suricata
Data Fields
SignatureInitData_ Struct Reference

#include <detect.h>

Collaboration diagram for SignatureInitData_:
Collaboration graph
[legend]

Data Fields

uint16_t sm_cnt
 
bool negated
 
bool src_contains_negation
 
bool dst_contains_negation
 
uint32_t init_flags
 
SigMatchdsize_sm
 
int mpm_sm_list
 
SigMatchmpm_sm
 
SigMatchprefilter_sm
 
int list
 
bool list_set
 
DetectEngineTransforms transforms
 
int whitelist
 
const DetectAddressHeadsrc
 
const DetectAddressHeaddst
 
int prefilter_list
 
struct SigMatch_smlists [DETECT_SM_LIST_MAX]
 
struct SigMatch_smlists_tail [DETECT_SM_LIST_MAX]
 
SignatureInitDataBufferbuffers
 
uint32_t buffer_index
 
uint32_t buffers_size
 
SignatureInitDataBuffercurbuf
 
uint32_t max_content_list_id
 

Detailed Description

Definition at line 522 of file detect.h.

Field Documentation

◆ buffer_index

uint32_t SignatureInitData_::buffer_index

Definition at line 572 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectBufferGetFirstSigMatch(), DetectBufferGetLastSigMatch(), DetectBufferIsPresent(), DetectByteExtractRetrieveSMVar(), DetectByteMathRetrieveSMVar(), DetectEngineAppInspectionEngine2Signature(), DetectFlowbitsAnalyze(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), SigFree(), SigMatchListSMBelongsTo(), and SignatureInitDataBufferCheckExpand().

◆ buffers

SignatureInitDataBuffer* SignatureInitData_::buffers

Definition at line 571 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectBufferGetFirstSigMatch(), DetectBufferGetLastSigMatch(), DetectBufferIsPresent(), DetectByteExtractRetrieveSMVar(), DetectByteMathRetrieveSMVar(), DetectEngineAppInspectionEngine2Signature(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), SigAlloc(), SigFree(), SigMatchListSMBelongsTo(), and SignatureInitDataBufferCheckExpand().

◆ buffers_size

uint32_t SignatureInitData_::buffers_size

Definition at line 573 of file detect.h.

Referenced by SigAlloc(), and SignatureInitDataBufferCheckExpand().

◆ curbuf

SignatureInitDataBuffer* SignatureInitData_::curbuf

Definition at line 574 of file detect.h.

Referenced by DetectBufferGetActiveList().

◆ dsize_sm

SigMatch* SignatureInitData_::dsize_sm

Definition at line 540 of file detect.h.

Referenced by SigParseGetMaxDsize(), and SigParseSetDsizePair().

◆ dst

const DetectAddressHead * SignatureInitData_::dst

Definition at line 561 of file detect.h.

◆ dst_contains_negation

bool SignatureInitData_::dst_contains_negation

Definition at line 533 of file detect.h.

◆ init_flags

uint32_t SignatureInitData_::init_flags

Definition at line 536 of file detect.h.

Referenced by DetectEnginePktInspectionSetup(), and DetectFlowbitsAnalyze().

◆ list

int SignatureInitData_::list

Definition at line 550 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectContentSetup(), DetectEngineContentModifierBufferSetup(), DetectGetLastSMFromLists(), DetectSignatureAddTransform(), and SigAlloc().

◆ list_set

bool SignatureInitData_::list_set

Definition at line 551 of file detect.h.

Referenced by DetectBufferGetActiveList(), and DetectSignatureAddTransform().

◆ max_content_list_id

uint32_t SignatureInitData_::max_content_list_id

Definition at line 577 of file detect.h.

Referenced by RetrieveFPForSig().

◆ mpm_sm

SigMatch* SignatureInitData_::mpm_sm

Definition at line 545 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature(), EngineAnalysisFP(), and RetrieveFPForSig().

◆ mpm_sm_list

int SignatureInitData_::mpm_sm_list

Definition at line 543 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature(), EngineAnalysisFP(), and SigAlloc().

◆ negated

bool SignatureInitData_::negated

option was prefixed with '!'. Only set for sigmatches that have the SIGMATCH_HANDLE_NEGATION flag set.

Definition at line 528 of file detect.h.

Referenced by DetectContentSetup().

◆ prefilter_list

int SignatureInitData_::prefilter_list

Definition at line 563 of file detect.h.

◆ prefilter_sm

SigMatch* SignatureInitData_::prefilter_sm

Definition at line 547 of file detect.h.

Referenced by EngineAnalysisFP().

◆ sm_cnt

uint16_t SignatureInitData_::sm_cnt

Number of sigmatches. Used for assigning SigMatch::idx

Definition at line 524 of file detect.h.

◆ smlists

struct SigMatch_* SignatureInitData_::smlists[DETECT_SM_LIST_MAX]

Definition at line 566 of file detect.h.

Referenced by DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFlagsSignatureNeedsSynPackets(), DetectFlowbitsAnalyze(), DetectIPProtoRemoveAllSMs(), RetrieveFPForSig(), SigFree(), SigMatchRemoveSMFromList(), SignatureHasPacketContent(), SignatureHasStreamContent(), SignatureIsIPOnly(), SigParseApplyDsizeToContent(), and SigParseMaxRequiredDsize().

◆ smlists_tail

struct SigMatch_* SignatureInitData_::smlists_tail[DETECT_SM_LIST_MAX]

Definition at line 568 of file detect.h.

Referenced by DetectGetLastSM(), DetectGetLastSMFromMpmLists(), and SigMatchRemoveSMFromList().

◆ src

const DetectAddressHead* SignatureInitData_::src

address settings for this signature

Definition at line 561 of file detect.h.

◆ src_contains_negation

bool SignatureInitData_::src_contains_negation

Definition at line 532 of file detect.h.

◆ transforms

DetectEngineTransforms SignatureInitData_::transforms

Definition at line 553 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectSignatureAddTransform(), and SigFree().

◆ whitelist

int SignatureInitData_::whitelist

score to influence rule grouping. A higher value leads to a higher likelihood of a rulegroup with this sig ending up as a contained group.

Definition at line 558 of file detect.h.

The documentation for this struct was generated from the following file: