mirror of https://github.com/OISF/suricata
Victor Julien
8 years ago
parent
d9a7a6d3e5
commit
05d3a4db90
@ -1,60 +0,0 @@
|
||||
/* Copyright (C) 2015 Open Information Security Foundation
|
||||
*
|
||||
* You can copy, redistribute or modify this Program under the terms of
|
||||
* the GNU General Public License version 2 as published by the Free
|
||||
* Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* version 2 along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
* 02110-1301, USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* TODO: Update your name below and in detect-engine-template.h.
|
||||
* TODO: Update description in the \file section below.
|
||||
* TODO: Remove SCLogNotice statements or convert to debug.
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
*
|
||||
* \author FirstName LastName <yourname@domain>
|
||||
*
|
||||
* Implement buffer inspection on the decoded application layer
|
||||
* content buffers.
|
||||
*/
|
||||
|
||||
#include "suricata-common.h"
|
||||
#include "stream.h"
|
||||
#include "detect-engine-content-inspection.h"
|
||||
#include "detect-engine-template.h"
|
||||
#include "app-layer-template.h"
|
||||
|
||||
int DetectEngineInspectTemplateBuffer(ThreadVars *tv,
|
||||
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
|
||||
const Signature *s, const SigMatchData *smd,
|
||||
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
|
||||
{
|
||||
TemplateTransaction *tx = (TemplateTransaction *)txv;
|
||||
int ret = 0;
|
||||
|
||||
if (flags & STREAM_TOSERVER && tx->request_buffer != NULL) {
|
||||
ret = DetectEngineContentInspection(de_ctx, det_ctx, s, smd,
|
||||
f, tx->request_buffer, tx->request_buffer_len, 0,
|
||||
DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
|
||||
}
|
||||
else if (flags & STREAM_TOCLIENT && tx->response_buffer != NULL) {
|
||||
ret = DetectEngineContentInspection(de_ctx, det_ctx, s, smd,
|
||||
f, tx->response_buffer, tx->response_buffer_len, 0,
|
||||
DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
|
||||
}
|
||||
|
||||
SCLogNotice("Returning %d.", ret);
|
||||
return ret;
|
||||
}
|
||||
@ -1,32 +0,0 @@
|
||||
/* Copyright (C) 2015 Open Information Security Foundation
|
||||
*
|
||||
* You can copy, redistribute or modify this Program under the terms of
|
||||
* the GNU General Public License version 2 as published by the Free
|
||||
* Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* version 2 along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
* 02110-1301, USA.
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
*
|
||||
* \author FirstName LastName <yourname@domain>
|
||||
*/
|
||||
|
||||
#ifndef __DETECT_TEMPLATE_ENGINE_H__
|
||||
#define __DETECT_TEMPLATE_ENGINE_H__
|
||||
|
||||
int DetectEngineInspectTemplateBuffer(ThreadVars *,
|
||||
DetectEngineCtx *, DetectEngineThreadCtx *,
|
||||
const Signature *, const SigMatchData *,
|
||||
Flow *, uint8_t, void *, void *tx, uint64_t tx_id);
|
||||
|
||||
#endif /* __DETECT_TEMPLATE_ENGINE_H__ */
|
||||
Loading…
Reference in New Issue