60

Definition at line 33 of file reputation.h.

◆ SREP_MAX_VAL

#define SREP_MAX_VAL   127

Definition at line 34 of file reputation.h.

Typedef Documentation

◆ SRepCIDRTree

typedef struct SRepCIDRTree_ SRepCIDRTree

◆ SReputation

typedef struct SReputation_ SReputation

Function Documentation

◆ SCReputationRegisterTests()

void SCReputationRegisterTests ( void  )

Register the following unittests for the Reputation module

Definition at line 174 of file reputation.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ SRepCatGetByShortname()

uint8_t SRepCatGetByShortname ( char *  shortname)

Definition at line 340 of file reputation.c.

References SREP_MAX_CATS.

◆ SRepCIDRGetIPRepDst()

int8_t SRepCIDRGetIPRepDst ( SRepCIDRTree cidr_ctx,
Packet p,
uint8_t  cat,
uint32_t  version 
)

Definition at line 158 of file reputation.c.

◆ SRepCIDRGetIPRepSrc()

int8_t SRepCIDRGetIPRepSrc ( SRepCIDRTree cidr_ctx,
Packet p,
uint8_t  cat,
uint32_t  version 
)

Definition at line 146 of file reputation.c.

◆ SRepDestroy()

void SRepDestroy ( struct DetectEngineCtx_ de_ctx)

Definition at line 654 of file reputation.c.

References de_ctx, SCFree, SCRadixReleaseRadixTree(), SREP_MAX_CATS, DetectEngineCtx_::srepCIDR_ctx, SRepCIDRTree_::srepIPV4_tree, and SRepCIDRTree_::srepIPV6_tree.

Here is the call graph for this function:

◆ SRepFreeHostData()

void SRepFreeHostData ( Host h)

Definition at line 178 of file reputation.c.

References DEBUG_VALIDATE_BUG_ON, HostDecrUsecnt, Host_::iprep, SC_ATOMIC_GET, and SCFree.

Referenced by HostClearMemory().

Here is the caller graph for this function:

◆ SRepHostTimedOut()

int SRepHostTimedOut ( Host h)

Check if a Host is timed out wrt ip rep, meaning a new version is in place.

We clean up the old version here.

Parameters
hhost
Return values
0not timed out
1timed out

Definition at line 204 of file reputation.c.

References BUG_ON, and Host_::iprep.

◆ SRepInit()

int SRepInit ( DetectEngineCtx de_ctx)

init reputation

Parameters
de_ctxdetection engine ctx for tracking iprep version
Return values
0ok
-1error

If this function is called more than once, the category file is not reloaded.

Definition at line 577 of file reputation.c.

References de_ctx, SCCalloc, and DetectEngineCtx_::srepCIDR_ctx.

◆ SRepLoadCatFileFromFD()

int SRepLoadCatFileFromFD ( FILE *  fp)

Definition at line 368 of file reputation.c.

References Address_::family.

◆ SRepLoadFileFromFD()

int SRepLoadFileFromFD ( SRepCIDRTree cidr_ctx,
FILE *  fp 
)

Definition at line 434 of file reputation.c.

References Address_::family, and len.

◆ SRepReloadComplete()

void SRepReloadComplete ( void  )

Increment effective reputation version after a rule/reputation reload is complete.

Definition at line 172 of file reputation.c.

References SC_ATOMIC_ADD, and SCLogDebug.

◆ SRepResetVersion()

void SRepResetVersion ( void  )

Definition at line 62 of file reputation.c.