#define __ALERT_FASTLOG_H__
void AlertFastLogRegister(void);
-void TmModuleAlertFastLogIPv4Register(void);
-void TmModuleAlertFastLogIPv6Register(void);
OutputInitResult AlertFastLogInitCtx(ConfNode *);
#endif /* __ALERT_FASTLOG_H__ */
#include "util-byte.h"
#endif
-/**
- * The maximum size of a DNP3 link PDU.
- */
-#define DNP3_MAX_LINK_PDU_LEN 292
-
/* DNP3 application request function codes. */
#define DNP3_APP_FC_CONFIRM 0x00
#define DNP3_APP_FC_READ 0x01
typedef uint32_t FtpRequestCommandArgOfs;
-typedef uint16_t FtpResponseCode;
-
-enum {
- FTP_FIELD_NONE = 0,
-
- FTP_FIELD_REQUEST_LINE,
- FTP_FIELD_REQUEST_COMMAND,
- FTP_FIELD_REQUEST_ARGS,
-
- FTP_FIELD_RESPONSE_LINE,
- FTP_FIELD_RESPONSE_CODE,
-
- /* must be last */
- FTP_FIELD_MAX,
-};
-
/** used to hold the line state when we have fragmentation. */
typedef struct FtpLineState_ {
/** used to indicate if the current_line buffer is a malloced buffer. We
uint8_t *port_line;
uint16_t dyn_port;
- /* specifies which loggers are done logging */
- uint32_t logged;
AppLayerStateData state_data;
} FtpState;
uint64_t body_inspected;
} HtpBody;
-#define HTP_CONTENTTYPE_SET BIT_U8(0) /**< We have the content type */
#define HTP_BOUNDARY_SET BIT_U8(1) /**< We have a boundary string */
-#define HTP_BOUNDARY_OPEN BIT_U8(2) /**< We have a boundary string */
#define HTP_FILENAME_SET BIT_U8(3) /**< filename is registered in the flow */
#define HTP_DONTSTORE BIT_U8(4) /**< not storing this file */
#define HTP_STREAM_DEPTH_SET BIT_U8(5) /**< stream-depth is set */
htp_conn_t *conn;
Flow *f; /**< Needed to retrieve the original flow when using HTPLib callbacks */
uint64_t transaction_cnt;
- uint64_t store_tx_id;
const struct HTPCfgRec_ *cfg;
uint16_t flags;
uint16_t events;
// AppLayerDecoderEvents *(*StateGetEvents)(void *) __attribute__((nonnull)));
void AppLayerParserRegisterGetTxFilesFunc(uint8_t ipproto, AppProto alproto,
AppLayerGetFileState (*GetTxFiles)(void *, void *, uint8_t));
-void AppLayerParserRegisterLoggerFuncs(uint8_t ipproto, AppProto alproto,
- LoggerId (*StateGetTxLogged)(void *, void *),
- void (*StateSetTxLogged)(void *, void *, LoggerId));
void AppLayerParserRegisterLogger(uint8_t ipproto, AppProto alproto);
void AppLayerParserRegisterLoggerBits(uint8_t ipproto, AppProto alproto, LoggerId bits);
void AppLayerParserRegisterTruncateFunc(uint8_t ipproto, AppProto alproto,
void AppLayerParserRegisterGetFrameFuncs(uint8_t ipproto, AppProto alproto,
AppLayerParserGetFrameIdByNameFn GetFrameIdByName,
AppLayerParserGetFrameNameByIdFn GetFrameNameById);
-void AppLayerParserRegisterGetStreamDepth(uint8_t ipproto,
- AppProto alproto,
- uint32_t (*GetStreamDepth)(void));
void AppLayerParserRegisterSetStreamDepthFlag(uint8_t ipproto, AppProto alproto,
void (*SetStreamDepthFlag)(void *tx, uint8_t flags));
#define __APP_LAYER_QUIC_H__
void RegisterQuicParsers(void);
-void QuicParserRegisterTests(void);
#endif /* __APP_LAYER_QUIC_H__ */
#define __APP_LAYER_RDP_H__
void RegisterRdpParsers(void);
-void RdpParserRegisterTests(void);
#endif /* __APP_LAYER_RDP_H__ */
/* flag to indicate that handshake is done */
#define SSL_AL_FLAG_HANDSHAKE_DONE BIT_U32(18)
-/* A session ID in the Client Hello message, indicating the client
- wants to resume a session */
-#define SSL_AL_FLAG_SSL_CLIENT_SESSION_ID BIT_U32(19)
/* Session resumed without a full handshake */
#define SSL_AL_FLAG_SESSION_RESUMED BIT_U32(20)
uint8_t content_type;
uint8_t handshake_type;
- uint32_t handshake_length;
/* the no of bytes processed in the currently parsed record */
uint32_t bytes_processed;
} SSLState;
void RegisterSSLParsers(void);
-void SSLParserRegisterTests(void);
void SSLVersionToString(uint16_t, char *);
void SSLEnableJA3(void);
bool SSLJA3IsEnabled(void);
AppLayerThreadCtx *AppLayerGetCtxThread(ThreadVars *tv);
/**
- * \brief Destroys the context created by AppLayeGetCtxThread().
