Flow_ Struct Reference

Flow data structure. More...

#include <flow.h>

Collaboration diagram for Flow_:

Public Member Functions
	SC_ATOMIC_DECLARE (FlowStateType, flow_state)
	SC_ATOMIC_DECLARE (FlowRefCount, use_cnt)

Data Fields
FlowAddress	src
FlowAddress	dst
union {
Port   sp
struct {
uint8_t   type
uint8_t   code
}   icmp_s
};
union {
Port   dp
struct {
uint8_t   type
uint8_t   code
}   icmp_d
};
uint8_t	proto
uint8_t	recursion_level
uint16_t	vlan_id [2]
uint32_t	flow_hash
struct timeval	lastts
uint32_t	tenant_id
uint32_t	probing_parser_toserver_alproto_masks
uint32_t	probing_parser_toclient_alproto_masks
uint32_t	flags
uint16_t	file_flags
uint16_t	protodetect_dp
int64_t	parent_id
SCMutex	m
void *	protoctx
uint8_t	protomap
uint8_t	flow_end_flags
AppProto	alproto
	application level protocol More...
AppProto	alproto_ts
AppProto	alproto_tc
AppProto	alproto_orig
AppProto	alproto_expect
uint32_t	de_ctx_version
FlowThreadId	thread_id
uint8_t	min_ttl_toserver
uint8_t	max_ttl_toserver
uint8_t	min_ttl_toclient
uint8_t	max_ttl_toclient
AppLayerParserState *	alparser
void *	alstate
const struct SigGroupHead_ *	sgh_toclient
const struct SigGroupHead_ *	sgh_toserver
GenericVar *	flowvar
struct Flow_ *	hnext
struct Flow_ *	hprev
struct FlowBucket_ *	fb
struct Flow_ *	lnext
struct Flow_ *	lprev
struct timeval	startts
uint32_t	todstpktcnt
uint32_t	tosrcpktcnt
uint64_t	todstbytecnt
uint64_t	tosrcbytecnt

Detailed Description

Flow data structure.

The flow is a global data structure that is created for new packets of a flow and then looked up for the following packets of a flow.

Locking

The flow is updated/used by multiple packets at the same time. This is why there is a flow-mutex. It's a mutex and not a spinlock because some operations on the flow can be quite expensive, thus spinning would be too expensive.

The flow "header" (addresses, ports, proto, recursion level) are static after the initialization and remain read-only throughout the entire live of a flow. This is why we can access those without protection of the lock.

Definition at line 327 of file flow.h.

Member Function Documentation

Flow_::SC_ATOMIC_DECLARE	(	FlowStateType	,
		flow_state
	)

Flow_::SC_ATOMIC_DECLARE	(	FlowRefCount	,
		use_cnt
	)

how many pkts and stream msgs are using the flow right now. This variable is atomic so not protected by the Flow mutex "m".

On receiving a packet the counter is incremented while the flow bucked is locked, which is also the case on timeout pruning.

Field Documentation

union { ... }

union { ... }

AppLayerParserState* Flow_::alparser

application level storage ptrs.parser internal state

Definition at line 435 of file flow.h.

Referenced by AppLayerDecoderEventsSetEvent(), AppLayerParserParse(), AppLayerParserTransactionsCleanup(), AppLayerProtoDetectReset(), DeStateUpdateInspectTransactionId(), DetectEngineStateResetTxs(), DetectLuaRegister(), FlowCleanupAppLayer(), FlowForceReassemblyNeedReassembly(), HtpConfigRestoreBackup(), HttpHeaderGetBufferSpaceForTXID(), OutputRegisterTxLogger(), RegisterDNSUDPParsers(), RegisterSSHParsers(), and SigMatchSignaturesGetSgh().

AppProto Flow_::alproto

application level protocol

Definition at line 407 of file flow.h.

