diff --git a/src/detect-engine-dns.c b/src/detect-engine-dns.c index 915533f150..e68c1093b0 100644 --- a/src/detect-engine-dns.c +++ b/src/detect-engine-dns.c @@ -159,52 +159,6 @@ uint32_t DetectDnsQueryInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, SCReturnUInt(cnt); } -/** \brief Do the content inspection & validation for a signature - * - * \param de_ctx Detection engine context - * \param det_ctx Detection engine thread context - * \param s Signature to inspect - * \param sm SigMatch to inspect - * \param f Flow - * \param flags app layer flags - * \param state App layer state - * - * \retval 0 no match - * \retval 1 match - */ -int DetectEngineInspectGenericList(ThreadVars *tv, - const DetectEngineCtx *de_ctx, - DetectEngineThreadCtx *det_ctx, - const Signature *s, Flow *f, const uint8_t flags, - void *alstate, void *txv, uint64_t tx_id, const int list) -{ - KEYWORD_PROFILING_SET_LIST(det_ctx, list); - - SigMatchData *smd = s->sm_arrays[list]; - SCLogDebug("running match functions, sm %p", smd); - if (smd != NULL) { - while (1) { - int match = 0; - KEYWORD_PROFILING_START; - match = sigmatch_table[smd->type]. - AppLayerTxMatch(tv, det_ctx, f, flags, alstate, txv, s, smd->ctx); - KEYWORD_PROFILING_END(det_ctx, smd->type, (match == 1)); - - if (match == 0) - return DETECT_ENGINE_INSPECT_SIG_NO_MATCH; - if (match == 2) { - return DETECT_ENGINE_INSPECT_SIG_CANT_MATCH; - } - - if (smd->is_last) - break; - smd++; - } - } - - return DETECT_ENGINE_INSPECT_SIG_MATCH; -} - int DetectEngineInspectDnsRequest(ThreadVars *tv, DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, diff --git a/src/detect-engine.c b/src/detect-engine.c index a6fefbd155..5ba049f89f 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -563,6 +563,56 @@ int DetectEngineReloadIsDone(void) return r; } +/** \brief Do the content inspection & validation for a signature + * + * \param de_ctx Detection engine context + * \param det_ctx Detection engine thread context + * \param s Signature to inspect + * \param sm SigMatch to inspect + * \param f Flow + * \param flags app layer flags + * \param state App layer state + * + * \retval 0 no match + * \retval 1 match + */ +int DetectEngineInspectGenericList(ThreadVars *tv, + const DetectEngineCtx *de_ctx, + DetectEngineThreadCtx *det_ctx, + const Signature *s, Flow *f, const uint8_t flags, + void *alstate, void *txv, uint64_t tx_id, const int list) +{ +#ifdef PROFILING + KEYWORD_PROFILING_SET_LIST(det_ctx, list); +#endif + SigMatchData *smd = s->sm_arrays[list]; + SCLogDebug("running match functions, sm %p", smd); + if (smd != NULL) { + while (1) { + int match = 0; +#ifdef PROFILING + KEYWORD_PROFILING_START; +#endif + match = sigmatch_table[smd->type]. + AppLayerTxMatch(tv, det_ctx, f, flags, alstate, txv, s, smd->ctx); +#ifdef PROFILING + KEYWORD_PROFILING_END(det_ctx, smd->type, (match == 1)); +#endif + if (match == 0) + return DETECT_ENGINE_INSPECT_SIG_NO_MATCH; + if (match == 2) { + return DETECT_ENGINE_INSPECT_SIG_CANT_MATCH; + } + + if (smd->is_last) + break; + smd++; + } + } + + return DETECT_ENGINE_INSPECT_SIG_MATCH; +} + /* nudge capture loops to wake up */ static void BreakCapture(void) { diff --git a/src/detect-engine.h b/src/detect-engine.h index 64c241e166..3211c601d9 100644 --- a/src/detect-engine.h +++ b/src/detect-engine.h @@ -94,6 +94,11 @@ int DetectEngineTentantUnregisterVlanId(uint32_t tenant_id, uint16_t vlan_id); int DetectEngineTentantRegisterPcapFile(uint32_t tenant_id); int DetectEngineTentantUnregisterPcapFile(uint32_t tenant_id); +int DetectEngineInspectGenericList(ThreadVars *, const DetectEngineCtx *, + DetectEngineThreadCtx *, const Signature *, + Flow *, const uint8_t, void *, void *, + uint64_t, const int); + /** * \brief Registers an app inspection engine. *