+ * \brief Destroys the context created by AppLayerGetCtxThread().
*
* \param tctx Pointer to the thread context to destroy.
*/
void AppLayerIncParserErrorCounter(ThreadVars *tv, Flow *f);
void AppLayerIncInternalErrorCounter(ThreadVars *tv, Flow *f);
-static inline uint8_t StreamSliceGetFlags(const StreamSlice *stream_slice)
-{
- return stream_slice->flags;
-}
-
static inline const uint8_t *StreamSliceGetData(const StreamSlice *stream_slice)
{
return stream_slice->input;
return stream_slice->input_len;
}
-static inline bool StreamSliceIsGap(const StreamSlice *stream_slice)
-{
- return stream_slice->input == NULL && stream_slice->input_len > 0;
-}
-
-static inline uint32_t StreamSliceGetGapSize(const StreamSlice *stream_slice)
-{
- return StreamSliceGetDataLen(stream_slice);
-}
#endif
/** defrag tracker hash table */
extern DefragTrackerHashRow *defragtracker_hash;
-#define DEFRAG_VERBOSE 0
-#define DEFRAG_QUIET 1
-
typedef struct DefragConfig_ {
SC_ATOMIC_DECLARE(uint64_t, memcap);
uint32_t hash_rand;
uint32_t DefragTimeoutHash(SCTime_t ts);
-uint32_t DefragGetSpareCount(void);
-uint32_t DefragGetActiveCount(void);
-
#endif
void DefragInit(void);
void DefragDestroy(void);
-void DefragReload(void); /**< use only in unittests */
uint8_t DefragGetOsPolicy(Packet *);
void DefragTrackerFreeFrags(DefragTracker *);
int DetectBsizeMatch(const SigMatchCtx *ctx, const uint64_t buffer_size, bool eof);
bool DetectBsizeValidateContentCallback(Signature *s, const SignatureInitDataBuffer *);
-#endif /* __DETECT_URILEN_H__ */
+#endif /* __DETECT_BSIZE_H__ */
} DetectContentData;
/* prototypes */
-void DetectContentRegister (void);
-uint32_t DetectContentMaxId(DetectEngineCtx *);
+void DetectContentRegister(void);
DetectContentData *DetectContentParse(SpmGlobalThreadCtx *spm_global_thread_ctx,
const char *contentstr);
int DetectContentDataParse(const char *keyword, const char *contentstr,
#define DETECT_DATASET_CMD_ISNOTSET 2
#define DETECT_DATASET_CMD_ISSET 3
-#define DETECT_DATASET_CMD_MAX 4
-
typedef struct DetectDatasetData_ {
Dataset *set;
uint8_t cmd;
uint32_t PatternStrength(uint8_t *, uint16_t);
uint8_t PatternMatchDefaultMatcher(void);
-uint32_t DnsQueryPatternSearch(DetectEngineThreadCtx *det_ctx, uint8_t *buffer, uint32_t buffer_len, uint8_t flags);
void PatternMatchPrepare(MpmCtx *, uint16_t);
void PatternMatchThreadPrepare(MpmThreadCtx *, uint16_t type);
void SigGroupHeadFree(const DetectEngineCtx *de_ctx, SigGroupHead *);
-void SigGroupHeadFreeMpmArrays(DetectEngineCtx *);
-
SigGroupHead *SigGroupHeadHashLookup(DetectEngineCtx *, SigGroupHead *);
-SigGroupHead *SigGroupHeadMpmHashLookup(DetectEngineCtx *, SigGroupHead *);
-SigGroupHead *SigGroupHeadDPortHashLookup(DetectEngineCtx *, SigGroupHead *);
-int SigGroupHeadMpmHashAdd(DetectEngineCtx *, SigGroupHead *);
int SigGroupHeadHashAdd(DetectEngineCtx *, SigGroupHead *);
-int SigGroupHeadDPortHashAdd(DetectEngineCtx *, SigGroupHead *);
void SigGroupHeadHashFree(DetectEngineCtx *);
-void SigGroupHeadMpmHashFree(DetectEngineCtx *);
-void SigGroupHeadDPortHashFree(DetectEngineCtx *);
int SigGroupHeadHashInit(DetectEngineCtx *);
-int SigGroupHeadMpmHashInit(DetectEngineCtx *);
-int SigGroupHeadDPortHashInit(DetectEngineCtx *);
int SigGroupHeadHashRemove(DetectEngineCtx *, SigGroupHead *);
void SigGroupHeadSetSigCnt(SigGroupHead *sgh, uint32_t max_idx);