Referenced by AppLayerHandleTCPData(), AppLayerHandleUdp(), AppLayerIncTxCounter(), AppLayerParserGetStreamDepth(), AppLayerParserGetTransactionActive(), AppLayerParserGetTxCnt(), AppLayerParserGetTxLogged(), AppLayerParserParse(), AppLayerParserRestoreParserTable(), AppLayerParserSetTransactionInspectId(), AppLayerParserSetTxDetectState(), AppLayerParserStateCleanup(), AppLayerParserStreamTruncated(), AppLayerParserTransactionsCleanup(), AppLayerProtoDetectReset(), DetectAppLayerEventRegister(), DetectBypassRegister(), DetectDceGetState(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectBufferGeneric(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectFileInspectGeneric(), DetectFilenameRegister(), DetectFilestorePostMatch(), DetectFilestoreRegister(), DetectFtpbounceRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectRunStoreStateTx(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FileDisableFilesize(), FileDisableMagic(), FileDisableMd5(), FileDisableSha1(), FileDisableSha256(), FileDisableStoring(), FileDisableStoringForTransaction(), FlowForceReassemblyNeedReassembly(), FlowGetAppProtocol(), FTPAtExitPrintStats(), HtpConfigRestoreBackup(), HTPFileClose(), OutputRegisterFiledataLogger(), OutputRegisterFileLogger(), OutputRegisterTxLogger(), RegisterDCERPCParsers(), RegisterDCERPCUDPParsers(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterModbusParsers(), RegisterSMBParsers(), RegisterSSLParsers(), SCSigSignatureOrderingModuleCleanup(), SMTPParserCleanup(), and StreamTcpPacket().

AppProto Flow_::alproto_expect

expected app protocol: used in protocol change/upgrade like in STARTTLS.

Definition at line 416 of file flow.h.

Referenced by AppLayerHandleTCPData(), and AppLayerRequestProtocolChange().

AppProto Flow_::alproto_orig

original application level protocol. Used to indicate the previous protocol when changing to another protocol , e.g. with STARTTLS.

Definition at line 413 of file flow.h.

Referenced by AppLayerHandleTCPData().

AppProto Flow_::alproto_tc

Definition at line 409 of file flow.h.

Referenced by AppLayerExpectationHandle(), AppLayerHandleTCPData(), AppLayerIncTxCounter(), and AppLayerProtoDetectReset().

AppProto Flow_::alproto_ts

Definition at line 408 of file flow.h.

Referenced by AppLayerExpectationHandle(), AppLayerHandleTCPData(), AppLayerIncTxCounter(), and AppLayerProtoDetectReset().

void* Flow_::alstate

application layer state

Definition at line 436 of file flow.h.

Referenced by AppLayerParserParse(), AppLayerParserTransactionsCleanup(), AppLayerProtoDetectReset(), DeStateUpdateInspectTransactionId(), DetectBypassRegister(), DetectDceGetState(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectFilenameRegister(), DetectFilestorePostMatch(), DetectFilestoreRegister(), DetectFtpbounceRegister(), DetectHttpClientBodyRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FileDisableFilesize(), FileDisableMagic(), FileDisableMd5(), FileDisableSha1(), FileDisableSha256(), FileDisableStoring(), FileDisableStoringForTransaction(), FlowCleanupAppLayer(), FlowForceReassemblyNeedReassembly(), FlowGetAppState(), FTPAtExitPrintStats(), HtpConfigRestoreBackup(), HTPFileClose(), OutputRegisterFiledataLogger(), OutputRegisterFileLogger(), OutputRegisterTxLogger(), RegisterDCERPCParsers(), RegisterDCERPCUDPParsers(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterModbusParsers(), RegisterSMB2Parsers(), RegisterSMBParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SigMatchSignaturesGetSgh(), SMTPParserCleanup(), and SMTPProcessDataChunk().

uint8_t Flow_::code

icmp code

Definition at line 336 of file flow.h.

uint32_t Flow_::de_ctx_version

detection engine ctx version used to inspect this flow. Set at initial inspection. If it doesn't match the currently in use de_ctx, the stored sgh ptrs are reset.

Definition at line 421 of file flow.h.

Referenced by SigMatchSignaturesGetSgh().

Port Flow_::dp

tcp/udp destination port

Definition at line 340 of file flow.h.

Referenced by AppLayerExpectationHandle(), AppLayerParserStreamTruncated(), FlowInit(), OutputJsonRegister(), RegisterSMBParsers(), and StreamTcpPseudoPacketCreateStreamEndPacket().

FlowAddress Flow_::dst

Definition at line 331 of file flow.h.

Referenced by AppLayerExpectationSetup(), AppLayerParserStreamTruncated(), FlowInit(), HtpConfigRestoreBackup(), OutputJsonRegister(), StreamTcpPseudoPacketCreateStreamEndPacket(), and TagTimeoutCheck().

struct FlowBucket_* Flow_::fb

Definition at line 451 of file flow.h.

