#include <decode.h>

Collaboration diagram for Packet_:

[legend]

Data Fields
Address	src

Address	dst

union {
Port sp

struct {
uint8_t type

uint8_t code

} icmp_s

};

union {
Port dp

struct {
uint8_t type

uint8_t code

} icmp_d

};

uint8_t	proto

uint8_t	recursion_level

uint16_t	vlan_id [2]

uint8_t	vlan_idx

uint8_t	flowflags

uint32_t	flags

struct Flow_ *	flow

uint32_t	flow_hash

SCTime_t	ts

union {
NFQPacketVars nfq_v

IPFWPacketVars ipfw_v

NapatechPacketVars ntpv

uint8_t plugin_v [PLUGIN_VAR_SIZE]

PcapPacketVars pcap_v

};

void(*	ReleasePacket )(struct Packet_ *)

int(*	BypassPacketsFlow )(struct Packet_ *)

PktVar *	pktvar

EthernetHdr *	ethh

int32_t	level3_comp_csum

int32_t	level4_comp_csum

IPV4Hdr *	ip4h

IPV6Hdr *	ip6h

union {
IPV4Vars ip4vars

struct {
IPV6Vars ip6vars

IPV6ExtHdrs ip6eh

}

};

union {
TCPVars tcpvars

ICMPV4Vars icmpv4vars

ICMPV6Vars icmpv6vars

}	l4vars

TCPHdr *	tcph

UDPHdr *	udph

SCTPHdr *	sctph

ESPHdr *	esph

ICMPV4Hdr *	icmpv4h

ICMPV6Hdr *	icmpv6h

PPPHdr *	ppph

PPPOESessionHdr *	pppoesh

PPPOEDiscoveryHdr *	pppoedh

GREHdr *	greh

uint8_t *	payload

uint16_t	payload_len

uint8_t	action

uint8_t	pkt_src

uint32_t	pktlen

uint8_t *	ext_pkt

struct LiveDevice_ *	livedev

PacketAlerts	alerts

struct Host_ *	host_src

struct Host_ *	host_dst

uint64_t	pcap_cnt

PacketEngineEvents	events

AppLayerDecoderEvents *	app_layer_events

struct Packet_ *	next

struct Packet_ *	prev

int	datalink

uint8_t	nb_decoded_layers

uint8_t	drop_reason

struct Packet_ *	root

uint16_t	tunnel_rtv_cnt

uint16_t	tunnel_tpr_cnt

uint32_t	tenant_id

struct PktPool_ *	pool

PktProfiling *	profile

struct {
SCSpinlock tunnel_lock

}	persistent

Detailed Description

Definition at line 427 of file decode.h.

Field Documentation

◆ @33

union { ... }

◆ @35

union { ... }

◆ @37

union { ... }

◆ @39

union { ... }

◆ action

uint8_t Packet_::action

Definition at line 577 of file decode.h.

Referenced by PacketCheckAction(), PacketDrop(), and TmqhOutputPacketpool().

◆ alerts

PacketAlerts Packet_::alerts

Definition at line 588 of file decode.h.

Referenced by AlertFastLogCondition(), AlertFastLogger(), AlertQueueAppend(), PacketAlertCheck(), PacketDestructor(), PacketInit(), and PacketReinit().

◆ app_layer_events

AppLayerDecoderEvents* Packet_::app_layer_events

Definition at line 600 of file decode.h.

Referenced by PacketCreateMask(), PacketDestructor(), and PacketReinit().

◆ BypassPacketsFlow

int(* Packet_::BypassPacketsFlow) (struct Packet_ *)

The function triggering bypass the flow in the capture method. Return 1 for success and 0 on error

Definition at line 518 of file decode.h.

Referenced by PacketBypassCallback(), PacketReinit(), and ReceivePfringLoop().

◆ code

uint8_t Packet_::code

Definition at line 439 of file decode.h.

◆ datalink

int Packet_::datalink

data linktype in host order

Definition at line 607 of file decode.h.

Referenced by DecodeErfDag(), EvePacket(), NapatechDecode(), PacketDefragPktSetup(), PacketReinit(), and PacketTunnelPktSetup().

◆ dp

Port Packet_::dp

Definition at line 443 of file decode.h.

Referenced by AlertFastLogger(), FlowGetPacketDirection(), IPOnlyMatchPacket(), JsonAddrInfoInit(), PacketReinit(), TLSGetIPInformations(), and UTHBuildPacketIPV6Real().

◆ drop_reason

uint8_t Packet_::drop_reason

Definition at line 615 of file decode.h.

Referenced by PacketDrop(), and PacketReinit().

◆ dst

Address Packet_::dst

Definition at line 433 of file decode.h.

Referenced by FlowGetIpPairProtoHash(), IPOnlyMatchPacket(), PacketReinit(), TagHashAddTag(), TmqhOutputFlowIPPair(), UTHBuildPacketIPV6Real(), and UTHBuildPacketOfFlows().

◆ esph

ESPHdr* Packet_::esph

Definition at line 559 of file decode.h.

Referenced by PacketReinit().

◆ ethh

EthernetHdr* Packet_::ethh

Definition at line 524 of file decode.h.

Referenced by PacketReinit().

◆ events

PacketEngineEvents Packet_::events

Definition at line 598 of file decode.h.

Referenced by PacketCreateMask(), PacketReinit(), PacketUpdateEngineEventCounters(), and SigMatchSignaturesGetSgh().

◆ ext_pkt

uint8_t* Packet_::ext_pkt

Definition at line 583 of file decode.h.

Referenced by PacketCallocExtPkt(), PacketCopyDataOffset(), and PacketSetData().

◆ flags

uint32_t Packet_::flags

Definition at line 463 of file decode.h.

Referenced by CaptureStatsUpdate(), DetectReplaceExecuteInternal(), FlowHandlePacket(), FlowSetupPacket(), IPOnlyMatchPacket(), PacketCreateMask(), PacketDecodeFinalize(), PacketReinit(), PacketSetData(), Prefilter(), SCProfileRuleStart(), StreamTcpInlineSegmentReplacePacket(), StreamTcpReassembleAppLayer(), StreamTcpReassembleHandleSegment(), TmqhOutputFlowHash(), and UTHAssignFlow().

◆ flow

◆ flow_hash

uint32_t Packet_::flow_hash

Definition at line 469 of file decode.h.

Referenced by FlowGetFlowFromHash(), FlowSetupPacket(), and TmqhOutputFlowHash().

◆ flowflags

uint8_t Packet_::flowflags

Definition at line 459 of file decode.h.

Referenced by AppLayerHandleUdp(), DetectFlowMatch(), FlowHandlePacketUpdate(), PacketReinit(), PacketSwap(), SigMatchSignaturesGetSgh(), and StreamTcpReassembleDepthReached().

◆ greh

GREHdr* Packet_::greh

Definition at line 569 of file decode.h.

Referenced by PacketReinit().

◆ host_dst

struct Host_* Packet_::host_dst

Definition at line 591 of file decode.h.

◆ host_src

struct Host_* Packet_::host_src

Definition at line 590 of file decode.h.

◆ icmp_d

struct { ... } Packet_::icmp_d

Referenced by DecodeICMPV4(), and DecodeICMPV6().

◆ icmp_s

struct { ... } Packet_::icmp_s

Referenced by AlertFastLogger(), DecodeICMPV4(), DecodeICMPV6(), and FlowInit().

◆ icmpv4h

ICMPV4Hdr* Packet_::icmpv4h

Definition at line 561 of file decode.h.

Referenced by DecodeICMPV4(), FlowInit(), and PacketReinit().

◆ icmpv4vars

ICMPV4Vars Packet_::icmpv4vars

Definition at line 546 of file decode.h.

Referenced by DecodeICMPV4().

