AppProto alproto;
int32_t sm_list;
uint32_t inspect_flags;
- uint32_t match_flags;
uint16_t dir;
int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx,
ALPROTO_HTTP,
DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT,
- DE_STATE_FLAG_URI_INSPECT,
0,
DetectEngineInspectPacketUris },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HRLMATCH,
DE_STATE_FLAG_HRL_INSPECT,
- DE_STATE_FLAG_HRL_INSPECT,
0,
DetectEngineInspectHttpRequestLine },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HCBDMATCH,
DE_STATE_FLAG_HCBD_INSPECT,
- DE_STATE_FLAG_HCBD_INSPECT,
0,
DetectEngineInspectHttpClientBody },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HHDMATCH,
DE_STATE_FLAG_HHD_INSPECT,
- DE_STATE_FLAG_HHD_INSPECT,
0,
DetectEngineInspectHttpHeader },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HRHDMATCH,
DE_STATE_FLAG_HRHD_INSPECT,
- DE_STATE_FLAG_HRHD_INSPECT,
0,
DetectEngineInspectHttpRawHeader },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HMDMATCH,
DE_STATE_FLAG_HMD_INSPECT,
- DE_STATE_FLAG_HMD_INSPECT,
0,
DetectEngineInspectHttpMethod },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HCDMATCH,
DE_STATE_FLAG_HCD_INSPECT,
- DE_STATE_FLAG_HCD_INSPECT,
0,
DetectEngineInspectHttpCookie },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HRUDMATCH,
DE_STATE_FLAG_HRUD_INSPECT,
- DE_STATE_FLAG_HRUD_INSPECT,
0,
DetectEngineInspectHttpRawUri },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TS_INSPECT,
- DE_STATE_FLAG_FILE_TS_INSPECT,
0,
DetectFileInspectHttp },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HUADMATCH,
DE_STATE_FLAG_HUAD_INSPECT,
- DE_STATE_FLAG_HUAD_INSPECT,
0,
DetectEngineInspectHttpUA },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HHHDMATCH,
DE_STATE_FLAG_HHHD_INSPECT,
- DE_STATE_FLAG_HHHD_INSPECT,
0,
DetectEngineInspectHttpHH },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HRHHDMATCH,
DE_STATE_FLAG_HRHHD_INSPECT,
- DE_STATE_FLAG_HRHHD_INSPECT,
0,
DetectEngineInspectHttpHRH },
/* DNS */
ALPROTO_DNS,
DETECT_SM_LIST_DNSQUERY_MATCH,
DE_STATE_FLAG_DNSQUERY_INSPECT,
- DE_STATE_FLAG_DNSQUERY_INSPECT,
0,
DetectEngineInspectDnsQueryName },
/* specifically for UDP, register again
ALPROTO_DNS,
DETECT_SM_LIST_DNSQUERY_MATCH,
DE_STATE_FLAG_DNSQUERY_INSPECT,
- DE_STATE_FLAG_DNSQUERY_INSPECT,
0,
DetectEngineInspectDnsQueryName },
{ IPPROTO_TCP,
ALPROTO_SMTP,
DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TS_INSPECT,
- DE_STATE_FLAG_FILE_TS_INSPECT,
0,
DetectFileInspectSmtp },
/* Modbus */
ALPROTO_MODBUS,
DETECT_SM_LIST_MODBUS_MATCH,
DE_STATE_FLAG_MODBUS_INSPECT,
- DE_STATE_FLAG_MODBUS_INSPECT,
0,
DetectEngineInspectModbus },
/* file_data smtp */
ALPROTO_SMTP,
DETECT_SM_LIST_FILEDATA,
DE_STATE_FLAG_FD_SMTP_INSPECT,
- DE_STATE_FLAG_FD_SMTP_INSPECT,
0,
DetectEngineInspectSMTPFiledata },
};
ALPROTO_HTTP,
DETECT_SM_LIST_FILEDATA,
DE_STATE_FLAG_HSBD_INSPECT,
- DE_STATE_FLAG_HSBD_INSPECT,
1,
DetectEngineInspectHttpServerBody },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HHDMATCH,
DE_STATE_FLAG_HHD_INSPECT,
- DE_STATE_FLAG_HHD_INSPECT,
1,
DetectEngineInspectHttpHeader },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HRHDMATCH,
DE_STATE_FLAG_HRHD_INSPECT,
- DE_STATE_FLAG_HRHD_INSPECT,
1,
DetectEngineInspectHttpRawHeader },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HCDMATCH,
DE_STATE_FLAG_HCD_INSPECT,
- DE_STATE_FLAG_HCD_INSPECT,
1,
DetectEngineInspectHttpCookie },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TC_INSPECT,
- DE_STATE_FLAG_FILE_TC_INSPECT,
1,
DetectFileInspectHttp },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HSMDMATCH,
DE_STATE_FLAG_HSMD_INSPECT,
- DE_STATE_FLAG_HSMD_INSPECT,
1,
DetectEngineInspectHttpStatMsg },
{ IPPROTO_TCP,
ALPROTO_HTTP,
DETECT_SM_LIST_HSCDMATCH,
DE_STATE_FLAG_HSCD_INSPECT,
- DE_STATE_FLAG_HSCD_INSPECT,
1,
DetectEngineInspectHttpStatCode },
/* Modbus */
ALPROTO_MODBUS,
DETECT_SM_LIST_MODBUS_MATCH,
DE_STATE_FLAG_MODBUS_INSPECT,
- DE_STATE_FLAG_MODBUS_INSPECT,
0,
DetectEngineInspectModbus }
};
data_toserver[i].dir,
data_toserver[i].sm_list,
data_toserver[i].inspect_flags,
- data_toserver[i].match_flags,
data_toserver[i].Callback,
app_inspection_engine);
}
data_toclient[i].dir,
data_toclient[i].sm_list,
data_toclient[i].inspect_flags,
