本文整理汇总了C++中PKT_IS_IPV4函数的典型用法代码示例。如果您正苦于以下问题:C++ PKT_IS_IPV4函数的具体用法?C++ PKT_IS_IPV4怎么用?C++ PKT_IS_IPV4使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了PKT_IS_IPV4函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: SCEnter
/**
* \brief Search for a threshold data into threshold hash table
*
* \param de_ctx Dectection Context
* \param tsh_ptr Threshold element
* \param p Packet structure
*
* \retval lookup_tsh Return the threshold element
*/
DetectThresholdEntry *ThresholdHashSearch(DetectEngineCtx *de_ctx, DetectThresholdEntry *tsh_ptr, Packet *p)
{
SCEnter();
DetectThresholdEntry *lookup_tsh = NULL;
SCLogDebug("tsh_ptr->track %u", tsh_ptr->track);
if (tsh_ptr->track == TRACK_DST) {
if (PKT_IS_IPV4(p)) {
SCLogDebug("ipv4 dst");
lookup_tsh = HashListTableLookup(de_ctx->ths_ctx.threshold_hash_table_dst, tsh_ptr, sizeof(DetectThresholdEntry));
} else if (PKT_IS_IPV6(p)) {
lookup_tsh = HashListTableLookup(de_ctx->ths_ctx.threshold_hash_table_dst_ipv6, tsh_ptr, sizeof(DetectThresholdEntry));
}
} else if (tsh_ptr->track == TRACK_SRC) {
if (PKT_IS_IPV4(p)) {
SCLogDebug("ipv4 src");
lookup_tsh = HashListTableLookup(de_ctx->ths_ctx.threshold_hash_table_src, tsh_ptr, sizeof(DetectThresholdEntry));
} else if (PKT_IS_IPV6(p))
lookup_tsh = HashListTableLookup(de_ctx->ths_ctx.threshold_hash_table_src_ipv6, tsh_ptr, sizeof(DetectThresholdEntry));
} else {
SCLogDebug("no track, weird");
}
SCReturnPtr(lookup_tsh, "DetectThresholdEntry");
}示例2: PacketAlertHandle
/**
* \brief Handle a packet and check if needs a threshold logic
* Also apply rule action if necessary.
*
* \param de_ctx Detection Context
* \param sig Signature pointer
* \param p Packet structure
*
* \retval 1 alert is not suppressed
* \retval 0 alert is suppressed
*/
static int PacketAlertHandle(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, Packet *p, uint16_t pos)
{
SCEnter();
int ret = 1;
DetectThresholdData *td = NULL;
SigMatch *sm = NULL;
if (!(PKT_IS_IPV4(p) || PKT_IS_IPV6(p))) {
SCReturnInt(1);
}
do {
td = SigGetThresholdTypeIter(s, p, &sm);
if (td != NULL) {
SCLogDebug("td %p", td);
/* PacketAlertThreshold returns 2 if the alert is suppressed but
* we do need to apply rule actions to the packet. */
ret = PacketAlertThreshold(de_ctx, det_ctx, td, p, s);
if (ret == 0 || ret == 2) {
/* It doesn't match threshold, remove it */
SCReturnInt(ret);
}
}
} while (sm != NULL);
SCReturnInt(1);
}示例3: StreamTcpInlineRecalcCsum
/**
* \brief Recalculate the csum for a modified packet
*
* \param p packet to inspect
*/
void StreamTcpInlineRecalcCsum(Packet *p) {
if (!(p->flags & PKT_STREAM_MODIFIED)) {
SCReturn;
}
if (!(PKT_IS_TCP(p))) {
SCReturn;
}
if (PKT_IS_IPV4(p)) {
/* TCP */
p->tcph->th_sum = 0;
p->tcph->th_sum = TCPCalculateChecksum((uint16_t *)&(p->ip4h->ip_src),
(uint16_t *)p->tcph, (p->payload_len + p->tcpvars.hlen));
/* IPV4 */
p->ip4h->ip_csum = 0;
p->ip4h->ip_csum = IPV4CalculateChecksum((uint16_t *)p->ip4h,
IPV4_GET_RAW_HLEN(p->ip4h));
} else if (PKT_IS_IPV6(p)) {
/* just TCP for IPV6 */
p->tcph->th_sum = 0;
p->tcph->th_sum = TCPV6CalculateChecksum((uint16_t *)&(p->ip6h->ip6_src),
(uint16_t *)p->tcph, (p->payload_len + p->tcpvars.hlen));
}
SCReturn;
}示例4: PacketAlertHandle
/**
* \brief Handle a packet and check if needs a threshold logic
*
* \param de_ctx Detection Context
* \param sig Signature pointer
* \param p Packet structure
*
* \retval 1 alert is not suppressed
* \retval 0 alert is suppressed
*/
static int PacketAlertHandle(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
Signature *s, Packet *p, uint16_t pos)
{
SCEnter();
int ret = 1;
DetectThresholdData *td = NULL;
SigMatch *sm = NULL;
if (!(PKT_IS_IPV4(p) || PKT_IS_IPV6(p))) {
SCReturnInt(1);
}
do {
td = SigGetThresholdTypeIter(s, p, &sm);
if (td != NULL) {
SCLogDebug("td %p", td);
ret = PacketAlertThreshold(de_ctx, det_ctx, td, p, s);
if (ret == 0) {
/* It doesn't match threshold, remove it */
PacketAlertRemove(p, pos);
break;
}
}
} while (sm != NULL);
SCReturnInt(ret);
}示例5: PrefilterPacketFragOffsetMatch
static void
PrefilterPacketFragOffsetMatch(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx)
{
if (PKT_IS_PSEUDOPKT(p))
return;
uint16_t frag;
if (PKT_IS_IPV4(p)) {
frag = IPV4_GET_IPOFFSET(p);
} else if (PKT_IS_IPV6(p)) {
if (IPV6_EXTHDR_ISSET_FH(p)) {
frag = IPV6_EXTHDR_GET_FH_OFFSET(p);
} else {
return;
}
} else {
SCLogDebug("No IPv4 or IPv6 packet");
return;
}
const PrefilterPacketHeaderCtx *ctx = pectx;
if (FragOffsetMatch(frag, ctx->v1.u8[0], ctx->v1.u16[1]))
{
PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt);
}
}示例6: ReCalculateChecksum
int ReCalculateChecksum(Packet *p)
{
if (PKT_IS_IPV4(p)) {
if (PKT_IS_TCP(p)) {
/* TCP */
p->tcph->th_sum = 0;
p->tcph->th_sum = TCPChecksum(p->ip4h->s_ip_addrs,
(uint16_t *)p->tcph, (p->payload_len + TCP_GET_HLEN(p)), 0);
} else if (PKT_IS_UDP(p)) {
p->udph->uh_sum = 0;
p->udph->uh_sum = UDPV4Checksum(p->ip4h->s_ip_addrs,
(uint16_t *)p->udph, (p->payload_len + UDP_HEADER_LEN), 0);
}
/* IPV4 */
p->ip4h->ip_csum = 0;
p->ip4h->ip_csum = IPV4Checksum((uint16_t *)p->ip4h,
IPV4_GET_RAW_HLEN(p->ip4h), 0);
} else if (PKT_IS_IPV6(p)) {
/* just TCP for IPV6 */
if (PKT_IS_TCP(p)) {
p->tcph->th_sum = 0;
p->tcph->th_sum = TCPV6Checksum(p->ip6h->s_ip6_addrs,
(uint16_t *)p->tcph, (p->payload_len + TCP_GET_HLEN(p)), 0);
} else if (PKT_IS_UDP(p)) {
p->udph->uh_sum = 0;
p->udph->uh_sum = UDPV6Checksum(p->ip6h->s_ip6_addrs,
(uint16_t *)p->udph, (p->payload_len + UDP_HEADER_LEN), 0);
}
}
return 0;
}示例7: DetectTemplateMatch
/**
* \brief This function is used to match TEMPLATE rule option on a packet
*
* \param t pointer to thread vars
* \param det_ctx pointer to the pattern matcher thread
* \param p pointer to the current packet
* \param m pointer to the sigmatch with context that we will cast into DetectTemplateData
*
* \retval 0 no match
* \retval 1 match
*/
static int DetectTemplateMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
Signature *s, const SigMatchCtx *ctx)
{
int ret = 0;
const DetectTemplateData *templated = (const DetectTemplateData *) ctx;
#if 0
if (PKT_IS_PSEUDOPKT(p)) {
/* fake pkt */
}
if (PKT_IS_IPV4(p)) {
/* ipv4 pkt */
} else if (PKT_IS_IPV6(p)) {
/* ipv6 pkt */
} else {
SCLogDebug("packet is of not IPv4 or IPv6");
return ret;
}
#endif
/* packet payload access */
if (p->payload != NULL && p->payload_len > 0) {
if (templated->arg1 == p->payload[0] &&
templated->arg2 == p->payload[p->payload_len - 1])
{
ret = 1;
}
}
return ret;
}示例8: DetectTtlMatch
/**
* \brief This function is used to match TTL rule option on a packet with those passed via ttl:
*
* \param t pointer to thread vars
* \param det_ctx pointer to the pattern matcher thread
* \param p pointer to the current packet
* \param m pointer to the sigmatch that we will cast into DetectTtlData
*
* \retval 0 no match
* \retval 1 match
*/
int DetectTtlMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p, Signature *s, SigMatch *m) {
int ret = 0;
uint8_t pttl;
DetectTtlData *ttld = (DetectTtlData *) m->ctx;
if (PKT_IS_PSEUDOPKT(p))
return 0;
if (PKT_IS_IPV4(p)) {
pttl = IPV4_GET_IPTTL(p);
} else if (PKT_IS_IPV6(p)) {
pttl = IPV6_GET_HLIM(p);
} else {
SCLogDebug("Packet is of not IPv4 or IPv6");
return ret;
}
if (ttld->mode == DETECT_TTL_EQ && pttl == ttld->ttl1)
ret = 1;
else if (ttld->mode == DETECT_TTL_LT && pttl < ttld->ttl1)
ret = 1;
else if (ttld->mode == DETECT_TTL_GT && pttl > ttld->ttl1)
ret = 1;
else if (ttld->mode == DETECT_TTL_RA && (pttl > ttld->ttl1 && pttl < ttld->ttl2))
ret = 1;
return ret;
}示例9: DetectFragOffsetMatch
/**
* \brief This function is used to match fragoffset rule option set on a packet
*
* \param t pointer to thread vars
* \param det_ctx pointer to the pattern matcher thread
* \param p pointer to the current packet
* \param m pointer to the sigmatch that we will cast into DetectFragOffsetData
*
* \retval 0 no match or frag is not set
* \retval 1 match
*
*/
int DetectFragOffsetMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p, Signature *s, const SigMatchCtx *ctx)
{
uint16_t frag = 0;
const DetectFragOffsetData *fragoff = (const DetectFragOffsetData *)ctx;
if (PKT_IS_PSEUDOPKT(p))
return 0;
if (PKT_IS_IPV4(p)) {
frag = IPV4_GET_IPOFFSET(p);
} else if (PKT_IS_IPV6(p)) {
if(IPV6_EXTHDR_FH(p)) {
frag = IPV6_EXTHDR_GET_FH_OFFSET(p);
} else {
return 0;
}
} else {
SCLogDebug("No IPv4 or IPv6 packet");
return 0;
}
switch (fragoff->mode) {
case FRAG_LESS:
if (frag < fragoff->frag_off) return 1;
break;
case FRAG_MORE:
if (frag > fragoff->frag_off) return 1;
break;
default:
if (frag == fragoff->frag_off) return 1;
}
return 0;
}示例10: PrefilterPacketTtlMatch
static void
PrefilterPacketTtlMatch(DetectEngineThreadCtx *det_ctx, Packet *p, const void *pectx)
{
if (PKT_IS_PSEUDOPKT(p)) {
SCReturn;
}
uint8_t pttl;
if (PKT_IS_IPV4(p)) {
pttl = IPV4_GET_IPTTL(p);
} else if (PKT_IS_IPV6(p)) {
pttl = IPV6_GET_HLIM(p);
} else {
SCLogDebug("Packet is of not IPv4 or IPv6");
return;
}
const PrefilterPacketHeaderCtx *ctx = pectx;
if (PrefilterPacketHeaderExtraMatch(ctx, p) == FALSE)
return;
if (TtlMatch(pttl, ctx->v1.u8[0], ctx->v1.u8[1], ctx->v1.u8[2]))
{
SCLogDebug("packet matches ttl/hl %u", pttl);
PrefilterAddSids(&det_ctx->pmq, ctx->sigs_array, ctx->sigs_cnt);
}
}示例11: LogFilestoreLogger
static int LogFilestoreLogger(ThreadVars *tv, void *thread_data, const Packet *p, const File *ff, const FileData *ffd, uint8_t flags)
{
SCEnter();
LogFilestoreLogThread *aft = (LogFilestoreLogThread *)thread_data;
char filename[PATH_MAX] = "";
int file_fd = -1;
int ipver = -1;
/* no flow, no htp state */
if (p->flow == NULL) {
SCReturnInt(TM_ECODE_OK);
}
if (PKT_IS_IPV4(p)) {
ipver = AF_INET;
} else if (PKT_IS_IPV6(p)) {
ipver = AF_INET6;
} else {
return 0;
}
SCLogDebug("ff %p, ffd %p", ff, ffd);
snprintf(filename, sizeof(filename), "%s/file.%u",
g_logfile_base_dir, ff->file_id);
if (flags & OUTPUT_FILEDATA_FLAG_OPEN) {
aft->file_cnt++;
/* create a .meta file that contains time, src/dst/sp/dp/proto */
LogFilestoreLogCreateMetaFile(p, ff, filename, ipver);
file_fd = open(filename, O_CREAT | O_TRUNC | O_NOFOLLOW | O_WRONLY, 0644);
if (file_fd == -1) {
SCLogDebug("failed to create file");
return -1;
}
/* we can get called with a NULL ffd when we need to close */
} else if (ffd != NULL) {
file_fd = open(filename, O_APPEND | O_NOFOLLOW | O_WRONLY);
if (file_fd == -1) {
SCLogDebug("failed to open file %s: %s", filename, strerror(errno));
return -1;
}
}
if (file_fd != -1) {
ssize_t r = write(file_fd, (const void *)ffd->data, (size_t)ffd->len);
if (r == -1) {
SCLogDebug("write failed: %s", strerror(errno));
}
close(file_fd);
}
if (flags & OUTPUT_FILEDATA_FLAG_CLOSE) {
LogFilestoreLogCloseMetaFile(ff);
}
return 0;
}示例12: DBLogAlState
static void DBLogAlState(void *alstate, AppProto proto,
const Packet *p, json_t *js, const char *name) {
if ((PKT_IS_TOCLIENT(p))) { /* drop server -> client log */
return;
}
char timebuf[64];
CreateTimeString(&p->ts, timebuf, sizeof(timebuf));
char srcip[46], dstip[46];
json_t *dbjs = json_object();
if (dbjs == NULL)
return;
if (PKT_IS_IPV4(p)) {
PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip));
PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip));
} else {
PrintInet(AF_INET6, (const void *)GET_IPV6_SRC_ADDR(p), srcip, sizeof(srcip));
PrintInet(AF_INET6, (const void *)GET_IPV6_DST_ADDR(p), dstip, sizeof(dstip));
}
#if 0
char *dbtype = AlstateGetDBType(alstate, proto);
char *username = AlstateGetUsername(alstate, proto);
char *dbname = AlstateGetDBname(alstate, proto);
char *dbopr = AlstateGetDBOpr(alstate, proto);
char *action = AlstateGetAction(alstate, proto);
char *meta = AlstateGetMetaInfo(alstate, proto);
if (dbtype != NULL) {
json_object_set_new(dbjs, "time", timebuf);
}
if (username != NULL) {
json_object_set_new(dbjs, "user", username);
}
if (dbname != NULL) {
json_object_set_new(dbjs, "db_name", dbname);
}
if (dbopr != NULL) {
json_object_set_new(dbjs, "db_operation", dbopr);
}
if (action != NULL) {
json_object_set_new(dbjs, "action", action);
}
if (meta != NULL) {
json_object_set_new(dbjs, "meta_info", meta);
}
#endif
json_object_set_new(js, name, dbjs);
}示例13: AlertDebugLogLogger
static int AlertDebugLogLogger(ThreadVars *tv, void *thread_data, const Packet *p)
{
if (PKT_IS_IPV4(p) || PKT_IS_IPV6(p)) {
return AlertDebugLogger(tv, p, thread_data);
} else if (p->events.cnt > 0) {
return AlertDebugLogDecoderEvent(tv, p, thread_data);
}
return TM_ECODE_OK;
}示例14: SCProfilingPrintPacketProfile
void SCProfilingPrintPacketProfile(Packet *p)
{
if (profiling_packets_csv_enabled == 0 || p == NULL || packet_profile_csv_fp == NULL || p->profile == NULL) {
return;
}
uint64_t delta = p->profile->ticks_end - p->profile->ticks_start;
fprintf(packet_profile_csv_fp, "%"PRIu64",%c,%"PRIu8",%"PRIu64",",
p->pcap_cnt, PKT_IS_IPV4(p) ? '4' : (PKT_IS_IPV6(p) ? '6' : '?'), p->proto,
delta);
int i;
uint64_t tmm_total = 0;
uint64_t tmm_streamtcp_tcp = 0;
for (i = 0; i < TMM_SIZE; i++) {
PktProfilingTmmData *pdt = &p->profile->tmm[i];
uint64_t tmm_delta = pdt->ticks_end - pdt->ticks_start;
fprintf(packet_profile_csv_fp, "%"PRIu64",", tmm_delta);
tmm_total += tmm_delta;
if (p->proto == IPPROTO_TCP && i == TMM_STREAMTCP) {
tmm_streamtcp_tcp = tmm_delta;
}
}
fprintf(packet_profile_csv_fp, "%"PRIu64",", delta - tmm_total);
uint64_t app_total = 0;
for (i = 0; i < ALPROTO_MAX; i++) {
PktProfilingAppData *pdt = &p->profile->app[i];
fprintf(packet_profile_csv_fp,"%"PRIu64",", pdt->ticks_spent);
if (p->proto == IPPROTO_TCP) {
app_total += pdt->ticks_spent;
}
}
uint64_t real_tcp = 0;
if (tmm_streamtcp_tcp > app_total)
real_tcp = tmm_streamtcp_tcp - app_total;
fprintf(packet_profile_csv_fp, "%"PRIu64",", real_tcp);
fprintf(packet_profile_csv_fp, "%"PRIu64",", p->profile->proto_detect);
for (i = 0; i < PROF_DETECT_SIZE; i++) {
PktProfilingDetectData *pdt = &p->profile->detect[i];
fprintf(packet_profile_csv_fp,"%"PRIu64",", pdt->ticks_spent);
}
fprintf(packet_profile_csv_fp,"\n");
}示例15: DefragTrackerCompare
static inline int DefragTrackerCompare(DefragTracker *t, Packet *p)
{
uint32_t id;
if (PKT_IS_IPV4(p)) {
id = (uint32_t)IPV4_GET_IPID(p);
} else {
id = IPV6_EXTHDR_GET_FH_ID(p);
}
return CMP_DEFRAGTRACKER(t, p, id);
}