|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "config.h"#include "suricata.h"#include "decode.h"#include "detect.h"#include "packet-queue.h"#include "threads.h"#include "threadvars.h"#include "flow-worker.h"#include "util-atomic.h"#include "util-spm.h"#include "util-cpu.h"#include "util-action.h"#include "util-pidfile.h"#include "util-ioctl.h"#include "util-device.h"#include "util-misc.h"#include "util-running-modes.h"#include "detect-engine.h"#include "detect-parse.h"#include "detect-fast-pattern.h"#include "detect-engine-tag.h"#include "detect-engine-threshold.h"#include "detect-engine-address.h"#include "detect-engine-port.h"#include "detect-engine-mpm.h"#include "tm-queuehandlers.h"#include "tm-queues.h"#include "tm-threads.h"#include "tmqh-flow.h"#include "conf.h"#include "conf-yaml-loader.h"#include "datasets.h"#include "stream-tcp.h"#include "source-nfq.h"#include "source-nfq-prototypes.h"#include "source-nflog.h"#include "source-ipfw.h"#include "source-pcap.h"#include "source-pcap-file.h"#include "source-pfring.h"#include "source-erf-file.h"#include "source-erf-dag.h"#include "source-napatech.h"#include "source-af-packet.h"#include "source-netmap.h"#include "source-windivert.h"#include "source-windivert-prototypes.h"#include "respond-reject.h"#include "flow.h"#include "flow-timeout.h"#include "flow-manager.h"#include "flow-bypass.h"#include "flow-var.h"#include "flow-bit.h"#include "pkt-var.h"#include "host-bit.h"#include "ippair.h"#include "ippair-bit.h"#include "host.h"#include "unix-manager.h"#include "app-layer.h"#include "app-layer-parser.h"#include "app-layer-htp.h"#include "app-layer-ssl.h"#include "app-layer-dns-tcp.h"#include "app-layer-dns-udp.h"#include "app-layer-ssh.h"#include "app-layer-ftp.h"#include "app-layer-smtp.h"#include "app-layer-modbus.h"#include "app-layer-enip.h"#include "app-layer-dnp3.h"#include "app-layer-smb.h"#include "app-layer-dcerpc.h"#include "util-decode-der.h"#include "util-ebpf.h"#include "util-radix-tree.h"#include "util-host-os-info.h"#include "util-cidr.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-time.h"#include "util-rule-vars.h"#include "util-classification-config.h"#include "util-threshold-config.h"#include "util-reference-config.h"#include "util-profiling.h"#include "util-magic.h"#include "util-signal.h"#include "util-coredump-config.h"#include "util-decode-mime.h"#include "defrag.h"#include "runmodes.h"#include "runmode-unittests.h"#include "util-decode-asn1.h"#include "util-debug.h"#include "util-error.h"#include "util-daemon.h"#include "util-byte.h"#include "reputation.h"#include "output.h"#include "util-privs.h"#include "tmqh-packetpool.h"#include "util-proto-name.h"#include "util-mpm-hs.h"#include "util-storage.h"#include "host-storage.h"#include "util-lua.h"#include "rust.h"#include "rust-core-gen.h"#include "build-info.h"Go to the source code of this file.
Macros | |
| #define | DEFAULT_MAX_PENDING_PACKETS 1024 |
Functions | |
| SC_ATOMIC_DECLARE (unsigned int, engine_stage) | |
| int | SuriHasSigFile (void) |
| int | EngineModeIsIPS (void) |
| int | EngineModeIsIDS (void) |
| void | EngineModeSetIPS (void) |
| void | EngineModeSetIDS (void) |
| int | RunmodeIsUnittests (void) |
| int | RunmodeGetCurrent (void) |
| void | GlobalsInitPreConfig (void) |
| void | EngineStop (void) |
| make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached. More... | |
| void | EngineDone (void) |
| Used to indicate that the current task is done. More... | |
| void | RegisterAllModules (void) |
| const char * | GetProgramVersion (void) |
| get string with program version More... | |
| void | PreRunInit (const int runmode) |
| void | PreRunPostPrivsDropInit (const int runmode) |
| void | PostRunDeinit (const int runmode, struct timeval *start_time) |
| int | main (int argc, char **argv) |
Variables | |
| volatile sig_atomic_t | sigint_count = 0 |
| volatile sig_atomic_t | sighup_count = 0 |
| volatile sig_atomic_t | sigterm_count = 0 |
| volatile sig_atomic_t | sigusr2_count = 0 |
| volatile uint8_t | suricata_ctl_flags = 0 |
| int | run_mode = RUNMODE_UNKNOWN |
| uint8_t | host_mode = SURI_HOST_IS_SNIFFER_ONLY |
| intmax_t | max_pending_packets |
| int | g_detect_disabled = 0 |
| int | sc_set_caps = FALSE |
| int | g_default_mtu = 0 |
| bool | g_system = false |
| int | g_disable_randomness = 0 |
| uint16_t | g_vlan_mask = 0xffff |
| SCInstance | suricata |
| int | coverage_unittests |
| int | g_ut_modules |
| int | g_ut_covered |
Definition in file suricata.c.
