1 /* Copyright (C) 2007-2013 Open Information Security Foundation
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 * \author Victor Julien <victor@inliniac.net>
22 * \author Anoop Saldanha <anoopsaldanha@gmail.com>
25 #ifndef __DECODE_EVENTS_H__
26 #define __DECODE_EVENTS_H__
28 /* packet decoder events */
31 IPV4_PKT_TOO_SMALL
= 1, /**< ipv4 pkt smaller than minimum header size */
32 IPV4_HLEN_TOO_SMALL
, /**< ipv4 header smaller than minimum size */
33 IPV4_IPLEN_SMALLER_THAN_HLEN
, /**< ipv4 pkt len smaller than ip header size */
34 IPV4_TRUNC_PKT
, /**< truncated ipv4 packet */
37 IPV4_OPT_INVALID
, /**< invalid ip options */
38 IPV4_OPT_INVALID_LEN
, /**< ip options with invalid len */
39 IPV4_OPT_MALFORMED
, /**< malformed ip options */
40 IPV4_OPT_PAD_REQUIRED
, /**< pad bytes are needed in ip options */
41 IPV4_OPT_EOL_REQUIRED
, /**< "end of list" needed in ip options */
42 IPV4_OPT_DUPLICATE
, /**< duplicated ip option */
43 IPV4_OPT_UNKNOWN
, /**< unknown ip option */
44 IPV4_WRONG_IP_VER
, /**< wrong ip version in ip options */
45 IPV4_WITH_ICMPV6
, /**< IPv4 packet with ICMPv6 header */
48 ICMPV4_PKT_TOO_SMALL
, /**< icmpv4 packet smaller than minimum size */
49 ICMPV4_UNKNOWN_TYPE
, /**< icmpv4 unknown type */
50 ICMPV4_UNKNOWN_CODE
, /**< icmpv4 unknown code */
51 ICMPV4_IPV4_TRUNC_PKT
, /**< truncated icmpv4 packet */
52 ICMPV4_IPV4_UNKNOWN_VER
, /**< unknown version in icmpv4 packet*/
55 ICMPV6_UNKNOWN_TYPE
, /**< icmpv6 unknown type */
56 ICMPV6_UNKNOWN_CODE
, /**< icmpv6 unknown code */
57 ICMPV6_PKT_TOO_SMALL
, /**< icmpv6 smaller than minimum size */
58 ICMPV6_IPV6_UNKNOWN_VER
, /**< unknown version in icmpv6 packet */
59 ICMPV6_IPV6_TRUNC_PKT
, /**< truncated icmpv6 packet */
62 IPV6_PKT_TOO_SMALL
, /**< ipv6 packet smaller than minimum size */
63 IPV6_TRUNC_PKT
, /**< truncated ipv6 packet */
64 IPV6_TRUNC_EXTHDR
, /**< truncated ipv6 extension header */
65 IPV6_EXTHDR_DUPL_FH
, /**< duplicated "fragment" header in ipv6 extension headers */
66 IPV6_EXTHDR_USELESS_FH
, /**< useless FH: offset 0 + no more fragments */
67 IPV6_EXTHDR_DUPL_RH
, /**< duplicated "routing" header in ipv6 extension headers */
68 IPV6_EXTHDR_DUPL_HH
, /**< duplicated "hop-by-hop" header in ipv6 extension headers */
69 IPV6_EXTHDR_DUPL_DH
, /**< duplicated "destination" header in ipv6 extension headers */
70 IPV6_EXTHDR_DUPL_AH
, /**< duplicated "authentication" header in ipv6 extension headers */
71 IPV6_EXTHDR_DUPL_EH
, /**< duplicated "ESP" header in ipv6 extension headers */
73 IPV6_EXTHDR_INVALID_OPTLEN
, /**< the opt len in an hop or dst hdr is invalid. */
74 IPV6_WRONG_IP_VER
, /**< wrong version in ipv6 */
75 IPV6_EXTHDR_AH_RES_NOT_NULL
, /**< AH hdr reserved fields not null (rfc 4302) */
77 IPV6_HOPOPTS_UNKNOWN_OPT
, /**< unknown HOP opt */
78 IPV6_HOPOPTS_ONLY_PADDING
, /**< all options in HOP opts are padding */
79 IPV6_DSTOPTS_UNKNOWN_OPT
, /**< unknown DST opt */
80 IPV6_DSTOPTS_ONLY_PADDING
, /**< all options in DST opts are padding */
82 IPV6_EXTHDR_RH_TYPE_0
, /**< RH 0 is deprecated as per rfc5095 */
83 IPV6_EXTHDR_ZERO_LEN_PADN
, /**< padN w/o data (0 len) */
84 IPV6_FH_NON_ZERO_RES_FIELD
, /**< reserved field not zero */
86 IPV6_WITH_ICMPV4
, /**< IPv6 packet with ICMPv4 header */
89 TCP_PKT_TOO_SMALL
, /**< tcp packet smaller than minimum size */
90 TCP_HLEN_TOO_SMALL
, /**< tcp header smaller than minimum size */
91 TCP_INVALID_OPTLEN
, /**< invalid len in tcp options */
94 TCP_OPT_INVALID_LEN
, /**< tcp option with invalid len */
95 TCP_OPT_DUPLICATE
, /**< duplicated tcp option */
98 UDP_PKT_TOO_SMALL
, /**< udp packet smaller than minimum size */
99 UDP_HLEN_TOO_SMALL
, /**< udp header smaller than minimum size */
100 UDP_HLEN_INVALID
, /**< invalid len of upd header */
103 SLL_PKT_TOO_SMALL
, /**< sll packet smaller than minimum size */
105 /* ETHERNET EVENTS */
106 ETHERNET_PKT_TOO_SMALL
, /**< ethernet packet smaller than minimum size */
109 PPP_PKT_TOO_SMALL
, /**< ppp packet smaller than minimum size */
110 PPPVJU_PKT_TOO_SMALL
, /**< ppp vj uncompressed packet smaller than minimum size */
111 PPPIPV4_PKT_TOO_SMALL
, /**< ppp ipv4 packet smaller than minimum size */
112 PPPIPV6_PKT_TOO_SMALL
, /**< ppp ipv6 packet smaller than minimum size */
113 PPP_WRONG_TYPE
, /**< wrong type in ppp frame */
114 PPP_UNSUP_PROTO
, /**< protocol not supported for ppp */
117 PPPOE_PKT_TOO_SMALL
, /**< pppoe packet smaller than minimum size */
118 PPPOE_WRONG_CODE
, /**< wrong code for pppoe */
119 PPPOE_MALFORMED_TAGS
, /**< malformed tags in pppoe */
122 GRE_PKT_TOO_SMALL
, /**< gre packet smaller than minimum size */
123 GRE_WRONG_VERSION
, /**< wrong version in gre header */
124 GRE_VERSION0_RECUR
, /**< gre v0 recursion control */
125 GRE_VERSION0_FLAGS
, /**< gre v0 flags */
126 GRE_VERSION0_HDR_TOO_BIG
, /**< gre v0 header bigger than maximum size */
127 GRE_VERSION0_MALFORMED_SRE_HDR
, /**< gre v0 malformed source route entry header */
128 GRE_VERSION1_CHKSUM
, /**< gre v1 checksum */
129 GRE_VERSION1_ROUTE
, /**< gre v1 routing */
130 GRE_VERSION1_SSR
, /**< gre v1 strict source route */
131 GRE_VERSION1_RECUR
, /**< gre v1 recursion control */
132 GRE_VERSION1_FLAGS
, /**< gre v1 flags */
133 GRE_VERSION1_NO_KEY
, /**< gre v1 no key present in header */
134 GRE_VERSION1_WRONG_PROTOCOL
, /**< gre v1 wrong protocol */
135 GRE_VERSION1_MALFORMED_SRE_HDR
, /**< gre v1 malformed source route entry header */
136 GRE_VERSION1_HDR_TOO_BIG
, /**< gre v1 header too big */
139 VLAN_HEADER_TOO_SMALL
, /**< vlan header smaller than minimum size */
140 VLAN_UNKNOWN_TYPE
, /**< vlan unknown type */
141 VLAN_HEADER_TOO_MANY_LAYERS
,
144 IPRAW_INVALID_IPV
, /**< invalid ip version in ip raw */
147 STREAM_3WHS_ACK_IN_WRONG_DIR
,
148 STREAM_3WHS_ASYNC_WRONG_SEQ
,
149 STREAM_3WHS_RIGHT_SEQ_WRONG_ACK_EVASION
,
150 STREAM_3WHS_SYNACK_IN_WRONG_DIRECTION
,
151 STREAM_3WHS_SYNACK_RESEND_WITH_DIFFERENT_ACK
,
152 STREAM_3WHS_SYNACK_RESEND_WITH_DIFF_SEQ
,
153 STREAM_3WHS_SYNACK_TOSERVER_ON_SYN_RECV
,
154 STREAM_3WHS_SYNACK_WITH_WRONG_ACK
,
155 STREAM_3WHS_SYNACK_FLOOD
,
156 STREAM_3WHS_SYN_RESEND_DIFF_SEQ_ON_SYN_RECV
,
157 STREAM_3WHS_SYN_TOCLIENT_ON_SYN_RECV
,
158 STREAM_3WHS_WRONG_SEQ_WRONG_ACK
,
159 STREAM_4WHS_SYNACK_WITH_WRONG_ACK
,
160 STREAM_4WHS_SYNACK_WITH_WRONG_SYN
,
161 STREAM_4WHS_WRONG_SEQ
,
162 STREAM_4WHS_INVALID_ACK
,
163 STREAM_CLOSEWAIT_ACK_OUT_OF_WINDOW
,
164 STREAM_CLOSEWAIT_FIN_OUT_OF_WINDOW
,
165 STREAM_CLOSEWAIT_PKT_BEFORE_LAST_ACK
,
166 STREAM_CLOSEWAIT_INVALID_ACK
,
167 STREAM_CLOSING_ACK_WRONG_SEQ
,
168 STREAM_CLOSING_INVALID_ACK
,
169 STREAM_EST_PACKET_OUT_OF_WINDOW
,
170 STREAM_EST_PKT_BEFORE_LAST_ACK
,
171 STREAM_EST_SYNACK_RESEND
,
172 STREAM_EST_SYNACK_RESEND_WITH_DIFFERENT_ACK
,
173 STREAM_EST_SYNACK_RESEND_WITH_DIFF_SEQ
,
174 STREAM_EST_SYNACK_TOSERVER
,
175 STREAM_EST_SYN_RESEND
,
176 STREAM_EST_SYN_RESEND_DIFF_SEQ
,
177 STREAM_EST_SYN_TOCLIENT
,
178 STREAM_EST_INVALID_ACK
,
179 STREAM_FIN_INVALID_ACK
,
180 STREAM_FIN1_ACK_WRONG_SEQ
,
181 STREAM_FIN1_FIN_WRONG_SEQ
,
182 STREAM_FIN1_INVALID_ACK
,
183 STREAM_FIN2_ACK_WRONG_SEQ
,
184 STREAM_FIN2_FIN_WRONG_SEQ
,
185 STREAM_FIN2_INVALID_ACK
,
186 STREAM_FIN_BUT_NO_SESSION
,
187 STREAM_FIN_OUT_OF_WINDOW
,
188 STREAM_LASTACK_ACK_WRONG_SEQ
,
189 STREAM_LASTACK_INVALID_ACK
,
190 STREAM_RST_BUT_NO_SESSION
,
191 STREAM_TIMEWAIT_ACK_WRONG_SEQ
,
192 STREAM_TIMEWAIT_INVALID_ACK
,
193 STREAM_SHUTDOWN_SYN_RESEND
,
194 STREAM_PKT_INVALID_TIMESTAMP
,
195 STREAM_PKT_INVALID_ACK
,
196 STREAM_PKT_BROKEN_ACK
,
197 STREAM_RST_INVALID_ACK
,
198 STREAM_PKT_RETRANSMISSION
,
200 STREAM_REASSEMBLY_SEGMENT_BEFORE_BASE_SEQ
,
201 STREAM_REASSEMBLY_NO_SEGMENT
,
203 STREAM_REASSEMBLY_SEQ_GAP
,
205 STREAM_REASSEMBLY_OVERLAP_DIFFERENT_DATA
,
208 SCTP_PKT_TOO_SMALL
, /**< sctp packet smaller than minimum size */
210 /* Fragmentation reasembly events. */
211 IPV4_FRAG_PKT_TOO_LARGE
,
212 IPV6_FRAG_PKT_TOO_LARGE
,
217 /* Fragment ignored due to internal error */
221 /* IPv4 in IPv6 events */
222 IPV4_IN_IPV6_PKT_TOO_SMALL
,
223 IPV4_IN_IPV6_WRONG_IP_VER
,
224 /* IPv6 in IPv6 events */
225 IPV6_IN_IPV6_PKT_TOO_SMALL
,
226 IPV6_IN_IPV6_WRONG_IP_VER
,
228 /* should always be last! */
232 #endif /* __DECODE_EVENTS_H__ */