suricata.8.0.0/suricata-plugin_8h_source.html

/* Copyright (C) 2020-2021 Open Information Security Foundation

 *

 * You can copy, redistribute or modify this Program under the terms of

 * the GNU General Public License version 2 as published by the Free

 * Software Foundation.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * version 2 along with this program; if not, write to the Free Software

 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

 * 02110-1301, USA.

 */


#ifndef SURICATA_SURICATA_PLUGIN_H

#define SURICATA_SURICATA_PLUGIN_H


#include <stdint.h>

#include <stdbool.h>


#include "queue.h"

#include "autoconf.h"


/**

 * The size of the data chunk inside each packet structure a plugin

 * has for private data (Packet->plugin_v).

 */

#define PLUGIN_VAR_SIZE 64


// Do not reuse autoconf PACKAGE_VERSION which is a string

// Defined as major version.minor version (no patch version)

static const uint64_t SC_API_VERSION = 0x0800;

#define SC_PACKAGE_VERSION PACKAGE_VERSION


/**

 * Structure to define a Suricata plugin.

 */


typedef struct SCPlugin_ {

    // versioning to check suricata/plugin API compatibility

    uint64_t version;

    const char *suricata_version;

    const char *name;

    const char *plugin_version;

    const char *license;

    const char *author;

    void (*Init)(void);

} SCPlugin;


typedef SCPlugin *(*SCPluginRegisterFunc)(void);


typedef struct SCCapturePlugin_ {

    char *name;

    void (*Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot);

    int (*ThreadInit)(void *ctx, int thread_id, void **thread_ctx);

    int (*ThreadDeinit)(void *ctx, void *thread_ctx);

    const char *(*GetDefaultMode)(void);

    TAILQ_ENTRY(SCCapturePlugin_) entries;

} SCCapturePlugin;


int SCPluginRegisterCapture(SCCapturePlugin *);


typedef struct SCAppLayerPlugin_ {

    const char *name;

    void (*Register)(void);

    void (*KeywordsRegister)(void);

    const char *logname;

    const char *confname;

    uint8_t dir;

    bool (*Logger)(const void *tx, void *jb);

} SCAppLayerPlugin;


int SCPluginRegisterAppLayer(SCAppLayerPlugin *);


#endif /* __SURICATA_PLUGIN_H */

ctx
struct Thresholds ctx

queue.h

SCAppLayerPlugin_
Definition suricata-plugin.h:65

SCAppLayerPlugin_::KeywordsRegister
void(* KeywordsRegister)(void)
Definition suricata-plugin.h:68

SCAppLayerPlugin_::logname
const char * logname
Definition suricata-plugin.h:69

SCAppLayerPlugin_::dir
uint8_t dir
Definition suricata-plugin.h:71

SCAppLayerPlugin_::Logger
bool(* Logger)(const void *tx, void *jb)
Definition suricata-plugin.h:72

SCAppLayerPlugin_::name
const char * name
Definition suricata-plugin.h:66

SCAppLayerPlugin_::Register
void(* Register)(void)
Definition suricata-plugin.h:67

SCAppLayerPlugin_::confname
const char * confname
Definition suricata-plugin.h:70

SCCapturePlugin_
Definition suricata-plugin.h:54

SCCapturePlugin_::TAILQ_ENTRY
TAILQ_ENTRY(SCCapturePlugin_) entries

SCCapturePlugin_::name
char * name
Definition suricata-plugin.h:55

SCCapturePlugin_::Init
void(* Init)(const char *args, int plugin_slot, int receive_slot, int decode_slot)
Definition suricata-plugin.h:56

SCCapturePlugin_::ThreadDeinit
int(* ThreadDeinit)(void *ctx, void *thread_ctx)
Definition suricata-plugin.h:58

SCCapturePlugin_::ThreadInit
int(* ThreadInit)(void *ctx, int thread_id, void **thread_ctx)
Definition suricata-plugin.h:57

SCPlugin_
Definition suricata-plugin.h:41

SCPlugin_::Init
void(* Init)(void)
Definition suricata-plugin.h:49

SCPlugin_::version
uint64_t version
Definition suricata-plugin.h:43

SCPlugin_::suricata_version
const char * suricata_version
Definition suricata-plugin.h:44

SCPlugin_::plugin_version
const char * plugin_version
Definition suricata-plugin.h:46

SCPlugin_::license
const char * license
Definition suricata-plugin.h:47

SCPlugin_::author
const char * author
Definition suricata-plugin.h:48

SCPlugin_::name
const char * name
Definition suricata-plugin.h:45

SCAppLayerPlugin
struct SCAppLayerPlugin_ SCAppLayerPlugin

SCPlugin
struct SCPlugin_ SCPlugin

SCCapturePlugin
struct SCCapturePlugin_ SCCapturePlugin

SCPluginRegisterAppLayer
int SCPluginRegisterAppLayer(SCAppLayerPlugin *)

SCPluginRegisterCapture
int SCPluginRegisterCapture(SCCapturePlugin *)