blob: ce76c38c45afd4659e6d54f4a6f5795c7d3d64ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
#ifndef _DIGEST_DETECTION_H
#define _DIGEST_DETECTION_H
#include "AV_sendback.h"
#include "Maat_rule.h"
#define MAX_SCAN_RESULT 8
/*ý�����ͣ���ǰ��һ��*/
#define FILE_UNKNOWN 0x00
#define FILE_CONTENT 0x03
#define FILE_DOC 0xF0
#define FILE_DOCX 0xF1
#define FILE_XLS 0xF2
#define FILE_XLSX 0xF3
#define FILE_PPT 0xF4
#define FILE_PPTX 0xF5
#define FILE_PDF 0xF6
#define FILE_EXE 0xF7
#define FILE_APK 0xF8
#define MEDIATYPE_MAXNUM 11
struct future_pdata
{
struct future* future;
char filename[256];
};
typedef struct media_type_s
{
uint8_t media_type;
char media_type_desc[32];
} media_type_t;
typedef struct media_s
{
stream_para_t digest_stream_para;
scan_status_t scan_mid;
uint64_t mid;
int64_t create_time;
uint64_t media_len;
int thread_seq;
uint32_t src_ip;
uint8_t proto;
uint8_t media_type;
uint8_t data_flag;
uint8_t hit_digest;
uint64_t byte_in;
uint64_t maxoffset;
uint32_t pkt_in;
}media_t;
typedef struct meta_s
{
uint64_t pid; //ID�������ݻ�ȡ�ڵ�����
uint64_t proglen; //���ļ������ֽڳ��ȣ�Ϊ0��ʾ����δ֪
int thread_seq;
uint32_t src_ip; // ��ȡ�ڵ��IP
uint8_t protocol; // ����������
uint8_t mediatype; // ���ܵ�ý������
uint8_t data_flag; // ���ݱ�־
uint8_t opt_num; // ѡ�����
}meta_t;
typedef struct frag_in_s
{
uint64_t mid;
uint64_t offset;
char* data;
uint32_t datalen;
uint32_t src_ip;
int thread_seq;
}frag_in_t;
#ifdef __cplusplus
extern "C" {
#endif
void free_media(void* data);
void add_media_info(msg_meta_t* minfo, char* opt, uint32_t src_ip, int thread_seq);
void add_frag(uint64_t pid, uint64_t offset, char* data, uint32_t datalen, uint8_t protocol, uint32_t src_ip, int thread_seq);
#ifdef __cplusplus
}
#endif
#endif
|
