snort  2.9.17
About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.
  Fossies Dox: snort-2.9.17.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

generators.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define GENERATOR_SNORT_ENGINE   1
 
#define GENERATOR_TAG   2
 
#define TAG_LOG_PKT   1
 
#define GENERATOR_SPP_BO   105
 
#define BO_TRAFFIC_DETECT   1
 
#define BO_CLIENT_TRAFFIC_DETECT   2
 
#define BO_SERVER_TRAFFIC_DETECT   3
 
#define BO_SNORT_BUFFER_ATTACK   4
 
#define GENERATOR_SPP_RPC_DECODE   106
 
#define RPC_FRAG_TRAFFIC   1
 
#define RPC_MULTIPLE_RECORD   2
 
#define RPC_LARGE_FRAGSIZE   3
 
#define RPC_INCOMPLETE_SEGMENT   4
 
#define RPC_ZERO_LENGTH_FRAGMENT   5
 
#define GENERATOR_SPP_ARPSPOOF   112
 
#define ARPSPOOF_UNICAST_ARP_REQUEST   1
 
#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC   2
 
#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST   3
 
#define ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK   4
 
#define GENERATOR_SNORT_DECODE   116
 
#define DECODE_NOT_IPV4_DGRAM   1
 
#define DECODE_IPV4_INVALID_HEADER_LEN   2
 
#define DECODE_IPV4_DGRAM_LT_IPHDR   3
 
#define DECODE_IPV4OPT_BADLEN   4
 
#define DECODE_IPV4OPT_TRUNCATED   5
 
#define DECODE_IPV4_DGRAM_GT_CAPLEN   6
 
#define DECODE_TCP_DGRAM_LT_TCPHDR   45
 
#define DECODE_TCP_INVALID_OFFSET   46
 
#define DECODE_TCP_LARGE_OFFSET   47
 
#define DECODE_TCPOPT_BADLEN   54
 
#define DECODE_TCPOPT_TRUNCATED   55
 
#define DECODE_TCPOPT_TTCP   56
 
#define DECODE_TCPOPT_OBSOLETE   57
 
#define DECODE_TCPOPT_EXPERIMENT   58
 
#define DECODE_TCPOPT_WSCALE_INVALID   59
 
#define DECODE_UDP_DGRAM_LT_UDPHDR   95
 
#define DECODE_UDP_DGRAM_INVALID_LENGTH   96
 
#define DECODE_UDP_DGRAM_SHORT_PACKET   97
 
#define DECODE_UDP_DGRAM_LONG_PACKET   98
 
#define DECODE_ICMP_DGRAM_LT_ICMPHDR   105
 
#define DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR   106
 
#define DECODE_ICMP_DGRAM_LT_ADDRHDR   107
 
#define DECODE_ARP_TRUNCATED   109
 
#define DECODE_EAPOL_TRUNCATED   110
 
#define DECODE_EAPKEY_TRUNCATED   111
 
#define DECODE_EAP_TRUNCATED   112
 
#define DECODE_BAD_PPPOE   120
 
#define DECODE_BAD_VLAN   130
 
#define DECODE_BAD_VLAN_ETHLLC   131
 
#define DECODE_BAD_VLAN_OTHER   132
 
#define DECODE_BAD_80211_ETHLLC   133
 
#define DECODE_BAD_80211_OTHER   134
 
#define DECODE_BAD_TRH   140
 
#define DECODE_BAD_TR_ETHLLC   141
 
#define DECODE_BAD_TR_MR_LEN   142
 
#define DECODE_BAD_TRHMR   143
 
#define DECODE_BAD_TRAFFIC_LOOPBACK   150
 
#define DECODE_BAD_TRAFFIC_SAME_SRCDST   151
 
#define DECODE_BAD_MPLS   170
 
#define DECODE_BAD_MPLS_LABEL0   171
 
#define DECODE_BAD_MPLS_LABEL1   172
 
#define DECODE_BAD_MPLS_LABEL2   173
 
#define DECODE_BAD_MPLS_LABEL3   174
 
#define DECODE_MPLS_RESERVED_LABEL   175
 
#define DECODE_MPLS_LABEL_STACK   176
 
#define DECODE_ICMP_ORIG_IP_TRUNCATED   250
 
#define DECODE_ICMP_ORIG_IP_VER_MISMATCH   251
 
#define DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP   252
 
#define DECODE_ICMP_ORIG_PAYLOAD_LT_64   253
 
#define DECODE_ICMP_ORIG_PAYLOAD_GT_576   254
 
#define DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET   255
 
#define DECODE_IPV6_MIN_TTL   270
 
#define DECODE_IPV6_IS_NOT   271
 
#define DECODE_IPV6_TRUNCATED_EXT   272
 
#define DECODE_IPV6_TRUNCATED   273
 
#define DECODE_IPV6_DGRAM_LT_IPHDR   274
 
#define DECODE_IPV6_DGRAM_GT_CAPLEN   275
 
#define DECODE_IPV6_DST_ZERO   276
 
#define DECODE_IPV6_SRC_MULTICAST   277
 
#define DECODE_IPV6_DST_RESERVED_MULTICAST   278
 
#define DECODE_IPV6_BAD_OPT_TYPE   279
 
#define DECODE_IPV6_BAD_MULTICAST_SCOPE   280
 
#define DECODE_IPV6_BAD_NEXT_HEADER   281
 
#define DECODE_IPV6_ROUTE_AND_HOPBYHOP   282
 
#define DECODE_IPV6_TWO_ROUTE_HEADERS   283
 
#define DECODE_ICMPV6_TOO_BIG_BAD_MTU   285
 
#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE   286
 
#define DECODE_ICMPV6_SOLICITATION_BAD_CODE   287
 
#define DECODE_ICMPV6_ADVERT_BAD_CODE   288
 
#define DECODE_ICMPV6_SOLICITATION_BAD_RESERVED   289
 
#define DECODE_ICMPV6_ADVERT_BAD_REACHABLE   290
 
#define DECODE_IPV6_TUNNELED_IPV4_TRUNCATED   291
 
#define DECODE_IPV6_DSTOPTS_WITH_ROUTING   292
 
#define DECODE_IP_MULTIPLE_ENCAPSULATION   293
 
#define DECODE_ESP_HEADER_TRUNC   294
 
#define DECODE_IPV6_BAD_OPT_LEN   295
 
#define DECODE_IPV6_UNORDERED_EXTENSIONS   296
 
#define DECODE_GTP_MULTIPLE_ENCAPSULATION   297
 
#define DECODE_GTP_BAD_LEN   298
 
#define DECODE_DECODING_DEPTH_EXCEEDED   300
 
#define DECODE_START_INDEX   400
 
#define GENERATOR_SPP_HTTP_INSPECT_CLIENT   119
 
#define HI_CLIENT_ASCII   1 /* done */
 
#define HI_CLIENT_DOUBLE_DECODE   2 /* done */
 
#define HI_CLIENT_U_ENCODE   3 /* done */
 
#define HI_CLIENT_BARE_BYTE   4 /* done */
 
#define HI_CLIENT_BASE36   5 /* done */
 
#define HI_CLIENT_UTF_8   6 /* done */
 
#define HI_CLIENT_IIS_UNICODE   7 /* done */
 
#define HI_CLIENT_MULTI_SLASH   8 /* done */
 
#define HI_CLIENT_IIS_BACKSLASH   9 /* done */
 
#define HI_CLIENT_SELF_DIR_TRAV   10 /* done */
 
#define HI_CLIENT_DIR_TRAV   11 /* done */
 
#define HI_CLIENT_APACHE_WS   12 /* done */
 
#define HI_CLIENT_IIS_DELIMITER   13 /* done */
 
#define HI_CLIENT_NON_RFC_CHAR   14 /* done */
 
#define HI_CLIENT_OVERSIZE_DIR   15 /* done */
 
#define HI_CLIENT_LARGE_CHUNK   16 /* done */
 
#define HI_CLIENT_PROXY_USE   17 /* done */
 
#define HI_CLIENT_WEBROOT_DIR   18 /* done */
 
#define HI_CLIENT_LONG_HDR   19 /* done */
 
#define HI_CLIENT_MAX_HEADERS   20 /* done */
 
#define HI_CLIENT_MULTIPLE_CONTLEN   21
 
#define HI_CLIENT_CHUNK_SIZE_MISMATCH   22
 
#define HI_CLIENT_INVALID_TRUEIP   23
 
#define HI_CLIENT_MULTIPLE_HOST_HDRS   24
 
#define HI_CLIENT_LONG_HOSTNAME   25
 
#define HI_CLIENT_EXCEEDS_SPACES   26
 
#define HI_CLIENT_CONSECUTIVE_SMALL_CHUNK_SIZES   27
 
#define HI_CLIENT_UNBOUNDED_POST   28
 
#define HI_CLIENT_MULTIPLE_TRUEIP_IN_SESSION   29
 
#define HI_CLIENT_BOTH_TRUEIP_XFF_HDRS   30
 
#define HI_CLIENT_UNKNOWN_METHOD   31
 
#define HI_CLIENT_SIMPLE_REQUEST   32
 
#define HI_CLIENT_UNESCAPED_SPACE_URI   33
 
#define HI_CLIENT_PIPELINE_MAX   34
 
#define HI_CLIENT_INVALID_RANGE_UNIT_FMT   36
 
#define HI_CLIENT_RANGE_NON_GET_METHOD   37
 
#define HI_CLIENT_RANGE_FIELD_ERROR   38
 
#define GENERATOR_SPP_HTTP_INSPECT   120
 
#define HI_ANOM_SERVER_ALERT   1 /* done */
 
#define HI_SERVER_INVALID_STATCODE   2
 
#define HI_SERVER_NO_CONTLEN   3
 
#define HI_SERVER_UTF_NORM_FAIL   4
 
#define HI_SERVER_UTF7   5
 
#define HI_SERVER_DECOMPR_FAILED   6
 
#define HI_SERVER_CONSECUTIVE_SMALL_CHUNK_SIZES   7
 
#define HI_CLISRV_MSG_SIZE_EXCEPTION   8
 
#define HI_SERVER_JS_OBFUSCATION_EXCD   9
 
#define HI_SERVER_JS_EXCESS_WS   10
 
#define HI_SERVER_MIXED_ENCODINGS   11
 
#define HI_SERVER_SWF_ZLIB_FAILURE   12
 
#define HI_SERVER_SWF_LZMA_FAILURE   13
 
#define HI_SERVER_PDF_DEFLATE_FAILURE   14
 
#define HI_SERVER_PDF_UNSUP_COMP_TYPE   15
 
#define HI_SERVER_PDF_CASC_COMP   16
 
#define HI_SERVER_PDF_PARSE_FAILURE   17
 
#define HI_SERVER_INVALID_CONTENT_RANGE_UNIT_FMT   30
 
#define HI_SERVER_RANGE_FIELD_ERROR   31
 
#define GENERATOR_PSNG   122
 
#define PSNG_TCP_PORTSCAN   1
 
#define PSNG_TCP_DECOY_PORTSCAN   2
 
#define PSNG_TCP_PORTSWEEP   3
 
#define PSNG_TCP_DISTRIBUTED_PORTSCAN   4
 
#define PSNG_TCP_FILTERED_PORTSCAN   5
 
#define PSNG_TCP_FILTERED_DECOY_PORTSCAN   6
 
#define PSNG_TCP_PORTSWEEP_FILTERED   7
 
#define PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN   8
 
#define PSNG_IP_PORTSCAN   9
 
#define PSNG_IP_DECOY_PORTSCAN   10
 
#define PSNG_IP_PORTSWEEP   11
 
#define PSNG_IP_DISTRIBUTED_PORTSCAN   12
 
#define PSNG_IP_FILTERED_PORTSCAN   13
 
#define PSNG_IP_FILTERED_DECOY_PORTSCAN   14
 
#define PSNG_IP_PORTSWEEP_FILTERED   15
 
#define PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN   16
 
#define PSNG_UDP_PORTSCAN   17
 
#define PSNG_UDP_DECOY_PORTSCAN   18
 
#define PSNG_UDP_PORTSWEEP   19
 
#define PSNG_UDP_DISTRIBUTED_PORTSCAN   20
 
#define PSNG_UDP_FILTERED_PORTSCAN   21
 
#define PSNG_UDP_FILTERED_DECOY_PORTSCAN   22
 
#define PSNG_UDP_PORTSWEEP_FILTERED   23
 
#define PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN   24
 
#define PSNG_ICMP_PORTSWEEP   25
 
#define PSNG_ICMP_PORTSWEEP_FILTERED   26
 
#define PSNG_OPEN_PORT   27
 
#define GENERATOR_SPP_FRAG3   123
 
#define FRAG3_IPOPTIONS   1
 
#define FRAG3_TEARDROP   2
 
#define FRAG3_SHORT_FRAG   3
 
#define FRAG3_ANOMALY_OVERSIZE   4
 
#define FRAG3_ANOMALY_ZERO   5
 
#define FRAG3_ANOMALY_BADSIZE_SM   6
 
#define FRAG3_ANOMALY_BADSIZE_LG   7
 
#define FRAG3_ANOMALY_OVLP   8
 
#define FRAG3_MIN_TTL_EVASION   11
 
#define FRAG3_EXCESSIVE_OVERLAP   12
 
#define FRAG3_TINY_FRAGMENT   13
 
#define GENERATOR_SMTP   124
 
#define SMTP_COMMAND_OVERFLOW   1
 
#define SMTP_DATA_HDR_OVERFLOW   2
 
#define SMTP_RESPONSE_OVERFLOW   3
 
#define SMTP_SPECIFIC_CMD_OVERFLOW   4
 
#define SMTP_UNKNOWN_CMD   5
 
#define SMTP_ILLEGAL_CMD   6
 
#define SMTP_HEADER_NAME_OVERFLOW   7
 
#define SMTP_XLINK2STATE_OVERFLOW   8
 
#define SMTP_B64_DECODING_FAILED   10
 
#define SMTP_QP_DECODING_FAILED   11
 
#define SMTP_UU_DECODING_FAILED   13
 
#define GENERATOR_SPP_FTPP_FTP   125
 
#define FTPP_FTP_TELNET_CMD   1
 
#define FTPP_FTP_INVALID_CMD   2
 
#define FTPP_FTP_PARAMETER_LENGTH_OVERFLOW   3
 
#define FTPP_FTP_MALFORMED_PARAMETER   4
 
#define FTPP_FTP_PARAMETER_STR_FORMAT   5
 
#define FTPP_FTP_RESPONSE_LENGTH_OVERFLOW   6
 
#define FTPP_FTP_ENCRYPTED   7
 
#define FTPP_FTP_BOUNCE   8
 
#define GENERATOR_SPP_FTPP_TELNET   126
 
#define FTPP_TELNET_AYT_OVERFLOW   1
 
#define FTPP_TELNET_ENCRYPTED   2
 
#define FTPP_TELNET_SUBNEG_BEGIN_NO_END   3
 
#define GENERATOR_SPP_ISAKMP   127
 
#define GENERATOR_SPP_SSH   128
 
#define SSH_EVENT_RESPOVERFLOW   1
 
#define SSH_EVENT_CRC32   2
 
#define SSH_EVENT_SECURECRT   3
 
#define SSH_EVENT_PROTOMISMATCH   4
 
#define SSH_EVENT_WRONGDIR   5
 
#define SSH_EVENT_PAYLOAD_SIZE   6
 
#define SSH_EVENT_VERSION   7
 
#define GENERATOR_SPP_STREAM   129
 
#define STREAM_SYN_ON_EST   1
 
#define STREAM_DATA_ON_SYN   2
 
#define STREAM_DATA_ON_CLOSED   3
 
#define STREAM_BAD_TIMESTAMP   4
 
#define STREAM_BAD_SEGMENT   5
 
#define STREAM_WINDOW_TOO_LARGE   6
 
#define STREAM_EXCESSIVE_TCP_OVERLAPS   7
 
#define STREAM_DATA_AFTER_RESET   8
 
#define STREAM_SESSION_HIJACKED_CLIENT   9
 
#define STREAM_SESSION_HIJACKED_SERVER   10
 
#define STREAM_DATA_WITHOUT_FLAGS   11
 
#define STREAM_SMALL_SEGMENT   12
 
#define STREAM_4WAY_HANDSHAKE   13
 
#define STREAM_NO_TIMESTAMP   14
 
#define STREAM_BAD_RST   15
 
#define STREAM_BAD_FIN   16
 
#define STREAM_BAD_ACK   17
 
#define STREAM_DATA_AFTER_RST_RCVD   18
 
#define STREAM_WINDOW_SLAM   19
 
#define STREAM_NO_3WHS   20
 
#define GENERATOR_DNS   131
 
#define DNS_EVENT_OBSOLETE_TYPES   1
 
#define DNS_EVENT_EXPERIMENTAL_TYPES   2
 
#define DNS_EVENT_RDATA_OVERFLOW   3
 
#define GENERATOR_SKYPE   132
 
#define GENERATOR_DCE2   133
 
#define DCE2_EVENT__MEMCAP   1
 
#define DCE2_EVENT__SMB_BAD_NBSS_TYPE   2
 
#define DCE2_EVENT__SMB_BAD_TYPE   3
 
#define DCE2_EVENT__SMB_BAD_ID   4
 
#define DCE2_EVENT__SMB_BAD_WCT   5
 
#define DCE2_EVENT__SMB_BAD_BCC   6
 
#define DCE2_EVENT__SMB_BAD_FORMAT   7
 
#define DCE2_EVENT__SMB_BAD_OFF   8
 
#define DCE2_EVENT__SMB_TDCNT_ZERO   9
 
#define DCE2_EVENT__SMB_NB_LT_SMBHDR   10
 
#define DCE2_EVENT__SMB_NB_LT_COM   11
 
#define DCE2_EVENT__SMB_NB_LT_BCC   12
 
#define DCE2_EVENT__SMB_NB_LT_DSIZE   13
 
#define DCE2_EVENT__SMB_TDCNT_LT_DSIZE   14
 
#define DCE2_EVENT__SMB_DSENT_GT_TDCNT   15
 
#define DCE2_EVENT__SMB_BCC_LT_DSIZE   16
 
#define DCE2_EVENT__SMB_INVALID_DSIZE   17
 
#define DCE2_EVENT__SMB_EXCESSIVE_TREE_CONNECTS   18
 
#define DCE2_EVENT__SMB_EXCESSIVE_READS   19
 
#define DCE2_EVENT__SMB_EXCESSIVE_CHAINING   20
 
#define DCE2_EVENT__SMB_MULT_CHAIN_SS   21
 
#define DCE2_EVENT__SMB_MULT_CHAIN_TC   22
 
#define DCE2_EVENT__SMB_CHAIN_SS_LOGOFF   23
 
#define DCE2_EVENT__SMB_CHAIN_TC_TDIS   24
 
#define DCE2_EVENT__SMB_CHAIN_OPEN_CLOSE   25
 
#define DCE2_EVENT__SMB_INVALID_SHARE   26
 
#define DCE2_EVENT__CO_BAD_MAJ_VERSION   27
 
#define DCE2_EVENT__CO_BAD_MIN_VERSION   28
 
#define DCE2_EVENT__CO_BAD_PDU_TYPE   29
 
#define DCE2_EVENT__CO_FLEN_LT_HDR   30
 
#define DCE2_EVENT__CO_FLEN_LT_SIZE   31
 
#define DCE2_EVENT__CO_ZERO_CTX_ITEMS   32
 
#define DCE2_EVENT__CO_ZERO_TSYNS   33
 
#define DCE2_EVENT__CO_FRAG_LT_MAX_XMIT_FRAG   34
 
#define DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG   35
 
#define DCE2_EVENT__CO_ALTER_CHANGE_BYTE_ORDER   36
 
#define DCE2_EVENT__CO_FRAG_DIFF_CALL_ID   37
 
#define DCE2_EVENT__CO_FRAG_DIFF_OPNUM   38
 
#define DCE2_EVENT__CO_FRAG_DIFF_CTX_ID   39
 
#define DCE2_EVENT__CL_BAD_MAJ_VERSION   40
 
#define DCE2_EVENT__CL_BAD_PDU_TYPE   41
 
#define DCE2_EVENT__CL_DATA_LT_HDR   42
 
#define DCE2_EVENT__CL_BAD_SEQ_NUM   43
 
#define DCE2_EVENT__SMB_V1   44
 
#define DCE2_EVENT__SMB_V2   45
 
#define DCE2_EVENT__SMB_INVALID_BINDING   46
 
#define DCE2_EVENT__SMB2_EXCESSIVE_COMPOUNDING   47
 
#define DCE2_EVENT__SMB_DCNT_ZERO   48
 
#define DCE2_EVENT__SMB_DCNT_MISMATCH   49
 
#define DCE2_EVENT__SMB_MAX_REQS_EXCEEDED   50
 
#define DCE2_EVENT__SMB_REQS_SAME_MID   51
 
#define DCE2_EVENT__SMB_DEPR_DIALECT_NEGOTIATED   52
 
#define DCE2_EVENT__SMB_DEPR_COMMAND_USED   53
 
#define DCE2_EVENT__SMB_UNUSUAL_COMMAND_USED   54
 
#define DCE2_EVENT__SMB_INVALID_SETUP_COUNT   55
 
#define DCE2_EVENT__SMB_MULTIPLE_NEGOTIATIONS   56
 
#define DCE2_EVENT__SMB_EVASIVE_FILE_ATTRS   57
 
#define DCE2_EVENT__SMB_INVALID_FILE_OFFSET   58
 
#define DCE2_EVENT__SMB_BAD_NEXT_COMMAND_OFFSET   59
 
#define GENERATOR_PPM   134
 
#define PPM_EVENT_RULE_TREE_DISABLED   1
 
#define PPM_EVENT_RULE_TREE_ENABLED   2
 
#define PPM_EVENT_PACKET_ABORTED   3
 
#define GENERATOR_INTERNAL   135
 
#define INTERNAL_EVENT_SYN_RECEIVED   1
 
#define INTERNAL_EVENT_SESSION_ADD   2
 
#define INTERNAL_EVENT_SESSION_DEL   3
 
#define GENERATOR_SPP_REPUTATION   136
 
#define GENERATOR_SPP_SSLPP   137
 
#define GENERATOR_SPP_SDF_RULES   138
 
#define GENERATOR_SPP_SDF_PREPROC   139
 
#define SDF_COMBO_ALERT   1
 
#define GENERATOR_SPP_GTP   143
 
#define GENERATOR_SPP_MODBUS   144
 
#define GENERATOR_SPP_DNP3   145
 
#define GENERATOR_SPP_CIP   148
 
#define GENERATOR_SPP_S7COMMPLUS   149
 
#define ARPSPOOF_UNICAST_ARP_REQUEST_STR   "(spp_arpspoof) Unicast ARP request"
 
#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC_STR   "(spp_arpspoof) Ethernet/ARP Mismatch request for Source"
 
#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST_STR   "(spp_arpspoof) Ethernet/ARP Mismatch request for Destination"
 
#define ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK_STR   "(spp_arpspoof) Attempted ARP cache overwrite attack"
 
#define BO_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Traffic detected"
 
#define BO_CLIENT_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Client Traffic detected"
 
#define BO_SERVER_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Server Traffic detected"
 
#define BO_SNORT_BUFFER_ATTACK_STR   "(spo_bo) Back Orifice Snort buffer attack"
 
#define FRAG3_IPOPTIONS_STR   "(spp_frag3) Inconsistent IP Options on Fragmented Packets"
 
#define FRAG3_TEARDROP_STR   "(spp_frag3) Teardrop attack"
 
#define FRAG3_SHORT_FRAG_STR   "(spp_frag3) Short fragment, possible DoS attempt"
 
#define FRAG3_ANOM_OVERSIZE_STR   "(spp_frag3) Fragment packet ends after defragmented packet"
 
#define FRAG3_ANOM_ZERO_STR   "(spp_frag3) Zero-byte fragment packet"
 
#define FRAG3_ANOM_BADSIZE_SM_STR   "(spp_frag3) Bad fragment size, packet size is negative"
 
#define FRAG3_ANOM_BADSIZE_LG_STR   "(spp_frag3) Bad fragment size, packet size is greater than 65536"
 
#define FRAG3_ANOM_OVLP_STR   "(spp_frag3) Fragmentation overlap"
 
#define FRAG3_MIN_TTL_EVASION_STR   "(spp_frag3) TTL value less than configured minimum, not using for reassembly"
 
#define FRAG3_EXCESSIVE_OVERLAP_STR   "(spp_frag3) Excessive fragment overlap"
 
#define FRAG3_TINY_FRAGMENT_STR   "(spp_frag3) Tiny fragment"
 
#define STREAM_SYN_ON_EST_STR   "Syn on established session"
 
#define STREAM_DATA_ON_SYN_STR   "Data on SYN packet"
 
#define STREAM_DATA_ON_CLOSED_STR   "Data sent on stream not accepting data"
 
#define STREAM_BAD_TIMESTAMP_STR   "TCP Timestamp is outside of PAWS window"
 
#define STREAM_BAD_SEGMENT_STR   "Bad segment, adjusted size <= 0"
 
#define STREAM_WINDOW_TOO_LARGE_STR   "Window size (after scaling) larger than policy allows"
 
#define STREAM_EXCESSIVE_TCP_OVERLAPS_STR   "Limit on number of overlapping TCP packets reached"
 
#define STREAM_DATA_AFTER_RESET_STR   "Data sent on stream after TCP Reset sent"
 
#define STREAM_SESSION_HIJACKED_CLIENT_STR   "TCP Client possibly hijacked, different Ethernet Address"
 
#define STREAM_SESSION_HIJACKED_SERVER_STR   "TCP Server possibly hijacked, different Ethernet Address"
 
#define STREAM_DATA_WITHOUT_FLAGS_STR   "TCP Data with no TCP Flags set"
 
#define STREAM_SMALL_SEGMENT_STR   "Consecutive TCP small segments exceeding threshold"
 
#define STREAM_4WAY_HANDSHAKE_STR   "4-way handshake detected"
 
#define STREAM_NO_TIMESTAMP_STR   "TCP Timestamp is missing"
 
#define STREAM_BAD_RST_STR   "Reset outside window"
 
#define STREAM_BAD_FIN_STR   "FIN number is greater than prior FIN"
 
#define STREAM_BAD_ACK_STR   "ACK number is greater than prior FIN"
 
#define STREAM_DATA_AFTER_RST_RCVD_STR   "Data sent on stream after TCP Reset received"
 
#define STREAM_WINDOW_SLAM_STR   "TCP window closed before receiving data"
 
#define STREAM_NO_3WHS_STR   "TCP session without 3-way handshake"
 
#define STREAM_INTERNAL_EVENT_STR   ""
 
#define PPM_EVENT_RULE_TREE_DISABLED_STR   "PPM Rule Options Disabled by Rule Latency"
 
#define PPM_EVENT_RULE_TREE_ENABLED_STR   "PPM Rule Options Re-enabled by Rule Latency"
 
#define PPM_EVENT_PACKET_ABORTED_STR   "PPM Packet Aborted due to Latency"
 
#define DECODE_NOT_IPV4_DGRAM_STR   "(snort_decoder) WARNING: Not IPv4 datagram"
 
#define DECODE_IPV4_INVALID_HEADER_LEN_STR   "(snort_decoder) WARNING: hlen < IP_HEADER_LEN"
 
#define DECODE_IPV4_DGRAM_LT_IPHDR_STR   "(snort_decoder) WARNING: IP dgm len < IP Hdr len"
 
#define DECODE_IPV4OPT_BADLEN_STR   "(snort_decoder) WARNING: Ipv4 Options found with bad lengths"
 
#define DECODE_IPV4OPT_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated Ipv4 Options"
 
#define DECODE_IPV4_DGRAM_GT_CAPLEN_STR   "(snort_decoder) WARNING: IP dgm len > captured len"
 
#define DECODE_NOT_IPV6_DGRAM_STR   "(snort_decoder) WARNING: Not an IPv6 datagram"
 
#define DECODE_TCP_DGRAM_LT_TCPHDR_STR   "(snort_decoder) WARNING: TCP packet len is smaller than 20 bytes"
 
#define DECODE_TCP_INVALID_OFFSET_STR   "(snort_decoder) WARNING: TCP Data Offset is less than 5"
 
#define DECODE_TCP_LARGE_OFFSET_STR   "(snort_decoder) WARNING: TCP Header length exceeds packet length"
 
#define DECODE_TCPOPT_BADLEN_STR   "(snort_decoder) WARNING: Tcp Options found with bad lengths"
 
#define DECODE_TCPOPT_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated Tcp Options"
 
#define DECODE_TCPOPT_TTCP_STR   "(snort_decoder) WARNING: T/TCP Detected"
 
#define DECODE_TCPOPT_OBSOLETE_STR   "(snort_decoder) WARNING: Obsolete TCP Options found"
 
#define DECODE_TCPOPT_EXPERIMENT_STR   "(snort_decoder) WARNING: Experimental Tcp Options found"
 
#define DECODE_TCPOPT_WSCALE_INVALID_STR   "(snort_decoder) WARNING: Tcp Window Scale Option found with length > 14"
 
#define DECODE_UDP_DGRAM_LT_UDPHDR_STR   "(snort_decoder) WARNING: Truncated UDP Header"
 
#define DECODE_UDP_DGRAM_INVALID_LENGTH_STR   "(snort_decoder) WARNING: Invalid UDP header, length field < 8"
 
#define DECODE_UDP_DGRAM_SHORT_PACKET_STR   "(snort_decoder) WARNING: Short UDP packet, length field > payload length"
 
#define DECODE_UDP_DGRAM_LONG_PACKET_STR   "(snort_decoder) WARNING: Long UDP packet, length field < payload length"
 
#define DECODE_ICMP_DGRAM_LT_ICMPHDR_STR   "(snort_decoder) WARNING: ICMP Header Truncated"
 
#define DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR_STR   "(snort_decoder) WARNING: ICMP Timestamp Header Truncated"
 
#define DECODE_ICMP_DGRAM_LT_ADDRHDR_STR   "(snort_decoder) WARNING: ICMP Address Header Truncated"
 
#define DECODE_IPV4_DGRAM_UNKNOWN_STR   "(snort_decoder) WARNING: Unknown Datagram decoding problem"
 
#define DECODE_ARP_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated ARP"
 
#define DECODE_EAPOL_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated EAP Header"
 
#define DECODE_EAPKEY_TRUNCATED_STR   "(snort_decoder) WARNING: EAP Key Truncated"
 
#define DECODE_EAP_TRUNCATED_STR   "(snort_decoder) WARNING: EAP Header Truncated"
 
#define DECODE_BAD_PPPOE_STR   "(snort_decoder) WARNING: Bad PPPOE frame detected"
 
#define DECODE_BAD_VLAN_STR   "(snort_decoder) WARNING: Bad VLAN Frame"
 
#define DECODE_BAD_VLAN_ETHLLC_STR   "(snort_decoder) WARNING: Bad LLC header"
 
#define DECODE_BAD_VLAN_OTHER_STR   "(snort_decoder) WARNING: Bad Extra LLC Info"
 
#define DECODE_BAD_80211_ETHLLC_STR   "(snort_decoder) WARNING: Bad 802.11 LLC header"
 
#define DECODE_BAD_80211_OTHER_STR   "(snort_decoder) WARNING: Bad 802.11 Extra LLC Info"
 
#define DECODE_BAD_TRH_STR   "(snort_decoder) WARNING: Bad Token Ring Header"
 
#define DECODE_BAD_TR_ETHLLC_STR   "(snort_decoder) WARNING: Bad Token Ring ETHLLC Header"
 
#define DECODE_BAD_TR_MR_LEN_STR   "(snort_decoder) WARNING: Bad Token Ring MRLENHeader"
 
#define DECODE_BAD_TRHMR_STR   "(snort_decoder) WARNING: Bad Token Ring MR Header"
 
#define DECODE_BAD_TRAFFIC_LOOPBACK_STR   "(snort decoder) WARNING: Bad Traffic Loopback IP"
 
#define DECODE_BAD_TRAFFIC_SAME_SRCDST_STR   "(snort decoder) WARNING: Bad Traffic Same Src/Dst IP"
 
#define DECODE_ICMP_ORIG_IP_TRUNCATED_STR   "(snort_decoder) WARNING: ICMP Original IP Header Truncated"
 
#define DECODE_ICMP_ORIG_IP_VER_MISMATCH_STR   "(snort_decoder) WARNING: ICMP version and Original IP Header versions differ"
 
#define DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP_STR   "(snort_decoder) WARNING: ICMP Original Datagram Length < Original IP Header Length"
 
#define DECODE_ICMP_ORIG_PAYLOAD_LT_64_STR   "(snort_decoder) WARNING: ICMP Original IP Payload < 64 bits"
 
#define DECODE_ICMP_ORIG_PAYLOAD_GT_576_STR   "(snort_decoder) WARNING: ICMP Origianl IP Payload > 576 bytes"
 
#define DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET_STR   "(snort_decoder) WARNING: ICMP Original IP Fragmented and Offset Not 0"
 
#define DECODE_IPV6_MIN_TTL_STR   "(snort decoder) WARNING: IPv6 packet below TTL limit"
 
#define DECODE_IPV6_IS_NOT_STR   "(snort decoder) WARNING: IPv6 header claims to not be IPv6"
 
#define DECODE_IPV6_TRUNCATED_EXT_STR   "(snort decoder) WARNING: IPV6 truncated extension header"
 
#define DECODE_IPV6_TRUNCATED_STR   "(snort decoder) WARNING: IPV6 truncated header"
 
#define DECODE_IPV6_DGRAM_LT_IPHDR_STR   "(snort_decoder) WARNING: IP dgm len < IP Hdr len"
 
#define DECODE_IPV6_DGRAM_GT_CAPLEN_STR   "(snort_decoder) WARNING: IP dgm len > captured len"
 
#define DECODE_IPV6_DST_ZERO_STR   "(snort_decoder) WARNING: IPv6 packet with destination address ::0"
 
#define DECODE_IPV6_SRC_MULTICAST_STR   "(snort_decoder) WARNING: IPv6 packet with multicast source address"
 
#define DECODE_IPV6_DST_RESERVED_MULTICAST_STR   "(snort_decoder) WARNING: IPv6 packet with reserved multicast destination address"
 
#define DECODE_IPV6_BAD_OPT_TYPE_STR   "(snort_decoder) WARNING: IPv6 header includes an undefined option type"
 
#define DECODE_IPV6_BAD_MULTICAST_SCOPE_STR   "(snort_decoder) WARNING: IPv6 address includes an unassigned multicast scope value"
 
#define DECODE_IPV6_BAD_NEXT_HEADER_STR   "(snort_decoder) WARNING: IPv6 header includes an invalid value for the \"next header\" field"
 
#define DECODE_IPV6_ROUTE_AND_HOPBYHOP_STR   "(snort_decoder) WARNING: IPv6 header includes a routing extension header followed by a hop-by-hop header"
 
#define DECODE_IPV6_TWO_ROUTE_HEADERS_STR   "(snort_decoder) WARNING: IPv6 header includes two routing extension headers"
 
#define DECODE_IPV6_DSTOPTS_WITH_ROUTING_STR   "(snort_decoder) WARNING: IPv6 header has destination options followed by a routing header"
 
#define DECODE_ICMPV6_TOO_BIG_BAD_MTU_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 2 (message too big) with MTU field < 1280"
 
#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 1 (destination unreachable) with non-RFC 2463 code"
 
#define DECODE_ICMPV6_SOLICITATION_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 router solicitation packet with a code not equal to 0"
 
#define DECODE_ICMPV6_ADVERT_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 router advertisement packet with a code not equal to 0"
 
#define DECODE_ICMPV6_SOLICITATION_BAD_RESERVED_STR   "(snort_decoder) WARNING: ICMPv6 router solicitation packet with the reserved field not equal to 0"
 
#define DECODE_ICMPV6_ADVERT_BAD_REACHABLE_STR   "(snort_decoder) WARNING: ICMPv6 router advertisement packet with the reachable time field set > 1 hour"
 
#define DECODE_IPV6_TUNNELED_IPV4_TRUNCATED_STR   "(snort_decoder) WARNING: IPV6 tunneled over IPv4, IPv6 header truncated, possible Linux Kernel attack"
 
#define DECODE_IP_MULTIPLE_ENCAPSULATION_STR   "(snort_decoder) WARNING: Two or more IP (v4 and/or v6) encapsulation layers present"
 
#define DECODE_ESP_HEADER_TRUNC_STR   "(snort_decoder) WARNING: truncated Encapsulated Security Payload (ESP) header"
 
#define DECODE_IPV6_BAD_OPT_LEN_STR   "(snort_decoder) WARNING: IPv6 header includes an option which is too big for the containing header"
 
#define DECODE_IPV6_UNORDERED_EXTENSIONS_STR   "(snort_decoder) WARNING: IPv6 packet includes out-of-order extension headers"
 
#define DECODE_GTP_MULTIPLE_ENCAPSULATION_STR   "(snort_decoder) WARNING: Two or more GTP encapsulation layers present"
 
#define DECODE_GTP_BAD_LEN_STR   "(snort_decoder) WARNING: GTP header length is invalid"
 
#define DECODE_TCP_XMAS_STR   "(snort_decoder) WARNING: XMAS Attack Detected"
 
#define DECODE_TCP_NMAP_XMAS_STR   "(snort_decoder) WARNING: Nmap XMAS Attack Detected"
 
#define DECODE_DOS_NAPTHA_STR   "(snort_decoder) WARNING: DOS NAPTHA Vulnerability Detected"
 
#define DECODE_SYN_TO_MULTICAST_STR   "(snort_decoder) WARNING: Bad Traffic SYN to multicast address"
 
#define DECODE_ZERO_TTL_STR   "(snort_decoder) WARNING: IPV4 packet with zero TTL"
 
#define DECODE_BAD_FRAGBITS_STR   "(snort_decoder) WARNING: IPV4 packet with bad frag bits (Both MF and DF set)"
 
#define DECODE_UDP_IPV6_ZERO_CHECKSUM_STR   "(snort_decoder) WARNING: Invalid IPv6 UDP packet, checksum zero"
 
#define DECODE_IP4_LEN_OFFSET_STR   "(snort_decoder) WARNING: IPV4 packet frag offset + length exceed maximum"
 
#define DECODE_IP4_SRC_THIS_NET_STR   "(snort_decoder) WARNING: IPV4 packet from 'current net' source address"
 
#define DECODE_IP4_DST_THIS_NET_STR   "(snort_decoder) WARNING: IPV4 packet to 'current net' dest address"
 
#define DECODE_IP4_SRC_MULTICAST_STR   "(snort_decoder) WARNING: IPV4 packet from multicast source address"
 
#define DECODE_IP4_SRC_RESERVED_STR   "(snort_decoder) WARNING: IPV4 packet from reserved source address"
 
#define DECODE_IP4_DST_RESERVED_STR   "(snort_decoder) WARNING: IPV4 packet to reserved dest address"
 
#define DECODE_IP4_SRC_BROADCAST_STR   "(snort_decoder) WARNING: IPV4 packet from broadcast source address"
 
#define DECODE_IP4_DST_BROADCAST_STR   "(snort_decoder) WARNING: IPV4 packet to broadcast dest address"
 
#define DECODE_ICMP4_DST_MULTICAST_STR   "(snort_decoder) WARNING: ICMP4 packet to multicast dest address"
 
#define DECODE_ICMP4_DST_BROADCAST_STR   "(snort_decoder) WARNING: ICMP4 packet to broadcast dest address"
 
#define DECODE_ICMP4_TYPE_OTHER_STR   "(snort_decoder) WARNING: ICMP4 type other"
 
#define DECODE_TCP_BAD_URP_STR   "(snort_decoder) WARNING: TCP urgent pointer exceeds payload length or no payload"
 
#define DECODE_TCP_SYN_FIN_STR   "(snort_decoder) WARNING: TCP SYN with FIN"
 
#define DECODE_TCP_SYN_RST_STR   "(snort_decoder) WARNING: TCP SYN with RST"
 
#define DECODE_TCP_MUST_ACK_STR   "(snort_decoder) WARNING: TCP PDU missing ack for established session"
 
#define DECODE_TCP_NO_SYN_ACK_RST_STR   "(snort_decoder) WARNING: TCP has no SYN, ACK, or RST"
 
#define DECODE_ETH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated eth header"
 
#define DECODE_IP4_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated IP4 header"
 
#define DECODE_ICMP4_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated ICMP4 header"
 
#define DECODE_ICMP6_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated ICMP6 header"
 
#define DECODE_IP4_MIN_TTL_STR   "(snort decoder) WARNING: IPV4 packet below TTL limit"
 
#define DECODE_IP6_ZERO_HOP_LIMIT_STR   "(snort decoder) WARNING: IPV6 packet has zero hop limit"
 
#define DECODE_IP4_DF_OFFSET_STR   "(snort_decoder) WARNING: IPV4 packet both DF and offset set"
 
#define DECODE_ICMP6_TYPE_OTHER_STR   "(snort_decoder) WARNING: ICMP6 type not decoded"
 
#define DECODE_ICMP6_DST_MULTICAST_STR   "(snort_decoder) WARNING: ICMP6 packet to multicast address"
 
#define DECODE_TCP_SHAFT_SYNFLOOD_STR   "(snort_decoder) WARNING: DDOS shaft synflood"
 
#define DECODE_ICMP_PING_NMAP_STR   "(snort_decoder) WARNING: ICMP PING NMAP"
 
#define DECODE_ICMP_ICMPENUM_STR   "(snort_decoder) WARNING: ICMP icmpenum v1.1.1"
 
#define DECODE_ICMP_REDIRECT_HOST_STR   "(snort_decoder) WARNING: ICMP redirect host"
 
#define DECODE_ICMP_REDIRECT_NET_STR   "(snort_decoder) WARNING: ICMP redirect net"
 
#define DECODE_ICMP_TRACEROUTE_IPOPTS_STR   "(snort_decoder) WARNING: ICMP traceroute ipopts"
 
#define DECODE_ICMP_SOURCE_QUENCH_STR   "(snort_decoder) WARNING: ICMP Source Quench"
 
#define DECODE_ICMP_BROADSCAN_SMURF_SCANNER_STR   "(snort_decoder) WARNING: Broadscan Smurf Scanner"
 
#define DECODE_ICMP_DST_UNREACH_ADMIN_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication Administratively Prohibited"
 
#define DECODE_ICMP_DST_UNREACH_DST_HOST_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited"
 
#define DECODE_ICMP_DST_UNREACH_DST_NET_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited"
 
#define DECODE_IP_OPTION_SET_STR   "(snort_decoder) WARNING: MISC IP option set"
 
#define DECODE_UDP_LARGE_PACKET_STR   "(snort_decoder) WARNING: MISC Large UDP Packet"
 
#define DECODE_TCP_PORT_ZERO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC TCP port 0 traffic"
 
#define DECODE_UDP_PORT_ZERO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC UDP port 0 traffic"
 
#define DECODE_IP_RESERVED_FRAG_BIT_STR   "(snort_decoder) WARNING: BAD-TRAFFIC IP reserved bit set"
 
#define DECODE_IP_UNASSIGNED_PROTO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC Unassigned/Reserved IP protocol"
 
#define DECODE_IP_BAD_PROTO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC Bad IP protocol"
 
#define DECODE_ICMP_PATH_MTU_DOS_STR   "(snort_decoder) WARNING: ICMP PATH MTU denial of service attempt"
 
#define DECODE_ICMP_DOS_ATTEMPT_STR   "(snort_decoder) WARNING: BAD-TRAFFIC linux ICMP header dos attempt"
 
#define DECODE_IPV6_ISATAP_SPOOF_STR   "(snort_decoder) WARNING: BAD-TRAFFIC ISATAP-addressed IPv6 traffic spoofing attempt"
 
#define DECODE_PGM_NAK_OVERFLOW_STR   "(snort_decoder) WARNING: BAD-TRAFFIC PGM nak list overflow attempt"
 
#define DECODE_IGMP_OPTIONS_DOS_STR   "(snort_decoder) WARNING: DOS IGMP IP Options validation attempt"
 
#define DECODE_IP6_EXCESS_EXT_HDR_STR   "(snort_decoder) WARNING: too many IP6 extension headers"
 
#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_4443_CODE_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 1 (destination unreachable) with non-RFC 4443 code"
 
#define DECODE_IPV6_BAD_FRAG_PKT_STR   "(snort_decoder) WARNING: bogus fragmentation packet. Possible BSD attack"
 
#define DECODE_ZERO_LENGTH_FRAG_STR   "(snort_decoder) WARNING: fragment with zero length"
 
#define DECODE_ICMPV6_NODE_INFO_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 node info query/response packet with a code greater than 2"
 
#define DECODE_IPV6_ROUTE_ZERO_STR   "(snort decoder) WARNING: IPV6 routing type 0 extension header"
 
#define DECODE_ERSPAN_HDR_VERSION_MISMATCH_STR   "(snort_decoder) WARNING: ERSpan Header version mismatch"
 
#define DECODE_ERSPAN2_DGRAM_LT_HDR_STR   "(snort_decoder) WARNING: captured < ERSpan Type2 Header Length"
 
#define DECODE_ERSPAN3_DGRAM_LT_HDR_STR   "(snort_decoder) WARNING: captured < ERSpan Type3 Header Length"
 
#define DECODE_AUTH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated authentication header"
 
#define DECODE_AUTH_HDR_BAD_LEN_STR   "(snort_decoder) WARNING: authentication header bad length"
 
#define DECODE_FPATH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated FabricPath header"
 
#define DECODE_CISCO_META_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated Cisco Metadata header"
 
#define DECODE_CISCO_META_HDR_OPT_LEN_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata option length"
 
#define DECODE_CISCO_META_HDR_OPT_TYPE_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata option type"
 
#define DECODE_CISCO_META_HDR_SGT_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata SGT"
 
#define RPC_FRAG_TRAFFIC_STR   "(spp_rpc_decode) Fragmented RPC Records"
 
#define RPC_MULTIPLE_RECORD_STR   "(spp_rpc_decode) Multiple RPC Records"
 
#define RPC_LARGE_FRAGSIZE_STR   "(spp_rpc_decode) Large RPC Record Fragment"
 
#define RPC_INCOMPLETE_SEGMENT_STR   "(spp_rpc_decode) Incomplete RPC segment"
 
#define RPC_ZERO_LENGTH_FRAGMENT_STR   "(spp_rpc_decode) Zero-length RPC Fragment"
 
#define PSNG_TCP_PORTSCAN_STR   "(portscan) TCP Portscan"
 
#define PSNG_TCP_DECOY_PORTSCAN_STR   "(portscan) TCP Decoy Portscan"
 
#define PSNG_TCP_PORTSWEEP_STR   "(portscan) TCP Portsweep"
 
#define PSNG_TCP_DISTRIBUTED_PORTSCAN_STR   "(portscan) TCP Distributed Portscan"
 
#define PSNG_TCP_FILTERED_PORTSCAN_STR   "(portscan) TCP Filtered Portscan"
 
#define PSNG_TCP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) TCP Filtered Decoy Portscan"
 
#define PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) TCP Filtered Distributed Portscan"
 
#define PSNG_TCP_PORTSWEEP_FILTERED_STR   "(portscan) TCP Filtered Portsweep"
 
#define PSNG_IP_PORTSCAN_STR   "(portscan) IP Protocol Scan"
 
#define PSNG_IP_DECOY_PORTSCAN_STR   "(portscan) IP Decoy Protocol Scan"
 
#define PSNG_IP_PORTSWEEP_STR   "(portscan) IP Protocol Sweep"
 
#define PSNG_IP_DISTRIBUTED_PORTSCAN_STR   "(portscan) IP Distributed Protocol Scan"
 
#define PSNG_IP_FILTERED_PORTSCAN_STR   "(portscan) IP Filtered Protocol Scan"
 
#define PSNG_IP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) IP Filtered Decoy Protocol Scan"
 
#define PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) IP Filtered Distributed Protocol Scan"
 
#define PSNG_IP_PORTSWEEP_FILTERED_STR   "(portscan) IP Filtered Protocol Sweep"
 
#define PSNG_UDP_PORTSCAN_STR   "(portscan) UDP Portscan"
 
#define PSNG_UDP_DECOY_PORTSCAN_STR   "(portscan) UDP Decoy Portscan"
 
#define PSNG_UDP_PORTSWEEP_STR   "(portscan) UDP Portsweep"
 
#define PSNG_UDP_DISTRIBUTED_PORTSCAN_STR   "(portscan) UDP Distributed Portscan"
 
#define PSNG_UDP_FILTERED_PORTSCAN_STR   "(portscan) UDP Filtered Portscan"
 
#define PSNG_UDP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) UDP Filtered Decoy Portscan"
 
#define PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) UDP Filtered Distributed Portscan"
 
#define PSNG_UDP_PORTSWEEP_FILTERED_STR   "(portscan) UDP Filtered Portsweep"
 
#define PSNG_ICMP_PORTSWEEP_STR   "(portscan) ICMP Sweep"
 
#define PSNG_ICMP_PORTSWEEP_FILTERED_STR   "(portscan) ICMP Filtered Sweep"
 
#define PSNG_OPEN_PORT_STR   "(portscan) Open Port"
 
#define DECODE_BAD_MPLS_STR   "(snort_decoder) WARNING: Bad MPLS Frame"
 
#define DECODE_BAD_MPLS_LABEL0_STR   "(snort_decoder) WARNING: MPLS Label 0 Appears in Nonbottom Header"
 
#define DECODE_BAD_MPLS_LABEL1_STR   "(snort_decoder) WARNING: MPLS Label 1 Appears in Bottom Header"
 
#define DECODE_BAD_MPLS_LABEL2_STR   "(snort_decoder) WARNING: MPLS Label 2 Appears in Nonbottom Header"
 
#define DECODE_BAD_MPLS_LABEL3_STR   "(snort_decoder) WARNING: MPLS Label 3 Appears in Header"
 
#define DECODE_MPLS_RESERVEDLABEL_STR   "(snort_decoder) WARNING: MPLS Label 4, 5,.. or 15 Appears in Header"
 
#define DECODE_MPLS_LABEL_STACK_STR   "(snort_decoder) WARNING: Too Many MPLS headers"
 
#define DECODE_MULTICAST_MPLS_STR   "(snort_decoder) WARNING: Multicast MPLS traffic detected"
 
#define DECODE_DECODING_DEPTH_EXCEEDED_STR   "(snort_decoder) WARNING: Too many levels for decoding"
 

Enumerations

enum  {
  DECODE_TCP_XMAS = 400, DECODE_TCP_NMAP_XMAS, DECODE_DOS_NAPTHA, DECODE_SYN_TO_MULTICAST,
  DECODE_ZERO_TTL, DECODE_BAD_FRAGBITS, DECODE_UDP_IPV6_ZERO_CHECKSUM, DECODE_IP4_LEN_OFFSET,
  DECODE_IP4_SRC_THIS_NET, DECODE_IP4_DST_THIS_NET, DECODE_IP4_SRC_MULTICAST, DECODE_IP4_SRC_RESERVED,
  DECODE_IP4_DST_RESERVED, DECODE_IP4_SRC_BROADCAST, DECODE_IP4_DST_BROADCAST, DECODE_ICMP4_DST_MULTICAST,
  DECODE_ICMP4_DST_BROADCAST, DECODE_ICMP4_TYPE_OTHER = 418, DECODE_TCP_BAD_URP, DECODE_TCP_SYN_FIN,
  DECODE_TCP_SYN_RST, DECODE_TCP_MUST_ACK, DECODE_TCP_NO_SYN_ACK_RST, DECODE_ETH_HDR_TRUNC,
  DECODE_IP4_HDR_TRUNC, DECODE_ICMP4_HDR_TRUNC, DECODE_ICMP6_HDR_TRUNC, DECODE_IP4_MIN_TTL,
  DECODE_IP6_ZERO_HOP_LIMIT, DECODE_IP4_DF_OFFSET, DECODE_ICMP6_TYPE_OTHER, DECODE_ICMP6_DST_MULTICAST,
  DECODE_TCP_SHAFT_SYNFLOOD, DECODE_ICMP_PING_NMAP, DECODE_ICMP_ICMPENUM, DECODE_ICMP_REDIRECT_HOST,
  DECODE_ICMP_REDIRECT_NET, DECODE_ICMP_TRACEROUTE_IPOPTS, DECODE_ICMP_SOURCE_QUENCH, DECODE_ICMP_BROADSCAN_SMURF_SCANNER,
  DECODE_ICMP_DST_UNREACH_ADMIN_PROHIBITED, DECODE_ICMP_DST_UNREACH_DST_HOST_PROHIBITED, DECODE_ICMP_DST_UNREACH_DST_NET_PROHIBITED, DECODE_IP_OPTION_SET,
  DECODE_UDP_LARGE_PACKET, DECODE_TCP_PORT_ZERO, DECODE_UDP_PORT_ZERO, DECODE_IP_RESERVED_FRAG_BIT,
  DECODE_IP_UNASSIGNED_PROTO, DECODE_IP_BAD_PROTO, DECODE_ICMP_PATH_MTU_DOS, DECODE_ICMP_DOS_ATTEMPT,
  DECODE_IPV6_ISATAP_SPOOF, DECODE_PGM_NAK_OVERFLOW, DECODE_IGMP_OPTIONS_DOS, DECODE_IP6_EXCESS_EXT_HDR,
  DECODE_ICMPV6_UNREACHABLE_NON_RFC_4443_CODE, DECODE_IPV6_BAD_FRAG_PKT, DECODE_ZERO_LENGTH_FRAG, DECODE_ICMPV6_NODE_INFO_BAD_CODE,
  DECODE_IPV6_ROUTE_ZERO, DECODE_ERSPAN_HDR_VERSION_MISMATCH, DECODE_ERSPAN2_DGRAM_LT_HDR, DECODE_ERSPAN3_DGRAM_LT_HDR,
  DECODE_AUTH_HDR_TRUNC, DECODE_AUTH_HDR_BAD_LEN, DECODE_FPATH_HDR_TRUNC, DECODE_CISCO_META_HDR_TRUNC,
  DECODE_CISCO_META_HDR_OPT_LEN, DECODE_CISCO_META_HDR_OPT_TYPE, DECODE_CISCO_META_HDR_SGT, DECODE_INDEX_MAX
}
 

Macro Definition Documentation

◆ ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK

#define ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK   4

Definition at line 48 of file generators.h.

◆ ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK_STR

#define ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK_STR   "(spp_arpspoof) Attempted ARP cache overwrite attack"

Definition at line 557 of file generators.h.

◆ ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST

#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST   3

Definition at line 47 of file generators.h.

◆ ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST_STR

#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_DST_STR   "(spp_arpspoof) Ethernet/ARP Mismatch request for Destination"

Definition at line 555 of file generators.h.

◆ ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC

#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC   2

Definition at line 46 of file generators.h.

◆ ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC_STR

#define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC_STR   "(spp_arpspoof) Ethernet/ARP Mismatch request for Source"

Definition at line 553 of file generators.h.

◆ ARPSPOOF_UNICAST_ARP_REQUEST

#define ARPSPOOF_UNICAST_ARP_REQUEST   1

Definition at line 45 of file generators.h.

◆ ARPSPOOF_UNICAST_ARP_REQUEST_STR

#define ARPSPOOF_UNICAST_ARP_REQUEST_STR   "(spp_arpspoof) Unicast ARP request"

Definition at line 552 of file generators.h.

◆ BO_CLIENT_TRAFFIC_DETECT

#define BO_CLIENT_TRAFFIC_DETECT   2

Definition at line 33 of file generators.h.

◆ BO_CLIENT_TRAFFIC_DETECT_STR

#define BO_CLIENT_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Client Traffic detected"

Definition at line 561 of file generators.h.

◆ BO_SERVER_TRAFFIC_DETECT

#define BO_SERVER_TRAFFIC_DETECT   3

Definition at line 34 of file generators.h.

◆ BO_SERVER_TRAFFIC_DETECT_STR

#define BO_SERVER_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Server Traffic detected"

Definition at line 562 of file generators.h.

◆ BO_SNORT_BUFFER_ATTACK

#define BO_SNORT_BUFFER_ATTACK   4

Definition at line 35 of file generators.h.

◆ BO_SNORT_BUFFER_ATTACK_STR

#define BO_SNORT_BUFFER_ATTACK_STR   "(spo_bo) Back Orifice Snort buffer attack"

Definition at line 563 of file generators.h.

◆ BO_TRAFFIC_DETECT

#define BO_TRAFFIC_DETECT   1

Definition at line 32 of file generators.h.

◆ BO_TRAFFIC_DETECT_STR

#define BO_TRAFFIC_DETECT_STR   "(spo_bo) Back Orifice Traffic detected"

Definition at line 560 of file generators.h.

◆ DCE2_EVENT__CL_BAD_MAJ_VERSION

#define DCE2_EVENT__CL_BAD_MAJ_VERSION   40

Definition at line 493 of file generators.h.

◆ DCE2_EVENT__CL_BAD_PDU_TYPE

#define DCE2_EVENT__CL_BAD_PDU_TYPE   41

Definition at line 494 of file generators.h.

◆ DCE2_EVENT__CL_BAD_SEQ_NUM

#define DCE2_EVENT__CL_BAD_SEQ_NUM   43

Definition at line 496 of file generators.h.

◆ DCE2_EVENT__CL_DATA_LT_HDR

#define DCE2_EVENT__CL_DATA_LT_HDR   42

Definition at line 495 of file generators.h.

◆ DCE2_EVENT__CO_ALTER_CHANGE_BYTE_ORDER

#define DCE2_EVENT__CO_ALTER_CHANGE_BYTE_ORDER   36

Definition at line 489 of file generators.h.

◆ DCE2_EVENT__CO_BAD_MAJ_VERSION

#define DCE2_EVENT__CO_BAD_MAJ_VERSION   27

Definition at line 480 of file generators.h.

◆ DCE2_EVENT__CO_BAD_MIN_VERSION

#define DCE2_EVENT__CO_BAD_MIN_VERSION   28

Definition at line 481 of file generators.h.

◆ DCE2_EVENT__CO_BAD_PDU_TYPE

#define DCE2_EVENT__CO_BAD_PDU_TYPE   29

Definition at line 482 of file generators.h.

◆ DCE2_EVENT__CO_FLEN_LT_HDR

#define DCE2_EVENT__CO_FLEN_LT_HDR   30

Definition at line 483 of file generators.h.

◆ DCE2_EVENT__CO_FLEN_LT_SIZE

#define DCE2_EVENT__CO_FLEN_LT_SIZE   31

Definition at line 484 of file generators.h.

◆ DCE2_EVENT__CO_FRAG_DIFF_CALL_ID

#define DCE2_EVENT__CO_FRAG_DIFF_CALL_ID   37

Definition at line 490 of file generators.h.

◆ DCE2_EVENT__CO_FRAG_DIFF_CTX_ID

#define DCE2_EVENT__CO_FRAG_DIFF_CTX_ID   39

Definition at line 492 of file generators.h.

◆ DCE2_EVENT__CO_FRAG_DIFF_OPNUM

#define DCE2_EVENT__CO_FRAG_DIFF_OPNUM   38

Definition at line 491 of file generators.h.

◆ DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG

#define DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG   35

Definition at line 488 of file generators.h.

◆ DCE2_EVENT__CO_FRAG_LT_MAX_XMIT_FRAG

#define DCE2_EVENT__CO_FRAG_LT_MAX_XMIT_FRAG   34

Definition at line 487 of file generators.h.

◆ DCE2_EVENT__CO_ZERO_CTX_ITEMS

#define DCE2_EVENT__CO_ZERO_CTX_ITEMS   32

Definition at line 485 of file generators.h.

◆ DCE2_EVENT__CO_ZERO_TSYNS

#define DCE2_EVENT__CO_ZERO_TSYNS   33

Definition at line 486 of file generators.h.

◆ DCE2_EVENT__MEMCAP

#define DCE2_EVENT__MEMCAP   1

Definition at line 454 of file generators.h.

◆ DCE2_EVENT__SMB2_EXCESSIVE_COMPOUNDING

#define DCE2_EVENT__SMB2_EXCESSIVE_COMPOUNDING   47

Definition at line 500 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_BCC

#define DCE2_EVENT__SMB_BAD_BCC   6

Definition at line 459 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_FORMAT

#define DCE2_EVENT__SMB_BAD_FORMAT   7

Definition at line 460 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_ID

#define DCE2_EVENT__SMB_BAD_ID   4

Definition at line 457 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_NBSS_TYPE

#define DCE2_EVENT__SMB_BAD_NBSS_TYPE   2

Definition at line 455 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_NEXT_COMMAND_OFFSET

#define DCE2_EVENT__SMB_BAD_NEXT_COMMAND_OFFSET   59

Definition at line 512 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_OFF

#define DCE2_EVENT__SMB_BAD_OFF   8

Definition at line 461 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_TYPE

#define DCE2_EVENT__SMB_BAD_TYPE   3

Definition at line 456 of file generators.h.

◆ DCE2_EVENT__SMB_BAD_WCT

#define DCE2_EVENT__SMB_BAD_WCT   5

Definition at line 458 of file generators.h.

◆ DCE2_EVENT__SMB_BCC_LT_DSIZE

#define DCE2_EVENT__SMB_BCC_LT_DSIZE   16

Definition at line 469 of file generators.h.

◆ DCE2_EVENT__SMB_CHAIN_OPEN_CLOSE

#define DCE2_EVENT__SMB_CHAIN_OPEN_CLOSE   25

Definition at line 478 of file generators.h.

◆ DCE2_EVENT__SMB_CHAIN_SS_LOGOFF

#define DCE2_EVENT__SMB_CHAIN_SS_LOGOFF   23

Definition at line 476 of file generators.h.

◆ DCE2_EVENT__SMB_CHAIN_TC_TDIS

#define DCE2_EVENT__SMB_CHAIN_TC_TDIS   24

Definition at line 477 of file generators.h.

◆ DCE2_EVENT__SMB_DCNT_MISMATCH

#define DCE2_EVENT__SMB_DCNT_MISMATCH   49

Definition at line 502 of file generators.h.

◆ DCE2_EVENT__SMB_DCNT_ZERO

#define DCE2_EVENT__SMB_DCNT_ZERO   48

Definition at line 501 of file generators.h.

◆ DCE2_EVENT__SMB_DEPR_COMMAND_USED

#define DCE2_EVENT__SMB_DEPR_COMMAND_USED   53

Definition at line 506 of file generators.h.

◆ DCE2_EVENT__SMB_DEPR_DIALECT_NEGOTIATED

#define DCE2_EVENT__SMB_DEPR_DIALECT_NEGOTIATED   52

Definition at line 505 of file generators.h.

◆ DCE2_EVENT__SMB_DSENT_GT_TDCNT

#define DCE2_EVENT__SMB_DSENT_GT_TDCNT   15

Definition at line 468 of file generators.h.

◆ DCE2_EVENT__SMB_EVASIVE_FILE_ATTRS

#define DCE2_EVENT__SMB_EVASIVE_FILE_ATTRS   57

Definition at line 510 of file generators.h.

◆ DCE2_EVENT__SMB_EXCESSIVE_CHAINING

#define DCE2_EVENT__SMB_EXCESSIVE_CHAINING   20

Definition at line 473 of file generators.h.

◆ DCE2_EVENT__SMB_EXCESSIVE_READS

#define DCE2_EVENT__SMB_EXCESSIVE_READS   19

Definition at line 472 of file generators.h.

◆ DCE2_EVENT__SMB_EXCESSIVE_TREE_CONNECTS

#define DCE2_EVENT__SMB_EXCESSIVE_TREE_CONNECTS   18

Definition at line 471 of file generators.h.

◆ DCE2_EVENT__SMB_INVALID_BINDING

#define DCE2_EVENT__SMB_INVALID_BINDING   46

Definition at line 499 of file generators.h.

◆ DCE2_EVENT__SMB_INVALID_DSIZE

#define DCE2_EVENT__SMB_INVALID_DSIZE   17

Definition at line 470 of file generators.h.

◆ DCE2_EVENT__SMB_INVALID_FILE_OFFSET

#define DCE2_EVENT__SMB_INVALID_FILE_OFFSET   58

Definition at line 511 of file generators.h.

◆ DCE2_EVENT__SMB_INVALID_SETUP_COUNT

#define DCE2_EVENT__SMB_INVALID_SETUP_COUNT   55

Definition at line 508 of file generators.h.

◆ DCE2_EVENT__SMB_INVALID_SHARE

#define DCE2_EVENT__SMB_INVALID_SHARE   26

Definition at line 479 of file generators.h.

◆ DCE2_EVENT__SMB_MAX_REQS_EXCEEDED

#define DCE2_EVENT__SMB_MAX_REQS_EXCEEDED   50

Definition at line 503 of file generators.h.

◆ DCE2_EVENT__SMB_MULT_CHAIN_SS

#define DCE2_EVENT__SMB_MULT_CHAIN_SS   21

Definition at line 474 of file generators.h.

◆ DCE2_EVENT__SMB_MULT_CHAIN_TC

#define DCE2_EVENT__SMB_MULT_CHAIN_TC   22

Definition at line 475 of file generators.h.

◆ DCE2_EVENT__SMB_MULTIPLE_NEGOTIATIONS

#define DCE2_EVENT__SMB_MULTIPLE_NEGOTIATIONS   56

Definition at line 509 of file generators.h.

◆ DCE2_EVENT__SMB_NB_LT_BCC

#define DCE2_EVENT__SMB_NB_LT_BCC   12

Definition at line 465 of file generators.h.

◆ DCE2_EVENT__SMB_NB_LT_COM

#define DCE2_EVENT__SMB_NB_LT_COM   11

Definition at line 464 of file generators.h.

◆ DCE2_EVENT__SMB_NB_LT_DSIZE

#define DCE2_EVENT__SMB_NB_LT_DSIZE   13

Definition at line 466 of file generators.h.

◆ DCE2_EVENT__SMB_NB_LT_SMBHDR

#define DCE2_EVENT__SMB_NB_LT_SMBHDR   10

Definition at line 463 of file generators.h.

◆ DCE2_EVENT__SMB_REQS_SAME_MID

#define DCE2_EVENT__SMB_REQS_SAME_MID   51

Definition at line 504 of file generators.h.

◆ DCE2_EVENT__SMB_TDCNT_LT_DSIZE

#define DCE2_EVENT__SMB_TDCNT_LT_DSIZE   14

Definition at line 467 of file generators.h.

◆ DCE2_EVENT__SMB_TDCNT_ZERO

#define DCE2_EVENT__SMB_TDCNT_ZERO   9

Definition at line 462 of file generators.h.

◆ DCE2_EVENT__SMB_UNUSUAL_COMMAND_USED

#define DCE2_EVENT__SMB_UNUSUAL_COMMAND_USED   54

Definition at line 507 of file generators.h.

◆ DCE2_EVENT__SMB_V1

#define DCE2_EVENT__SMB_V1   44

Definition at line 497 of file generators.h.

◆ DCE2_EVENT__SMB_V2

#define DCE2_EVENT__SMB_V2   45

Definition at line 498 of file generators.h.

◆ DECODE_ARP_TRUNCATED

#define DECODE_ARP_TRUNCATED   109

Definition at line 78 of file generators.h.

◆ DECODE_ARP_TRUNCATED_STR

#define DECODE_ARP_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated ARP"

Definition at line 644 of file generators.h.

◆ DECODE_AUTH_HDR_BAD_LEN_STR

#define DECODE_AUTH_HDR_BAD_LEN_STR   "(snort_decoder) WARNING: authentication header bad length"

Definition at line 779 of file generators.h.

◆ DECODE_AUTH_HDR_TRUNC_STR

#define DECODE_AUTH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated authentication header"

Definition at line 778 of file generators.h.

◆ DECODE_BAD_80211_ETHLLC

#define DECODE_BAD_80211_ETHLLC   133

Definition at line 87 of file generators.h.

◆ DECODE_BAD_80211_ETHLLC_STR

#define DECODE_BAD_80211_ETHLLC_STR   "(snort_decoder) WARNING: Bad 802.11 LLC header"

Definition at line 652 of file generators.h.

◆ DECODE_BAD_80211_OTHER

#define DECODE_BAD_80211_OTHER   134

Definition at line 88 of file generators.h.

◆ DECODE_BAD_80211_OTHER_STR

#define DECODE_BAD_80211_OTHER_STR   "(snort_decoder) WARNING: Bad 802.11 Extra LLC Info"

Definition at line 653 of file generators.h.

◆ DECODE_BAD_FRAGBITS_STR

#define DECODE_BAD_FRAGBITS_STR   "(snort_decoder) WARNING: IPV4 packet with bad frag bits (Both MF and DF set)"

Definition at line 719 of file generators.h.

◆ DECODE_BAD_MPLS

#define DECODE_BAD_MPLS   170

MPLS takes 170 block

Definition at line 108 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL0

#define DECODE_BAD_MPLS_LABEL0   171

Definition at line 109 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL0_STR

#define DECODE_BAD_MPLS_LABEL0_STR   "(snort_decoder) WARNING: MPLS Label 0 Appears in Nonbottom Header"

Definition at line 826 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL1

#define DECODE_BAD_MPLS_LABEL1   172

Definition at line 110 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL1_STR

#define DECODE_BAD_MPLS_LABEL1_STR   "(snort_decoder) WARNING: MPLS Label 1 Appears in Bottom Header"

Definition at line 827 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL2

#define DECODE_BAD_MPLS_LABEL2   173

Definition at line 111 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL2_STR

#define DECODE_BAD_MPLS_LABEL2_STR   "(snort_decoder) WARNING: MPLS Label 2 Appears in Nonbottom Header"

Definition at line 828 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL3

#define DECODE_BAD_MPLS_LABEL3   174

Definition at line 112 of file generators.h.

◆ DECODE_BAD_MPLS_LABEL3_STR

#define DECODE_BAD_MPLS_LABEL3_STR   "(snort_decoder) WARNING: MPLS Label 3 Appears in Header"

Definition at line 829 of file generators.h.

◆ DECODE_BAD_MPLS_STR

#define DECODE_BAD_MPLS_STR   "(snort_decoder) WARNING: Bad MPLS Frame"

Definition at line 825 of file generators.h.

◆ DECODE_BAD_PPPOE

#define DECODE_BAD_PPPOE   120

Definition at line 83 of file generators.h.

◆ DECODE_BAD_PPPOE_STR

#define DECODE_BAD_PPPOE_STR   "(snort_decoder) WARNING: Bad PPPOE frame detected"

Definition at line 648 of file generators.h.

◆ DECODE_BAD_TR_ETHLLC

#define DECODE_BAD_TR_ETHLLC   141

Definition at line 91 of file generators.h.

◆ DECODE_BAD_TR_ETHLLC_STR

#define DECODE_BAD_TR_ETHLLC_STR   "(snort_decoder) WARNING: Bad Token Ring ETHLLC Header"

Definition at line 656 of file generators.h.

◆ DECODE_BAD_TR_MR_LEN

#define DECODE_BAD_TR_MR_LEN   142

Definition at line 92 of file generators.h.

◆ DECODE_BAD_TR_MR_LEN_STR

#define DECODE_BAD_TR_MR_LEN_STR   "(snort_decoder) WARNING: Bad Token Ring MRLENHeader"

Definition at line 657 of file generators.h.

◆ DECODE_BAD_TRAFFIC_LOOPBACK

#define DECODE_BAD_TRAFFIC_LOOPBACK   150

Definition at line 95 of file generators.h.

◆ DECODE_BAD_TRAFFIC_LOOPBACK_STR

#define DECODE_BAD_TRAFFIC_LOOPBACK_STR   "(snort decoder) WARNING: Bad Traffic Loopback IP"

Definition at line 660 of file generators.h.

◆ DECODE_BAD_TRAFFIC_SAME_SRCDST

#define DECODE_BAD_TRAFFIC_SAME_SRCDST   151

Definition at line 96 of file generators.h.

◆ DECODE_BAD_TRAFFIC_SAME_SRCDST_STR

#define DECODE_BAD_TRAFFIC_SAME_SRCDST_STR   "(snort decoder) WARNING: Bad Traffic Same Src/Dst IP"

Definition at line 661 of file generators.h.

◆ DECODE_BAD_TRH

#define DECODE_BAD_TRH   140

Definition at line 90 of file generators.h.

◆ DECODE_BAD_TRH_STR

#define DECODE_BAD_TRH_STR   "(snort_decoder) WARNING: Bad Token Ring Header"

Definition at line 655 of file generators.h.

◆ DECODE_BAD_TRHMR

#define DECODE_BAD_TRHMR   143

Definition at line 93 of file generators.h.

◆ DECODE_BAD_TRHMR_STR

#define DECODE_BAD_TRHMR_STR   "(snort_decoder) WARNING: Bad Token Ring MR Header"

Definition at line 658 of file generators.h.

◆ DECODE_BAD_VLAN

#define DECODE_BAD_VLAN   130

Definition at line 84 of file generators.h.

◆ DECODE_BAD_VLAN_ETHLLC

#define DECODE_BAD_VLAN_ETHLLC   131

Definition at line 85 of file generators.h.

◆ DECODE_BAD_VLAN_ETHLLC_STR

#define DECODE_BAD_VLAN_ETHLLC_STR   "(snort_decoder) WARNING: Bad LLC header"

Definition at line 650 of file generators.h.

◆ DECODE_BAD_VLAN_OTHER

#define DECODE_BAD_VLAN_OTHER   132

Definition at line 86 of file generators.h.

◆ DECODE_BAD_VLAN_OTHER_STR

#define DECODE_BAD_VLAN_OTHER_STR   "(snort_decoder) WARNING: Bad Extra LLC Info"

Definition at line 651 of file generators.h.

◆ DECODE_BAD_VLAN_STR

#define DECODE_BAD_VLAN_STR   "(snort_decoder) WARNING: Bad VLAN Frame"

Definition at line 649 of file generators.h.

◆ DECODE_CISCO_META_HDR_OPT_LEN_STR

#define DECODE_CISCO_META_HDR_OPT_LEN_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata option length"

Definition at line 782 of file generators.h.

◆ DECODE_CISCO_META_HDR_OPT_TYPE_STR

#define DECODE_CISCO_META_HDR_OPT_TYPE_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata option type"

Definition at line 783 of file generators.h.

◆ DECODE_CISCO_META_HDR_SGT_STR

#define DECODE_CISCO_META_HDR_SGT_STR   "(snort_decoder) WARNING: Invalid Cisco Metadata SGT"

Definition at line 784 of file generators.h.

◆ DECODE_CISCO_META_HDR_TRUNC_STR

#define DECODE_CISCO_META_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated Cisco Metadata header"

Definition at line 781 of file generators.h.

◆ DECODE_DECODING_DEPTH_EXCEEDED

#define DECODE_DECODING_DEPTH_EXCEEDED   300

Definition at line 156 of file generators.h.

◆ DECODE_DECODING_DEPTH_EXCEEDED_STR

#define DECODE_DECODING_DEPTH_EXCEEDED_STR   "(snort_decoder) WARNING: Too many levels for decoding"

Definition at line 834 of file generators.h.

◆ DECODE_DOS_NAPTHA_STR

#define DECODE_DOS_NAPTHA_STR   "(snort_decoder) WARNING: DOS NAPTHA Vulnerability Detected"

Definition at line 716 of file generators.h.

◆ DECODE_EAP_TRUNCATED

#define DECODE_EAP_TRUNCATED   112

Definition at line 81 of file generators.h.

◆ DECODE_EAP_TRUNCATED_STR

#define DECODE_EAP_TRUNCATED_STR   "(snort_decoder) WARNING: EAP Header Truncated"

Definition at line 647 of file generators.h.

◆ DECODE_EAPKEY_TRUNCATED

#define DECODE_EAPKEY_TRUNCATED   111

Definition at line 80 of file generators.h.

◆ DECODE_EAPKEY_TRUNCATED_STR

#define DECODE_EAPKEY_TRUNCATED_STR   "(snort_decoder) WARNING: EAP Key Truncated"

Definition at line 646 of file generators.h.

◆ DECODE_EAPOL_TRUNCATED

#define DECODE_EAPOL_TRUNCATED   110

Definition at line 79 of file generators.h.

◆ DECODE_EAPOL_TRUNCATED_STR

#define DECODE_EAPOL_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated EAP Header"

Definition at line 645 of file generators.h.

◆ DECODE_ERSPAN2_DGRAM_LT_HDR_STR

#define DECODE_ERSPAN2_DGRAM_LT_HDR_STR   "(snort_decoder) WARNING: captured < ERSpan Type2 Header Length"

Definition at line 776 of file generators.h.

◆ DECODE_ERSPAN3_DGRAM_LT_HDR_STR

#define DECODE_ERSPAN3_DGRAM_LT_HDR_STR   "(snort_decoder) WARNING: captured < ERSpan Type3 Header Length"

Definition at line 777 of file generators.h.

◆ DECODE_ERSPAN_HDR_VERSION_MISMATCH_STR

#define DECODE_ERSPAN_HDR_VERSION_MISMATCH_STR   "(snort_decoder) WARNING: ERSpan Header version mismatch"

Definition at line 775 of file generators.h.

◆ DECODE_ESP_HEADER_TRUNC

#define DECODE_ESP_HEADER_TRUNC   294

Definition at line 149 of file generators.h.

◆ DECODE_ESP_HEADER_TRUNC_STR

#define DECODE_ESP_HEADER_TRUNC_STR   "(snort_decoder) WARNING: truncated Encapsulated Security Payload (ESP) header"

Definition at line 706 of file generators.h.

◆ DECODE_ETH_HDR_TRUNC_STR

#define DECODE_ETH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated eth header"

Definition at line 737 of file generators.h.

◆ DECODE_FPATH_HDR_TRUNC_STR

#define DECODE_FPATH_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated FabricPath header"

Definition at line 780 of file generators.h.

◆ DECODE_GTP_BAD_LEN

#define DECODE_GTP_BAD_LEN   298

Definition at line 154 of file generators.h.

◆ DECODE_GTP_BAD_LEN_STR

#define DECODE_GTP_BAD_LEN_STR   "(snort_decoder) WARNING: GTP header length is invalid"

Definition at line 712 of file generators.h.

◆ DECODE_GTP_MULTIPLE_ENCAPSULATION

#define DECODE_GTP_MULTIPLE_ENCAPSULATION   297

Definition at line 153 of file generators.h.

◆ DECODE_GTP_MULTIPLE_ENCAPSULATION_STR

#define DECODE_GTP_MULTIPLE_ENCAPSULATION_STR   "(snort_decoder) WARNING: Two or more GTP encapsulation layers present"

Definition at line 711 of file generators.h.

◆ DECODE_ICMP4_DST_BROADCAST_STR

#define DECODE_ICMP4_DST_BROADCAST_STR   "(snort_decoder) WARNING: ICMP4 packet to broadcast dest address"

Definition at line 730 of file generators.h.

◆ DECODE_ICMP4_DST_MULTICAST_STR

#define DECODE_ICMP4_DST_MULTICAST_STR   "(snort_decoder) WARNING: ICMP4 packet to multicast dest address"

Definition at line 729 of file generators.h.

◆ DECODE_ICMP4_HDR_TRUNC_STR

#define DECODE_ICMP4_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated ICMP4 header"

Definition at line 739 of file generators.h.

◆ DECODE_ICMP4_TYPE_OTHER_STR

#define DECODE_ICMP4_TYPE_OTHER_STR   "(snort_decoder) WARNING: ICMP4 type other"

Definition at line 731 of file generators.h.

◆ DECODE_ICMP6_DST_MULTICAST_STR

#define DECODE_ICMP6_DST_MULTICAST_STR   "(snort_decoder) WARNING: ICMP6 packet to multicast address"

Definition at line 745 of file generators.h.

◆ DECODE_ICMP6_HDR_TRUNC_STR

#define DECODE_ICMP6_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated ICMP6 header"

Definition at line 740 of file generators.h.

◆ DECODE_ICMP6_TYPE_OTHER_STR

#define DECODE_ICMP6_TYPE_OTHER_STR   "(snort_decoder) WARNING: ICMP6 type not decoded"

Definition at line 744 of file generators.h.

◆ DECODE_ICMP_BROADSCAN_SMURF_SCANNER_STR

#define DECODE_ICMP_BROADSCAN_SMURF_SCANNER_STR   "(snort_decoder) WARNING: Broadscan Smurf Scanner"

Definition at line 753 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_ADDRHDR

#define DECODE_ICMP_DGRAM_LT_ADDRHDR   107

Definition at line 76 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_ADDRHDR_STR

#define DECODE_ICMP_DGRAM_LT_ADDRHDR_STR   "(snort_decoder) WARNING: ICMP Address Header Truncated"

Definition at line 642 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_ICMPHDR

#define DECODE_ICMP_DGRAM_LT_ICMPHDR   105

Definition at line 74 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_ICMPHDR_STR

#define DECODE_ICMP_DGRAM_LT_ICMPHDR_STR   "(snort_decoder) WARNING: ICMP Header Truncated"

Definition at line 640 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR

#define DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR   106

Definition at line 75 of file generators.h.

◆ DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR_STR

#define DECODE_ICMP_DGRAM_LT_TIMESTAMPHDR_STR   "(snort_decoder) WARNING: ICMP Timestamp Header Truncated"

Definition at line 641 of file generators.h.

◆ DECODE_ICMP_DOS_ATTEMPT_STR

#define DECODE_ICMP_DOS_ATTEMPT_STR   "(snort_decoder) WARNING: BAD-TRAFFIC linux ICMP header dos attempt"

Definition at line 765 of file generators.h.

◆ DECODE_ICMP_DST_UNREACH_ADMIN_PROHIBITED_STR

#define DECODE_ICMP_DST_UNREACH_ADMIN_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication Administratively Prohibited"

Definition at line 754 of file generators.h.

◆ DECODE_ICMP_DST_UNREACH_DST_HOST_PROHIBITED_STR

#define DECODE_ICMP_DST_UNREACH_DST_HOST_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited"

Definition at line 755 of file generators.h.

◆ DECODE_ICMP_DST_UNREACH_DST_NET_PROHIBITED_STR

#define DECODE_ICMP_DST_UNREACH_DST_NET_PROHIBITED_STR   "(snort_decoder) WARNING: ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited"

Definition at line 756 of file generators.h.

◆ DECODE_ICMP_ICMPENUM_STR

#define DECODE_ICMP_ICMPENUM_STR   "(snort_decoder) WARNING: ICMP icmpenum v1.1.1"

Definition at line 748 of file generators.h.

◆ DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP

#define DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP   252

Definition at line 118 of file generators.h.

◆ DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP_STR

#define DECODE_ICMP_ORIG_DGRAM_LT_ORIG_IP_STR   "(snort_decoder) WARNING: ICMP Original Datagram Length < Original IP Header Length"

Definition at line 674 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_TRUNCATED

#define DECODE_ICMP_ORIG_IP_TRUNCATED   250

Definition at line 116 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_TRUNCATED_STR

#define DECODE_ICMP_ORIG_IP_TRUNCATED_STR   "(snort_decoder) WARNING: ICMP Original IP Header Truncated"

Definition at line 672 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_VER_MISMATCH

#define DECODE_ICMP_ORIG_IP_VER_MISMATCH   251

Definition at line 117 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_VER_MISMATCH_STR

#define DECODE_ICMP_ORIG_IP_VER_MISMATCH_STR   "(snort_decoder) WARNING: ICMP version and Original IP Header versions differ"

Definition at line 673 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET

#define DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET   255

Definition at line 121 of file generators.h.

◆ DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET_STR

#define DECODE_ICMP_ORIG_IP_WITH_FRAGOFFSET_STR   "(snort_decoder) WARNING: ICMP Original IP Fragmented and Offset Not 0"

Definition at line 677 of file generators.h.

◆ DECODE_ICMP_ORIG_PAYLOAD_GT_576

#define DECODE_ICMP_ORIG_PAYLOAD_GT_576   254

Definition at line 120 of file generators.h.

◆ DECODE_ICMP_ORIG_PAYLOAD_GT_576_STR

#define DECODE_ICMP_ORIG_PAYLOAD_GT_576_STR   "(snort_decoder) WARNING: ICMP Origianl IP Payload > 576 bytes"

Definition at line 676 of file generators.h.

◆ DECODE_ICMP_ORIG_PAYLOAD_LT_64

#define DECODE_ICMP_ORIG_PAYLOAD_LT_64   253

Definition at line 119 of file generators.h.

◆ DECODE_ICMP_ORIG_PAYLOAD_LT_64_STR

#define DECODE_ICMP_ORIG_PAYLOAD_LT_64_STR   "(snort_decoder) WARNING: ICMP Original IP Payload < 64 bits"

Definition at line 675 of file generators.h.

◆ DECODE_ICMP_PATH_MTU_DOS_STR

#define DECODE_ICMP_PATH_MTU_DOS_STR   "(snort_decoder) WARNING: ICMP PATH MTU denial of service attempt"

Definition at line 764 of file generators.h.

◆ DECODE_ICMP_PING_NMAP_STR

#define DECODE_ICMP_PING_NMAP_STR   "(snort_decoder) WARNING: ICMP PING NMAP"

Definition at line 747 of file generators.h.

◆ DECODE_ICMP_REDIRECT_HOST_STR

#define DECODE_ICMP_REDIRECT_HOST_STR   "(snort_decoder) WARNING: ICMP redirect host"

Definition at line 749 of file generators.h.

◆ DECODE_ICMP_REDIRECT_NET_STR

#define DECODE_ICMP_REDIRECT_NET_STR   "(snort_decoder) WARNING: ICMP redirect net"

Definition at line 750 of file generators.h.

◆ DECODE_ICMP_SOURCE_QUENCH_STR

#define DECODE_ICMP_SOURCE_QUENCH_STR   "(snort_decoder) WARNING: ICMP Source Quench"

Definition at line 752 of file generators.h.

◆ DECODE_ICMP_TRACEROUTE_IPOPTS_STR

#define DECODE_ICMP_TRACEROUTE_IPOPTS_STR   "(snort_decoder) WARNING: ICMP traceroute ipopts"

Definition at line 751 of file generators.h.

◆ DECODE_ICMPV6_ADVERT_BAD_CODE

#define DECODE_ICMPV6_ADVERT_BAD_CODE   288

Definition at line 141 of file generators.h.

◆ DECODE_ICMPV6_ADVERT_BAD_CODE_STR

#define DECODE_ICMPV6_ADVERT_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 router advertisement packet with a code not equal to 0"

Definition at line 698 of file generators.h.

◆ DECODE_ICMPV6_ADVERT_BAD_REACHABLE

#define DECODE_ICMPV6_ADVERT_BAD_REACHABLE   290

Definition at line 143 of file generators.h.

◆ DECODE_ICMPV6_ADVERT_BAD_REACHABLE_STR

#define DECODE_ICMPV6_ADVERT_BAD_REACHABLE_STR   "(snort_decoder) WARNING: ICMPv6 router advertisement packet with the reachable time field set > 1 hour"

Definition at line 700 of file generators.h.

◆ DECODE_ICMPV6_NODE_INFO_BAD_CODE_STR

#define DECODE_ICMPV6_NODE_INFO_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 node info query/response packet with a code greater than 2"

Definition at line 773 of file generators.h.

◆ DECODE_ICMPV6_SOLICITATION_BAD_CODE

#define DECODE_ICMPV6_SOLICITATION_BAD_CODE   287

Definition at line 140 of file generators.h.

◆ DECODE_ICMPV6_SOLICITATION_BAD_CODE_STR

#define DECODE_ICMPV6_SOLICITATION_BAD_CODE_STR   "(snort_decoder) WARNING: ICMPv6 router solicitation packet with a code not equal to 0"

Definition at line 697 of file generators.h.

◆ DECODE_ICMPV6_SOLICITATION_BAD_RESERVED

#define DECODE_ICMPV6_SOLICITATION_BAD_RESERVED   289

Definition at line 142 of file generators.h.

◆ DECODE_ICMPV6_SOLICITATION_BAD_RESERVED_STR

#define DECODE_ICMPV6_SOLICITATION_BAD_RESERVED_STR   "(snort_decoder) WARNING: ICMPv6 router solicitation packet with the reserved field not equal to 0"

Definition at line 699 of file generators.h.

◆ DECODE_ICMPV6_TOO_BIG_BAD_MTU

#define DECODE_ICMPV6_TOO_BIG_BAD_MTU   285

Definition at line 138 of file generators.h.

◆ DECODE_ICMPV6_TOO_BIG_BAD_MTU_STR

#define DECODE_ICMPV6_TOO_BIG_BAD_MTU_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 2 (message too big) with MTU field < 1280"

Definition at line 695 of file generators.h.

◆ DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE

#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE   286

Definition at line 139 of file generators.h.

◆ DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE_STR

#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_2463_CODE_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 1 (destination unreachable) with non-RFC 2463 code"

Definition at line 696 of file generators.h.

◆ DECODE_ICMPV6_UNREACHABLE_NON_RFC_4443_CODE_STR

#define DECODE_ICMPV6_UNREACHABLE_NON_RFC_4443_CODE_STR   "(snort_decoder) WARNING: ICMPv6 packet of type 1 (destination unreachable) with non-RFC 4443 code"

Definition at line 770 of file generators.h.

