aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: add list id to string funcs

Browse Source
pull/1980/head
Victor Julien 10 years ago
parent fa885e1d85
commit 810d2d3ec6
1 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File

79
src/detect.c
Unescape Escape View File

@ -2808,6 +2808,85 @@ static void SigParseApplyDsizeToContent(Signature *s)
}
}
const char *DetectListToHumanString(int list)
{
#define CASE_CODE_STRING(E, S) case E: return S; break
switch (list) {
CASE_CODE_STRING(DETECT_SM_LIST_MATCH, "packet");
CASE_CODE_STRING(DETECT_SM_LIST_PMATCH, "payload");
CASE_CODE_STRING(DETECT_SM_LIST_UMATCH, "http_uri");
CASE_CODE_STRING(DETECT_SM_LIST_HRUDMATCH, "http_raw_uri");
CASE_CODE_STRING(DETECT_SM_LIST_HCBDMATCH, "http_client_body");
CASE_CODE_STRING(DETECT_SM_LIST_FILEDATA, "file_data");
CASE_CODE_STRING(DETECT_SM_LIST_HHDMATCH, "http_header");
CASE_CODE_STRING(DETECT_SM_LIST_HRHDMATCH, "http_raw_header");
CASE_CODE_STRING(DETECT_SM_LIST_HSMDMATCH, "http_stat_msg");
CASE_CODE_STRING(DETECT_SM_LIST_HSCDMATCH, "http_stat_code");
CASE_CODE_STRING(DETECT_SM_LIST_HHHDMATCH, "http_host");
CASE_CODE_STRING(DETECT_SM_LIST_HRHHDMATCH, "http_raw_host");
CASE_CODE_STRING(DETECT_SM_LIST_HMDMATCH, "http_method");
CASE_CODE_STRING(DETECT_SM_LIST_HCDMATCH, "http_cookie");
CASE_CODE_STRING(DETECT_SM_LIST_HUADMATCH, "http_user_agent");
CASE_CODE_STRING(DETECT_SM_LIST_HRLMATCH, "http_request_line");
CASE_CODE_STRING(DETECT_SM_LIST_APP_EVENT, "app-layer-event");
CASE_CODE_STRING(DETECT_SM_LIST_AMATCH, "app-layer");
CASE_CODE_STRING(DETECT_SM_LIST_DMATCH, "dcerpc");
CASE_CODE_STRING(DETECT_SM_LIST_TMATCH, "tag");
CASE_CODE_STRING(DETECT_SM_LIST_FILEMATCH, "file");
CASE_CODE_STRING(DETECT_SM_LIST_DNSREQUEST_MATCH, "dns_request");
CASE_CODE_STRING(DETECT_SM_LIST_DNSRESPONSE_MATCH, "dns_response");
CASE_CODE_STRING(DETECT_SM_LIST_DNSQUERYNAME_MATCH, "dns_query");
CASE_CODE_STRING(DETECT_SM_LIST_MODBUS_MATCH, "modbus");
CASE_CODE_STRING(DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH, "template");
CASE_CODE_STRING(DETECT_SM_LIST_POSTMATCH, "postmatch");
CASE_CODE_STRING(DETECT_SM_LIST_SUPPRESS, "suppress");
CASE_CODE_STRING(DETECT_SM_LIST_THRESHOLD, "threshold");
CASE_CODE_STRING(DETECT_SM_LIST_MAX, "max (internal)");
CASE_CODE_STRING(DETECT_SM_LIST_NOTSET, "not set (internal)");
}
#undef CASE_CODE_STRING
return "unknown";
}
#define CASE_CODE(E) case E: return #E
const char *DetectListToString(int list)
{
switch (list) {
CASE_CODE(DETECT_SM_LIST_MATCH);
CASE_CODE(DETECT_SM_LIST_PMATCH);
CASE_CODE(DETECT_SM_LIST_UMATCH);
CASE_CODE(DETECT_SM_LIST_HRUDMATCH);
CASE_CODE(DETECT_SM_LIST_HCBDMATCH);
CASE_CODE(DETECT_SM_LIST_FILEDATA);
CASE_CODE(DETECT_SM_LIST_HHDMATCH);
CASE_CODE(DETECT_SM_LIST_HRHDMATCH);
CASE_CODE(DETECT_SM_LIST_HSMDMATCH);
CASE_CODE(DETECT_SM_LIST_HSCDMATCH);
CASE_CODE(DETECT_SM_LIST_HHHDMATCH);
CASE_CODE(DETECT_SM_LIST_HRHHDMATCH);
CASE_CODE(DETECT_SM_LIST_HMDMATCH);
CASE_CODE(DETECT_SM_LIST_HCDMATCH);
CASE_CODE(DETECT_SM_LIST_HUADMATCH);
CASE_CODE(DETECT_SM_LIST_HRLMATCH);
CASE_CODE(DETECT_SM_LIST_APP_EVENT);
CASE_CODE(DETECT_SM_LIST_AMATCH);
CASE_CODE(DETECT_SM_LIST_DMATCH);
CASE_CODE(DETECT_SM_LIST_TMATCH);
CASE_CODE(DETECT_SM_LIST_FILEMATCH);
CASE_CODE(DETECT_SM_LIST_DNSREQUEST_MATCH);
CASE_CODE(DETECT_SM_LIST_DNSRESPONSE_MATCH);
CASE_CODE(DETECT_SM_LIST_DNSQUERYNAME_MATCH);
CASE_CODE(DETECT_SM_LIST_MODBUS_MATCH);
CASE_CODE(DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH);
CASE_CODE(DETECT_SM_LIST_POSTMATCH);
CASE_CODE(DETECT_SM_LIST_SUPPRESS);
CASE_CODE(DETECT_SM_LIST_THRESHOLD);
CASE_CODE(DETECT_SM_LIST_MAX);
CASE_CODE(DETECT_SM_LIST_NOTSET);
}
return "unknown";
}
/** \brief Pure-PCRE or bytetest rule */
int RuleInspectsPayloadHasNoMpm(const Signature *s)
{

Write Preview
Loading…
Cancel
Save