/** \internal
* \brief setup a single engine with a hash map for u8 values
*/
static void SetupU8Hash(HashListTable *hash_table,
SigGroupHead *sgh, int sm_type,
void (*Set)(PrefilterPacketHeaderValue *v, void *),
_Bool (*Compare)(PrefilterPacketHeaderValue v, void *),
void (*Match)(DetectEngineThreadCtx *det_ctx,
Packet *p, const void *pectx))
{
uint32_t counts[256];
memset(&counts, 0, sizeof(counts));
HashListTableBucket *hb = HashListTableGetListHead(hash_table);
for ( ; hb != NULL; hb = HashListTableGetListNext(hb)) {
PrefilterPacketHeaderHashCtx *ctx = HashListTableGetListData(hb);
switch (ctx->v1.u8[0]) {
case PREFILTER_U8HASH_MODE_EQ:
counts[ctx->v1.u8[1]] += ctx->cnt;
break;
case PREFILTER_U8HASH_MODE_LT:
{
uint8_t v = ctx->v1.u8[1] - 1;
do {
counts[v] += ctx->cnt;
} while (v--);
break;
}
case PREFILTER_U8HASH_MODE_GT:
{
int v = ctx->v1.u8[1] + 1;
do {
counts[v] += ctx->cnt;
} while (++v < 256);
break;
}
case PREFILTER_U8HASH_MODE_RA:
{
int v = ctx->v1.u8[1] + 1;
do {
counts[v] += ctx->cnt;
} while (++v < ctx->v1.u8[2]);
break;
}
}
}
SetupEngineForPacketHeaderPrefilterPacketU8HashCtx(sgh, sm_type,
counts, Set, Compare, Match);
}
/** \internal
* \brief setup a engine for each unique value
*/
static void SetupSingle(HashListTable *hash_table,
SigGroupHead *sgh, int sm_type,
_Bool (*Compare)(PrefilterPacketHeaderValue v, void *),
void (*Match)(DetectEngineThreadCtx *det_ctx,
Packet *p, const void *pectx))
{
HashListTableBucket *hb = HashListTableGetListHead(hash_table);
for ( ; hb != NULL; hb = HashListTableGetListNext(hb)) {
PrefilterPacketHeaderHashCtx *ctx = HashListTableGetListData(hb);
SetupEngineForPacketHeader(sgh, sm_type,
ctx, Compare, Match);
}
}
void MpmStoreReportStats(const DetectEngineCtx *de_ctx)
{
HashListTableBucket *htb = NULL;
uint32_t stats[MPMB_MAX] = {0};
uint32_t appstats[APP_MPMS_MAX] = {0};
for (htb = HashListTableGetListHead(de_ctx->mpm_hash_table);
htb != NULL;
htb = HashListTableGetListNext(htb))
{
const MpmStore *ms = (MpmStore *)HashListTableGetListData(htb);
if (ms == NULL) {
continue;
}
if (ms->buffer < MPMB_MAX)
stats[ms->buffer]++;
else if (ms->sm_list != DETECT_SM_LIST_PMATCH) {
int i;
for (i = 0; i < APP_MPMS_MAX; i++) {
AppLayerMpms *am = &app_mpms[i];
if (ms->sm_list == am->sm_list &&
ms->direction == am->direction)
{
SCLogDebug("%s %s: %u patterns. Min %u, Max %u. Ctx %p", am->name,
am->direction == SIG_FLAG_TOSERVER ? "toserver":"toclient",
ms->mpm_ctx->pattern_cnt,
ms->mpm_ctx->minlen, ms->mpm_ctx->maxlen,
ms->mpm_ctx);
appstats[i]++;
break;
}
}
}
}
if (!(de_ctx->flags & DE_QUIET)) {
uint32_t x;
for (x = 0; x < MPMB_MAX; x++) {
SCLogInfo("Builtin MPM \"%s\": %u", builtin_mpms[x], stats[x]);
}
for (x = 0; x < APP_MPMS_MAX; x++) {
if (appstats[x] == 0)
continue;
const char *name = app_mpms[x].name;
char *direction = app_mpms[x].direction == SIG_FLAG_TOSERVER ? "toserver" : "toclient";
SCLogInfo("AppLayer MPM \"%s %s\": %u", direction, name, appstats[x]);
}
}
}
static inline void ThresholdTimeoutRemove(DetectEngineCtx *de_ctx, struct timeval *tv)
{
HashListTableBucket *next = NULL;
HashListTableBucket *buck = HashListTableGetListHead(de_ctx->ths_ctx.threshold_hash_table_src);
while (buck != NULL) {
/* get the next before we free "buck" */
next = HashListTableGetListNext(buck);
DetectThresholdEntry *tsh = HashListTableGetListData(buck);
if (tsh == NULL)
goto next;
if ((tv->tv_sec - tsh->tv_sec1) <= tsh->seconds)
goto next;
switch(tsh->ipv) {
case 4:
if (tsh->track == TRACK_SRC) {
HashListTableRemove(de_ctx->ths_ctx.threshold_hash_table_src,
tsh, sizeof(DetectThresholdEntry));
} else if (tsh->track == TRACK_DST) {
HashListTableRemove(de_ctx->ths_ctx.threshold_hash_table_dst,
tsh, sizeof(DetectThresholdEntry));
}
break;
case 6:
if (tsh->track == TRACK_SRC) {
HashListTableRemove(de_ctx->ths_ctx.threshold_hash_table_src_ipv6,
tsh, sizeof(DetectThresholdEntry));
} else if (tsh->track == TRACK_DST) {
HashListTableRemove(de_ctx->ths_ctx.threshold_hash_table_dst_ipv6,
tsh, sizeof(DetectThresholdEntry));
}
break;
}
next:
buck = next;
}
return;
}
static int HashListTableTestAdd04 (void)
{
int result = 0;
HashListTable *ht = HashListTableInit(32, HashListTableGenericHash, NULL, NULL);
if (ht == NULL)
goto end;
int r = HashListTableAdd(ht, "test", 4);
if (r != 0)
goto end;
char *rp = HashListTableLookup(ht, "test", 4);
if (rp == NULL)
goto end;
HashListTableBucket *htb = HashListTableGetListHead(ht);
if (htb == NULL) {
printf("htb == NULL: ");
goto end;
}
char *rp2 = HashListTableGetListData(htb);
if (rp2 == NULL) {
printf("rp2 == NULL: ");
goto end;
}
if (rp != rp2) {
printf("rp != rp2: ");
goto end;
}
/* all is good! */
result = 1;
end:
if (ht != NULL) HashListTableFree(ht);
return result;
}