suricata
Functions | Variables
flow-util.c File Reference
#include "suricata-common.h"
#include "threads.h"
#include "flow.h"
#include "flow-private.h"
#include "flow-util.h"
#include "flow-callbacks.h"
#include "flow-var.h"
#include "app-layer.h"
#include "util-var.h"
#include "util-debug.h"
#include "util-macset.h"
#include "util-flow-rate.h"
#include "flow-storage.h"
#include "detect.h"
#include "detect-engine-state.h"
#include "decode-icmpv4.h"
#include "util-validate.h"
Include dependency graph for flow-util.c:

Go to the source code of this file.

Functions

FlowFlowAlloc (void)
 allocate a flow
 
void FlowFree (Flow *f)
 cleanup & free the memory of a flow
 
uint8_t FlowGetProtoMapping (uint8_t proto)
 Function to map the protocol to the defined FLOW_PROTO_* enumeration.
 
uint8_t FlowGetReverseProtoMapping (uint8_t rproto)
 
void FlowInit (ThreadVars *tv, Flow *f, const Packet *p)
 
FlowStorageId GetFlowBypassInfoID (void)
 
void RegisterFlowBypassInfo (void)
 
void FlowEndCountersRegister (ThreadVars *t, FlowEndCounters *fec)
 

Variables

FlowStorageId g_bypass_info_id = { .id = -1 }
 

Detailed Description

Author
Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Flow utility functions

Definition in file flow-util.c.

Function Documentation

◆ FlowAlloc()

Flow * FlowAlloc ( void  )

allocate a flow

We check against the memuse counter. If it passes that check we increment the counter first, then we try to alloc.

Return values
fthe flow or NULL on out of memory

Definition at line 56 of file flow-util.c.

References FLOW_CHECK_MEMCAP, FLOW_INITIALIZE, FlowStorageSize(), SC_ATOMIC_ADD, SC_ATOMIC_SUB, SCCalloc, and unlikely.

Referenced by FlowGetFromFlowKey(), and LLVMFuzzerTestOneInput().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ FlowEndCountersRegister()

void FlowEndCountersRegister ( ThreadVars t,
FlowEndCounters fec 
)

Definition at line 246 of file flow-util.c.

References FlowEndCounters_::flow_state, FLOW_STATE_CLOSED, FLOW_STATE_ESTABLISHED, FLOW_STATE_LOCAL_BYPASSED, FLOW_STATE_NEW, FLOW_STATE_SIZE, FlowEndCounters_::flow_tcp_liberal, FlowEndCounters_::flow_tcp_state, name, StatsRegisterCounter(), TCP_CLOSE_WAIT, TCP_CLOSED, TCP_CLOSING, TCP_ESTABLISHED, TCP_FIN_WAIT1, TCP_FIN_WAIT2, TCP_LAST_ACK, TCP_NONE, TCP_SYN_RECV, TCP_SYN_SENT, and TCP_TIME_WAIT.

Here is the call graph for this function:

◆ FlowFree()

void FlowFree ( Flow f)

cleanup & free the memory of a flow

Parameters
fflow to clear & destroy

Definition at line 84 of file flow-util.c.

References FLOW_DESTROY, FlowStorageSize(), SC_ATOMIC_SUB, and SCFree.

Referenced by FlowReset(), FlowShutdown(), FlowSparePoolDestroy(), FlowSparePoolUpdate(), LLVMFuzzerTestOneInput(), and UTHBuildPacketOfFlows().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ FlowGetProtoMapping()

uint8_t FlowGetProtoMapping ( uint8_t  proto)

Function to map the protocol to the defined FLOW_PROTO_* enumeration.

Parameters
protoprotocol which is needed to be mapped

Definition at line 99 of file flow-util.c.

References FLOW_PROTO_DEFAULT, FLOW_PROTO_ICMP, FLOW_PROTO_TCP, FLOW_PROTO_UDP, and proto.

Referenced by AppLayerGetTxIterator(), AppLayerParserApplyTxConfig(), AppLayerParserDestroyProtocolParserLocalStorage(), AppLayerParserGetEventInfo(), AppLayerParserGetEventInfoById(), AppLayerParserGetFirstDataDir(), AppLayerParserGetFrameIdByName(), AppLayerParserGetFrameNameById(), AppLayerParserGetProtocolParserLocalStorage(), AppLayerParserGetStateData(), AppLayerParserGetStateIdByName(), AppLayerParserGetStateNameById(), AppLayerParserGetStateProgress(), AppLayerParserGetTx(), AppLayerParserGetTxData(), AppLayerParserParse(), AppLayerParserProtocolGetLoggerBits(), AppLayerParserProtocolHasLogger(), AppLayerParserProtoIsRegistered(), AppLayerParserRegisterApplyTxConfigFunc(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventInfoById(), AppLayerParserRegisterGetFrameFuncs(), AppLayerParserRegisterGetStateFuncs(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterGetTxFilesFunc(), AppLayerParserRegisterGetTxIterator(), AppLayerParserRegisterLocalStorageFunc(), AppLayerParserRegisterLoggerBits(), AppLayerParserRegisterOptionFlags(), AppLayerParserRegisterParser(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterSetStreamDepthFlag(), AppLayerParserRegisterStateDataFunc(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTxDataFunc(), AppLayerParserRegisterTxFreeFunc(), AppLayerParserSetStreamDepthFlag(), AppLayerParserSupportsFiles(), AppLayerRegisterThreadCounters(), AppLayerSetupCounters(), FlowGetFromFlowKey(), FlowInit(), FlowReset(), FlowSetProtoFreeFunc(), FlowShutdown(), LLVMFuzzerTestOneInput(), SCAppLayerParserRegisterLogger(), SCAppLayerParserRegisterParserAcceptableDataDirection(), and SCAppLayerParserSetStreamDepth().

◆ FlowGetReverseProtoMapping()

uint8_t FlowGetReverseProtoMapping ( uint8_t  rproto)

Definition at line 113 of file flow-util.c.

References FLOW_PROTO_ICMP, FLOW_PROTO_TCP, and FLOW_PROTO_UDP.

Referenced by AppLayerParserThreadCtxAlloc(), and AppLayerParserThreadCtxFree().

Here is the caller graph for this function:

◆ FlowInit()

void FlowInit ( ThreadVars tv,
Flow f,
const Packet p 
)

Definition at line 147 of file flow-util.c.

References Packet_::code, Flow_::code, DEBUG_VALIDATE_BUG_ON, Packet_::dp, Flow_::dp, Flow_::dst, Flow_::esp, ESP_GET_SPI, Flow_::flags, FLOW_IPV4, FLOW_IPV6, FLOW_SET_IPV4_DST_ADDR_FROM_PACKET, FLOW_SET_IPV4_SRC_ADDR_FROM_PACKET, FLOW_SET_IPV6_DST_ADDR_FROM_PACKET, FLOW_SET_IPV6_SRC_ADDR_FROM_PACKET, FlowGetProtoMapping(), FlowGetStorageById(), FlowRateGetStorageID(), FlowRateStorageEnabled(), FlowRateStoreInit(), FlowSetStorageById(), Packet_::icmp_s, Flow_::icmp_s, ThreadVars_::id, IPV4_GET_RAW_IPTTL, IPV6_GET_RAW_HLIM, Packet_::livedev, Flow_::livedev, MacSetFlowStorageEnabled(), MacSetGetFlowStorageID(), MacSetInit(), Flow_::max_ttl_toserver, Flow_::min_ttl_toserver, Packet_::proto, Flow_::proto, Flow_::protomap, Packet_::recursion_level, Flow_::recursion_level, SCEnter, SCFlowRunInitCallbacks(), SCLogDebug, SCReturn, Packet_::sp, Flow_::sp, Flow_::spi, Flow_::src, Flow_::startts, Flow_::thread_id, Flow_::timeout_policy, Packet_::ts, tv, Packet_::type, Flow_::type, Packet_::vlan_id, Flow_::vlan_id, Packet_::vlan_idx, and Flow_::vlan_idx.

Referenced by FlowGetFlowFromHash().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GetFlowBypassInfoID()

FlowStorageId GetFlowBypassInfoID ( void  )

Definition at line 222 of file flow-util.c.

References g_bypass_info_id.

Referenced by EveAddFlow(), and PacketBypassCallback().

Here is the caller graph for this function:

◆ RegisterFlowBypassInfo()

void RegisterFlowBypassInfo ( void  )

Definition at line 240 of file flow-util.c.

References FlowStorageRegister(), and g_bypass_info_id.

Referenced by PostConfLoadedSetup().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ g_bypass_info_id

FlowStorageId g_bypass_info_id = { .id = -1 }

Definition at line 220 of file flow-util.c.

Referenced by GetFlowBypassInfoID(), and RegisterFlowBypassInfo().