SignatureInitData_ Struct Reference

#include <detect.h>

Collaboration diagram for SignatureInitData_:

Data Fields

uint16_t sm_cnt
bool negated
bool src_contains_negation
bool dst_contains_negation
uint32_t init_flags
int list
bool list_set
int transforms [DETECT_TRANSFORMS_MAX]
int transform_cnt
int whitelist
const DetectAddressHeadsrc
const DetectAddressHeaddst
int prefilter_list
uint32_t smlists_array_size
struct SigMatch_ ** smlists
struct SigMatch_ ** smlists_tail

Detailed Description

Definition at line 472 of file detect.h.

Field Documentation

SigMatch* SignatureInitData_::dsize_sm

Definition at line 490 of file detect.h.

Referenced by DetectDsizeRegister(), SigParseGetMaxDsize(), and SigParseSetDsizePair().

const DetectAddressHead * SignatureInitData_::dst
bool SignatureInitData_::dst_contains_negation

Definition at line 483 of file detect.h.

Referenced by SigMatchListSMBelongsTo(), and SignatureIsIPOnly().

bool SignatureInitData_::list_set
bool SignatureInitData_::negated

option was prefixed with '!'. Only set for sigmatches that have the SIGMATCH_HANDLE_NEGATION flag set.

Definition at line 478 of file detect.h.

Referenced by DetectContentSetup(), DetectFileextRegister(), DetectFilemagicRegister(), DetectFilenameRegister(), DetectFlowvarMatch(), DetectPcrePayloadMatch(), DetectReplaceRegister(), DetectTlsRegister(), DetectTosRegister(), and SigMatchListSMBelongsTo().

int SignatureInitData_::prefilter_list

Definition at line 512 of file detect.h.

SigMatch* SignatureInitData_::prefilter_sm
uint16_t SignatureInitData_::sm_cnt

Number of sigmatches. Used for assigning SigMatch::idx

Definition at line 474 of file detect.h.

Referenced by SigMatchAppendSMToList().

const DetectAddressHead* SignatureInitData_::src

address settings for this signature

Definition at line 510 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigMatchList2DataArray(), and SigMatchListSMBelongsTo().

bool SignatureInitData_::src_contains_negation

Definition at line 482 of file detect.h.

Referenced by SigMatchListSMBelongsTo(), and SignatureIsIPOnly().

int SignatureInitData_::transform_cnt
int SignatureInitData_::transforms[DETECT_TRANSFORMS_MAX]

Definition at line 501 of file detect.h.

Referenced by DetectBufferGetActiveList(), and DetectSignatureAddTransform().

int SignatureInitData_::whitelist

score to influence rule grouping. A higher value leads to a higher likelyhood of a rulegroup with this sig ending up as a contained group.

Definition at line 507 of file detect.h.

Referenced by PacketCreateMask().

The documentation for this struct was generated from the following file: