|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "config.h"#include "suricata.h"#include "decode.h"#include "detect.h"#include "packet-queue.h"#include "threads.h"#include "threadvars.h"#include "flow-worker.h"#include "util-atomic.h"#include "util-spm.h"#include "util-cpu.h"#include "util-action.h"#include "util-pidfile.h"#include "util-ioctl.h"#include "util-device.h"#include "util-misc.h"#include "util-running-modes.h"#include "detect-engine.h"#include "detect-parse.h"#include "detect-fast-pattern.h"#include "detect-engine-tag.h"#include "detect-engine-threshold.h"#include "detect-engine-address.h"#include "detect-engine-port.h"#include "detect-engine-mpm.h"#include "tm-queuehandlers.h"#include "tm-queues.h"#include "tm-threads.h"#include "tmqh-flow.h"#include "conf.h"#include "conf-yaml-loader.h"#include "stream-tcp.h"#include "source-nfq.h"#include "source-nfq-prototypes.h"#include "source-nflog.h"#include "source-ipfw.h"#include "source-pcap.h"#include "source-pcap-file.h"#include "source-pfring.h"#include "source-erf-file.h"#include "source-erf-dag.h"#include "source-napatech.h"#include "source-af-packet.h"#include "source-netmap.h"#include "source-windivert.h"#include "source-windivert-prototypes.h"#include "respond-reject.h"#include "flow.h"#include "flow-timeout.h"#include "flow-manager.h"#include "flow-bypass.h"#include "flow-var.h"#include "flow-bit.h"#include "pkt-var.h"#include "host-bit.h"#include "ippair.h"#include "ippair-bit.h"#include "host.h"#include "unix-manager.h"#include "app-layer.h"#include "app-layer-parser.h"#include "app-layer-htp.h"#include "app-layer-ssl.h"#include "app-layer-dns-tcp.h"#include "app-layer-dns-udp.h"#include "app-layer-ssh.h"#include "app-layer-ftp.h"#include "app-layer-smtp.h"#include "app-layer-modbus.h"#include "app-layer-enip.h"#include "app-layer-dnp3.h"#include "app-layer-smb.h"#include "app-layer-dcerpc.h"#include "util-decode-der.h"#include "util-ebpf.h"#include "util-radix-tree.h"#include "util-host-os-info.h"#include "util-cidr.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-time.h"#include "util-rule-vars.h"#include "util-classification-config.h"#include "util-threshold-config.h"#include "util-reference-config.h"#include "util-profiling.h"#include "util-magic.h"#include "util-signal.h"#include "util-coredump-config.h"#include "util-decode-mime.h"#include "defrag.h"#include "runmodes.h"#include "runmode-unittests.h"#include "util-decode-asn1.h"#include "util-debug.h"#include "util-error.h"#include "util-daemon.h"#include "util-byte.h"#include "reputation.h"#include "output.h"#include "util-privs.h"#include "tmqh-packetpool.h"#include "util-proto-name.h"#include "util-mpm-hs.h"#include "util-storage.h"#include "host-storage.h"#include "util-lua.h"#include "build-info.h"Go to the source code of this file.
Macros | |
| #define | DEFAULT_MAX_PENDING_PACKETS 1024 |
Functions | |
| SC_ATOMIC_DECLARE (unsigned int, engine_stage) | |
| int | SuriHasSigFile (void) |
| int | EngineModeIsIPS (void) |
| int | EngineModeIsIDS (void) |
| void | EngineModeSetIPS (void) |
| void | EngineModeSetIDS (void) |
| int | RunmodeIsUnittests (void) |
| int | RunmodeGetCurrent (void) |
| void | GlobalsInitPreConfig (void) |
| void | EngineStop (void) |
| make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached. More... | |
| void | EngineDone (void) |
| Used to indicate that the current task is done. More... | |
| void | RegisterAllModules (void) |
| void | PreRunInit (const int runmode) |
| void | PreRunPostPrivsDropInit (const int runmode) |
| void | PostRunDeinit (const int runmode, struct timeval *start_time) |
| int | main (int argc, char **argv) |
Variables | |
| volatile sig_atomic_t | sigint_count = 0 |
| volatile sig_atomic_t | sighup_count = 0 |
| volatile sig_atomic_t | sigterm_count = 0 |
| volatile sig_atomic_t | sigusr2_count = 0 |
| volatile uint8_t | suricata_ctl_flags = 0 |
| int | run_mode = RUNMODE_UNKNOWN |
| uint8_t | host_mode = SURI_HOST_IS_SNIFFER_ONLY |
| intmax_t | max_pending_packets |
| int | g_detect_disabled = 0 |
| int | sc_set_caps = FALSE |
| int | g_default_mtu = 0 |
| int | g_disable_randomness = 0 |
| uint16_t | g_vlan_mask = 0xffff |
| SCInstance | suricata |
| int | coverage_unittests |
| int | g_ut_modules |
| int | g_ut_covered |
Definition in file suricata.c.
| #define DEFAULT_MAX_PENDING_PACKETS 1024 |
Definition at line 198 of file suricata.c.
Referenced by PostRunDeinit().
| void EngineDone | ( | void | ) |
Used to indicate that the current task is done.
This is mainly used by pcap-file to tell it has finished to treat a pcap files when running in unix-socket mode.
Definition at line 437 of file suricata.c.
References CLS, ConfSetFinal(), EngineModeIsIPS(), PROG_NAME, PROG_VER, SC_ERR_BPF, SC_ERR_FATAL, SC_ERR_FOPEN, SC_ERR_MEM_ALLOC, SC_ERR_NOT_SUPPORTED, SCFree, SCLogError, SCMalloc, strlcat(), suricata_ctl_flags, SURICATA_DONE, TM_ECODE_FAILED, TM_ECODE_OK, unlikely, and xstr.
Referenced by TmThreadsSlotVarRun().
| int EngineModeIsIDS | ( | void | ) |
Definition at line 250 of file suricata.c.
References ENGINE_MODE_IDS.
| int EngineModeIsIPS | ( | void | ) |
Definition at line 245 of file suricata.c.
References ENGINE_MODE_IPS.
Referenced by AlertFastLogger(), AppLayerIncTxCounter(), DetectEngineMultiTenantSetup(), EngineDone(), FlowHandlePacketUpdate(), HTPFreeConfig(), PostRunDeinit(), and StreamTcpInitConfig().
| void EngineModeSetIDS | ( | void | ) |
Definition at line 260 of file suricata.c.
References ENGINE_MODE_IDS.
| void EngineModeSetIPS | ( | void | ) |
Definition at line 255 of file suricata.c.
References ENGINE_MODE_IPS.
Referenced by PostRunDeinit(), and RegisterAllModules().
| void EngineStop | ( | void | ) |
make sure threads can stop the engine by calling this function. Purpose: pcap file mode needs to be able to tell the engine the file eof is reached.
Definition at line 426 of file suricata.c.
References suricata_ctl_flags, and SURICATA_STOP.
Referenced by PcapFileGlobalInit(), and ReceiveErfFileLoop().
| void GlobalsInitPreConfig | ( | void | ) |
Definition at line 328 of file suricata.c.
References AFPPeersListClean(), AppLayerDeSetup(), AppLayerHtpPrintStats(), ConfDeInit(), DetectEngineDeReference(), DetectEngineGetCurrent(), DetectEngineMoveToFreeList(), DetectEnginePruneFreeList(), DetectParseFreeRegexes(), SCInstance_::disabled_detect, HostShutdown(), HTPAtExitPrintStats(), HTPFreeConfig(), LiveDeviceListClean(), MpmHSGlobalCleanup(), NFQContextsClean(), OutputDeregisterAll(), ParseSizeDeinit(), SCInstance_::pid_filename, SC_ATOMIC_DESTROY, SCClassConfDeinit(), SCCondInit, SCFree, SCLogDeInitLogModule(), SCLogInfo, SCMutexInit, SCPidfileRemove(), SCProtoNameDeInit(), SCReferenceConfDeinit(), SCThresholdConfGlobalFree(), SCThresholdConfGlobalInit(), SupportFastPatternForSigMatchTypes(), TagDestroyCtx(), TimeDeinit(), TimeInit(), TmModuleRunDeInit(), TmqhCleanup(), and trans_q.
