#include <sys/types.h>#include <pcap.h>#include <sys/socket.h>#include <netinet/in.h>#include <net/if.h>#include "stream.h"Go to the source code of this file.
Defines | |
| #define | ETHERNET_MTU 1500 |
| #define | ETHERNET_TYPE_IP 0x0800 |
| #define | ETHERNET_TYPE_ARP 0x0806 |
| #define | ETHERNET_TYPE_REVARP 0x8035 |
| #define | ETHERNET_TYPE_EAPOL 0x888e |
| #define | ETHERNET_TYPE_IPV6 0x86dd |
| #define | ETHERNET_TYPE_IPX 0x8137 |
| #define | ETHERNET_TYPE_PPPoE_DISC 0x8863 |
| #define | ETHERNET_TYPE_PPPoE_SESS 0x8864 |
| #define | ETHERNET_TYPE_8021Q 0x8100 |
| #define | ETHERNET_TYPE_LOOP 0x9000 |
| #define | ETH_DSAP_SNA 0x08 |
| #define | ETH_SSAP_SNA 0x00 |
| #define | ETH_DSAP_STP 0x42 |
| #define | ETH_SSAP_STP 0x42 |
| #define | ETH_DSAP_IP 0xaa |
| #define | ETH_SSAP_IP 0xaa |
| #define | ETH_ORG_CODE_ETHR 0x000000 |
| #define | ETH_ORG_CODE_CDP 0x00000c |
| #define | ETHERNET_HEADER_LEN 14 |
| #define | ETHERNET_MAX_LEN_ENCAP 1518 |
| #define | PPPOE_HEADER_LEN 20 |
| #define | MINIMAL_TOKENRING_HEADER_LEN 22 |
| #define | MINIMAL_IEEE80211_HEADER_LEN 10 |
| #define | IEEE802_11_DATA_HDR_LEN 24 |
| #define | TR_HLEN MINIMAL_TOKENRING_HEADER_LEN |
| #define | TOKENRING_LLC_LEN 8 |
| #define | SLIP_HEADER_LEN 16 |
| #define | WLAN_TYPE_MGMT_ASREQ 0x0 |
| #define | WLAN_TYPE_MGMT_ASRES 0x10 |
| #define | WLAN_TYPE_MGMT_REREQ 0x20 |
| #define | WLAN_TYPE_MGMT_RERES 0x30 |
| #define | WLAN_TYPE_MGMT_PRREQ 0x40 |
| #define | WLAN_TYPE_MGMT_PRRES 0x50 |
| #define | WLAN_TYPE_MGMT_BEACON 0x80 |
| #define | WLAN_TYPE_MGMT_ATIM 0x90 |
| #define | WLAN_TYPE_MGMT_DIS 0xa0 |
| #define | WLAN_TYPE_MGMT_AUTH 0xb0 |
| #define | WLAN_TYPE_MGMT_DEAUTH 0xc0 |
| #define | WLAN_TYPE_CONT_PS 0xa4 |
| #define | WLAN_TYPE_CONT_RTS 0xb4 |
| #define | WLAN_TYPE_CONT_CTS 0xc4 |
| #define | WLAN_TYPE_CONT_ACK 0xd4 |
| #define | WLAN_TYPE_CONT_CFE 0xe4 |
| #define | WLAN_TYPE_CONT_CFACK 0xf4 |
| #define | WLAN_TYPE_DATA_DATA 0x08 |
| #define | WLAN_TYPE_DATA_DTCFACK 0x18 |
| #define | WLAN_TYPE_DATA_DTCFPL 0x28 |
| #define | WLAN_TYPE_DATA_DTACKPL 0x38 |
| #define | WLAN_TYPE_DATA_NULL 0x48 |
| #define | WLAN_TYPE_DATA_CFACK 0x58 |
| #define | WLAN_TYPE_DATA_CFPL 0x68 |
| #define | WLAN_TYPE_DATA_ACKPL 0x78 |
| #define | WLAN_FLAG_TODS 0x0100 |
| #define | WLAN_FLAG_FROMDS 0x0200 |
| #define | WLAN_FLAG_FRAG 0x0400 |
| #define | WLAN_FLAG_RETRY 0x0800 |
| #define | WLAN_FLAG_PWRMGMT 0x1000 |
| #define | WLAN_FLAG_MOREDAT 0x2000 |
| #define | WLAN_FLAG_WEP 0x4000 |
| #define | WLAN_FLAG_ORDER 0x8000 |
| #define | EAPOL_TYPE_EAP 0x00 |
| #define | EAPOL_TYPE_START 0x01 |
| #define | EAPOL_TYPE_LOGOFF 0x02 |
| #define | EAPOL_TYPE_KEY 0x03 |
| #define | EAPOL_TYPE_ASF 0x04 |
| #define | EAP_CODE_REQUEST 0x01 |
| #define | EAP_CODE_RESPONSE 0x02 |
| #define | EAP_CODE_SUCCESS 0x03 |
| #define | EAP_CODE_FAILURE 0x04 |
| #define | EAP_TYPE_IDENTITY 0x01 |
| #define | EAP_TYPE_NOTIFY 0x02 |
| #define | EAP_TYPE_NAK 0x03 |
| #define | EAP_TYPE_MD5 0x04 |
| #define | EAP_TYPE_OTP 0x05 |
| #define | EAP_TYPE_GTC 0x06 |
| #define | EAP_TYPE_TLS 0x0d |
| #define | CHDLC_HEADER_LEN 4 |
| #define | CHDLC_ADDR_UNICAST 0x0f |
| #define | CHDLC_ADDR_MULTICAST 0x8f |
| #define | CHDLC_ADDR_BROADCAST 0xff |
| #define | CHDLC_CTRL_UNNUMBERED 0x03 |
| #define | PPP_HDRLEN sizeof(struct ppp_header) |
| #define | PPP_IP 0x0021 |
| #define | PPP_VJ_COMP 0x002d |
| #define | PPP_VJ_UCOMP 0x002f |
| #define | PPP_IPX 0x002b |
| #define | PPP_MTU 1500 |
| #define | NULL_HDRLEN 4 |
| #define | ENC_HEADER_LEN 12 |
| #define | IP_HEADER_LEN 20 |
| #define | TCP_HEADER_LEN 20 |
| #define | UDP_HEADER_LEN 8 |
| #define | ICMP_HEADER_LEN 4 |
| #define | IP_OPTMAX 40 |
| #define | TCP_OPTLENMAX 40 |
| #define | IP_MAXPACKET 65535 |
| #define | TH_FIN 0x01 |
| #define | TH_SYN 0x02 |
| #define | TH_RST 0x04 |
| #define | TH_PUSH 0x08 |
| #define | TH_ACK 0x10 |
| #define | TH_URG 0x20 |
| #define | TH_RES2 0x40 |
| #define | TH_RES1 0x80 |
| #define | TH_NORESERVED (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) |
| #define | TCPOPT_EOL 0 |
| #define | TCPOLEN_EOL 1 |
| #define | TCPOPT_NOP 1 |
| #define | TCPOLEN_NOP 1 |
| #define | TCPOPT_MAXSEG 2 |
| #define | TCPOLEN_MAXSEG 4 |
| #define | TCPOPT_WSCALE 3 |
| #define | TCPOLEN_WSCALE 3 |
| #define | TCPOPT_SACKOK 4 |
| #define | TCPOLEN_SACKOK 2 |
| #define | TCPOPT_SACK 5 |
| #define | TCPOPT_ECHO 6 |
| #define | TCPOLEN_ECHO 6 |
| #define | TCPOPT_ECHOREPLY 7 |
| #define | TCPOLEN_ECHOREPLY 6 |
| #define | TCPOPT_TIMESTAMP 8 |
| #define | TCPOLEN_TIMESTAMP 10 |
| #define | TCPOPT_PARTIAL_PERM 9 |
| #define | TCPOLEN_PARTIAL_PERM 2 |
| #define | TCPOPT_PARTIAL_SVC 10 |
| #define | TCPOLEN_PARTIAL_SVC 3 |
| #define | TCPOPT_CC 11 |
| #define | TCPOPT_CC_NEW 12 |
| #define | TCPOPT_CC_ECHO 13 |
| #define | TCPOLEN_CC 6 |
| #define | TCPOLEN_CC_NEW 6 |
| #define | TCPOLEN_CC_ECHO 6 |
| #define | TCPOPT_ALTCSUM 15 |
| #define | TCPOPT_SKEETER 16 |
| #define | TCPOPT_BUBBA 17 |
| #define | TCPOPT_TRAILER_CSUM 18 |
| #define | TCPOLEN_TRAILER_CSUM 3 |
| #define | TCPOPT_MD5SIG 19 |
| #define | TCPOLEN_MD5SIG 18 |
| #define | TCPOPT_SCPS 20 |
| #define | TCPOPT_SELNEGACK 21 |
| #define | TCPOPT_RECORDBOUND 22 |
| #define | TCPOPT_CORRUPTION 23 |
| #define | TCPOPT_SNAP 24 |
| #define | TCPOPT_UNASSIGNED 25 |
| #define | TCPOPT_COMPRESSION 26 |
| #define | TCP_OPT_TRUNC -1 |
| #define | TCP_OPT_BADLEN -2 |