| #define DEFAULT_MAX_PENDING_PACKETS 1024 |
Definition at line 198 of file suricata.c.
Referenced by PostRunDeinit().
| void EngineDone | ( | void | ) |
Used to indicate that the current task is done.
This is mainly used by pcap-file to tell it has finished to treat a pcap files when running in unix-socket mode.
Definition at line 442 of file suricata.c.
References CLS, ConfSetFinal(), EngineModeIsIPS(), GetProgramVersion(), PROG_NAME, PROG_VER, SC_ERR_BPF, SC_ERR_FATAL, SC_ERR_FOPEN, SC_ERR_MEM_ALLOC, SC_ERR_NOT_SUPPORTED, SCFree, SCLogError, SCMalloc, strlcat(), suricata_ctl_flags, SURICATA_DONE, TM_ECODE_FAILED, TM_ECODE_OK, unlikely, and xstr.
Referenced by TmThreadsSlotVarRun().
| int EngineModeIsIDS | ( | void | ) |
Definition at line 252 of file suricata.c.
References ENGINE_MODE_IDS.
| int EngineModeIsIPS | ( | void | ) |
Definition at line 247 of file suricata.c.
References ENGINE_MODE_IPS.
Referenced by AlertFastLogger(), AlertJsonHeader(), AppLayerIncTxCounter(), DetectEngineMultiTenantSetup(), EngineDone(), FlowHandlePacketUpdate(), HTPFreeConfig(), PostRunDeinit(), and StreamTcpInitConfig().
| void EngineModeSetIDS | ( | void | ) |
Definition at line 262 of file suricata.c.
References ENGINE_MODE_IDS.
| void EngineModeSetIPS | ( | void | ) |
Definition at line 257 of file suricata.c.
References ENGINE_MODE_IPS.
Referenced by GetProgramVersion(), and PostRunDeinit().
| void EngineStop | ( | void | ) |
make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached.
Definition at line 431 of file suricata.c.
References suricata_ctl_flags, and SURICATA_STOP.
Referenced by PcapFileGlobalInit(), and ReceiveErfFileLoop().
| const char* GetProgramVersion | ( | void | ) |
get string with program version
Get the program version as passed to us from AC_INIT
Add 'RELEASE' is no '-dev' in the version. Add the REVISION if passed to us.
Possible outputs: release: '5.0.1 RELEASE' dev with rev: '5.0.1-dev (64a789bbf 2019-10-18)' dev w/o rev: '5.0.1-dev'
Definition at line 1061 of file suricata.c.
