|
suricata
|
|
suricata
|
#include <detect.h>
Public Member Functions | |
| SC_ATOMIC_DECLARE (int, so_far_used_by_detect) | |
| DetectEngineThreadCtx_::SC_ATOMIC_DECLARE | ( | int | , |
| so_far_used_by_detect | |||
| ) |
| uint8_t* DetectEngineThreadCtx_::base64_decoded |
Definition at line 1097 of file detect.h.
Referenced by DetectBase64DataDoMatch(), DetectBase64DecodeDoMatch(), DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| int DetectEngineThreadCtx_::base64_decoded_len |
Definition at line 1098 of file detect.h.
Referenced by DetectBase64DataDoMatch(), DetectBase64DecodeDoMatch(), DetectEngineResetMaxSigId(), and SigMatchSignaturesGetSgh().
| int DetectEngineThreadCtx_::base64_decoded_len_max |
Definition at line 1099 of file detect.h.
Referenced by DetectEngineResetMaxSigId().
| uint64_t* DetectEngineThreadCtx_::bj_values |
Definition at line 1074 of file detect.h.
Referenced by DetectEngineContentInspection(), DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| uint32_t DetectEngineThreadCtx_::buffer_offset |
offset into the payload of the last match by: content, pcre, etc
Definition at line 994 of file detect.h.
Referenced by DetectBase64DecodeDoMatch(), DetectByteExtractDoMatch(), DetectBytejumpDoMatch(), DetectBytetestDoMatch(), DetectEngineContentInspection(), DetectEngineInspectBufferGeneric(), DetectEngineInspectPacketPayload(), DetectFilenameRegister(), DetectHttpResponseLineRegister(), and DetectPcrePayloadMatch().
| InspectionBuffer* DetectEngineThreadCtx_::buffers |
Definition at line 1013 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), InspectionBufferClean(), InspectionBufferGet(), and InspectionBufferGetMulti().
| InspectionBufferMultipleForList* DetectEngineThreadCtx_::buffers |
| uint32_t DetectEngineThreadCtx_::buffers_size |
in number of elements
Definition at line 1014 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| uint16_t DetectEngineThreadCtx_::counter_alerts |
id for alert counter
Definition at line 1002 of file detect.h.
Referenced by DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| uint16_t DetectEngineThreadCtx_::counter_fnonmpm_list |
Definition at line 1006 of file detect.h.
Referenced by DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| uint16_t DetectEngineThreadCtx_::counter_match_list |
Definition at line 1007 of file detect.h.
Referenced by DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| uint16_t DetectEngineThreadCtx_::counter_mpm_list |
Definition at line 1004 of file detect.h.
Referenced by DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| uint16_t DetectEngineThreadCtx_::counter_nonmpm_list |
Definition at line 1005 of file detect.h.
Referenced by DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| DetectEngineCtx* DetectEngineThreadCtx_::de_ctx |
Definition at line 1089 of file detect.h.
Referenced by Detect(), DetectEngineThreadCtxInfo(), DetectEngineThreadCtxInit(), DetectIPRepRegister(), SCProfilingKeywordThreadCleanup(), SCProfilingKeywordThreadSetup(), SCProfilingPrefilterThreadCleanup(), SCProfilingPrefilterThreadSetup(), SCProfilingPrefilterUpdateCounter(), SCProfilingRuleThreadCleanup(), SCProfilingSghThreadCleanup(), SCProfilingSghThreadSetup(), and SCProfilingSghUpdateCounter().
| AppLayerDecoderEvents* DetectEngineThreadCtx_::decoder_events |
Definition at line 1101 of file detect.h.
Referenced by DetectEngineGetEvents(), DetectEngineSetEvent(), and DetectEngineThreadCtxInit().
| uint16_t DetectEngineThreadCtx_::discontinue_matching |
Definition at line 1029 of file detect.h.
Referenced by DetectEngineContentInspection(), DetectEngineInspectBufferGeneric(), DetectEngineInspectPacketPayload(), DetectFilenameRegister(), and DetectHttpResponseLineRegister().
| uint16_t DetectEngineThreadCtx_::events |
Definition at line 1102 of file detect.h.
Referenced by DetectEngineSetEvent().
| uint32_t DetectEngineThreadCtx_::file_id |
Definition at line 1085 of file detect.h.
Referenced by DetectFilestoreRegister().
| struct { ... } DetectEngineThreadCtx_::filestore[DETECT_FILESTORE_MAX] |
Referenced by DetectFilestoreRegister().
| uint16_t DetectEngineThreadCtx_::filestore_cnt |
Definition at line 999 of file detect.h.
Referenced by DetectFilestoreRegister(), and SigMatchSignaturesGetSgh().
| uint16_t DetectEngineThreadCtx_::flags |
Definition at line 1030 of file detect.h.
Referenced by DetectFlowFree(), DetectFlowMatch(), and SigMatchSignaturesGetSgh().
| void** DetectEngineThreadCtx_::global_keyword_ctxs_array |
Definition at line 1095 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectThreadCtxGetGlobalKeywordThreadCtx().
| int DetectEngineThreadCtx_::global_keyword_ctxs_size |
store for keyword contexts that need a per thread storage. Global.