| #define | TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) |
| #define | TCPOPT_TSTAMP_HDR (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP) |
| #define | TCP_MSS 512 |
| #define | TCP_MAXWIN 65535 |
| #define | TCP_MAX_WINSHIFT 14 |
| #define | TCP_NODELAY 0x01 |
| #define | TCP_MAXSEG 0x02 |
| #define | SOL_TCP 6 |
| #define | L2TP_PORT 1701 |
| #define | DHCP_CLIENT_PORT 68 |
| #define | DHCP_SERVER_PORT 67 |
| #define | SNAPLEN 1514 |
| #define | MIN_SNAPLEN 68 |
| #define | PROMISC 1 |
| #define | READ_TIMEOUT 500 |
| #define | TR_ALEN 6 |
| #define | IPARP_SAP 0xaa |
| #define | AC 0x10 |
| #define | LLC_FRAME 0x40 |
| #define | TRMTU 2000 |
| #define | TR_RII 0x80 |
| #define | TR_RCF_DIR_BIT 0x80 |
| #define | TR_RCF_LEN_MASK 0x1f00 |
| #define | TR_RCF_BROADCAST 0x8000 |
| #define | TR_RCF_LIMITED_BROADCAST 0xC000 |
| #define | TR_RCF_FRAME2K 0x20 |
| #define | TR_RCF_BROADCAST_MASK 0xC000 |
| #define | FDDI_ALLC_LEN 13 |
| #define | FDDI_ALEN 6 |
| #define | FDDI_MIN_HLEN (FDDI_ALLC_LEN + 3) |
| #define | FDDI_DSAP_SNA 0x08 |
| #define | FDDI_SSAP_SNA 0x00 |
| #define | FDDI_DSAP_STP 0x42 |
| #define | FDDI_SSAP_STP 0x42 |
| #define | FDDI_DSAP_IP 0xaa |
| #define | FDDI_SSAP_IP 0xaa |
| #define | FDDI_ORG_CODE_ETHR 0x000000 |
| #define | FDDI_ORG_CODE_CDP 0x00000c |
| #define | ETHERNET_TYPE_CDP 0x2000 |
| #define | ARPOP_REQUEST 1 |
| #define | ARPOP_REPLY 2 |
| #define | ARPOP_RREQUEST 3 |
| #define | ARPOP_RREPLY 4 |
| #define | PPPoE_CODE_SESS 0x00 |
| #define | PPPoE_CODE_PADI 0x09 |
| #define | PPPoE_CODE_PADO 0x07 |
| #define | PPPoE_CODE_PADR 0x19 |
| #define | PPPoE_CODE_PADS 0x65 |
| #define | PPPoE_CODE_PADT 0xa7 |
| #define | PPPoE_TAG_END_OF_LIST 0x0000 |
| #define | PPPoE_TAG_SERVICE_NAME 0x0101 |
| #define | PPPoE_TAG_AC_NAME 0x0102 |
| #define | PPPoE_TAG_HOST_UNIQ 0x0103 |
| #define | PPPoE_TAG_AC_COOKIE 0x0104 |
| #define | PPPoE_TAG_VENDOR_SPECIFIC 0x0105 |
| #define | PPPoE_TAG_RELAY_SESSION_ID 0x0110 |
| #define | PPPoE_TAG_SERVICE_NAME_ERROR 0x0201 |
| #define | PPPoE_TAG_AC_SYSTEM_ERROR 0x0202 |
| #define | PPPoE_TAG_GENERIC_ERROR 0x0203 |
| #define | ICMP_ECHOREPLY 0 |
| #define | ICMP_DEST_UNREACH 3 |
| #define | ICMP_SOURCE_QUENCH 4 |
| #define | ICMP_REDIRECT 5 |
| #define | ICMP_ECHO 8 |
| #define | ICMP_ROUTER_ADVERTISE 9 |
| #define | ICMP_ROUTER_SOLICIT 10 |
| #define | ICMP_TIME_EXCEEDED 11 |
| #define | ICMP_PARAMETERPROB 12 |
| #define | ICMP_TIMESTAMP 13 |
| #define | ICMP_TIMESTAMPREPLY 14 |
| #define | ICMP_INFO_REQUEST 15 |
| #define | ICMP_INFO_REPLY 16 |
| #define | ICMP_ADDRESS 17 |
| #define | ICMP_ADDRESSREPLY 18 |
| #define | NR_ICMP_TYPES 18 |
| #define | ICMP_NET_UNREACH 0 |
| #define | ICMP_HOST_UNREACH 1 |
| #define | ICMP_PROT_UNREACH 2 |
| #define | ICMP_PORT_UNREACH 3 |
| #define | ICMP_FRAG_NEEDED 4 |
| #define | ICMP_SR_FAILED 5 |
| #define | ICMP_NET_UNKNOWN 6 |
| #define | ICMP_HOST_UNKNOWN 7 |
| #define | ICMP_HOST_ISOLATED 8 |
| #define | ICMP_PKT_FILTERED_NET 9 |
| #define | ICMP_PKT_FILTERED_HOST 10 |
| #define | ICMP_NET_UNR_TOS 11 |
| #define | ICMP_HOST_UNR_TOS 12 |
| #define | ICMP_PKT_FILTERED 13 |
| #define | ICMP_PREC_VIOLATION 14 |
| #define | ICMP_PREC_CUTOFF 15 |
| #define | NR_ICMP_UNREACH 15 |
| #define | ICMP_REDIR_NET 0 |
| #define | ICMP_REDIR_HOST 1 |
| #define | ICMP_REDIR_TOS_NET 2 |
| #define | ICMP_REDIR_TOS_HOST 3 |
| #define | ICMP_TIMEOUT_TRANSIT 0 |
| #define | ICMP_TIMEOUT_REASSY 1 |
| #define | ICMP_PARAM_BADIPHDR 0 |
| #define | ICMP_PARAM_OPTMISSING 1 |
| #define | ICMP_PARAM_BAD_LENGTH 2 |
| #define | IPOPT_EOL 0x00 |
| #define | IPOPT_NOP 0x01 |
| #define | IPOPT_RR 0x07 |
| #define | IPOPT_RTRALT 0x14 |
| #define | IPOPT_TS 0x44 |
| #define | IPOPT_SECURITY 0x82 |
| #define | IPOPT_LSRR 0x83 |
| #define | IPOPT_LSRR_E 0x84 |
| #define | IPOPT_SATID 0x88 |
| #define | IPOPT_SSRR 0x89 |
| #define | TOPT_EOL 0x00 |
| #define | TOPT_NOP 0x01 |
| #define | TOPT_MSS 0x02 |
| #define | TOPT_WS 0x03 |
| #define | TOPT_TS 0x08 |
| #define | TCPOPT_CCNEW 12 |
| #define | TCPOPT_CCECHO 13 |
| #define | EXTRACT_16BITS(p) ((u_short) ntohs (*(u_short *)(p))) |
| #define | EXTRACT_32BITS(p) ((u_int32_t) ntohl (*(u_int32_t *)(p))) |
| #define | PKT_REBUILT_FRAG 0x00000001 |
| #define | PKT_REBUILT_STREAM 0x00000002 |
| #define | PKT_STREAM_UNEST_UNI 0x00000004 |
| #define | PKT_STREAM_UNEST_BI 0x00000008 |
| #define | PKT_STREAM_EST 0x00000010 |
| #define | PKT_ECN 0x00000020 |
| #define | PKT_FROM_SERVER 0x00000040 |
| #define | PKT_FROM_CLIENT 0x00000080 |
| #define | PKT_HTTP_DECODE 0x00000100 |
| #define | PKT_FRAG_ALERTED 0x00000200 |
| #define | PKT_STREAM_INSERT 0x00000400 |
| #define | PKT_ALT_DECODE 0x00000800 |
| #define | PKT_STREAM_TWH 0x00001000 |
| #define | PKT_IGNORE_PORT 0x00002000 |
| #define | PKT_INLINE_DROP 0x20000000 |
| #define | PKT_OBFUSCATED 0x40000000 |
| #define | PKT_LOGGED 0x80000000 |
| #define | TRH_MR_BCAST(trhmr) ((ntohs((trhmr)->bcast_len_dir_lf_res) & 0xe000) >> 13) |
| #define | TRH_MR_LEN(trhmr) ((ntohs((trhmr)->bcast_len_dir_lf_res) & 0x1F00) >> 8) |
| #define | TRH_MR_DIR(trhmr) ((ntohs((trhmr)->bcast_len_dir_lf_res) & 0x0080) >> 8) |
| #define | TRH_MR_LF(trhmr) ((ntohs((trhmr)->bcast_len_dir_lf_res) & 0x0070) >> 7) |
| #define | TRH_MR_RES(trhmr) ((ntohs((trhmr)->bcast_len_dir_lf_res) & 0x000F)) |
| #define | SLL_HDR_LEN 16 |
| #define | SLL_ADDRLEN 8 |
| #define | OLDPFLOG_HDRLEN sizeof(struct _OldPflog_hdr) |
| #define | PFLOG_HDRLEN sizeof(struct _Pflog_hdr) |
| #define | LINUX_SLL_HOST 0 |
| #define | LINUX_SLL_BROADCAST 1 |
| #define | LINUX_SLL_MULTICAST 2 |
| #define | LINUX_SLL_OTHERHOST 3 |
| #define | LINUX_SLL_OUTGOING 4 |
| #define | LINUX_SLL_P_802_3 0x0001 |
| #define | LINUX_SLL_P_802_2 0x0004 |
| #define | VTH_PRIORITY(vh) ((ntohs((vh)->vth_pri_cfi_vlan) & 0xe000) >> 13) |
| #define | VTH_CFI(vh) ((ntohs((vh)->vth_pri_cfi_vlan) & 0x0100) >> 12) |
| #define | VTH_VLAN(vh) ((ntohs((vh)->vth_pri_cfi_vlan) & 0x0FFF)) |
| #define | IP_VER(iph) (((iph)->ip_verhl & 0xf0) >> 4) |
| #define | IP_HLEN(iph) ((iph)->ip_verhl & 0x0f) |
| #define | SET_IP_VER(iph, value) ((iph)->ip_verhl = (((iph)->ip_verhl & 0x0f) | (value << 4))) |
| #define | SET_IP_HLEN(iph, value) ((iph)->ip_verhl = (((iph)->ip_verhl & 0xf0) | (value & 0x0f))) |
| #define | TCP_OFFSET(tcph) (((tcph)->th_offx2 & 0xf0) >> 4) |
| #define | TCP_X2(tcph) ((tcph)->th_offx2 & 0x0f) |
| #define | SET_TCP_OFFSET(tcph, value) ((tcph)->th_offx2 = (((tcph)->th_offx2 & 0x0f) | (value << 4))) |
| #define | SET_TCP_X2(tcph, value) ((tcph)->th_offx2 = (((tcph)->th_offx2 & 0xf0) | (value & 0x0f))) |
| #define | s_icmp_pptr icmp_hun.pptr |
| #define | s_icmp_gwaddr icmp_hun.gwaddr |
| #define | s_icmp_id icmp_hun.idseq.id |
| #define | s_icmp_seq icmp_hun.idseq.seq |
| #define | s_icmp_void icmp_hun.sih_void |
| #define | s_icmp_pmvoid icmp_hun.pmtu.ipm_void |
| #define | s_icmp_nextmtu icmp_hun.pmtu.nextmtu |
| #define | s_icmp_num_addrs icmp_hun.rtradv.num_addrs |
| #define | s_icmp_wpa icmp_hun.rtradv.wpa |
| #define | s_icmp_lifetime icmp_hun.rtradv.lifetime |
| #define | s_icmp_otime icmp_dun.ts.otime |
| #define | s_icmp_rtime icmp_dun.ts.rtime |
| #define | s_icmp_ttime icmp_dun.ts.ttime |
| #define | s_icmp_ip icmp_dun.ih_ip |
| #define | s_icmp_radv icmp_dun.radv |
| #define | s_icmp_mask icmp_dun.mask |
| #define | s_icmp_data icmp_dun.data |
| #define | DECODE_BLEN 65535 |
| #define | URI_COUNT 5 |
| #define | HTTPURI_PIPELINE_REQ 0x01 |
| #define | DECODE_CLASS 25 |
| #define | ALERTMSG_LENGTH 256 |
Typedefs | |
| typedef _Trh_llc | Trh_llc |
| typedef _Trh_mr | Trh_mr |
| typedef _Trh_hdr | Trh_hdr |
| typedef _Fddi_hdr | Fddi_hdr |
| typedef _Fddi_llc_saps | Fddi_llc_saps |
| typedef _Fddi_llc_sna | Fddi_llc_sna |
| typedef _Fddi_llc_other | Fddi_llc_other |
| typedef _Fddi_llc_iparp | Fddi_llc_iparp |
| typedef _SLLHdr | SLLHdr |
| typedef _OldPflog_hdr | OldPflogHdr |
| typedef _Pflog_hdr | PflogHdr |
| typedef _VlanTagHdr | VlanTagHdr |
| typedef _EthLlc | EthLlc |
| typedef _EthLlcOther | EthLlcOther |
| typedef _EtherHdr | EtherHdr |
| typedef _WifiHdr | WifiHdr |
| typedef _IPHdr | IPHdr |
| typedef _TCPHdr | TCPHdr |
| typedef _UDPHdr | UDPHdr |
| typedef _ICMPHdr | ICMPHdr |
| typedef _ARPHdr | ARPHdr |
| typedef _EtherARP | EtherARP |
| typedef _EtherEapol | EtherEapol |
| typedef _EAPHdr | EAPHdr |
| typedef _EapolKey | EapolKey |
| typedef _Options | Options |
| typedef _PPPoEHdr | PPPoEHdr |
| typedef _PPPoE_Tag | PPPoE_Tag |
| typedef _HttpUri | HttpUri |
| typedef _Packet | Packet |
| typedef s_pseudoheader | PSEUDO_HDR |
| typedef _DecoderFlags | DecoderFlags |
| typedef _PortList | PortList |
Functions | |
| void | InitDecoderFlags (void) |
| void | DecodeTRPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeFDDIPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeLinuxSLLPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeEthPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeIEEE80211Pkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeVlan (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodePppPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodePppSerialPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodePppPktEncapsulated (Packet *, const u_int32_t, u_int8_t *) |
| void | DecodeSlipPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeNullPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeRawPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeI4LRawIPPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeI4LCiscoIPPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeChdlcPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodePflog (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeOldPflog (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeIP (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodeARP (u_int8_t *, u_int32_t, Packet *) |
| void | DecodeEapol (u_int8_t *, u_int32_t, Packet *) |
| void | DecodeEapolKey (u_int8_t *, u_int32_t, Packet *) |
| void | DecodeIPV6 (u_int8_t *, u_int32_t) |
| void | DecodeIPX (u_int8_t *, u_int32_t) |
| void | DecodeEthLoopback (u_int8_t *, u_int32_t) |
| void | DecodeTCP (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodeUDP (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodeEAP (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodeICMP (u_int8_t *, const u_int32_t, Packet *) |
| void | DecodeIPOptions (u_int8_t *, u_int32_t, Packet *) |
| void | DecodeTCPOptions (u_int8_t *, u_int32_t, Packet *) |
| void | DecodePPPoEPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
| void | DecodeEncPkt (Packet *, struct pcap_pkthdr *, u_int8_t *) |
|
|
|
|
|
Definition at line 1189 of file decode.h. Referenced by AlertUnixSock(). |
|
|
Definition at line 372 of file decode.h. Referenced by DetectARPattacks(), and PrintArpHeader(). |
|
|
Definition at line 371 of file decode.h. Referenced by DetectARPattacks(), and PrintArpHeader(). |
|
|
Definition at line 374 of file decode.h. Referenced by PrintArpHeader(). |
|
|
Definition at line 373 of file decode.h. Referenced by PrintArpHeader(). |
|
|
Definition at line 149 of file decode.h. Referenced by DecodePppPkt(), and DecodePppSerialPkt(). |
|
|
Definition at line 148 of file decode.h. Referenced by DecodeChdlcPkt(). |
|
|
Definition at line 147 of file decode.h. Referenced by DecodeChdlcPkt(). |
|
|
Definition at line 150 of file decode.h. Referenced by DecodePppPkt(), and DecodePppSerialPkt(). |
|
|
Definition at line 146 of file decode.h. Referenced by DecodeChdlcPkt(). |
|
|
Definition at line 1060 of file decode.h. Referenced by NormalizeTelnet(). |
|
|
Definition at line 1171 of file decode.h. Referenced by DecodeARP(), DecodeEAP(), DecodeEapol(), DecodeEapolKey(), DecodeICMP(), DecodeIEEE80211Pkt(), DecodeIP(), DecodeIPOptions(), DecodePPPoEPkt(), DecodeTCP(), DecodeTCPOptions(), DecodeTRPkt(), DecodeUDP(), DecodeVlan(), and IPHdrTests(). |
|
|
|
|
|
|
|
|
Definition at line 135 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 132 of file decode.h. Referenced by DecodeEAP(), and PrintEAPHeader(). |
|
|
Definition at line 133 of file decode.h. Referenced by DecodeEAP(), and PrintEAPHeader(). |
|
|
Definition at line 134 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 142 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 137 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 140 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 139 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 138 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 141 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 143 of file decode.h. Referenced by PrintEAPHeader(). |
|
|
Definition at line 129 of file decode.h. Referenced by PrintEapolHeader(). |
|
|
Definition at line 125 of file decode.h. Referenced by DecodeEapol(), PrintEapolHeader(), and PrintEapolPkt(). |
|
|
Definition at line 128 of file decode.h. Referenced by DecodeEapol(), PrintEapolHeader(), and PrintEapolPkt(). |
|
|
Definition at line 127 of file decode.h. Referenced by PrintEapolHeader(). |
|
|
Definition at line 126 of file decode.h. Referenced by PrintEapolHeader(). |
|
|
|
|
|
Definition at line 67 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and DecodeVlan(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 68 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and DecodeVlan(). |
|
|
|
|
|
|
|
|
Definition at line 73 of file decode.h. Referenced by BuildPacket(), DecodeEthPkt(), flowps_init_pkt(), flowps_mkpacket(), Frag3Rebuild(), InitFakePkt(), InitStream4Pkt(), MakePortscanPkt(), PortscanPacketInit(), and RebuildFrag(). |
|
|
Definition at line 74 of file decode.h. Referenced by DecodeVlan(). |
|
|
|
|
|
Definition at line 60 of file decode.h. Referenced by DecodeEthPkt(), DecodeFDDIPkt(), DecodeIEEE80211Pkt(), and DecodeTRPkt(). |
|
|
Definition at line 53 of file decode.h. Referenced by DecodeEthPkt(), DecodeFDDIPkt(), DecodeIEEE80211Pkt(), DecodeTRPkt(), DecodeVlan(), and WhichProto(). |
|
|
|
|
|
Definition at line 55 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 52 of file decode.h. Referenced by DecodeChdlcPkt(), DecodeEthPkt(), DecodeFDDIPkt(), DecodeIEEE80211Pkt(), DecodeTRPkt(), DecodeVlan(), DetectARPattacks(), PrintArpHeader(), ProcessHeadNode(), and WhichProto(). |
|
|
Definition at line 56 of file decode.h. Referenced by DecodeEthPkt(). |
|
|
Definition at line 57 of file decode.h. Referenced by DecodeEthPkt(). |
|
|
Definition at line 61 of file decode.h. Referenced by DecodeEthPkt(). |
|
|
Definition at line 58 of file decode.h. Referenced by DecodeEthPkt(), and DecodePPPoEPkt(). |
|
|
Definition at line 59 of file decode.h. Referenced by DecodeEthPkt(), and DecodePPPoEPkt(). |
|
|
Definition at line 54 of file decode.h. Referenced by DecodeEthPkt(), DecodeFDDIPkt(), DecodeIEEE80211Pkt(), DecodeTRPkt(), and DecodeVlan(). |
|
|
Definition at line 523 of file decode.h. Referenced by PrintTcpOptions(). |
|
|
Definition at line 535 of file decode.h. Referenced by GetTcpTimestamp(), and PrintTcpOptions(). |
|
|
|
|
|
|
|
|
Definition at line 361 of file decode.h. Referenced by DecodeFDDIPkt(). |
|
|
Definition at line 357 of file decode.h. Referenced by DecodeFDDIPkt(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 362 of file decode.h. Referenced by DecodeFDDIPkt(). |
|
|
Definition at line 358 of file decode.h. Referenced by DecodeFDDIPkt(). |
|
|
|
|
|
Definition at line 1065 of file decode.h. Referenced by fpEvalHeaderSW(), and SnortHttpInspect(). |
|
|
Definition at line 410 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), PrintICMPHeader(), and ps_tracker_update_icmp(). |
|
|
Definition at line 411 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 398 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), PrintICMPHeader(), ps_filter_ignore(), ps_get_proto_index(), ps_tracker_update_icmp(), ps_tracker_update_ip(), and ps_tracker_update_udp(). |
|
|
|
|
|
|
|
|
Definition at line 419 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 193 of file decode.h. Referenced by DecodeICMP(). |
|
|
Definition at line 423 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 422 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 427 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 416 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 409 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 408 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), PrintICMPHeader(), and ps_tracker_update_icmp(). |
|
|
Definition at line 421 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 426 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 415 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 444 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 442 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 443 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 405 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 428 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 425 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 424 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 418 of file decode.h. Referenced by IcmpFileName(), PrintICMPHeader(), ps_get_proto_index(), and ps_tracker_update_udp(). |
|
|
Definition at line 430 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 429 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 417 of file decode.h. Referenced by IcmpFileName(), PrintICMPHeader(), ps_get_proto_index(), and ps_tracker_update_ip(). |
|
|
Definition at line 435 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 434 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 437 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 436 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
|
|
|
Definition at line 402 of file decode.h. Referenced by DecodeICMP(), and PrintICMPHeader(). |
|
|
Definition at line 403 of file decode.h. Referenced by DecodeICMP(), and PrintICMPHeader(). |
|
|
Definition at line 399 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 420 of file decode.h. Referenced by IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 404 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 440 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 439 of file decode.h. Referenced by PrintICMPHeader(). |
|
|
Definition at line 406 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), PrintICMPHeader(), and ps_tracker_update_icmp(). |
|
|
Definition at line 407 of file decode.h. Referenced by DecodeICMP(), IcmpFileName(), and PrintICMPHeader(). |
|
|
Definition at line 78 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 190 of file decode.h. Referenced by BuildPacket(), CheckFragOffset(), DecodeIP(), DecodeIPOnly(), DecodePppPktEncapsulated(), flowps_mkpacket(), InitFakePkt(), and InitStream4Pkt(). |
|
|
Definition at line 832 of file decode.h. Referenced by Database(), DecodeIP(), DecodeIPOnly(), DecodeUDP(), Frag3CheckFirstLast(), Frag3Insert(), Frag3NewTracker(), Frag3Rebuild(), MakePortscanPkt(), PayloadReplace(), PrintICMPHeader(), PrintIPHeader(), PrintIPPkt(), and RealAlertCSV(). |
|
|
Definition at line 199 of file decode.h. Referenced by flowps_init_pkt(), Frag3Insert(), Frag3Rebuild(), InitFakePkt(), InitStream4Pkt(), MakeOpenPortInfo(), MakeProtoInfo(), PortscanPacketInit(), and UnifiedLogData(). |
|
|
Definition at line 195 of file decode.h. Referenced by Frag3HandleIPOptions(). |
|
|
Definition at line 831 of file decode.h. Referenced by Database(), DecodeIP(), and DecodeIPOnly(). |
|
|
Definition at line 337 of file decode.h. Referenced by DecodeTRPkt(). |
|
|
Definition at line 448 of file decode.h. Referenced by DecodeIPOptions(), ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 472 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 476 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 452 of file decode.h. Referenced by DecodeIPOptions(), ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 456 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 460 of file decode.h. Referenced by DecodeIPOptions(), and PrintIpOptions(). |
|
|
Definition at line 480 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 468 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 484 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
Definition at line 464 of file decode.h. Referenced by ParseIpOptionData(), and PrintIpOptions(). |
|
|
|
|
|
Definition at line 746 of file decode.h. Referenced by PrintSLLHeader(). |
|
|
Definition at line 745 of file decode.h. Referenced by PrintSLLHeader(). |
|
|
Definition at line 747 of file decode.h. Referenced by PrintSLLHeader(). |
|
|
Definition at line 748 of file decode.h. Referenced by PrintSLLHeader(). |
|
|
Definition at line 749 of file decode.h. Referenced by PrintSLLHeader(). |
|
|
|
|
|
|
|
|
|
|
|
Definition at line 331 of file decode.h. Referenced by OpenPcap(). |
|
|
Definition at line 77 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
|
|
|
|
|
|
|
|
|
Definition at line 179 of file decode.h. Referenced by DecodeNullPkt(). |
|
|
Definition at line 718 of file decode.h. Referenced by DecodeOldPflog(). |
|
|
Definition at line 739 of file decode.h. Referenced by DecodePflog(). |
|
|
Definition at line 560 of file decode.h. Referenced by ByteJump(), ByteTest(), CheckANDPatternMatch(), CheckORPatternMatch(), fpEvalHeaderSW(), FTPBounce(), IsDataAt(), NormalizeTelnet(), and SnortPcre(). |
|
|
Definition at line 551 of file decode.h. Referenced by CreateNewSession(). |
|
|
Definition at line 557 of file decode.h. Referenced by Frag2Defrag(), and InsertFrag(). |
|
|
Definition at line 554 of file decode.h. Referenced by BuildPacket(), CheckFromClient(), CheckFromServer(), ReassembleStream4(), and SetSiInput(). |
|
|