Referenced by FlowDisableFlowManagerThread(), FlowGetFlowFromHash(), FlowSetupPacket(), FlowUpdateState(), and TmModuleFlowRecyclerRegister().

uint16_t Flow_::file_flags

file tracking/extraction flags

Definition at line 379 of file flow.h.

Referenced by FileDisableFilesize(), FileDisableMagic(), FileDisableMd5(), FileDisableSha1(), FileDisableSha256(), FileDisableStoring(), FileFlowToFlags(), HTPFileOpen(), and SMTPParserCleanup().

uint32_t Flow_::flags

generic flags

Definition at line 377 of file flow.h.

Referenced by AppLayerIncTxCounter(), AppLayerParserParse(), AppLayerParserStreamTruncated(), DetectBypassRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectSignatureApplyActions(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FlowChangeProto(), FlowDisableFlowManagerThread(), FlowForceReassemblyForFlow(), FlowHandlePacketUpdate(), FlowHasAlerts(), FlowInit(), FlowSetChangeProtoFlag(), FlowSetHasAlertsFlag(), FlowSetIPOnlyFlag(), FlowSetupPacket(), FlowUnsetChangeProtoFlag(), OutputJsonRegister(), PacketAlertFinalize(), RegisterModbusParsers(), RegisterSSLParsers(), SCSigSignatureOrderingModuleCleanup(), SigMatchSignaturesGetSgh(), SMTPParserCleanup(), StreamTcpPacket(), StreamTcpPseudoPacketCreateStreamEndPacket(), TagTimeoutCheck(), and TmModuleFlowRecyclerRegister().

uint8_t Flow_::flow_end_flags

Definition at line 404 of file flow.h.

Referenced by FlowDisableFlowManagerThread(), and FlowGetFlowFromHash().

uint32_t Flow_::flow_hash

flow hash - the flow hash before hash table size mod.

Definition at line 351 of file flow.h.

Referenced by FlowGetFlowFromHash(), and FlowSetupPacket().

GenericVar* Flow_::flowvar

Definition at line 446 of file flow.h.

Referenced by DetectFlowbitsAnalyze(), DetectHostbitFree(), FlowBitFree(), FlowVarAddIdValue(), FlowVarAddIntNoLock(), FlowVarAddKeyValue(), FlowVarGet(), FlowVarGetByKey(), IPOnlyAddSignature(), OutputJsonRegister(), and SigMatchSignaturesGetSgh().

struct Flow_* Flow_::hnext

hash list pointers, protected by fb->s

Definition at line 449 of file flow.h.

Referenced by FlowDisableFlowManagerThread(), FlowForceReassemblyForFlow(), FlowGetFlowFromHash(), FlowSetupPacket(), and FlowShutdown().

struct Flow_* Flow_::hprev

Definition at line 450 of file flow.h.

Referenced by FlowDisableFlowManagerThread(), FlowGetFlowFromHash(), and FlowSetupPacket().

struct { ... } Flow_::icmp_d

Referenced by FlowGetReverseProtoMapping(), and OutputJsonRegister().

struct { ... } Flow_::icmp_s

Referenced by FlowGetReverseProtoMapping(), FlowInit(), and OutputJsonRegister().

struct timeval Flow_::lastts

Definition at line 356 of file flow.h.

Referenced by AppLayerExpectationCreate(), AppLayerExpectationHandle(), DetectTlsValidityRegister(), FlowDisableFlowManagerThread(), FlowHandlePacketUpdate(), and TmModuleFlowRecyclerRegister().

struct Flow_* Flow_::lnext

queue list pointers, protected by queue mutex

Definition at line 454 of file flow.h.

Referenced by FlowDequeue(), FlowEnqueue(), and FlowMoveToSpare().

struct Flow_* Flow_::lprev

Definition at line 455 of file flow.h.

Referenced by FlowDequeue(), FlowEnqueue(), and FlowMoveToSpare().

SCMutex Flow_::m

Definition at line 392 of file flow.h.

Referenced by DetectDNP3Register(), and RegisterDNP3Parsers().

uint8_t Flow_::max_ttl_toclient

Definition at line 430 of file flow.h.

Referenced by FlowGetPacketDirection().

uint8_t Flow_::max_ttl_toserver

Definition at line 428 of file flow.h.

