engine/message.c File Reference

#include "message.h"
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "../decoders/decode_ip.h"
#include "../decoders/decode_tcp.h"
#include "../decoders/decode_udp.h"
#include <netinet/in.h>
#include <arpa/inet.h>

Go to the source code of this file.

Functions

MessageItemParseMessageString (char *MString)
void FreeMessage (MessageItem *MItem)
int ApplyMessage (MessageItem *MItem, int PacketSlot, char *Buff, int BuffLen)

Variables

GlobalVars Globals

Function Documentation

int ApplyMessage ( MessageItem MItem,
int  PacketSlot,
char *  Buff,
int  BuffLen 
)

Fill in the message string from the packet (for use by the actions). This function searches for all the relevant fields (source and destiny IP, port, etc.) and formats the message.

Definition at line 165 of file message.c.

References global_vars::AlertCount, ip_header::daddr, DEBUGPATH, FALSE, GetDataByID(), GetDecoderByName(), Globals, ip_data::Header, IP_PROTO_TCP, IP_PROTO_UDP, MESSAGE_ITEM_ALERT_COUNT, MESSAGE_ITEM_CHAR, MESSAGE_ITEM_DAY, MESSAGE_ITEM_DIP, MESSAGE_ITEM_DPORT, MESSAGE_ITEM_HOUR, MESSAGE_ITEM_MIN, MESSAGE_ITEM_MONTH, MESSAGE_ITEM_PACKET_NUM, MESSAGE_ITEM_SEC, MESSAGE_ITEM_SIP, MESSAGE_ITEM_SPORT, MESSAGE_ITEM_USEC, MESSAGE_ITEM_YEAR, message_item::Next, NULL, packet_rec::PacketNum, global_vars::Packets, PRINTERROR1, ip_header::protocol, ip_header::saddr, TRUE, packet_rec::tv, message_item::Type, and message_item::Value.

Referenced by AlertConsoleAction(), AlertEMailAction(), AlertFileAction(), AlertListenSocketAction(), AlertSocketAction(), and AlertSyslogAction().

void FreeMessage ( MessageItem MItem  ) 

Definition at line 144 of file message.c.

References message_item::Next, and NULL.

MessageItem* ParseMessageString ( char *  MString  ) 

Definition at line 18 of file message.c.

References MESSAGE_ITEM_ALERT_COUNT, MESSAGE_ITEM_CHAR, MESSAGE_ITEM_DAY, MESSAGE_ITEM_DIP, MESSAGE_ITEM_DPORT, MESSAGE_ITEM_HOUR, MESSAGE_ITEM_MIN, MESSAGE_ITEM_MONTH, MESSAGE_ITEM_PACKET_NUM, MESSAGE_ITEM_SEC, MESSAGE_ITEM_SIP, MESSAGE_ITEM_SPORT, MESSAGE_ITEM_USEC, MESSAGE_ITEM_YEAR, message_item::Next, NULL, message_item::Type, and message_item::Value.

Referenced by ParseRule(), and ParseSystem().

Variable Documentation

GlobalVars Globals

Definition at line 41 of file hlbr.c.

Generated on Sat Jul 7 23:33:10 2007 for HLBR by  doxygen 1.5.2