Definition at line 1094 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectThreadCtxGetGlobalKeywordThreadCtx().
| struct { ... } DetectEngineThreadCtx_::inspect |
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), InspectionBufferClean(), and InspectionBufferGet().
| int DetectEngineThreadCtx_::inspect_list |
| int DetectEngineThreadCtx_::inspection_recursion_counter |
Definition at line 1041 of file detect.h.
Referenced by DetectEngineContentInspection(), DetectEngineInspectBufferGeneric(), DetectEngineInspectPacketPayload(), DetectFilenameRegister(), and DetectHttpResponseLineRegister().
| DetectEngineIPOnlyThreadCtx DetectEngineThreadCtx_::io_ctx |
ip only rules ctx
Definition at line 1071 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| void** DetectEngineThreadCtx_::keyword_ctxs_array |
store for keyword contexts that need a per thread storage. Per de_ctx.
Definition at line 1091 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectThreadCtxGetKeywordThreadCtx().
| int DetectEngineThreadCtx_::keyword_ctxs_size |
Definition at line 1092 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectThreadCtxGetKeywordThreadCtx().
| struct SCProfileKeywordData_* DetectEngineThreadCtx_::keyword_perf_data |
Definition at line 1118 of file detect.h.
Referenced by SCProfilingKeywordThreadCleanup(), SCProfilingKeywordThreadSetup(), and SCProfilingKeywordUpdateCounter().
| struct SCProfileKeywordData_** DetectEngineThreadCtx_::keyword_perf_data_per_list |
Definition at line 1119 of file detect.h.
Referenced by SCProfilingKeywordThreadCleanup(), SCProfilingKeywordThreadSetup(), and SCProfilingKeywordUpdateCounter().
| int DetectEngineThreadCtx_::keyword_perf_list |
list we're currently inspecting, DETECT_SM_LIST_*
Definition at line 1120 of file detect.h.
Referenced by SCProfilingKeywordUpdateCounter().
| Signature** DetectEngineThreadCtx_::match_array |
array of signature pointers we're going to inspect in the detection loop.
Definition at line 1045 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| SigIntId DetectEngineThreadCtx_::match_array_cnt |
size in use
Definition at line 1050 of file detect.h.
Referenced by SCProfilingSghUpdateCounter(), and SigMatchSignaturesGetSgh().
| uint32_t DetectEngineThreadCtx_::match_array_len |
size of the array in items (mem size if * sizeof(Signature *) Only used during initialization.
Definition at line 1048 of file detect.h.
Referenced by DetectEngineResetMaxSigId().
| struct DetectEngineThreadCtx_** DetectEngineThreadCtx_::mt_det_ctxs |
| uint32_t DetectEngineThreadCtx_::mt_det_ctxs_cnt |
Definition at line 979 of file detect.h.
Referenced by Detect(), and DetectEngineResetMaxSigId().
| HashTable* DetectEngineThreadCtx_::mt_det_ctxs_hash |
Definition at line 981 of file detect.h.
Referenced by Detect(), DetectEngineResetMaxSigId(), and DetectEngineThreadCtxDeinit().
| MpmThreadCtx DetectEngineThreadCtx_::mtc |
pointer to the current mpm ctx that is stored in a rule group head – can be either a content or uricontent ctx. thread ctx for the mpm
Definition at line 1061 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInfo(), DetectEngineThreadCtxInit(), and PrefilterPktStreamRegister().
| MpmThreadCtx DetectEngineThreadCtx_::mtcs |
thread ctx for stream mpm
Definition at line 1063 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| MpmThreadCtx DetectEngineThreadCtx_::mtcu |
thread ctx for uricontent mpm
Definition at line 1062 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInfo(), DetectEngineThreadCtxInit(), and DetectHttpResponseLineRegister().
| struct { ... } DetectEngineThreadCtx_::multi_inspect |
| SigIntId* DetectEngineThreadCtx_::non_pf_id_array |
Definition at line 976 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), and SigMatchSignaturesGetSgh().
| uint32_t DetectEngineThreadCtx_::non_pf_id_cnt |
Definition at line 977 of file detect.h.
Referenced by SigMatchSignaturesGetSgh().
| uint32_t DetectEngineThreadCtx_::non_pf_store_cnt |
Definition at line 1056 of file detect.h.
Referenced by SCProfilingSghUpdateCounter(), and SigMatchSignaturesGetSgh().
| SignatureNonPrefilterStore* DetectEngineThreadCtx_::non_pf_store_ptr |
Definition at line 1055 of file detect.h.
Referenced by SCProfilingSghUpdateCounter(), and SigMatchSignaturesGetSgh().
| Packet* DetectEngineThreadCtx_::p |
Definition at line 1036 of file detect.h.
Referenced by DetectEngineInspectStream().
| uint32_t DetectEngineThreadCtx_::pcre_match_start_offset |
Definition at line 996 of file detect.h.
Referenced by DetectEngineContentInspection(), and DetectPcrePayloadMatch().
| PrefilterRuleStore DetectEngineThreadCtx_::pmq |
Definition at line 1064 of file detect.h.
