Go to the source code of this file.
Data Structures | |
| struct | SCClassConfClasstype_ |
| Container for a Classtype from the Classification.config file. More... | |
Macros | |
| #define | CLASSTYPE_NAME_MAX_LEN 64 |
| #define | CLASSTYPE_DESC_MAX_LEN 512 |
Typedefs | |
| typedef struct SCClassConfClasstype_ | SCClassConfClasstype |
| Container for a Classtype from the Classification.config file. More... | |
Functions | |
| bool | SCClassConfLoadClassificationConfigFile (DetectEngineCtx *, FILE *fd) |
| Loads the Classtype info from the classification.config file. More... | |
| int | SCClassConfAddClasstype (DetectEngineCtx *de_ctx, char *rawstr, uint16_t index) |
| Parses a line from the classification file and adds it to Classtype hash table in DetectEngineCtx, i.e. DetectEngineCtx->class_conf_ht. More... | |
| SCClassConfClasstype * | SCClassConfGetClasstype (const char *, DetectEngineCtx *) |
| Gets the classtype from the corresponding hash table stored in the Detection Engine Context's class conf ht, given the classtype name. More... | |
| void | SCClassConfDeInitContext (DetectEngineCtx *) |
| Releases resources used by the Classification Config API. More... | |
| void | SCClassConfInit (DetectEngineCtx *de_ctx) |
| void | SCClassConfDeinit (DetectEngineCtx *de_ctx) |
| void | SCClassConfRegisterTests (void) |
| This function registers unit tests for Classification Config API. More... | |
| FILE * | SCClassConfGenerateValidDummyClassConfigFD01 (void) |
| Creates a dummy classification file, with all valid Classtypes, for testing purposes. More... | |
| FILE * | SCClassConfGenerateInvalidDummyClassConfigFD02 (void) |
| Creates a dummy classification file, with some valid Classtypes and a couple of invalid Classtypes, for testing purposes. More... | |
| FILE * | SCClassConfGenerateInvalidDummyClassConfigFD03 (void) |
| Creates a dummy classification file, with all invalid Classtypes, for testing purposes. More... | |
Detailed Description
Definition in file util-classification-config.h.
Macro Definition Documentation
◆ CLASSTYPE_DESC_MAX_LEN
| #define CLASSTYPE_DESC_MAX_LEN 512 |
Definition at line 29 of file util-classification-config.h.
◆ CLASSTYPE_NAME_MAX_LEN
| #define CLASSTYPE_NAME_MAX_LEN 64 |
Definition at line 28 of file util-classification-config.h.
Typedef Documentation
◆ SCClassConfClasstype
| typedef struct SCClassConfClasstype_ SCClassConfClasstype |
Container for a Classtype from the Classification.config file.
Function Documentation
◆ SCClassConfAddClasstype()
| int SCClassConfAddClasstype | ( | DetectEngineCtx * | de_ctx, |
| char * | rawstr, | ||
| uint16_t | index | ||
| ) |
Parses a line from the classification file and adds it to Classtype hash table in DetectEngineCtx, i.e. DetectEngineCtx->class_conf_ht.
- Parameters
-
rawstr Pointer to the string to be parsed. index Relative index of the string to be parsed. de_ctx Pointer to the Detection Engine Context.
- Return values
-
0 On success. -1 On failure.
Definition at line 236 of file util-classification-config.c.
References DetectEngineCtx_::class_conf_regex, DetectEngineCtx_::class_conf_regex_match, CLASSTYPE_DESC_MAX_LEN, CLASSTYPE_NAME_MAX_LEN, de_ctx, and SCLogError.
◆ SCClassConfDeinit()
| void SCClassConfDeinit | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 82 of file util-classification-config.c.
References DetectEngineCtx_::class_conf_regex, DetectEngineCtx_::class_conf_regex_match, and de_ctx.
◆ SCClassConfDeInitContext()
| void SCClassConfDeInitContext | ( | DetectEngineCtx * | ) |
Releases resources used by the Classification Config API.
Definition at line 191 of file util-classification-config.c.
References DetectEngineCtx_::class_conf_ht, de_ctx, and HashTableFree().
Referenced by DetectEngineCtxFree().
◆ SCClassConfGenerateInvalidDummyClassConfigFD02()
| FILE* SCClassConfGenerateInvalidDummyClassConfigFD02 | ( | void | ) |
Creates a dummy classification file, with some valid Classtypes and a couple of invalid Classtypes, for testing purposes.
\file_path Pointer to the file_path for the dummy classification file.
Definition at line 614 of file util-classification-config.c.
References SCFmemopen, and SCLogDebug.
◆ SCClassConfGenerateInvalidDummyClassConfigFD03()
| FILE* SCClassConfGenerateInvalidDummyClassConfigFD03 | ( | void | ) |
Creates a dummy classification file, with all invalid Classtypes, for testing purposes.
\file_path Pointer to the file_path for the dummy classification file.
Definition at line 638 of file util-classification-config.c.
References SCFmemopen, and SCLogDebug.
◆ SCClassConfGenerateValidDummyClassConfigFD01()
| FILE* SCClassConfGenerateValidDummyClassConfigFD01 | ( | void | ) |
Creates a dummy classification file, with all valid Classtypes, for testing purposes.
\file_path Pointer to the file_path for the dummy classification file.
Definition at line 594 of file util-classification-config.c.
References SCFmemopen, and SCLogDebug.
◆ SCClassConfGetClasstype()
| SCClassConfClasstype* SCClassConfGetClasstype | ( | const char * | ct_name, |
| DetectEngineCtx * | de_ctx | ||
| ) |
Gets the classtype from the corresponding hash table stored in the Detection Engine Context's class conf ht, given the classtype name.
- Parameters
-
ct_name Pointer to the classtype name that has to be looked up. de_ctx Pointer to the Detection Engine Context.
- Return values
-
lookup_ct_info Pointer to the SCClassConfClasstype instance from the hash table on success; NULL on failure.
Definition at line 568 of file util-classification-config.c.
References DetectEngineCtx_::class_conf_ht, de_ctx, HashTableLookup(), and u8_tolower.
◆ SCClassConfInit()
| void SCClassConfInit | ( | DetectEngineCtx * | de_ctx | ) |
Definition at line 61 of file util-classification-config.c.
References DetectEngineCtx_::class_conf_regex, DetectEngineCtx_::class_conf_regex_match, de_ctx, DETECT_CLASSCONFIG_REGEX, and SCLogWarning.
◆ SCClassConfLoadClassificationConfigFile()
| bool SCClassConfLoadClassificationConfigFile | ( | DetectEngineCtx * | de_ctx, |
| FILE * | fd | ||
| ) |
Loads the Classtype info from the classification.config file.
The classification.config file contains the different classtypes, that can be used to label Signatures. Each line of the file should have the following format - classtype_name, classtype_description, priority None of the above parameters should hold a quote inside the file.
- Parameters
-
de_ctx Pointer to the Detection Engine Context that should be updated with Classtype information.
Definition at line 531 of file util-classification-config.c.
◆ SCClassConfRegisterTests()
| void SCClassConfRegisterTests | ( | void | ) |
This function registers unit tests for Classification Config API.
Definition at line 790 of file util-classification-config.c.
References UtRegisterTest().
