#include "action.h"#include <stdio.h>#include <string.h>#include "../packets/packet.h"#include "action_drop.h"#include "action_alert_console.h"#include "action_alert_file.h"#include "action_dump_packet.h"#include "action_route_sip.h"#include "action_bns.h"#include "action_alert_syslog.h"#include "action_alert_email.h"#include "action_alert_socket.h"#include "action_alert_listensocket.h"Go to the source code of this file.
Functions | |
| int | InitActions () |
| int | GetActionByName (char *Name) |
| int | CreateAction (char *Name) |
| int | BuildMessageString (char *Message, int PacketSlot, char *TargetBuff, int TargetBuffLen) |
| int | PerformActions (int PacketSlot) |
| int | LogMessageAllActions (char *Message) |
Variables | |
| GlobalVars | Globals |
| int BuildMessageString | ( | char * | Message, | |
| int | PacketSlot, | |||
| char * | TargetBuff, | |||
| int | TargetBuffLen | |||
| ) |
| int CreateAction | ( | char * | Name | ) |
Definition at line 69 of file action.c.
References ACTION_NONE, global_vars::ActionItems, GetActionByName(), Globals, action_item::ID, MAX_NAME_LEN, action_item::Name, and global_vars::NumActionItems.
Referenced by InitActionAlertConsole(), InitActionAlertEMail(), InitActionAlertFile(), InitActionAlertListenSocket(), InitActionAlertSocket(), InitActionAlertSyslog(), InitActionBNS(), InitActionDrop(), InitActionDumpPacket(), and InitActionRouteSIP().
| int GetActionByName | ( | char * | Name | ) |
Definition at line 50 of file action.c.
References global_vars::ActionItems, Globals, action_item::Name, and global_vars::NumActionItems.
Referenced by CreateAction(), and ParseAction().
| int InitActions | ( | ) |
Definition at line 27 of file action.c.
References FALSE, InitActionAlertConsole(), InitActionAlertEMail(), InitActionAlertFile(), InitActionAlertListenSocket(), InitActionAlertSocket(), InitActionAlertSyslog(), InitActionBNS(), InitActionDrop(), InitActionDumpPacket(), InitActionRouteSIP(), and TRUE.
Referenced by main().
| int LogMessageAllActions | ( | char * | Message | ) |
Log a message, using all applicable responses in all defined actions. Differentrly from LogMessage, this function searches for all responses in all defined actions and calls every one of them.
Definition at line 159 of file action.c.
References rule_rec::Action, action_rec::ActionItemData, global_vars::ActionItems, action_rec::ActionItems, global_vars::Actions, DEBUGPATH, FALSE, Globals, action_item::MessageFunc, global_vars::NumActions, action_rec::NumItems, and global_vars::Rules.
Referenced by BNSAction().
| int PerformActions | ( | int | PacketSlot | ) |
Definition at line 114 of file action.c.
References rule_rec::Action, action_item::ActionFunc, action_rec::ActionItemData, global_vars::ActionItems, action_rec::ActionItems, global_vars::Actions, global_vars::AlertCount, DEBUG, Globals, action_rec::NumItems, global_vars::NumRules, global_vars::Packets, RuleIsActive(), global_vars::Rules, and TRUE.
Referenced by ProcessPacket().
Definition at line 41 of file hlbr.c.
Referenced by AddIPRanges(), AddPacketToPending(), AddShutdownHandler(), AddToTree(), AddToTreeSorted(), AlertConsoleAction(), AlertEMailAction(), AlertFileAction(), AlertFileParseArgs(), AlertListenSocketAction(), AlertSocketAction(), AlertSyslogAction(), ApplyMessage(), AssignSessionTCP(), BindTestToDecoder(), BlockPacket(), BNSAction(), CallShutdownHandlers(), CreateAction(), CreateDecoder(), CreateRoute(), CreateTest(), CreateTimer(), Decode(), DecodeARP(), DecodeDNS(), DecodeEthernet(), DecodeICMP(), DecodeInterface(), DecodeIP(), DecodeIPDefrag(), DecoderAddDecoder(), DecoderAddModule(), DecoderAddTest(), DecoderSetDependency(), DecodeTCP(), DecodeTCPStream(), DecodeUDP(), DropAction(), DropPacket(), DumpPacketAction(), DumpPacketParseArgs(), EMailMessage(), FindPortPair(), FreeSaved(), GetActionByName(), GetAndLockSavedPackets(), GetDataByID(), GetDecoderByName(), GetEmptyPacket(), GetInterfaceByName(), GetListByName(), GetRouteByName(), GetTestByName(), HandleARPPacket(), HandleIPPacket(), HandleSignal(), HandleTimers(), hlbr_mutex_lock(), hlbr_mutex_trylock(), hlbr_mutex_unlock(), IdleFunc(), InitActionAlertConsole(), InitActionAlertEMail(), InitActionAlertFile(), InitActionAlertListenSocket(), InitActionAlertSocket(), InitActionAlertSyslog(), InitActionBNS(), InitActionDrop(), InitActionDumpPacket(), InitActionRouteSIP(), InitDecoderARP(), InitDecoderDNS(), InitDecoderEthernet(), InitDecoderICMP(), InitDecoderInterface(), InitDecoderIP(), InitDecoderIPDefrag(), InitDecoders(), InitDecoderTCP(), InitDecoderTCPStream(), InitDecoderUDP(), InitMacFilter(), InitRouteARP(), InitRouteBNS(), InitRouteBroadcast(), InitRouteDIP(), InitRouteInterface(), InitRouteSIP(), InitSBridge(), InitTestEthernetDst(), InitTestEthernetSrc(), InitTestEthernetType(), InitTestICMPCode(), InitTestICMPType(), InitTestInterfaceName(), InitTestIPCheck(), InitTestIPDst(), InitTestIPProto(), InitTestIPSrc(), InitTestIPTTL(), InitTestTCPContent(), InitTestTCPDst(), InitTestTCPFlags(), InitTestTCPListContent(), InitTestTCPListNoCase(), InitTestTCPNoCase(), InitTestTCPOffset(), InitTestTCPPort(), InitTestTCPRegExp(), InitTestTCPSrc(), InitTestUDPContent(), InitTestUDPDst(), InitTestUDPNoCase(), InitTestUDPRegExp(), InitTestUDPSrc(), InterfaceNameAddNode(), IPDstAddNode(), IPSrcAddNode(), IPTTLAddNode(), ListenSocketTimerFunc(), LogMessageAllActions(), LoopThreadTCPDump(), main(), MainLoop(), MainLoopPoll(), MainLoopThreaded(), MatchStrings(), MatchStringTree(), OpenInterface(), OpenInterfaces(), OpenInterfaceTCPDump(), ParseAction(), ParseArgs(), ParseConfig(), ParseDecoderLine(), ParseInterface(), ParseList(), ParseRouting(), ParseRule(), ParseRules(), ParseSystem(), PerformActions(), PopFromPending(), ProcessPacket(), ProcessPacketThread(), ReadPacket(), ReadPacketTCPDump(), RebuildPacket(), RemovePort(), ReturnEmptyPacket(), Route(), RouteAdd(), RouteAndSend(), RouteARP(), RouteBNS(), RouteBNSAddNode(), RouteBroadcast(), RouteDIP(), RouteDIPAddNode(), RouteInterface(), RouteMacFilter(), RouteMacFilterAddNode(), RouteSBridge(), RouteSIP(), RouteSIPAction(), RouteSIPAdd(), RouteSIPAddNode(), RouteSIPParseArgs(), RuleIsActive(), SavePacket(), SendARP(), SetAction(), SetRuleInactive(), StartInterfaceThread(), TCPDstAddNode(), TCPDumpLoopFunc(), TCPFlagsAddNode(), TestAddNode(), TestEthernetDst(), TestEthernetSrc(), TestEthernetType(), TestICMPCode(), TestICMPType(), TestInterfaceName(), TestIPCheck(), TestIPDst(), TestIPProto(), TestIPSrc(), TestIPTTL(), TestSetDependency(), TestsFinishSetup(), TestTCPContent(), TestTCPDst(), TestTCPDstOld(), TestTCPFlags(), TestTCPListContent(), TestTCPListNoCase(), TestTCPNoCase(), TestTCPOffset(), TestTCPPort(), TestTCPRegExp(), TestTCPSrc(), TestUDPContent(), TestUDPDst(), TestUDPNoCase(), TestUDPRegExp(), TestUDPSrc(), TimeoutSavedPackets(), UDPSrcAddNode(), UnlockSavedQuery(), and WritePacket().
1.5.2