use std::ffi::CString;
use std::os::raw::{c_char, c_int, c_void};
use suricata::applayer::{
- state_get_tx_iterator, AppLayerEvent, AppLayerParserConfParserEnabled, AppLayerRegisterParser,
+ state_get_tx_iterator, AppLayerEvent, AppLayerRegisterParser,
AppLayerRegisterProtocolDetection, AppLayerResult, AppLayerStateData, AppLayerTxData,
RustParser, State, StreamSlice, Transaction, APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS,
APP_LAYER_PARSER_OPT_ACCEPT_GAPS,
build_slice, cast_pointer, export_state_data_get, export_tx_data_get, SCLogError, SCLogNotice,
};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, Flow, SCAppLayerParserRegisterLogger,
- SCAppLayerParserStateIssetFlag, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, Flow, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
static mut TEMPLATE_MAX_TX: usize = 256;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_TEMPLATE = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.template.max-tx") {
pub const _APP_LAYER_TX_INSPECTED_TC: u8 = BIT_U8!(3);
pub const APP_LAYER_TX_ACCEPT: u8 = BIT_U8!(4);
-/// cbindgen:ignore
-extern "C" {
- pub fn AppLayerParserConfParserEnabled(ipproto: *const c_char, proto: *const c_char) -> c_int;
-}
-
#[repr(C)]
pub struct AppLayerGetTxIterTuple {
tx_ptr: *mut std::os::raw::c_void,
use std::ffi::CString;
use std::os::raw::{c_char, c_int, c_void};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_TEMPLATE = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.template.max-tx") {
*/
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCS,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ SCAppLayerProtoDetectPMRegisterPatternCS,
};
use crate::applayer::{self, *};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_BITTORRENT_DHT = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
use nom7::number::Endianness;
use nom7::{Err, IResult, Needed};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
- SCAppLayerProtoDetectPMRegisterPatternCSwPP,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP,
};
use std;
use std::cmp;
if register_pattern_probe() < 0 {
return;
}
- if AppLayerParserConfParserEnabled(
+ if SCAppLayerParserConfParserEnabled(
ip_proto_str.as_ptr(),
parser.name,
) != 0
use crate::flow::Flow;
use nom7::Err;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
- SCAppLayerProtoDetectPMRegisterPatternCSwPP,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP,
};
use std;
use std::ffi::CString;
if register_pattern_probe() < 0 {
return;
}
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
} else {
*/
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
use crate::applayer::{self, *};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_DHCP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
} else {
use nom7::number::streaming::be_u16;
use nom7::{Err, IResult};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, DetectEngineThreadCtx,
+ AppLayerParserState, AppProto, DetectEngineThreadCtx, SCAppLayerParserConfParserEnabled,
SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_DNS = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
}
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_DNS = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
}
use std::ffi::CString;
use std::os::raw::{c_char, c_int, c_void};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerParserRegisterParserAcceptableDataDirection, SCAppLayerParserStateIssetFlag,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserRegisterParserAcceptableDataDirection,
+ SCAppLayerParserStateIssetFlag, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
pub(super) static mut ALPROTO_ENIP: AppProto = ALPROTO_UNKNOWN;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_ENIP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust enip parser registered for UDP.");
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_ENIP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust enip parser registered for TCP.");
use std::fmt;
use std::io;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerForceProtocolChange, SCAppLayerParserRegisterLogger,
+ AppLayerParserState, AppProto, SCAppLayerForceProtocolChange,
+ SCAppLayerParserConfParserEnabled, SCAppLayerParserRegisterLogger,
SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_HTTP2 = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.http2.max-streams") {
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_DOH2 = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
} else {
SCLogWarning!("DOH2 is not meant to be detection-only.");
use std::collections::HashSet;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
#[derive(AppLayerEvent)]
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_IKE = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
use std;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
#[derive(AppLayerEvent)]
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
// store the allocated ID for the probe function
ALPROTO_KRB5 = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCAppLayerParserRegisterLogger(IPPROTO_UDP, ALPROTO_KRB5);
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
// store the allocated ID for the probe function
ALPROTO_KRB5 = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCAppLayerParserRegisterLogger(IPPROTO_TCP, ALPROTO_KRB5);
use std::ffi::CString;
use std::os::raw::{c_char, c_int, c_void};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_LDAP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.ldap.max-tx") {
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_LDAP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.ldap.max-tx") {
use crate::flow::Flow;
use suricata_sys::sys::DetectEngineThreadCtx;
-use suricata_sys::sys::{AppProto, AppProtoEnum, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+ AppProto, AppProtoEnum, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
pub(super) static mut ALPROTO_MDNS: AppProto = ALPROTO_UNKNOWN;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_MDNS = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
}
use sawp::probe::{Probe, Status};
use sawp_modbus::{self, AccessType, ErrorFlags, Flags, Message};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabledDefault,
};
{
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_MODBUS = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCAppLayerParserRegisterLogger(IPPROTO_TCP, ALPROTO_MODBUS);
use std::collections::VecDeque;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
// Used as a special pseudo packet identifier to denote the first CONNECT
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_MQTT = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.mqtt.max-tx") {
use nom7::{Err, Needed};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
- SCAppLayerProtoDetectPPParseConfPorts, SCAppLayerProtoDetectPPRegister,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPPParseConfPorts,
+ SCAppLayerProtoDetectPPRegister,
};
use crate::applayer;
Some(ffi_nfs_probe),
);
}
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust nfs parser registered.");
Some(nfs_probe_udp_tc),
);
}
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if let Some(val) = conf_get("app-layer.protocols.nfs.max-tx") {
use nom7::Err;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
#[derive(AppLayerEvent)]
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
// store the allocated ID for the probe function
ALPROTO_NTP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
} else {
use std::collections::VecDeque;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserSetStreamDepth, SCAppLayerParserStateIssetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserSetStreamDepth, SCAppLayerParserStateIssetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_PGSQL = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust pgsql parser registered.");
use std::ffi::CString;
use std::os::raw::{c_char, c_int, c_void};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserSetStreamDepth,
- SCAppLayerParserStateIssetFlag, SCAppLayerProtoDetectConfProtoDetectionEnabled,
- SCAppLayerRequestProtocolTLSUpgrade,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserSetStreamDepth, SCAppLayerParserStateIssetFlag,
+ SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
};
use sawp::error::Error as SawpError;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_POP3 = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
let retval = conf_get("app-layer.protocols.pop3.stream-depth");
use std::collections::VecDeque;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
use tls_parser::TlsExtensionType;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_QUIC = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust quic parser registered.");
use std;
use std::collections::VecDeque;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
use tls_parser::{parse_tls_plaintext, TlsMessage, TlsMessageHandshake, TlsRecordType};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_RDP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCAppLayerParserRegisterLogger(IPPROTO_TCP, ALPROTO_RDP);
use std::ffi::CString;
use std::os::raw::c_char;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCI,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ SCAppLayerProtoDetectPMRegisterPatternCI,
};
pub(super) static mut ALPROTO_RFB: AppProto = ALPROTO_UNKNOWN;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_RFB = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust rfb parser registered.");
use std::collections::VecDeque;
use std::ffi::CString;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateIssetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCS,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_SIP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if register_pattern_probe(core::IPPROTO_UDP) < 0 {
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_SIP = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
if register_pattern_probe(core::IPPROTO_TCP) < 0 {
use lru::LruCache;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserSetStreamDepth,
- SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCSwPP,
- SCAppLayerProtoDetectPPParseConfPorts, SCAppLayerProtoDetectPPRegister,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserSetStreamDepth, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ SCAppLayerProtoDetectPMRegisterPatternCSwPP, SCAppLayerProtoDetectPPParseConfPorts,
+ SCAppLayerProtoDetectPPRegister,
};
use std::num::NonZeroUsize;
0, MIN_REC_SIZE, Direction::ToServer as u8, Some(c_smb_probe_tcp), Some(c_smb_probe_tcp));
}
- if AppLayerParserConfParserEnabled(
+ if SCAppLayerParserConfParserEnabled(
ip_proto_str.as_ptr(),
parser.name,
) != 0
use suricata_sys::sys::{
AppLayerParserState, AppProto, AppProtoNewProtoFromString, EveJsonTxLoggerRegistrationData,
SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
- SCOutputEvePreRegisterLogger, SCOutputJsonLogDirection, SCSigTablePreRegister,
+ SCOutputEvePreRegisterLogger, SCOutputJsonLogDirection, SCSigTablePreRegister, SCAppLayerParserConfParserEnabled,
};
#[derive(AppLayerEvent)]
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
// port 161
_ = AppLayerRegisterProtocolDetection(&parser, 1);
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, ALPROTO_SNMP);
}
// port 162
let default_port_traps = CString::new("162").unwrap();
parser.default_port = default_port_traps.as_ptr();
let _ = AppLayerRegisterProtocolDetection(&parser, 1);
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, ALPROTO_SNMP);
}
SCAppLayerParserRegisterLogger(IPPROTO_UDP, ALPROTO_SNMP);
use std::ffi::CString;
use std::sync::atomic::{AtomicBool, Ordering};
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger, SCAppLayerParserStateSetFlag,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerParserStateSetFlag,
SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_SSH = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCAppLayerParserRegisterLogger(IPPROTO_TCP, ALPROTO_SSH);
use std::ffi::CString;
use nom7::IResult;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserStateIssetFlag, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
use super::parser;
{
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_TELNET = alproto;
- if AppLayerParserConfParserEnabled(
+ if SCAppLayerParserConfParserEnabled(
ip_proto_str.as_ptr(),
parser.name,
) != 0
use flate2::Decompress;
use flate2::FlushDecompress;
use suricata_sys::sys::{
- AppLayerParserState, AppProto, SCAppLayerParserRegisterLogger,
- SCAppLayerProtoDetectConfProtoDetectionEnabled,
+ AppLayerParserState, AppProto, SCAppLayerParserConfParserEnabled,
+ SCAppLayerParserRegisterLogger, SCAppLayerProtoDetectConfProtoDetectionEnabled,
};
use std;
if SCAppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let alproto = AppLayerRegisterProtocolDetection(&parser, 1);
ALPROTO_WEBSOCKET = alproto;
- if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
+ if SCAppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
let _ = AppLayerRegisterParser(&parser, alproto);
}
SCLogDebug!("Rust websocket parser registered.");
_unused: [u8; 0],
}
pub type AppLayerParserState = AppLayerParserState_;
+extern "C" {
+ #[doc = " \\brief Given a protocol name, checks if the parser is enabled in\n the conf file.\n\n \\param alproto_name Name of the app layer protocol.\n\n \\retval 1 If enabled.\n \\retval 0 If disabled."]
+ pub fn SCAppLayerParserConfParserEnabled(
+ ipproto: *const ::std::os::raw::c_char, alproto_name: *const ::std::os::raw::c_char,
+ ) -> ::std::os::raw::c_int;
+}
extern "C" {
pub fn SCAppLayerParserRegisterParserAcceptableDataDirection(
ipproto: u8, alproto: AppProto, direction: u8,
SCReturn;
}
- if (AppLayerParserConfParserEnabled("tcp", proto_name))
- {
+ if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
SCLogConfig("Registering DNP3/tcp parsers.");
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_DNP3, STREAM_TOSERVER,
AppLayerParserRegisterTxDataFunc(IPPROTO_TCP, ALPROTO_DNP3,
DNP3GetTxData);
AppLayerParserRegisterStateDataFunc(IPPROTO_TCP, ALPROTO_DNP3, DNP3GetStateData);
- }
- else {
+ } else {
SCLogConfig("Parser disabled for protocol %s. "
"Protocol detection still on.", proto_name);
}
AppLayerProtoDetectRegisterProtocol(ALPROTO_FTPDATA, proto_data_name);
}
- if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
+ if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_FTP, STREAM_TOSERVER,
FTPParseRequest);
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_FTP, STREAM_TOCLIENT,
SCEnter();
if (!SCAppLayerProtoDetectConfProtoDetectionEnabled("tcp", "http") ||
- !AppLayerParserConfParserEnabled("tcp", "http")) {
+ !SCAppLayerParserConfParserEnabled("tcp", "http")) {
SCReturn;
}
return;
}
- if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
+ if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
AppLayerParserRegisterStateFuncs(IPPROTO_TCP, ALPROTO_HTTP1, HTPStateAlloc, HTPStateFree);
AppLayerParserRegisterTxFreeFunc(IPPROTO_TCP, ALPROTO_HTTP1, HTPStateTransactionFree);
AppLayerParserRegisterGetTxFilesFunc(IPPROTO_TCP, ALPROTO_HTTP1, HTPGetTxFiles);
/** \brief check if a parser is enabled in the config
* Returns enabled always if: were running unittests
*/
-int AppLayerParserConfParserEnabled(const char *ipproto,
- const char *alproto_name)
+int SCAppLayerParserConfParserEnabled(const char *ipproto, const char *alproto_name)
{
SCEnter();
* \retval 1 If enabled.
* \retval 0 If disabled.
*/
-int AppLayerParserConfParserEnabled(const char *ipproto,
- const char *alproto_name);
+int SCAppLayerParserConfParserEnabled(const char *ipproto, const char *alproto_name);
enum ExceptionPolicy AppLayerErrorGetExceptionPolicy(void);
return;
}
- if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
+ if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
AppLayerParserRegisterStateFuncs(IPPROTO_TCP, ALPROTO_SMTP, SMTPStateAlloc, SMTPStateFree);
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_SMTP, STREAM_TOSERVER,
return;
}
- if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
+ if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TLS, STREAM_TOSERVER,
SSLParseClientRecord);
return;
}
- if (AppLayerParserConfParserEnabled("udp", proto_name)) {
+ if (SCAppLayerParserConfParserEnabled("udp", proto_name)) {
SCLogDebug("Registering TFTP protocol parser.");
AppLayerParserRegisterTxDataFunc(IPPROTO_UDP, ALPROTO_TFTP, SCTftpGetTxData);
AppLayerParserRegisterStateDataFunc(IPPROTO_UDP, ALPROTO_TFTP, SCTftpGetStateData);
- }
- else {
+ } else {
SCLogDebug("TFTP protocol parsing disabled.");
}
}
projects / thirdparty / suricata.git / commitdiff