References ALPROTO_DCERPC, ALPROTO_DNP3, ALPROTO_DNS, ALPROTO_ENIP, ALPROTO_FTP, ALPROTO_HTTP, ALPROTO_MODBUS, ALPROTO_SMB, ALPROTO_SMTP, ALPROTO_SSH, ALPROTO_TLS, AppLayerParserSetup(), AppLayerProtoDetectSetup(), SCInstance_::aux_run_mode, SCInstance_::checksum_validation, SCInstance_::conf_filename, ConfGet(), ConfigCheckDataDirectory(), ConfigCheckLogDirectoryExists(), ConfigSetDataDirectory(), ConfigSetLogDirectory(), ConfSetFinal(), ConfSetFromString(), coverage_unittests, SCInstance_::daemon, Daemonize(), DecodeERSPAN(), DecodeEthernet(), DecodePPP(), DEFAULT_PID_FILENAME, SCInstance_::disabled_detect, SCInstance_::do_setgid, SCInstance_::do_setuid, engine_analysis, EngineModeSetIPS(), FALSE, FatalError, FLOW_QUIET, g_detect_disabled, g_disable_randomness, g_system, GetProgramVersion(), SCInstance_::group_name, SCInstance_::groupid, IPFWRegisterQueue(), IPPairInitConfig(), IsRunModeOffline(), IsRunModeSystem(), SCInstance_::keyword_info, LiveBuildDeviceListCustom(), LiveRegisterDeviceName(), MpmTableSetup(), NFQParseAndRegisterQueues(), SCInstance_::offline, SCInstance_::pcap_dev, PcapTranslateIPToDevice(), SCInstance_::pid_filename, PROG_NAME, PROG_VER, SCInstance_::progname, SCInstance_::regex_arg, RegisterDCERPCParsers(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterFTPParsers(), RegisterHTPParsers(), RegisterModbusParsers(), RegisterSMBParsers(), RegisterSMTPParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SCInstance_::run_mode, RUNMODE_AFP_DEV, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DAG, RUNMODE_DUMP_CONFIG, RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, RUNMODE_IPFW, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_NAPATECH, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PCAP_FILE, RUNMODE_PFRING, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RUNMODE_UNIX_SOCKET, RUNMODE_UNKNOWN, RUNMODE_WINDIVERT, SC_ERR_CMD_LINE, SC_ERR_DAG_REQUIRED, SC_ERR_FATAL, SC_ERR_GID_FAILED, SC_ERR_INITIALIZATION, SC_ERR_IPFW_NOSUPPORT, SC_ERR_LIBCAP_NG_REQUIRED, SC_ERR_LOGDIR_CMDLINE, SC_ERR_MEM_ALLOC, SC_ERR_MULTIPLE_RUN_MODE, SC_ERR_NAPATECH_REQUIRED, SC_ERR_NFLOG_NOSUPPORT, SC_ERR_NFQ_NOSUPPORT, SC_ERR_NO_AF_PACKET, SC_ERR_NO_NETMAP, SC_ERR_NO_PCAP_SET_BUFFER_SIZE, SC_ERR_NO_PF_RING, SC_ERR_PCAP_TRANSLATE, SC_ERR_PIDFILE_DAEMON, SC_ERR_UID_FAILED, SC_ERR_WINDIVERT_NOSUPPORT, sc_set_caps, SC_WARN_FASTER_CAPTURE_AVAILABLE, SCFree, SCGetGroupID(), SCGetUserID(), SCLogError, SCLogInfo, SCLogNotice, SCLogWarning, SCPidfileCreate(), SCPidfileTestRunning(), SCStrdup, SCInstance_::set_datadir, SCInstance_::set_logdir, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, SpmTableSetup(), SCInstance_::start_time, StatsInit(), str, SCInstance_::strict_rule_parsing_string, strlcpy(), SCInstance_::system, TM_ECODE_FAILED, TM_ECODE_OK, TRUE, unittests_fatal, SCInstance_::user_name, SCInstance_::userid, UtilSignalHandlerSetup(), SCInstance_::verbose, and xstr.
Referenced by EngineDone(), and GetProgramVersion().
| void GlobalsInitPreConfig | ( | void | ) |
Definition at line 330 of file suricata.c.
References AFPPeersListClean(), AppLayerDeSetup(), AppLayerHtpPrintStats(), ConfDeInit(), DatasetsDestroy(), DatasetsSave(), DetectEngineDeReference(), DetectEngineGetCurrent(), DetectEngineMoveToFreeList(), DetectEnginePruneFreeList(), DetectParseFreeRegexes(), SCInstance_::disabled_detect, HostShutdown(), HTPAtExitPrintStats(), HTPFreeConfig(), LiveDeviceListClean(), MpmHSGlobalCleanup(), NFQContextsClean(), OutputDeregisterAll(), ParseSizeDeinit(), SCInstance_::pid_filename, SC_ATOMIC_DESTROY, SCClassConfDeinit(), SCCondInit, SCFree, SCLogDeInitLogModule(), SCLogInfo, SCMutexInit, SCPidfileRemove(), SCProtoNameDeInit(), SCReferenceConfDeinit(), SCThresholdConfGlobalFree(), SCThresholdConfGlobalInit(), SupportFastPatternForSigMatchTypes(), TagDestroyCtx(), TimeDeinit(), TimeInit(), TmModuleRunDeInit(), TmqhCleanup(), and trans_q.
