#include <sys/types.h>#include <stdlib.h>#include <rpc/types.h>#include <string.h>#include <ctype.h>#include "decode.h"#include "rules.h"#include "debug.h"#include "util.h"#include "generators.h"#include "log.h"#include "ubi_SplayTree.h"Go to the source code of this file.
Defines | |
| #define | INLINE inline |
| #define | TAG_SESSION 1 |
| #define | TAG_HOST 2 |
| #define | TAG_HOST_SRC 3 |
| #define | TAG_HOST_DST 4 |
| #define | TAG_METRIC_SECONDS 1 |
| #define | TAG_METRIC_PACKETS 2 |
| #define | TAG_METRIC_BYTES 4 |
| #define | MAX_TAG_NODES 256 |
| #define | TAG_PRUNE_QUANTUM 300 |
| #define | TAG_MEMCAP 4194304 |
Typedefs | |
| typedef _PruneData | PruneData |
| typedef _TagNode | TagNode |
Functions | |
| static void * | TagAlloc (unsigned long) |
| static int | PruneTagCache (u_int32_t, int) |
| static int | PruneTime (ubi_trRootPtr, u_int32_t) |
| static void | TagSession (Packet *, TagData *, u_int32_t, u_int16_t) |
| static void | TagHost (Packet *, TagData *, u_int32_t, u_int16_t) |
| static void | AddTagNode (Packet *, TagData *, int, u_int32_t, u_int16_t) |
| static INLINE void | SwapTag (TagNode *) |
| static int | TagCompareSession (ubi_trItemPtr ItemPtr, ubi_trNodePtr NodePtr) |
| static int | TagCompareHost (ubi_trItemPtr ItemPtr, ubi_trNodePtr NodePtr) |
| void | InitTag () |
| int | CheckTagList (Packet *p, Event *event) |
| void | SetTags (Packet *p, OptTreeNode *otn, u_int16_t event_id) |
| void | ParseTag (char *args, OptTreeNode *otn) |
Variables | |
| static ubi_trRoot | host_tag_cache |
| static ubi_trRootPtr | host_tag_cache_ptr = &host_tag_cache |
| static ubi_trRoot | ssn_tag_cache |
| static ubi_trRootPtr | ssn_tag_cache_ptr = &ssn_tag_cache |
| static u_int32_t | last_prune_time |
| static u_int32_t | tag_alloc_faults |
| static u_int32_t | tag_memory_usage |
| char | check_tags_flag |
| char * | file_name |
| int | file_line |
|
|
|
|
|
|
|
|
Definition at line 57 of file tag.c. Referenced by ParseTag(), and SetTags(). |
|
|
Definition at line 59 of file tag.c. Referenced by AddTagNode(), ParseTag(), and TagHost(). |
|
|
Definition at line 58 of file tag.c. Referenced by ParseTag(), and TagHost(). |
|
|
Definition at line 72 of file tag.c. Referenced by TagAlloc(). |
|
|
Definition at line 63 of file tag.c. Referenced by AddTagNode(), CheckTagList(), and ParseTag(). |
|
|
Definition at line 62 of file tag.c. Referenced by AddTagNode(), CheckTagList(), and ParseTag(). |
|
|
Definition at line 61 of file tag.c. Referenced by AddTagNode(), CheckTagList(), and ParseTag(). |
|
|
Definition at line 71 of file tag.c. Referenced by CheckTagList(), and PruneTime(). |
|
|
Definition at line 56 of file tag.c. Referenced by AddTagNode(), ParseTag(), SetTags(), and TagSession(). |
|
|
|
|
|
|
|
||||||||||||||||||||||||
|
||||||||||||
|
|
Definition at line 307 of file tag.c. References host_tag_cache_ptr, ssn_tag_cache_ptr, TagCompareHost(), TagCompareSession(), and ubi_trInitTree. Referenced by SnortMain(). |
|
||||||||||||
|
Definition at line 736 of file tag.c. References DEBUG_FLOW, DEBUG_PLUGIN, DEBUG_RULES, DEBUG_WRAP, FatalError(), file_line, file_name, NULL, strncasecmp, _OptTreeNode::tag, _TagData::tag_bytes, _TagData::tag_direction, TAG_HOST, TAG_HOST_DST, TAG_HOST_SRC, _TagData::tag_metric, TAG_METRIC_BYTES, TAG_METRIC_PACKETS, TAG_METRIC_SECONDS, _TagData::tag_packets, _TagData::tag_seconds, TAG_SESSION, and _TagData::tag_type. Referenced by ParseRuleOptions(). |
|
||||||||||||
|
Definition at line 603 of file tag.c. References host_tag_cache_ptr, PruneTime(), ssn_tag_cache_ptr, tag_memory_usage, ubi_btLeafNode(), and ubi_trCount. Referenced by CheckTagList(), and TagAlloc(). |
|
||||||||||||
|
Definition at line 651 of file tag.c. References _TagNode::last_access, NULL, tag_memory_usage, TAG_PRUNE_QUANTUM, ubi_btFirst(), ubi_btNext(), ubi_sptRemove(), and ubi_trCount. Referenced by PruneTagCache(). |
|
||||||||||||||||
|
Definition at line 694 of file tag.c. References check_tags_flag, DEBUG_FLOW, DEBUG_WRAP, _Packet::dp, _IPHdr::ip_dst, _IPHdr::ip_src, _Packet::iph, LogMessage(), NULL, _Packet::pkth, _Packet::sp, _OptTreeNode::tag, TAG_HOST, TAG_SESSION, _TagData::tag_type, TagHost(), TagSession(), and pcap_pkthdr::ts. Referenced by fpLogEvent(). |
|
|
swap the sips and dips, dp's and sp's
Definition at line 224 of file tag.c. References _TagNode::dip, _TagNode::dp, _TagNode::sip, and _TagNode::sp. Referenced by AddTagNode(). |
|
|
Definition at line 147 of file tag.c. References FatalError(), gettimeofday(), NULL, PruneTagCache(), tag_alloc_faults, TAG_MEMCAP, and tag_memory_usage. Referenced by AddTagNode(). |
|
||||||||||||
|
Definition at line 287 of file tag.c. References _TagNode::sip. Referenced by InitTag(). |
|
||||||||||||
|
Definition at line 239 of file tag.c. References _TagNode::dip, _TagNode::dp, _TagNode::sip, and _TagNode::sp. Referenced by InitTag(). |
|
||||||||||||||||||||
|
Definition at line 327 of file tag.c. References AddTagNode(), DEBUG_FLOW, DEBUG_WRAP, _TagData::tag_direction, TAG_HOST_DST, and TAG_HOST_SRC. Referenced by SetTags(). |
|
||||||||||||||||||||
|
Definition at line 319 of file tag.c. References AddTagNode(), DEBUG_FLOW, DEBUG_WRAP, and TAG_SESSION. Referenced by SetTags(). |
|
|
Definition at line 100 of file detect.c. Referenced by CheckTagging(), fpLogEvent(), Preprocess(), and SetTags(). |
|
|
|
|
|
external globals from rules.c |
|
|
|
|
|
Definition at line 123 of file tag.c. Referenced by AddTagNode(), CheckTagList(), InitTag(), and PruneTagCache(). |
|
|
Definition at line 128 of file tag.c. Referenced by CheckTagList(). |
|
|
|
|
|
Definition at line 126 of file tag.c. Referenced by AddTagNode(), CheckTagList(), InitTag(), and PruneTagCache(). |
|
|
Definition at line 129 of file tag.c. Referenced by TagAlloc(). |
|
|
Definition at line 130 of file tag.c. Referenced by AddTagNode(), CheckTagList(), PruneTagCache(), PruneTime(), and TagAlloc(). |
1.4.2