]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 95ed975) | patch
detect: start of pkt hooks
authorVictor Julien <vjulien@oisf.net>
Thu, 23 Jan 2025 15:11:30 +0000 (16:11 +0100)
committerVictor Julien <victor@inliniac.net>
Mon, 7 Apr 2025 20:04:13 +0000 (22:04 +0200)
commitf60e1efc8aa5cfd8d95eec345339507772a6233b
tree5aa44bdf233d6d58df7cc64e2d46851ff34cc33etree | snapshot
parent95ed975cca06a93059d5583c4b9b17657f8ee605commit | diff
detect: start of pkt hooks

New facility to allow a user to specify where to hook a rule
into the engine. This patch adds this for packets, adding two
hooks:

- `all`: to let a rule be evaluated by all rules
- `flow_start`: to have a rule be evaluated only for the first
  packet in both directions

Implemented by adding a hook flags field in the packet.
src/decode.h diff | blob | blame | history
src/detect-engine-build.c diff | blob | blame | history
src/detect-engine-prefilter-common.c diff | blob | blame | history
src/detect-engine-prefilter.c diff | blob | blame | history
src/detect-engine-prefilter.h diff | blob | blame | history
src/detect-flowbits.c diff | blob | blame | history
src/detect-parse.c diff | blob | blame | history
src/detect.h diff | blob | blame | history
src/flow.c diff | blob | blame | history
src/packet.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git