Definition at line 552 of file decode.h. Referenced by BuildPacket(), CheckFromClient(), CheckFromServer(), PreprocRpcDecode(), ps_filter_ignore(), ps_tracker_update_tcp(), ReassembleStream4(), and SetSiInput(). |
|
|
Definition at line 556 of file decode.h. Referenced by SnortHttpInspect(). |
|
|
Definition at line 564 of file decode.h. Referenced by DecodeTCP(), DecodeUDP(), and ProcessPacket(). |
|
|
Definition at line 565 of file decode.h. Referenced by BoFind(), BoGetDirection(), DropAction(), ParseXLink2State(), and XLINK2STATE_ProcessPacket(). |
|
|
|
|
|
Definition at line 566 of file decode.h. Referenced by ObfuscatePacket(). |
|
|
Definition at line 540 of file decode.h. Referenced by fpFragAlerted(), Frag2Defrag(), Frag3Defrag(), Frag3Rebuild(), ProcessPacket(), and RebuildFrag(). |
|
|
|
Definition at line 550 of file decode.h. Referenced by BuildPacket(), fpEvalOTN(), ps_filter_ignore(), ps_tracker_update_tcp(), ReassembleStream4(), ResetFlowbits(), and TcpAction(). |
|
|
Definition at line 559 of file decode.h. Referenced by fpEvalHeaderSW(), SnortXLINK2STATE(), and StoreStreamPkt(). |
|
|
Definition at line 563 of file decode.h. Referenced by ps_filter_ignore(), ps_tracker_update_tcp(), TcpAction(), and TcpActionAsync(). |
|
|
Definition at line 546 of file decode.h. Referenced by ReassembleStream4(). |
|
|
Definition at line 542 of file decode.h. Referenced by fpLogEvent(), NotForStream4(), and ReassembleStream4(). |
|
|
Definition at line 165 of file decode.h. Referenced by DecodePppSerialPkt(). |
|
|
Definition at line 168 of file decode.h. Referenced by DecodePppPktEncapsulated(). |
|
|
Definition at line 171 of file decode.h. Referenced by DecodePppPktEncapsulated(). |
|
|
|
|
|
Definition at line 169 of file decode.h. Referenced by DecodePppPktEncapsulated(). |
|
|
Definition at line 170 of file decode.h. Referenced by DecodePppPktEncapsulated(). |
|
|
Definition at line 378 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 379 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 380 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 381 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 382 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 377 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 75 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 389 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 387 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 393 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 385 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 394 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 388 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 391 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 386 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 392 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 390 of file decode.h. Referenced by DecodePPPoEPkt(). |
|
|
Definition at line 332 of file decode.h. Referenced by OpenPcap(). |
|
|
Definition at line 333 of file decode.h. Referenced by OpenPcap(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 836 of file decode.h. Referenced by flowps_init_pkt(), Frag3Rebuild(), InitFakePkt(), and InitStream4Pkt(). |
|
|
Definition at line 835 of file decode.h. Referenced by flowps_init_pkt(), InitFakePkt(), and InitStream4Pkt(). |
|
|
Definition at line 872 of file decode.h. Referenced by InitFakePkt(), and InitStream4Pkt(). |
|
|
|
|
|
Definition at line 81 of file decode.h. Referenced by DecodeSlipPkt(). |
|
|
|
|
|
|
|
|
Definition at line 326 of file decode.h. Referenced by AlertUnixSock(), OpenPcap(), and ShowUsage(). |
|
|
|
|
|
Definition at line 191 of file decode.h. Referenced by BuildPacket(), InitFakePkt(), and InitStream4Pkt(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 868 of file decode.h. Referenced by Database(), DecodeTCP(), PrintEmbeddedTCPHeader(), PrintTCPHeader(), and RealAlertCSV(). |
|
|
Definition at line 279 of file decode.h. Referenced by DecodeIPOptions(), DecodeTCPOptions(), and OptLenValidate(). |
|
|
Definition at line 278 of file decode.h. Referenced by DecodeIPOptions(), DecodeTCPOptions(), and OptLenValidate(). |
|
|
Definition at line 196 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 869 of file decode.h. Referenced by Database(). |
|
|
Definition at line 253 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
|
|
|
|
|
|
Definition at line 235 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
|
|
|
|
|
|
Definition at line 224 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 265 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
|
|
|
|
|
|
|
|
|
Definition at line 230 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 241 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 262 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
|
|
|
Definition at line 227 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 257 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 259 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 250 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 252 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 251 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 520 of file decode.h. Referenced by PrintTcpOptions(). |
|
|
Definition at line 517 of file decode.h. Referenced by PrintTcpOptions(). |
|
|
|
|
|
Definition at line 271 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 234 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 237 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 217 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 223 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 264 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 220 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 243 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 246 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 270 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 232 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 229 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
Definition at line 268 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 269 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 258 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 273 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 240 of file decode.h. Referenced by DecodeTCPOptions(), GetTcpTimestamp(), and PrintTcpOptions(). |
|
|
Definition at line 261 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
|
|
|
Definition at line 274 of file decode.h. Referenced by DecodeTCPOptions(). |
|
|
Definition at line 226 of file decode.h. Referenced by DecodeTCPOptions(), and PrintTcpOptions(). |
|
|
|
|
|
|
|
|
Definition at line 210 of file decode.h. Referenced by GetDirection(), ReassembleStream4(), and UpdateStateAsync(). |
|
|
|
|
|
Definition at line 209 of file decode.h. Referenced by CreateNewSession(), CreateTCPFlagString(), and flowps_tcp_penalty(). |
|
|
Definition at line 208 of file decode.h. Referenced by CreateNewSession(), CreateTCPFlagString(), flowps_tcp_penalty(), and UpdateState2(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 79 of file decode.h. Referenced by DecodeTRPkt(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 614 of file decode.h. Referenced by PrintTrHeader(). |
|
|
Definition at line 616 of file decode.h. Referenced by PrintTrHeader(). |
|
|
Definition at line 615 of file decode.h. Referenced by DecodeTRPkt(), and PrintTrHeader(). |
|
|
Definition at line 617 of file decode.h. Referenced by PrintTrHeader(). |
|
|
Definition at line 618 of file decode.h. Referenced by PrintTrHeader(). |
|
|
|
|
|
Definition at line 192 of file decode.h. Referenced by DecodeUDP(), and PrintUDPHeader(). |
|
|
Definition at line 1063 of file decode.h. Referenced by fpEvalHeaderSW(), SnortHttpInspect(), and SnortPcre(). |
|
|
Definition at line 765 of file decode.h. Referenced by DecodeVlan(). |
|
|
Definition at line 764 of file decode.h. Referenced by DecodeVlan(). |
|
|
Definition at line 766 of file decode.h. Referenced by DecodeVlan(). |
|
|
Definition at line 117 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 116 of file decode.h. Referenced by PrintArpHeader(), and PrintWifiHeader(). |
|
|
Definition at line 120 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 122 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 119 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 118 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 115 of file decode.h. Referenced by PrintArpHeader(), and PrintWifiHeader(). |
|
|
Definition at line 121 of file decode.h. Referenced by PrintWifiHeader(). |
|
|
Definition at line 100 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 102 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 101 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 99 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 97 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 98 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 111 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 109 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 110 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 104 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 107 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 105 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 106 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 108 of file decode.h. Referenced by DecodeIEEE80211Pkt(). |
|
|
Definition at line 85 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 86 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 92 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 94 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 91 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 95 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 93 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 89 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 90 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 87 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
Definition at line 88 of file decode.h. Referenced by DecodeIEEE80211Pkt(), and PrintWifiHeader(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||||
|
Definition at line 3051 of file decode.c. References _Packet::ah, _PacketCount::arp, DEBUG_DECODE, DEBUG_WRAP, _DecoderFlags::decode_alerts, DECODE_ARP_TRUNCATED, DECODE_ARP_TRUNCATED_STR, DECODE_CLASS, _progvars::decoder_flags, _PacketCount::discards, _DecoderFlags::drop_alerts, ErrorMessage(), GENERATOR_SNORT_DECODE, InlineDrop(), InlineMode(), MODE_IDS, pc, pv, runMode, SnortEventqAdd(), and _progvars::verbose_flag. Referenced by DecodeEthPkt(), DecodeIEEE80211Pkt(), and DecodeVlan(). |
|
||||||||||||||||
|
Definition at line 1872 of file decode.c. References bzero, CHDLC_ADDR_MULTICAST, CHDLC_ADDR_UNICAST, CHDLC_HEADER_LEN, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), ErrorMessage(), ETHERNET_TYPE_IP, _PacketCount::other, pc, pv, and _progvars::verbose_flag. Referenced by DecodePppSerialPkt(), and SetPktProcessor(). |
|
||||||||||||||||
|
|
|
||||||||||||||||
|
Definition at line 3091 of file decode.c. References DEBUG_DECODE, DEBUG_WRAP, _DecoderFlags::decode_alerts, DECODE_CLASS, DECODE_EAPOL_TRUNCATED, DECODE_EAPOL_TRUNCATED_STR, DecodeEAP(), DecodeEapolKey(), _progvars::decoder_flags, _PacketCount::discards, _DecoderFlags::drop_alerts, _PacketCount::eapol, EAPOL_TYPE_EAP, EAPOL_TYPE_KEY, _EtherEapol::eaptype, _Packet::eplh, ErrorMessage(), GENERATOR_SNORT_DECODE, InlineDrop(), InlineMode(), MODE_IDS, pc, pv, runMode, SnortEventqAdd(), and _progvars::verbose_flag. Referenced by DecodeIEEE80211Pkt(). |
|
||||||||||||||||
|
Definition at line 3135 of file decode.c. References DEBUG_DECODE, DEBUG_WRAP, _DecoderFlags::decode_alerts, DECODE_CLASS, DECODE_EAPKEY_TRUNCATED, DECODE_EAPKEY_TRUNCATED_STR, _progvars::decoder_flags, _PacketCount::discards, _DecoderFlags::drop_alerts, _Packet::eapolk, GENERATOR_SNORT_DECODE, InlineDrop(), InlineMode(), MODE_IDS, pc, pv, runMode, SnortEventqAdd(), and _progvars::verbose_flag. Referenced by DecodeEapol(). |
|
||||||||||||||||
|
Referenced by SetPktProcessor(). |
|
||||||||||||
|
Definition at line 3232 of file decode.c. References DEBUG_DECODE, DEBUG_WRAP, _PacketCount::ethloopback, and pc. Referenced by DecodeEthPkt(). |
|
||||||||||||||||
|
Definition at line 60 of file decode.c. References bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeARP(), DecodeEthLoopback(), DecodeIP(), DecodeIPV6(), DecodeIPX(), DecodePPPoEPkt(), DecodeVlan(), ErrorMessage(), ETHERNET_HEADER_LEN, ETHERNET_TYPE_8021Q, ETHERNET_TYPE_ARP, ETHERNET_TYPE_IP, ETHERNET_TYPE_IPV6, ETHERNET_TYPE_IPX, ETHERNET_TYPE_LOOP, ETHERNET_TYPE_PPPoE_DISC, ETHERNET_TYPE_PPPoE_SESS, ETHERNET_TYPE_REVARP, pcap_pkthdr::len, _PacketCount::other, pc, pv, snaplen, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 836 of file decode.c. References _PacketCount::arp, bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), DecodeVlan(), ErrorMessage(), ETHERNET_TYPE_8021Q, ETHERNET_TYPE_ARP, ETHERNET_TYPE_IP, ETHERNET_TYPE_REVARP, FDDI_DSAP_IP, FDDI_DSAP_SNA, FDDI_SSAP_IP, FDDI_SSAP_SNA, pcap_pkthdr::len, _PacketCount::other, pc, pv, snaplen, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1837 of file decode.c. References bzero, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), _PacketCount::other, and pc. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1800 of file decode.c. References bzero, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), _PacketCount::other, and pc. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
|
|
||||||||||||||||
|
||||||||||||||||
|
|
|
||||||||||||||||
|
||||||||||||
|
Definition at line 3214 of file decode.c. References DEBUG_DECODE, DEBUG_WRAP, _PacketCount::ipv6, and pc. Referenced by DecodeEthPkt(), DecodeOldPflog(), and DecodePflog(). |
|
||||||||||||
|
Definition at line 3251 of file decode.c. References DEBUG_DECODE, DEBUG_WRAP, _PacketCount::ipx, and pc. Referenced by DecodeEthPkt(), and DecodePppPktEncapsulated(). |
|
||||||||||||||||
|
Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 576 of file decode.c. References bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), ErrorMessage(), pcap_pkthdr::len, NULL_HDRLEN, pv, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1098 of file decode.c. References bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), DecodeIPV6(), ErrorMessage(), pcap_pkthdr::len, OLDPFLOG_HDRLEN, _PacketCount::other, pc, pv, snaplen, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1171 of file decode.c. References bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), DecodeIPV6(), ErrorMessage(), pcap_pkthdr::len, _PacketCount::other, pc, PFLOG_HDRLEN, pv, snaplen, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
||||||||||||||||
|
Definition at line 1638 of file decode.c. References bzero, CHDLC_ADDR_BROADCAST, CHDLC_CTRL_UNNUMBERED, DEBUG_DECODE, DEBUG_WRAP, DecodePppPktEncapsulated(), ErrorMessage(), pv, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
|
|
||||||||||||||||
|
Definition at line 1686 of file decode.c. References bzero, CHDLC_ADDR_BROADCAST, CHDLC_CTRL_UNNUMBERED, DEBUG_DECODE, DEBUG_WRAP, DecodeChdlcPkt(), DecodePppPktEncapsulated(), ErrorMessage(), PPP_HDRLEN, pv, and _progvars::verbose_flag. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1770 of file decode.c. References bzero, DEBUG_DECODE, DEBUG_WRAP, and DecodeIP(). Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
Definition at line 1728 of file decode.c. References bzero, pcap_pkthdr::caplen, DEBUG_DECODE, DEBUG_WRAP, DecodeIP(), ErrorMessage(), pcap_pkthdr::len, and SLIP_HEADER_LEN. Referenced by SetPktProcessor(). |
|
||||||||||||||||
|
|
|
||||||||||||||||
|
||||||||||||||||
|
||||||||||||||||
|
|
|
||||||||||||||||
|
|
|
|
Setup all the flags for the decoder alerts Definition at line 3702 of file decode.c. References _DecoderFlags::decode_alerts, _progvars::decoder_flags, _DecoderFlags::drop_alerts, _DecoderFlags::drop_ipopt_decode, _DecoderFlags::drop_tcpopt_decode, _DecoderFlags::drop_tcpopt_experiment, _DecoderFlags::drop_tcpopt_obsolete, _DecoderFlags::drop_tcpopt_ttcp, _DecoderFlags::ipopt_decode, pv, _DecoderFlags::tcpopt_decode, _DecoderFlags::tcpopt_experiment, _DecoderFlags::tcpopt_obsolete, and _DecoderFlags::tcpopt_ttcp. Referenced by SnortMain(). |
1.4.2