fi
AC_DEFINE([HAVE_DPDK],[1],(DPDK support enabled))
- PKG_CHECK_EXISTS(libdpdk >= 20.11, [pkgconfig_libdpdk_above20=yes], )
- if test "$pkgconfig_libdpdk_above20" = "yes"; then
- AC_DEFINE([HAVE_STRLCAT],[1],[STRLCAT is predefined by DPDK 20.11+])
- AC_DEFINE([HAVE_STRLCPY],[1],[STRLCPY is predefined by DPDK 20.11+])
- fi
-
PKG_CHECK_EXISTS(libdpdk >= 19.11, , [with_pkgconfig_libdpdk=no])
if test "$with_pkgconfig_libdpdk" = "no"; then
echo
(
p->pkt
|
-PACKET_INITIALIZE(p)
+PacketInit(p)
)
@script:python depends on !isset@
output-stats.h \
output-streaming.h \
output-tx.h \
+ packet.h \
packet-queue.h \
pkt-var.h \
queue.h \
output-stats.c \
output-streaming.c \
output-tx.c \
+ packet.c \
packet-queue.c \
pkt-var.c \
reputation.c \
#ifdef UNITTESTS
#include "app-layer-htp.h"
+#include "detect-engine-alert.h"
static AppLayerProtoDetectCtx alpd_ctx_ut;
#ifndef __APP_LAYER_DETECT_PROTO__H__
#define __APP_LAYER_DETECT_PROTO__H__
+#include "flow.h"
+#include "app-layer-protos.h"
+
typedef struct AppLayerProtoDetectThreadCtx_ AppLayerProtoDetectThreadCtx;
typedef AppProto (*ProbingParserFPtr)(
#include "suricata-common.h"
#include "util-print.h"
+#include "flow.h"
#include "stream-tcp.h"
#include "app-layer-frames.h"
#include "app-layer-parser.h"
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "threads.h"
-
-#include "util-print.h"
-#include "util-pool.h"
-
-#include "flow-util.h"
-#include "flow-storage.h"
-
-#include "detect-engine-state.h"
-
-#include "stream-tcp-private.h"
-#include "stream-tcp-reassemble.h"
-#include "stream-tcp.h"
-#include "stream.h"
-
+#include "app-layer-ftp.h"
#include "app-layer.h"
-#include "app-layer-protos.h"
#include "app-layer-parser.h"
-#include "app-layer-ftp.h"
#include "app-layer-expectation.h"
#include "app-layer-detect-proto.h"
-#include "util-spm.h"
-#include "util-mpm.h"
-#include "util-unittest.h"
-#include "util-debug.h"
-#include "util-memcmp.h"
-#include "util-memrchr.h"
-#include "util-mem.h"
+#include "rust.h"
+
#include "util-misc.h"
+#include "util-mpm.h"
#include "util-validate.h"
-#include "output-json.h"
-#include "rust.h"
-
typedef struct FTPThreadCtx_ {
MpmThreadCtx *ftp_mpm_thread_ctx;
PrefilterRuleStore *pmq;
/* UNITTESTS */
#ifdef UNITTESTS
+#include "stream-tcp.h"
/** \test Send a get request in one chunk. */
static int FTPParserTest01(void)
* This file provides a HTTP protocol support for the engine using HTP library.
*/
-#include "suricata.h"
#include "suricata-common.h"
-#include "decode.h"
-#include "threads.h"
-
-#include "util-print.h"
-#include "util-pool.h"
-#include "util-radix-tree.h"
-
-#include "stream-tcp-private.h"
-#include "stream-tcp-reassemble.h"
-#include "stream-tcp.h"
-#include "stream.h"
-
-#include "app-layer-protos.h"
-#include "app-layer-parser.h"
#include "app-layer-htp.h"
-#include "app-layer-htp-body.h"
#include "app-layer-htp-mem.h"
-
-#include "util-spm.h"
-#include "util-debug.h"
-#include "app-layer-htp-file.h"
-#include "util-time.h"
-
-#include "util-unittest.h"
-#include "util-unittest-helper.h"
-#include "flow-util.h"
-
-#include "detect-engine.h"
-#include "detect-engine-state.h"
-#include "detect-parse.h"
-
-#include "conf.h"
-
-#include "util-memcmp.h"
+#include "app-layer-htp-body.h"
+#include "util-streaming-buffer.h"
+#include "util-print.h"
static StreamingBufferConfig default_cfg = { 0, 3072, HTPCalloc, HTPRealloc, HTPFree };
* using the HTP library.
*/
-#include "suricata.h"
#include "suricata-common.h"
-#include "util-validate.h"
-#include "decode.h"
-#include "threads.h"
-
-#include "util-print.h"
-#include "util-pool.h"
-#include "util-radix-tree.h"
-
-#include "stream-tcp-private.h"
-#include "stream-tcp-reassemble.h"
-#include "stream-tcp.h"
-#include "stream.h"
-
-#include "app-layer.h"
-#include "app-layer-protos.h"
-#include "app-layer-parser.h"
-#include "app-layer-htp.h"
#include "app-layer-htp-file.h"
#include "app-layer-htp-range.h"
-
-#include "util-spm.h"
-#include "util-debug.h"
-#include "util-time.h"
-
-#include "util-unittest.h"
-#include "util-unittest-helper.h"
-#include "flow-util.h"
-
-#include "detect-engine.h"
-#include "detect-engine-state.h"
-#include "detect-parse.h"
-
-#include "conf.h"
-
-#include "util-memcmp.h"
+#include "util-validate.h"
/**
* \brief Open the file with "filename" and pass the first chunk
}
#ifdef UNITTESTS
+#include "stream-tcp.h"
+#include "app-layer-parser.h"
+#include "util-unittest-helper.h"
+
static int HTPFileParserTest01(void)
{
uint8_t httpbuf1[] = "POST /upload.cgi HTTP/1.1\r\n"
* Anoop Saldanha <anoopsaldanha@gmail.com>
*/
-#include "suricata.h"
#include "suricata-common.h"
+#include <htp/htp.h>
#include "app-layer-htp-libhtp.h"
/**
*/
#include "suricata-common.h"
-#include "suricata.h"
+#include "app-layer-htp-mem.h"
#include "conf.h"
-#include "util-mem.h"
#include "util-misc.h"
-
-#include "app-layer-htp-mem.h"
+#include "util-debug.h"
SC_ATOMIC_DECLARE(uint64_t, htp_config_memcap);
SC_ATOMIC_DECLARE(uint64_t, htp_memuse);
}
#ifdef UNITTESTS
+#include "detect-engine-alert.h"
+
static HTPCfgRec cfglist_backup;
void HtpConfigCreateBackup(void)
#ifndef __APP_LAYER_HTP_H__
#define __APP_LAYER_HTP_H__
-#include "util-file.h"
-#include "util-streaming-buffer.h"
#include "rust.h"
#include "app-layer-frames.h"
#include "app-layer-parser.h"
#include "app-layer-modbus.h"
-#include "detect-engine-build.h"
void ModbusParserRegisterTests(void);
#include "detect.h"
#include "detect-engine.h"
#include "detect-parse.h"
+#include "detect-engine-build.h"
#include "flow-util.h"
*/
#include "suricata-common.h"
-#include "util-unittest.h"
-#include "decode.h"
-#include "threads.h"
-
-#include "util-print.h"
-#include "util-pool.h"
+#include "app-layer-parser.h"
-#include "flow-util.h"
+#include "flow.h"
#include "flow-private.h"
+#include "flow-util.h"
-#include "detect-engine-state.h"
-#include "detect-engine-port.h"
+#include "app-layer-frames.h"
#include "stream-tcp.h"
-#include "stream-tcp-private.h"
-#include "stream.h"
-#include "stream-tcp-reassemble.h"
+
+#include "util-validate.h"
#include "app-layer.h"
#include "app-layer-detect-proto.h"
-#include "app-layer-protos.h"
-#include "app-layer-parser.h"
+
+#include "app-layer-ftp.h"
+#include "app-layer-smtp.h"
+
#include "app-layer-smb.h"
#include "app-layer-htp.h"
-#include "app-layer-ftp.h"
#include "app-layer-ssl.h"
#include "app-layer-ssh.h"
-#include "app-layer-smtp.h"
#include "app-layer-modbus.h"
#include "app-layer-enip.h"
#include "app-layer-dnp3.h"
#include "app-layer-tftp.h"
#include "app-layer-ike.h"
#include "app-layer-krb5.h"
-#include "app-layer-snmp.h"
#include "app-layer-sip.h"
#include "app-layer-rfb.h"
#include "app-layer-mqtt.h"
+#include "app-layer-snmp.h"
#include "app-layer-quic.h"
#include "app-layer-template.h"
#include "app-layer-template-rust.h"
#include "app-layer-rdp.h"
#include "app-layer-http2.h"
-#include "conf.h"
-#include "util-spm.h"
-
-#include "util-debug.h"
-#include "decode-events.h"
-#include "util-unittest-helper.h"
-#include "util-validate.h"
-
-#include "runmodes.h"
-
-#include "rust.h"
-
struct AppLayerParserThreadCtx_ {
void *alproto_local_storage[FLOW_PROTO_MAX][ALPROTO_MAX];
};
/***** Unittests *****/
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
static AppLayerParserCtx alp_ctx_backup_unittest;
*/
#include "suricata-common.h"
-
+#include "suricata.h"
#include "app-layer.h"
#include "app-layer-parser.h"
#include "app-layer-protos.h"
#include "util-unittest.h"
#include "util-debug.h"
#include "util-path.h"
+#include "util-conf.h"
/** Maximum size of a complete domain name. */
#define NODE_NAME_MAX 1024
*/
#include "suricata-common.h"
-#include "suricata.h"
#include "counters.h"
+
+#include "suricata.h"
#include "threadvars.h"
-#include "tm-threads.h"
-#include "conf.h"
-#include "util-time.h"
-#include "util-unittest.h"
-#include "util-debug.h"
-#include "util-byte.h"
-#include "util-privs.h"
-#include "util-signal.h"
-#include "unix-manager.h"
-#include "runmodes.h"
#include "output.h"
-#include "output-stats.h"
#include "output-json-stats.h"
+#include "util-byte.h"
+#include "util-conf.h"
+#include "util-hash.h"
+#include "util-time.h"
+
+#include "tm-threads.h"
+#include "util-privs.h"
+
/* Time interval for syncing the local counters with the global ones */
#define STATS_WUT_TTS 3
#ifndef __COUNTERS_H__
#define __COUNTERS_H__
+#include "threads.h"
+
/* forward declaration of the ThreadVars structure */
struct ThreadVars_;
#include "datasets-md5.h"
#include "datasets-sha256.h"
#include "datasets-reputation.h"
+#include "util-conf.h"
#include "util-thash.h"
#include "util-print.h"
#include "util-base64.h" // decode base64
#include "util-byte.h"
#include "util-misc.h"
+#include "util-path.h"
+#include "util-debug.h"
SCMutex sets_lock = SCMUTEX_INITIALIZER;
static Dataset *sets = NULL;
#include "decode-geneve.h"
#include "decode-events.h"
+#include "detect.h"
#include "detect-engine-port.h"
#include "flow.h"
#include "suricata-common.h"
#include "decode-icmpv6.h"
#include "decode.h"
-#include "decode-tcp.h"
-#include "decode-sctp.h"
-#include "decode-udp.h"
-#include "decode-events.h"
-#include "util-unittest.h"
#include "flow.h"
-#include "util-debug.h"
#include "util-print.h"
#include "util-validate.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
-
/**
* \brief Get variables and do some checks of the embedded IPV6 packet
*
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
static int ICMPV6CalculateValidChecksumtest01(void)
{
p->icmpv6vars.emb_ip6_dst[i] != ipv6dst[i]);
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
SCLogDebug("ICMPV6 IPV6 src and dst properly set");
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
SCLogDebug("ICMPV6 IPV6 src and dst properly set");
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
p->icmpv6vars.emb_ip6_dst[i] != ipv6dst[i]);
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ICMPV6_GET_TYPE(p) != 4 || ICMPV6_GET_CODE(p) != 0);
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_IPV6_UNKNOWN_VER));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF_NULL(p->icmpv6h);
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_PKT_TOO_SMALL));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_IPV6_TRUNC_PKT));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF_NULL(p->payload);
FAIL_IF(p->payload_len != 37);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(!ENGINE_ISSET_EVENT(p, ICMPV6_UNKNOWN_CODE));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
FAIL_IF(ICMPV6CalculateChecksum(p->ip6h->s_ip6_addrs,
(uint16_t *)p->icmpv6h, icmpv6_len) != csum);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
*/
#include "suricata-common.h"
-#include "packet-queue.h"
-#include "decode.h"
#include "decode-ipv4.h"
-#include "decode-events.h"
+#include "decode.h"
#include "defrag.h"
-#include "pkt-var.h"
-#include "host.h"
-
-#include "util-unittest.h"
-#include "util-debug.h"
-#include "util-optimize.h"
+#include "flow.h"
#include "util-print.h"
-#include "util-profiling.h"
/* Generic validation
*
/* UNITTESTS */
#ifdef UNITTESTS
+#include "packet.h"
/** \test IPV4 with no options. */
static int DecodeIPV4OptionsNONETest01(void)
result = 0;
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt2, sizeof(pkt2));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
result = 0;
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt3, sizeof(pkt3));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
goto end;
}
- PACKET_RECYCLE(tp);
+ PacketRecycle(tp);
SCFree(tp);
end:
DefragDestroy();
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return result;
printf("tcp header should be NULL for ip fragment, but it isn't\n");
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt2, sizeof(pkt2));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
printf("tcp header should be NULL for ip fragment, but it isn't\n");
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
p->recursion_level = 3;
PacketCopyData(p, pkt3, sizeof(pkt3));
}
result = 1;
- PACKET_RECYCLE(tp);
+ PacketRecycle(tp);
SCFree(tp);
end:
DefragDestroy();
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return result;
result = 0;
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt1, sizeof(pkt1));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
result = 0;
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt2, sizeof(pkt2));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
result = 0;
goto end;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
PacketCopyData(p, pkt3, sizeof(pkt3));
DecodeIPV4(&tv, &dtv, p, GET_PKT_DATA(p) + ETHERNET_HEADER_LEN,
goto end;
}
- PACKET_RECYCLE(tp);
+ PacketRecycle(tp);
SCFree(tp);
end:
DefragDestroy();
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return result;
*/
#include "suricata-common.h"
-#include "packet-queue.h"
-#include "decode.h"
#include "decode-ipv6.h"
-#include "decode-icmpv6.h"
-#include "decode-events.h"
+#include "decode.h"
#include "defrag.h"
-#include "pkt-var.h"
-#include "util-debug.h"
#include "util-print.h"
-#include "util-unittest.h"
-#include "util-profiling.h"
#include "util-validate.h"
-#include "host.h"
/**
* \brief Function to decode IPv4 in IPv6 packets
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
/**
* \test fragment decoding
result = 1;
end:
- PACKET_RECYCLE(p1);
- PACKET_RECYCLE(p2);
+ PacketRecycle(p1);
+ PacketRecycle(p2);
SCFree(p1);
SCFree(p2);
pkt = PacketDequeueNoLock(&tv.decode_pq);
while (pkt != NULL) {
- PACKET_RECYCLE(pkt);
+ PacketRecycle(pkt);
SCFree(pkt);
pkt = PacketDequeueNoLock(&tv.decode_pq);
}
FAIL_IF (!(IPV6_EXTHDR_ISSET_RH(p1)));
FAIL_IF (p1->ip6eh.rh_type != 0);
- PACKET_RECYCLE(p1);
+ PacketRecycle(p1);
SCFree(p1);
FlowShutdown();
PASS;
FAIL_IF (!(ENGINE_ISSET_EVENT(p1, IPV6_HOPOPTS_UNKNOWN_OPT)));
- PACKET_RECYCLE(p1);
+ PacketRecycle(p1);
SCFree(p1);
FlowShutdown();
PASS;
#include "util-unittest.h"
#include "util-debug.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
#define HDR_SIZE 4
#define AF_INET6_BSD 24
*/
#include "suricata-common.h"
-#include "decode.h"
#include "decode-raw.h"
+#include "decode.h"
#include "decode-events.h"
#include "util-validate.h"
#include "util-unittest.h"
#include "util-debug.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
-
int DecodeRaw(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
const uint8_t *pkt, uint32_t len)
{
}
#ifdef UNITTESTS
-#include "flow.h"
-#include "flow-util.h"
+#include "util-unittest-helper.h"
/** DecodeRawtest01
* \brief Valid Raw packet
return 0;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 1;
DecodeRaw(&tv, &dtv, p, raw_ip, GET_PKT_LEN(p));
if (p->ip4h == NULL) {
printf("expected a valid ipv4 header but it was NULL: ");
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 0;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 1;
SCFree(p);
return 0;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 1;
*/
#include "suricata-common.h"
-#include "decode.h"
#include "decode-tcp.h"
+#include "decode.h"
#include "decode-events.h"
#include "util-unittest.h"
#include "util-debug.h"
#include "util-optimize.h"
#include "flow.h"
-#include "util-profiling.h"
-#include "pkt-var.h"
-#include "host.h"
#define SET_OPTS(dst, src) \
(dst).type = (src).type; \
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
+
static int TCPCalculateValidChecksumtest01(void)
{
uint16_t csum = 0;
retval = 1;
end:
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return retval;
retval = 1;
end:
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return retval;
retval = 1;
end:
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return retval;
retval = 1;
end:
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return retval;
#include "util-validate.h"
#include "util-debug.h"
#include "conf.h"
+
+#include "detect.h"
#include "detect-engine-port.h"
#define TEREDO_ORIG_INDICATION_LENGTH 8
#include "decode-vlan.h"
#include "decode-events.h"
-#include "flow.h"
-
#include "util-validate.h"
#include "util-unittest.h"
#include "util-debug.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
/**
* \internal
* \brief this function is used to decode IEEE802.1q packets
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
+
/** \todo Must GRE+VLAN and Multi-Vlan packets to
* create more tests
*/
goto error;
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 1;
error:
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
return 0;
*/
#include "suricata-common.h"
-#include "decode.h"
#include "decode-vntag.h"
+#include "decode.h"
#include "decode-events.h"
-#include "flow.h"
-
#include "util-validate.h"
#include "util-unittest.h"
#include "util-debug.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
/**
* \internal
* \brief this function is used to decode 802.1Qbh packets
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
/**
* \test DecodeVNTagTest01 test if vntag header is too small.
FAIL_IF(TM_ECODE_OK != DecodeVNTag(&tv, &dtv, p, raw_vntag, sizeof(raw_vntag)));
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
PacketFree(p);
PASS;
#include "decode-vxlan.h"
#include "decode-events.h"
+#include "detect.h"
#include "detect-engine-port.h"
#include "flow.h"
#include "util-unittest.h"
#include "util-debug.h"
-#include "pkt-var.h"
-#include "util-profiling.h"
-#include "host.h"
-
#define VXLAN_HEADER_LEN sizeof(VXLANHeader)
#define VXLAN_MAX_PORTS 4
*/
#include "suricata-common.h"
-#include "suricata.h"
-#include "conf.h"
#include "decode.h"
-#include "decode-teredo.h"
-#include "decode-erspan.h"
-#include "decode-geneve.h"
-#include "decode-vxlan.h"
-#include "util-debug.h"
-#include "util-mem.h"
-#include "app-layer-detect-proto.h"
+
+#include "packet.h"
+#include "flow.h"
+#include "flow-storage.h"
+#include "tmqh-packetpool.h"
#include "app-layer.h"
-#include "tm-threads.h"
-#include "util-error.h"
+#include "output.h"
+
+#include "decode-vxlan.h"
+#include "decode-geneve.h"
+#include "decode-erspan.h"
+#include "decode-teredo.h"
+
+#include "util-hash.h"
+#include "util-hash-string.h"
#include "util-print.h"
-#include "tmqh-packetpool.h"
#include "util-profiling.h"
-#include "pkt-var.h"
-#include "util-mpm-ac.h"
-#include "util-hash-string.h"
-#include "output.h"
-#include "output-flow.h"
-#include "flow-storage.h"
#include "util-validate.h"
uint32_t default_packet_size = 0;
*/
void PacketFree(Packet *p)
{
- PACKET_DESTRUCTOR(p);
+ PacketDestructor(p);
SCFree(p);
}
}
memset(p, 0, SIZE_OF_PACKET);
- PACKET_INITIALIZE(p);
+ PacketInit(p);
p->ReleasePacket = PacketFree;
p->flags |= PKT_ALLOC;
#define GET_TCP_SRC_PORT(p) ((p)->sp)
#define GET_TCP_DST_PORT(p) ((p)->dp)
+#define RESET_PKT_LEN(p) ((p)->pktlen = 0)
#define GET_PKT_LEN(p) ((p)->pktlen)
#define GET_PKT_DATA(p) ((((p)->ext_pkt) == NULL ) ? (uint8_t *)((p) + 1) : (p)->ext_pkt)
#define GET_PKT_DIRECT_DATA(p) (uint8_t *)((p) + 1)
} \
} while(0)
-/**
- * \brief Initialize a packet structure for use.
- */
-#define PACKET_INITIALIZE(p) \
- { \
- SCMutexInit(&(p)->tunnel_mutex, NULL); \
- (p)->alerts.alerts = PacketAlertCreate(); \
- PACKET_RESET_CHECKSUMS((p)); \
- (p)->livedev = NULL; \
- }
-
-#define PACKET_RELEASE_REFS(p) do { \
- FlowDeReference(&((p)->flow)); \
- HostDeReference(&((p)->host_src)); \
- HostDeReference(&((p)->host_dst)); \
- } while (0)
-
-/**
- * \brief Recycle a packet structure for reuse.
- */
-#define PACKET_REINIT(p) \
- do { \
- CLEAR_ADDR(&(p)->src); \
- CLEAR_ADDR(&(p)->dst); \
- (p)->sp = 0; \
- (p)->dp = 0; \
- (p)->proto = 0; \
- (p)->recursion_level = 0; \
- PACKET_FREE_EXTDATA((p)); \
- (p)->flags = (p)->flags & PKT_ALLOC; \
- (p)->flowflags = 0; \
- (p)->pkt_src = 0; \
- (p)->vlan_id[0] = 0; \
- (p)->vlan_id[1] = 0; \
- (p)->vlan_idx = 0; \
- (p)->ts.tv_sec = 0; \
- (p)->ts.tv_usec = 0; \
- (p)->datalink = 0; \
- (p)->drop_reason = 0; \
- (p)->action = 0; \
- if ((p)->pktvar != NULL) { \
- PktVarFree((p)->pktvar); \
- (p)->pktvar = NULL; \
- } \
- (p)->ethh = NULL; \
- if ((p)->ip4h != NULL) { \
- CLEAR_IPV4_PACKET((p)); \
- } \
- if ((p)->ip6h != NULL) { \
- CLEAR_IPV6_PACKET((p)); \
- } \
- if ((p)->tcph != NULL) { \
- CLEAR_TCP_PACKET((p)); \
- } \
- if ((p)->udph != NULL) { \
- CLEAR_UDP_PACKET((p)); \
- } \
- if ((p)->sctph != NULL) { \
- CLEAR_SCTP_PACKET((p)); \
- } \
- if ((p)->esph != NULL) { \
- CLEAR_ESP_PACKET((p)); \
- } \
- if ((p)->icmpv4h != NULL) { \
- CLEAR_ICMPV4_PACKET((p)); \
- } \
- if ((p)->icmpv6h != NULL) { \
- CLEAR_ICMPV6_PACKET((p)); \
- } \
- (p)->ppph = NULL; \
- (p)->pppoesh = NULL; \
- (p)->pppoedh = NULL; \
- (p)->greh = NULL; \
- (p)->payload = NULL; \
- (p)->payload_len = 0; \
- (p)->BypassPacketsFlow = NULL; \
- (p)->pktlen = 0; \
- (p)->alerts.cnt = 0; \
- (p)->alerts.discarded = 0; \
- (p)->alerts.suppressed = 0; \
- (p)->alerts.drop.action = 0; \
- (p)->pcap_cnt = 0; \
- (p)->tunnel_rtv_cnt = 0; \
- (p)->tunnel_tpr_cnt = 0; \
- (p)->events.cnt = 0; \
- AppLayerDecoderEventsResetEvents((p)->app_layer_events); \
- (p)->next = NULL; \
- (p)->prev = NULL; \
- (p)->root = NULL; \
- (p)->livedev = NULL; \
- PACKET_RESET_CHECKSUMS((p)); \
- PACKET_PROFILING_RESET((p)); \
- p->tenant_id = 0; \
- p->nb_decoded_layers = 0; \
- } while (0)
-
-#define PACKET_RECYCLE(p) do { \
- PACKET_RELEASE_REFS((p)); \
- PACKET_REINIT((p)); \
- } while (0)
-
-/**
- * \brief Cleanup a packet so that we can free it. No memset needed..
- */
-#define PACKET_DESTRUCTOR(p) \
- do { \
- PACKET_RELEASE_REFS((p)); \
- if ((p)->pktvar != NULL) { \
- PktVarFree((p)->pktvar); \
- } \
- PacketAlertFree((p)->alerts.alerts); \
- PACKET_FREE_EXTDATA((p)); \
- SCMutexDestroy(&(p)->tunnel_mutex); \
- AppLayerDecoderEventsFreeEvents(&(p)->app_layer_events); \
- PACKET_PROFILING_RESET((p)); \
- } while (0)
-
/* macro's for setting the action
* handle the case of a root packet
* for tunnels */
*/
#include "suricata-common.h"
-#include "queue.h"
-#include "suricata.h"
-#include "conf.h"
-#include "util-debug.h"
-#include "util-misc.h"
#include "defrag-config.h"
+#include "util-misc.h"
+#include "util-radix-tree.h"
static SCRadixTree *defrag_tree = NULL;
#ifndef DEFRAG_CONFIG_H_
#define DEFRAG_CONFIG_H_
+#include "decode.h"
+
void DefragSetDefaultTimeout(intmax_t timeout);
void DefragPolicyLoadFromConfig(void);
int DefragPolicyGetHostTimeout(Packet *p);
#include "decode.h"
#include "defrag.h"
+#include "util-exception-policy.h"
/** Spinlocks or Mutex for the flow buckets. */
//#define DRLOCK_SPIN
*/
#include "suricata-common.h"
-#include "threads.h"
#include "defrag-queue.h"
#include "util-error.h"
#include "util-debug.h"
#define __DEFRAG_QUEUE_H__
#include "suricata-common.h"
+#include "decode.h"
#include "defrag.h"
/** Spinlocks or Mutex for the defrag tracker queues. */
*/
#include "suricata-common.h"
+#include "decode.h"
#include "defrag.h"
#include "defrag-hash.h"
#include "defrag-timeout.h"
}
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
#define IP_MF 0x2000
/**
if (unlikely(p == NULL))
return NULL;
- PACKET_INITIALIZE(p);
+ PacketInit(p);
gettimeofday(&p->ts, NULL);
//p->ip4h = (IPV4Hdr *)GET_PKT_DATA(p);
if (unlikely(p == NULL))
return NULL;
- PACKET_INITIALIZE(p);
+ PacketInit(p);
gettimeofday(&p->ts, NULL);
#ifndef __DEFRAG_H__
#define __DEFRAG_H__
+#include "threads.h"
#include "util-pool.h"
/**
#ifndef __DETECT_BYTE_H__
#define __DETECT_BYTE_H__
+#include "detect.h"
+
typedef uint8_t DetectByteIndexType;
bool DetectByteRetrieveSMVar(const char *, const Signature *, DetectByteIndexType *);
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
}
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
/* ---------------------------------- Unit Tests --------------------------- */
#ifdef UNITTESTS
-#include "detect-engine.h"
+#include "util-unittest-helper.h"
#define mystr(s) #s
#define TEST1(kwstr) {\
DetectEngineCtxFree(de_ctx);
StreamTcpFreeConfig(true);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
#include "util-debug.h"
#include "util-print.h"
#include "util-misc.h"
+#include "util-path.h"
#define PARSE_REGEX "([a-z]+)(?:,\\s*([\\-_A-z0-9\\s\\.]+)){1,4}"
static DetectParseRegex parse_regex;
#include "util-debug.h"
#include "util-print.h"
#include "util-misc.h"
+#include "util-path.h"
+#include "util-conf.h"
int DetectDatasetMatch (ThreadVars *, DetectEngineThreadCtx *, Packet *,
const Signature *, const SigMatchCtx *);
*/
#ifdef UNITTESTS
-#include "detect-engine.h"
+#include "util-unittest-helper.h"
/**
* \test this is a test for a valid dsize value 1
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
#include "util-print.h"
#include "util-time.h"
#include "util-validate.h"
+#include "util-conf.h"
static int rule_warnings_only = 0;
static FILE *rule_engine_analysis_FD = NULL;
#include "util-profiling.h"
#include "util-validate.h"
#include "util-var-name.h"
+#include "util-conf.h"
void SigCleanSignatures(DetectEngineCtx *de_ctx)
{
#include "util-detect.h"
#include "util-threshold-config.h"
+#include "util-path.h"
#ifdef HAVE_GLOB_H
#include <glob.h>
FlowInitConfig(FLOW_QUIET);
Packet *p = UTHBuildPacketFromEth(raw_eth_pkt, pktsize);
result = UTHPacketMatchSig(p, sig);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
return result;
}
#ifndef __DETECT_ENGINE_PREFILTER_H__
#define __DETECT_ENGINE_PREFILTER_H__
+#include "detect.h"
#include "detect-engine-state.h"
// TODO
*/
#include "suricata-common.h"
-#include "suricata.h"
-#include "detect.h"
-#include "detect-parse.h"
-#include "detect-content.h"
-#include "output-json.h"
-#include "util-buffer.h"
-#include "util-print.h"
#include "detect-engine-profile.h"
#ifdef PROFILING
+#include "output-json.h"
+#include "util-conf.h"
+
SCMutex g_rule_dump_write_m = SCMUTEX_INITIALIZER;
void RulesDumpTxMatchArray(const DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh,
#ifndef _DETECT_ENGINE_PROFILE_H
#define _DETECT_ENGINE_PROFILE_H
+#include "detect.h"
+
void RulesDumpTxMatchArray(const DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh,
const Packet *p, const uint64_t tx_id, const uint32_t rule_cnt,
const uint32_t pkt_prefilter_cnt);
#include "util-validate.h"
#include "util-hash-string.h"
#include "util-enum.h"
+#include "util-conf.h"
#include "tm-threads.h"
#include "runmodes.h"
#include "util-profiling.h"
#include "app-layer.h"
+#include "app-layer-htp.h"
#include "stream-tcp.h"
#include "util-var-name.h"
#include "util-unittest.h"
#include "util-debug.h"
+#include "util-conf.h"
#define PARSE_REGEX "^([a-z]+)(?:,\\s*(.*))?"
static DetectParseRegex parse_regex;
*/
#ifdef UNITTESTS
+#include "util-unittest-helper.h"
+
/**
* \test FragBitsTestParse01 is a test for a valid fragbits value
*
FAIL_IF(ret);
SCFree(de);
SCFree(sm);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
PASS;
}
#ifdef UNITTESTS
-#include "detect-engine.h"
-#include "detect-engine-mpm.h"
+#include "util-unittest-helper.h"
/**
* \test DetectFragOffsetParseTest01 is a test for setting a valid fragoffset value
#include "suricata-common.h"
#include "flow.h"
+#include "app-layer-htp.h"
+
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
end:
if (p != NULL) {
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
SCFree(p);
}
FlowShutdown();
}
if (p != NULL) {
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
}
FlowShutdown();
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
#ifndef __DETECT_PARSE_H__
#define __DETECT_PARSE_H__
+#include "detect.h"
+
/** Flags to indicate if the Signature parsing must be done
* switching the source and dest (for ip addresses and ports)
* or otherwise as normal */
if (det_ctx != NULL)
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEnginePruneFreeList();
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
#define __DEVICE_STORAGE_H__
#include "util-device.h"
+#include "util-storage.h"
typedef struct LiveDevStorageId_ {
int id;
*/
#include "suricata-common.h"
-#include "suricata.h"
#include "feature.h"
+#include "threads.h"
-#include "util-hash.h"
+#include "util-debug.h"
+#include "util-hashlist.h"
typedef struct FeatureEntryType {
const char *feature;
#ifndef __FLOW_BYPASS_H__
#define __FLOW_BYPASS_H__
+#include "threadvars.h"
+#include "flow.h"
+
struct flows_stats {
uint64_t count;
uint64_t packets;
#ifndef __FLOW_HASH_H__
#define __FLOW_HASH_H__
+#include "flow.h"
+
/** Spinlocks or Mutex for the flow buckets. */
//#define FBLOCK_SPIN
#define FBLOCK_MUTEX
#define __FLOW_STORAGE_H__
#include "flow.h"
+#include "util-storage.h"
typedef struct FlowStorageId {
int id;
#ifndef __FLOW_UTIL_H__
#define __FLOW_UTIL_H__
+#include "flow.h"
#include "stream-tcp-private.h"
#define COPY_TIMESTAMP(src,dst) ((dst)->tv_sec = (src)->tv_sec, (dst)->tv_usec = (src)->tv_usec)
#include "util-print.h"
#include "util-unittest.h"
#include "util-time.h"
+#include "util-debug.h"
/**
* \brief Creates a custom format node
*/
#include "suricata-common.h"
-#include "util-buffer.h"
-#include "util-fmemopen.h"
-#include "util-datalink.h"
-#include "stream-tcp-util.h"
-#include "stream.h"
-
#ifdef HAVE_LIBLZ4
#include <lz4frame.h>
+#include "util-fmemopen.h"
#endif /* HAVE_LIBLZ4 */
#if defined(HAVE_DIRENT_H) && defined(HAVE_FNMATCH_H)
#include <fnmatch.h>
#endif
-#include "detect.h"
-#include "flow.h"
-#include "conf.h"
+#include "log-pcap.h"
#include "threads.h"
#include "threadvars.h"
-#include "tm-threads.h"
+#include "decode.h"
+#include "stream.h"
+#include "stream-tcp-reassemble.h"
-#include "util-unittest.h"
-#include "log-pcap.h"
-#include "decode-ipv4.h"
+#include "output.h"
-#include "util-error.h"
-#include "util-debug.h"
-#include "util-time.h"
+#include "util-buffer.h"
#include "util-byte.h"
-#include "util-misc.h"
+#include "util-conf.h"
#include "util-cpu.h"
-#include "util-atomic.h"
-
-#include "source-pcap.h"
-
-#include "output.h"
-
-#include "queue.h"
+#include "util-datalink.h"
+#include "util-misc.h"
+#include "util-path.h"
+#include "util-profiling.h"
+#include "util-time.h"
#define DEFAULT_LOG_FILENAME "pcaplog"
#define MODULE_NAME "PcapLog"
*/
#include "suricata-common.h"
-#include "detect.h"
-#include "pkt-var.h"
-#include "conf.h"
+#include "log-tcp-data.h"
-#include "threads.h"
#include "threadvars.h"
-#include "tm-threads.h"
-
-#include "util-print.h"
-#include "util-unittest.h"
-
-#include "util-debug.h"
-
-#include "output.h"
-#include "log-tcp-data.h"
-#include "app-layer-htp.h"
-#include "app-layer.h"
-#include "app-layer-parser.h"
-#include "util-privs.h"
-#include "util-buffer.h"
+#include "util-conf.h"
#include "util-logopenfile.h"
-#include "util-time.h"
+#include "util-path.h"
+#include "util-print.h"
#define DEFAULT_LOG_FILENAME "tcp-data.log"
#ifndef __LOG_TCPDATALOG_H__
#define __LOG_TCPDATALOG_H__
+#include "conf.h"
+#include "output.h"
+
void LogTcpDataLogRegister(void);
OutputInitResult LogTcpDataLogInitCtx(ConfNode *);
*/
#include "suricata-common.h"
-#include "detect.h"
-#include "pkt-var.h"
-#include "conf.h"
-
-#include "threads.h"
-#include "threadvars.h"
-#include "tm-threads.h"
+#include "log-tlsstore.h"
-#include "util-print.h"
-#include "util-unittest.h"
+#include "decode.h"
-#include "util-debug.h"
+#include "app-layer-parser.h"
+#include "app-layer-ssl.h"
#include "output.h"
#include "log-tlslog.h"
-#include "log-tlsstore.h"
-#include "app-layer-ssl.h"
-#include "app-layer.h"
-#include "app-layer-parser.h"
-#include "util-privs.h"
-#include "util-buffer.h"
-#include "util-logopenfile.h"
+#include "util-conf.h"
+#include "util-path.h"
#include "util-time.h"
#define MODULE_NAME "LogTlsStoreLog"
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-file.h"
+#if 0
#include "app-layer.h"
-#include "app-layer-parser.h"
+#endif
+#include "app-layer-parser.h" // FileApplyTxFlags
#include "detect-filemagic.h"
+#include "util-file.h"
+#include "util-magic.h"
#include "util-profiling.h"
#include "util-validate.h"
-#include "util-magic.h"
bool g_file_logger_enabled = false;
#ifndef __OUTPUT_FILE_H__
#define __OUTPUT_FILE_H__
-#include "decode.h"
#include "rust.h"
-#include "util-file.h"
/** per thread data for this module, contains a list of per thread
* data for the packet loggers. */
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-filedata.h"
-#include "app-layer.h"
#include "app-layer-parser.h"
#include "detect-filemagic.h"
#include "conf.h"
#include "util-profiling.h"
#include "util-validate.h"
#include "util-magic.h"
+#include "util-path.h"
bool g_filedata_logger_enabled = false;
#ifndef __OUTPUT_FILEDATA_H__
#define __OUTPUT_FILEDATA_H__
-#include "decode.h"
-#include "util-file.h"
-
#define OUTPUT_FILEDATA_FLAG_OPEN 0x01
#define OUTPUT_FILEDATA_FLAG_CLOSE 0x02
*/
#include "suricata-common.h"
+#include "output-filestore.h"
#include "stream-tcp.h"
-#include "app-layer-parser.h"
-#include "app-layer-htp.h"
-#include "app-layer-htp-xff.h"
-#include "app-layer-smtp.h"
#include "feature.h"
#include "output.h"
-#include "output-filestore.h"
#include "output-json-file.h"
-#include "util-print.h"
+#include "util-conf.h"
#include "util-misc.h"
+#include "util-path.h"
+#include "util-print.h"
#define MODULE_NAME "OutputFilestore"
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-flow.h"
#include "util-profiling.h"
*/
#include "suricata-common.h"
-#include "pkt-var.h"
-#include "conf.h"
-
-#include "threads.h"
-#include "threadvars.h"
-#include "tm-threads.h"
-
-#include "util-unittest.h"
-#include "util-buffer.h"
-#include "util-debug.h"
-#include "util-byte.h"
-
#include "output.h"
#include "output-json.h"
-
-#include "app-layer.h"
-#include "app-layer-parser.h"
+#include "util-buffer.h"
OutputJsonThreadCtx *CreateEveThreadCtx(ThreadVars *t, OutputJsonCtx *ctx)
{
*/
#include "suricata-common.h"
-#include "pkt-var.h"
-#include "conf.h"
-
-#include "threads.h"
-#include "threadvars.h"
-#include "tm-threads.h"
-
-#include "util-unittest.h"
#include "util-buffer.h"
-#include "util-debug.h"
-#include "util-byte.h"
-
#include "output.h"
#include "output-json.h"
-
-#include "app-layer.h"
#include "app-layer-parser.h"
-#include "app-layer-dcerpc-common.h"
#include "output-json-dcerpc.h"
-
#include "rust.h"
*/
#include "suricata-common.h"
-#include "pkt-var.h"
-#include "conf.h"
-
-#include "threads.h"
-#include "threadvars.h"
-#include "tm-threads.h"
-
-#include "util-unittest.h"
#include "util-buffer.h"
-#include "util-debug.h"
-#include "util-byte.h"
-
#include "output.h"
#include "output-json.h"
-
-#include "app-layer.h"
#include "app-layer-parser.h"
-
#include "output-json-smb.h"
-
#include "rust.h"
bool EveSMBAddMetadata(const Flow *f, uint64_t tx_id, JsonBuilder *jb)
*/
#include "suricata-common.h"
-#include "pkt-var.h"
-#include "conf.h"
-
-#include "threads.h"
-#include "threadvars.h"
-#include "tm-threads.h"
+#include "output-lua.h"
+#ifdef HAVE_LUA
#include "util-print.h"
#include "util-unittest.h"
-
#include "util-debug.h"
-
#include "output.h"
#include "app-layer-htp.h"
#include "app-layer.h"
#include "util-proto-name.h"
#include "util-logopenfile.h"
#include "util-time.h"
-
-#include "output-lua.h"
-
-#ifdef HAVE_LUA
-
-#include <lua.h>
-#include <lualib.h>
-#include <lauxlib.h>
-
#include "util-lua.h"
#include "util-lua-common.h"
#include "util-lua-http.h"
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-packet.h"
#include "util-profiling.h"
#ifndef __OUTPUT_PACKET_H__
#define __OUTPUT_PACKET_H__
-#include "decode.h"
-#include "tm-modules.h"
-
/** packet logger function pointer type */
typedef int (*PacketLogger)(ThreadVars *, void *thread_data, const Packet *);
*/
#include "suricata-common.h"
-#include "tm-modules.h"
+#include "output.h"
#include "output-stats.h"
#include "util-validate.h"
-typedef struct OutputLoggerThreadStore_ {
- void *thread_data;
- struct OutputLoggerThreadStore_ *next;
-} OutputLoggerThreadStore;
-
/** per thread data for this module, contains a list of per thread
* data for the packet loggers. */
typedef struct OutputStatsLoggerThreadData_ {
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-streaming.h"
#include "app-layer.h"
*/
#include "suricata-common.h"
-#include "tm-modules.h"
#include "output.h"
#include "output-tx.h"
#include "stream.h"
#define __OUTPUT_TX_H__
#include "decode.h"
+#include "flow.h"
/** tx logger function pointer type */
typedef int (*TxLogger)(ThreadVars *, void *thread_data, const Packet *, Flow *f, void *state, void *tx, uint64_t tx_id);
#ifndef __OUTPUT_H__
#define __OUTPUT_H__
+#include "decode.h"
+#include "tm-modules.h"
+
#define DEFAULT_LOG_MODE_APPEND "yes"
#define DEFAULT_LOG_FILETYPE "regular"
#ifndef __PACKET_QUEUE_H__
#define __PACKET_QUEUE_H__
+#include "threads.h"
+
/** \brief simple fifo queue for packets
*
* \note PacketQueueNoLock and PacketQueue need to keep identical
--- /dev/null
+/* Copyright (C) 2007-2022 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+#include "packet.h"
+#include "pkt-var.h"
+#include "flow.h"
+#include "host.h"
+#include "util-profiling.h"
+
+/**
+ * \brief Initialize a packet structure for use.
+ */
+void PacketInit(Packet *p)
+{
+ SCMutexInit(&p->tunnel_mutex, NULL);
+ p->alerts.alerts = PacketAlertCreate();
+ PACKET_RESET_CHECKSUMS(p);
+ p->livedev = NULL;
+}
+
+void PacketReleaseRefs(Packet *p)
+{
+ FlowDeReference(&p->flow);
+ HostDeReference(&p->host_src);
+ HostDeReference(&p->host_dst);
+}
+
+/**
+ * \brief Recycle a packet structure for reuse.
+ */
+void PacketReinit(Packet *p)
+{
+ CLEAR_ADDR(&p->src);
+ CLEAR_ADDR(&p->dst);
+ p->sp = 0;
+ p->dp = 0;
+ p->proto = 0;
+ p->recursion_level = 0;
+ PACKET_FREE_EXTDATA(p);
+ p->flags = p->flags & PKT_ALLOC;
+ p->flowflags = 0;
+ p->pkt_src = 0;
+ p->vlan_id[0] = 0;
+ p->vlan_id[1] = 0;
+ p->vlan_idx = 0;
+ p->ts.tv_sec = 0;
+ p->ts.tv_usec = 0;
+ p->datalink = 0;
+ p->drop_reason = 0;
+ PACKET_SET_ACTION(p, 0);
+ if (p->pktvar != NULL) {
+ PktVarFree(p->pktvar);
+ p->pktvar = NULL;
+ }
+ p->ethh = NULL;
+ if (p->ip4h != NULL) {
+ CLEAR_IPV4_PACKET(p);
+ }
+ if (p->ip6h != NULL) {
+ CLEAR_IPV6_PACKET(p);
+ }
+ if (p->tcph != NULL) {
+ CLEAR_TCP_PACKET(p);
+ }
+ if (p->udph != NULL) {
+ CLEAR_UDP_PACKET(p);
+ }
+ if (p->sctph != NULL) {
+ CLEAR_SCTP_PACKET(p);
+ }
+ if (p->esph != NULL) {
+ CLEAR_ESP_PACKET(p);
+ }
+ if (p->icmpv4h != NULL) {
+ CLEAR_ICMPV4_PACKET(p);
+ }
+ if (p->icmpv6h != NULL) {
+ CLEAR_ICMPV6_PACKET(p);
+ }
+ p->ppph = NULL;
+ p->pppoesh = NULL;
+ p->pppoedh = NULL;
+ p->greh = NULL;
+ p->payload = NULL;
+ p->payload_len = 0;
+ p->BypassPacketsFlow = NULL;
+ RESET_PKT_LEN(p);
+ p->alerts.cnt = 0;
+ p->alerts.discarded = 0;
+ p->alerts.suppressed = 0;
+ p->alerts.drop.action = 0;
+ p->pcap_cnt = 0;
+ p->tunnel_rtv_cnt = 0;
+ p->tunnel_tpr_cnt = 0;
+ p->events.cnt = 0;
+ AppLayerDecoderEventsResetEvents(p->app_layer_events);
+ p->next = NULL;
+ p->prev = NULL;
+ p->root = NULL;
+ p->livedev = NULL;
+ PACKET_RESET_CHECKSUMS(p);
+ PACKET_PROFILING_RESET(p);
+ p->tenant_id = 0;
+ p->nb_decoded_layers = 0;
+}
+
+void PacketRecycle(Packet *p)
+{
+ PacketReleaseRefs(p);
+ PacketReinit(p);
+}
+
+/**
+ * \brief Cleanup a packet so that we can free it. No memset needed..
+ */
+void PacketDestructor(Packet *p)
+{
+ PacketReleaseRefs(p);
+ if (p->pktvar != NULL) {
+ PktVarFree(p->pktvar);
+ }
+ PacketAlertFree(p->alerts.alerts);
+ PACKET_FREE_EXTDATA(p);
+ SCMutexDestroy(&p->tunnel_mutex);
+ AppLayerDecoderEventsFreeEvents(&p->app_layer_events);
+ PACKET_PROFILING_RESET(p);
+}
--- /dev/null
+/* Copyright (C) 2007-2022 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+#ifndef __PACKET_H__
+#define __PACKET_H__
+
+#include "decode.h"
+
+void PacketInit(Packet *p);
+void PacketReleaseRefs(Packet *p);
+void PacketReinit(Packet *p);
+void PacketRecycle(Packet *p);
+void PacketDestructor(Packet *p);
+
+#endif
*/
#include "suricata-common.h"
-#include "util-error.h"
-#include "util-debug.h"
+#include "reputation.h"
+#include "threads.h"
+#include "conf.h"
+
#include "util-byte.h"
+#include "util-debug.h"
+#include "util-error.h"
#include "util-ip.h"
-#include "util-radix-tree.h"
-#include "util-unittest.h"
-#include "threads.h"
+#include "util-path.h"
#include "util-print.h"
-#include "host.h"
-#include "conf.h"
-#include "detect.h"
-#include "reputation.h"
+#include "util-unittest.h"
#include "util-validate.h"
/** effective reputation version, atomic as the host
#define __REPUTATION_H__
#include "host.h"
+#include "util-radix-tree.h"
#define SREP_MAX_CATS 60
#define SREP_MAX_VAL 127
uint8_t rep[SREP_MAX_CATS];
} SReputation;
+#include "detect.h"
+
void SRepFreeHostData(Host *h);
uint8_t SRepCatGetByShortname(char *shortname);
int SRepInit(struct DetectEngineCtx_ *de_ctx);
#include "flow-bypass.h"
+#include "util-conf.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
#include "suricata-common.h"
#include "runmodes.h"
#include "runmode-dpdk.h"
+#include "decode.h"
#include "source-dpdk.h"
#include "util-runmodes.h"
#include "util-byte.h"
#include "util-cpu.h"
+#include "util-debug.h"
+#include "util-device.h"
#include "util-dpdk.h"
#include "util-dpdk-i40e.h"
#include "util-dpdk-ice.h"
*/
#include "suricata-common.h"
+#include "decode.h"
#include "runmodes.h"
#include "runmode-netmap.h"
#include "util-runmodes.h"
#endif /* HAVE_NETMAP */
#include "source-netmap.h"
+#include "util-conf.h"
extern int max_pending_packets;
-/* Copyright (C) 2007-2012 Open Information Security Foundation
+/* Copyright (C) 2007-2022 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
*/
#include "suricata-common.h"
-#include "tm-threads.h"
-#include "conf.h"
-#include "runmodes.h"
#include "runmode-pcap.h"
+#include "runmodes.h"
#include "output.h"
-#include "log-httplog.h"
+#include "util-conf.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
-#include "util-affinity.h"
#include "util-device.h"
#include "util-runmodes.h"
-#include "util-atomic.h"
#include "util-misc.h"
#include "util-byte.h"
*/
#include "suricata-common.h"
+#include "runmode-pfring.h"
#include "tm-threads.h"
#include "conf.h"
#include "runmodes.h"
-#include "runmode-pfring.h"
#include "source-pfring.h"
-#include "output.h"
#include "util-debug.h"
#include "util-time.h"
#include "util-cpu.h"
-#include "util-affinity.h"
#include "util-runmodes.h"
#include "util-device.h"
#include "util-ioctl.h"
#include "util-byte.h"
+#include "util-conf.h"
#ifdef HAVE_PFRING
#include <pfring.h>
*/
#include "suricata-common.h"
-#include "util-unittest.h"
#include "runmode-unittests.h"
+#include "util-unittest.h"
+#include "util-debug.h"
#ifdef UNITTESTS
-
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-address.h"
#ifndef __RUST_CONTEXT_H__
#define __RUST_CONTEXT_H__
+#include "flow.h"
+#include "detect.h"
#include "detect-engine-state.h" //DetectEngineState
+
#include "app-layer-krb5.h" //KRB5State, KRB5Transaction
#include "app-layer-ike.h" //IKEState, IKETransaction
#include "app-layer-ntp.h" //NTPState, NTPTransaction
#include "app-layer-snmp.h" //SNMPState, SNMPTransaction
#include "app-layer-tftp.h" //TFTPState, TFTPTransaction
+#include "util-debug.h"
+#include "util-file.h"
+
// hack for include orders cf SCSha256
typedef struct HttpRangeContainerBlock HttpRangeContainerBlock;
#ifndef __RUST_H__
#define __RUST_H__
-#include "util-lua.h"
+#include "app-layer-events.h"
+#include "util-file.h"
+
// hack for include orders cf SCSha256
typedef struct HttpRangeContainerBlock HttpRangeContainerBlock;
#include "rust-context.h"
#include "suricata-common.h"
#include "runmodes.h"
+#include "decode.h"
#include "source-dpdk.h"
#include "suricata.h"
#include "threads.h"
#ifndef __SOURCE_DPDK_H__
#define __SOURCE_DPDK_H__
+#include "suricata-common.h"
+
#ifdef HAVE_DPDK
#include <rte_ethdev.h>
#endif
*
*/
#include "suricata-common.h"
+#include "decode.h"
#include "suricata.h"
#include "threadvars.h"
#include "util-datalink.h"
*/
#include "suricata-common.h"
+#include "decode.h"
#include "stream-tcp-private.h"
#include "stream-tcp-inline.h"
#ifndef __STREAM_TCP_REASSEMBLE_H__
#define __STREAM_TCP_REASSEMBLE_H__
-#include "stream-tcp-private.h"
-#include "stream-tcp-private.h"
-
-#ifdef UNITTESTS
#include "suricata.h"
-#endif
+#include "flow.h"
+#include "stream-tcp-private.h"
/** Supported OS list and default OS policy is BSD */
enum
#ifndef __STREAM_H__
#define __STREAM_H__
+#include "decode.h"
#include "stream-tcp-private.h"
#define STREAM_FLAGS_FOR_PACKET(p) PKT_IS_TOSERVER((p)) ? STREAM_TOSERVER : STREAM_TOCLIENT
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2022 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
LOGGER_SIZE,
} LoggerId;
-#include "util-optimize.h"
-#ifndef SURICATA_PLUGIN
-#include <htp/htp.h>
+#ifndef HAVE_LUA
+
+/* If we don't have Lua, create a typedef for lua_State so the
+ * exported Lua functions don't fail the build. */
+typedef void lua_State;
+
+#else
+
+#include <lua.h>
+#include <lualib.h>
+#include <lauxlib.h>
+
#endif
-#include "threads.h"
+
#include "tm-threads-common.h"
-#include "util-debug.h"
-#include "util-error.h"
+#include "util-optimize.h"
#include "util-mem.h"
-#ifndef SURICATA_PLUGIN
-#include "detect-engine-alert.h"
-#endif
-#include "util-path.h"
-#include "util-conf.h"
+#include "util-memcmp.h"
+#include "util-atomic.h"
+#include "util-unittest.h"
+
+// pseudo system headers
+#include "queue.h"
+#include "tree.h"
#ifndef HAVE_STRLCAT
size_t strlcat(char *, const char *src, size_t siz);
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof(arr[0]))
#endif /* __SURICATA_COMMON_H__ */
-
#endif
#include "suricata.h"
-#include "decode.h"
-#include "feature.h"
-#include "detect.h"
-#include "packet-queue.h"
-#include "threads.h"
-#include "threadvars.h"
-#include "flow-worker.h"
-#include "util-atomic.h"
-#include "util-spm.h"
-#include "util-cpu.h"
-#include "util-action.h"
-#include "util-pidfile.h"
-#include "util-ioctl.h"
-#include "util-device.h"
-#include "util-misc.h"
-#include "util-macset.h"
-#include "util-running-modes.h"
+#include "conf.h"
+#include "conf-yaml-loader.h"
-#include "detect-engine.h"
+#include "decode.h"
+#include "defrag.h"
+#include "flow.h"
+#include "stream-tcp.h"
+#include "ippair.h"
+
+#include "detect.h"
#include "detect-parse.h"
-#include "detect-fast-pattern.h"
-#include "detect-engine-tag.h"
-#include "detect-engine-threshold.h"
+#include "detect-engine.h"
#include "detect-engine-address.h"
+#include "detect-engine-alert.h"
#include "detect-engine-port.h"
-#include "detect-engine-mpm.h"
+#include "detect-engine-tag.h"
+#include "detect-engine-threshold.h"
+#include "detect-fast-pattern.h"
-#include "tm-queuehandlers.h"
-#include "tm-queues.h"
-#include "tm-threads.h"
+#include "datasets.h"
-#include "tmqh-flow.h"
+#include "feature.h"
-#include "conf.h"
-#include "conf-yaml-loader.h"
+#include "flow-bypass.h"
+#include "flow-manager.h"
+#include "flow-timeout.h"
+#include "flow-worker.h"
+
+#include "flow-bit.h"
+#include "host-bit.h"
+#include "ippair-bit.h"
+#include "app-layer.h"
+#include "app-layer-parser.h"
+#include "app-layer-htp.h"
#include "app-layer-htp-range.h"
-#include "datasets.h"
-#include "stream-tcp.h"
+#include "output.h"
+#include "output-filestore.h"
+
+#include "respond-reject.h"
+
+#include "runmode-af-packet.h"
+#include "runmode-netmap.h"
+#include "runmode-unittests.h"
#include "source-nfq.h"
#include "source-nfq-prototypes.h"
-
#include "source-nflog.h"
-
#include "source-ipfw.h"
-
#include "source-pcap.h"
#include "source-pcap-file.h"
#include "source-pcap-file-helper.h"
-
#include "source-pfring.h"
-
#include "source-erf-file.h"
#include "source-erf-dag.h"
#include "source-napatech.h"
-
#include "source-af-packet.h"
#include "source-netmap.h"
-
#include "source-dpdk.h"
-
#include "source-windivert.h"
#include "source-windivert-prototypes.h"
-#include "respond-reject.h"
-
-#include "flow.h"
-#include "flow-timeout.h"
-#include "flow-manager.h"
-#include "flow-bypass.h"
-#include "flow-var.h"
-#include "flow-bit.h"
-#include "pkt-var.h"
-#include "host-bit.h"
-
-#include "ippair.h"
-#include "ippair-bit.h"
-
-#include "host.h"
#include "unix-manager.h"
-#include "app-layer.h"
-#include "app-layer-parser.h"
-#include "app-layer-register.h"
-#include "app-layer-htp.h"
-#include "app-layer-ssl.h"
-#include "app-layer-ssh.h"
-#include "app-layer-ftp.h"
-#include "app-layer-smtp.h"
-#include "app-layer-enip.h"
-#include "app-layer-dnp3.h"
-#include "app-layer-smb.h"
-#include "app-layer-htp-file.h"
-
-#include "output-filestore.h"
-
-#include "util-ebpf.h"
-#include "util-radix-tree.h"
-#include "util-host-os-info.h"
-#include "util-cidr.h"
-#include "util-unittest.h"
-#include "util-unittest-helper.h"
-#include "util-time.h"
-#include "util-rule-vars.h"
#include "util-classification-config.h"
#include "util-threshold-config.h"
#include "util-reference-config.h"
-#include "util-profiling.h"
-#include "util-magic.h"
-#include "util-signal.h"
-
-#include "util-coredump-config.h"
-
-#include "util-decode-mime.h"
-
-#include "defrag.h"
-#include "runmodes.h"
-#include "runmode-unittests.h"
-#include "runmode-af-packet.h"
-#include "runmode-netmap.h"
+#include "tmqh-packetpool.h"
+#include "tm-queuehandlers.h"
-#include "util-debug.h"
-#include "util-error.h"
-#include "util-daemon.h"
#include "util-byte.h"
-#include "util-luajit.h"
+#include "util-conf.h"
+#include "util-coredump-config.h"
+#include "util-cpu.h"
+#include "util-daemon.h"
+#include "util-device.h"
+#include "util-dpdk.h"
+#include "util-ebpf.h"
+#include "util-host-os-info.h"
+#include "util-ioctl.h"
#include "util-landlock.h"
-
-#include "reputation.h"
-
-#include "output.h"
-
-#include "util-privs.h"
-
-#include "tmqh-packetpool.h"
-
-#include "util-proto-name.h"
+#include "util-luajit.h"
+#include "util-macset.h"
+#include "util-misc.h"
#include "util-mpm-hs.h"
-#include "util-storage.h"
-#include "host-storage.h"
-
-#include "util-lua.h"
-
+#include "util-pidfile.h"
#include "util-plugin.h"
-
-#include "util-dpdk.h"
-#include "util-exception-policy.h"
-
-#include "rust.h"
+#include "util-privs.h"
+#include "util-profiling.h"
+#include "util-proto-name.h"
+#include "util-running-modes.h"
+#include "util-signal.h"
+#include "util-time.h"
/*
* we put this here, because we only use it here in main.
* 02110-1301, USA.
*/
-#include "../detect-engine.h"
#include "../util-unittest.h"
-#include "../detect-engine-build.h"
+#include "../util-unittest-helper.h"
/**
* \test DetectTtlParseTest01 is a test for setting up an valid ttl value.
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
DetectEngineCtxFree(de_ctx);
if (p != NULL)
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx);
DetectEngineCtxFree(de_ctx);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
SCFree(p);
DetectEngineCtxFree(de_ctx);
if (p != NULL)
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
FlowShutdown();
DetectEngineCtxFree(de_ctx);
if (p1 != NULL) {
- PACKET_RECYCLE(p1);
+ PacketRecycle(p1);
SCFree(p1);
}
if (p2 != NULL) {
- PACKET_RECYCLE(p2);
+ PacketRecycle(p2);
SCFree(p2);
}
if (p3 != NULL) {
- PACKET_RECYCLE(p3);
+ PacketRecycle(p3);
SCFree(p3);
}
if (p4 != NULL) {
- PACKET_RECYCLE(p4);
+ PacketRecycle(p4);
SCFree(p4);
}
FlowShutdown();
#include "util-unittest-helper.h"
#include "util-byte.h"
#include "conf-yaml-loader.h"
+#include "util-conf.h"
#define HEADER_LEN 6
#include "util-unittest-helper.h"
#include "conf-yaml-loader.h"
#include "util-time.h"
+#include "util-conf.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
#include "flow-util.h"
#include "tm-modules.h"
#include "tmqh-packetpool.h"
+#include "util-conf.h"
#include <fuzz_pcap.h>
}
}
r = FPC_next(&pkts, &header, &pkt);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
p->ts.tv_sec = header.ts.tv_sec;
p->ts.tv_usec = header.ts.tv_usec % 1000000;
p->datalink = pkts.datalink;
#include "flow-worker.h"
#include "tm-modules.h"
#include "tmqh-packetpool.h"
+#include "util-file.h"
+#include "util-conf.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
}
}
r = pcap_next_ex(pkts, &header, &pkt);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
p->ts.tv_sec = header->ts.tv_sec;
p->ts.tv_usec = header->ts.tv_usec % 1000000;
p->datalink = pcap_datalink(pkts);
#include "flow-worker.h"
#include "tm-modules.h"
#include "tmqh-packetpool.h"
+#include "util-conf.h"
#include <fuzz_pcap.h>
}
}
r = FPC_next(&pkts, &header, &pkt);
- PACKET_RECYCLE(p);
+ PacketRecycle(p);
p->pkt_src = PKT_SRC_WIRE;
p->ts.tv_sec = header.ts.tv_sec;
p->ts.tv_usec = header.ts.tv_usec % 1000000;
#ifndef __THREADS_PROFILE_H__
#define __THREADS_PROFILE_H__
+#include "util-cpu.h"
+
+#define PROFILING_MAX_LOCKS 64
+
/* profiling */
+enum {
+ LOCK_MUTEX,
+ LOCK_SPIN,
+ LOCK_RWW, /**< rwlock, writer */
+ LOCK_RWR, /**< rwlock, reader */
+};
+
typedef struct ProfilingLock_ {
char *file;
char *func;
#include <unistd.h>
#endif
-#ifdef PROFILING
-#include "util-cpu.h"
-#ifdef PROFILE_LOCKING
-#include "util-profiling-locks.h"
-#endif /* PROFILE_LOCKING */
-#endif /* PROFILING */
-
#if defined OS_FREEBSD || __OpenBSD__
#if ! defined __OpenBSD__
#include "tmqh-packetpool.h"
#include "tm-threads-common.h"
#include "tm-modules.h"
+#include "flow.h" // for the FlowQueue
#ifdef OS_WIN32
static inline void SleepUsec(uint64_t usec)
* Packetpool queue handlers. Packet pool is implemented as a stack.
*/
-#include "suricata.h"
-#include "packet-queue.h"
-#include "decode.h"
-#include "detect.h"
-#include "detect-uricontent.h"
-#include "threads.h"
-#include "threadvars.h"
-#include "flow.h"
-#include "flow-util.h"
-#include "host.h"
-
-#include "stream.h"
-#include "stream-tcp-reassemble.h"
-
+#include "suricata-common.h"
+#include "tmqh-packetpool.h"
#include "tm-queuehandlers.h"
#include "tm-threads.h"
+#include "threads.h"
+#include "decode.h"
#include "tm-modules.h"
-
-#include "pkt-var.h"
-
-#include "tmqh-packetpool.h"
-
-#include "util-debug.h"
-#include "util-error.h"
+#include "packet.h"
#include "util-profiling.h"
-#include "util-device.h"
#include "util-validate.h"
/* Number of freed packet to save for one pool before freeing them. */
Packet *p = pool->head;
pool->head = p->next;
p->pool = pool;
- PACKET_REINIT(p);
+ PacketReinit(p);
return p;
}
Packet *p = pool->head;
pool->head = p->next;
p->pool = pool;
- PACKET_REINIT(p);
+ PacketReinit(p);
return p;
}
return;
}
- PACKET_RELEASE_REFS(p);
+ PacketReleaseRefs(p);
#ifdef DEBUG_VALIDATION
BUG_ON(pool->initialized == 0);
if (proot == true) {
SCLogDebug("getting rid of root pkt... alloc'd %s", p->root->flags & PKT_ALLOC ? "true" : "false");
- PACKET_RELEASE_REFS(p->root);
+ PacketReleaseRefs(p->root);
p->root->ReleasePacket(p->root);
p->root = NULL;
}
PACKET_PROFILING_END(p);
- PACKET_RELEASE_REFS(p);
+ PacketReleaseRefs(p);
p->ReleasePacket(p);
SCReturn;
*/
#include "suricata-common.h"
-#include "suricata.h"
#include "unix-manager.h"
+#include "threads.h"
#include "detect-engine.h"
#include "tm-threads.h"
#include "runmodes.h"
#include "output-json-stats.h"
+#include "util-conf.h"
#include "util-privs.h"
#include "util-debug.h"
#include "util-device.h"
#include "util-ebpf.h"
#include "util-signal.h"
#include "util-buffer.h"
+#include "util-path.h"
#if (defined BUILD_UNIX_SOCKET) && (defined HAVE_SYS_UN_H) && (defined HAVE_SYS_STAT_H) && (defined HAVE_SYS_TYPES_H)
#include <sys/un.h>
#ifndef UNIX_MANAGER_H
#define UNIX_MANAGER_H
+#include "threads.h"
+
#define UNIX_CMD_TAKE_ARGS 1
extern SCCtrlCondT unix_manager_ctrl_cond;
#include "suricata-common.h"
#define _THREAD_AFFINITY
#include "util-affinity.h"
-#include "util-cpu.h"
-#include "util-byte.h"
#include "conf.h"
-#include "threads.h"
-#include "queue.h"
#include "runmodes.h"
+#include "util-cpu.h"
+#include "util-byte.h"
+#include "util-debug.h"
ThreadsAffinityType thread_affinity[MAX_CPU_SET] = {
{
#define __UTIL_AFFINITY_H__
#include "suricata-common.h"
#include "conf.h"
+#include "threads.h"
#if defined OS_FREEBSD
#include <sched.h>
*/
#include "util-base64.h"
+#include "util-debug.h"
#include "util-unittest.h"
/* Constants */
#define BASE64_TABLE_MAX 122
* \author Eric Leblond <eric@regit.org>
*/
-
#include "suricata-common.h"
-#include "suricata.h"
#include "util-bpf.h"
+#include "threads.h"
#if !defined __OpenBSD__
*/
#include "suricata-common.h"
-
#include "util-checksum.h"
int ReCalculateChecksum(Packet *p)
#ifndef __UTIL_CHECKSUM_H__
#define __UTIL_CHECKSUM_H__
+#include "decode.h"
+
int ReCalculateChecksum(Packet *p);
int ChecksumAutoModeCheck(uint64_t thread_count,
uint64_t iface_count, uint64_t iface_fail);
#include "suricata-common.h"
#include "util-cidr.h"
+#include "util-debug.h"
#include "util-unittest.h"
/** \brief turn 32 bit mask into CIDR
#include "conf.h"
#include "runmodes.h"
#include "util-conf.h"
+#include "util-debug.h"
TmEcode ConfigSetLogDirectory(const char *name)
{
* Coredump configuration
*/
+#include "suricata-common.h"
#define _FILE_OFFSET_BITS 64
#include "util-coredump-config.h"
#include "conf.h"
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif
+#ifdef HAVE_SYS_PRCTL_H
+#include <sys/prctl.h>
+#endif
+#include "util-debug.h"
#ifdef OS_WIN32
*/
#include "suricata-common.h"
-#include "conf.h"
#include "util-datalink.h"
+#include "decode.h"
int g_datalink_value = LINKTYPE_NULL;
int g_datalink_is_multiple = 0;
#include "suricata-common.h"
#include "util-debug-filters.h"
+#include "threads.h"
+#include "util-debug.h"
/* both of these are defined in util-debug.c */
extern int sc_log_module_initialized;
#ifndef __DEBUG_FILTERS_H__
#define __DEBUG_FILTERS_H__
-#include <pthread.h>
+#include "threads.h"
/**
* \brief Enum that holds the different kinds of filters available
*/
#include "suricata-common.h"
-#include "threads.h"
#include "util-debug.h"
-#include "util-error.h"
-#include "util-enum.h"
-#include "util-debug-filters.h"
-#include "suricata.h"
-#include "decode.h"
-#include "detect.h"
-#include "packet-queue.h"
-#include "threadvars.h"
#include "output.h"
-#include "tm-queuehandlers.h"
-#include "tm-queues.h"
-#include "tm-threads.h"
+#include "suricata.h"
-#include "util-unittest.h"
+#include "util-conf.h"
+#include "util-enum.h"
+#include "util-path.h"
#include "util-syslog.h"
#include "util-time.h"
-#include "rust.h"
-
-
-#include "conf.h"
/* holds the string-enum mapping for the enums held in the table SCLogLevel */
SCEnumCharMap sc_log_level_map[ ] = {
*/
#include "suricata-common.h"
-
+#include "suricata.h"
#include "util-decode-mime.h"
#include "util-ip.h"
#include "util-spm-bs.h"
#ifndef MIME_DECODE_H_
#define MIME_DECODE_H_
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-
+#include "conf.h"
#include "util-base64.h"
+#include "util-file.h"
/* Content Flags */
#define CTNT_IS_MSG 1
#include "util-dpdk.h"
#include "device-storage.h"
+#include "util-debug.h"
#define MAX_DEVNAME 10
*/
#include "util-dpdk-i40e.h"
+#include "util-dpdk.h"
+#include "util-debug.h"
#ifdef HAVE_DPDK
*/
#include "util-dpdk-ice.h"
+#include "util-dpdk.h"
#ifdef HAVE_DPDK
*/
#include "util-dpdk-ixgbe.h"
+#include "util-dpdk.h"
#ifdef HAVE_DPDK
#include "suricata.h"
#include "util-dpdk.h"
+#include "util-debug.h"
void DPDKCleanupEAL(void)
{
#ifndef __UTIL_EXCEPTION_POLICY_H__
#define __UTIL_EXCEPTION_POLICY_H__
+#include "decode.h"
+
enum ExceptionPolicy {
EXCEPTION_POLICY_IGNORE = 0,
EXCEPTION_POLICY_PASS_PACKET,
#include "conf.h"
#include "util-streaming-buffer.h"
+#include "flow.h"
/* Hack: Pulling rust.h to get the SCSha256 causes all sorts of problems with
* header include orders, which is something we'll have to resolve as we provide
#ifndef __UTIL_HASH_STRING_H__
#define __UTIL_HASH_STRING_H__
+#include "util-hash.h"
+
uint32_t StringHashDjb2(const uint8_t *data, uint32_t datalen);
uint32_t StringHashFunc(HashTable *ht, void *data, uint16_t datalen);
char StringHashCompareFunc(void *data1, uint16_t datalen1,
#include "util-hash.h"
#include "util-unittest.h"
#include "util-memcmp.h"
+#include "util-debug.h"
HashTable* HashTableInit(uint32_t size, uint32_t (*Hash)(struct HashTable_ *, void *, uint16_t), char (*Compare)(void *, uint16_t, void *, uint16_t), void (*Free)(void *)) {
#include "suricata-common.h"
#include "util-host-info.h"
#include "util-byte.h"
+#include "util-debug.h"
#ifndef OS_WIN32
#include <sys/utsname.h>
*/
#include "suricata-common.h"
+#include "util-ioctl.h"
#include "conf.h"
-#include "util-device.h"
+#include "decode.h"
#include "decode-sll.h"
#ifdef HAVE_SYS_IOCTL_H
#include "win32-syscall.h"
#endif
-#include "util-ioctl.h"
-
/**
* \brief output a majorant of hardware header length
*
#include "suricata-common.h"
#include "util-ip.h"
#include "util-byte.h"
+#include "util-debug.h"
/** \brief determine if a string is a valid ipv4 address
* \retval bool is addr valid?
*/
#include "suricata.h"
+#include "feature.h"
#include "util-conf.h"
#include "util-file.h"
#include "util-landlock.h"
#include "util-mem.h"
-#include "feature.h"
+#include "util-path.h"
#ifndef HAVE_LINUX_LANDLOCK_H
#include "util-log-redis.h"
#include "util-logopenfile.h"
#include "util-byte.h"
+#include "util-debug.h"
#ifdef HAVE_LIBHIREDIS
#include "conf.h" /* ConfNode, etc. */
#include "output.h" /* DEFAULT_LOG_* */
#include "util-byte.h"
+#include "util-conf.h"
+#include "util-path.h"
#include "util-time.h"
#if defined(HAVE_SYS_UN_H) && defined(HAVE_SYS_SOCKET_H) && defined(HAVE_SYS_TYPES_H)
#ifndef __UTIL_LOGOPENFILE_H__
#define __UTIL_LOGOPENFILE_H__
+#include "threads.h"
#include "conf.h" /* ConfNode */
#include "util-buffer.h"
#include "util-proto-name.h"
#include "util-logopenfile.h"
#include "util-time.h"
+#include "util-conf.h"
#ifdef HAVE_LUA
typedef void lua_State;
#else
-
-#include <lua.h>
-#include <lualib.h>
-#include <lauxlib.h>
-
+#include "threadvars.h"
+#include "detect.h"
typedef struct LuaStreamingBuffer_ {
const uint8_t *data;
*/
#include "suricata-common.h"
-
#include "conf.h"
-
#include "util-unittest.h"
#include "util-magic.h"
+#include "util-debug.h"
#ifdef HAVE_MAGIC
#include "suricata-common.h"
#include "suricata.h"
#include "util-atomic.h"
+#include "util-debug.h"
#if defined(_WIN32) || defined(__WIN32)
#include <mm_malloc.h>
*/
#include "suricata-common.h"
-
#include "util-memcmp.h"
#include "util-unittest.h"
/* UNITTESTS */
#ifdef UNITTESTS
+#include "util-debug.h"
static int MemcmpTest01 (void)
{
if (SCMemcmpLowercase(t->a, t->b, strlen(t->a)-1) != t->result)
return 0;
- SCLogInfo("ok");
t++;
}
#define __UTIL_MEMCMP_H__
#include "util-optimize.h"
-#include "suricata.h"
/** \brief compare two patterns, converting the 2nd to lowercase
* \warning *ONLY* the 2nd pattern is converted to lowercase
#ifndef __UTIL_MPM_AC__H__
#define __UTIL_MPM_AC__H__
+#include "util-mpm.h"
+
#define SC_AC_STATE_TYPE_U16 uint16_t
#define SC_AC_STATE_TYPE_U32 uint32_t
void MpmFactoryDeRegisterAllMpmCtxProfiles(struct DetectEngineCtx_ *);
int32_t MpmFactoryIsMpmCtxAvailable(const struct DetectEngineCtx_ *, const MpmCtx *);
-int PmqSetup(PrefilterRuleStore *);
-void PmqReset(PrefilterRuleStore *);
-void PmqCleanup(PrefilterRuleStore *);
-void PmqFree(PrefilterRuleStore *);
-
void MpmTableSetup(void);
void MpmRegisterTests(void);
#include "suricata-common.h"
#include "util-pages.h"
+#include "util-debug.h"
#ifndef HAVE_PAGESUPPORTSRWX_AS_MACRO
#include "suricata-common.h"
#include "util-pidfile.h"
+#include "util-debug.h"
/**
* \brief Write a pid file (used at the startup)
#include "runmodes.h"
#include "output-eve-syslog.h"
#include "util-plugin.h"
+#include "util-debug.h"
#ifdef HAVE_PLUGINS
#ifndef __UTIL_POOL_THREAD_H__
#define __UTIL_POOL_THREAD_H__
+#include "threads.h"
#include "util-pool.h"
struct PoolThreadElement_ {
*/
#include "suricata-common.h"
+#include "util-prefilter.h"
/**
* \brief Setup a pmq
#ifndef __UTIL_PREFILTER_H__
#define __UTIL_PREFILTER_H__
+#include "util-debug.h"
+
/** \brief structure for storing potential rule matches
*
* Helper structure for the prefilter engine. The Pattern Matchers
} while (ptr != end);
pmq->rule_id_array_cnt += sids_size;
}
+
+int PmqSetup(PrefilterRuleStore *);
+void PmqReset(PrefilterRuleStore *);
+void PmqCleanup(PrefilterRuleStore *);
+void PmqFree(PrefilterRuleStore *);
+
#endif /* __UTIL_PREFILTER_H__ */
#ifndef _UTIL_PRIVS_H
#define _UTIL_PRIVS_H
+#include "threadvars.h"
+
#define SC_CAP_NONE 0x01
#define SC_CAP_SYS_ADMIN 0x02
#define SC_CAP_SYS_RAW_IO 0x04
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "detect.h"
-#include "detect-engine.h"
-#include "conf.h"
-
-#include "tm-threads.h"
-
-#include "util-unittest.h"
-#include "util-byte.h"
#include "util-profiling.h"
#include "util-profiling-locks.h"
-#include "util-time.h"
#ifdef PROFILING
-
-#ifndef MIN
-#define MIN(a, b) (((a) < (b)) ? (a) : (b))
-#endif
+#include "detect-engine.h"
+#include "tm-threads.h"
+#include "util-conf.h"
+#include "util-time.h"
/**
* Extra data for rule profiling.
#include "suricata-common.h"
#include "util-profiling-locks.h"
-#include "util-hashlist.h"
#ifdef PROFILING
#ifdef PROFILE_LOCKING
+#include "threads.h"
+#include "util-hashlist.h"
+#include "util-debug.h"
thread_local ProfilingLock locks[PROFILING_MAX_LOCKS];
thread_local int locks_idx = 0;
#ifdef PROFILING
-#define PROFILING_MAX_LOCKS 64
-
-enum {
- LOCK_MUTEX,
- LOCK_SPIN,
- LOCK_RWW, /**< rwlock, writer */
- LOCK_RWR, /**< rwlock, reader */
-};
-
void SCProfilingAddPacketLocks(void *);
int LockRecordInitHash(void);
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "detect.h"
-#include "detect-engine.h"
-#include "detect-engine-prefilter.h"
-#include "conf.h"
-
-#include "tm-threads.h"
-
-#include "util-unittest.h"
-#include "util-byte.h"
#include "util-profiling.h"
-#include "util-profiling-locks.h"
-#include "util-time.h"
#ifdef PROFILING
+#include "detect-engine-prefilter.h"
+#include "util-conf.h"
+#include "util-time.h"
typedef struct SCProfilePrefilterData_ {
uint64_t called;
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "detect.h"
-#include "detect-engine.h"
-#include "conf.h"
-
-#include "tm-threads.h"
-
-#include "util-unittest.h"
-#include "util-byte.h"
#include "util-profiling.h"
-#include "util-profiling-locks.h"
-#include "util-time.h"
#ifdef PROFILING
+#include "util-conf.h"
+#include "util-time.h"
/**
* Extra data for rule profiling.
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "detect.h"
-#include "conf.h"
-
-#include "tm-threads.h"
-
-#include "util-unittest.h"
-#include "util-byte.h"
#include "util-profiling.h"
-#include "util-profiling-locks.h"
-#include "util-time.h"
#ifdef PROFILING
+#include "util-byte.h"
+#include "util-conf.h"
+#include "util-time.h"
/**
* Extra data for rule profiling.
*/
#include "suricata-common.h"
-#include "decode.h"
-#include "detect.h"
-#include "detect-engine-prefilter.h"
-#include "conf.h"
-#include "flow-worker.h"
+#include "util-profiling.h"
+#ifdef PROFILING
#include "tm-threads.h"
-
+#include "conf.h"
#include "util-unittest.h"
#include "util-byte.h"
-#include "util-profiling.h"
#include "util-profiling-locks.h"
-
-#ifdef PROFILING
+#include "util-conf.h"
#ifndef MIN
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
#ifdef PROFILING
+#include "detect.h"
+#include "util-cpu.h"
+#include "util-profiling-locks.h"
extern int profiling_rules_enabled;
extern int profiling_packets_enabled;
(det_ctx)->prefilter_bytes += (bytes); \
(det_ctx)->prefilter_bytes_called++
+struct SCProfileDetectCtx_;
void SCProfilingRulesGlobalInit(void);
void SCProfilingRuleDestroyCtx(struct SCProfileDetectCtx_ *);
void SCProfilingRuleInitCounters(DetectEngineCtx *);
#include "suricata-common.h"
#include "util-hash-string.h"
#include "util-proto-name.h"
+#include "util-debug.h"
#ifdef UNITTESTS
#include "util-unittest.h"
#include "suricata-common.h"
#include "suricata.h"
#include "util-random.h"
-
+#include "util-debug.h"
#if !(defined(HAVE_WINCRYPT_H) && defined(OS_WIN32))
#if defined(HAVE_CLOCK_GETTIME)
#ifndef __UTIL_REFERENCE_CONFIG_H__
#define __UTIL_REFERENCE_CONFIG_H__
+#include "detect.h"
+
#define REFERENCE_SYSTEM_NAME_MAX 64
#define REFERENCE_CONTENT_NAME_MAX 1024
#include "util-unittest.h"
#include "util-memcmp.h"
#include "util-hash-lookup3.h"
-#include "queue.h"
#include "util-rohash.h"
+#include "util-debug.h"
/** item_size data beyond this header */
typedef struct ROHashTableItem_ {
*/
#include "suricata-common.h"
-#include "suricata.h"
-
#include "util-hyperscan.h"
+#include "util-spm.h"
#include "util-spm-hs.h"
+#include "util-debug.h"
#ifdef BUILD_HYPERSCAN
*/
#include "suricata-common.h"
-#include "suricata.h"
#include "util-unittest.h"
#include "conf.h"
#ifdef BUILD_HYPERSCAN
#include "hs.h"
#endif
+#include "util-debug.h"
SpmTableElmt spm_table[SPM_TABLE_SIZE];
#include "suricata-common.h"
#include "util-unittest.h"
#include "util-storage.h"
+#include "util-debug.h"
typedef struct StorageMapping_ {
const char *name;
#include "util-unittest.h"
#include "util-print.h"
#include "util-validate.h"
+#include "util-debug.h"
/**
* \file
#ifndef __THASH_H__
#define __THASH_H__
+#include "threads.h"
/** Spinlocks or Mutex for the buckets. */
//#define HRLOCK_SPIN
#ifndef __UTIL_UNITTEST_HELPER__
#define __UTIL_UNITTEST_HELPER__
+#if defined(UNITTESTS)
+#include "packet.h"
+#include "flow.h"
+#include "stream-tcp.h"
+#include "detect.h"
+#include "detect-engine.h"
+#include "detect-engine-alert.h"
+#include "detect-engine-build.h"
+#elif defined(FUZZ)
+#include "packet.h"
+#include "flow.h"
+#endif
+
#if defined(UNITTESTS) || defined(FUZZ)
Flow *TestHelperBuildFlow(int family, const char *src, const char *dst, Port sp, Port dp);
int TestHelperBufferToFile(const char *name, const uint8_t *data, size_t size);
projects / thirdparty / suricata.git / commitdiff