Referenced by DetectAckRegister(), DetectDsizeRegister(), DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFlowFree(), DetectFragBitsRegister(), DetectFragOffsetFree(), DetectHttpResponseLineRegister(), DetectIcmpIdFree(), DetectIcmpSeqFree(), DetectICodeFree(), DetectIdFree(), DetectITypeFree(), DetectRunPrefilterTx(), DetectSeqRegister(), DetectTemplate2Free(), DetectTtlFree(), PacketPatternCleanup(), Prefilter(), PrefilterPktStreamRegister(), SCProfilingSghUpdateCounter(), and SigMatchSignaturesGetSgh().
| struct SCProfilePrefilterData_* DetectEngineThreadCtx_::prefilter_perf_data |
Definition at line 1123 of file detect.h.
Referenced by SCProfilingPrefilterThreadCleanup(), SCProfilingPrefilterThreadSetup(), and SCProfilingPrefilterUpdateCounter().
| uint64_t DetectEngineThreadCtx_::raw_stream_progress |
Definition at line 990 of file detect.h.
Referenced by DetectEngineInspectStream(), and SigMatchSignaturesGetSgh().
| DetectReplaceList* DetectEngineThreadCtx_::replist |
Definition at line 1077 of file detect.h.
Referenced by DetectEngineContentInspection(), DetectEngineInspectPacketPayload(), and DetectReplaceRegister().
| struct SCProfileData_* DetectEngineThreadCtx_::rule_perf_data |
Definition at line 1116 of file detect.h.
Referenced by SCProfilingRuleThreadCleanup(), SCProfilingRuleThreadSetup(), and SCProfilingRuleUpdateCounter().
| int DetectEngineThreadCtx_::rule_perf_data_size |
Definition at line 1117 of file detect.h.
Referenced by SCProfilingRuleThreadCleanup(), SCProfilingRuleThreadSetup(), and SCProfilingRuleUpdateCounter().
| struct SCProfileSghData_* DetectEngineThreadCtx_::sgh_perf_data |
Definition at line 1121 of file detect.h.
Referenced by SCProfilingSghThreadCleanup(), SCProfilingSghThreadSetup(), and SCProfilingSghUpdateCounter().
| SpmThreadCtx* DetectEngineThreadCtx_::spm_thread_ctx |
SPM thread context used for scanning. This has been cloned from the prototype held by DetectEngineCtx.
Definition at line 1068 of file detect.h.
Referenced by DetectEngineContentInspection(), DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| struct DetectEngineTenantMapping_* DetectEngineThreadCtx_::tenant_array |
Definition at line 983 of file detect.h.
Referenced by DetectEngineMultiTenantSetup(), DetectEngineResetMaxSigId(), and DetectEngineThreadCtxInit().
| uint32_t DetectEngineThreadCtx_::tenant_array_size |
Definition at line 984 of file detect.h.
Referenced by DetectEngineMultiTenantSetup(), and DetectEngineResetMaxSigId().
| uint32_t DetectEngineThreadCtx_::tenant_id |
Definition at line 968 of file detect.h.
Referenced by DetectEngineReload(), and DetectEngineThreadCtxInit().
Definition at line 986 of file detect.h.
Referenced by Detect(), and DetectEngineResetMaxSigId().
| uint64_t DetectEngineThreadCtx_::ticker |
ticker that is incremented once per packet.
Definition at line 971 of file detect.h.
Referenced by HttpHeaderGetBufferSpaceForTXID(), and SigMatchSignaturesGetSgh().
| uint32_t DetectEngineThreadCtx_::to_clear_idx |
Definition at line 1015 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), InspectionBufferClean(), InspectionBufferGet(), and InspectionBufferGetMulti().
| uint32_t* DetectEngineThreadCtx_::to_clear_queue |
Definition at line 1016 of file detect.h.
Referenced by DetectEngineResetMaxSigId(), DetectEngineThreadCtxInit(), InspectionBufferClean(), InspectionBufferGet(), and InspectionBufferGetMulti().
| ThreadVars* DetectEngineThreadCtx_::tv |
Definition at line 974 of file detect.h.
Referenced by DetectEngineThreadCtxInit().
| RuleMatchCandidateTx* DetectEngineThreadCtx_::tx_candidates |
Definition at line 1052 of file detect.h.
Referenced by RuleMatchCandidateTxArrayFree(), and RuleMatchCandidateTxArrayInit().
| uint32_t DetectEngineThreadCtx_::tx_candidates_size |
Definition at line 1053 of file detect.h.
Referenced by RuleMatchCandidateTxArrayFree(), and RuleMatchCandidateTxArrayInit().
| uint64_t DetectEngineThreadCtx_::tx_id |
ID of the transaction currently being inspected.
Definition at line 1035 of file detect.h.
Referenced by DetectFilestoreRegister(), and DetectLuaRegister().
| DetectVarList* DetectEngineThreadCtx_::varlist |
Definition at line 1079 of file detect.h.
Referenced by DetectFlowvarPostMatchSetup(), DetectVarStoreMatch(), and DetectVarStoreMatchKeyValue().
1.8.11 
