src/decode-events.h

   1 /* Copyright (C) 2007-2010 Open Information Security Foundation
   2  *
   3  * You can copy, redistribute or modify this Program under the terms of
   4  * the GNU General Public License version 2 as published by the Free
   5  * Software Foundation.
   6  *
   7  * This program is distributed in the hope that it will be useful,
   8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  10  * GNU General Public License for more details.
  11  *
  12  * You should have received a copy of the GNU General Public License
  13  * version 2 along with this program; if not, write to the Free Software
  14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  15  * 02110-1301, USA.
  16  */
  17
  18 /**
  19  * \file
  20  *
  21  * \author Victor Julien <victor@inliniac.net>
  22  */
  23
  24 #ifndef __DECODE_EVENTS_H__
  25 #define __DECODE_EVENTS_H__
  26
  27 enum {
  28     /* IPV4 EVENTS */
  29     IPV4_PKT_TOO_SMALL = 1,         /**< ipv4 pkt smaller than minimum header size */
  30     IPV4_HLEN_TOO_SMALL,            /**< ipv4 header smaller than minimum size */
  31     IPV4_IPLEN_SMALLER_THAN_HLEN,   /**< ipv4 pkt len smaller than ip header size */
  32     IPV4_TRUNC_PKT,                 /**< truncated ipv4 packet */
  33
  34     /* IPV4 OPTIONS */
  35     IPV4_OPT_INVALID,               /**< invalid ip options */
  36     IPV4_OPT_INVALID_LEN,           /**< ip options with invalid len */
  37     IPV4_OPT_MALFORMED,             /**< malformed ip options */
  38     IPV4_OPT_PAD_REQUIRED,          /**< pad bytes are needed in ip options */
  39     IPV4_OPT_EOL_REQUIRED,          /**< "end of list" needed in ip options */
  40     IPV4_OPT_DUPLICATE,             /**< duplicated ip option */
  41     IPV4_OPT_UNKNOWN,               /**< unknown ip option */
  42     IPV4_WRONG_IP_VER,              /**< wrong ip version in ip options */
  43
  44     /* ICMP EVENTS */
  45     ICMPV4_PKT_TOO_SMALL,           /**< icmpv4 packet smaller than minimum size */
  46     ICMPV4_UNKNOWN_TYPE,            /**< icmpv4 unknown type */
  47     ICMPV4_UNKNOWN_CODE,            /**< icmpv4 unknown code */
  48     ICMPV4_IPV4_TRUNC_PKT,          /**< truncated icmpv4 packet */
  49     ICMPV4_IPV4_UNKNOWN_VER,        /**< unknown version in icmpv4 packet*/
  50
  51     /* ICMPv6 EVENTS */
  52     ICMPV6_UNKNOWN_TYPE,            /**< icmpv6 unknown type */
  53     ICMPV6_UNKNOWN_CODE,            /**< icmpv6 unknown code */
  54     ICMPV6_PKT_TOO_SMALL,           /**< icmpv6 smaller than minimum size */
  55     ICMPV6_IPV6_UNKNOWN_VER,        /**< unknown version in icmpv6 packet */
  56     ICMPV6_IPV6_TRUNC_PKT,          /**< truncated icmpv6 packet */
  57
  58     /* IPV6 EVENTS */
  59     IPV6_PKT_TOO_SMALL,             /**< ipv6 packet smaller than minimum size */
  60     IPV6_TRUNC_PKT,                 /**< truncated ipv6 packet */
  61     IPV6_TRUNC_EXTHDR,              /**< truncated ipv6 extension header */
  62     IPV6_EXTHDR_DUPL_FH,            /**< duplicated "fragment" header in ipv6 extension headers */
  63     IPV6_EXTHDR_DUPL_RH,            /**< duplicated "routing" header in ipv6 extension headers */
  64     IPV6_EXTHDR_DUPL_HH,            /**< duplicated "hop-by-hop" header in ipv6 extension headers */
  65     IPV6_EXTHDR_DUPL_DH,            /**< duplicated "destination" header in ipv6 extension headers */
  66     IPV6_EXTHDR_DUPL_AH,            /**< duplicated "authentication" header in ipv6 extension headers */
  67     IPV6_EXTHDR_DUPL_EH,            /**< duplicated "ESP" header in ipv6 extension headers */
  68
  69     IPV6_EXTHDR_INVALID_OPTLEN,     /**< the opt len in an hop or dst hdr is invalid. */
  70     IPV6_WRONG_IP_VER,              /**< wrong version in ipv6 */
  71
  72     /* TCP EVENTS */
  73     TCP_PKT_TOO_SMALL,              /**< tcp packet smaller than minimum size */
  74     TCP_HLEN_TOO_SMALL,             /**< tcp header smaller than minimum size */
  75     TCP_INVALID_OPTLEN,             /**< invalid len in tcp options */
  76
  77     /* TCP OPTIONS */
  78     TCP_OPT_INVALID_LEN,            /**< tcp option with invalid len */
  79     TCP_OPT_DUPLICATE,              /**< duplicated tcp option */
  80
  81     /* UDP EVENTS */
  82     UDP_PKT_TOO_SMALL,              /**< udp packet smaller than minimum size */
  83     UDP_HLEN_TOO_SMALL,             /**< udp header smaller than minimum size */
  84     UDP_HLEN_INVALID,               /**< invalid len of upd header */
  85
  86     /* SLL EVENTS */
  87     SLL_PKT_TOO_SMALL,              /**< sll packet smaller than minimum size */
  88
  89     /* ETHERNET EVENTS */
  90     ETHERNET_PKT_TOO_SMALL,         /**< ethernet packet smaller than minimum size */
  91
  92     /* PPP EVENTS */
  93     PPP_PKT_TOO_SMALL,              /**< ppp packet smaller than minimum size */
  94     PPPVJU_PKT_TOO_SMALL,           /**< ppp vj uncompressed packet smaller than minimum size */
  95     PPPIPV4_PKT_TOO_SMALL,          /**< ppp ipv4 packet smaller than minimum size */
  96     PPPIPV6_PKT_TOO_SMALL,          /**< ppp ipv6 packet smaller than minimum size */
  97     PPP_WRONG_TYPE,                 /**< wrong type in ppp frame */
  98     PPP_UNSUP_PROTO,                /**< protocol not supported for ppp */
  99
 100     /* PPPOE EVENTS */
 101     PPPOE_PKT_TOO_SMALL,            /**< pppoe packet smaller than minimum size */
 102     PPPOE_WRONG_CODE,               /**< wrong code for pppoe */
 103     PPPOE_MALFORMED_TAGS,           /**< malformed tags in pppoe */
 104
 105     /* GRE EVENTS */
 106     GRE_PKT_TOO_SMALL,              /**< gre packet smaller than minimum size */
 107     GRE_WRONG_VERSION,              /**< wrong version in gre header */
 108     GRE_VERSION0_RECUR,             /**< gre v0 recursion control */
 109     GRE_VERSION0_FLAGS,             /**< gre v0 flags */
 110     GRE_VERSION0_HDR_TOO_BIG,       /**< gre v0 header bigger than maximum size */
 111     GRE_VERSION1_CHKSUM,            /**< gre v1 checksum */
 112     GRE_VERSION1_ROUTE,             /**< gre v1 routing */
 113     GRE_VERSION1_SSR,               /**< gre v1 strict source route */
 114     GRE_VERSION1_RECUR,             /**< gre v1 recursion control */
 115     GRE_VERSION1_FLAGS,             /**< gre v1 flags */
 116     GRE_VERSION1_NO_KEY,            /**< gre v1 no key present in header */
 117     GRE_VERSION1_WRONG_PROTOCOL,    /**< gre v1 wrong protocol */
 118     GRE_VERSION1_MALFORMED_SRE_HDR, /**< gre v1 malformed source route entry header */
 119     GRE_VERSION1_HDR_TOO_BIG,       /**< gre v1 header too big */
 120
 121     /* VLAN EVENTS */
 122     VLAN_HEADER_TOO_SMALL,          /**< vlan header smaller than minimum size */
 123     VLAN_UNKNOWN_TYPE,              /**< vlan unknown type */
 124
 125     /* RAW EVENTS */
 126     IPRAW_INVALID_IPV,              /**< invalid ip version in ip raw */
 127
 128     STREAM_3WHS_ACK_IN_WRONG_DIR,
 129     STREAM_3WHS_ASYNC_WRONG_SEQ,
 130     STREAM_3WHS_RIGHT_SEQ_WRONG_ACK_EVASION,
 131     STREAM_3WHS_SYNACK_IN_WRONG_DIRECTION,
 132     STREAM_3WHS_SYNACK_RESEND_WITH_DIFFERENT_ACK,
 133     STREAM_3WHS_SYNACK_RESEND_WITH_DIFF_SEQ,
 134     STREAM_3WHS_SYNACK_TOSERVER_ON_SYN_RECV,
 135     STREAM_3WHS_SYNACK_WITH_WRONG_ACK,
 136     STREAM_3WHS_SYN_RESEND_DIFF_SEQ_ON_SYN_RECV,
 137     STREAM_3WHS_SYN_TOCLIENT_ON_SYN_RECV,
 138     STREAM_3WHS_WRONG_SEQ_WRONG_ACK,
 139     STREAM_4WHS_SYNACK_WITH_WRONG_ACK,
 140     STREAM_4WHS_SYNACK_WITH_WRONG_SYN,
 141     STREAM_4WHS_WRONG_SEQ,
 142     STREAM_CLOSEWAIT_ACK_OUT_OF_WINDOW,
 143     STREAM_CLOSEWAIT_FIN_OUT_OF_WINDOW,
 144     STREAM_CLOSING_ACK_WRONG_SEQ,
 145     STREAM_EST_PACKET_OUT_OF_WINDOW,
 146     STREAM_EST_PKT_BEFORE_LAST_ACK,
 147     STREAM_EST_SYNACK_RESEND,
 148     STREAM_EST_SYNACK_RESEND_WITH_DIFFERENT_ACK,
 149     STREAM_EST_SYNACK_RESEND_WITH_DIFF_SEQ,
 150     STREAM_EST_SYNACK_TOSERVER,
 151     STREAM_EST_SYN_RESEND,
 152     STREAM_EST_SYN_RESEND_DIFF_SEQ,
 153     STREAM_EST_SYN_TOCLIENT,
 154     STREAM_FIN1_ACK_WRONG_SEQ,
 155     STREAM_FIN1_FIN_WRONG_SEQ,
 156     STREAM_FIN2_ACK_WRONG_SEQ,
 157     STREAM_FIN2_FIN_WRONG_SEQ,
 158     STREAM_FIN_BUT_NO_SESSION,
 159     STREAM_FIN_OUT_OF_WINDOW,
 160     STREAM_LASTACK_ACK_WRONG_SEQ,
 161     STREAM_RST_BUT_NO_SESSION,
 162     STREAM_TIMEWAIT_ACK_WRONG_SEQ,
 163
 164     /* should always be last! */
 165     DECODE_EVENT_MAX,
 166 };
 167
 168 #endif /* __DECODE_EVENTS_H__ */
 169