Main Page | Modules | Class List | Directories | File List | Class Members | File Members | Related Pages
src

sfthreshold.h File Reference

#include "sfthd.h"

Go to the source code of this file.

Functions

void ParseThreshold2 (THDX_STRUCT *thdx, char *s)
void ProcessThresholdOptions (char *args)
void ParseSFThreshold (FILE *fp, char *rule)
void ParseSFSuppress (FILE *fp, char *rule)
int sfthreshold_init (void)
void sfthreshold_reset (void)
int sfthreshold_create (THDX_STRUCT *thdx)
int sfthreshold_test (unsigned gen_id, unsigned sig_id, unsigned sip, unsigned dip, long curtime)
void print_thresholding ()

Function Documentation

void ParseSFSuppress FILE *  fp,
char *  rule
 

Definition at line 443 of file sfthreshold.c.

References FatalError(), file_line, file_name, THDX_STRUCT::gen_id, THDX_STRUCT::ip_address, THDX_STRUCT::ip_mask, memset, mSplit(), mSplitFree(), parseCIDR(), THDX_STRUCT::priority, sfthreshold_create(), THDX_STRUCT::sig_id, strtoul(), THD_PRIORITY_SUPPRESS, THD_TRK_DST, THD_TRK_SRC, THD_TYPE_SUPPRESS, THDX_STRUCT::tracking, and THDX_STRUCT::type.

Referenced by ParseRule().

void ParseSFThreshold FILE *  fp,
char *  rule
 

Definition at line 237 of file sfthreshold.c.

References THDX_STRUCT::count, FatalError(), file_line, file_name, THDX_STRUCT::gen_id, memset, mSplit(), mSplitFree(), THDX_STRUCT::seconds, sfthreshold_create(), THDX_STRUCT::sig_id, THD_TRK_DST, THD_TRK_SRC, THD_TYPE_BOTH, THD_TYPE_LIMIT, THD_TYPE_THRESHOLD, THDX_STRUCT::tracking, THDX_STRUCT::type, and xatou().

Referenced by ParseRule().

void ParseThreshold2 THDX_STRUCT thdx,
char *  s
 

Definition at line 92 of file sfthreshold.c.

References THDX_STRUCT::count, FatalError(), file_line, file_name, memset, THDX_STRUCT::priority, s_enabled, THDX_STRUCT::seconds, THD_TRK_DST, THD_TRK_SRC, THD_TYPE_BOTH, THD_TYPE_LIMIT, THD_TYPE_THRESHOLD, THDX_STRUCT::tracking, THDX_STRUCT::type, and xatou().

Referenced by ParseRuleOptions().

void print_thresholding  ) 
 

Definition at line 752 of file sfthreshold.c.

References THD_NODE::gen_id, LogMessage(), PRINT_GLOBAL, PRINT_LOCAL, PRINT_SUPPRESS, print_thd_local(), print_thd_node(), s_memcap, THD_STRUCT::sfthd_garray, THD_NODE::sig_id, and THD_MAX_GENID.

Referenced by SnortMain().

void ProcessThresholdOptions char *  args  ) 
 

Definition at line 201 of file sfthreshold.c.

References FatalError(), file_line, file_name, mSplit(), mSplitFree(), s_enabled, s_memcap, and xatou().

Referenced by ParseConfig().

int sfthreshold_create THDX_STRUCT thdx  ) 
 

Definition at line 836 of file sfthreshold.c.

References THDX_STRUCT::count, THDX_STRUCT::gen_id, THDX_STRUCT::ip_address, THDX_STRUCT::ip_mask, THDX_STRUCT::not_flag, THDX_STRUCT::priority, s_enabled, THDX_STRUCT::seconds, sfthd_create_threshold(), sfthreshold_init(), THDX_STRUCT::sig_id, THDX_STRUCT::tracking, and THDX_STRUCT::type.

Referenced by ParseRuleOptions(), ParseSFSuppress(), and ParseSFThreshold().

int sfthreshold_init void   ) 
 

Definition at line 540 of file sfthreshold.c.

References s_enabled, s_memcap, and sfthd_new().

Referenced by sfthreshold_create().

void sfthreshold_reset void   ) 
 

Reset the thresholding system so that subsequent calls to sfthreshold_test will indeed try to alter the thresholding system

Definition at line 916 of file sfthreshold.c.

References s_checked.

Referenced by GenerateOpenPortEvent(), LogSnortEvents(), and PcapProcessPacket().

int sfthreshold_test unsigned  gen_id,
unsigned  sig_id,
unsigned  sip,
unsigned  dip,
long  curtime
 

Definition at line 890 of file sfthreshold.c.

References s_answer, s_checked, s_enabled, and sfthd_test_threshold().

Referenced by CallAlertFuncs(), CallLogFuncs(), fpLogEvent(), GenerateOpenPortEvent(), LogPortscanAlert(), and ParseXLink2State().

Generated on Sun May 14 14:51:26 2006 by  doxygen 1.4.2