aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect: remove unused match_flags from inspect engines

Browse Source
pull/1538/head
Victor Julien 11 years ago
parent 9fa2f85cc7
commit 8949054212
3 changed files with 4 additions and 63 deletions
Show Stats Download Patch File Download Diff File

61
src/detect-engine.c
Unescape Escape View File

@ -146,7 +146,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
AppProto alproto; AppProto alproto;
int32_t sm_list; int32_t sm_list;
uint32_t inspect_flags; uint32_t inspect_flags;
uint32_t match_flags;
uint16_t dir; uint16_t dir;
int (*Callback)(ThreadVars *tv, int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineCtx *de_ctx,
@ -162,84 +161,72 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_UMATCH, DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT, DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT,
0, 0,
DetectEngineInspectPacketUris }, DetectEngineInspectPacketUris },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HRLMATCH, DETECT_SM_LIST_HRLMATCH,
DE_STATE_FLAG_HRL_INSPECT, DE_STATE_FLAG_HRL_INSPECT,
DE_STATE_FLAG_HRL_INSPECT,
0, 0,
DetectEngineInspectHttpRequestLine }, DetectEngineInspectHttpRequestLine },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HCBDMATCH, DETECT_SM_LIST_HCBDMATCH,
DE_STATE_FLAG_HCBD_INSPECT, DE_STATE_FLAG_HCBD_INSPECT,
DE_STATE_FLAG_HCBD_INSPECT,
0, 0,
DetectEngineInspectHttpClientBody }, DetectEngineInspectHttpClientBody },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HHDMATCH, DETECT_SM_LIST_HHDMATCH,
DE_STATE_FLAG_HHD_INSPECT, DE_STATE_FLAG_HHD_INSPECT,
DE_STATE_FLAG_HHD_INSPECT,
0, 0,
DetectEngineInspectHttpHeader }, DetectEngineInspectHttpHeader },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HRHDMATCH, DETECT_SM_LIST_HRHDMATCH,
DE_STATE_FLAG_HRHD_INSPECT, DE_STATE_FLAG_HRHD_INSPECT,
DE_STATE_FLAG_HRHD_INSPECT,
0, 0,
DetectEngineInspectHttpRawHeader }, DetectEngineInspectHttpRawHeader },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HMDMATCH, DETECT_SM_LIST_HMDMATCH,
DE_STATE_FLAG_HMD_INSPECT, DE_STATE_FLAG_HMD_INSPECT,
DE_STATE_FLAG_HMD_INSPECT,
0, 0,
DetectEngineInspectHttpMethod }, DetectEngineInspectHttpMethod },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HCDMATCH, DETECT_SM_LIST_HCDMATCH,
DE_STATE_FLAG_HCD_INSPECT, DE_STATE_FLAG_HCD_INSPECT,
DE_STATE_FLAG_HCD_INSPECT,
0, 0,
DetectEngineInspectHttpCookie }, DetectEngineInspectHttpCookie },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HRUDMATCH, DETECT_SM_LIST_HRUDMATCH,
DE_STATE_FLAG_HRUD_INSPECT, DE_STATE_FLAG_HRUD_INSPECT,
DE_STATE_FLAG_HRUD_INSPECT,
0, 0,
DetectEngineInspectHttpRawUri }, DetectEngineInspectHttpRawUri },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_FILEMATCH, DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TS_INSPECT, DE_STATE_FLAG_FILE_TS_INSPECT,
DE_STATE_FLAG_FILE_TS_INSPECT,
0, 0,
DetectFileInspectHttp }, DetectFileInspectHttp },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HUADMATCH, DETECT_SM_LIST_HUADMATCH,
DE_STATE_FLAG_HUAD_INSPECT, DE_STATE_FLAG_HUAD_INSPECT,
DE_STATE_FLAG_HUAD_INSPECT,
0, 0,
DetectEngineInspectHttpUA }, DetectEngineInspectHttpUA },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HHHDMATCH, DETECT_SM_LIST_HHHDMATCH,
DE_STATE_FLAG_HHHD_INSPECT, DE_STATE_FLAG_HHHD_INSPECT,
DE_STATE_FLAG_HHHD_INSPECT,
0, 0,
DetectEngineInspectHttpHH }, DetectEngineInspectHttpHH },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HRHHDMATCH, DETECT_SM_LIST_HRHHDMATCH,
DE_STATE_FLAG_HRHHD_INSPECT, DE_STATE_FLAG_HRHHD_INSPECT,
DE_STATE_FLAG_HRHHD_INSPECT,
0, 0,
DetectEngineInspectHttpHRH }, DetectEngineInspectHttpHRH },
/* DNS */ /* DNS */
@ -247,7 +234,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_DNS, ALPROTO_DNS,
DETECT_SM_LIST_DNSQUERY_MATCH, DETECT_SM_LIST_DNSQUERY_MATCH,
DE_STATE_FLAG_DNSQUERY_INSPECT, DE_STATE_FLAG_DNSQUERY_INSPECT,
DE_STATE_FLAG_DNSQUERY_INSPECT,
0, 0,
DetectEngineInspectDnsQueryName }, DetectEngineInspectDnsQueryName },
/* specifically for UDP, register again /* specifically for UDP, register again
@ -257,14 +243,12 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_DNS, ALPROTO_DNS,
DETECT_SM_LIST_DNSQUERY_MATCH, DETECT_SM_LIST_DNSQUERY_MATCH,
DE_STATE_FLAG_DNSQUERY_INSPECT, DE_STATE_FLAG_DNSQUERY_INSPECT,
DE_STATE_FLAG_DNSQUERY_INSPECT,
0, 0,
DetectEngineInspectDnsQueryName }, DetectEngineInspectDnsQueryName },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_SMTP, ALPROTO_SMTP,
DETECT_SM_LIST_FILEMATCH, DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TS_INSPECT, DE_STATE_FLAG_FILE_TS_INSPECT,
DE_STATE_FLAG_FILE_TS_INSPECT,
0, 0,
DetectFileInspectSmtp }, DetectFileInspectSmtp },
/* Modbus */ /* Modbus */
@ -272,7 +256,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_MODBUS, ALPROTO_MODBUS,
DETECT_SM_LIST_MODBUS_MATCH, DETECT_SM_LIST_MODBUS_MATCH,
DE_STATE_FLAG_MODBUS_INSPECT, DE_STATE_FLAG_MODBUS_INSPECT,
DE_STATE_FLAG_MODBUS_INSPECT,
0, 0,
DetectEngineInspectModbus }, DetectEngineInspectModbus },
/* file_data smtp */ /* file_data smtp */
@ -280,7 +263,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_SMTP, ALPROTO_SMTP,
DETECT_SM_LIST_FILEDATA, DETECT_SM_LIST_FILEDATA,
DE_STATE_FLAG_FD_SMTP_INSPECT, DE_STATE_FLAG_FD_SMTP_INSPECT,
DE_STATE_FLAG_FD_SMTP_INSPECT,
0, 0,
DetectEngineInspectSMTPFiledata }, DetectEngineInspectSMTPFiledata },
}; };
@ -290,49 +272,42 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_FILEDATA, DETECT_SM_LIST_FILEDATA,
DE_STATE_FLAG_HSBD_INSPECT, DE_STATE_FLAG_HSBD_INSPECT,
DE_STATE_FLAG_HSBD_INSPECT,
1, 1,
DetectEngineInspectHttpServerBody }, DetectEngineInspectHttpServerBody },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HHDMATCH, DETECT_SM_LIST_HHDMATCH,
DE_STATE_FLAG_HHD_INSPECT, DE_STATE_FLAG_HHD_INSPECT,
DE_STATE_FLAG_HHD_INSPECT,
1, 1,
DetectEngineInspectHttpHeader }, DetectEngineInspectHttpHeader },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HRHDMATCH, DETECT_SM_LIST_HRHDMATCH,
DE_STATE_FLAG_HRHD_INSPECT, DE_STATE_FLAG_HRHD_INSPECT,
DE_STATE_FLAG_HRHD_INSPECT,
1, 1,
DetectEngineInspectHttpRawHeader }, DetectEngineInspectHttpRawHeader },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HCDMATCH, DETECT_SM_LIST_HCDMATCH,
DE_STATE_FLAG_HCD_INSPECT, DE_STATE_FLAG_HCD_INSPECT,
DE_STATE_FLAG_HCD_INSPECT,
1, 1,
DetectEngineInspectHttpCookie }, DetectEngineInspectHttpCookie },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_FILEMATCH, DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TC_INSPECT, DE_STATE_FLAG_FILE_TC_INSPECT,
DE_STATE_FLAG_FILE_TC_INSPECT,
1, 1,
DetectFileInspectHttp }, DetectFileInspectHttp },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HSMDMATCH, DETECT_SM_LIST_HSMDMATCH,
DE_STATE_FLAG_HSMD_INSPECT, DE_STATE_FLAG_HSMD_INSPECT,
DE_STATE_FLAG_HSMD_INSPECT,
1, 1,
DetectEngineInspectHttpStatMsg }, DetectEngineInspectHttpStatMsg },
{ IPPROTO_TCP, { IPPROTO_TCP,
ALPROTO_HTTP, ALPROTO_HTTP,
DETECT_SM_LIST_HSCDMATCH, DETECT_SM_LIST_HSCDMATCH,
DE_STATE_FLAG_HSCD_INSPECT, DE_STATE_FLAG_HSCD_INSPECT,
DE_STATE_FLAG_HSCD_INSPECT,
1, 1,
DetectEngineInspectHttpStatCode }, DetectEngineInspectHttpStatCode },
/* Modbus */ /* Modbus */
@ -340,7 +315,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
ALPROTO_MODBUS, ALPROTO_MODBUS,
DETECT_SM_LIST_MODBUS_MATCH, DETECT_SM_LIST_MODBUS_MATCH,
DE_STATE_FLAG_MODBUS_INSPECT, DE_STATE_FLAG_MODBUS_INSPECT,
DE_STATE_FLAG_MODBUS_INSPECT,
0, 0,
DetectEngineInspectModbus } DetectEngineInspectModbus }
}; };
@ -352,7 +326,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
data_toserver[i].dir, data_toserver[i].dir,
data_toserver[i].sm_list, data_toserver[i].sm_list,
data_toserver[i].inspect_flags, data_toserver[i].inspect_flags,
data_toserver[i].match_flags,
data_toserver[i].Callback, data_toserver[i].Callback,
app_inspection_engine); app_inspection_engine);
} }
@ -363,7 +336,6 @@ void DetectEngineRegisterAppInspectionEngines(void)
data_toclient[i].dir, data_toclient[i].dir,
data_toclient[i].sm_list, data_toclient[i].sm_list,
data_toclient[i].inspect_flags, data_toclient[i].inspect_flags,
data_toclient[i].match_flags,
data_toclient[i].Callback, data_toclient[i].Callback,
app_inspection_engine); app_inspection_engine);
} }
@ -384,14 +356,13 @@ static void AppendAppInspectionEngine(DetectEngineAppInspectionEngine *engine,
while (tmp != NULL) { while (tmp != NULL) {
if (tmp->dir == engine->dir && if (tmp->dir == engine->dir &&
(tmp->sm_list == engine->sm_list || (tmp->sm_list == engine->sm_list ||
tmp->inspect_flags == engine->inspect_flags || tmp->inspect_flags == engine->inspect_flags
tmp->match_flags == engine->match_flags)) { )) {
SCLogError(SC_ERR_DETECT_PREPARE, "App Inspection Engine already " SCLogError(SC_ERR_DETECT_PREPARE, "App Inspection Engine already "
"registered for this direction(%"PRIu16") ||" "registered for this direction(%"PRIu16") ||"
"sm_list(%d) || " "sm_list(%d) || "
"[match(%"PRIu32")|inspect(%"PRIu32")]_flags", "[inspect(%"PRIu32")]_flags",
tmp->dir, tmp->sm_list, tmp->inspect_flags, tmp->dir, tmp->sm_list, tmp->inspect_flags);
tmp->match_flags);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
insert = tmp; insert = tmp;
@ -410,7 +381,6 @@ void DetectEngineRegisterAppInspectionEngine(uint8_t ipproto,
uint16_t dir, uint16_t dir,
int32_t sm_list, int32_t sm_list,
uint32_t inspect_flags, uint32_t inspect_flags,
uint32_t match_flags,
int (*Callback)(ThreadVars *tv, int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx,
@ -447,7 +417,6 @@ void DetectEngineRegisterAppInspectionEngine(uint8_t ipproto,
new_engine->dir = dir; new_engine->dir = dir;
new_engine->sm_list = sm_list; new_engine->sm_list = sm_list;
new_engine->inspect_flags = inspect_flags; new_engine->inspect_flags = inspect_flags;
new_engine->match_flags = match_flags;
new_engine->Callback = Callback; new_engine->Callback = Callback;
AppendAppInspectionEngine(new_engine, list); AppendAppInspectionEngine(new_engine, list);
@ -2120,7 +2089,6 @@ int DetectEngineTest05(void)
0 /* STREAM_TOSERVER */, 0 /* STREAM_TOSERVER */,
DETECT_SM_LIST_UMATCH, DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT, DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine01, DummyTestAppInspectionEngine01,
engine_list); engine_list);
@ -2141,7 +2109,6 @@ int DetectEngineTest05(void)
engine->dir != dir || engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH || engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT || engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine01) { engine->Callback != DummyTestAppInspectionEngine01) {
printf("failed for http and dir(0-toserver)\n"); printf("failed for http and dir(0-toserver)\n");
goto end; goto end;
@ -2183,7 +2150,6 @@ int DetectEngineTest06(void)
0 /* STREAM_TOSERVER */, 0 /* STREAM_TOSERVER */,
DETECT_SM_LIST_UMATCH, DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT, DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine01, DummyTestAppInspectionEngine01,
engine_list); engine_list);
DetectEngineRegisterAppInspectionEngine(IPPROTO_TCP, DetectEngineRegisterAppInspectionEngine(IPPROTO_TCP,
@ -2191,7 +2157,6 @@ int DetectEngineTest06(void)
1 /* STREAM_TOCLIENT */, 1 /* STREAM_TOCLIENT */,
DETECT_SM_LIST_UMATCH, DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT, DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT,
DummyTestAppInspectionEngine02, DummyTestAppInspectionEngine02,
engine_list); engine_list);
@ -2212,7 +2177,6 @@ int DetectEngineTest06(void)
engine->dir != dir || engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH || engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT || engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine01) { engine->Callback != DummyTestAppInspectionEngine01) {
printf("failed for http and dir(0-toserver)\n"); printf("failed for http and dir(0-toserver)\n");
goto end; goto end;
@ -2231,7 +2195,6 @@ int DetectEngineTest06(void)
engine->dir != dir || engine->dir != dir ||
engine->sm_list != DETECT_SM_LIST_UMATCH || engine->sm_list != DETECT_SM_LIST_UMATCH ||
engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT || engine->inspect_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->match_flags != DE_STATE_FLAG_URI_INSPECT ||
engine->Callback != DummyTestAppInspectionEngine02) { engine->Callback != DummyTestAppInspectionEngine02) {
printf("failed for http and dir(0-toclient)\n"); printf("failed for http and dir(0-toclient)\n");
goto end; goto end;
@ -2264,7 +2227,6 @@ int DetectEngineTest07(void)
struct test_data_t { struct test_data_t {
int32_t sm_list; int32_t sm_list;
uint32_t inspect_flags; uint32_t inspect_flags;
uint32_t match_flags;
uint16_t dir; uint16_t dir;
int (*Callback)(ThreadVars *tv, int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineCtx *de_ctx,
@ -2277,67 +2239,54 @@ int DetectEngineTest07(void)
struct test_data_t data[] = { struct test_data_t data[] = {
{ DETECT_SM_LIST_UMATCH, { DETECT_SM_LIST_UMATCH,
DE_STATE_FLAG_URI_INSPECT,
DE_STATE_FLAG_URI_INSPECT, DE_STATE_FLAG_URI_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HCBDMATCH, { DETECT_SM_LIST_HCBDMATCH,
DE_STATE_FLAG_HCBD_INSPECT,
DE_STATE_FLAG_HCBD_INSPECT, DE_STATE_FLAG_HCBD_INSPECT,
0, 0,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_FILEDATA, { DETECT_SM_LIST_FILEDATA,
DE_STATE_FLAG_HSBD_INSPECT,
DE_STATE_FLAG_HSBD_INSPECT, DE_STATE_FLAG_HSBD_INSPECT,
1, 1,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HHDMATCH, { DETECT_SM_LIST_HHDMATCH,
DE_STATE_FLAG_HHD_INSPECT,
DE_STATE_FLAG_HHD_INSPECT, DE_STATE_FLAG_HHD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HRHDMATCH, { DETECT_SM_LIST_HRHDMATCH,
DE_STATE_FLAG_HRHD_INSPECT,
DE_STATE_FLAG_HRHD_INSPECT, DE_STATE_FLAG_HRHD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HMDMATCH, { DETECT_SM_LIST_HMDMATCH,
DE_STATE_FLAG_HMD_INSPECT,
DE_STATE_FLAG_HMD_INSPECT, DE_STATE_FLAG_HMD_INSPECT,
0, 0,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HCDMATCH, { DETECT_SM_LIST_HCDMATCH,
DE_STATE_FLAG_HCD_INSPECT,
DE_STATE_FLAG_HCD_INSPECT, DE_STATE_FLAG_HCD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HRUDMATCH, { DETECT_SM_LIST_HRUDMATCH,
DE_STATE_FLAG_HRUD_INSPECT,
DE_STATE_FLAG_HRUD_INSPECT, DE_STATE_FLAG_HRUD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_FILEMATCH, { DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TS_INSPECT,
DE_STATE_FLAG_FILE_TS_INSPECT, DE_STATE_FLAG_FILE_TS_INSPECT,
0, 0,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_FILEMATCH, { DETECT_SM_LIST_FILEMATCH,
DE_STATE_FLAG_FILE_TC_INSPECT,
DE_STATE_FLAG_FILE_TC_INSPECT, DE_STATE_FLAG_FILE_TC_INSPECT,
1, 1,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
{ DETECT_SM_LIST_HSMDMATCH, { DETECT_SM_LIST_HSMDMATCH,
DE_STATE_FLAG_HSMD_INSPECT,
DE_STATE_FLAG_HSMD_INSPECT, DE_STATE_FLAG_HSMD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HSCDMATCH, { DETECT_SM_LIST_HSCDMATCH,
DE_STATE_FLAG_HSCD_INSPECT,
DE_STATE_FLAG_HSCD_INSPECT, DE_STATE_FLAG_HSCD_INSPECT,
0, 0,
DummyTestAppInspectionEngine01 }, DummyTestAppInspectionEngine01 },
{ DETECT_SM_LIST_HUADMATCH, { DETECT_SM_LIST_HUADMATCH,
DE_STATE_FLAG_HUAD_INSPECT,
DE_STATE_FLAG_HUAD_INSPECT, DE_STATE_FLAG_HUAD_INSPECT,
0, 0,
DummyTestAppInspectionEngine02 }, DummyTestAppInspectionEngine02 },
@ -2350,7 +2299,6 @@ int DetectEngineTest07(void)
data[i].dir /* STREAM_TOCLIENT */, data[i].dir /* STREAM_TOCLIENT */,
data[i].sm_list, data[i].sm_list,
data[i].inspect_flags, data[i].inspect_flags,
data[i].match_flags,
data[i].Callback, data[i].Callback,
engine_list); engine_list);
} }
@ -2376,7 +2324,6 @@ int DetectEngineTest07(void)
engine->dir != data[i].dir || engine->dir != data[i].dir ||
engine->sm_list != data[i].sm_list || engine->sm_list != data[i].sm_list ||
engine->inspect_flags != data[i].inspect_flags || engine->inspect_flags != data[i].inspect_flags ||
engine->match_flags != data[i].match_flags ||
engine->Callback != data[i].Callback) { engine->Callback != data[i].Callback) {
printf("failed for http\n"); printf("failed for http\n");
goto end; goto end;

2
src/detect-engine.h
Unescape Escape View File

@ -35,7 +35,6 @@ typedef struct DetectEngineAppInspectionEngine_ {
int32_t sm_list; int32_t sm_list;
uint32_t inspect_flags; uint32_t inspect_flags;
uint32_t match_flags;
/* \retval 0 No match. Don't discontinue matching yet. We need more data. /* \retval 0 No match. Don't discontinue matching yet. We need more data.
* 1 Match. * 1 Match.
@ -101,7 +100,6 @@ void DetectEngineRegisterAppInspectionEngine(uint8_t ipproto,
uint16_t direction, uint16_t direction,
int32_t sm_list, int32_t sm_list,
uint32_t inspect_flags, uint32_t inspect_flags,
uint32_t match_flags,
int (*Callback)(ThreadVars *tv, int (*Callback)(ThreadVars *tv,
DetectEngineCtx *de_ctx, DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx,

4
src/detect-parse.c
Unescape Escape View File

@ -1504,7 +1504,6 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, char *sigstr,
0, 0,
DETECT_SM_LIST_APP_EVENT, DETECT_SM_LIST_APP_EVENT,
DE_STATE_FLAG_APP_EVENT_INSPECT, DE_STATE_FLAG_APP_EVENT_INSPECT,
DE_STATE_FLAG_APP_EVENT_INSPECT,
DetectEngineAptEventInspect, DetectEngineAptEventInspect,
app_inspection_engine); app_inspection_engine);
} }
@ -1514,7 +1513,6 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, char *sigstr,
1, 1,
DETECT_SM_LIST_APP_EVENT, DETECT_SM_LIST_APP_EVENT,
DE_STATE_FLAG_APP_EVENT_INSPECT, DE_STATE_FLAG_APP_EVENT_INSPECT,
DE_STATE_FLAG_APP_EVENT_INSPECT,
DetectEngineAptEventInspect, DetectEngineAptEventInspect,
app_inspection_engine); app_inspection_engine);
} }
@ -1526,7 +1524,6 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, char *sigstr,
0, 0,
DETECT_SM_LIST_APP_EVENT, DETECT_SM_LIST_APP_EVENT,
DE_STATE_FLAG_APP_EVENT_INSPECT, DE_STATE_FLAG_APP_EVENT_INSPECT,
DE_STATE_FLAG_APP_EVENT_INSPECT,
DetectEngineAptEventInspect, DetectEngineAptEventInspect,
app_inspection_engine); app_inspection_engine);
} }
@ -1536,7 +1533,6 @@ static Signature *SigInitHelper(DetectEngineCtx *de_ctx, char *sigstr,
1, 1,
DETECT_SM_LIST_APP_EVENT, DETECT_SM_LIST_APP_EVENT,
DE_STATE_FLAG_APP_EVENT_INSPECT, DE_STATE_FLAG_APP_EVENT_INSPECT,
DE_STATE_FLAG_APP_EVENT_INSPECT,
DetectEngineAptEventInspect, DetectEngineAptEventInspect,
app_inspection_engine); app_inspection_engine);
} }

Write Preview
Loading…
Cancel
Save