- data_toclient[i].match_flags,
data_toclient[i].Callback,
app_inspection_engine);
}
while (tmp != NULL) {
if (tmp->dir == engine->dir &&
(tmp->sm_list == engine->sm_list ||
- tmp->inspect_flags == engine->inspect_flags ||
- tmp->match_flags == engine->match_flags)) {
+ tmp->inspect_flags == engine->inspect_flags
+ )) {
SCLogError(SC_ERR_DETECT_PREPARE, "App Inspection Engine already "
"registered for this direction(%"PRIu16") ||"
"sm_list(%d) || "
- "[match(%"PRIu32")|inspect(%"PRIu32")]_flags",
- tmp->dir, tmp->sm_list, tmp->inspect_flags,
- tmp->match_flags);
+ "[inspect(%"PRIu32")]_flags",
+ tmp->dir, tmp->sm_list, tmp->inspect_flags);
exit(EXIT_FAILURE);
}
insert = tmp;
uint16_t dir,
int32_t sm_list,
uint32_t inspect_flags,
- uint32_t match_flags,
int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
new_engine->dir = dir;
new_engine->sm_list = sm_list;
new_engine->inspect_flags = inspect_flags;
- new_engine->match_flags = match_flags;
new_engine->Callback = Callback;
AppendAppInspectionEngine(new_engine, list);
0 /* STREAM_TOSERVER */,
DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT,
- DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine01,
engine_list);
engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
- engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine01) {
printf("failed for http and dir(0-toserver)\n");
goto end;
0 /* STREAM_TOSERVER */,
DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT,
- DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine01,
engine_list);
DetectEngineRegisterAppInspectionEngine(IPPROTO_TCP,
1 /* STREAM_TOCLIENT */,
DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT,
- DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine02,
engine_list);
engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
- engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine01) {
printf("failed for http and dir(0-toserver)\n");
goto end;
engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
- engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine02) {
printf("failed for http and dir(0-toclient)\n");
goto end;
struct test_data_t {
int32_t sm_list;
uint32_t inspect_flags;
- uint32_t match_flags;
uint16_t dir;
int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx,
struct test_data_t data[] = {
{ DETECT_SM_LIST_UMATCH,
- DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HCBDMATCH,
- DE_STATE_FLAG_HCBD_INSPECT,
DE_STATE_FLAG_HCBD_INSPECT,
0,
DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_FILEDATA,
- DE_STATE_FLAG_HSBD_INSPECT,
DE_STATE_FLAG_HSBD_INSPECT,
1,
DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HHDMATCH,
- DE_STATE_FLAG_HHD_INSPECT,
DE_STATE_FLAG_HHD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HRHDMATCH,
- DE_STATE_FLAG_HRHD_INSPECT,
DE_STATE_FLAG_HRHD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HMDMATCH,
- DE_STATE_FLAG_HMD_INSPECT,
DE_STATE_FLAG_HMD_INSPECT,
0,
DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HCDMATCH,
- DE_STATE_FLAG_HCD_INSPECT,
DE_STATE_FLAG_HCD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HRUDMATCH,
- DE_STATE_FLAG_HRUD_INSPECT,
DE_STATE_FLAG_HRUD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_FILEMATCH,
- DE_STATE_FLAG_FILE_TS_INSPECT,
DE_STATE_FLAG_FILE_TS_INSPECT,
0,
DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_FILEMATCH,
- DE_STATE_FLAG_FILE_TC_INSPECT,
DE_STATE_FLAG_FILE_TC_INSPECT,
1,
DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HSMDMATCH,
- DE_STATE_FLAG_HSMD_INSPECT,
DE_STATE_FLAG_HSMD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HSCDMATCH,
- DE_STATE_FLAG_HSCD_INSPECT,
DE_STATE_FLAG_HSCD_INSPECT,
0,
DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HUADMATCH,
- DE_STATE_FLAG_HUAD_INSPECT,
DE_STATE_FLAG_HUAD_INSPECT,
0,
DummyTestAppInspectionEngine02 },
data[i].dir /* STREAM_TOCLIENT */,
data[i].sm_list,
data[i].inspect_flags,
- data[i].match_flags,
data[i].Callback,
engine_list);
}
engine->dir != data[i].dir ||
engine->sm_list != data[i].sm_list ||
engine->inspect_flags != data[i].inspect_flags ||
- engine->match_flags != data[i].match_flags ||
engine->Callback != data[i].Callback) {
printf("failed for http\n");
goto end;
projects / thirdparty / suricata.git / commitdiff