◆ icmpv6h

ICMPV6Hdr* Packet_::icmpv6h

Definition at line 563 of file decode.h.

Referenced by DecodeICMPV6(), and PacketReinit().

◆ icmpv6vars

ICMPV6Vars Packet_::icmpv6vars

Definition at line 547 of file decode.h.

◆ ip4h

IPV4Hdr* Packet_::ip4h

Definition at line 531 of file decode.h.

Referenced by FlowGetIpPairProtoHash(), PacketReinit(), and UTHFreePacket().

◆ ip4vars

IPV4Vars Packet_::ip4vars

Definition at line 537 of file decode.h.

◆ ip6eh

IPV6ExtHdrs Packet_::ip6eh

Definition at line 540 of file decode.h.

Referenced by DecodeIPV6FragHeader().

◆ ip6h

IPV6Hdr* Packet_::ip6h

Definition at line 533 of file decode.h.

Referenced by FlowGetIpPairProtoHash(), PacketReinit(), and UTHBuildPacketIPV6Real().

◆ ip6vars

IPV6Vars Packet_::ip6vars

Definition at line 539 of file decode.h.

◆ ipfw_v

IPFWPacketVars Packet_::ipfw_v

Definition at line 482 of file decode.h.

◆ l4vars

union { ... } Packet_::l4vars

◆ level3_comp_csum

int32_t Packet_::level3_comp_csum

Definition at line 527 of file decode.h.

◆ level4_comp_csum

int32_t Packet_::level4_comp_csum

Definition at line 529 of file decode.h.

◆ livedev

struct LiveDevice_* Packet_::livedev

Definition at line 586 of file decode.h.

Referenced by FlowInit(), PacketDefragPktSetup(), PacketInit(), PacketReinit(), and PacketTunnelPktSetup().

◆ nb_decoded_layers

uint8_t Packet_::nb_decoded_layers

Definition at line 612 of file decode.h.

Referenced by PacketReinit(), and PacketTunnelPktSetup().

◆ next

struct Packet_* Packet_::next

Definition at line 603 of file decode.h.

Referenced by PacketReinit().

◆ nfq_v

NFQPacketVars Packet_::nfq_v

Definition at line 479 of file decode.h.

◆ ntpv

NapatechPacketVars Packet_::ntpv

Definition at line 502 of file decode.h.

◆ payload

uint8_t* Packet_::payload

Definition at line 573 of file decode.h.

Referenced by DecodeICMPV6(), DetectEngineInspectPacketPayload(), PacketReinit(), StreamTcpInlineSegmentCompare(), StreamTcpInlineSegmentReplacePacket(), StreamTcpUTAddSegmentWithByte(), StreamTcpUTAddSegmentWithPayload(), and UTHBuildPacketIPV6Real().

◆ payload_len

uint16_t Packet_::payload_len

Definition at line 574 of file decode.h.

Referenced by DecodeICMPV6(), DetectEngineInspectPacketPayload(), PacketCreateMask(), PacketReinit(), Prefilter(), StreamTcpInlineSegmentCompare(), StreamTcpInlineSegmentReplacePacket(), StreamTcpReassembleHandleSegment(), StreamTcpUTAddSegmentWithByte(), StreamTcpUTAddSegmentWithPayload(), and UTHBuildPacketIPV6Real().

◆ pcap_cnt

uint64_t Packet_::pcap_cnt

packet number in the pcap file, matches wireshark

Definition at line 594 of file decode.h.

Referenced by AlertFastLogger(), DetectRunPrefilterFrame(), DetectRunPrefilterTx(), ExceptionPolicyParse(), FlowHandlePacketUpdate(), PacketReinit(), StreamTcp(), StreamTcpPacket(), and StreamTcpSackUpdatePacket().

◆ pcap_v

PcapPacketVars Packet_::pcap_v

libpcap vars: shared by Pcap Live mode and Pcap File mode

Definition at line 511 of file decode.h.

◆ persistent

struct { ... } Packet_::persistent

Referenced by PacketDestructor(), PacketInit(), and TmqhOutputPacketpool().

