suricata
detect-noalert.c
Go to the documentation of this file.
1
/* Copyright (C) 2007-2024 Open Information Security Foundation
2
*
3
* You can copy, redistribute or modify this Program under the terms of
4
* the GNU General Public License version 2 as published by the Free
5
* Software Foundation.
6
*
7
* This program is distributed in the hope that it will be useful,
8
* but WITHOUT ANY WARRANTY; without even the implied warranty of
9
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10
* GNU General Public License for more details.
11
*
12
* You should have received a copy of the GNU General Public License
13
* version 2 along with this program; if not, write to the Free Software
14
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15
* 02110-1301, USA.
16
*/
17
18
/**
19
* \file
20
*
21
* \author Victor Julien <victor@inliniac.net>
22
*
23
* Implements the noalert and alert keywords.
24
*/
25
26
#include "
suricata-common.h
"
27
#include "
action-globals.h
"
28
#include "
detect.h
"
29
#include "
detect-noalert.h
"
30
#include "
util-debug.h
"
31
#include "
util-validate.h
"
32
33
static
int
DetectNoalertSetup(
DetectEngineCtx
*
de_ctx
,
Signature
*s,
const
char
*nullstr)
34
{
35
DEBUG_VALIDATE_BUG_ON
(nullstr != NULL);
36
37
s->
action
&= ~ACTION_ALERT;
38
return
0;
39
}
40
41
static
int
DetectAlertSetup(
DetectEngineCtx
*
de_ctx
,
Signature
*s,
const
char
*nullstr)
42
{
43
DEBUG_VALIDATE_BUG_ON
(nullstr != NULL);
44
45
s->
action
|=
ACTION_ALERT
;
46
return
0;
47
}
48
49
void
DetectNoalertRegister
(
void
)
50
{
51
sigmatch_table
[
DETECT_NOALERT
].
name
=
"noalert"
;
52
sigmatch_table
[
DETECT_NOALERT
].
desc
=
"no alert will be generated by the rule"
;
53
sigmatch_table
[
DETECT_NOALERT
].
url
=
"/rules/noalert.html"
;
54
sigmatch_table
[
DETECT_NOALERT
].
Setup
= DetectNoalertSetup;
55
sigmatch_table
[
DETECT_NOALERT
].
flags
|=
SIGMATCH_NOOPT
;
56
57
sigmatch_table
[
DETECT_ALERT
].
name
=
"alert"
;
58
sigmatch_table
[
DETECT_ALERT
].
desc
=
"alert will be generated by the rule"
;
59
sigmatch_table
[
DETECT_ALERT
].
url
=
"/rules/noalert.html"
;
60
sigmatch_table
[
DETECT_ALERT
].
Setup
= DetectAlertSetup;
61
sigmatch_table
[
DETECT_ALERT
].
flags
|=
SIGMATCH_NOOPT
;
62
}
action-globals.h
ACTION_ALERT
#define ACTION_ALERT
Definition
action-globals.h:29
DETECT_NOALERT
@ DETECT_NOALERT
Definition
detect-engine-register.h:110
DETECT_ALERT
@ DETECT_ALERT
Definition
detect-engine-register.h:111
DetectNoalertRegister
void DetectNoalertRegister(void)
Definition
detect-noalert.c:49
detect-noalert.h
sigmatch_table
SigTableElmt * sigmatch_table
Definition
detect-parse.c:79
detect.h
SIGMATCH_NOOPT
#define SIGMATCH_NOOPT
Definition
detect.h:1651
de_ctx
DetectEngineCtx * de_ctx
Definition
fuzz_siginit.c:18
DetectEngineCtx_
main detection engine ctx
Definition
detect.h:932
SigTableElmt_::url
const char * url
Definition
detect.h:1462
SigTableElmt_::Setup
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
Definition
detect.h:1441
SigTableElmt_::flags
uint16_t flags
Definition
detect.h:1450
SigTableElmt_::desc
const char * desc
Definition
detect.h:1461
SigTableElmt_::name
const char * name
Definition
detect.h:1459
Signature_
Signature container.
Definition
detect.h:668
Signature_::action
uint8_t action
Definition
detect.h:683
suricata-common.h
util-debug.h
util-validate.h
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition
util-validate.h:102
src
detect-noalert.c
Generated on Wed Jul 23 2025 10:10:57 for suricata by
1.9.8
1.9.8 1.9.8