mirror of
https://github.com/BlackLight/Snort_AIPreproc.git
synced 2024-12-28 03:45:10 +01:00
230 lines
12 KiB
HTML
230 lines
12 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
||
|
<title>Snort AI preprocessor module: alert_parser.c File Reference</title>
|
||
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
||
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
||
|
<script type="text/javaScript" src="search/search.js"></script>
|
||
|
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
|
||
|
</head>
|
||
|
<body onload='searchBox.OnSelectItem(0);'>
|
||
|
<!-- Generated by Doxygen 1.7.1 -->
|
||
|
<script type="text/javascript"><!--
|
||
|
var searchBox = new SearchBox("searchBox", "search",false,'Search');
|
||
|
--></script>
|
||
|
<div class="navigation" id="top">
|
||
|
<div class="tabs">
|
||
|
<ul class="tablist">
|
||
|
<li><a href="index.html"><span>Main Page</span></a></li>
|
||
|
<li><a href="modules.html"><span>Modules</span></a></li>
|
||
|
<li><a href="annotated.html"><span>Data Structures</span></a></li>
|
||
|
<li class="current"><a href="files.html"><span>Files</span></a></li>
|
||
|
<li id="searchli">
|
||
|
<div id="MSearchBox" class="MSearchBoxInactive">
|
||
|
<span class="left">
|
||
|
<img id="MSearchSelect" src="search/mag_sel.png"
|
||
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
||
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
||
|
alt=""/>
|
||
|
<input type="text" id="MSearchField" value="Search" accesskey="S"
|
||
|
onfocus="searchBox.OnSearchFieldFocus(true)"
|
||
|
onblur="searchBox.OnSearchFieldFocus(false)"
|
||
|
onkeyup="searchBox.OnSearchFieldChange(event)"/>
|
||
|
</span><span class="right">
|
||
|
<a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
|
||
|
</span>
|
||
|
</div>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<div class="tabs2">
|
||
|
<ul class="tablist">
|
||
|
<li><a href="files.html"><span>File List</span></a></li>
|
||
|
<li><a href="globals.html"><span>Globals</span></a></li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="header">
|
||
|
<div class="summary">
|
||
|
<a href="#func-members">Functions</a> |
|
||
|
<a href="#var-members">Variables</a> </div>
|
||
|
<div class="headertitle">
|
||
|
<h1>alert_parser.c File Reference</h1> </div>
|
||
|
</div>
|
||
|
<div class="contents">
|
||
|
<code>#include "<a class="el" href="spp__ai_8h_source.html">spp_ai.h</a>"</code><br/>
|
||
|
<code>#include <stdio.h></code><br/>
|
||
|
<code>#include <unistd.h></code><br/>
|
||
|
<code>#include <time.h></code><br/>
|
||
|
<code>#include <sys/inotify.h></code><br/>
|
||
|
<code>#include <sys/stat.h></code><br/>
|
||
|
<table class="memberdecls">
|
||
|
<tr><td colspan="2"><h2><a name="func-members"></a>
|
||
|
Functions</h2></td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top">void * </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#ad68c45b5846743a54ad3fa92c8e48f8a">AI_alertparser_thread</a> (void *arg)</td></tr>
|
||
|
<tr><td class="mdescLeft"> </td><td class="mdescRight">Thread for parsing Snort's alert file. <a href="#ad68c45b5846743a54ad3fa92c8e48f8a"></a><br/></td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#a6c5014cae9155379fdc4db649b2c862d">_AI_copy_alerts</a> (<a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> *node)</td></tr>
|
||
|
<tr><td class="mdescLeft"> </td><td class="mdescRight">Create a copy of the alert log struct (this is done for leaving the alert log structure in this file as read-only). <a href="#a6c5014cae9155379fdc4db649b2c862d"></a><br/></td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#a99474495643197b3075ac22ec6f6c70f">AI_get_alerts</a> ()</td></tr>
|
||
|
<tr><td class="mdescLeft"> </td><td class="mdescRight">Return the alerts parsed so far as a linked list. <a href="#a99474495643197b3075ac22ec6f6c70f"></a><br/></td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#a270e86669a0aa64a8da37bc16cda645b">AI_free_alerts</a> (<a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> *node)</td></tr>
|
||
|
<tr><td class="mdescLeft"> </td><td class="mdescRight">Deallocate the memory of a log alert linked list. <a href="#a270e86669a0aa64a8da37bc16cda645b"></a><br/></td></tr>
|
||
|
<tr><td colspan="2"><h2><a name="var-members"></a>
|
||
|
Variables</h2></td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#ae837fc04e61c0eb052f997c54b4fd9fe">alerts</a> = NULL</td></tr>
|
||
|
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE FILE * </td><td class="memItemRight" valign="bottom"><a class="el" href="alert__parser_8c.html#abee2a33368912d9288c76b51160a9ed6">alert_fp</a> = NULL</td></tr>
|
||
|
</table>
|
||
|
<hr/><h2>Function Documentation</h2>
|
||
|
<a class="anchor" id="a6c5014cae9155379fdc4db649b2c862d"></a><!-- doxytag: member="alert_parser.c::_AI_copy_alerts" ref="a6c5014cae9155379fdc4db649b2c862d" args="(AI_snort_alert *node)" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">PRIVATE <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a>* _AI_copy_alerts </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype"><a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td>
|
||
|
<td class="paramname"> <em>node</em></td>
|
||
|
<td> ) </td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
<p>Create a copy of the alert log struct (this is done for leaving the alert log structure in this file as read-only). </p>
|
||
|
<p>FUNCTION: _AI_copy_alerts </p>
|
||
|
<dl><dt><b>Parameters:</b></dt><dd>
|
||
|
<table border="0" cellspacing="2" cellpadding="0">
|
||
|
<tr><td valign="top"></td><td valign="top"><em>node</em> </td><td>Starting node (used for the recursion) </td></tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl class="return"><dt><b>Returns:</b></dt><dd>A copy of the alert log linked list </dd></dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<a class="anchor" id="ad68c45b5846743a54ad3fa92c8e48f8a"></a><!-- doxytag: member="alert_parser.c::AI_alertparser_thread" ref="ad68c45b5846743a54ad3fa92c8e48f8a" args="(void *arg)" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">void* AI_alertparser_thread </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype">void * </td>
|
||
|
<td class="paramname"> <em>arg</em></td>
|
||
|
<td> ) </td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
<p>Thread for parsing Snort's alert file. </p>
|
||
|
<p>FUNCTION: AI_alertparser_thread </p>
|
||
|
<dl><dt><b>Parameters:</b></dt><dd>
|
||
|
<table border="0" cellspacing="2" cellpadding="0">
|
||
|
<tr><td valign="top"></td><td valign="top"><em>arg</em> </td><td>void* pointer to module's configuration </td></tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<a class="anchor" id="a270e86669a0aa64a8da37bc16cda645b"></a><!-- doxytag: member="alert_parser.c::AI_free_alerts" ref="a270e86669a0aa64a8da37bc16cda645b" args="(AI_snort_alert *node)" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">void AI_free_alerts </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype"><a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td>
|
||
|
<td class="paramname"> <em>node</em></td>
|
||
|
<td> ) </td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
<p>Deallocate the memory of a log alert linked list. </p>
|
||
|
<p>FUNCTION: AI_free_alerts </p>
|
||
|
<dl><dt><b>Parameters:</b></dt><dd>
|
||
|
<table border="0" cellspacing="2" cellpadding="0">
|
||
|
<tr><td valign="top"></td><td valign="top"><em>node</em> </td><td>Linked list to be freed </td></tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<a class="anchor" id="a99474495643197b3075ac22ec6f6c70f"></a><!-- doxytag: member="alert_parser.c::AI_get_alerts" ref="a99474495643197b3075ac22ec6f6c70f" args="()" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname"><a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a>* AI_get_alerts </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype">void </td>
|
||
|
<td class="paramname"></td>
|
||
|
<td> ) </td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
<p>Return the alerts parsed so far as a linked list. </p>
|
||
|
<p>FUNCTION: AI_get_alerts </p>
|
||
|
<dl class="return"><dt><b>Returns:</b></dt><dd>An AI_snort_alert pointer identifying the list of alerts </dd></dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<hr/><h2>Variable Documentation</h2>
|
||
|
<a class="anchor" id="abee2a33368912d9288c76b51160a9ed6"></a><!-- doxytag: member="alert_parser.c::alert_fp" ref="abee2a33368912d9288c76b51160a9ed6" args="" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">PRIVATE FILE* <a class="el" href="alert__parser_8c.html#abee2a33368912d9288c76b51160a9ed6">alert_fp</a> = NULL</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<a class="anchor" id="ae837fc04e61c0eb052f997c54b4fd9fe"></a><!-- doxytag: member="alert_parser.c::alerts" ref="ae837fc04e61c0eb052f997c54b4fd9fe" args="" -->
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">PRIVATE <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a>* <a class="el" href="alert__parser_8c.html#ae837fc04e61c0eb052f997c54b4fd9fe">alerts</a> = NULL</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div>
|
||
|
<div class="memdoc">
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<!--- window showing the filter options -->
|
||
|
<div id="MSearchSelectWindow"
|
||
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
||
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
||
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
||
|
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark"> </span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark"> </span>Data Structures</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark"> </span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark"> </span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark"> </span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark"> </span>Typedefs</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark"> </span>Enumerations</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(7)"><span class="SelectionMark"> </span>Enumerator</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(8)"><span class="SelectionMark"> </span>Defines</a></div>
|
||
|
|
||
|
<!-- iframe showing the search results (closed by default) -->
|
||
|
<div id="MSearchResultsWindow">
|
||
|
<iframe src="" frameborder="0"
|
||
|
name="MSearchResults" id="MSearchResults">
|
||
|
</iframe>
|
||
|
</div>
|
||
|
|
||
|
<hr class="footer"/><address class="footer"><small>Generated on Mon Aug 16 2010 22:05:38 for Snort AI preprocessor module by
|
||
|
<a href="http://www.doxygen.org/index.html">
|
||
|
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.1 </small></address>
|
||
|
</body>
|
||
|
</html>
|