suricata
Signature_ Struct Reference

Signature container. More...

#include <detect.h>

Collaboration diagram for Signature_:

Data Fields

uint32_t flags
 
AppProto alproto
 
uint16_t dsize_low
 
uint16_t dsize_high
 
SignatureMask mask
 
SigIntId num
 
uint8_t action
 
uint8_t file_flags
 
DetectProto proto
 
uint8_t class
 
uint16_t addr_dst_match4_cnt
 
uint16_t addr_src_match4_cnt
 
uint16_t addr_dst_match6_cnt
 
uint16_t addr_src_match6_cnt
 
DetectMatchAddressIPv4addr_dst_match4
 
DetectMatchAddressIPv4addr_src_match4
 
DetectMatchAddressIPv6addr_dst_match6
 
DetectMatchAddressIPv6addr_src_match6
 
uint32_t id
 
uint32_t gid
 
uint32_t rev
 
int prio
 
DetectPortsp
 
DetectPortdp
 
uint16_t profiling_id
 
IPOnlyCIDRItemCidrSrc
 
IPOnlyCIDRItemCidrDst
 
DetectEngineAppInspectionEngineapp_inspect
 
DetectEnginePktInspectionEnginepkt_inspect
 
SigMatchDatasm_arrays [DETECT_SM_LIST_MAX]
 
const struct DetectFilestoreData_filestore_ctx
 
char * msg
 
char * class_msg
 
DetectReferencereferences
 
DetectMetadatametadata
 
char * sig_str
 
SignatureInitDatainit_data
 
struct Signature_next
 

Detailed Description

Signature container.

Definition at line 514 of file detect.h.

Field Documentation

uint8_t Signature_::action
DetectMatchAddressIPv4* Signature_::addr_dst_match4

Definition at line 541 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigFree(), and SigMatchSignaturesGetSgh().

uint16_t Signature_::addr_dst_match4_cnt

ipv4 match arrays

Definition at line 537 of file detect.h.

Referenced by DetectSignatureSetAppProto(), and SigMatchSignaturesGetSgh().

DetectMatchAddressIPv6* Signature_::addr_dst_match6

ipv6 match arrays

Definition at line 544 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigFree(), and SigMatchSignaturesGetSgh().

uint16_t Signature_::addr_dst_match6_cnt

Definition at line 539 of file detect.h.

Referenced by DetectSignatureSetAppProto(), and SigMatchSignaturesGetSgh().

DetectMatchAddressIPv4* Signature_::addr_src_match4

Definition at line 542 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigFree(), and SigMatchSignaturesGetSgh().

uint16_t Signature_::addr_src_match4_cnt

Definition at line 538 of file detect.h.

Referenced by DetectSignatureSetAppProto(), and SigMatchSignaturesGetSgh().

DetectMatchAddressIPv6* Signature_::addr_src_match6

Definition at line 545 of file detect.h.

Referenced by DetectSignatureSetAppProto(), SigFree(), and SigMatchSignaturesGetSgh().

uint16_t Signature_::addr_src_match6_cnt

Definition at line 540 of file detect.h.

Referenced by DetectSignatureSetAppProto(), and SigMatchSignaturesGetSgh().

IPOnlyCIDRItem * Signature_::CidrDst

Definition at line 560 of file detect.h.

Referenced by IPOnlyAddSignature(), IPOnlySigParseAddress(), and SigFree().

IPOnlyCIDRItem* Signature_::CidrSrc

netblocks and hosts specified at the sid, in CIDR format

Definition at line 560 of file detect.h.

Referenced by IPOnlyAddSignature(), IPOnlySigParseAddress(), and SigFree().

uint8_t Signature_::class

classification id

Definition at line 534 of file detect.h.

Referenced by DetectClasstypeRegister().

char* Signature_::class_msg

classification message

Definition at line 575 of file detect.h.

Referenced by AlertFastLogger(), AlertFastLogInitCtx(), and DetectClasstypeRegister().

uint16_t Signature_::dsize_high

Definition at line 521 of file detect.h.

Referenced by SigMatchSignaturesGetSgh(), and SigParseSetDsizePair().

uint16_t Signature_::dsize_low

Definition at line 520 of file detect.h.

Referenced by SigMatchSignaturesGetSgh(), and SigParseSetDsizePair().

const struct DetectFilestoreData_* Signature_::filestore_ctx

Definition at line 570 of file detect.h.

Referenced by DetectFilestoreRegister().

uint32_t Signature_::flags

Definition at line 515 of file detect.h.

