suricata
Functions
respond-reject-libnet11.c File Reference
#include "suricata-common.h"
#include "decode.h"
#include "decode-ipv4.h"
#include "decode-tcp.h"
#include "decode-sctp.h"
#include "decode-udp.h"
#include "packet-queue.h"
#include "threads.h"
#include "threadvars.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
#include "action-globals.h"
#include "respond-reject.h"
#include "respond-reject-libnet11.h"
#include "util-device.h"
Include dependency graph for respond-reject-libnet11.c:

Go to the source code of this file.

Functions

int RejectSendLibnet11IPv4TCP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11IPv4ICMP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11IPv6TCP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11IPv6ICMP (ThreadVars *tv, Packet *p, void *data, int dir)
 
void FreeCachedCtx (void)
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t
William Metcalf willi.nosp@m.am.m.nosp@m.etcal.nosp@m.f@gm.nosp@m.ail.c.nosp@m.om

RespondRejectLibnet11 used to send out libnet based TCP resets and ICMP unreachables.

Todo:

calculate TTL base on average from stream tracking

come up with a way for users to specify icmp unreachable type

Possibly default to port unreachable for UDP traffic this seems to be the default in flexresp and iptables

implement ipv6 resets

implement pre-alloc resets for speed

Definition in file respond-reject-libnet11.c.

Function Documentation

◆ FreeCachedCtx()

void FreeCachedCtx ( void  )

Definition at line 614 of file respond-reject-libnet11.c.

References SCLogDebug.

◆ RejectSendLibnet11IPv4ICMP()

int RejectSendLibnet11IPv4ICMP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 590 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4ICMP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv4TCP()

int RejectSendLibnet11IPv4TCP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 582 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4TCP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv6ICMP()

int RejectSendLibnet11IPv6ICMP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 606 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6ICMP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv6TCP()

int RejectSendLibnet11IPv6TCP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 598 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6TCP().

Here is the caller graph for this function: