suricata
detect-engine-siggroup.h
Go to the documentation of this file.
1/* Copyright (C) 2007-2010 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \file
20 *
21 * \author Victor Julien <victor@inliniac.net>
22 */
23
24#ifndef SURICATA_DETECT_ENGINE_SIGGROUP_H
25#define SURICATA_DETECT_ENGINE_SIGGROUP_H
26
27int SigGroupHeadAppendSig(const DetectEngineCtx *, SigGroupHead **, const Signature *);
28int SigGroupHeadClearSigs(SigGroupHead *);
29int SigGroupHeadCopySigs(DetectEngineCtx *, SigGroupHead *, SigGroupHead **);
30
31void SigGroupHeadFree(const DetectEngineCtx *de_ctx, SigGroupHead *);
32
33SigGroupHead *SigGroupHeadHashLookup(DetectEngineCtx *, SigGroupHead *);
34
35int SigGroupHeadHashAdd(DetectEngineCtx *, SigGroupHead *);
36
37void SigGroupHeadHashFree(DetectEngineCtx *);
38
39int SigGroupHeadHashInit(DetectEngineCtx *);
40
41void SigGroupHeadInitDataFree(SigGroupHeadInitData *sghid);
42void SigGroupHeadSetSigCnt(SigGroupHead *sgh, uint32_t max_idx);
43bool SigGroupHeadEqual(const SigGroupHead *, const SigGroupHead *);
44void SigGroupHeadSetProtoAndDirection(SigGroupHead *sgh,
45 uint8_t ipproto, int dir);
46int SigGroupHeadBuildMatchArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh, uint32_t max_idx);
47
48int SigGroupHeadContainsSigId (DetectEngineCtx *de_ctx, SigGroupHead *sgh,
49 uint32_t sid);
50
51void SigGroupHeadRegisterTests(void);
52void SigGroupHeadPrintSigs(DetectEngineCtx *de_ctx, SigGroupHead *sgh);
53
54void SigGroupHeadStore(DetectEngineCtx *, SigGroupHead *);
55
56void SigGroupHeadSetupFiles(const DetectEngineCtx *de_ctx, SigGroupHead *sgh);
57
58int SigGroupHeadBuildNonPrefilterArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh);
59
60#endif /* SURICATA_DETECT_ENGINE_SIGGROUP_H */
SigGroupHeadRegisterTests
void SigGroupHeadRegisterTests(void)
Definition detect-engine-siggroup.c:995
SigGroupHeadPrintSigs
void SigGroupHeadPrintSigs(DetectEngineCtx *de_ctx, SigGroupHead *sgh)
Helper function used to print the list of sids for the Signatures present in this SigGroupHead.
Definition detect-engine-siggroup.c:503
SigGroupHeadHashAdd
int SigGroupHeadHashAdd(DetectEngineCtx *, SigGroupHead *)
Adds a SigGroupHead to the detection engine context SigGroupHead hash table.
Definition detect-engine-siggroup.c:266
SigGroupHeadCopySigs
int SigGroupHeadCopySigs(DetectEngineCtx *, SigGroupHead *, SigGroupHead **)
Copies the bitarray holding the sids from the source SigGroupHead to the destination SigGroupHead.
Definition detect-engine-siggroup.c:390
SigGroupHeadHashLookup
SigGroupHead * SigGroupHeadHashLookup(DetectEngineCtx *, SigGroupHead *)
Used to lookup a SigGroupHead hash from the detection engine context SigGroupHead hash table.
Definition detect-engine-siggroup.c:283
SigGroupHeadClearSigs
int SigGroupHeadClearSigs(SigGroupHead *)
Clears the bitarray holding the sids for this SigGroupHead.
Definition detect-engine-siggroup.c:348
SigGroupHeadFree
void SigGroupHeadFree(const DetectEngineCtx *de_ctx, SigGroupHead *)
Free a SigGroupHead and its members.
Definition detect-engine-siggroup.c:163
SigGroupHeadBuildMatchArray
int SigGroupHeadBuildMatchArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh, uint32_t max_idx)
Create an array with all the internal ids of the sigs that this sig group head will check for.
Definition detect-engine-siggroup.c:535
SigGroupHeadInitDataFree
void SigGroupHeadInitDataFree(SigGroupHeadInitData *sghid)
Definition detect-engine-siggroup.c:60
SigGroupHeadAppendSig
int SigGroupHeadAppendSig(const DetectEngineCtx *, SigGroupHead **, const Signature *)
Add a Signature to a SigGroupHead.
Definition detect-engine-siggroup.c:319
SigGroupHeadSetupFiles
void SigGroupHeadSetupFiles(const DetectEngineCtx *de_ctx, SigGroupHead *sgh)
Set the need hash flag in the sgh.
Definition detect-engine-siggroup.c:573
SigGroupHeadContainsSigId
int SigGroupHeadContainsSigId(DetectEngineCtx *de_ctx, SigGroupHead *sgh, uint32_t sid)
Check if a SigGroupHead contains a Signature, whose sid is sent as an argument.
Definition detect-engine-siggroup.c:623
SigGroupHeadSetSigCnt
void SigGroupHeadSetSigCnt(SigGroupHead *sgh, uint32_t max_idx)
Updates the SigGroupHead->sig_cnt with the total count of all the Signatures present in this SigGroup...
Definition detect-engine-siggroup.c:446
SigGroupHeadHashFree
void SigGroupHeadHashFree(DetectEngineCtx *)
Frees the hash table - DetectEngineCtx->sgh_hash_table, allocated by SigGroupHeadHashInit() function.
Definition detect-engine-siggroup.c:299
SigGroupHeadStore
void SigGroupHeadStore(DetectEngineCtx *, SigGroupHead *)
Definition detect-engine-siggroup.c:109
SigGroupHeadBuildNonPrefilterArray
int SigGroupHeadBuildNonPrefilterArray(DetectEngineCtx *de_ctx, SigGroupHead *sgh)
SigGroupHeadSetProtoAndDirection
void SigGroupHeadSetProtoAndDirection(SigGroupHead *sgh, uint8_t ipproto, int dir)
Definition detect-engine-siggroup.c:486
SigGroupHeadEqual
bool SigGroupHeadEqual(const SigGroupHead *, const SigGroupHead *)
Finds if two Signature Group Heads are the same.
Definition detect-engine-siggroup.c:469
SigGroupHeadHashInit
int SigGroupHeadHashInit(DetectEngineCtx *)
Initializes the hash table in the detection engine context to hold the SigGroupHeads.
Definition detect-engine-siggroup.c:244
de_ctx
DetectEngineCtx * de_ctx
Definition fuzz_siginit.c:18
DetectEngineCtx_
main detection engine ctx
Definition detect.h:932
SigGroupHeadInitData_
Definition detect.h:1600
SigGroupHead_
Container for matching data for a signature group.
Definition detect.h:1629
Signature_
Signature container.
Definition detect.h:668