<FUNCTION>
<NAME>async_init</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>async_write</NAME>
<RETURNS>void </RETURNS>
alert_t *alert
</FUNCTION>
<FUNCTION>
<NAME>async_exit</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>auth_client</NAME>
<RETURNS>int </RETURNS>
int sock
</FUNCTION>
<FUNCTION>
<NAME>auth_init</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>capture_start</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>capture_stats</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>capture_stop</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>capture_setup_global_bpf</NAME>
<RETURNS>int </RETURNS>
char *gbpf
</FUNCTION>
<FUNCTION>
<NAME>capture_from_device</NAME>
<RETURNS>int </RETURNS>
char *device, char *bpf
</FUNCTION>
<FUNCTION>
<NAME>capture_from_file</NAME>
<RETURNS>int </RETURNS>
char *filename, char *bpf
</FUNCTION>
<FUNCTION>
<NAME>packet_release</NAME>
<RETURNS>void </RETURNS>
Packet_t *packet
</FUNCTION>
<FUNCTION>
<NAME>packet_lock</NAME>
<RETURNS>void </RETURNS>
Packet_t *packet
</FUNCTION>
<FUNCTION>
<NAME>plugins_init</NAME>
<RETURNS>int </RETURNS>
const char *dirname
</FUNCTION>
<FUNCTION>
<NAME>detect_plugins_run</NAME>
<RETURNS>void </RETURNS>
Packet_t *packet, struct list_head *list, char *proto
</FUNCTION>
<FUNCTION>
<NAME>detect_plugins_init</NAME>
<RETURNS>int </RETURNS>
const char *dirname
</FUNCTION>
<FUNCTION>
<NAME>detect_plugins_stats</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>detect_plugins_help</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<STRUCT>
<NAME>hostdb</NAME>
struct hostdb {
const struct ip *ip;
int key_cache;
unsigned long *pdata;
unsigned int refcount;
struct _hostdb *prev;
struct _hostdb *next;
};
</STRUCT>
<FUNCTION>
<NAME>hostdb_search</NAME>
<RETURNS>hostdb_t *</RETURNS>
const struct ip *ip
</FUNCTION>
<FUNCTION>
<NAME>hostdb_new</NAME>
<RETURNS>hostdb_t *</RETURNS>
const struct ip *ip
</FUNCTION>
<FUNCTION>
<NAME>hostdb_del</NAME>
<RETURNS>void </RETURNS>
hostdb_t *h, const unsigned int pid
</FUNCTION>
<FUNCTION>
<NAME>hostdb_init</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<MACRO>
<NAME>hostdb_get_plugin_data</NAME>
#define hostdb_get_plugin_data(h, pid) (h)->pdata[(pid)]
</MACRO>
<MACRO>
<NAME>hostdb_set_plugin_data</NAME>
#define hostdb_set_plugin_data(h, pid, data) (h)->pdata[(pid)] = (data); (h)->refcount++
</MACRO>
<FUNCTION>
<NAME>ip_defrag</NAME>
<RETURNS>int </RETURNS>
struct __iphdr *ip, const unsigned char *p,int data_len, unsigned char **dp
</FUNCTION>
<FUNCTION>
<NAME>tcp_optdump</NAME>
<RETURNS>int </RETURNS>
Packet_t *packet, const unsigned char *optbuf, unsigned int totlen
</FUNCTION>
<FUNCTION>
<NAME>ip_optdump</NAME>
<RETURNS>int </RETURNS>
Packet_t *packet, const unsigned char *optbuf, unsigned int totlen
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreEtherPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreNullPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreAtmPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStorePppPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStorePppBsdosPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreSlipPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreSlipBsdosPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>SliceAndStoreFddiPkt</NAME>
<RETURNS>void </RETURNS>
u_char *user, const struct pcap_pkthdr *h, const u_char *p
</FUNCTION>
<FUNCTION>
<NAME>decode_init</NAME>
<RETURNS>int </RETURNS>
int elements, int snaplen
</FUNCTION>
<TYPEDEF>
<NAME>Pconfig_t</NAME>
typedef struct {
int daemonize;
const char *pidfile;
int use_xdr, use_ssl;
int ssl_key_crypt;
int snaplen;
char *record_pkts;
char *read_pkts_file;
char *read_pkts_bpf;
struct listen_dev **devices;
char *addr;
unsigned int port;
} Pconfig_t;
</TYPEDEF>
<FUNCTION>
<NAME>pconfig_set</NAME>
<RETURNS>int </RETURNS>
int argc, char **argv
</FUNCTION>
<TYPEDEF>
<NAME>subscribtion_t</NAME>
typedef struct {
proto_enum_t type; /* protocol the plugin want */
const char *filter; /* PF rule */
} subscribtion_t;
</TYPEDEF>
<TYPEDEF>
<NAME>plugin_detect_t</NAME>
typedef struct {
PLUGIN_GENERIC;
int (*opt)(int argc, char **argv);
void (*run)(Packet_t *packet, int depth);
subscribtion_t *subscribtion;
/*
* entry filled by Prelude.
*/
unsigned int id;
} plugin_detect_t;
</TYPEDEF>
<MACRO>
<NAME>plugin_subscribtion</NAME>
#define plugin_subscribtion(p) (p)->subscribtion
</MACRO>
<MACRO>
<NAME>plugin_run_func</NAME>
#define plugin_run_func(p) (p)->run
</MACRO>
<MACRO>
<NAME>plugin_set_subscribtion</NAME>
#define plugin_set_subscribtion(p, s) plugin_subscribtion(p) = (s)
</MACRO>
<MACRO>
<NAME>plugin_set_running_func</NAME>
#define plugin_set_running_func(p, func) plugin_run_func(p) = (func)
</MACRO>
<FUNCTION>
<NAME>plugin_init</NAME>
<RETURNS>int </RETURNS>
unsigned int id
</FUNCTION>
<FUNCTION>
<NAME>RecyclerCreate</NAME>
<RETURNS>recycler_t *</RETURNS>
size_t ChunkSize,unsigned int ChunksMax
</FUNCTION>
<FUNCTION>
<NAME>RecyclerDestroy</NAME>
<RETURNS>int </RETURNS>
recycler_t * Recycler, int Force
</FUNCTION>
<FUNCTION>
<NAME>RecyclerGrow</NAME>
<RETURNS>int </RETURNS>
recycler_t * Recycler, unsigned int ChunksCount
</FUNCTION>
<FUNCTION>
<NAME>RecyclerShrink</NAME>
<RETURNS>int </RETURNS>
recycler_t * Recycler, unsigned int ChunksCount
</FUNCTION>
<FUNCTION>
<NAME>RecyclerGetChunk</NAME>
<RETURNS>void *</RETURNS>
recycler_t *Recycler
</FUNCTION>
<FUNCTION>
<NAME>RecyclerLockChunk</NAME>
<RETURNS>void </RETURNS>
const void *Data
</FUNCTION>
<FUNCTION>
<NAME>RecyclerReleaseChunk</NAME>
<RETURNS>void </RETURNS>
const void *Data
</FUNCTION>
<FUNCTION>
<NAME>RecyclerIsLocked</NAME>
<RETURNS>int </RETURNS>
const void *data
</FUNCTION>
<MACRO>
<NAME>RecyclerGetChunksMax</NAME>
#define RecyclerGetChunksMax(recycler) recycler->max
</MACRO>
<MACRO>
<NAME>RecyclerGetChunksCount</NAME>
#define RecyclerGetChunksCount(recycler) recycler->count
</MACRO>
<MACRO>
<NAME>RecyclerHasFreeChunks</NAME>
#define RecyclerHasFreeChunks(recycler) (Recycler->freelist != NULL)
</MACRO>
<FUNCTION>
<NAME>plugin_rqueue_report</NAME>
<RETURNS>void </RETURNS>
rqueue_t *item, plugin_generic_t *plugin,Packet_t *packet, rkind_t kind, char *qmsg,size_t qmsglen, const char *msg, ...
</FUNCTION>
<FUNCTION>
<NAME>prelude_rqueue_report</NAME>
<RETURNS>void </RETURNS>
rqueue_t *item, Packet_t *packet,rkind_t kind, char *qmsg, size_t qmsglen,const char *msg, ...
