00001 #ifndef __EVENT_QUEUE_H__ 00002 #define __EVENT_QUEUE_H__ 00003 00004 #include "decode.h" 00005 00006 #define SNORT_EVENTQ_PRIORITY 1 00007 #define SNORT_EVENTQ_CONTENT_LEN 2 00008 00009 typedef struct s_SNORT_EVENTQ_USER 00010 { 00011 char rule_alert; 00012 void *pkt; 00013 00014 } SNORT_EVENTQ_USER; 00015 00016 typedef struct s_SNORT_EVENT_QUEUE 00017 { 00018 int max_events; 00019 int log_events; 00020 int order; 00021 00022 } SNORT_EVENT_QUEUE; 00023 00024 typedef struct _EventNode 00025 { 00026 unsigned int gid; 00027 unsigned int sid; 00028 unsigned int rev; 00029 unsigned int classification; 00030 unsigned int priority; 00031 char *msg; 00032 void *rule_info; 00033 00034 } EventNode; 00035 00036 int SnortEventqInit(void); 00037 void SnortEventqReset(void); 00038 int SnortEventqLog(Packet *); 00039 int SnortEventqAdd(unsigned int gid,unsigned int sid,unsigned int rev, 00040 unsigned int classification,unsigned int pri,char *msg, 00041 void *rule_info); 00042 00043 #endif
1.4.2