Referenced by main(), and RunUnittests().
| int main | ( | int | argc, |
| char ** | argv | ||
| ) |
Definition at line 2944 of file suricata.c.
References SuricataContext_::AppLayerDecoderEventsFreeEvents, AppLayerDecoderEventsFreeEvents(), SuricataContext_::AppLayerDecoderEventsSetEventRaw, AppLayerDecoderEventsSetEventRaw(), SCInstance_::aux_run_mode, ConfDump(), ConfGetBool(), ConfInit(), CoredumpEnable(), SCInstance_::daemon, SuricataContext_::DetectEngineStateFree, DetectEngineStateFree(), SuricataContext_::FileAppendDataById, FileAppendDataById(), SuricataContext_::FileAppendGAPById, FileAppendGAPById(), SuricataContext_::FileCloseFileById, FileCloseFileById(), SuricataContext_::FileContainerRecycle, FileContainerRecycle(), FileContainerSetTx(), SuricataContext_::FileOpenFileWithId, FileOpenFileWithId(), SuricataContext_::FilePrune, FilePrune(), SuricataContext_::FileSetTx, g_vlan_mask, GlobalsInitPreConfig(), SCInstance_::groupid, PacketPoolPostRunmodes(), ParseSizeInit(), SCInstance_::pcap_dev, PostRunDeinit(), PreRunPostPrivsDropInit(), SCInstance_::run_mode, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DUMP_CONFIG, RUNMODE_ENGINE_ANALYSIS, RUNMODE_UNIX_SOCKET, RunModeDispatch(), RunModeRegisterRunModes(), SC_ATOMIC_CAS, SC_ATOMIC_INIT, SC_ERR_INITIALIZATION, SCDropMainThreadCaps, SCLogDebug, SCLogError, SCLogInfo, SCLogInitLogModule(), SCLogLoadConfig(), SuricataContext_::SCLogMessage, SCLogMessage(), SCLogNotice, SCPledge, SCSetThreadName, SCInstance_::start_time, SURICATA_DEINIT, SURICATA_INIT, SURICATA_RUNTIME, TM_ECODE_DONE, TM_ECODE_FAILED, TM_ECODE_OK, TmThreadContinueThreads(), TmThreadKillThreads(), TmThreadWaitOnThreadInit(), UnixManagerThreadSpawnNonRunmode(), UnixSocketKillSocketThread(), SCInstance_::userid, UtilCpuPrintSummary(), UtilSignalBlock(), UtilSignalHandlerSetup(), and SCInstance_::verbose.
Referenced by hashbig().
| void PostRunDeinit | ( | const int | runmode, |
| struct timeval * | start_time | ||
| ) |
Definition at line 2330 of file suricata.c.
