#include "debug.h"
#include "detect.h"
#include "flow.h"
+
#include "host.h"
+#include "host-storage.h"
#include "detect-parse.h"
#include "detect-engine-sigorder.h"
#include "util-var-name.h"
#include "tm-threads.h"
+static int threshold_id = -1; /**< host storage id for thresholds */
+
+int ThresholdHostStorageId(void) {
+ return threshold_id;
+}
+
+void ThresholdInit(void) {
+ threshold_id = HostStorageRegister("threshold", sizeof(void *), NULL, ThresholdListFree);
+}
+
+int ThresholdHostHasThreshold(Host *host) {
+ return HostGetStorageById(host, threshold_id) ? 1 : 0;
+}
+
+void DetectThresholdForceCleanup(Host *host) {
+ void *t = HostGetStorageById(host, threshold_id);
+ if (t != NULL) {
+ ThresholdListFree(t);
+ HostSetStorageById(host, threshold_id, NULL);
+ }
+
+}
+
/**
* \brief Return next DetectThresholdData for signature
*
DetectThresholdEntry *prev = NULL;
int retval = 1;
- if (host->threshold == NULL)
- return 1;
-
- tmp = host->threshold;
+ tmp = HostGetStorageById(host, threshold_id);
+ if (tmp == NULL)
+ return 1;
prev = NULL;
while (tmp != NULL) {
SCFree(tde);
} else {
- host->threshold = tmp->next;
-
+ HostSetStorageById(host, threshold_id, tmp->next);
tde = tmp;
tmp = tde->next;
{
DetectThresholdEntry *e;
- for (e = h->threshold; e != NULL; e = e->next) {
+ for (e = HostGetStorageById(h, threshold_id); e != NULL; e = e->next) {
if (e->sid == sid && e->gid == gid)
break;
}
ret = 1;
- e->next = h->threshold;
- h->threshold = e;
+ e->next = HostGetStorageById(h, threshold_id);
+ HostSetStorageById(h, threshold_id, e);
}
break;
}
e->current_count = 1;
e->tv_sec1 = p->ts.tv_sec;
- e->next = h->threshold;
- h->threshold = e;
+ e->next = HostGetStorageById(h, threshold_id);
+ HostSetStorageById(h, threshold_id, e);
}
}
break;
e->current_count = 1;
e->tv_sec1 = p->ts.tv_sec;
- e->next = h->threshold;
- h->threshold = e;
+ e->next = HostGetStorageById(h, threshold_id);
+ HostSetStorageById(h, threshold_id, e);
/* for the first match we return 1 to
* indicate we should alert */
e->tv_sec1 = p->ts.tv_sec;
e->tv_usec1 = p->ts.tv_usec;
- e->next = h->threshold;
- h->threshold = e;
+ e->next = HostGetStorageById(h, threshold_id);
+ HostSetStorageById(h, threshold_id, e);
}
break;
}
e->tv_sec1 = p->ts.tv_sec;
e->tv_timeout = 0;
- e->next = h->threshold;
- h->threshold = e;
+ e->next = HostGetStorageById(h, threshold_id);
+ HostSetStorageById(h, threshold_id, e);
}
break;
}
* \file
*
* \author Breno Silva <breno.silva@gmail.com>
+ * \author Victor Julien <victor@inliniac.net>
*
* Implements the threshold keyword.
*
#include "decode.h"
#include "host.h"
+#include "host-storage.h"
#include "detect.h"
#include "detect-parse.h"
#include "stream-tcp.h"
#include "detect-threshold.h"
+#include "detect-engine-threshold.h"
#include "detect-parse.h"
#include "detect-engine-address.h"
goto cleanup;
}
- lookup_tsh = (DetectThresholdEntry *)host->threshold;
- if (lookup_tsh == NULL) {
+ if (!(ThresholdHostHasThreshold(host))) {
HostRelease(host);
- printf("lookup_tsh is NULL: ");
+ printf("host has no threshold: ");
goto cleanup;
}
HostRelease(host);
}
HostRelease(host);
- lookup_tsh = (DetectThresholdEntry *)host->threshold;
+ lookup_tsh = HostGetStorageById(host, ThresholdHostStorageId());
if (lookup_tsh == NULL) {
HostRelease(host);
printf("lookup_tsh is NULL: ");
projects / thirdparty / suricata.git / commitdiff