Referenced by FlowGetPacketDirection(), and FlowInit().

uint8_t Flow_::min_ttl_toclient

Definition at line 429 of file flow.h.

Referenced by FlowGetPacketDirection().

uint8_t Flow_::min_ttl_toserver

ttl tracking

Definition at line 427 of file flow.h.

Referenced by FlowGetPacketDirection(), and FlowInit().

int64_t Flow_::parent_id

Definition at line 387 of file flow.h.

Referenced by OutputJsonRegister().

uint32_t Flow_::probing_parser_toclient_alproto_masks

Definition at line 375 of file flow.h.

Referenced by AppLayerProtoDetectReset().

uint32_t Flow_::probing_parser_toserver_alproto_masks

Definition at line 374 of file flow.h.

Referenced by AppLayerProtoDetectReset().

uint8_t Flow_::proto

Definition at line 346 of file flow.h.

Referenced by AppLayerIncTxCounter(), AppLayerParserParse(), AppLayerParserRestoreParserTable(), AppLayerParserSetTransactionInspectId(), AppLayerParserStreamTruncated(), AppLayerParserTransactionsCleanup(), DetectAppLayerEventRegister(), DetectBypassRegister(), DetectDceGetState(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectBufferGeneric(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineStateResetTxs(), DetectFileInspectGeneric(), DetectFilenameRegister(), DetectFilestorePostMatch(), DetectFlowintFree(), DetectFtpbounceRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectRunStoreStateTx(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FileDisableFilesize(), FileDisableMagic(), FileDisableMd5(), FileDisableSha1(), FileDisableSha256(), FileDisableStoring(), FileDisableStoringForTransaction(), FlowCleanupAppLayer(), FlowForceReassemblyNeedReassembly(), FlowGetDisruptionFlags(), FlowHandlePacketUpdate(), FlowInit(), FlowShutdown(), FTPAtExitPrintStats(), HtpConfigRestoreBackup(), HTPFileClose(), HttpXFFGetIPFromTx(), OutputJsonRegister(), OutputRegisterTxLogger(), RegisterDCERPCParsers(), RegisterDCERPCUDPParsers(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterModbusParsers(), RegisterSMBParsers(), RegisterSSLParsers(), SCSigSignatureOrderingModuleCleanup(), SigMatchSignaturesGetSgh(), SMTPParserCleanup(), StreamTcpAppLayerIsDisabled(), TagTimeoutCheck(), TmModuleFlowRecyclerRegister(), UTHAddStreamToFlow(), and UTHRemoveSessionFromFlow().

void* Flow_::protoctx

protocol specific data pointer, e.g. for TcpSession

Definition at line 398 of file flow.h.

Referenced by AppLayerIncTxCounter(), AppLayerParserParse(), AppLayerParserRestoreParserTable(), AppLayerParserStreamTruncated(), AppLayerParserTriggerRawStreamReassembly(), DetectBypassRegister(), DetectDceGetState(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDNP3Register(), DetectDnsQueryRegister(), DetectEngineInspectENIP(), DetectEngineInspectModbus(), DetectEngineInspectStream(), DetectEngineStateResetTxs(), DetectFilestorePostMatch(), DetectFtpbounceRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseLineRegister(), DetectLuaRegister(), DetectPcrePayloadMatch(), DetectSshSoftwareVersionRegister(), DetectSshVersionRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectStreamSizeFree(), DetectStreamSizeRegister(), DetectTemplateRustBufferRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSniRegister(), DetectTlsVersionRegister(), DetectUricontentRegister(), DetectUrilenValidateContent(), FlowClearMemory(), FlowForceReassemblyForFlow(), FlowForceReassemblyNeedReassembly(), FlowGetDisruptionFlags(), FlowGetFlowFromHash(), FTPAtExitPrintStats(), HtpConfigRestoreBackup(), HTPFileClose(), HTPFreeConfig(), RegisterDCERPCParsers(), RegisterDCERPCUDPParsers(), RegisterDNP3Parsers(), RegisterENIPTCPParsers(), RegisterModbusParsers(), RegisterSMB2Parsers(), RegisterSMBParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SigMatchSignaturesGetSgh(), SMTPParserCleanup(), StreamTcpAppLayerIsDisabled(), StreamTcpDetectLogFlush(), StreamTcpDisableAppLayer(), StreamTcpFreeConfig(), StreamTcpPacket(), StreamTcpPruneSession(), StreamTcpReassembleDepthReached(), StreamTcpSegmentForEach(), StreamTcpSessionPktFree(), TagTimeoutCheck(), TmModuleFlowRecyclerRegister(), UTHAddSessionToFlow(), UTHAddStreamToFlow(), and UTHRemoveSessionFromFlow().

uint16_t Flow_::protodetect_dp

destination port to be used in protocol detection. This is meant for use with STARTTLS and HTTP CONNECT detection 0 if not used

Definition at line 384 of file flow.h.

