suricata
Functions
respond-reject-libnet11.c File Reference
#include "suricata-common.h"
#include "decode.h"
#include "decode-ipv4.h"
#include "decode-tcp.h"
#include "decode-sctp.h"
#include "decode-udp.h"
#include "packet-queue.h"
#include "threads.h"
#include "threadvars.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
#include "action-globals.h"
#include "respond-reject.h"
#include "respond-reject-libnet11.h"
#include "util-device.h"
Include dependency graph for respond-reject-libnet11.c:

Go to the source code of this file.

Functions

int RejectSendLibnet11L3IPv4TCP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11L3IPv4ICMP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11L3IPv6TCP (ThreadVars *tv, Packet *p, void *data, int dir)
 
int RejectSendLibnet11L3IPv6ICMP (ThreadVars *tv, Packet *p, void *data, int dir)
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t
William Metcalf willi.nosp@m.am.m.nosp@m.etcal.nosp@m.f@gm.nosp@m.ail.c.nosp@m.om

RespondRejectLibnet11 used to send out libnet based TCP resets and ICMP unreachables.

Todo:

calculate TTL base on average from stream tracking

come up with a way for users to specify icmp unreachable type

Possibly default to port unreachable for UDP traffic this seems to be the default in flexresp and iptables

implement ipv6 resets

implement pre-alloc resets for speed

Definition in file respond-reject-libnet11.c.

Function Documentation

int RejectSendLibnet11L3IPv4ICMP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 523 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4ICMP().

Here is the caller graph for this function:

int RejectSendLibnet11L3IPv4TCP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 515 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv4TCP().

Here is the caller graph for this function:

int RejectSendLibnet11L3IPv6ICMP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 539 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6ICMP().

Here is the caller graph for this function:

int RejectSendLibnet11L3IPv6TCP ( ThreadVars tv,
Packet p,
void *  data,
int  dir 
)

Definition at line 531 of file respond-reject-libnet11.c.

References SC_ERR_LIBNET_NOT_ENABLED, and SCLogError.

Referenced by RejectSendIPv6TCP().

Here is the caller graph for this function: