aboutsummaryrefslogtreecommitdiffstats
path: root/framework/src/suricata/src/detect-threshold.h
diff options
context:
space:
mode:
Diffstat (limited to 'framework/src/suricata/src/detect-threshold.h')
-rw-r--r--framework/src/suricata/src/detect-threshold.h95
1 files changed, 0 insertions, 95 deletions
diff --git a/framework/src/suricata/src/detect-threshold.h b/framework/src/suricata/src/detect-threshold.h
deleted file mode 100644
index 50e1d270..00000000
--- a/framework/src/suricata/src/detect-threshold.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* Copyright (C) 2007-2013 Open Information Security Foundation
- *
- * You can copy, redistribute or modify this Program under the terms of
- * the GNU General Public License version 2 as published by the Free
- * Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * version 2 along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301, USA.
- */
-
-/**
- * \file
- *
- * \author Breno Silva <breno.silva@gmail.com>
- */
-
-#ifndef __DETECT_THRESHOLD_H__
-#define __DETECT_THRESHOLD_H__
-
-#include "decode-events.h"
-#include "decode-ipv4.h"
-#include "decode-tcp.h"
-
-#define TYPE_LIMIT 1
-#define TYPE_BOTH 2
-#define TYPE_THRESHOLD 3
-#define TYPE_DETECTION 4
-#define TYPE_RATE 5
-#define TYPE_SUPPRESS 6
-
-#define TRACK_DST 1
-#define TRACK_SRC 2
-#define TRACK_RULE 3
-#define TRACK_EITHER 4 /**< either src or dst: only used by suppress */
-
-/* Get the new action to take */
-#define TH_ACTION_ALERT 0x01
-#define TH_ACTION_DROP 0x02
-#define TH_ACTION_PASS 0x04
-#define TH_ACTION_LOG 0x08
-#define TH_ACTION_SDROP 0x10
-#define TH_ACTION_REJECT 0x20
-
-/**
- * \typedef DetectThresholdData
- * A typedef for DetectThresholdData_
- */
-
-typedef struct DetectThresholdData_ {
- uint32_t count; /**< Event count */
- uint32_t seconds; /**< Event seconds */
- uint8_t type; /**< Threshold type : limit , threshold, both, detection_filter */
- uint8_t track; /**< Track type: by_src, by_dst */
- uint8_t new_action; /**< new_action alert|drop|pass|log|sdrop|reject */
- uint32_t timeout; /**< timeout */
- uint32_t flags; /**< flags used to set option */
- DetectAddressHead addrs;
-} DetectThresholdData;
-
-typedef struct DetectThresholdEntry_ {
- uint32_t sid; /**< Signature id */
- uint32_t gid; /**< Signature group id */
-
- uint32_t tv_timeout; /**< Timeout for new_action (for rate_filter)
- its not "seconds", that define the time interval */
- uint32_t seconds; /**< Event seconds */
- uint32_t tv_sec1; /**< Var for time control */
- uint32_t tv_usec1; /**< Var for time control */
- uint32_t current_count; /**< Var for count control */
- int track; /**< Track type: by_src, by_src */
-
- struct DetectThresholdEntry_ *next;
-} DetectThresholdEntry;
-
-
-/**
- * Registration function for threshold: keyword
- */
-
-void DetectThresholdRegister(void);
-
-/**
- * This function registers unit tests for Threshold
- */
-
-void ThresholdRegisterTests(void);
-
-#endif /*__DETECT_THRESHOLD_H__ */