Main Page | Modules | Class List | Directories | File List | Class Members | File Members | Related Pages
src / output-plugins

spo_alert_unixsock.h

Go to the documentation of this file.
00001 /* $Id$ */
00002 /*
00003 ** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
00004 ** Copyright (C) 2000,2001 Andrew R. Baker <andrewb@uab.edu>
00005 **
00006 ** This program is free software; you can redistribute it and/or modify
00007 ** it under the terms of the GNU General Public License as published by
00008 ** the Free Software Foundation; either version 2 of the License, or
00009 ** (at your option) any later version.
00010 **
00011 ** This program is distributed in the hope that it will be useful,
00012 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
00013 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00014 ** GNU General Public License for more details.
00015 **
00016 ** You should have received a copy of the GNU General Public License
00017 ** along with this program; if not, write to the Free Software
00018 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
00019 */
00020 
00021 /* This file gets included in plugbase.h when it is integrated into the rest 
00022  * of the program.  Sometime in The Future, I'll whip up a bad ass Perl script
00023  * to handle automatically loading all the required info into the plugbase.*
00024  * files.
00025  */
00026 
00027 #ifndef __SPO_ALERT_UNIXSOCK_H__
00028 #define __SPO_ALERT_UNIXSOCK_H__
00029 
00030 #include <sys/types.h>
00031 #include <pcap.h>
00032 #include "event.h"
00033 
00034 /* this struct is for the alert socket code.... */
00035 typedef struct _Alertpkt
00036 {
00037     u_int8_t alertmsg[ALERTMSG_LENGTH]; /* variable.. */
00038     struct pcap_pkthdr pkth;
00039     u_int32_t dlthdr;       /* datalink header offset. (ethernet, etc.. ) */
00040     u_int32_t nethdr;       /* network header offset. (ip etc...) */
00041     u_int32_t transhdr;     /* transport header offset (tcp/udp/icmp ..) */
00042     u_int32_t data;
00043     u_int32_t val;  /* which fields are valid. (NULL could be
00044         * valids also)
00045 *                                  */
00046     /* Packet struct --> was null */
00047 #define NOPACKET_STRUCT 0x1
00048     /* no transport headers in packet */
00049 #define NO_TRANSHDR    0x2
00050     u_int8_t pkt[SNAPLEN];
00051     Event event;
00052 } Alertpkt;
00053 
00054 void AlertUnixSockSetup(void);
00055 
00056 #endif  /* __SPO_ALERT_UNIXSOCK_H__ */
00057
Generated on Sun May 14 14:51:14 2006 by  doxygen 1.4.2