</FUNCTION>
<MACRO>
<NAME>plugin_do_report</NAME>
#define plugin_do_report(plugin, packet, kind, quickmsg, args...) do { \
static rqueue_t report; \
plugin_rqueue_report(&report, plugin, packet, kind, quickmsg, sizeof(quickmsg), args); \
} while (0)
</MACRO>
<MACRO>
<NAME>prelude_do_report</NAME>
#define prelude_do_report(packet, kind, quickmsg, args...) do { \
static rqueue_t report; \
prelude_rqueue_report(&report, packet, kind, quickmsg, sizeof(quickmsg), args); \
} while (0)
</MACRO>
<FUNCTION>
<NAME>backup_report</NAME>
<RETURNS>int </RETURNS>
alert_t *report
</FUNCTION>
<FUNCTION>
<NAME>backout_report</NAME>
<RETURNS>int </RETURNS>
int sock
</FUNCTION>
<FUNCTION>
<NAME>rsend_emmit</NAME>
<RETURNS>void </RETURNS>
alert_t *report
</FUNCTION>
<FUNCTION>
<NAME>rsend_init</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>rwrite_init</NAME>
<RETURNS>void </RETURNS>
int _fd, pid_t _ppid
</FUNCTION>
<FUNCTION>
<NAME>rwrite_exit</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>rwrite_write</NAME>
<RETURNS>int </RETURNS>
alert_t *alert, int backup_on_error
</FUNCTION>
<FUNCTION>
<NAME>ssl_init_client</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>ssl_add_certificate</NAME>
<RETURNS>int </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>ssl_connect_server</NAME>
<RETURNS>int </RETURNS>
int socket
</FUNCTION>
<FUNCTION>
<NAME>ssl_write</NAME>
<RETURNS>ssize_t </RETURNS>
int fd, const void *buf, size_t count
</FUNCTION>
<FUNCTION>
<NAME>ssl_read</NAME>
<RETURNS>ssize_t </RETURNS>
int fd, void *buf, size_t count
</FUNCTION>
<FUNCTION>
<NAME>ssl_close_session</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<MACRO>
<NAME>timer_t</NAME>
#define timer_t _timer_t
</MACRO>
<MACRO>
<NAME>timer_expire</NAME>
#define timer_expire(timer) (timer)->expire
</MACRO>
<MACRO>
<NAME>timer_data</NAME>
#define timer_data(timer) (timer)->data
</MACRO>
<MACRO>
<NAME>timer_func</NAME>
#define timer_func(timer) (timer)->function
</MACRO>
<MACRO>
<NAME>timer_set_expire</NAME>
#define timer_set_expire(timer, x) timer_expire((timer)) = (x)
</MACRO>
<MACRO>
<NAME>timer_set_data</NAME>
#define timer_set_data(timer, x) timer_data((timer)) = (unsigned long) (x)
</MACRO>
<MACRO>
<NAME>timer_set_callback</NAME>
#define timer_set_callback(timer, x) timer_func((timer)) = (x)
</MACRO>
<FUNCTION>
<NAME>timer_init</NAME>
<RETURNS>void </RETURNS>
timer_t *timer
</FUNCTION>
<FUNCTION>
<NAME>timer_destroy_current</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>timer_reset_current</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>timer_reset</NAME>
<RETURNS>void </RETURNS>
timer_t *timer
</FUNCTION>
<FUNCTION>
<NAME>timer_destroy</NAME>
<RETURNS>void </RETURNS>
timer_t *timer
</FUNCTION>
<FUNCTION>
<NAME>timer_elapsed</NAME>
<RETURNS>void </RETURNS>
timer_t *timer, struct timeval *tv
</FUNCTION>
<FUNCTION>
<NAME>wake_up_timer</NAME>
<RETURNS>void </RETURNS>
void
</FUNCTION>
<FUNCTION>
<NAME>write_raw_report</NAME>
<RETURNS>int </RETURNS>
int fd, alert_t *alert
</FUNCTION>
<FUNCTION>
<NAME>writev_raw_report</NAME>
<RETURNS>int </RETURNS>
int fd, alert_t *alert
</FUNCTION>
