aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e1a8c8f76c'
${ noResults }
suricata/src/decode.c

141 lines
6.2 KiB
C
Raw Normal View History Unescape Escape

Import of GPLv2 Header 050410
15 years ago
/* Copyright (C) 2007-2010 Victor Julien <victor@inliniac.net>
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
* Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
Initial add of the files.
17 years ago
Import of GPLv2 Header 050410
15 years ago
/**
* \file
*
* \author Victor Julien <victor@inliniac.net>
*
* Decode the raw packet
*/
Initial add of the files.
17 years ago
Rename to Suricata.
16 years ago
#include "suricata-common.h"
Initial add of the files.
17 years ago
#include "decode.h"
First batch of fixes for new debug and logging API usage.
16 years ago
#include "util-debug.h"
Initial add of the files.
17 years ago
Pass the DecodeThreadVars to all Decoder functions properly. Improve the error handling.
16 years ago
void DecodeTunnel(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt, uint16_t len, PacketQueue *pq)
Initial add of the files.
17 years ago
{
switch (p->tunnel_proto) {
GRE support
16 years ago
case PPP_OVER_GRE:
return DecodePPP(tv, dtv, p, pkt, len, pq);
Initial add of the files.
17 years ago
case IPPROTO_IP:
Pass the DecodeThreadVars to all Decoder functions properly. Improve the error handling.
16 years ago
return DecodeIPV4(tv, dtv, p, pkt, len, pq);
Initial add of the files.
17 years ago
case IPPROTO_IPV6:
Pass the DecodeThreadVars to all Decoder functions properly. Improve the error handling.
16 years ago
return DecodeIPV6(tv, dtv, p, pkt, len, pq);
VLAN Support
16 years ago
case VLAN_OVER_GRE:
return DecodeVLAN(tv, dtv, p, pkt, len, pq);
Initial add of the files.
17 years ago
default:
More logging API usage changes.
16 years ago
SCLogInfo("FIXME: DecodeTunnel: protocol %" PRIu32 " not supported.", p->tunnel_proto);
Initial add of the files.
17 years ago
break;
}
}
stats upgrade. Added interval counters to the decoder module
16 years ago
void DecodeRegisterPerfCounters(DecodeThreadVars *dtv, ThreadVars *tv)
{
/* register counters */
dtv->counter_pkts = SCPerfTVRegisterCounter("decoder.pkts", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_pkts_per_sec = SCPerfTVRegisterIntervalCounter("decoder.pkts_per_sec",
tv, SC_PERF_TYPE_DOUBLE,
"NULL", "1s");
dtv->counter_bytes = SCPerfTVRegisterCounter("decoder.bytes", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_bytes_per_sec = SCPerfTVRegisterIntervalCounter("decoder.bytes_per_sec",
tv, SC_PERF_TYPE_DOUBLE,
"NULL", "1s");
dtv->counter_mbit_per_sec = SCPerfTVRegisterIntervalCounter("decoder.mbit_per_sec",
tv, SC_PERF_TYPE_DOUBLE,
"NULL", "1s");
dtv->counter_ipv4 = SCPerfTVRegisterCounter("decoder.ipv4", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_ipv6 = SCPerfTVRegisterCounter("decoder.ipv6", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_eth = SCPerfTVRegisterCounter("decoder.ethernet", tv,
SC_PERF_TYPE_UINT64, "NULL");
raw pcap support additionl ipv4/6 validation
16 years ago
dtv->counter_raw = SCPerfTVRegisterCounter("decoder.raw", tv,
SC_PERF_TYPE_UINT64, "NULL");
stats upgrade. Added interval counters to the decoder module
16 years ago
dtv->counter_sll = SCPerfTVRegisterCounter("decoder.sll", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_tcp = SCPerfTVRegisterCounter("decoder.tcp", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_udp = SCPerfTVRegisterCounter("decoder.udp", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_icmpv4 = SCPerfTVRegisterCounter("decoder.icmpv4", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_icmpv6 = SCPerfTVRegisterCounter("decoder.icmpv6", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_ppp = SCPerfTVRegisterCounter("decoder.ppp", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_pppoe = SCPerfTVRegisterCounter("decoder.pppoe", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_gre = SCPerfTVRegisterCounter("decoder.gre", tv,
SC_PERF_TYPE_UINT64, "NULL");
VLAN Support
16 years ago
dtv->counter_vlan = SCPerfTVRegisterCounter("decoder.vlan", tv,
SC_PERF_TYPE_UINT64, "NULL");
stats upgrade. Added interval counters to the decoder module
16 years ago
dtv->counter_avg_pkt_size = SCPerfTVRegisterAvgCounter("decoder.avg_pkt_size", tv,
SC_PERF_TYPE_DOUBLE, "NULL");
dtv->counter_max_pkt_size = SCPerfTVRegisterMaxCounter("decoder.max_pkt_size", tv,
SC_PERF_TYPE_UINT64, "NULL");
Split the defrag counters into ipv4 and ipv6.
16 years ago
dtv->counter_defrag_ipv4_fragments =
SCPerfTVRegisterCounter("defrag.ipv4.fragments", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_defrag_ipv4_reassembled =
SCPerfTVRegisterCounter("defrag.ipv4.reassembled", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_defrag_ipv4_timeouts =
SCPerfTVRegisterCounter("defrag.ipv4.timeouts", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_defrag_ipv6_fragments =
SCPerfTVRegisterCounter("defrag.ipv6.fragments", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_defrag_ipv6_reassembled =
SCPerfTVRegisterCounter("defrag.ipv6.reassembled", tv,
SC_PERF_TYPE_UINT64, "NULL");
dtv->counter_defrag_ipv6_timeouts =
SCPerfTVRegisterCounter("defrag.ipv6.timeouts", tv,
SC_PERF_TYPE_UINT64, "NULL");
Issue 82 - fragment counters. - number of fragments - number reassembled - number of timeouts
16 years ago
stats upgrade. Added interval counters to the decoder module
16 years ago
tv->sc_perf_pca = SCPerfGetAllCountersArray(&tv->sc_perf_pctx);
SCPerfAddToClubbedTMTable(tv->name, &tv->sc_perf_pctx);
return;
}
Fix signature grouping bug for protocols without ports. Add debugging code.
15 years ago
/**
* \brief Debug print function for printing addresses
*
* \param Address object
*
* \todo IPv6
*/
void AddressDebugPrint(Address *a) {
if (a == NULL)
return;
switch (a->family) {
case AF_INET:
{
char s[16];
inet_ntop(AF_INET, (const void *)&a->addr_data32[0], s, sizeof(s));
SCLogDebug("%s", s);
break;
}
}
}