yaidsyara
 | YAIDS |
yaidsyara.c File Reference
#include <config.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <yaids.h>
#include <yaidstypes.h>
#include <yaidsconf.h>
#include <yaidsio.h>
#include <yaidspcap.h>
#include <yaidsyara.h>
#include <yaidsthread.h>
#include <yara.h>
#include <yara/types.h>
Include dependency graph for yaidsyara.c:
Functions
int
yaidsyara_yara_initialize (void)
int
yaidsyara_yara_finalize (void)
void
yaidsyara_init (yaidsYaraScanner_ptr yara)
int
yaidsyara_create_scanner (yaidsConfig_ptr config, yaidsYaraScanner_ptr yara)
int
yaidsyara_create_scanners (yaidsConfig_ptr config, yaidsYaraScanner_ptr yaraScanners)
void
yaidsyara_scan_packet (yaidsYaraScanner_ptr yaraScanner, yaidsPcapPacket_ptr packet, yaidsOutputDataQueue_ptr yaidsOutputQueue, yaidsYaraCallbackArgs_ptr callbackArgs, yaidsConfig_ptr config)
int
yaidsyara_scanner_callback (YR_SCAN_CONTEXT *scanContext, int status, void *rule, void *args)
char *
yaidsyara_scanner_callback_get_alert (yaidsYaraCallbackArgs_ptr callbackArgs, YR_RULE *yaraRule, YR_SCAN_CONTEXT *scanContext)
void
yaidsyara_scanner_callback_get_alert_line (yaidsYaraCallbackArgs_ptr callbackArgs, char *alertString, int alertStringMax, char *timeString, char *ruleName, char *metaMatch, char *stringMatch)
char *
yaidsyara_scanner_callback_get_match_meta (YR_SCAN_CONTEXT *scanContext, YR_RULE *yaraRule)
char *
yaidsyara_scanner_callback_get_match_string (YR_SCAN_CONTEXT *scanContext, YR_RULE *yaraRule)
Function Documentation
◆ yaidsyara_create_scanner()
| int yaidsyara_create_scanner | ( | yaidsConfig_ptr | config, |
| yaidsYaraScanner_ptr | yara | ||
| ) |
◆ yaidsyara_create_scanners()
| int yaidsyara_create_scanners | ( | yaidsConfig_ptr | config, |
| yaidsYaraScanner_ptr | yaraScanners | ||
| ) |
◆ yaidsyara_init()
| void yaidsyara_init | ( | yaidsYaraScanner_ptr | yara | ) |
◆ yaidsyara_scan_packet()
| void yaidsyara_scan_packet | ( | yaidsYaraScanner_ptr | yaraScanner, |
| yaidsPcapPacket_ptr | packet, | ||
| yaidsOutputDataQueue_ptr | yaidsOutputQueue, | ||
| yaidsYaraCallbackArgs_ptr | callbackArgs, | ||
| yaidsConfig_ptr | config | ||
| ) |
◆ yaidsyara_scanner_callback()
| int yaidsyara_scanner_callback | ( | YR_SCAN_CONTEXT * | scanContext, |
| int | status, | ||
| void * | rule, | ||
| void * | args | ||
| ) |
◆ yaidsyara_scanner_callback_get_alert()
| char* yaidsyara_scanner_callback_get_alert | ( | yaidsYaraCallbackArgs_ptr | callbackArgs, |
| YR_RULE * | yaraRule, | ||
| YR_SCAN_CONTEXT * | scanContext | ||
| ) |
◆ yaidsyara_scanner_callback_get_alert_line()
| void yaidsyara_scanner_callback_get_alert_line | ( | yaidsYaraCallbackArgs_ptr | callbackArgs, |
| char * | alertString, | ||
| int | alertStringMax, | ||
| char * | timeString, | ||
| char * | ruleName, | ||
| char * | metaMatch, | ||
| char * | stringMatch | ||
| ) |
◆ yaidsyara_scanner_callback_get_match_meta()
| char* yaidsyara_scanner_callback_get_match_meta | ( | YR_SCAN_CONTEXT * | scanContext, |
| YR_RULE * | yaraRule | ||
| ) |
◆ yaidsyara_scanner_callback_get_match_string()
| char* yaidsyara_scanner_callback_get_match_string | ( | YR_SCAN_CONTEXT * | scanContext, |
| YR_RULE * | yaraRule | ||
| ) |
◆ yaidsyara_yara_finalize()
| int yaidsyara_yara_finalize | ( | void | ) |
◆ yaidsyara_yara_initialize()
| int yaidsyara_yara_initialize | ( | void | ) |
Source Code Documentation Generated By doxygen