blob: 89a80a4f6feb99c7f3c3ba247550f08bdf068fe2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#pragma once
#include <stdint.h>
#include <stddef.h>
#include <stdbool.h>
#include <uuid/uuid.h>
#include <limits.h>
#include <uthash/utarray.h>
#include "attribute_schema.h"
enum IP_PROTOCOL
{
IP_PROTOCOL_UNKNOWN=0,
IP_PROTOCOL_ICMP=1,
IP_PROTOCOL_TCP,
IP_PROTOCOL_UDP,
IP_PROTOCOL_MAX
};
struct global_parameter
{
char sled_ip[NAME_MAX];
char device_id[NAME_MAX];
char device_sn[NAME_MAX];
char device_tag[NAME_MAX];
char data_center[NAME_MAX];
char device_group[NAME_MAX];
int traffic_vsystem_id;
int default_unknown_app_id;
int session_record_enabled;
};
struct default_parameter
{
uuid_t boolean_true_object_uuid;
uuid_t boolean_false_object_uuid;
uuid_t ip_protocol_object_uuid[IP_PROTOCOL_MAX];
};
struct scanner_maat;
struct packet_scanner;
struct session_scanner;
struct scanner
{
struct logger *logger;
struct module_manager *mod_mgr;
struct default_parameter default_para;
struct global_parameter global_para;
struct scanner_maat *cm_maat;
struct scanner_maat *sd_maat;
struct packet_scanner *pkt_scanner;
struct session_scanner *sess_scanner;
struct attribute_schema attr_schema[ATTRIBUTE_SCHEMA_MAX];
};
uuid_t *scanner_get0_boolean_object_uuid(struct scanner *scanner, bool value);
void scanner_print_debug_hit_object(struct scanner *scanner, const char *readable_addr, struct maat_hit_object *hit_object_list, size_t hit_object_num);
void scanner_print_debug_hit_rule(struct scanner *scanner, const char *readable_addr, const char *tablename, uuid_t *rule_uuid_list, size_t rule_uuid_num);
|