Referenced by AppLayerRequestProtocolChange().

uint8_t Flow_::protomap

mapping to Flow's protocol specific protocols for timeouts and state and free functions.

Definition at line 402 of file flow.h.

Referenced by AppLayerIncTxCounter(), AppLayerParserGetStreamDepth(), AppLayerParserGetTransactionActive(), AppLayerParserGetTxCnt(), AppLayerParserGetTxLogged(), AppLayerParserParse(), AppLayerParserRestoreParserTable(), AppLayerParserSetTxDetectState(), AppLayerParserStateCleanup(), AppLayerParserStreamTruncated(), AppLayerParserTransactionsCleanup(), AppLayerProtoDetectUnittestCtxRestore(), DetectDnsQueryRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3StringRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), FlowDisableFlowManagerThread(), FlowGetFlowFromHash(), FlowInit(), RegisterDCERPCUDPParsers(), and RegisterDNSUDPParsers().

uint8_t Flow_::recursion_level

Definition at line 347 of file flow.h.

Referenced by FlowInit().

const struct SigGroupHead_* Flow_::sgh_toclient

toclient sgh for this flow. Only use when FLOW_SGH_TOCLIENT flow flag has been set.

Definition at line 440 of file flow.h.

Referenced by AppLayerParserTransactionsCleanup(), and SigMatchSignaturesGetSgh().

const struct SigGroupHead_* Flow_::sgh_toserver

toserver sgh for this flow. Only use when FLOW_SGH_TOSERVER flow flag has been set.

Definition at line 443 of file flow.h.

Referenced by AppLayerParserTransactionsCleanup(), and SigMatchSignaturesGetSgh().

Port Flow_::sp

tcp/udp source port

Definition at line 333 of file flow.h.

Referenced by AppLayerExpectationHandle(), AppLayerParserStreamTruncated(), FlowGetPacketDirection(), FlowInit(), OutputJsonRegister(), and StreamTcpPseudoPacketCreateStreamEndPacket().

FlowAddress Flow_::src

Definition at line 331 of file flow.h.

Referenced by AppLayerExpectationSetup(), AppLayerParserStreamTruncated(), DetectFtpbounceRegister(), FlowGetPacketDirection(), FlowInit(), OutputJsonRegister(), StreamTcpPseudoPacketCreateStreamEndPacket(), and TagTimeoutCheck().

struct timeval Flow_::startts

Definition at line 456 of file flow.h.

Referenced by FlowInit().

uint32_t Flow_::tenant_id

flow tenant id, used to setup flow timeout and stream pseudo packets with the correct tenant id set

Definition at line 372 of file flow.h.

Referenced by SigMatchSignaturesGetSgh(), and StreamTcpPseudoPacketCreateStreamEndPacket().

FlowThreadId Flow_::thread_id

Thread ID for the stream/detect portion of this flow

Definition at line 424 of file flow.h.

Referenced by FlowForceReassemblyForFlow(), FlowSetupPacket(), and StreamTcpPacket().

uint64_t Flow_::todstbytecnt

Definition at line 460 of file flow.h.

Referenced by FlowHandlePacketUpdate().

uint32_t Flow_::todstpktcnt

Definition at line 458 of file flow.h.

Referenced by FlowHandlePacketUpdate().

uint64_t Flow_::tosrcbytecnt

Definition at line 461 of file flow.h.

Referenced by FlowHandlePacketUpdate().

uint32_t Flow_::tosrcpktcnt

Definition at line 459 of file flow.h.

Referenced by FlowHandlePacketUpdate().

uint8_t Flow_::type

icmp type

Definition at line 335 of file flow.h.

uint16_t Flow_::vlan_id[2]

Definition at line 348 of file flow.h.

Referenced by FlowInit().

---

The documentation for this struct was generated from the following file:

• src/flow.h