Referenced by main(), and RunUnittests().
| int main | ( | int | argc, |
| char ** | argv | ||
| ) |
Definition at line 2891 of file suricata.c.
References SuricataContext_::AppLayerDecoderEventsFreeEvents, AppLayerDecoderEventsFreeEvents(), SuricataContext_::AppLayerDecoderEventsSetEventRaw, AppLayerDecoderEventsSetEventRaw(), SCInstance_::aux_run_mode, ConfDump(), ConfGetBool(), ConfInit(), SCInstance_::daemon, SuricataContext_::DetectEngineStateFree, DetectEngineStateFree(), SuricataContext_::FileAppendDataById, FileAppendDataById(), SuricataContext_::FileAppendGAPById, FileAppendGAPById(), SuricataContext_::FileCloseFileById, FileCloseFileById(), SuricataContext_::FileContainerRecycle, FileContainerRecycle(), FileContainerSetTx(), SuricataContext_::FileOpenFileWithId, FileOpenFileWithId(), SuricataContext_::FilePrune, FilePrune(), SuricataContext_::FileSetTx, g_vlan_mask, GlobalsInitPreConfig(), SCInstance_::groupid, PacketPoolPostRunmodes(), ParseSizeInit(), SCInstance_::pcap_dev, PostRunDeinit(), PreRunPostPrivsDropInit(), SCInstance_::run_mode, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DUMP_CONFIG, RUNMODE_ENGINE_ANALYSIS, RUNMODE_UNIX_SOCKET, RunModeDispatch(), RunModeRegisterRunModes(), SC_ATOMIC_CAS, SC_ATOMIC_INIT, SC_ERR_INITIALIZATION, SCDropMainThreadCaps, SCLogDebug, SCLogError, SCLogInfo, SCLogInitLogModule(), SCLogLoadConfig(), SuricataContext_::SCLogMessage, SCLogMessage(), SCLogNotice, SCPledge, SCSetThreadName, SCInstance_::start_time, SURICATA_DEINIT, SURICATA_INIT, SURICATA_RUNTIME, TM_ECODE_DONE, TM_ECODE_FAILED, TM_ECODE_OK, TmThreadContinueThreads(), TmThreadKillThreads(), TmThreadWaitOnThreadInit(), UnixManagerThreadSpawnNonRunmode(), UnixSocketKillSocketThread(), SCInstance_::userid, UtilCpuPrintSummary(), UtilSignalBlock(), UtilSignalHandlerSetup(), and SCInstance_::verbose.
Referenced by hashbig().
| void PostRunDeinit | ( | const int | runmode, |
| struct timeval * | start_time | ||
| ) |
Definition at line 2278 of file suricata.c.
References AFPRunModeIsIPS(), AppLayerHtpNeedFileInspection(), AppLayerSetup(), ByteExtractStringUint16(), SCInstance_::checksum_validation, CheckValidDaemonModes(), CIDRInit(), SCInstance_::conf_filename, ConfGet(), ConfGetBool(), ConfGetChildValueBool(), ConfGetInt(), ConfGetNode(), ConfGetValue(), ConfigCheckLogDirectory(), ConfigGetLogDirectory(), ConfigSetLogDirectory(), ConfSet(), ConfSetFinal(), CoredumpLoadConfig(), SCInstance_::daemon, DecodeGlobalConfig(), DecodeUnregisterCounters(), DEFAULT_MAX_PENDING_PACKETS, DEFAULT_MTU, DEFAULT_PACKET_SIZE, default_packet_size, DefragDestroy(), SCInstance_::delayed_detect, DETECT_ENGINE_TYPE_NORMAL, DetectAddressTestConfVars(), DetectEngineAddToMaster(), DetectEngineBumpVersion(), DetectEngineCtxInit(), DetectEngineCtxInitStubForDD(), DetectEngineCtxInitStubForMT(), DetectEngineEnabled(), DetectEngineMultiTenantSetup(), DetectEngineReload(), DetectEngineReloadIsStart(), DetectEngineReloadSetIdle(), DetectEngineReloadStart(), DetectPortTestConfVars(), SCInstance_::disabled_detect, EngineModeIsIPS(), EngineModeSetIPS(), DetectEngineCtx_::failure_fatal, FALSE, FatalError, FlowDisableFlowManagerThread(), FlowDisableFlowRecyclerThread(), FlowForceReassembly(), FlowShutdown(), g_default_mtu, GetIfaceMaxPacketSize(), GetIfaceMTU(), host_mode, HOST_VERBOSE, HostBitInitCtx(), HostCleanup(), HostInitConfig(), IPPairBitInitCtx(), IPPairShutdown(), SCInstance_::keyword_info, DetectEngineCtx_::last_reload, len, ListAppLayerProtocols(), ListKeywords(), LiveDeviceFinalize(), LiveDevRegisterExtension(), LiveGetDeviceCount(), LiveGetDeviceName(), LiveSetOffloadDisable(), LiveSetOffloadWarn(), SCInstance_::log_dir, MAX, max_pending_packets, MpmTableSetup(), NetmapRunModeIsIPS(), next, NFQInitConfig(), SCInstance_::offline, OutputNotifyFileRotation(), PacketAlertTagInit(), PacketPoolDestroy(), PacketPoolInit(), ParseSizeStringU32(), PreRunInit(), profiling_rules_enabled, SCInstance_::regex_arg, RegisterAllModules(), RegisterFlowBypassInfo(), SCInstance_::run_mode, run_mode, RUNMODE_AFP_DEV, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_ENGINE_ANALYSIS, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_NETMAP, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PFRING, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RUNMODE_UNIX_SOCKET, RUNMODE_UNKNOWN, RUNMODE_WINDIVERT, RunModeListRunmodes(), RunModeShutDown(), RunUnittests(), SC_ERR_INITIALIZATION, SC_ERR_INVALID_YAML_CONF_ENTRY, SC_ERR_LIVE_RULE_SWAP, SC_ERR_LOGDIR_CONFIG, SC_ERR_NO_RULES_LOADED, SC_ERR_SIZE_PARSE, SCAsn1LoadConfig(), SCClassConfInit(), SCEnter, SCHInfoLoadFromConfig(), SCLogDebug, SCLogError, SCLogInfo, SCLogNotice, SCLogWarning, SCProfilingDestroy(), SCProfilingDump(), SCProtoNameInit(), SCReferenceConfInit(), SCReturnInt, SCInstance_::set_logdir, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, sighup_count, sigint_count, SigLoadSignatures(), SigTableSetup(), sigterm_count, sigusr2_count, SLL_HEADER_LEN, SpmTableSetup(), StatsReleaseResources(), StorageFinalize(), StorageInit(), STREAM_VERBOSE, StreamTcpFreeConfig(), strlcpy(), SURI_HOST_IS_ROUTER, SURI_HOST_IS_SNIFFER_ONLY, suricata_ctl_flags, SURICATA_STOP, SCInstance_::system, TagInitCtx(), TAILQ_FOREACH, ThresholdInit(), TM_ECODE_DONE, TM_ECODE_FAILED, TM_ECODE_OK, TmModuleRunInit(), TmqhSetup(), TmqResetQueues(), TmThreadCheckThreadState(), TmThreadClearThreadsFamily(), TmThreadDisablePacketThreads(), TmThreadDisableReceiveThreads(), TmThreadKillThreadsFamily(), TVT_MGMT, TVT_PPT, DetectEngineCtx_::type, UtilSignalHandlerSetup(), UtilSignalUnblock(), ConfNode_::val, and WarnInvalidConfEntry.
Referenced by main(), and RunModeUnixSocketGetDefaultMode().
| void PreRunInit | ( | const int | runmode | ) |
Definition at line 2241 of file suricata.c.
References AppLayerParserPostStreamSetup(), AppLayerRegisterGlobalCounters(), DefragInit(), FLOW_QUIET, FlowInitConfig(), IPPairInitConfig(), RUNMODE_UNIX_SOCKET, SCProfilingInit(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), StatsInit(), STREAM_VERBOSE, and StreamTcpInitConfig().
Referenced by PostRunDeinit(), and RunModeUnixSocketGetDefaultMode().
| void PreRunPostPrivsDropInit | ( | const int | runmode | ) |
Definition at line 2264 of file suricata.c.
References RUNMODE_UNIX_SOCKET, RunModeInitializeOutputs(), StatsSetupPostConfigPostOutput(), and StatsSetupPostConfigPreOutput().
Referenced by main(), and RunModeUnixSocketGetDefaultMode().
| void RegisterAllModules | ( | void | ) |
Definition at line 869 of file suricata.c.
References ALPROTO_DCERPC, ALPROTO_DNP3, ALPROTO_DNS, ALPROTO_ENIP, ALPROTO_FTP, ALPROTO_HTTP, ALPROTO_MODBUS, ALPROTO_SMB, ALPROTO_SMTP, ALPROTO_SSH, ALPROTO_TLS, AppLayerParserSetup(), AppLayerProtoDetectSetup(), SCInstance_::aux_run_mode, SCInstance_::checksum_validation, SCInstance_::conf_filename, ConfGet(), ConfigCheckLogDirectory(), ConfigSetLogDirectory(), ConfSetFinal(), ConfSetFromString(), ConfYamlLoadFile(), coverage_unittests, SCInstance_::daemon, Daemonize(), DecodeERSPAN(), DecodeEthernet(), DecodeIPV4(), DecodeIPV6(), DecodePPP(), DEFAULT_CONF_FILE, DEFAULT_PID_FILENAME, SCInstance_::delayed_detect, SCInstance_::disabled_detect, SCInstance_::do_setgid, SCInstance_::do_setuid, engine_analysis, EngineModeSetIPS(), FALSE, FLOW_QUIET, g_detect_disabled, g_disable_randomness, SCInstance_::group_name, SCInstance_::groupid, IPFWRegisterQueue(), IPPairInitConfig(), IsRunModeOffline(), IsRunModeSystem(), SCInstance_::keyword_info, LiveBuildDeviceList(), LiveBuildDeviceListCustom(), LiveRegisterDeviceName(), MpmTableSetup(), NFQParseAndRegisterQueues(), SCInstance_::offline, SCInstance_::pcap_dev, PcapTranslateIPToDevice(), SCInstance_::pid_filename, PROG_NAME, PROG_VER, SCInstance_::progname, SCInstance_::regex_arg, RegisterDCERPCParsers(), RegisterDNP3Parsers(), RegisterDNSTCPParsers(), RegisterDNSUDPParsers(), RegisterENIPTCPParsers(), RegisterFTPParsers(), RegisterHTPParsers(), RegisterModbusParsers(), RegisterSMBParsers(), RegisterSMTPParsers(), RegisterSSHParsers(), RegisterSSLParsers(), SCInstance_::run_mode, RUNMODE_AFP_DEV, RUNMODE_CONF_TEST, SCInstance_::runmode_custom_mode, RUNMODE_DAG, RUNMODE_DUMP_CONFIG, RUNMODE_ENGINE_ANALYSIS, RUNMODE_ERF_FILE, RUNMODE_IPFW, RUNMODE_LIST_APP_LAYERS, RUNMODE_LIST_KEYWORDS, RUNMODE_LIST_RUNMODES, RUNMODE_LIST_UNITTEST, RUNMODE_NAPATECH, RUNMODE_NETMAP, RUNMODE_NFLOG, RUNMODE_NFQ, RUNMODE_PCAP_DEV, RUNMODE_PCAP_FILE, RUNMODE_PFRING, RUNMODE_PRINT_BUILDINFO, RUNMODE_PRINT_USAGE, RUNMODE_PRINT_VERSION, RUNMODE_UNITTEST, RUNMODE_UNIX_SOCKET, RUNMODE_UNKNOWN, RUNMODE_WINDIVERT, SC_ERR_CMD_LINE, SC_ERR_DAG_REQUIRED, SC_ERR_FATAL, SC_ERR_GID_FAILED, SC_ERR_INITIALIZATION, SC_ERR_IPFW_NOSUPPORT, SC_ERR_LIBCAP_NG_REQUIRED, SC_ERR_LOGDIR_CMDLINE, SC_ERR_MEM_ALLOC, SC_ERR_MULTIPLE_RUN_MODE, SC_ERR_NAPATECH_REQUIRED, SC_ERR_NFLOG_NOSUPPORT, SC_ERR_NFQ_NOSUPPORT, SC_ERR_NO_AF_PACKET, SC_ERR_NO_NETMAP, SC_ERR_NO_PCAP_SET_BUFFER_SIZE, SC_ERR_NO_PF_RING, SC_ERR_PCAP_TRANSLATE, SC_ERR_PIDFILE_DAEMON, SC_ERR_UID_FAILED, SC_ERR_WINDIVERT_NOSUPPORT, sc_set_caps, SC_WARN_FASTER_CAPTURE_AVAILABLE, SCEnter, SCFree, SCGetGroupID(), SCGetUserID(), SCLogError, SCLogInfo, SCLogNotice, SCLogWarning, SCPidfileCreate(), SCPidfileTestRunning(), SCReturnInt, SCStrdup, SCInstance_::set_logdir, SCInstance_::sig_file, SCInstance_::sig_file_exclusive, SpmTableSetup(), SCInstance_::start_time, StatsInit(), strlcpy(), SCInstance_::system, TM_ECODE_FAILED, TM_ECODE_OK, tmm_modules, TMM_SIZE, TmModuleBypassedFlowManagerRegister(), TmModuleDebugList(), TmModuleDecodeAFPRegister(), TmModuleDecodeErfDagRegister(), TmModuleDecodeErfFileRegister(), TmModuleDecodeIPFWRegister(), TmModuleDecodeNetmapRegister(), TmModuleDecodeNFLOGRegister(), TmModuleDecodeNFQRegister(), TmModuleDecodePcapFileRegister(), TmModuleDecodePcapRegister(), TmModuleDecodePfringRegister(), TmModuleDecodeWinDivertRegister(), TmModuleFlowManagerRegister(), TmModuleFlowRecyclerRegister(), TmModuleFlowWorkerRegister(), TmModuleLoggerRegister(), TmModuleNapatechDecodeRegister(), TmModuleNapatechStreamRegister(), TmModuleReceiveAFPRegister(), TmModuleReceiveErfDagRegister(), TmModuleReceiveErfFileRegister(), TmModuleReceiveIPFWRegister(), TmModuleReceiveNetmapRegister(), TmModuleReceiveNFLOGRegister(), TmModuleReceiveNFQRegister(), TmModuleReceivePcapFileRegister(), TmModuleReceivePcapRegister(), TmModuleReceivePfringRegister(), TmModuleReceiveWinDivertRegister(), TmModuleRespondRejectRegister(), TmModuleStatsLoggerRegister(), TmModuleUnixManagerRegister(), TmModuleVerdictIPFWRegister(), TmModuleVerdictNFQRegister(), TmModuleVerdictWinDivertRegister(), TRUE, unittests_fatal, SCInstance_::user_name, SCInstance_::userid, UtilSignalHandlerSetup(), SCInstance_::verbose, and xstr.
Referenced by PostRunDeinit(), and RunUnittests().
| int RunmodeGetCurrent | ( | void | ) |
Definition at line 273 of file suricata.c.
References run_mode, sighup_count, sigint_count, sigterm_count, and sigusr2_count.
Referenced by ConfUnixSocketIsEnable(), OutputJsonRegister(), RunModeGetMainMode(), SCConfLogOpenGeneric(), and SigLoadSignatures().
| int RunmodeIsUnittests | ( | void | ) |
Definition at line 265 of file suricata.c.
