suricata
suricata-plugin.h
Go to the documentation of this file.
1 /* Copyright (C) 2020-2021 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 #ifndef SURICATA_SURICATA_PLUGIN_H
19 #define SURICATA_SURICATA_PLUGIN_H
20 
21 #include <stdint.h>
22 #include <stdbool.h>
23 
24 #include "queue.h"
25 
26 /**
27  * The size of the data chunk inside each packet structure a plugin
28  * has for private data (Packet->plugin_v).
29  */
30 #define PLUGIN_VAR_SIZE 64
31 
32 /**
33  * Structure to define a Suricata plugin.
34  */
35 typedef struct SCPlugin_ {
36  const char *name;
37  const char *license;
38  const char *author;
39  void (*Init)(void);
40 } SCPlugin;
41 
42 typedef SCPlugin *(*SCPluginRegisterFunc)(void);
43 
44 typedef struct SCCapturePlugin_ {
45  char *name;
46  void (*Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot);
47  int (*ThreadInit)(void *ctx, int thread_id, void **thread_ctx);
48  int (*ThreadDeinit)(void *ctx, void *thread_ctx);
49  const char *(*GetDefaultMode)(void);
50  TAILQ_ENTRY(SCCapturePlugin_) entries;
51 } SCCapturePlugin;
52 
53 int SCPluginRegisterCapture(SCCapturePlugin *);
54 
55 // Every change in the API used by plugins should change this number
56 #define SC_PLUGIN_API_VERSION 8
57 
58 typedef struct SCAppLayerPlugin_ {
59  // versioning to check suricata/plugin API compatibility
60  uint64_t version;
61  char *name;
62  void (*Register)(void);
63  void (*KeywordsRegister)(void);
64  char *logname;
65  char *confname;
66  bool (*Logger)(void *tx, void *jb);
67 } SCAppLayerPlugin;
68 
69 int SCPluginRegisterAppLayer(SCAppLayerPlugin *);
70 
71 #endif /* __SURICATA_PLUGIN_H */
SCPluginRegisterCapture
int SCPluginRegisterCapture(SCCapturePlugin *)
ctx
struct Thresholds ctx
SCCapturePlugin_::Init
void(* Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot)
Definition: suricata-plugin.h:46
SCAppLayerPlugin_::KeywordsRegister
void(* KeywordsRegister)(void)
Definition: suricata-plugin.h:63
SCCapturePlugin_::ThreadInit
int(* ThreadInit)(void *ctx, int thread_id, void **thread_ctx)
Definition: suricata-plugin.h:47
SCAppLayerPlugin_::logname
char * logname
Definition: suricata-plugin.h:64
SCAppLayerPlugin_::name
char * name
Definition: suricata-plugin.h:61
SCCapturePlugin_::name
char * name
Definition: suricata-plugin.h:45
SCCapturePlugin_
Definition: suricata-plugin.h:44
SCAppLayerPlugin_
Definition: suricata-plugin.h:58
SCPlugin_::license
const char * license
Definition: suricata-plugin.h:37
SCCapturePlugin_::TAILQ_ENTRY
TAILQ_ENTRY(SCCapturePlugin_) entries
SCPlugin_::author
const char * author
Definition: suricata-plugin.h:38
SCPlugin_
Definition: suricata-plugin.h:35
queue.h
SCAppLayerPlugin_::Register
void(* Register)(void)
Definition: suricata-plugin.h:62
SCPluginRegisterAppLayer
int SCPluginRegisterAppLayer(SCAppLayerPlugin *)
SCCapturePlugin
struct SCCapturePlugin_ SCCapturePlugin
SCAppLayerPlugin
struct SCAppLayerPlugin_ SCAppLayerPlugin
SCPlugin_::Init
void(* Init)(void)
Definition: suricata-plugin.h:39
SCAppLayerPlugin_::confname
char * confname
Definition: suricata-plugin.h:65
SCAppLayerPlugin_::Logger
bool(* Logger)(void *tx, void *jb)
Definition: suricata-plugin.h:66
SCPlugin
struct SCPlugin_ SCPlugin
SCPlugin_::name
const char * name
Definition: suricata-plugin.h:36
SCAppLayerPlugin_::version
uint64_t version
Definition: suricata-plugin.h:60
SCCapturePlugin_::ThreadDeinit
int(* ThreadDeinit)(void *ctx, void *thread_ctx)
Definition: suricata-plugin.h:48