◆ pkt_src

uint8_t Packet_::pkt_src

Definition at line 579 of file decode.h.

Referenced by PacketReinit(), and StreamTcp().

◆ pktlen

uint32_t Packet_::pktlen

Definition at line 582 of file decode.h.

◆ pktvar

PktVar* Packet_::pktvar

Definition at line 521 of file decode.h.

Referenced by EveAddMetadata(), PacketDestructor(), PacketReinit(), PktVarAdd(), PktVarAddKeyValue(), and PktVarGet().

◆ plugin_v

uint8_t Packet_::plugin_v[PLUGIN_VAR_SIZE]

Definition at line 508 of file decode.h.

◆ pool

struct PktPool_* Packet_::pool

Definition at line 635 of file decode.h.

Referenced by PacketFreeOrRelease(), TmqhOutputPacketpool(), and TmqhOutputSimple().

◆ ppph

PPPHdr* Packet_::ppph

Definition at line 565 of file decode.h.

Referenced by PacketReinit().

◆ pppoedh

PPPOEDiscoveryHdr* Packet_::pppoedh

Definition at line 567 of file decode.h.

Referenced by DecodePPPOEDiscovery(), and PacketReinit().

◆ pppoesh

PPPOESessionHdr* Packet_::pppoesh

Definition at line 566 of file decode.h.

Referenced by DecodePPPOESession(), and PacketReinit().

◆ prev

struct Packet_* Packet_::prev

Definition at line 604 of file decode.h.

Referenced by PacketReinit().

◆ profile

PktProfiling* Packet_::profile

Definition at line 638 of file decode.h.

Referenced by SCProfileRuleStart(), and SCProfilingAddPacket().

◆ proto

uint8_t Packet_::proto

◆ recursion_level

uint8_t Packet_::recursion_level

Definition at line 453 of file decode.h.

Referenced by FlowGetIpPairProtoHash(), FlowInit(), PacketDefragPktSetup(), PacketReinit(), and PacketTunnelPktSetup().

◆ ReleasePacket

void(* Packet_::ReleasePacket) (struct Packet_ *)

The release function for packet structure and data

Definition at line 515 of file decode.h.

Referenced by PacketFreeOrRelease(), PacketGetFromAlloc(), PacketGetFromQueueOrAlloc(), and TmqhOutputPacketpool().

◆ root

struct Packet_* Packet_::root

Definition at line 618 of file decode.h.

Referenced by PacketCheckAction(), PacketDefragPktSetup(), PacketDrop(), PacketReinit(), PacketTunnelPktSetup(), TmqhOutputPacketpool(), and TmqhOutputSimple().

◆ sctph

SCTPHdr* Packet_::sctph

Definition at line 557 of file decode.h.

Referenced by PacketReinit().

◆ sp

Port Packet_::sp

Definition at line 435 of file decode.h.

Referenced by AlertFastLogger(), FlowGetPacketDirection(), IPOnlyMatchPacket(), JsonAddrInfoInit(), PacketReinit(), TLSGetIPInformations(), and UTHBuildPacketIPV6Real().

◆ src

Address Packet_::src

Definition at line 432 of file decode.h.

Referenced by FlowGetIpPairProtoHash(), FlowGetPacketDirection(), IPOnlyMatchPacket(), PacketReinit(), TagHashAddTag(), TmqhOutputFlowIPPair(), UTHBuildPacketIPV6Real(), and UTHBuildPacketOfFlows().

◆ tcph

TCPHdr* Packet_::tcph

Definition at line 553 of file decode.h.

Referenced by FlowInit(), PacketCreateMask(), PacketReinit(), ReCalculateChecksum(), StreamTcpPacket(), StreamTcpReassembleHandleSegment(), StreamTcpUTAddPayload(), StreamTcpUTAddSegmentWithByte(), StreamTcpUTAddSegmentWithPayload(), TcpSessionPacketSsnReuse(), UTHBuildPacketIPV6Real(), and UTHFreePacket().