References AFPRunModeIsIPS(), AppLayerHtpNeedFileInspection(), AppLayerSetup(), ByteExtractStringUint16(), SCInstance_::checksum_validation, CheckValidDaemonModes(), CIDRInit(), SCInstance_::conf_filename, ConfGet(), ConfGetBool(), ConfGetChildValueBool(), ConfGetInt(), ConfGetNode(), ConfGetValue(), ConfigCheckLogDirectoryExists(), ConfigGetLogDirectory(), ConfigSetDataDirectory(), ConfigSetLogDirectory(), ConfSet(), ConfSetFinal(), CoredumpLoadConfig(), SCInstance_::daemon, DecodeGlobalConfig(), DecodeUnregisterCounters(), DEFAULT_MAX_PENDING_PACKETS, DEFAULT_MTU, DEFAULT_PACKET_SIZE, default_packet_size, DefragDestroy(), SCInstance_::delayed_detect, DETECT_ENGINE_TYPE_NORMAL, DetectAddressTestConfVars(), DetectEngineAddToMaster(), DetectEngineBumpVersion(), DetectEngineCtxInit(), DetectEngineCtxInitStubForDD(), DetectEngineCtxInitStubForMT(), DetectEngineEnabled(), DetectEngineMultiTenantSetup(), DetectEngineReload(), DetectEngineReloadIsStart(), DetectEngineReloadSetIdle(), DetectEngineReloadStart(), DetectPortTestConfVars(), SCInstance_::disabled_detect, EngineModeIsIPS(), EngineModeSetIPS(), DetectEngineCtx_::failure_fatal, FALSE, FatalError, FlowDisableFlowManagerThread(), FlowDisableFlowRecyclerThread(), FlowForceReassembly(), FlowShutdown(), g_default_mtu, GetIfaceMaxPacketSize(), GetIfaceMTU(), host_mode, HOST_VERBOSE, HostBitInitCtx(), HostCleanup(), HostInitConfig(), IPPairBitInitCtx(), IPPairShutdown(), SCInstance_::keyword_info, DetectEngineCtx_::last_reload, len, ListAppLayerProtocols(), ListKeywords(), LiveDeviceFinalize(), LiveDevRegisterExtension(), LiveGetDeviceCount(), LiveGetDeviceName(), LiveSetOffloadDisable(), LiveSetOffloadWarn(), SCInstance_::log_dir, MAX, max_pending_packets, MpmTableSetup(), NetmapRunModeIsIPS(), next, NFQInitConfig(), SCInstance_::offline, OutputNotifyFileRotation(), PacketAlertTagInit(), PacketPoolDestroy(), PacketPoolInit(), ParseSizeStringU32(), PreRunInit(), profiling_rules_enabled, SCInstance_::regex_arg, RegisterAllModules(), RegisterFlowBypassInfo(), SCInstance_::run_mode, run_mode, RUNMODE_AFP_DEV, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_ENGINE_ANALYSIS, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_NETMAP, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PFRING, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RUNMODE_UNIX_SOCKET, RUNMODE_UNKNOWN, RUNMODE_WINDIVERT, RunModeListRunmodes(), RunModeShutDown(), RunUnittests(), SC_ERR_INITIALIZATION, SC_ERR_INVALID_YAML_CONF_ENTRY, SC_ERR_LOGDIR_CONFIG, SC_ERR_NO_RULES_LOADED, SC_ERR_SIZE_PARSE, SCAsn1LoadConfig(), SCClassConfInit(), SCEnter, SCHInfoLoadFromConfig(), SCLogDebug, SCLogError, SCLogInfo, SCLogNotice, SCProfilingDestroy(), SCProfilingDump(), SCProtoNameInit(), SCReferenceConfInit(), SCReturnInt, SCInstance_::set_datadir, SCInstance_::set_logdir, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, sighup_count, sigint_count, SigLoadSignatures(), SigTableApplyStrictCommandlineOption(), SigTableSetup(), sigterm_count, sigusr2_count, SLL_HEADER_LEN, SpmTableSetup(), StatsReleaseResources(), StorageFinalize(), StorageInit(), STREAM_VERBOSE, StreamTcpFreeConfig(), SCInstance_::strict_rule_parsing_string, strlcpy(), SURI_HOST_IS_ROUTER, SURI_HOST_IS_SNIFFER_ONLY, suricata_ctl_flags, SURICATA_STOP, SCInstance_::system, TagInitCtx(), TAILQ_FOREACH, ThresholdInit(), TM_ECODE_DONE, TM_ECODE_FAILED, TM_ECODE_OK, TmModuleRunInit(), TmqhSetup(), TmqResetQueues(), TmThreadCheckThreadState(), TmThreadClearThreadsFamily(), TmThreadDisablePacketThreads(), TmThreadDisableReceiveThreads(), TmThreadKillThreadsFamily(), TVT_MGMT, TVT_PPT, DetectEngineCtx_::type, UtilSignalHandlerSetup(), UtilSignalUnblock(), ConfNode_::val, and WarnInvalidConfEntry.
Referenced by main(), and RunModeUnixSocketGetDefaultMode().
| void PreRunInit | ( | const int | runmode | ) |
Definition at line 2292 of file suricata.c.