void SigGroupHeadSetProtoAndDirection(SigGroupHead *sgh,
uint8_t ipproto, int dir);
-int SigGroupHeadBuildMatchArray (DetectEngineCtx *de_ctx, SigGroupHead *sgh,
- uint32_t max_idx);
-void SigGroupHeadFreeSigArrays(DetectEngineCtx *de_ctx);
+int SigGroupHeadBuildMatchArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh, uint32_t max_idx);
int SigGroupHeadContainsSigId (DetectEngineCtx *de_ctx, SigGroupHead *sgh,
uint32_t sid);
void SigGroupHeadSetFilestoreCount(DetectEngineCtx *, SigGroupHead *);
void SigGroupHeadSetFileHashFlag(DetectEngineCtx *, SigGroupHead *);
void SigGroupHeadSetFilesizeFlag(DetectEngineCtx *, SigGroupHead *);
-uint16_t SigGroupHeadGetMinMpmSize(DetectEngineCtx *de_ctx,
- SigGroupHead *sgh, int list);
int SigGroupHeadBuildNonPrefilterArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh);
* create a limit for bytes and a limit for number of packets */
#define TAG_MAX_LAST_TIME_SEEN 600
-#define TAG_TIMEOUT_CHECK_INTERVAL 60
-
/* Used for tagged data (sid and gid of the packets that
* follow the one that triggered the rule with tag option) */
#define TAG_SIG_GEN 2
int TagHashAddTag(DetectTagDataEntry *, Packet *);
int TagFlowAdd(Packet *, DetectTagDataEntry *);
-void TagContextDestroy(void);
void TagHandlePacket(DetectEngineCtx *, DetectEngineThreadCtx *, Packet *);
void TagInitCtx(void);
void PrefilterPacketU16Set(PrefilterPacketHeaderValue *v, void *smctx);
bool PrefilterPacketU16Compare(PrefilterPacketHeaderValue v, void *smctx);
-#endif /* __DETECT_UTIL_UINT_H */
+#endif /* __DETECT_ENGINE_UINT_H */
int DetectEngineAppInspectionEngine2Signature(DetectEngineCtx *de_ctx, Signature *s);
void DetectEngineAppInspectionEngineSignatureFree(DetectEngineCtx *, Signature *s);
-bool DetectEngineFrameInspectionRun(ThreadVars *tv, DetectEngineThreadCtx *det_ctx,
- const Signature *s, Flow *f, Packet *p, uint8_t *alert_flags);
bool DetectEnginePktInspectionRun(ThreadVars *tv,
DetectEngineThreadCtx *det_ctx, const Signature *s,
Flow *f, Packet *p,
const Signature *s, uint32_t inspect_flags, uint8_t flow_flags,
const uint16_t file_no_match);
-void DetectRunStoreStateTxFileOnly(const SigGroupHead *sgh, Flow *f, void *tx, uint64_t tx_id,
- const uint8_t flow_flags, const uint16_t file_no_match);
-
void DetectEngineStateResetTxs(Flow *f);
void DeStateRegisterTests(void);
FLOWINT_TARGET_VAL,
FLOWINT_TARGET_VAR,
FLOWINT_TARGET_SELF,
- FLOWINT_TARGET_UNKNOWN
};
/** If the target is another var, get the name and the idx */
/* prototypes */
void DetectFragOffsetRegister(void);
-#endif /* __DETECT_FRAGOFFSET__ */
+#endif /* __DETECT_FRAGOFFSET_H__ */
#define _DETECT_HTTP_COOKIE_H
/* prototypes */
-void DetectHttpCookieRegister (void);
-int DetectHttpCookieDoMatch(DetectEngineThreadCtx *, Signature *, SigMatch *,
- Flow *, uint8_t, void *);
+void DetectHttpCookieRegister(void);
#endif /* _DETECT_HTTP_COOKIE_H */
void DetectHttpHeaderRegister(void);
void DetectHttpRawHeaderRegister(void);
-void DetectEngineCleanHHDBuffers(DetectEngineThreadCtx *det_ctx);
-
#endif /* __DETECT_HTTP_HEADER_H__ */
#define _DETECT_HTTP_STAT_CODE_H
/* prototypes */
-int DetectHttpStatCodeMatch (ThreadVars *, DetectEngineThreadCtx *,
- Flow *, uint8_t , void *, Signature *,
- SigMatch *);
void DetectHttpStatCodeRegister(void);
#endif /* _DETECT_HTTP_STAT_CODE_H */
#define _DETECT_HTTP_STAT_MSG_H
/* prototypes */
-int DetectHttpStatMsgMatch (ThreadVars *, DetectEngineThreadCtx *, Flow *,
