aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: add SigMatch arg to inspect functions

Browse Source
pull/2559/head
Victor Julien 9 years ago
parent cf42fbf51f
commit 2f87c975d4
46 changed files with 227 additions and 270 deletions
Show Stats Download Patch File Download Diff File

19
src/detect-app-layer-event.c
Unescape Escape View File

@ -56,11 +56,11 @@ static int DetectAppLayerEventSetupP1(DetectEngineCtx *, Signature *, char *);
static void DetectAppLayerEventRegisterTests(void);
static void DetectAppLayerEventFree(void *);
static int DetectEngineAptEventInspect(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id);
/**
* \brief Registers the keyword handlers for the "app-layer-event" keyword.
*/
@ -87,11 +87,10 @@ void DetectAppLayerEventRegister(void)
}
static int DetectEngineAptEventInspect(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *smi,
Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id)
{
AppLayerDecoderEvents *decoder_events = NULL;
int r = 0;

8
src/detect-dnp3.c
Unescape Escape View File

@ -139,8 +139,8 @@ static char *TrimString(char *str)
}
static int DetectEngineInspectDNP3Data(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
SCEnter();
DNP3Transaction *tx = (DNP3Transaction *)txv;
@ -163,8 +163,8 @@ static int DetectEngineInspectDNP3Data(ThreadVars *tv, DetectEngineCtx *de_ctx,
}
static int DetectEngineInspectDNP3(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, f, flags,
alstate, txv, tx_id, DETECT_SM_LIST_DNP3_MATCH);

22
src/detect-engine-dns.c
Unescape Escape View File

@ -61,10 +61,10 @@
* \retval 1 match
*/
int DetectEngineInspectDnsQueryName(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id)
{
DNSTransaction *tx = (DNSTransaction *)txv;
DNSQueryEntry *query = NULL;
@ -139,10 +139,9 @@ int PrefilterTxDnsQueryRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
}
int DetectEngineInspectDnsRequest(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, f, flags,
alstate, txv, tx_id,
@ -150,10 +149,9 @@ int DetectEngineInspectDnsRequest(ThreadVars *tv,
}
int DetectEngineInspectDnsResponse(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, f, flags,
alstate, txv, tx_id,

21
src/detect-engine-dns.h
Unescape Escape View File

@ -25,18 +25,17 @@
int PrefilterTxDnsQueryRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectDnsQueryName(ThreadVars *, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *, const Signature *,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectDnsQueryName(ThreadVars *,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
const Signature *, const SigMatch *sm,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectDnsRequest(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectDnsResponse(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
#endif /* __DETECT_ENGINE_DNS_H__ */

12
src/detect-engine-enip.c
Unescape Escape View File

@ -217,8 +217,9 @@ int CIPServiceMatch(ENIPTransaction *enip_data,
*
* \retval 0 no match or 1 match
*/
int DetectEngineInspectCIP(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s, Flow *f, uint8_t flags,
int DetectEngineInspectCIP(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *smi, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
{
SCEnter();
@ -257,9 +258,10 @@ int DetectEngineInspectCIP(ThreadVars *tv, DetectEngineCtx *de_ctx,
* \retval 0 no match or 1 match
*/
int DetectEngineInspectENIP(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
int DetectEngineInspectENIP(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *smi,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
SCEnter();

14
src/detect-engine-enip.h
Unescape Escape View File

@ -23,13 +23,15 @@
#ifndef __DETECT_ENGINE_ENIP_H__
#define __DETECT_ENGINE_ENIP_H__
int DetectEngineInspectCIP(ThreadVars *, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *, const Signature *,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectCIP(ThreadVars *,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
const Signature *, const SigMatch *sm,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectENIP(ThreadVars *, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *, const Signature *,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectENIP(ThreadVars *,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
const Signature *, const SigMatch *sm,
Flow *, uint8_t, void *, void *, uint64_t);
void DetectEngineInspectENIPRegisterTests(void);
#endif /* __DETECT_ENGINE_ENIP_H__ */

12
src/detect-engine-file.c
Unescape Escape View File

@ -229,9 +229,9 @@ static int DetectFileInspect(ThreadVars *tv, DetectEngineThreadCtx *det_ctx,
* \note flow should be locked when this function's called.
*/
int DetectFileInspectHttp(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
int r = DETECT_ENGINE_INSPECT_SIG_NO_MATCH;
FileContainer *ffc;
@ -274,9 +274,9 @@ int DetectFileInspectHttp(ThreadVars *tv,
* \note flow is not locked at this time
*/
int DetectFileInspectSmtp(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
SCEnter();
int r = DETECT_ENGINE_INSPECT_SIG_NO_MATCH;

14
src/detect-engine-file.h
Unescape Escape View File

@ -25,13 +25,13 @@
#define __DETECT_ENGINE_FILE_H__
int DetectFileInspectHttp(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
int DetectFileInspectSmtp(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s,
Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id);
int DetectFileInspectSmtp(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
#endif /* __DETECT_ENGINE_FILE_H__ */

8
src/detect-engine-filedata-smtp.c
Unescape Escape View File

@ -174,11 +174,9 @@ end:
}
int DetectEngineInspectSMTPFiledata(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
SMTPState *smtp_state = (SMTPState *)alstate;
FileContainer *ffc = smtp_state->files_ts;

9
src/detect-engine-filedata-smtp.h
Unescape Escape View File

@ -28,11 +28,10 @@
int PrefilterTxSmtpFiledataRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectSMTPFiledata(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineCleanSMTPBuffers(DetectEngineThreadCtx *det_ctx);
void DetectEngineSMTPFiledataRegisterTests(void);

7
src/detect-engine-hcbd.c
Unescape Escape View File

@ -257,10 +257,9 @@ int PrefilterTxHttpRequestBodyRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
}
int DetectEngineInspectHttpClientBody(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags,
void *alstate, void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
HtpState *htp_state = (HtpState *)alstate;
uint32_t buffer_len = 0;

9
src/detect-engine-hcbd.h
Unescape Escape View File

@ -30,11 +30,10 @@
int PrefilterTxHttpRequestBodyRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpClientBody(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineCleanHCBDBuffers(DetectEngineThreadCtx *);
void DetectEngineHttpClientBodyRegisterTests(void);

8
src/detect-engine-hcd.c
Unescape Escape View File

@ -166,11 +166,9 @@ int PrefilterTxResponseCookieRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpCookie(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
htp_header_t *h = NULL;

8
src/detect-engine-hcd.h
Unescape Escape View File

@ -29,11 +29,9 @@ int PrefilterTxRequestCookieRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int PrefilterTxResponseCookieRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpCookie(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpCookieRegisterTests(void);

8
src/detect-engine-hhd.c
Unescape Escape View File

@ -382,11 +382,9 @@ int PrefilterTxHttpResponseHeadersRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
}
int DetectEngineInspectHttpHeader(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
HtpState *htp_state = (HtpState *)alstate;
uint32_t buffer_len = 0;

9
src/detect-engine-hhd.h
Unescape Escape View File

@ -29,11 +29,10 @@ int PrefilterTxHttpRequestHeadersRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int PrefilterTxHttpResponseHeadersRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpHeader(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineCleanHHDBuffers(DetectEngineThreadCtx *det_ctx);
void DetectEngineHttpHeaderRegisterTests(void);

8
src/detect-engine-hhhd.c
Unescape Escape View File

@ -115,11 +115,9 @@ int PrefilterTxHostnameRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpHH(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->parsed_uri == NULL || tx->request_hostname == NULL)

8
src/detect-engine-hhhd.h
Unescape Escape View File

@ -28,11 +28,9 @@
int PrefilterTxHostnameRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpHH(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpHHRegisterTests(void);

8
src/detect-engine-hmd.c
Unescape Escape View File

@ -112,11 +112,9 @@ int PrefilterTxMethodRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpMethod(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->request_method == NULL) {

8
src/detect-engine-hmd.h
Unescape Escape View File

@ -26,11 +26,9 @@
#include "app-layer-htp.h"
int DetectEngineInspectHttpMethod(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
int PrefilterTxMethodRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);

8
src/detect-engine-hrhd.c
Unescape Escape View File

@ -163,11 +163,9 @@ int PrefilterTxResponseHeadersRawRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpRawHeader(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
HtpTxUserData *tx_ud = NULL;
uint8_t *headers_raw = NULL;

9
src/detect-engine-hrhd.h
Unescape Escape View File

@ -29,11 +29,10 @@ int PrefilterTxRequestHeadersRawRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int PrefilterTxResponseHeadersRawRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpRawHeader(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpRawHeaderRegisterTests(void);
#endif /* __DETECT_ENGINE_HHD_H__ */

8
src/detect-engine-hrhhd.c
Unescape Escape View File

@ -127,11 +127,9 @@ int PrefilterTxHostnameRawRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpHRH(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
uint8_t *hname;
uint32_t hname_len;

8
src/detect-engine-hrhhd.h
Unescape Escape View File

@ -28,11 +28,9 @@
int PrefilterTxHostnameRawRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpHRH(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpHRHRegisterTests(void);

8
src/detect-engine-hrud.c
Unescape Escape View File

@ -112,11 +112,9 @@ int PrefilterTxRawUriRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpRawUri(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->request_uri == NULL) {

9
src/detect-engine-hrud.h
Unescape Escape View File

@ -29,11 +29,10 @@
int PrefilterTxRawUriRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpRawUri(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpRawUriRegisterTests(void);
#endif /* __DETECT_ENGINE_HRUD_H__ */

8
src/detect-engine-hsbd.c
Unescape Escape View File

@ -262,11 +262,9 @@ int PrefilterTxHttpResponseBodyRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
int DetectEngineInspectHttpServerBody(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id)
{
HtpState *htp_state = (HtpState *)alstate;
uint32_t buffer_len = 0;

10
src/detect-engine-hsbd.h
Unescape Escape View File

@ -30,11 +30,11 @@
int PrefilterTxHttpResponseBodyRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpServerBody(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id);
void DetectEngineCleanHSBDBuffers(DetectEngineThreadCtx *det_ctx);
void DetectEngineHttpServerBodyRegisterTests(void);

8
src/detect-engine-hscd.c
Unescape Escape View File

@ -111,11 +111,9 @@ int PrefilterTxHttpStatCodeRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpStatCode(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->response_status == NULL) {

9
src/detect-engine-hscd.h
Unescape Escape View File

@ -28,11 +28,10 @@
int PrefilterTxHttpStatCodeRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpStatCode(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpStatCodeRegisterTests(void);
#endif /* __DETECT_ENGINE_HSCD_H__ */

8
src/detect-engine-hsmd.c
Unescape Escape View File

@ -111,11 +111,9 @@ int PrefilterTxHttpStatMsgRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpStatMsg(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
if (tx->response_message == NULL) {

9
src/detect-engine-hsmd.h
Unescape Escape View File

@ -28,11 +28,10 @@
int PrefilterTxHttpStatMsgRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpStatMsg(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpStatMsgRegisterTests(void);
#endif /* __DETECT_ENGINE_HSMD_H__ */

8
src/detect-engine-hua.c
Unescape Escape View File

@ -120,11 +120,9 @@ int PrefilterTxUARegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 1 Match.
*/
int DetectEngineInspectHttpUA(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;
htp_header_t *h = (htp_header_t *)htp_table_get_c(tx->request_headers,

8
src/detect-engine-hua.h
Unescape Escape View File

@ -28,11 +28,9 @@
int PrefilterTxUARegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpUA(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void DetectEngineHttpUARegisterTests(void);

1
src/detect-engine-modbus.c
Unescape Escape View File

@ -200,6 +200,7 @@ int DetectEngineInspectModbus(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s,
const SigMatch *smi,
Flow *f,
uint8_t flags,
void *alstate,

7
src/detect-engine-modbus.h
Unescape Escape View File

@ -33,9 +33,10 @@
#ifndef __DETECT_ENGINE_MODBUS_H__
#define __DETECT_ENGINE_MODBUS_H__
int DetectEngineInspectModbus(ThreadVars *, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *, const Signature *,
Flow *, uint8_t, void *, void *, uint64_t);
int DetectEngineInspectModbus(ThreadVars *,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
const Signature *, const SigMatch *,
Flow *, uint8_t, void *, void *, uint64_t);
void DetectEngineInspectModbusRegisterTests(void);
#endif /* __DETECT_ENGINE_MODBUS_H__ */

10
src/detect-engine-state.c
Unescape Escape View File

@ -533,9 +533,8 @@ int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
SCLogDebug("inspect_flags %x", inspect_flags);
if (direction == engine->dir) {
KEYWORD_PROFILING_SET_LIST(det_ctx, engine->sm_list);
int match = engine->Callback(tv, de_ctx, det_ctx, s, f,
flags, alstate,
tx, tx_id);
int match = engine->Callback(tv, de_ctx, det_ctx,
s, engine->sm, f, flags, alstate, tx, tx_id);
SCLogDebug("engine %p match %d", engine, match);
if (match == DETECT_ENGINE_INSPECT_SIG_MATCH) {
inspect_flags |= BIT_U32(engine->id);
@ -859,8 +858,9 @@ static int DoInspectItem(ThreadVars *tv,
{
SCLogDebug("inspect_flags %x", inspect_flags);
KEYWORD_PROFILING_SET_LIST(det_ctx, engine->sm_list);
int match = engine->Callback(tv, de_ctx, det_ctx, s, f,
flags, alstate, inspect_tx, inspect_tx_id);
int match = engine->Callback(tv, de_ctx, det_ctx,
s, engine->sm,
f, flags, alstate, inspect_tx, inspect_tx_id);
if (match == DETECT_ENGINE_INSPECT_SIG_MATCH) {
inspect_flags |= BIT_U32(engine->id);
engine = engine->next;

7
src/detect-engine-template.c
Unescape Escape View File

@ -36,9 +36,10 @@
#include "app-layer-template.h"
int DetectEngineInspectTemplateBuffer(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id)
int DetectEngineInspectTemplateBuffer(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
TemplateTransaction *tx = (TemplateTransaction *)txv;
int ret = 0;

7
src/detect-engine-template.h
Unescape Escape View File

@ -24,8 +24,9 @@
#ifndef __DETECT_TEMPLATE_ENGINE_H__
#define __DETECT_TEMPLATE_ENGINE_H__
int DetectEngineInspectTemplateBuffer(ThreadVars *, DetectEngineCtx *,
DetectEngineThreadCtx *, const Signature *, Flow *, uint8_t, void *, void *,
uint64_t);
int DetectEngineInspectTemplateBuffer(ThreadVars *,
DetectEngineCtx *, DetectEngineThreadCtx *,
const Signature *, const SigMatch *,
Flow *, uint8_t, void *, void *tx, uint64_t tx_id);
#endif /* __DETECT_TEMPLATE_ENGINE_H__ */

33
src/detect-engine-tls.c
Unescape Escape View File

@ -97,10 +97,10 @@ int PrefilterTxTlsSniRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 0 No match
* \retval 1 Match
*/
int DetectEngineInspectTlsSni(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, const Signature *s,
Flow *f, uint8_t flags, void *alstate, void *txv,
uint64_t tx_id)
int DetectEngineInspectTlsSni(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
uint8_t *buffer;
uint16_t buffer_len;
@ -173,10 +173,10 @@ int PrefilterTxTlsIssuerRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 0 No match
* \retval 1 Match
*/
int DetectEngineInspectTlsIssuer(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Signature *s,
Flow *f, uint8_t flags, void *alstate, void *txv,
uint64_t tx_id)
int DetectEngineInspectTlsIssuer(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
uint8_t *buffer;
uint32_t buffer_len;
@ -249,10 +249,10 @@ int PrefilterTxTlsSubjectRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 0 No match
* \retval 1 Match
*/
int DetectEngineInspectTlsSubject(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Signature *s,
Flow *f, uint8_t flags, void *alstate, void *txv,
uint64_t tx_id)
int DetectEngineInspectTlsSubject(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
uint8_t *buffer;
uint32_t buffer_len;
@ -274,10 +274,11 @@ int DetectEngineInspectTlsSubject(ThreadVars *tv, DetectEngineCtx *de_ctx,
return cnt;
}
int DetectEngineInspectTlsValidity(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Signature *s,
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id)
int DetectEngineInspectTlsValidity(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id)
{
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, f, flags,
alstate, txv, tx_id,

39
src/detect-engine-tls.h
Unescape Escape View File

@ -27,24 +27,25 @@ int PrefilterTxTlsSniRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int PrefilterTxTlsIssuerRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int PrefilterTxTlsSubjectRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectTlsSni(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsIssuer(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsSubject(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsValidity(ThreadVars *tv, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsSni(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsIssuer(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsSubject(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags,
void *alstate, void *txv, uint64_t tx_id);
int DetectEngineInspectTlsValidity(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
#endif /* __DETECT_ENGINE_TLS_H__ */

8
src/detect-engine-uri.c
Unescape Escape View File

@ -105,11 +105,9 @@ int PrefilterTxUriRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx)
* \retval 2 Sig can't match.
*/
int DetectEngineInspectHttpUri(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
HtpTxUserData *tx_ud = htp_tx_get_user_data(txv);

9
src/detect-engine-uri.h
Unescape Escape View File

@ -27,11 +27,10 @@
int PrefilterTxUriRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
int DetectEngineInspectHttpUri(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *tx, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *tx, uint64_t tx_id);
void UriRegisterTests(void);
#endif /* __DETECT_ENGINE_URICONTENT_H__ */

17
src/detect-http-request-line.c
Unescape Escape View File

@ -65,11 +65,10 @@ void DetectHttpRequestLineRegisterTests(void);
void DetectHttpRequestLineFree(void *);
static int PrefilterTxHttpRequestLineRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
static int DetectEngineInspectHttpRequestLine(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
/**
* \brief Registers the keyword handlers for the "http_request_line" keyword.
*/
@ -172,11 +171,9 @@ static int PrefilterTxHttpRequestLineRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx
* \retval 2 Sig can't match.
*/
static int DetectEngineInspectHttpRequestLine(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;

16
src/detect-http-response-line.c
Unescape Escape View File

@ -65,11 +65,9 @@ void DetectHttpResponseLineRegisterTests(void);
void DetectHttpResponseLineFree(void *);
static int PrefilterTxHttpResponseLineRegister(SigGroupHead *sgh, MpmCtx *mpm_ctx);
static int DetectEngineInspectHttpResponseLine(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id);
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
/**
* \brief Registers the keyword handlers for the "http_response_line" keyword.
@ -173,11 +171,9 @@ static int PrefilterTxHttpResponseLineRegister(SigGroupHead *sgh, MpmCtx *mpm_ct
* \retval 2 Sig can't match.
*/
int DetectEngineInspectHttpResponseLine(ThreadVars *tv,
DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx,
const Signature *s, Flow *f, uint8_t flags,
void *alstate,
void *txv, uint64_t tx_id)
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
const Signature *s, const SigMatch *sm,
Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
{
htp_tx_t *tx = (htp_tx_t *)txv;

5
src/detect.h
Unescape Escape View File

@ -377,7 +377,8 @@ struct DetectEngineThreadCtx_;// DetectEngineThreadCtx;
typedef int (*InspectEngineFuncPtr)(ThreadVars *tv,
struct DetectEngineCtx_ *de_ctx, struct DetectEngineThreadCtx_ *det_ctx,
const struct Signature_ *sig, Flow *f, uint8_t flags, void *alstate,
const struct Signature_ *sig, const SigMatch *sm_list,
Flow *f, uint8_t flags, void *alstate,
void *tx, uint64_t tx_id);
typedef struct DetectEngineAppInspectionEngine_ {
@ -394,6 +395,8 @@ typedef struct DetectEngineAppInspectionEngine_ {
*/
InspectEngineFuncPtr Callback;
SigMatch *sm;
struct DetectEngineAppInspectionEngine_ *next;
} DetectEngineAppInspectionEngine;

Write Preview
Loading…
Cancel
Save