} DetectPort;
/* Signature flags */
-#define SIG_FLAG_SRC_ANY (1) /**< source is any */
-#define SIG_FLAG_DST_ANY (1<<1) /**< destination is any */
-#define SIG_FLAG_SP_ANY (1<<2) /**< source port is any */
-#define SIG_FLAG_DP_ANY (1<<3) /**< destination port is any */
+/** \note: additions should be added to the rule analyzer as well */
-#define SIG_FLAG_NOALERT (1<<4) /**< no alert flag is set */
-#define SIG_FLAG_DSIZE (1<<5) /**< signature has a dsize setting */
-#define SIG_FLAG_APPLAYER (1<<6) /**< signature applies to app layer instead of packets */
-#define SIG_FLAG_IPONLY (1<<7) /**< ip only signature */
+#define SIG_FLAG_SRC_ANY BIT_U32(0) /**< source is any */
+#define SIG_FLAG_DST_ANY BIT_U32(1) /**< destination is any */
+#define SIG_FLAG_SP_ANY BIT_U32(2) /**< source port is any */
+#define SIG_FLAG_DP_ANY BIT_U32(3) /**< destination port is any */
+
+#define SIG_FLAG_NOALERT BIT_U32(4) /**< no alert flag is set */
+#define SIG_FLAG_DSIZE BIT_U32(5) /**< signature has a dsize setting */
+#define SIG_FLAG_APPLAYER BIT_U32(6) /**< signature applies to app layer instead of packets */
+#define SIG_FLAG_IPONLY BIT_U32(7) /**< ip only signature */
// vacancy
-#define SIG_FLAG_REQUIRE_PACKET (1<<9) /**< signature is requiring packet match */
-#define SIG_FLAG_REQUIRE_STREAM (1<<10) /**< signature is requiring stream match */
+#define SIG_FLAG_REQUIRE_PACKET BIT_U32(9) /**< signature is requiring packet match */
+#define SIG_FLAG_REQUIRE_STREAM BIT_U32(10) /**< signature is requiring stream match */
+
+#define SIG_FLAG_MPM_NEG BIT_U32(11)
-#define SIG_FLAG_MPM_NEG (1<<11)
+#define SIG_FLAG_FLUSH BIT_U32(12) /**< detection logic needs stream flush notification */
-#define SIG_FLAG_FLUSH (1<<12) /**< detection logic needs stream flush notification */
+// vacancies
-#define SIG_FLAG_REQUIRE_FLOWVAR (1<<17) /**< signature can only match if a flowbit, flowvar or flowint is available. */
+#define SIG_FLAG_REQUIRE_FLOWVAR BIT_U32(17) /**< signature can only match if a flowbit, flowvar or flowint is available. */
-#define SIG_FLAG_FILESTORE (1<<18) /**< signature has filestore keyword */
+#define SIG_FLAG_FILESTORE BIT_U32(18) /**< signature has filestore keyword */
-#define SIG_FLAG_TOSERVER (1<<19)
-#define SIG_FLAG_TOCLIENT (1<<20)
+#define SIG_FLAG_TOSERVER BIT_U32(19)
+#define SIG_FLAG_TOCLIENT BIT_U32(20)
-#define SIG_FLAG_TLSSTORE (1<<21)
+#define SIG_FLAG_TLSSTORE BIT_U32(21)
-#define SIG_FLAG_BYPASS (1<<22)
+#define SIG_FLAG_BYPASS BIT_U32(22)
-#define SIG_FLAG_PREFILTER (1<<23) /**< sig is part of a prefilter engine */
+#define SIG_FLAG_PREFILTER BIT_U32(23) /**< sig is part of a prefilter engine */
/** Proto detect only signature.
* Inspected once per direction when protocol detection is done. */
-#define SIG_FLAG_PDONLY (1<<24)
+#define SIG_FLAG_PDONLY BIT_U32(24)
/** Info for Source and Target identification */
-#define SIG_FLAG_SRC_IS_TARGET (1<<25)
+#define SIG_FLAG_SRC_IS_TARGET BIT_U32(25)
/** Info for Source and Target identification */
-#define SIG_FLAG_DEST_IS_TARGET (1<<26)
+#define SIG_FLAG_DEST_IS_TARGET BIT_U32(26)
-#define SIG_FLAG_HAS_TARGET (SIG_FLAG_DEST_IS_TARGET|SIG_FLAG_SRC_IS_TARGET)
+#define SIG_FLAG_HAS_TARGET (SIG_FLAG_DEST_IS_TARGET|SIG_FLAG_SRC_IS_TARGET)
/* signature init flags */
#define SIG_FLAG_INIT_DEONLY (1<<0) /**< decode event only signature */
#define SIG_FLAG_INIT_NEED_FLUSH (1<<7)
/* signature mask flags */
-#define SIG_MASK_REQUIRE_PAYLOAD (1<<0)
-#define SIG_MASK_REQUIRE_FLOW (1<<1)
-#define SIG_MASK_REQUIRE_FLAGS_INITDEINIT (1<<2) /* SYN, FIN, RST */
-#define SIG_MASK_REQUIRE_FLAGS_UNUSUAL (1<<3) /* URG, ECN, CWR */
-#define SIG_MASK_REQUIRE_NO_PAYLOAD (1<<4)
-#define SIG_MASK_REQUIRE_DCERPC (1<<5) /* require either SMB+DCE or raw DCE */
-#define SIG_MASK_REQUIRE_ENGINE_EVENT (1<<7)
+/** \note: additions should be added to the rule analyzer as well */
+#define SIG_MASK_REQUIRE_PAYLOAD BIT_U8(0)
+#define SIG_MASK_REQUIRE_FLOW BIT_U8(1)
+#define SIG_MASK_REQUIRE_FLAGS_INITDEINIT BIT_U8(2) /* SYN, FIN, RST */
+#define SIG_MASK_REQUIRE_FLAGS_UNUSUAL BIT_U8(3) /* URG, ECN, CWR */
+#define SIG_MASK_REQUIRE_NO_PAYLOAD BIT_U8(4)
+#define SIG_MASK_REQUIRE_DCERPC BIT_U8(5) /* require either SMB+DCE or raw DCE */
+// vacancy
+#define SIG_MASK_REQUIRE_ENGINE_EVENT BIT_U8(7)
/* for now a uint8_t is enough */
#define SignatureMask uint8_t
projects / thirdparty / suricata.git / commitdiff
