suricata
SignatureInitData_ Struct Reference

#include <detect.h>

Collaboration diagram for SignatureInitData_:

Data Fields

uint16_t sm_cnt
 
bool negated
 
uint32_t init_flags
 
SigMatchdsize_sm
 
SigMatchmpm_sm
 
SigMatchprefilter_sm
 
int list
 
bool list_set
 
int transforms [DETECT_TRANSFORMS_MAX]
 
int transform_cnt
 
int whitelist
 
const DetectAddressHeadsrc
 
const DetectAddressHeaddst
 
int prefilter_list
 
uint32_t smlists_array_size
 
struct SigMatch_ ** smlists
 
struct SigMatch_ ** smlists_tail
 

Detailed Description

Definition at line 447 of file detect.h.

Field Documentation

SigMatch* SignatureInitData_::dsize_sm

Definition at line 460 of file detect.h.

Referenced by DetectDsizeRegister(), SigParseGetMaxDsize(), and SigParseSetDsizePair().

const DetectAddressHead * SignatureInitData_::dst
bool SignatureInitData_::list_set
bool SignatureInitData_::negated

option was prefixed with '!'. Only set for sigmatches that have the SIGMATCH_HANDLE_NEGATION flag set.

Definition at line 453 of file detect.h.

Referenced by DetectContentSetup(), DetectFileextRegister(), DetectFilemagicRegister(), DetectFilenameRegister(), DetectFlowvarMatch(), DetectPcrePayloadMatch(), DetectReplaceRegister(), DetectTlsRegister(), DetectTosRegister(), and SigMatchListSMBelongsTo().

int SignatureInitData_::prefilter_list

Definition at line 482 of file detect.h.

SigMatch* SignatureInitData_::prefilter_sm
uint16_t SignatureInitData_::sm_cnt

Number of sigmatches. Used for assigning SigMatch::idx

Definition at line 449 of file detect.h.

Referenced by SigMatchAppendSMToList().

const DetectAddressHead* SignatureInitData_::src

address settings for this signature

Definition at line 480 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigMatchList2DataArray(), and SigMatchListSMBelongsTo().

int SignatureInitData_::transform_cnt
int SignatureInitData_::transforms[DETECT_TRANSFORMS_MAX]

Definition at line 471 of file detect.h.

Referenced by DetectBufferGetActiveList(), and DetectSignatureAddTransform().

int SignatureInitData_::whitelist

score to influence rule grouping. A higher value leads to a higher likelyhood of a rulegroup with this sig ending up as a contained group.

Definition at line 477 of file detect.h.

Referenced by PacketCreateMask().


The documentation for this struct was generated from the following file: