Main Page | Modules | Class List | Directories | File List | Class Members | File Members | Related Pages
src / preprocessors / flow / int-snort

flow_packet.h

Go to the documentation of this file.
00001 /**
00002  * @file   flow_packet.h
00003  * @author Chris Green <cmg@sourcefire.com>
00004  * @date   Wed Jun 25 09:20:41 2003
00005  * 
00006  * @brief  interface for packet structures between snort and flow
00007  *
00008  *
00009  * Camel Hump notation for cleaner integration w/ snort
00010  * 
00011  * 
00012  */
00013 
00014 #ifndef _FLOW_PACKET_H
00015 #define _FLOW_PACKET_H
00016 
00017 #include "decode.h"
00018 #include "common_defs.h"
00019 #include <string.h>
00020 
00021 typedef Packet FLOWPACKET;
00022 
00023 /** 
00024  * Determine if this is an IPV4 packet
00025  * 
00026  * @param p packet to determine if it's ipv4
00027  * 
00028  * @return 1 if it is an IPv4 Packet, 0 otherwise
00029  */
00030 static int INLINE IsIPv4Packet(FLOWPACKET *p)
00031 {
00032     FLOWASSERT(p);
00033 
00034     if(p->iph)
00035         return 1;
00036     
00037     return 0;
00038 }
00039 
00040 /** 
00041  * Determine if this is an Tcp packet
00042  * 
00043  * @param p packet to determine if it's tcp
00044  * 
00045  * @return 1 if it is an tcp Packet, 0 otherwise
00046  */
00047 static int INLINE IsTcpPacket(FLOWPACKET *p)
00048 {
00049     FLOWASSERT(p);
00050 
00051     if(p && p->tcph)
00052         return 1;
00053 
00054     return 0;
00055 }
00056 
00057 /** 
00058  * Determine if this is an Tcp packet
00059  * 
00060  * @param p packet to determine if it's tcp
00061  * 
00062  * @return 1 if it is an tcp Packet, 0 otherwise
00063  */
00064 static u_int8_t INLINE GetTcpFlags(FLOWPACKET *p)
00065 {
00066     FLOWASSERT(p && p->tcph);
00067     
00068     if(p && p->tcph)
00069         return p->tcph->th_flags;
00070 
00071     return 0;
00072 }
00073 
00074 
00075 /** 
00076  * Returns the Source Port portion of a packet in host byte
00077  * order.
00078  *
00079  * This function assumes that there this packet is has been properly
00080  * identified to contain an IPv4 Header.
00081  * 
00082  * @param p packet 
00083  * 
00084  * @return the sport || 0
00085  */
00086 static u_int16_t INLINE GetIPv4SrcPort(FLOWPACKET *p)     
00087 {
00088     FLOWASSERT(p);
00089 
00090     if(p)
00091         return p->sp;
00092 
00093     return 0;
00094 }
00095 
00096 
00097 /** 
00098  * Returns the Destination Port portion of a packet in host byte
00099  * order.
00100  *
00101  * This function assumes that there this packet is has been properly
00102  * identified to contain an IPv4 Header.
00103  * 
00104  * @param p packet 
00105  * 
00106  * @return the sport || 0
00107  */
00108 static u_int16_t INLINE GetIPv4DstPort(FLOWPACKET *p)     
00109 {
00110     FLOWASSERT(p);
00111     
00112     if(p)
00113         return p->dp;
00114 
00115     return 0;
00116 }
00117 
00118 
00119 /** 
00120  * Returns the IP Protocol portion of a packet.
00121  *
00122  * This function assumes that there this packet is has been properly
00123  * identified to contain an IPv4 Header.
00124  * 
00125  * @param p packet 
00126  * 
00127  * @return the sport || 0
00128  */
00129 static u_int8_t INLINE GetIPv4Proto(FLOWPACKET *p)     
00130 {
00131     FLOWASSERT(p && p->iph);
00132         
00133     if(p && p->iph)
00134         return p->iph->ip_proto;
00135 
00136     return 0;
00137 }
00138 
00139 /** 
00140  * Returns the SIP portion of a packet.
00141  *
00142  * This function assumes that there this packet is has been properly
00143  * identified to contain an IPv4 Header.
00144  *
00145  * This performs memcpy's incase the IPH is not aligned in snort.
00146  * 
00147  * @param p packet 
00148  * 
00149  * @return the sport || 0
00150  */
00151 static u_int32_t INLINE GetIPv4SrcIp(FLOWPACKET *p)     
00152 {
00153     FLOWASSERT(p && p->iph);
00154     
00155     if(p && p->iph)
00156         return p->iph->ip_src.s_addr;
00157     
00158     return 0;
00159 }
00160 
00161 
00162 /** 
00163  * Returns the DIP portion of a packet.
00164  *
00165  * This function assumes that there this packet is has been properly
00166  * identified to contain an IPv4 Header.
00167  *
00168  * This performs memcpy's incase the IPH is not aligned in snort.
00169  * 
00170  * @param p packet 
00171  * 
00172  * @return the sport || 0
00173  */
00174 static u_int32_t INLINE GetIPv4DstIp(FLOWPACKET *p)     
00175 {
00176     FLOWASSERT(p && p->iph);
00177     
00178     if(p && p->iph)
00179         return p->iph->ip_dst.s_addr;
00180 
00181     return 0;
00182 }
00183 
00184 
00185 /** 
00186  * Get the IP length of a packet.  
00187  * 
00188  * @param p packet to operate on
00189  * 
00190  * @return size of the packet
00191  */
00192 static int INLINE GetIPv4Len(FLOWPACKET *p)
00193 {
00194     FLOWASSERT(p);
00195 
00196     if(p)
00197     {
00198         if(p->iph)
00199             return ntohs(p->iph->ip_len);
00200         else
00201             return p->dsize;
00202     }
00203 
00204     return 0;
00205 }
00206 
00207 
00208 
00209 #endif /* _FLOW_PACKET_H */
00210
Generated on Sun May 14 14:51:15 2006 by  doxygen 1.4.2