References run_mode, and RUNMODE_UNITTEST.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerRegisterProtocolDetection(), DetectEngineThreadCtxInit(), DetectGeoipRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), printUUID(), RegisterDNP3Parsers(), RegisterENIPTCPParsers(), RegisterENIPUDPParsers(), RegisterModbusParsers(), RegisterNFSTCPParsers(), RegisterNFSUDPParsers(), RegisterSMBParsers(), RegisterSSLParsers(), RegisterTemplateParsers(), RegisterTFTPParsers(), SCClassConfDeinit(), SCClassConfLoadClassficationConfigFile(), SCRConfLoadReferenceConfigFile(), SCReferenceConfDeinit(), StreamTcpDecrMemuse(), StreamTcpInitConfig(), StreamTcpReassembleDecrMemuse(), and TimeGet().
| SC_ATOMIC_DECLARE | ( | unsigned | int, |
| engine_stage | |||
| ) |
| int SuriHasSigFile | ( | void | ) |
Definition at line 240 of file suricata.c.
References SCInstance_::sig_file.
| int coverage_unittests |
Definition at line 865 of file suricata.c.
Referenced by MpmRegisterTests(), RegisterAllModules(), SigTableRegisterTests(), and TmModuleRegisterTests().
| int g_default_mtu = 0 |
highest mtu of the interfaces we monitor
Definition at line 224 of file suricata.c.
Referenced by PostRunDeinit().
| int g_detect_disabled = 0 |
global indicating if detection is enabled
Definition at line 218 of file suricata.c.
Referenced by FlowDisableFlowManagerThread(), RegisterAllModules(), and StreamTcpPacket().
| int g_disable_randomness = 0 |
disable randomness to get reproducible results accross runs
Definition at line 228 of file suricata.c.
Referenced by HTPFreeConfig(), RandomGet(), and RegisterAllModules().
| int g_ut_covered |
Definition at line 867 of file suricata.c.
Referenced by MpmRegisterTests(), SigTableRegisterTests(), and TmModuleRegisterTests().
| int g_ut_modules |
Definition at line 866 of file suricata.c.
Referenced by MpmRegisterTests(), SigTableRegisterTests(), and TmModuleRegisterTests().
| uint16_t g_vlan_mask = 0xffff |
determine (without branching) if we include the vlan_ids when hashing or comparing flows
Definition at line 235 of file suricata.c.
Referenced by FlowKeyGetHash(), and main().
| uint8_t host_mode = SURI_HOST_IS_SNIFFER_ONLY |
Host mode: set if box is sniffing only or is a router
Definition at line 212 of file suricata.c.
Referenced by PostRunDeinit().
| int run_mode = RUNMODE_UNKNOWN |
Run mode selected
Definition at line 204 of file suricata.c.
Referenced by DetectEngineCtxFree(), DetectReplaceFreeInternal(), DetectReplaceRegister(), PostRunDeinit(), RunmodeGetCurrent(), RunmodeIsUnittests(), and Unified2AlertInitCtx().
| int sc_set_caps = FALSE |
set caps or not
Definition at line 221 of file suricata.c.
Referenced by RegisterAllModules(), and SigMatchListSMBelongsTo().
| volatile sig_atomic_t sighup_count = 0 |
Definition at line 186 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigint_count = 0 |
Definition at line 185 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigterm_count = 0 |
Definition at line 187 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| volatile sig_atomic_t sigusr2_count = 0 |
Definition at line 188 of file suricata.c.
Referenced by PostRunDeinit(), and RunmodeGetCurrent().
| SCInstance suricata |
Suricata instance
Definition at line 238 of file suricata.c.
| volatile uint8_t suricata_ctl_flags = 0 |
suricata engine control flags
Definition at line 201 of file suricata.c.
Referenced by DetectEngineInspectPktBufferGeneric(), EngineDone(), EngineStop(), NapatechPacketLoopZC(), NoNFLOGSupportExit(), NoWinDivertSupportExit(), PcapFileDispatch(), PostRunDeinit(), ReceiveAFPLoop(), ReceiveErfDagLoop(), ReceiveErfFileLoop(), ReceiveIPFWLoop(), ReceiveNFQLoop(), ReceivePcapLoop(), ReceivePfringLoop(), TmModuleDecodeAFPRegister(), TmModuleDecodeNetmapRegister(), and TmThreadsSlotVarRun().
1.8.11