suricata
suricata-plugin.h
Go to the documentation of this file.
1 /* Copyright (C) 2020 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 #ifndef __SURICATA_PLUGIN_H__
19 #define __SURICATA_PLUGIN_H__
20 
21 #include "autoconf.h"
22 
23 #include <stdint.h>
24 #include <stdbool.h>
25 
26 #include "conf.h"
27 
28 /**
29  * The size of the data chunk inside each packet structure a plugin
30  * has for private data (Packet->plugin_v).
31  */
32 #define PLUGIN_VAR_SIZE 64
33 
34 /**
35  * Structure to define a Suricata plugin.
36  */
37 typedef struct SCPlugin_ {
38  const char *name;
39  const char *license;
40  const char *author;
41  void (*Init)(void);
42 } SCPlugin;
43 
44 /**
45  * Structure used to define a file type plugin.
46  *
47  * Currently only used by the Eve output type.
48  */
49 typedef struct SCPluginFileType_ {
50  char *name;
51  int (*Open)(ConfNode *conf, void **data);
52  int (*Write)(const char *buffer, int buffer_len, void *ctx);
53  void (*Close)(void *ctx);
54  TAILQ_ENTRY(SCPluginFileType_) entries;
55 } SCPluginFileType;
56 
57 bool SCPluginRegisterFileType(SCPluginFileType *);
58 
59 typedef struct SCCapturePlugin_ {
60  char *name;
61  void (*Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot);
62  const char *(*GetDefaultMode)(void);
63  TAILQ_ENTRY(SCCapturePlugin_) entries;
64 } SCCapturePlugin;
65 
66 int SCPluginRegisterCapture(SCCapturePlugin *);
67 
68 #endif /* __SURICATA_PLUGIN_H */
SCPluginRegisterCapture
int SCPluginRegisterCapture(SCCapturePlugin *)
SCPluginFileType
struct SCPluginFileType_ SCPluginFileType
SCPluginFileType_::Close
void(* Close)(void *ctx)
Definition: suricata-plugin.h:53
SCCapturePlugin_::Init
void(* Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot)
Definition: suricata-plugin.h:61
SCPluginFileType_::Open
int(* Open)(ConfNode *conf, void **data)
Definition: suricata-plugin.h:51
SCPluginFileType_::Write
int(* Write)(const char *buffer, int buffer_len, void *ctx)
Definition: suricata-plugin.h:52
SCCapturePlugin_::name
char * name
Definition: suricata-plugin.h:60
SCCapturePlugin_
Definition: suricata-plugin.h:59
SCPlugin_::license
const char * license
Definition: suricata-plugin.h:39
SCCapturePlugin_::TAILQ_ENTRY
TAILQ_ENTRY(SCCapturePlugin_) entries
SCPlugin_::author
const char * author
Definition: suricata-plugin.h:40
SCPlugin_
Definition: suricata-plugin.h:37
conf.h
SCPluginFileType_::name
char * name
Definition: suricata-plugin.h:50
SCCapturePlugin
struct SCCapturePlugin_ SCCapturePlugin
SCPlugin_::Init
void(* Init)(void)
Definition: suricata-plugin.h:41
SCPluginFileType_
Definition: suricata-plugin.h:49
ConfNode_
Definition: conf.h:32
SCPlugin
struct SCPlugin_ SCPlugin
SCPluginFileType_::TAILQ_ENTRY
TAILQ_ENTRY(SCPluginFileType_) entries
SCPluginRegisterFileType
bool SCPluginRegisterFileType(SCPluginFileType *)
SCPlugin_::name
const char * name
Definition: suricata-plugin.h:38