sigmatch_table[keyword_id].flags |= SIGMATCH_NOOPT;
sigmatch_table[keyword_id].flags |= SIGMATCH_INFO_STICKY_BUFFER;
- DetectAppLayerMultiRegister(keyword, ALPROTO_DNS, SIG_FLAG_TOSERVER, 0, GetBufferFn, 2, 1);
- DetectAppLayerMultiRegister(keyword, ALPROTO_DNS, SIG_FLAG_TOCLIENT, 0, GetBufferFn, 2, 1);
+ DetectAppLayerMultiRegister(keyword, ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, GetBufferFn, 2);
+ DetectAppLayerMultiRegister(keyword, ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1, GetBufferFn, 2);
DetectBufferTypeSetDescriptionByName(keyword, keyword);
DetectBufferTypeSupportsMultiInstance(keyword);
bool toclient, bool toserver, InspectionMultiBufferGetDataPtr GetData, int progress)
{
if (toserver) {
- DetectAppLayerMultiRegister(
- name, alproto, SIG_FLAG_TOSERVER, progress, GetData, 2, progress);
+ DetectAppLayerMultiRegister(name, alproto, SIG_FLAG_TOSERVER, progress, GetData, 2);
}
if (toclient) {
- DetectAppLayerMultiRegister(
- name, alproto, SIG_FLAG_TOCLIENT, progress, GetData, 2, progress);
+ DetectAppLayerMultiRegister(name, alproto, SIG_FLAG_TOCLIENT, progress, GetData, 2);
}
DetectBufferTypeSupportsMultiInstance(name);
DetectBufferTypeSetDescriptionByName(name, desc);
// wrapper for both DetectAppLayerInspectEngineRegister and DetectAppLayerMpmRegister
// with cast of callback function
void DetectAppLayerMultiRegister(const char *name, AppProto alproto, uint32_t dir, int progress,
- InspectionMultiBufferGetDataPtr GetData, int priority, int tx_min_progress)
+ InspectionMultiBufferGetDataPtr GetData, int priority)
{
AppLayerInspectEngineRegisterInternal(
name, alproto, dir, progress, DetectEngineInspectMultiBufferGeneric, NULL, GetData);
- DetectAppLayerMpmMultiRegister(name, dir, priority, PrefilterMultiGenericMpmRegister, GetData,
- alproto, tx_min_progress);
+ DetectAppLayerMpmMultiRegister(
+ name, dir, priority, PrefilterMultiGenericMpmRegister, GetData, alproto, progress);
}
InspectionBuffer *DetectGetMultiData(struct DetectEngineThreadCtx_ *det_ctx,
int progress, InspectEngineFuncPtr Callback2, InspectionBufferGetDataPtr GetData);
void DetectAppLayerMultiRegister(const char *name, AppProto alproto, uint32_t dir, int progress,
- InspectionMultiBufferGetDataPtr GetData, int priority, int tx_min_progress);
+ InspectionMultiBufferGetDataPtr GetData, int priority);
void DetectPktInspectEngineRegister(const char *name,
InspectionBufferGetPktDataPtr GetPktData,
sigmatch_table[DETECT_FTP_REPLY].flags |= SIGMATCH_NOOPT;
DetectAppLayerMultiRegister(
- BUFFER_NAME, ALPROTO_FTP, SIG_FLAG_TOCLIENT, 0, DetectFTPReplyGetData, 2, 1);
+ BUFFER_NAME, ALPROTO_FTP, SIG_FLAG_TOCLIENT, 1, DetectFTPReplyGetData, 2);
DetectBufferTypeSetDescriptionByName(BUFFER_NAME, BUFFER_DESC);
SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister("http_request_header", ALPROTO_HTTP2, SIG_FLAG_TOSERVER,
- HTTP2StateOpen, rs_http2_tx_get_header, 2, HTTP2StateOpen);
+ HTTP2StateOpen, rs_http2_tx_get_header, 2);
DetectAppLayerMultiRegister("http_request_header", ALPROTO_HTTP1, SIG_FLAG_TOSERVER,
- HTP_REQUEST_PROGRESS_HEADERS, GetHttp1HeaderData, 2, HTP_REQUEST_PROGRESS_HEADERS);
+ HTP_REQUEST_PROGRESS_HEADERS, GetHttp1HeaderData, 2);
DetectBufferTypeSetDescriptionByName("http_request_header", "HTTP header name and value");
g_http_request_header_buffer_id = DetectBufferTypeGetByName("http_request_header");
SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister("http_response_header", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,
- HTTP2StateOpen, rs_http2_tx_get_header, 2, HTTP2StateOpen);
+ HTTP2StateOpen, rs_http2_tx_get_header, 2);
DetectAppLayerMultiRegister("http_response_header", ALPROTO_HTTP1, SIG_FLAG_TOCLIENT,
- HTP_RESPONSE_PROGRESS_HEADERS, GetHttp1HeaderData, 2, HTP_RESPONSE_PROGRESS_HEADERS);
+ HTP_RESPONSE_PROGRESS_HEADERS, GetHttp1HeaderData, 2);
DetectBufferTypeSetDescriptionByName("http_response_header", "HTTP header name and value");
g_http_response_header_buffer_id = DetectBufferTypeGetByName("http_response_header");
sigmatch_table[DETECT_HTTP2_HEADERNAME].flags |= SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister("http2_header_name", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,
- HTTP2StateOpen, rs_http2_tx_get_header_name, 2, HTTP2StateOpen);
+ HTTP2StateOpen, rs_http2_tx_get_header_name, 2);
DetectAppLayerMultiRegister("http2_header_name", ALPROTO_HTTP2, SIG_FLAG_TOSERVER,
- HTTP2StateOpen, rs_http2_tx_get_header_name, 2, HTTP2StateOpen);
+ HTTP2StateOpen, rs_http2_tx_get_header_name, 2);
DetectBufferTypeSupportsMultiInstance("http2_header_name");
DetectBufferTypeSetDescriptionByName("http2_header_name",
sigmatch_table[DETECT_IKE_VENDOR].flags |= SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister(
- "ike.vendor", ALPROTO_IKE, SIG_FLAG_TOSERVER, 1, rs_ike_tx_get_vendor, 1, 1);
+ "ike.vendor", ALPROTO_IKE, SIG_FLAG_TOSERVER, 1, rs_ike_tx_get_vendor, 1);
g_ike_vendor_buffer_id = DetectBufferTypeGetByName("ike.vendor");
sigmatch_table[DETECT_KRB5_CNAME].desc = "sticky buffer to match on Kerberos 5 client name";
DetectAppLayerMultiRegister(
- "krb5_cname", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, rs_krb5_tx_get_cname, 2, 1);
+ "krb5_cname", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 1, rs_krb5_tx_get_cname, 2);
DetectBufferTypeSetDescriptionByName("krb5_cname",
"Kerberos 5 ticket client name");
sigmatch_table[DETECT_KRB5_SNAME].desc = "sticky buffer to match on Kerberos 5 server name";
DetectAppLayerMultiRegister(
- "krb5_sname", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, rs_krb5_tx_get_sname, 2, 1);
+ "krb5_sname", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 1, rs_krb5_tx_get_sname, 2);
DetectBufferTypeSetDescriptionByName("krb5_sname",
"Kerberos 5 ticket server name");
#endif
DetectAppLayerMultiRegister(
- BUFFER_NAME, ALPROTO_QUIC, SIG_FLAG_TOSERVER, 0, rs_quic_tx_get_cyu_hash, 2, 1);
+ BUFFER_NAME, ALPROTO_QUIC, SIG_FLAG_TOSERVER, 1, rs_quic_tx_get_cyu_hash, 2);
DetectBufferTypeSetDescriptionByName(BUFFER_NAME, BUFFER_DESC);
#endif
DetectAppLayerMultiRegister(
- BUFFER_NAME, ALPROTO_QUIC, SIG_FLAG_TOSERVER, 0, rs_quic_tx_get_cyu_string, 2, 1);
+ BUFFER_NAME, ALPROTO_QUIC, SIG_FLAG_TOSERVER, 1, rs_quic_tx_get_cyu_string, 2);
DetectBufferTypeSetDescriptionByName(BUFFER_NAME, BUFFER_DESC);
sigmatch_table[DETECT_TLS_ALPN].flags |= SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister("tls.alpn", ALPROTO_TLS, SIG_FLAG_TOSERVER,
- TLS_STATE_CLIENT_HELLO_DONE, TlsAlpnGetData, 2, TLS_STATE_CLIENT_HELLO_DONE);
- DetectAppLayerMultiRegister("tls.alpn", ALPROTO_TLS, SIG_FLAG_TOCLIENT, TLS_STATE_SERVER_HELLO,
- TlsAlpnGetData, 2, TLS_STATE_SERVER_HELLO);
+ TLS_STATE_CLIENT_HELLO_DONE, TlsAlpnGetData, 2);
+ DetectAppLayerMultiRegister(
+ "tls.alpn", ALPROTO_TLS, SIG_FLAG_TOCLIENT, TLS_STATE_SERVER_HELLO, TlsAlpnGetData, 2);
DetectBufferTypeSetDescriptionByName("tls.alpn", "TLS APLN");
sigmatch_table[DETECT_TLS_CERTS].flags |= SIGMATCH_INFO_STICKY_BUFFER;
DetectAppLayerMultiRegister("tls.certs", ALPROTO_TLS, SIG_FLAG_TOCLIENT,
- TLS_STATE_SERVER_CERT_DONE, TlsCertsGetData, 2, 1);
+ TLS_STATE_SERVER_CERT_DONE, TlsCertsGetData, 2);
DetectAppLayerMultiRegister("tls.certs", ALPROTO_TLS, SIG_FLAG_TOSERVER,
- TLS_STATE_CLIENT_CERT_DONE, TlsCertsGetData, 2, 1);
+ TLS_STATE_CLIENT_CERT_DONE, TlsCertsGetData, 2);
DetectBufferTypeSetDescriptionByName("tls.certs", "TLS certificate");
sigmatch_table[DETECT_TLS_SUBJECTALTNAME].flags |= SIGMATCH_NOOPT;
sigmatch_table[DETECT_TLS_SUBJECTALTNAME].flags |= SIGMATCH_INFO_STICKY_BUFFER;
- DetectAppLayerMultiRegister("tls.subjectaltname", ALPROTO_TLS, SIG_FLAG_TOCLIENT, 0,
- TlsSubjectAltNameGetData, 2, TLS_STATE_SERVER_CERT_DONE);
+ DetectAppLayerMultiRegister("tls.subjectaltname", ALPROTO_TLS, SIG_FLAG_TOCLIENT,
+ TLS_STATE_SERVER_CERT_DONE, TlsSubjectAltNameGetData, 2);
DetectBufferTypeSetDescriptionByName("tls.subjectaltname", "TLS Subject Alternative Name");
projects / thirdparty / suricata.git / commitdiff
