* 02110-1301, USA.
*/
+/*
+ * TODO: Update \author in this file and app-layer-template.h.
+ * TODO: Implement your app-layer logic with unit tests.
+ * TODO: Remove SCLogNotice statements or convert to debug.
+ */
+
/**
- * \file Template application layer detector and parser for learning and
+ * \file
+ *
+ * \author FirstName LastName <yourname@domain>
+ *
+ * Template application layer detector and parser for learning and
* template pruposes.
*
* This template implements a simple application layer for something
return;
}
/* TEMPLATE_END_REMOVE */
-
/* Check if Template TCP detection is enabled. If it does not exist in
* the configuration file then it will be enabled by default. */
if (AppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {
* 02110-1301, USA.
*/
+/*
+ * TODO: Update the \author in this file and detect-template-buffer.h.
+ * TODO: Update description in the \file section below.
+ * TODO: Remove SCLogNotice statements or convert to debug.
+ */
+
/**
- * \file Set up of the "template_buffer" keyword to allow content inspections
- * on the decoded template application layer buffers.
+ * \file
+ *
+ * \author FirstName LastName <yourname@domain>
+ *
+ * Set up of the "template_buffer" keyword to allow content
+ * inspections on the decoded template application layer buffers.
*/
#include "suricata-common.h"
void DetectTemplateBufferRegister(void)
{
+ /* TEMPLATE_START_REMOVE */
if (ConfGetNode("app-layer.protocols.template") == NULL) {
return;
}
-
+ /* TEMPLATE_END_REMOVE */
sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].name = "template_buffer";
sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].desc =
"Template content modififier to match on the template buffers";
ThreadVars tv;
Signature *s;
- int result = 0;
-
uint8_t request[] = "Hello World!";
/* Setup flow. */
StreamTcpInitConfig(TRUE);
de_ctx = DetectEngineCtxInit();
- if (de_ctx == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(de_ctx);
/* This rule should match. */
s = DetectEngineAppendSig(de_ctx,
"msg:\"TEMPLATE Test Rule\"; "
"template_buffer; content:\"World!\"; "
"sid:1; rev:1;)");
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
/* This rule should not match. */
s = DetectEngineAppendSig(de_ctx,
"msg:\"TEMPLATE Test Rule\"; "
"template_buffer; content:\"W0rld!\"; "
"sid:2; rev:1;)");
- if (s == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
SCMutexUnlock(&f.m);
/* Check that we have app-layer state. */
- if (f.alstate == NULL) {
- goto end;
- }
+ FAIL_IF_NULL(f.alstate);
SigMatchSignatures(&tv, de_ctx, det_ctx, p);
- if (!PacketAlertCheck(p, 1)) {
- goto end;
- }
- if (PacketAlertCheck(p, 2)) {
- goto end;
- }
+ FAIL_IF(!PacketAlertCheck(p, 1));
+ FAIL_IF(PacketAlertCheck(p, 2));
- result = 1;
-end:
/* Cleanup. */
if (alp_tctx != NULL)
AppLayerParserThreadCtxFree(alp_tctx);
FLOW_DESTROY(&f);
UTHFreePacket(p);
- return result;
+ PASS;
}
#endif
* 02110-1301, USA.
*/
+/*
+ * TODO: Update \author in this file and in output-json-template.h.
+ * TODO: Remove SCLogNotice statements, or convert to debug.
+ * TODO: Implement your app-layers logging.
+ */
+
+/**
+ * \file
+ *
+ * \author FirstName LastName <yourname@domain>
+ *
+ * Implement JSON/eve logging app-layer Template.
+ */
+
#include "suricata-common.h"
#include "debug.h"
#include "detect.h"
void TmModuleJsonTemplateLogRegister(void)
{
+ /* TEMPLATE_START_REMOVE */
if (ConfGetNode("app-layer.protocols.template") == NULL) {
return;
}
-
+ /* TEMPLATE_END_REMOVE */
tmm_modules[TMM_JSONTEMPLATELOG].name = "JsonTemplateLog";
tmm_modules[TMM_JSONTEMPLATELOG].ThreadInit = JsonTemplateLogThreadInit;
tmm_modules[TMM_JSONTEMPLATELOG].ThreadDeinit = JsonTemplateLogThreadDeinit;
projects / thirdparty / suricata.git / commitdiff
