suricata
|
#include <detect.h>
Data Fields | |
uint16_t | sm_cnt |
bool | negated |
bool | src_contains_negation |
bool | dst_contains_negation |
uint32_t | init_flags |
SigMatch * | dsize_sm |
int | mpm_sm_list |
SigMatch * | mpm_sm |
SigMatch * | prefilter_sm |
int | list |
bool | list_set |
DetectEngineTransforms | transforms |
int | whitelist |
const DetectAddressHead * | src |
const DetectAddressHead * | dst |
int | prefilter_list |
uint32_t | smlists_array_size |
struct SigMatch_ ** | smlists |
struct SigMatch_ ** | smlists_tail |
SigMatch* SignatureInitData_::dsize_sm |
Definition at line 509 of file detect.h.
Referenced by SigParseGetMaxDsize(), and SigParseSetDsizePair().
const DetectAddressHead * SignatureInitData_::dst |
bool SignatureInitData_::dst_contains_negation |
Definition at line 502 of file detect.h.
Referenced by SignatureIsIPOnly().
uint32_t SignatureInitData_::init_flags |
Definition at line 505 of file detect.h.
Referenced by DetectEnginePktInspectionSetup(), and DetectFlowbitsAnalyze().
int SignatureInitData_::list |
Definition at line 519 of file detect.h.
Referenced by DetectBufferGetActiveList(), DetectContentSetup(), DetectEngineContentModifierBufferSetup(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), DetectSignatureAddTransform(), and SigAlloc().
bool SignatureInitData_::list_set |
Definition at line 520 of file detect.h.
Referenced by DetectBufferGetActiveList(), and DetectSignatureAddTransform().
SigMatch* SignatureInitData_::mpm_sm |
Definition at line 514 of file detect.h.
Referenced by DetectEngineAppInspectionEngine2Signature(), EngineAnalysisFP(), and RetrieveFPForSig().
int SignatureInitData_::mpm_sm_list |
Definition at line 512 of file detect.h.
Referenced by DetectEngineAppInspectionEngine2Signature(), EngineAnalysisFP(), and SigAlloc().
bool SignatureInitData_::negated |
option was prefixed with '!'. Only set for sigmatches that have the SIGMATCH_HANDLE_NEGATION flag set.
Definition at line 497 of file detect.h.
Referenced by DetectContentSetup().
uint16_t SignatureInitData_::sm_cnt |
Number of sigmatches. Used for assigning SigMatch::idx
struct SigMatch_** SignatureInitData_::smlists |
Definition at line 536 of file detect.h.
Referenced by DetectEngineAppInspectionEngine2Signature(), DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFlagsSignatureNeedsSynPackets(), DetectFlowbitsAnalyze(), DetectGetLastSMFromLists(), DetectIPProtoRemoveAllSMs(), RetrieveFPForSig(), SigAlloc(), SigFree(), SigMatchRemoveSMFromList(), SignatureHasPacketContent(), SignatureHasStreamContent(), SignatureIsIPOnly(), and SigParseApplyDsizeToContent().
uint32_t SignatureInitData_::smlists_array_size |
Definition at line 534 of file detect.h.
Referenced by DetectByteExtractRetrieveSMVar(), DetectByteMathRetrieveSMVar(), DetectEngineAppInspectionEngine2Signature(), DetectFlowbitsAnalyze(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), RetrieveFPForSig(), SigAlloc(), SigFree(), SigMatchListSMBelongsTo(), and SignatureIsIPOnly().
struct SigMatch_** SignatureInitData_::smlists_tail |
Definition at line 538 of file detect.h.
Referenced by DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromMpmLists(), SigAlloc(), and SigMatchRemoveSMFromList().
const DetectAddressHead* SignatureInitData_::src |
bool SignatureInitData_::src_contains_negation |
Definition at line 501 of file detect.h.
Referenced by SignatureIsIPOnly().
DetectEngineTransforms SignatureInitData_::transforms |
Definition at line 522 of file detect.h.
Referenced by DetectBufferGetActiveList(), DetectSignatureAddTransform(), and SigFree().
int SignatureInitData_::whitelist |