Referenced by DetectAckRegister(), DetectAppLayerEventRegister(), DetectAppLayerProtocolRegister(), DetectBufferTypeGetByIdTransforms(), DetectBypassRegister(), DetectByteExtractDoMatch(), DetectContentPMATCHValidateCallback(), DetectDsizeRegister(), DetectEngineAppInspectionEngine2Signature(), DetectEngineContentModifierBufferSetup(), DetectEngineInspectStream(), DetectEngineInspectStreamPayload(), DetectFilestoreRegister(), DetectFlagsRegister(), DetectFlowbitMatch(), DetectFlowbitsAnalyze(), DetectFlowSetupImplicit(), DetectFragBitsRegister(), DetectFragOffsetRegister(), DetectGeoipRegister(), DetectHostbitFree(), DetectHttpRawHeaderRegister(), DetectIcmpIdRegister(), DetectIdRegister(), DetectIPProtoRegister(), DetectNoalertRegister(), DetectPcrePayloadMatch(), DetectPrefilterRegister(), DetectReplaceRegister(), DetectRpcRegister(), DetectSameipRegister(), DetectSeqRegister(), DetectSetFastPatternAndItsId(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DetectTargetRegister(), DetectTcphdrRegister(), DetectTcpmssRegister(), DetectTemplate2Register(), DetectTemplateRegister(), DetectThresholdRegister(), DetectTlsRegister(), DetectTosRegister(), DetectTtlRegister(), DetectUdphdrRegister(), DetectWindowRegister(), DetectXbitMatchHost(), DetectXbitsRegister(), EngineAnalysisRules(), EngineAnalysisRulesFailure(), IPOnlyAddSignature(), IPOnlyMatchPacket(), IPOnlySigParseAddress(), MpmStoreFree(), MpmStorePrepareBuffer(), PacketAlertFinalize(), PacketCreateMask(), SCThresholdConfInitContext(), SigAddressPrepareStage1(), SigAddressPrepareStage2(), SigGroupHeadBuildNonPrefilterArray(), SigMatchList2DataArray(), SigMatchListSMBelongsTo(), SigMatchSignaturesGetSgh(), SignatureHasPacketContent(), SignatureHasStreamContent(), SignatureIsFilestoring(), SignatureIsIPOnly(), SignatureSetType(), SigParseApplyDsizeToContent(), SigParseGetMaxDsize(), and SigParseSetDsizePair().

SignatureInitData* Signature_::init_data

Definition at line 583 of file detect.h.

Referenced by DetectAckRegister(), DetectAppLayerEventPrepare(), DetectAppLayerInspectEngineRegister2(), DetectBase64DataRegister(), DetectBase64DecodeDoMatch(), DetectBufferGetActiveList(), DetectBufferSetActiveList(), DetectByteExtractDoMatch(), DetectByteExtractRetrieveSMVar(), DetectBytejumpDoMatch(), DetectBytetestDoMatch(), DetectContentPMATCHValidateCallback(), DetectContentPropagateLimits(), DetectContentSetup(), DetectDnsQueryRegister(), DetectDsizeRegister(), DetectEngineAppendSig(), DetectEngineAppInspectionEngine2Signature(), DetectEngineContentModifierBufferSetup(), DetectEnginePktInspectionSetup(), DetectFastPatternRegister(), DetectFileextRegister(), DetectFilemagicRegister(), DetectFilenameRegister(), DetectFlagsSignatureNeedsSynOnlyPackets(), DetectFlagsSignatureNeedsSynPackets(), DetectFlowbitsAnalyze(), DetectFlowFree(), DetectFlowSetupImplicit(), DetectFlowvarMatch(), DetectFragBitsRegister(), DetectFragOffsetFree(), DetectGetLastSM(), DetectGetLastSMByListId(), DetectGetLastSMFromLists(), DetectGetLastSMFromMpmLists(), DetectHttpClientBodyRegister(), DetectHttpHHRegister(), DetectHttpMethodRegister(), DetectIcmpIdFree(), DetectIcmpSeqFree(), DetectICodeFree(), DetectIdFree(), DetectIPProtoRegister(), DetectIPProtoRemoveAllSMs(), DetectIsdataatSetup(), DetectITypeFree(), DetectLuaRegister(), DetectParseDupSigHashFree(), DetectPcrePayloadMatch(), DetectPktDataRegister(), DetectPrefilterRegister(), DetectRawbytesRegister(), DetectReplaceRegister(), DetectSeqRegister(), DetectSetFastPatternAndItsId(), DetectSetupParseRegexes(), DetectSignatureAddTransform(), DetectSignatureSetAppProto(), DetectTcpmssFree(), DetectTemplate2Free(), DetectTemplateBufferRegister(), DetectTemplateRustBufferRegister(), DetectTlsFingerprintRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsRegister(), DetectTlsSerialRegister(), DetectTosRegister(), DetectTtlFree(), DetectUricontentRegister(), DetectUrilenApplyToContent(), DetectUrilenValidateContent(), EngineAnalysisFP(), EngineAnalysisRules(), EngineAnalysisRulesFailure(), MpmStoreFree(), MpmStorePrepareBuffer(), PacketCreateMask(), PerCentEncodingMatch(), RetrieveFPForSig(), SigAddressPrepareStage1(), SigAddressPrepareStage2(), SigAddressPrepareStage4(), SigAlloc(), SigFree(), SigInit(), SigMatchAppendSMToList(), SigMatchList2DataArray(), SigMatchListSMBelongsTo(), SigMatchRemoveSMFromList(), SignatureHasPacketContent(), SignatureHasStreamContent(), SignatureIsIPOnly(), SignatureSetType(), SigParseApplyDsizeToContent(), SigParseGetMaxDsize(), and SigParseSetDsizePair().

DetectMetadata* Signature_::metadata

Metadata

Definition at line 579 of file detect.h.

Referenced by DetectMetadataHashFree(), and SigAlloc().

char* Signature_::msg
DetectEnginePktInspectionEngine* Signature_::pkt_inspect

Definition at line 563 of file detect.h.

Referenced by DetectEnginePktInspectionRun(), and SigFree().

uint16_t Signature_::profiling_id

Definition at line 556 of file detect.h.

Referenced by SCProfilingRuleInitCounters().

DetectReference* Signature_::references

Reference

Definition at line 577 of file detect.h.

Referenced by DetectReferenceFree(), and SigAlloc().

char* Signature_::sig_str
DetectPort* Signature_::sp

The documentation for this struct was generated from the following file: