Inspects Accept-Encoding header.
detect-gid.c detect-gid.h \
detect-hostbits.c detect-hostbits.h \
detect-http-accept.c detect-http-accept.h \
+detect-http-accept-enc.c detect-http-accept-enc.h \
detect-http-accept-lang.c detect-http-accept-lang.h \
detect-http-client-body.c detect-http-client-body.h \
detect-http-connection.c detect-http-connection.h \
--- /dev/null
+/* Copyright (C) 2007-2017 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \ingroup httplayer
+ *
+ * @{
+ */
+
+
+/**
+ * \file
+ *
+ * \author Victor Julien <victor@inliniac.net>
+ *
+ * Implements http_accept_enc sticky buffer
+ */
+
+#define KEYWORD_NAME "http_accept_enc"
+#define KEYWORD_DOC "http-keywords#http-accept-enc"
+#define BUFFER_NAME "http_accept_enc"
+#define BUFFER_DESC "http accept encoding header"
+#define HEADER_NAME "Accept-Encoding"
+#define KEYWORD_ID DETECT_AL_HTTP_HEADER_ACCEPT_ENC
+#define KEYWORD_TOSERVER 1
+
+#include "detect-http-headers-stub.h"
+
+void RegisterHttpHeadersAcceptEnc(void)
+{
+ DetectHttpHeadersRegisterStub();
+}
--- /dev/null
+/* Copyright (C) 2007-2017 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+#ifndef __DETECT_HTTP_ACCEPT_LEN_H__
+#define __DETECT_HTTP_ACCEPT_LEN_H__
+
+void RegisterHttpHeadersAcceptEnc(void);
+
+#endif /* __DETECT_HTTP_ACCEPT_LEN_H__ */
*/
#include "detect-http-accept.h"
+#include "detect-http-accept-enc.h"
#include "detect-http-accept-lang.h"
#include "detect-http-connection.h"
#include "detect-http-referer.h"
void DetectHttpHeadersRegister(void)
{
RegisterHttpHeadersAccept();
+ RegisterHttpHeadersAcceptEnc();
RegisterHttpHeadersAcceptLang();
RegisterHttpHeadersReferer();
RegisterHttpHeadersConnection();
DETECT_AL_HTTP_HEADER_NAMES,
DETECT_AL_HTTP_HEADER_ACCEPT,
DETECT_AL_HTTP_HEADER_ACCEPT_LANG,
+ DETECT_AL_HTTP_HEADER_ACCEPT_ENC,
DETECT_AL_HTTP_HEADER_CONNECTION,
DETECT_AL_HTTP_HEADER_REFERER,
DETECT_AL_HTTP_RAW_HEADER,
projects / thirdparty / suricata.git / commitdiff
