suricata
Macros | Functions
packet.c File Reference
#include "packet.h"
#include "pkt-var.h"
#include "flow.h"
#include "host.h"
#include "util-profiling.h"
#include "util-validate.h"
#include "action-globals.h"
#include "app-layer-events.h"
Include dependency graph for packet.c:

Go to the source code of this file.

Macros

#define CLEAR_ADDR(a)
 
#define PACKET_RESET_ACTION(p)   (p)->action = 0
 
#define RESET_PKT_LEN(p)   ((p)->pktlen = 0)
 

Functions

void PacketDrop (Packet *p, const uint8_t action, enum PacketDropReason r)
 issue drop action
 
bool PacketCheckAction (const Packet *p, const uint8_t a)
 
void PacketInit (Packet *p)
 Initialize a packet structure for use.
 
void PacketReleaseRefs (Packet *p)
 
void PacketReinit (Packet *p)
 Recycle a packet structure for reuse.
 
void PacketRecycle (Packet *p)
 
void PacketDestructor (Packet *p)
 Cleanup a packet so that we can free it. No memset needed..
 
void SCPacketSetReleasePacket (Packet *p, void(*ReleasePacket)(Packet *p))
 Set a packet release function.
 
void SCPacketSetLiveDevice (Packet *p, LiveDevice *device)
 Set a packets live device.
 
void SCPacketSetDatalink (Packet *p, int datalink)
 Set a packets data link type.
 
void SCPacketSetTime (Packet *p, SCTime_t ts)
 Set the timestamp for a packet.
 
void SCPacketSetSource (Packet *p, enum PktSrcEnum source)
 Set packet source.
 

Macro Definition Documentation

◆ CLEAR_ADDR

#define CLEAR_ADDR (   a)
Value:
do { \
(a)->family = 0; \
(a)->addr_data32[0] = 0; \
(a)->addr_data32[1] = 0; \
(a)->addr_data32[2] = 0; \
(a)->addr_data32[3] = 0; \
} while (0)
addr_data32
#define addr_data32
Definition decode.h:122

◆ PACKET_RESET_ACTION

#define PACKET_RESET_ACTION (   p)    (p)->action = 0

◆ RESET_PKT_LEN

#define RESET_PKT_LEN (   p)    ((p)->pktlen = 0)

Function Documentation

◆ PacketCheckAction()

bool PacketCheckAction ( const Packet p,
const uint8_t  a 
)

Definition at line 49 of file packet.c.

References Packet_::action, likely, and Packet_::root.

Referenced by AlertJsonHeader(), CaptureStatsUpdate(), EveAddVerdict(), RejectSendIPv4ICMP(), RejectSendIPv4TCP(), RejectSendIPv6ICMP(), RejectSendIPv6TCP(), and StreamTcpPacket().

Here is the caller graph for this function:

◆ PacketDestructor()

void PacketDestructor ( Packet p)

Cleanup a packet so that we can free it. No memset needed..

Definition at line 159 of file packet.c.

References PacketAlerts_::alerts, Packet_::alerts, Packet_::app_layer_events, AppLayerDecoderEventsFreeEvents(), PACKET_FREE_EXTDATA, PACKET_PROFILING_RESET, PacketAlertFree(), PacketReleaseRefs(), Packet_::persistent, Packet_::pktvar, PktVarFree(), SCSpinDestroy, and Packet_::tunnel_lock.

Referenced by PacketFree().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ PacketDrop()

void PacketDrop ( Packet p,
const uint8_t  action,
enum PacketDropReason  r 
)

issue drop action

Set drop (+reject) flags in both current and root packet.

Parameters
actionaction bit flags. Must be limited to ACTION_DROP_REJECT|ACTION_ALERT

Definition at line 33 of file packet.c.

References Packet_::action, ACTION_ALERT, ACTION_DROP_REJECT, DEBUG_VALIDATE_BUG_ON, Packet_::drop_reason, PKT_DROP_REASON_INNER_PACKET, PKT_DROP_REASON_NOT_SET, and Packet_::root.

Referenced by ExceptionPolicyApply(), FlowHandlePacketUpdate(), StreamTcpPacket(), and StreamTcpReassembleHandleSegmentHandleData().

