suricata
Functions
respond-reject-libnet11.c File Reference
#include "suricata-common.h"
#include "suricata.h"
#include "decode.h"
#include "decode-ipv4.h"
#include "decode-tcp.h"
#include "decode-sctp.h"
#include "decode-udp.h"
#include "packet-queue.h"
#include "threads.h"
#include "threadvars.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
#include "action-globals.h"
#include "respond-reject.h"
#include "respond-reject-libnet11.h"
#include "util-device.h"
Include dependency graph for respond-reject-libnet11.c:

Go to the source code of this file.

Functions

int RejectSendLibnet11IPv4TCP (ThreadVars *tv, Packet *p, void *data, enum RejectDirection dir)
 
int RejectSendLibnet11IPv4ICMP (ThreadVars *tv, Packet *p, void *data, enum RejectDirection dir)
 
int RejectSendLibnet11IPv6TCP (ThreadVars *tv, Packet *p, void *data, enum RejectDirection dir)
 
int RejectSendLibnet11IPv6ICMP (ThreadVars *tv, Packet *p, void *data, enum RejectDirection dir)
 
void FreeCachedCtx (void)
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t
William Metcalf willi.nosp@m.am.m.nosp@m.etcal.nosp@m.f@gm.nosp@m.ail.c.nosp@m.om

RespondRejectLibnet11 used to send out libnet based TCP resets and ICMP unreachables.

Todo:

calculate TTL base on average from stream tracking

come up with a way for users to specify icmp unreachable type

Possibly default to port unreachable for UDP traffic this seems to be the default in flexresp and iptables

implement ipv6 resets

implement pre-alloc resets for speed

Definition in file respond-reject-libnet11.c.

Function Documentation

◆ FreeCachedCtx()

void FreeCachedCtx ( void  )

Definition at line 609 of file respond-reject-libnet11.c.

References SCLogDebug.

◆ RejectSendLibnet11IPv4ICMP()

int RejectSendLibnet11IPv4ICMP ( ThreadVars tv,
Packet p,
void *  data,
enum RejectDirection  dir 
)

Definition at line 585 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4ICMP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv4TCP()

int RejectSendLibnet11IPv4TCP ( ThreadVars tv,
Packet p,
void *  data,
enum RejectDirection  dir 
)

Definition at line 577 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4TCP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv6ICMP()

int RejectSendLibnet11IPv6ICMP ( ThreadVars tv,
Packet p,
void *  data,
enum RejectDirection  dir 
)

Definition at line 601 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6ICMP().

Here is the caller graph for this function:

◆ RejectSendLibnet11IPv6TCP()

int RejectSendLibnet11IPv6TCP ( ThreadVars tv,
Packet p,
void *  data,
enum RejectDirection  dir 
)

Definition at line 593 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6TCP().

Here is the caller graph for this function: