Functions

Manage streams, sorting them into hash tables and linked lists

Functions

PRIVATE void _AI_stream_free (struct pkt_info *stream)
 Remove a stream from the hash table (private function).
void * AI_hashcleanup_thread (void *arg)
 Thread called for cleaning up the hash table from the traffic streams older than a certain threshold.
void AI_pkt_enqueue (SFSnortPacket *pkt)
 Function called for appending a new packet to the hash table, creating a new stream or appending it to an existing stream.
struct pkt_infoAI_get_stream_by_key (struct pkt_key key)
 Get a TCP stream by key.
void AI_set_stream_observed (struct pkt_key key)
 Set the flag "observed" on a stream associated to a security alert, so that it won't be removed from the hash table.

Function Documentation

PRIVATE void _AI_stream_free ( struct pkt_info stream  ) 

Remove a stream from the hash table (private function).

Parameters:
stream Stream to be removed
struct pkt_info* AI_get_stream_by_key ( struct pkt_key  key  )  [read]

Get a TCP stream by key.

Parameters:
key Key of the stream to be picked up (struct pkt_key)
Returns:
A pkt_info pointer to the stream if found, NULL otherwise
void* AI_hashcleanup_thread ( void *  arg  ) 

Thread called for cleaning up the hash table from the traffic streams older than a certain threshold.

Parameters:
arg Pointer to the AI_config struct
void AI_pkt_enqueue ( SFSnortPacket *  pkt  ) 

Function called for appending a new packet to the hash table, creating a new stream or appending it to an existing stream.

Parameters:
pkt Packet to be appended
void AI_set_stream_observed ( struct pkt_key  key  ) 

Set the flag "observed" on a stream associated to a security alert, so that it won't be removed from the hash table.

Parameters:
key Key of the stream to be set as "observed"
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on Tue Sep 14 2010 19:23:42 for Snort AI preprocessor module by  doxygen 1.7.1