Here is the caller graph for this function:

◆ PacketInit()

void PacketInit ( Packet p)

Initialize a packet structure for use.

Definition at line 63 of file packet.c.

References PacketAlerts_::alerts, Packet_::alerts, Packet_::livedev, PacketAlertCreate(), Packet_::persistent, SCSpinInit, and Packet_::tunnel_lock.

Referenced by PacketGetFromAlloc().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ PacketRecycle()

void PacketRecycle ( Packet p)

Definition at line 150 of file packet.c.

References PacketReinit(), and PacketReleaseRefs().

Referenced by LLVMFuzzerTestOneInput().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ PacketReinit()

void PacketReinit ( Packet p)

Recycle a packet structure for reuse.

Definition at line 80 of file packet.c.

References PacketAlert_::action, PacketAlerts_::alerts, Packet_::alerts, Packet_::app_layer_events, Packet_::app_update_direction, AppLayerDecoderEventsResetEvents(), Packet_::BypassPacketsFlow, CLEAR_ADDR, PacketAlerts_::cnt, PacketEngineEvents_::cnt, Packet_::datalink, PacketAlerts_::discarded, Packet_::dp, PacketAlerts_::drop, Packet_::drop_reason, Packet_::dst, Packet_::events, Packet_::flags, Packet_::flowflags, Packet_::livedev, Packet_::nb_decoded_layers, Packet_::next, PACKET_FREE_EXTDATA, PACKET_PROFILING_RESET, PACKET_RESET_ACTION, PacketAlertRecycle(), PacketTunnelNone, Packet_::payload, Packet_::payload_len, Packet_::pcap_cnt, PKT_ALERT_CTX_USED, Packet_::pkt_hooks, Packet_::pkt_src, Packet_::pktvar, PktVarFree(), Packet_::prev, Packet_::proto, Packet_::recursion_level, RESET_PKT_LEN, Packet_::root, SCTIME_INIT, Packet_::sig_mask, Packet_::sp, Packet_::src, PacketAlerts_::suppressed, Packet_::tenant_id, Packet_::ts, Packet_::ttype, Packet_::tunnel_rtv_cnt, Packet_::tunnel_tpr_cnt, Packet_::tunnel_verdicted, Packet_::vlan_id, and Packet_::vlan_idx.

Referenced by PacketPoolGetPacket(), and PacketRecycle().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ PacketReleaseRefs()

void PacketReleaseRefs ( Packet p)

Definition at line 70 of file packet.c.

References Packet_::flow, Packet_::host_dst, Packet_::host_src, and HostDeReference.

Referenced by PacketDestructor(), PacketPoolReturnPacket(), PacketRecycle(), and TmqhOutputPacketpool().

Here is the caller graph for this function:

◆ SCPacketSetDatalink()

void SCPacketSetDatalink ( Packet p,
int  datalink 
)
inline

Set a packets data link type.

Definition at line 182 of file packet.c.

References Packet_::datalink.

◆ SCPacketSetLiveDevice()

void SCPacketSetLiveDevice ( Packet p,
LiveDevice device 
)
inline

Set a packets live device.

Definition at line 177 of file packet.c.

References Packet_::livedev.

◆ SCPacketSetReleasePacket()

void SCPacketSetReleasePacket ( Packet p,
void(*)(Packet *p)  ReleasePacket 
)
inline

Set a packet release function.

Set a custom release function for packet. This is required if extra non-standard packet was done that needs to be cleaned up when Suricata is done with a packet.

Its also where IPS actions may be done.

Definition at line 172 of file packet.c.

References Packet_::ReleasePacket.

◆ SCPacketSetSource()

void SCPacketSetSource ( Packet p,
enum PktSrcEnum  source 
)
inline

Set packet source.

Definition at line 192 of file packet.c.

References Packet_::pkt_src.

◆ SCPacketSetTime()

void SCPacketSetTime ( Packet p,
SCTime_t  ts 
)
inline

Set the timestamp for a packet.

Parameters
tsA timestamp in SCTime_t format. See SCTIME_FROM_TIMEVAL for conversion from struct timeval.

Definition at line 187 of file packet.c.

References Packet_::ts, and ts.