◆ tcpvars

TCPVars Packet_::tcpvars

Definition at line 545 of file decode.h.

◆ tenant_id

uint32_t Packet_::tenant_id

tenant id for this packet, if any. If 0 then no tenant was assigned.

Definition at line 630 of file decode.h.

Referenced by AlertJsonHeader(), Detect(), PacketDefragPktSetup(), PacketReinit(), and PacketTunnelPktSetup().

◆ ts

SCTime_t Packet_::ts

Definition at line 471 of file decode.h.

Referenced by AlertFastLogger(), CreateEveHeader(), FlowHandlePacketUpdate(), PacketDefragPktSetup(), PacketReinit(), PacketTunnelPktSetup(), and UTHBuildPacketIPV6Real().

◆ tunnel_lock

SCSpinlock Packet_::tunnel_lock

lock to protect access to:

tunnel_rtv_cnt
tunnel_tpr_cnt
nfq_v.mark
flags

Definition at line 648 of file decode.h.

Referenced by PacketDestructor(), PacketInit(), and TmqhOutputPacketpool().

◆ tunnel_rtv_cnt

uint16_t Packet_::tunnel_rtv_cnt

Definition at line 625 of file decode.h.

Referenced by PacketReinit().

◆ tunnel_tpr_cnt

uint16_t Packet_::tunnel_tpr_cnt

Definition at line 627 of file decode.h.

Referenced by PacketReinit().

◆ type

uint8_t Packet_::type

Definition at line 438 of file decode.h.

◆ udph

UDPHdr* Packet_::udph

Definition at line 555 of file decode.h.

Referenced by FlowInit(), PacketReinit(), and UTHFreePacket().

◆ vlan_id

uint16_t Packet_::vlan_id[2]

Definition at line 455 of file decode.h.

Referenced by DecodeVLANGetId(), FlowGetIpPairProtoHash(), FlowInit(), PacketDefragPktSetup(), and PacketReinit().

◆ vlan_idx

uint8_t Packet_::vlan_idx

Definition at line 456 of file decode.h.

Referenced by DecodePfring(), DecodeVLAN(), DecodeVLANGetId(), FlowInit(), PacketDefragPktSetup(), and PacketReinit().

The documentation for this struct was generated from the following file:

src/decode.h

Data Fields

Detailed Description

Field Documentation

◆ @33

◆ @35

◆ @37

◆ @39

◆ action

◆ alerts

◆ app_layer_events

◆ BypassPacketsFlow

◆ code

◆ datalink

◆ dp

◆ drop_reason

◆ dst

◆ esph

◆ ethh

◆ events

◆ ext_pkt

◆ flags

◆ flow

◆ flow_hash

◆ flowflags

◆ greh

◆ host_dst

◆ host_src

◆ icmp_d

◆ icmp_s

◆ icmpv4h

◆ icmpv4vars

◆ icmpv6h

◆ icmpv6vars

◆ ip4h

◆ ip4vars

◆ ip6eh

◆ ip6h

◆ ip6vars

◆ ipfw_v

◆ l4vars

◆ level3_comp_csum

◆ level4_comp_csum

◆ livedev

◆ nb_decoded_layers

◆ next

◆ nfq_v

◆ ntpv

◆ payload

◆ payload_len

◆ pcap_cnt

◆ pcap_v

◆ persistent

◆ pkt_src

◆ pktlen

◆ pktvar

◆ plugin_v

◆ pool

◆ ppph

◆ pppoedh

◆ pppoesh

◆ prev

◆ profile

◆ proto

◆ recursion_level

◆ ReleasePacket

◆ root

◆ sctph

◆ sp

◆ src

◆ tcph

◆ tcpvars

◆ tenant_id

◆ ts

◆ tunnel_lock

◆ tunnel_rtv_cnt

◆ tunnel_tpr_cnt

◆ type

◆ udph

◆ vlan_id

◆ vlan_idx