References AppLayerParserPostStreamSetup(), AppLayerRegisterGlobalCounters(), DatasetsInit(), DefragInit(), FLOW_QUIET, FlowInitConfig(), IPPairInitConfig(), RUNMODE_UNIX_SOCKET, SCProfilingInit(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), StatsInit(), STREAM_VERBOSE, and StreamTcpInitConfig().
Referenced by PostRunDeinit(), and RunModeUnixSocketGetDefaultMode().
| void PreRunPostPrivsDropInit | ( | const int | runmode | ) |
Definition at line 2316 of file suricata.c.
References RUNMODE_UNIX_SOCKET, RunModeInitializeOutputs(), StatsSetupPostConfigPostOutput(), and StatsSetupPostConfigPreOutput().
Referenced by main(), and RunModeUnixSocketGetDefaultMode().
| void RegisterAllModules | ( | void | ) |
Definition at line 864 of file suricata.c.
References SCInstance_::checksum_validation, SCInstance_::conf_filename, ConfSetFinal(), ConfYamlLoadFile(), SCInstance_::daemon, DEFAULT_CONF_FILE, SCInstance_::delayed_detect, SCInstance_::disabled_detect, SCInstance_::do_setgid, SCInstance_::do_setuid, FALSE, g_detect_disabled, SCInstance_::group_name, SCInstance_::groupid, SCInstance_::keyword_info, LiveBuildDeviceList(), LiveBuildDeviceListCustom(), SCInstance_::offline, SCInstance_::pcap_dev, SCInstance_::pid_filename, SCInstance_::progname, SCInstance_::regex_arg, SCInstance_::run_mode, RUNMODE_AFP_DEV, SCInstance_::runmode_custom_mode, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_PCAP_DEV, RUNMODE_PFRING, RUNMODE_UNKNOWN, SC_ERR_INITIALIZATION, SCEnter, SCLogError, SCReturnInt, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, TM_ECODE_FAILED, TM_ECODE_OK, tmm_modules, TMM_SIZE, TmModuleBypassedFlowManagerRegister(), TmModuleDebugList(), TmModuleDecodeAFPRegister(), TmModuleDecodeErfDagRegister(), TmModuleDecodeErfFileRegister(), TmModuleDecodeIPFWRegister(), TmModuleDecodeNetmapRegister(), TmModuleDecodeNFLOGRegister(), TmModuleDecodeNFQRegister(), TmModuleDecodePcapFileRegister(), TmModuleDecodePcapRegister(), TmModuleDecodePfringRegister(), TmModuleDecodeWinDivertRegister(), TmModuleFlowManagerRegister(), TmModuleFlowRecyclerRegister(), TmModuleFlowWorkerRegister(), TmModuleLoggerRegister(), TmModuleNapatechDecodeRegister(), TmModuleNapatechStreamRegister(), TmModuleReceiveAFPRegister(), TmModuleReceiveErfDagRegister(), TmModuleReceiveErfFileRegister(), TmModuleReceiveIPFWRegister(), TmModuleReceiveNetmapRegister(), TmModuleReceiveNFLOGRegister(), TmModuleReceiveNFQRegister(), TmModuleReceivePcapFileRegister(), TmModuleReceivePcapRegister(), TmModuleReceivePfringRegister(), TmModuleReceiveWinDivertRegister(), TmModuleRespondRejectRegister(), TmModuleStatsLoggerRegister(), TmModuleUnixManagerRegister(), TmModuleVerdictIPFWRegister(), TmModuleVerdictNFQRegister(), TmModuleVerdictWinDivertRegister(), SCInstance_::user_name, SCInstance_::userid, and SCInstance_::verbose.
Referenced by PostRunDeinit(), and RunUnittests().
| int RunmodeGetCurrent | ( | void | ) |
Definition at line 275 of file suricata.c.
References run_mode, sighup_count, sigint_count, sigterm_count, and sigusr2_count.
Referenced by ConfUnixSocketIsEnable(), OutputJsonInitCtx(), RunModeGetMainMode(), SCConfLogOpenGeneric(), and SigLoadSignatures().
| int RunmodeIsUnittests | ( | void | ) |
Definition at line 267 of file suricata.c.
