|
|
|
|
@ -63,32 +63,32 @@
|
|
|
|
|
#define DE_STATE_CHUNK_SIZE 15
|
|
|
|
|
|
|
|
|
|
/* per sig flags */
|
|
|
|
|
#define DE_STATE_FLAG_URI_INSPECT (1)
|
|
|
|
|
#define DE_STATE_FLAG_HRUD_INSPECT (1 << 1)
|
|
|
|
|
#define DE_STATE_FLAG_HCBD_INSPECT (1 << 2)
|
|
|
|
|
#define DE_STATE_FLAG_HSBD_INSPECT (1 << 3)
|
|
|
|
|
#define DE_STATE_FLAG_HHD_INSPECT (1 << 4)
|
|
|
|
|
#define DE_STATE_FLAG_HRHD_INSPECT (1 << 5)
|
|
|
|
|
#define DE_STATE_FLAG_HHHD_INSPECT (1 << 6)
|
|
|
|
|
#define DE_STATE_FLAG_HRHHD_INSPECT (1 << 7)
|
|
|
|
|
#define DE_STATE_FLAG_HUAD_INSPECT (1 << 8)
|
|
|
|
|
#define DE_STATE_FLAG_HMD_INSPECT (1 << 9)
|
|
|
|
|
#define DE_STATE_FLAG_HCD_INSPECT (1 << 10)
|
|
|
|
|
#define DE_STATE_FLAG_HSMD_INSPECT (1 << 11)
|
|
|
|
|
#define DE_STATE_FLAG_HSCD_INSPECT (1 << 12)
|
|
|
|
|
#define DE_STATE_FLAG_FILE_TC_INSPECT (1 << 13)
|
|
|
|
|
#define DE_STATE_FLAG_FILE_TS_INSPECT (1 << 14)
|
|
|
|
|
#define DE_STATE_FLAG_FULL_INSPECT (1 << 15)
|
|
|
|
|
#define DE_STATE_FLAG_SIG_CANT_MATCH (1 << 16)
|
|
|
|
|
#define DE_STATE_FLAG_DNSQUERYNAME_INSPECT (1 << 17)
|
|
|
|
|
#define DE_STATE_FLAG_APP_EVENT_INSPECT (1 << 18)
|
|
|
|
|
#define DE_STATE_FLAG_MODBUS_INSPECT (1 << 19)
|
|
|
|
|
#define DE_STATE_FLAG_HRL_INSPECT (1 << 20)
|
|
|
|
|
#define DE_STATE_FLAG_FD_SMTP_INSPECT (1 << 21)
|
|
|
|
|
#define DE_STATE_FLAG_DNSREQUEST_INSPECT (1 << 22)
|
|
|
|
|
#define DE_STATE_FLAG_DNSRESPONSE_INSPECT (1 << 23)
|
|
|
|
|
#define DE_STATE_FLAG_TLSSNI_INSPECT (1 << 24)
|
|
|
|
|
#define DE_STATE_FLAG_TEMPLATE_BUFFER_INSPECT (1 << 25)
|
|
|
|
|
#define DE_STATE_FLAG_URI_INSPECT BIT_U32(0)
|
|
|
|
|
#define DE_STATE_FLAG_HRUD_INSPECT BIT_U32(1)
|
|
|
|
|
#define DE_STATE_FLAG_HCBD_INSPECT BIT_U32(2)
|
|
|
|
|
#define DE_STATE_FLAG_HSBD_INSPECT BIT_U32(3)
|
|
|
|
|
#define DE_STATE_FLAG_HHD_INSPECT BIT_U32(4)
|
|
|
|
|
#define DE_STATE_FLAG_HRHD_INSPECT BIT_U32(5)
|
|
|
|
|
#define DE_STATE_FLAG_HHHD_INSPECT BIT_U32(6)
|
|
|
|
|
#define DE_STATE_FLAG_HRHHD_INSPECT BIT_U32(7)
|
|
|
|
|
#define DE_STATE_FLAG_HUAD_INSPECT BIT_U32(8)
|
|
|
|
|
#define DE_STATE_FLAG_HMD_INSPECT BIT_U32(9)
|
|
|
|
|
#define DE_STATE_FLAG_HCD_INSPECT BIT_U32(10)
|
|
|
|
|
#define DE_STATE_FLAG_HSMD_INSPECT BIT_U32(11)
|
|
|
|
|
#define DE_STATE_FLAG_HSCD_INSPECT BIT_U32(12)
|
|
|
|
|
#define DE_STATE_FLAG_FILE_TC_INSPECT BIT_U32(13)
|
|
|
|
|
#define DE_STATE_FLAG_FILE_TS_INSPECT BIT_U32(14)
|
|
|
|
|
#define DE_STATE_FLAG_FULL_INSPECT BIT_U32(15)
|
|
|
|
|
#define DE_STATE_FLAG_SIG_CANT_MATCH BIT_U32(16)
|
|
|
|
|
#define DE_STATE_FLAG_DNSQUERYNAME_INSPECT BIT_U32(17)
|
|
|
|
|
#define DE_STATE_FLAG_APP_EVENT_INSPECT BIT_U32(18)
|
|
|
|
|
#define DE_STATE_FLAG_MODBUS_INSPECT BIT_U32(19)
|
|
|
|
|
#define DE_STATE_FLAG_HRL_INSPECT BIT_U32(20)
|
|
|
|
|
#define DE_STATE_FLAG_FD_SMTP_INSPECT BIT_U32(21)
|
|
|
|
|
#define DE_STATE_FLAG_DNSREQUEST_INSPECT BIT_U32(22)
|
|
|
|
|
#define DE_STATE_FLAG_DNSRESPONSE_INSPECT BIT_U32(23)
|
|
|
|
|
#define DE_STATE_FLAG_TLSSNI_INSPECT BIT_U32(24)
|
|
|
|
|
#define DE_STATE_FLAG_TEMPLATE_BUFFER_INSPECT BIT_U32(25)
|
|
|
|
|
|
|
|
|
|
/* state flags */
|
|
|
|
|
#define DETECT_ENGINE_STATE_FLAG_FILE_STORE_DISABLED 0x0001
|
|
|
|
|
|
Victor Julien
9 years ago