- uint8_t , void *, Signature *, SigMatch *);
void DetectHttpStatMsgRegister(void);
#endif /* _DETECT_HTTP_STAT_MSG_H */
/* prototypes */
void DetectIcmpIdRegister(void);
-#endif /* __DETECT_ICMP_ID__ */
+#endif /* __DETECT_ICMP_ID_H__ */
/* prototypes */
void DetectIcmpSeqRegister(void);
-#endif /* __DETECT_ICMP_SEQ__ */
-
+#endif /* __DETECT_ICMP_SEQ_H__ */
#define ISDATAAT_NEGATED 0x04
#define ISDATAAT_OFFSET_VAR 0x08
-#define ISDATAAT_MIN 0
-#define ISDATAAT_MAX 65535
-
typedef struct DetectIsdataatData_ {
uint16_t dataat; /* data offset to match */
uint8_t flags; /* isdataat options*/
Signature *SigAlloc(void);
void SigFree(DetectEngineCtx *de_ctx, Signature *s);
Signature *SigInit(DetectEngineCtx *, const char *sigstr);
-Signature *SigInitReal(DetectEngineCtx *, const char *);
SigMatchData* SigMatchList2DataArray(SigMatch *head);
void SigParseRegisterTests(void);
Signature *DetectEngineAppendSig(DetectEngineCtx *, const char *);
uint32_t proc;
} RpcMsg;
-/* Extract uint32_t */
-#define EXT_GET_UINT32T(buf) ((long)SCNtohl((long)*(buf)++))
-
typedef struct DetectRpcData_ {
uint32_t program;
uint32_t program_version;
enum {
DETECT_TAG_DIR_SRC,
DETECT_TAG_DIR_DST,
- DETECT_TAG_DIR_MAX
};
enum {
DETECT_TAG_METRIC_PACKET,
DETECT_TAG_METRIC_SECONDS,
DETECT_TAG_METRIC_BYTES,
- DETECT_TAG_METRIC_MAX
};
/** This will be the rule options/parameters */
#ifndef __DETECT_WINDOW_H__
#define __DETECT_WINDOW_H__
-#define MIN_WINDOW_VALUE 0
-#define MAX_WINDOW_VALUE 65535
-
typedef struct DetectWindowData_ {
uint8_t negated; /** negated? 1=True : 0=False */
uint16_t size; /** window size to match */
bool DetectUrilenValidateContent(const Signature *s, int list, const char **);
void DetectUrilenApplyToContent(Signature *s, int list);
-int DetectUrilenMatch (ThreadVars *, DetectEngineThreadCtx *, Flow *,
- uint8_t, void *, Signature *, SigMatch *);
void DetectUrilenRegister(void);
#endif /* _DETECT_URILEN_H */
#define DETECT_XBITS_CMD_ISNOTSET 3
#define DETECT_XBITS_CMD_ISSET 4
#define DETECT_XBITS_CMD_NOALERT 5
-#define DETECT_XBITS_CMD_MAX 6
#define DETECT_XBITS_TRACK_IPSRC 0
#define DETECT_XBITS_TRACK_IPDST 1
#define DETECT_XBITS_TRACK_IPPAIR 2
-#define DETECT_XBITS_TRACK_FLOW 3
#define DETECT_XBITS_EXPIRE_DEFAULT 30
#define SIG_FLAG_INIT_PACKET BIT_U32(1) /**< signature has matches against a packet (as opposed to app layer) */
#define SIG_FLAG_INIT_FLOW BIT_U32(2) /**< signature has a flow setting */
#define SIG_FLAG_INIT_BIDIREC BIT_U32(3) /**< signature has bidirectional operator */
-#define SIG_FLAG_INIT_FIRST_IPPROTO_SEEN BIT_U32(4) /** < signature has seen the first ip_proto keyword */
-#define SIG_FLAG_INIT_HAS_TRANSFORM BIT_U32(5)
+#define SIG_FLAG_INIT_FIRST_IPPROTO_SEEN \
+ BIT_U32(4) /** < signature has seen the first ip_proto keyword */
#define SIG_FLAG_INIT_STATE_MATCH BIT_U32(6) /**< signature has matches that require stateful inspection */
#define SIG_FLAG_INIT_NEED_FLUSH BIT_U32(7)
#define SIG_FLAG_INIT_PRIO_EXPLICIT \
ENGINE_PROFILE_MEDIUM,
ENGINE_PROFILE_HIGH,
ENGINE_PROFILE_CUSTOM,
- ENGINE_PROFILE_MAX
};
/* Siggroup mpm context profile */
SigMatch *SigMatchAlloc(void);
Signature *SigFindSignatureBySidGid(DetectEngineCtx *, uint32_t, uint32_t);
-void SigMatchSignaturesBuildMatchArray(DetectEngineThreadCtx *,
- Packet *, SignatureMask,
- uint16_t);
void SigMatchFree(DetectEngineCtx *, SigMatch *sm);
void SigRegisterTests(void);
-void TmModuleDetectRegister (void);
-
-void SigAddressPrepareBidirectionals (DetectEngineCtx *);
void DisableDetectFlowFileFlags(Flow *f);
char *DetectLoadCompleteSigPath(const DetectEngineCtx *, const char *sig_file);
int SignatureIsIPOnly(DetectEngineCtx *de_ctx, const Signature *s);
const SigGroupHead *SigMatchSignaturesGetSgh(const DetectEngineCtx *de_ctx, const Packet *p);
-Signature *DetectGetTagSignature(void);
-
int DetectUnregisterThreadCtxFuncs(DetectEngineCtx *, void *data, const char *name);
int DetectRegisterThreadCtxFuncs(DetectEngineCtx *, const char *name, void *(*InitFunc)(void *), void *data, void (*FreeFunc)(void *), int);
void *DetectThreadCtxGetKeywordThreadCtx(DetectEngineThreadCtx *, int);
void LiveDevFreeStorageById(LiveDevice *d, LiveDevStorageId id);
void LiveDevFreeStorage(LiveDevice *d);
-void RegisterLiveDevStorageTests(void);
-
LiveDevStorageId LiveDevStorageRegister(const char *name, const unsigned int size,
void *(*Alloc)(unsigned int), void (*Free)(void *));
struct timespec *curtime, void *data);
typedef int (*BypassedUpdateFunc)(Flow *f, Packet *p, void *data);
-void FlowAddToBypassed(Flow *f);
-
void BypassedFlowManagerThreadSpawn(void);
void TmModuleBypassedFlowManagerRegister(void);
/* Flow Time out values */
#define FLOW_DEFAULT_NEW_TIMEOUT 30
-#define FLOW_DEFAULT_EST_TIMEOUT 300
-#define FLOW_DEFAULT_CLOSED_TIMEOUT 0
+#define FLOW_DEFAULT_EST_TIMEOUT 300
#define FLOW_DEFAULT_BYPASSED_TIMEOUT 100
#define FLOW_IPPROTO_TCP_NEW_TIMEOUT 30
#define FLOW_IPPROTO_TCP_EST_TIMEOUT 300
#define FLOW_IPPROTO_ICMP_BYPASSED_TIMEOUT 100
#define FLOW_DEFAULT_EMERG_NEW_TIMEOUT 10
-#define FLOW_DEFAULT_EMERG_EST_TIMEOUT 100
-#define FLOW_DEFAULT_EMERG_CLOSED_TIMEOUT 0
+#define FLOW_DEFAULT_EMERG_EST_TIMEOUT 100
#define FLOW_DEFAULT_EMERG_BYPASSED_TIMEOUT 50
#define FLOW_IPPROTO_TCP_EMERG_NEW_TIMEOUT 10
#define FLOW_IPPROTO_TCP_EMERG_EST_TIMEOUT 100
void FlowEnqueue (FlowQueue *, Flow *);
Flow *FlowDequeue (FlowQueue *);
void FlowQueueRemove(FlowQueue *fq, Flow *f);
-void FlowQueueRemoveLock(FlowQueue *fq, Flow *f);
void FlowQueuePrivateAppendFlow(FlowQueuePrivate *fqc, Flow *f);
void FlowQueuePrivatePrependFlow(FlowQueuePrivate *fqc, Flow *f);
void FlowForceReassemblyForFlow(Flow *f);
int FlowForceReassemblyNeedReassembly(Flow *f);
void FlowForceReassembly(void);
-void FlowForceReassemblySetup(int detect_disabled);
#endif /* __FLOW_TIMEOUT_H__ */
#include "flow.h"
#include "stream-tcp-private.h"
-#define COPY_TIMESTAMP(src, dst) ((dst)->tv_sec = (src)->tv_sec, (dst)->tv_usec = (src)->tv_usec)
-
#define RESET_COUNTERS(f) \
do { \
(f)->todstpktcnt = 0; \
SC_ATOMIC_GET(flow_config.memcap)))
Flow *FlowAlloc(void);
-Flow *FlowAllocDirect(void);
void FlowFree(Flow *);
uint8_t FlowGetProtoMapping(uint8_t);
void FlowInit(Flow *, const Packet *);
* The actual declaration is in app-layer-parser.c */
typedef struct AppLayerParserState_ AppLayerParserState;
-#define FLOW_QUIET true
-#define FLOW_VERBOSE false
+#define FLOW_QUIET true
#define TOSERVER 0
#define TOCLIENT 1
(a)->addr_data32[3] = 0; \
} while (0)
-/* clear the address structure by setting all fields to 0 */
-#define FLOW_CLEAR_ADDR(a) do { \
- (a)->addr_data32[0] = 0; \
- (a)->addr_data32[1] = 0; \
- (a)->addr_data32[2] = 0; \
- (a)->addr_data32[3] = 0; \
- } while (0)
-
/* Set the IPv6 addressesinto the Addrs of the Packet.