References run_mode, and RUNMODE_UNITTEST.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerRegisterProtocolDetection(), DetectEngineThreadCtxInit(), DetectGeoipRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), printUUID(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterENIPUDPParsers(), RegisterModbusParsers(), RegisterNFSTCPParsers(), RegisterNFSUDPParsers(), RegisterSMBParsers(), RegisterSSLParsers(), RegisterTemplateParsers(), RegisterTFTPParsers(), SCClassConfDeinit(), SCClassConfLoadClassficationConfigFile(), SCRConfLoadReferenceConfigFile(), SCReferenceConfDeinit(), StreamTcpDecrMemuse(), StreamTcpInitConfig(), StreamTcpReassembleDecrMemuse(), and TimeGet().
| SC_ATOMIC_DECLARE | ( | unsigned | int, |
| engine_stage | |||
| ) |
| int SuriHasSigFile | ( | void | ) |
Definition at line 242 of file suricata.c.
References SCInstance_::sig_file.
| int coverage_unittests |
Definition at line 860 of file suricata.c.
Referenced by GetProgramVersion(), MpmRegisterTests(), SigTableRegisterTests(), and TmModuleRegisterTests().
| int g_default_mtu = 0 |
highest mtu of the interfaces we monitor
Definition at line 224 of file suricata.c.
Referenced by PostRunDeinit().
| int g_detect_disabled = 0 |
global indicating if detection is enabled
Definition at line 218 of file suricata.c.
Referenced by FlowDisableFlowManagerThread(), GetProgramVersion(), RegisterAllModules(), and StreamTcpPacket().
| int g_disable_randomness = 0 |
disable randomness to get reproducible results accross runs
Definition at line 230 of file suricata.c.
Referenced by GetProgramVersion(), HTPFreeConfig(), and RandomGet().
| bool g_system = false |
Definition at line 226 of file suricata.c.
Referenced by DatasetGetTypeFromString(), and GetProgramVersion().
| int g_ut_covered |
Definition at line 862 of file suricata.c.
Referenced by MpmRegisterTests(), SigTableRegisterTests(), and TmModuleRegisterTests().
| int g_ut_modules |
Definition at line 861 of file suricata.c.
Referenced by MpmRegisterTests(), SigTableRegisterTests(), and TmModuleRegisterTests().
| uint16_t g_vlan_mask = 0xffff |
determine (without branching) if we include the vlan_ids when hashing or comparing flows
Definition at line 237 of file suricata.c.
Referenced by FlowKeyGetHash(), and main().
| uint8_t host_mode = SURI_HOST_IS_SNIFFER_ONLY |
Host mode: set if box is sniffing only or is a router
Definition at line 212 of file suricata.c.
Referenced by PostRunDeinit().
| int run_mode = RUNMODE_UNKNOWN |
Run mode selected
Definition at line 204 of file suricata.c.
Referenced by DetectEngineCtxFree(), DetectReplaceFreeInternal(), DetectReplaceRegister(), PostRunDeinit(), RunmodeGetCurrent(), RunmodeIsUnittests(), and Unified2AlertInitCtx().
| int sc_set_caps = FALSE |
set caps or not
Definition at line 221 of file suricata.c.
Referenced by GetProgramVersion(), and SigMatchListSMBelongsTo().
| volatile sig_atomic_t sighup_count = 0 |
Definition at line 186 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigint_count = 0 |
Definition at line 185 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigterm_count = 0 |
Definition at line 187 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigusr2_count = 0 |
Definition at line 188 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| SCInstance suricata |
Suricata instance
Definition at line 240 of file suricata.c.
| volatile uint8_t suricata_ctl_flags = 0 |
suricata engine control flags
Definition at line 201 of file suricata.c.
Referenced by DetectEngineInspectPktBufferGeneric(), EngineDone(), EngineStop(), NapatechPacketLoopZC(), NoNFLOGSupportExit(), NoWinDivertSupportExit(), PcapFileDispatch(), PostRunDeinit(), ReceiveAFPLoop(), ReceiveErfDagLoop(), ReceiveErfFileLoop(), ReceiveIPFWLoop(), ReceiveNFQLoop(), ReceivePcapLoop(), ReceivePfringLoop(), TmModuleDecodeAFPRegister(), TmModuleDecodeNetmapRegister(), and TmThreadsSlotVarRun().
1.8.11