#include "suricata-common.h"
#include "suricata.h"
#include "decode.h"
#include "decode-ipv4.h"
#include "decode-tcp.h"
#include "decode-sctp.h"
#include "decode-udp.h"
#include "packet-queue.h"
#include "threads.h"
#include "threadvars.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
#include "action-globals.h"
#include "respond-reject.h"
#include "respond-reject-libnet11.h"
#include "util-device.h"

Include dependency graph for respond-reject-libnet11.c:

Functions
int	RejectSendLibnet11IPv4TCP (ThreadVars tv, Packet p, void *data, enum RejectDirection dir)

int	RejectSendLibnet11IPv4ICMP (ThreadVars tv, Packet p, void *data, enum RejectDirection dir)

int	RejectSendLibnet11IPv6TCP (ThreadVars tv, Packet p, void *data, enum RejectDirection dir)

int	RejectSendLibnet11IPv6ICMP (ThreadVars tv, Packet p, void *data, enum RejectDirection dir)

void	FreeCachedCtx (void)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t; William Metcalf willi.nosp@m.am.m.nosp@m.etcal.nosp@m.f@gm.nosp@m.ail.c.nosp@m.om

RespondRejectLibnet11 used to send out libnet based TCP resets and ICMP unreachables.

Todo:

calculate TTL base on average from stream tracking

come up with a way for users to specify icmp unreachable type

Possibly default to port unreachable for UDP traffic this seems to be the default in flexresp and iptables

implement ipv6 resets

implement pre-alloc resets for speed

Definition in file respond-reject-libnet11.c.

Function Documentation

◆ FreeCachedCtx()

void FreeCachedCtx ( void )

Definition at line 609 of file respond-reject-libnet11.c.

References SCLogDebug.

◆ RejectSendLibnet11IPv4ICMP()

int RejectSendLibnet11IPv4ICMP	(	ThreadVars *	tv,
		Packet *	p,
		void *	data,
		enum RejectDirection	dir
	)

Definition at line 585 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

◆ RejectSendLibnet11IPv4TCP()

int RejectSendLibnet11IPv4TCP	(	ThreadVars *	tv,
		Packet *	p,
		void *	data,
		enum RejectDirection	dir
	)

Definition at line 577 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

◆ RejectSendLibnet11IPv6ICMP()

int RejectSendLibnet11IPv6ICMP	(	ThreadVars *	tv,
		Packet *	p,
		void *	data,
		enum RejectDirection	dir
	)

Definition at line 601 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

◆ RejectSendLibnet11IPv6TCP()

int RejectSendLibnet11IPv6TCP	(	ThreadVars *	tv,
		Packet *	p,
		void *	data,
		enum RejectDirection	dir
	)

Definition at line 593 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Functions

Detailed Description

Function Documentation

◆ FreeCachedCtx()

◆ RejectSendLibnet11IPv4ICMP()

◆ RejectSendLibnet11IPv4TCP()

◆ RejectSendLibnet11IPv6ICMP()

◆ RejectSendLibnet11IPv6TCP()