#include <detect.h>

Collaboration diagram for SignatureInitData_:

[legend]

Data Fields
uint16_t	sm_cnt

bool	negated

bool	src_contains_negation

bool	dst_contains_negation

uint32_t	init_flags

SigMatch *	dsize_sm

IPOnlyCIDRItem *	cidr_src

IPOnlyCIDRItem *	cidr_dst

int	mpm_sm_list

SigMatch *	mpm_sm

SigMatch *	prefilter_sm

int	list

bool	list_set

DetectEngineTransforms	transforms

int	score

const DetectAddressHead *	src

const DetectAddressHead *	dst

int	prefilter_list

struct SigMatch_ *	smlists [DETECT_SM_LIST_MAX]

struct SigMatch_ *	smlists_tail [DETECT_SM_LIST_MAX]

SignatureInitDataBuffer *	buffers

uint32_t	buffer_index

uint32_t	buffers_size

SignatureInitDataBuffer *	curbuf

uint32_t	max_content_list_id

Detailed Description

Definition at line 534 of file detect.h.

Field Documentation

◆ buffer_index

uint32_t SignatureInitData_::buffer_index

Definition at line 587 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectBufferGetFirstSigMatch(), DetectBufferGetLastSigMatch(), DetectBufferIsPresent(), DetectByteExtractRetrieveSMVar(), DetectByteMathRetrieveSMVar(), DetectEngineAppInspectionEngine2Signature(), DetectFlowbitsAnalyze(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), SigFree(), SigMatchListSMBelongsTo(), and SignatureInitDataBufferCheckExpand().

◆ buffers

SignatureInitDataBuffer* SignatureInitData_::buffers

Definition at line 586 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectBufferGetFirstSigMatch(), DetectBufferGetLastSigMatch(), DetectBufferIsPresent(), DetectByteExtractRetrieveSMVar(), DetectByteMathRetrieveSMVar(), DetectEngineAppInspectionEngine2Signature(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), SigAlloc(), SigFree(), SigMatchListSMBelongsTo(), and SignatureInitDataBufferCheckExpand().

◆ buffers_size

uint32_t SignatureInitData_::buffers_size

Definition at line 588 of file detect.h.

Referenced by SigAlloc(), and SignatureInitDataBufferCheckExpand().

◆ cidr_dst

IPOnlyCIDRItem * SignatureInitData_::cidr_dst

Definition at line 555 of file detect.h.

Referenced by SigFree().

◆ cidr_src

IPOnlyCIDRItem* SignatureInitData_::cidr_src

netblocks and hosts specified at the sid, in CIDR format

Definition at line 555 of file detect.h.

Referenced by SigFree().

◆ curbuf

SignatureInitDataBuffer* SignatureInitData_::curbuf

Definition at line 589 of file detect.h.

Referenced by DetectBufferGetActiveList().

◆ dsize_sm

SigMatch* SignatureInitData_::dsize_sm

Definition at line 552 of file detect.h.

Referenced by SigParseGetMaxDsize(), and SigParseSetDsizePair().

◆ dst

const DetectAddressHead * SignatureInitData_::dst

Definition at line 576 of file detect.h.

◆ dst_contains_negation

bool SignatureInitData_::dst_contains_negation

Definition at line 545 of file detect.h.

◆ init_flags

uint32_t SignatureInitData_::init_flags

Definition at line 548 of file detect.h.

Referenced by DetectEnginePktInspectionSetup(), and DetectFlowbitsAnalyze().

◆ list

int SignatureInitData_::list

Definition at line 565 of file detect.h.

Referenced by DetectBufferGetActiveList(), DetectContentSetup(), DetectEngineContentModifierBufferSetup(), DetectGetLastSMFromLists(), DetectSignatureAddTransform(), and SigAlloc().

◆ list_set

bool SignatureInitData_::list_set

Definition at line 566 of file detect.h.

Referenced by DetectBufferGetActiveList(), and DetectSignatureAddTransform().

◆ max_content_list_id

uint32_t SignatureInitData_::max_content_list_id

Definition at line 592 of file detect.h.

Referenced by RetrieveFPForSig().

◆ mpm_sm

SigMatch* SignatureInitData_::mpm_sm

Definition at line 560 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature(), DetectSetFastPatternAndItsId(), EngineAnalysisFP(), MpmStorePrepareBuffer(), and RetrieveFPForSig().

◆ mpm_sm_list

int SignatureInitData_::mpm_sm_list

Definition at line 558 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature(), EngineAnalysisFP(), and SigAlloc().

◆ negated

bool SignatureInitData_::negated

option was prefixed with '!'. Only set for sigmatches that have the SIGMATCH_HANDLE_NEGATION flag set.

Definition at line 540 of file detect.h.

Referenced by DetectContentSetup().

◆ prefilter_list

int SignatureInitData_::prefilter_list

Definition at line 578 of file detect.h.

◆ prefilter_sm

SigMatch* SignatureInitData_::prefilter_sm

Definition at line 562 of file detect.h.

Referenced by EngineAnalysisFP().

◆ score

int SignatureInitData_::score

score to influence rule grouping. A higher value leads to a higher likelihood of a rulegroup with this sig ending up as a contained group.

Definition at line 573 of file detect.h.

◆ sm_cnt

uint16_t SignatureInitData_::sm_cnt

Number of sigmatches. Used for assigning SigMatch::idx

Definition at line 536 of file detect.h.

◆ smlists

struct SigMatch_* SignatureInitData_::smlists[DETECT_SM_LIST_MAX]

Definition at line 581 of file detect.h.

Referenced by DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFlagsSignatureNeedsSynPackets(), DetectFlowbitsAnalyze(), DetectIPProtoRemoveAllSMs(), RetrieveFPForSig(), SigFree(), SigMatchRemoveSMFromList(), SignatureHasPacketContent(), SignatureHasStreamContent(), SignatureIsIPOnly(), SigParseApplyDsizeToContent(), and SigParseMaxRequiredDsize().

◆ smlists_tail

struct SigMatch_* SignatureInitData_::smlists_tail[DETECT_SM_LIST_MAX]

Definition at line 583 of file detect.h.

Referenced by DetectGetLastSM(), DetectGetLastSMFromMpmLists(), and SigMatchRemoveSMFromList().

◆ src

const DetectAddressHead* SignatureInitData_::src

address settings for this signature