* Make sure p->ip6h is initialized and validated. */
#define FLOW_SET_IPV6_SRC_ADDR_FROM_PACKET(p, a) do { \
{
uint32_t hash_rand;
uint32_t hash_size;
- uint32_t max_flows;
uint32_t prealloc;
uint32_t timeout_new;
uint32_t timeout_est;
- uint32_t emerg_timeout_new;
- uint32_t emerg_timeout_est;
uint32_t emergency_recovery;
enum ExceptionPolicy memcap_policy;
#define addr_data16 address.address_un_data16
#define addr_data8 address.address_un_data8
-typedef unsigned short FlowRefCount;
-
typedef unsigned short FlowStateType;
/** Local Thread ID */
void FlowSetupPacket(Packet *p);
void FlowHandlePacket (ThreadVars *, FlowLookupStruct *, Packet *);
void FlowInitConfig(bool);
-void FlowPrintQueueInfo (void);
void FlowReset(void);
void FlowShutdown(void);
void FlowSetIPOnlyFlag(Flow *, int);
int FlowChangeProto(Flow *);
void FlowSwap(Flow *);
-void FlowRegisterTests (void);
-int FlowSetProtoTimeout(uint8_t ,uint32_t ,uint32_t ,uint32_t);
-int FlowSetProtoEmergencyTimeout(uint8_t ,uint32_t ,uint32_t ,uint32_t);
-int FlowSetProtoFreeFunc (uint8_t , void (*Free)(void *));
-void FlowUpdateQueue(Flow *);
-
-int FlowUpdateSpareFlows(void);
+void FlowRegisterTests(void);
+int FlowSetProtoFreeFunc(uint8_t, void (*Free)(void *));
static inline void FlowSetNoPacketInspectionFlag(Flow *);
static inline void FlowSetNoPayloadInspectionFlag(Flow *);
/** ippair hash table */
extern IPPairHashRow *ippair_hash;
-#define IPPAIR_VERBOSE 0
#define IPPAIR_QUIET 1
typedef struct IPPairConfig_ {
#define IPPairDecrUsecnt(h) \
(void)SC_ATOMIC_SUB((h)->use_cnt, 1)
-#define IPPairReference(dst_h_ptr, h) do { \
- if ((h) != NULL) { \
- IPPairIncrUsecnt((h)); \
- *(dst_h_ptr) = h; \
- } \
- } while (0)
-
-#define IPPairDeReference(src_h_ptr) do { \
- if (*(src_h_ptr) != NULL) { \
- IPPairDecrUsecnt(*(src_h_ptr)); \
- *(src_h_ptr) = NULL; \
- } \
- } while (0)
-
extern IPPairConfig ippair_config;
SC_ATOMIC_EXTERN(uint64_t,ippair_memuse);
SC_ATOMIC_EXTERN(uint32_t,ippair_counter);
#define LOG_NODE_MAXOUTPUTLEN 8192
#define TIMESTAMP_DEFAULT_FORMAT "%D-%H:%M:%S"
-#define TIMESTAMP_DEFAULT_FORMAT_LEN 62
/* Common format nodes */
#define LOG_CF_NONE "-"
#define __LOG_HTTPLOG_H__
void LogHttpLogRegister(void);
-void TmModuleLogHttpLogIPv4Register (void);
-void TmModuleLogHttpLogIPv6Register (void);
OutputInitResult LogHttpLogInitCtx(ConfNode *);
#endif /* __LOG_HTTPLOG_H__ */
#define __OUTPUT_FILESTORE_H__
void OutputFilestoreRegister(void);
-void OutputFilestoreInitConfig(void);
void OutputFilestoreRegisterGlobalCounters(void);
#endif /* __OUTPUT_FILESTORE_H__ */
#define __OUTPUT_JSON_ANOMALY_H__
void JsonAnomalyLogRegister(void);
-void AnomalyJsonHeader(void *ctx, const Packet *p, const PacketAlert *pa, json_t *js,
- uint16_t flags);
#endif /* __OUTPUT_JSON_ALERT_H__ */
void JsonDropLogRegister(void);
-#endif /* __OUTPUT_DROPLOG_H__ */
+#endif /* __OUTPUT_JSON_DROP_H__ */
void NFQInitConfig(bool quiet);
int NFQRegisterQueue(const uint16_t number);
int NFQParseAndRegisterQueues(const char *queues);
-int NFQGetQueueCount(void);
void *NFQGetQueue(int number);
-int NFQGetQueueNum(int number);
void *NFQGetThread(int number);
void NFQContextsClean(void);
#endif /* NFQ */
uint16_t counter_tcp_pseudo_failed;
/** packets rejected because their csum is invalid */
uint16_t counter_tcp_invalid_checksum;
- /** sessions reused */
- uint16_t counter_tcp_reused_ssn;
/** midstream pickups */
uint16_t counter_tcp_midstream_pickups;
/** wrong thread */
SURI_HOST_IS_ROUTER,
};
-#define IS_SURI_HOST_MODE_SNIFFER_ONLY(host_mode) ((host_mode) == SURI_HOST_IS_SNIFFER_ONLY)
-#define IS_SURI_HOST_MODE_ROUTER(host_mode) ((host_mode) == SURI_HOST_IS_ROUTER)
+#define IS_SURI_HOST_MODE_SNIFFER_ONLY(host_mode) ((host_mode) == SURI_HOST_IS_SNIFFER_ONLY)
#include "runmodes.h"
#define RunmodeIsUnittests() 0
#endif
int RunmodeGetCurrent(void);
-int IsRuleReloadSet(int quiet);
int SuriHasSigFile(void);
ThreadVars *TmThreadCreateCmdThreadByName(const char *name, const char *module,
int mucond);
TmEcode TmThreadSpawn(ThreadVars *);
-void TmThreadSetFlags(ThreadVars *, uint8_t);
void TmThreadKillThreadsFamily(int family);
void TmThreadKillThreads(void);
void TmThreadClearThreadsFamily(int family);
#define CLOCK_PRINT_SEC \
printf("Seconds spent: %.4fs\n", ((double)(clo2 - clo1) / (double)CLOCKS_PER_SEC))
-#define GET_CLOCK_END_SECS ((clo1 - clo2)/(double)CLOCKS_PER_SEC)
-
#endif /*__UTIL_CLOCK_H__ */
#define __UTIL_CONFIG_H__
enum ConfigAction {
- CONFIG_ACTION_UNSET = 0,
CONFIG_ACTION_SET = 1,
};
#ifndef __UTIL_DAEMON_H__
#define __UTIL_DAEMON_H__
-/** \todo Adjust path */
-#define DAEMON_WORKING_DIRECTORY "/"
-
#ifdef OS_WIN32
#define Daemonize()
#else
int);
void SCLogReleaseFDFilter(SCLogFDFilter *);
-#endif /* __DEBUG_H__ */
+#endif /* __DEBUG_FILTERS_H__ */
#define RTE_ETH_RSS_IPV6_UDP_EX ETH_RSS_IPV6_UDP_EX
#define RTE_ETH_RSS_PORT ETH_RSS_PORT
#define RTE_ETH_RSS_VXLAN ETH_RSS_VXLAN
-#define RTE_ETH_RSS_GENEVE ETH_RSS_GENEVE
#define RTE_ETH_RSS_NVGRE ETH_RSS_NVGRE
#define RTE_ETH_RSS_GTPU ETH_RSS_GTPU
int *val, struct ebpf_timeout_config *config);
int EBPFSetupXDP(const char *iface, int fd, uint8_t flags);
-int EBPFCheckBypassedFlowTimeout(ThreadVars *th_v, struct flows_stats *bypassstats,
- struct timespec *curtime,
- void *data);
int EBPFCheckBypassedFlowCreate(ThreadVars *th_v, struct timespec *curtime, void *data);
void EBPFRegisterExtension(void);
void EBPFDeleteKey(int fd, void *key);
-#ifdef BUILD_UNIX_SOCKET
-TmEcode EBPFGetBypassedStats(json_t *cmd, json_t *answer, void *data);
-#endif
-
#define __bpf_percpu_val_align __attribute__((__aligned__(8)))
#define BPF_DECLARE_PERCPU(type, name, nr_cpus) \
*/
void FileDisableStoringForTransaction(Flow *f, const uint8_t direction, void *tx, uint64_t tx_id);
-void FlowFileDisableStoringForTransaction(struct Flow_ *f, uint64_t tx_id);
-
void FileForceFilestoreEnable(void);
int FileForceFilestore(void);
void FileReassemblyDepthEnable(uint32_t size);
void (*Free)(void *);
} HashListTable;
-#define HASHLIST_NO_SIZE 0
-
/* prototypes */
HashListTable* HashListTableInit(uint32_t, uint32_t (*Hash)(struct HashListTable_ *, void *, uint16_t), char (*Compare)(void *, uint16_t, void *, uint16_t), void (*Free)(void *));
void HashListTableFree(HashListTable *);
/* Flag set when file rotation notification is received. */
int rotation_flag;
- /* Set to true if the filename should not be timestamped. */
- bool nostamp;
-
/* if set to true EVE will add a pcap file record */
bool is_pcap_offline;
#define LOGFILE_RECONN_MIN_TIME 500
/* flags for LogFileCtx */
-#define LOGFILE_HEADER_WRITTEN 0x01
-#define LOGFILE_ALERTS_PRINTED 0x02
#define LOGFILE_ROTATE_INTERVAL 0x04
LogFileCtx *LogFileNewCtx(void);
} MpmCtxFactoryContainer;
/** pattern is case insensitive */
-#define MPM_PATTERN_FLAG_NOCASE 0x01
-/** pattern is negated */
-#define MPM_PATTERN_FLAG_NEGATED 0x02
+#define MPM_PATTERN_FLAG_NOCASE 0x01
/** pattern has a depth setting */
#define MPM_PATTERN_FLAG_DEPTH 0x04
/** pattern has an offset setting */
-#define MPM_PATTERN_FLAG_OFFSET 0x08
-/** one byte pattern (used in b2g) */
-#define MPM_PATTERN_ONE_BYTE 0x10
+#define MPM_PATTERN_FLAG_OFFSET 0x08
/** the ctx uses it's own internal id instead of
* what is passed through the API */
#define MPM_PATTERN_CTX_OWNS_ID 0x20
void (*Free)(void *);
} SCRadixTree;
-
-struct in_addr *SCRadixValidateIPV4Address(const char *);
-struct in6_addr *SCRadixValidateIPV6Address(const char *);
-void SCRadixChopIPAddressAgainstNetmask(uint8_t *, uint8_t, uint16_t);
-
SCRadixTree *SCRadixCreateRadixTree(void (*Free)(void*), void (*PrintData)(void*));
void SCRadixReleaseRadixTree(SCRadixTree *);
#endif
} THashDataQueue;
-#define THASH_VERBOSE 0
-#define THASH_QUIET 1
-
typedef int (*THashOutputFunc)(void *output_ctx, const uint8_t *data, const uint32_t data_len);
typedef int (*THashFormatFunc)(const void *in_data, char *output, size_t output_size);
#define THashDecrUsecnt(h) \
(void)SC_ATOMIC_SUB((h)->use_cnt, 1)
-#define THashReference(dst_h_ptr, h) do { \
- if ((h) != NULL) { \
- THashIncrUsecnt((h)); \
- *(dst_h_ptr) = h; \
- } \
- } while (0)
-
-#define THashDeReference(src_h_ptr) do { \
- if (*(src_h_ptr) != NULL) { \
- THashDecrUsecnt(*(src_h_ptr)); \
- *(src_h_ptr) = NULL; \
- } \
- } while (0)
-
THashTableContext *THashInit(const char *cnf_prefix, size_t data_size,
int (*DataSet)(void *dst, void *src), void (*DataFree)(void *),
uint32_t (*DataHash)(void *), bool (*DataCompare)(void *, void *), bool reset_memcap,
/** \brief initialize a 'struct timespec' from a 'struct timeval'. */
#define FROM_TIMEVAL(timev) { .tv_sec = (timev).tv_sec, .tv_nsec = (timev).tv_usec * 1000 }
-static inline struct timeval TimevalWithSeconds(const struct timeval *ts, const time_t sec_add)
-{
-#ifdef timeradd
- struct timeval add = { .tv_sec = sec_add, .tv_usec = 0 };
- struct timeval result;
- timeradd(ts, &add, &result);
- return result;
-#else
- const time_t sec = ts->tv_sec + sec_add;
- struct timeval result = { .tv_sec = sec, .tv_usec = ts->tv_usec };
- return result;
-#endif
-}
-
/** \brief compare two 'struct timeval' and return if the first is earlier than the second */
static inline bool TimevalEarlier(struct timeval *first, struct timeval *second)
{
projects / thirdparty / suricata.git / commitdiff