◆ DECODE_IGMP_OPTIONS_DOS_STR

#define DECODE_IGMP_OPTIONS_DOS_STR   "(snort_decoder) WARNING: DOS IGMP IP Options validation attempt"

Definition at line 768 of file generators.h.

◆ DECODE_IP4_DF_OFFSET_STR

#define DECODE_IP4_DF_OFFSET_STR   "(snort_decoder) WARNING: IPV4 packet both DF and offset set"

Definition at line 743 of file generators.h.

◆ DECODE_IP4_DST_BROADCAST_STR

#define DECODE_IP4_DST_BROADCAST_STR   "(snort_decoder) WARNING: IPV4 packet to broadcast dest address"

Definition at line 728 of file generators.h.

◆ DECODE_IP4_DST_RESERVED_STR

#define DECODE_IP4_DST_RESERVED_STR   "(snort_decoder) WARNING: IPV4 packet to reserved dest address"

Definition at line 726 of file generators.h.

◆ DECODE_IP4_DST_THIS_NET_STR

#define DECODE_IP4_DST_THIS_NET_STR   "(snort_decoder) WARNING: IPV4 packet to 'current net' dest address"

Definition at line 723 of file generators.h.

◆ DECODE_IP4_HDR_TRUNC_STR

#define DECODE_IP4_HDR_TRUNC_STR   "(snort_decoder) WARNING: truncated IP4 header"

Definition at line 738 of file generators.h.

◆ DECODE_IP4_LEN_OFFSET_STR

#define DECODE_IP4_LEN_OFFSET_STR   "(snort_decoder) WARNING: IPV4 packet frag offset + length exceed maximum"

Definition at line 721 of file generators.h.

◆ DECODE_IP4_MIN_TTL_STR

#define DECODE_IP4_MIN_TTL_STR   "(snort decoder) WARNING: IPV4 packet below TTL limit"

Definition at line 741 of file generators.h.

◆ DECODE_IP4_SRC_BROADCAST_STR

#define DECODE_IP4_SRC_BROADCAST_STR   "(snort_decoder) WARNING: IPV4 packet from broadcast source address"

Definition at line 727 of file generators.h.

◆ DECODE_IP4_SRC_MULTICAST_STR

#define DECODE_IP4_SRC_MULTICAST_STR   "(snort_decoder) WARNING: IPV4 packet from multicast source address"

Definition at line 724 of file generators.h.

◆ DECODE_IP4_SRC_RESERVED_STR

#define DECODE_IP4_SRC_RESERVED_STR   "(snort_decoder) WARNING: IPV4 packet from reserved source address"

Definition at line 725 of file generators.h.

◆ DECODE_IP4_SRC_THIS_NET_STR

#define DECODE_IP4_SRC_THIS_NET_STR   "(snort_decoder) WARNING: IPV4 packet from 'current net' source address"

Definition at line 722 of file generators.h.

◆ DECODE_IP6_EXCESS_EXT_HDR_STR

#define DECODE_IP6_EXCESS_EXT_HDR_STR   "(snort_decoder) WARNING: too many IP6 extension headers"

Definition at line 769 of file generators.h.

◆ DECODE_IP6_ZERO_HOP_LIMIT_STR

#define DECODE_IP6_ZERO_HOP_LIMIT_STR   "(snort decoder) WARNING: IPV6 packet has zero hop limit"

Definition at line 742 of file generators.h.

◆ DECODE_IP_BAD_PROTO_STR

#define DECODE_IP_BAD_PROTO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC Bad IP protocol"

Definition at line 763 of file generators.h.

◆ DECODE_IP_MULTIPLE_ENCAPSULATION

#define DECODE_IP_MULTIPLE_ENCAPSULATION   293

Definition at line 147 of file generators.h.

◆ DECODE_IP_MULTIPLE_ENCAPSULATION_STR

#define DECODE_IP_MULTIPLE_ENCAPSULATION_STR   "(snort_decoder) WARNING: Two or more IP (v4 and/or v6) encapsulation layers present"

Definition at line 704 of file generators.h.

◆ DECODE_IP_OPTION_SET_STR

#define DECODE_IP_OPTION_SET_STR   "(snort_decoder) WARNING: MISC IP option set"

Definition at line 757 of file generators.h.

◆ DECODE_IP_RESERVED_FRAG_BIT_STR

#define DECODE_IP_RESERVED_FRAG_BIT_STR   "(snort_decoder) WARNING: BAD-TRAFFIC IP reserved bit set"

Definition at line 761 of file generators.h.

◆ DECODE_IP_UNASSIGNED_PROTO_STR

#define DECODE_IP_UNASSIGNED_PROTO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC Unassigned/Reserved IP protocol"

Definition at line 762 of file generators.h.

◆ DECODE_IPV4_DGRAM_GT_CAPLEN

#define DECODE_IPV4_DGRAM_GT_CAPLEN   6

Definition at line 56 of file generators.h.

◆ DECODE_IPV4_DGRAM_GT_CAPLEN_STR

#define DECODE_IPV4_DGRAM_GT_CAPLEN_STR   "(snort_decoder) WARNING: IP dgm len > captured len"

Definition at line 621 of file generators.h.

◆ DECODE_IPV4_DGRAM_LT_IPHDR

#define DECODE_IPV4_DGRAM_LT_IPHDR   3

Definition at line 53 of file generators.h.

◆ DECODE_IPV4_DGRAM_LT_IPHDR_STR

#define DECODE_IPV4_DGRAM_LT_IPHDR_STR   "(snort_decoder) WARNING: IP dgm len < IP Hdr len"

Definition at line 618 of file generators.h.

◆ DECODE_IPV4_DGRAM_UNKNOWN_STR

#define DECODE_IPV4_DGRAM_UNKNOWN_STR   "(snort_decoder) WARNING: Unknown Datagram decoding problem"

Definition at line 643 of file generators.h.

◆ DECODE_IPV4_INVALID_HEADER_LEN

#define DECODE_IPV4_INVALID_HEADER_LEN   2

Definition at line 52 of file generators.h.

◆ DECODE_IPV4_INVALID_HEADER_LEN_STR

#define DECODE_IPV4_INVALID_HEADER_LEN_STR   "(snort_decoder) WARNING: hlen < IP_HEADER_LEN"

Definition at line 617 of file generators.h.

◆ DECODE_IPV4OPT_BADLEN

#define DECODE_IPV4OPT_BADLEN   4

Definition at line 54 of file generators.h.

◆ DECODE_IPV4OPT_BADLEN_STR

#define DECODE_IPV4OPT_BADLEN_STR   "(snort_decoder) WARNING: Ipv4 Options found with bad lengths"

Definition at line 619 of file generators.h.

◆ DECODE_IPV4OPT_TRUNCATED

#define DECODE_IPV4OPT_TRUNCATED   5

Definition at line 55 of file generators.h.

◆ DECODE_IPV4OPT_TRUNCATED_STR

#define DECODE_IPV4OPT_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated Ipv4 Options"

Definition at line 620 of file generators.h.

◆ DECODE_IPV6_BAD_FRAG_PKT_STR

#define DECODE_IPV6_BAD_FRAG_PKT_STR   "(snort_decoder) WARNING: bogus fragmentation packet. Possible BSD attack"

Definition at line 771 of file generators.h.

◆ DECODE_IPV6_BAD_MULTICAST_SCOPE

#define DECODE_IPV6_BAD_MULTICAST_SCOPE   280

Definition at line 133 of file generators.h.

◆ DECODE_IPV6_BAD_MULTICAST_SCOPE_STR

#define DECODE_IPV6_BAD_MULTICAST_SCOPE_STR   "(snort_decoder) WARNING: IPv6 address includes an unassigned multicast scope value"

Definition at line 690 of file generators.h.

◆ DECODE_IPV6_BAD_NEXT_HEADER

#define DECODE_IPV6_BAD_NEXT_HEADER   281

Definition at line 134 of file generators.h.

◆ DECODE_IPV6_BAD_NEXT_HEADER_STR

#define DECODE_IPV6_BAD_NEXT_HEADER_STR   "(snort_decoder) WARNING: IPv6 header includes an invalid value for the \"next header\" field"

Definition at line 691 of file generators.h.

◆ DECODE_IPV6_BAD_OPT_LEN

#define DECODE_IPV6_BAD_OPT_LEN   295

Definition at line 150 of file generators.h.

◆ DECODE_IPV6_BAD_OPT_LEN_STR

#define DECODE_IPV6_BAD_OPT_LEN_STR   "(snort_decoder) WARNING: IPv6 header includes an option which is too big for the containing header"

Definition at line 708 of file generators.h.

◆ DECODE_IPV6_BAD_OPT_TYPE

#define DECODE_IPV6_BAD_OPT_TYPE   279

Definition at line 132 of file generators.h.

◆ DECODE_IPV6_BAD_OPT_TYPE_STR

#define DECODE_IPV6_BAD_OPT_TYPE_STR   "(snort_decoder) WARNING: IPv6 header includes an undefined option type"

Definition at line 689 of file generators.h.

◆ DECODE_IPV6_DGRAM_GT_CAPLEN

#define DECODE_IPV6_DGRAM_GT_CAPLEN   275

Definition at line 128 of file generators.h.

◆ DECODE_IPV6_DGRAM_GT_CAPLEN_STR

#define DECODE_IPV6_DGRAM_GT_CAPLEN_STR   "(snort_decoder) WARNING: IP dgm len > captured len"

Definition at line 684 of file generators.h.

◆ DECODE_IPV6_DGRAM_LT_IPHDR

#define DECODE_IPV6_DGRAM_LT_IPHDR   274

Definition at line 127 of file generators.h.

◆ DECODE_IPV6_DGRAM_LT_IPHDR_STR

#define DECODE_IPV6_DGRAM_LT_IPHDR_STR   "(snort_decoder) WARNING: IP dgm len < IP Hdr len"

Definition at line 683 of file generators.h.

◆ DECODE_IPV6_DST_RESERVED_MULTICAST

#define DECODE_IPV6_DST_RESERVED_MULTICAST   278

Definition at line 131 of file generators.h.

◆ DECODE_IPV6_DST_RESERVED_MULTICAST_STR

#define DECODE_IPV6_DST_RESERVED_MULTICAST_STR   "(snort_decoder) WARNING: IPv6 packet with reserved multicast destination address"

Definition at line 688 of file generators.h.

◆ DECODE_IPV6_DST_ZERO

#define DECODE_IPV6_DST_ZERO   276

Definition at line 129 of file generators.h.

◆ DECODE_IPV6_DST_ZERO_STR

#define DECODE_IPV6_DST_ZERO_STR   "(snort_decoder) WARNING: IPv6 packet with destination address ::0"

Definition at line 686 of file generators.h.

◆ DECODE_IPV6_DSTOPTS_WITH_ROUTING

#define DECODE_IPV6_DSTOPTS_WITH_ROUTING   292

Definition at line 146 of file generators.h.

◆ DECODE_IPV6_DSTOPTS_WITH_ROUTING_STR

#define DECODE_IPV6_DSTOPTS_WITH_ROUTING_STR   "(snort_decoder) WARNING: IPv6 header has destination options followed by a routing header"

Definition at line 694 of file generators.h.

◆ DECODE_IPV6_IS_NOT

#define DECODE_IPV6_IS_NOT   271

Definition at line 124 of file generators.h.

◆ DECODE_IPV6_IS_NOT_STR

#define DECODE_IPV6_IS_NOT_STR   "(snort decoder) WARNING: IPv6 header claims to not be IPv6"

Definition at line 680 of file generators.h.

◆ DECODE_IPV6_ISATAP_SPOOF_STR

#define DECODE_IPV6_ISATAP_SPOOF_STR   "(snort_decoder) WARNING: BAD-TRAFFIC ISATAP-addressed IPv6 traffic spoofing attempt"

Definition at line 766 of file generators.h.

◆ DECODE_IPV6_MIN_TTL

#define DECODE_IPV6_MIN_TTL   270

Definition at line 123 of file generators.h.

◆ DECODE_IPV6_MIN_TTL_STR

#define DECODE_IPV6_MIN_TTL_STR   "(snort decoder) WARNING: IPv6 packet below TTL limit"

Definition at line 679 of file generators.h.

◆ DECODE_IPV6_ROUTE_AND_HOPBYHOP

#define DECODE_IPV6_ROUTE_AND_HOPBYHOP   282

Definition at line 135 of file generators.h.

◆ DECODE_IPV6_ROUTE_AND_HOPBYHOP_STR

#define DECODE_IPV6_ROUTE_AND_HOPBYHOP_STR   "(snort_decoder) WARNING: IPv6 header includes a routing extension header followed by a hop-by-hop header"

Definition at line 692 of file generators.h.

◆ DECODE_IPV6_ROUTE_ZERO_STR

#define DECODE_IPV6_ROUTE_ZERO_STR   "(snort decoder) WARNING: IPV6 routing type 0 extension header"

Definition at line 774 of file generators.h.

◆ DECODE_IPV6_SRC_MULTICAST

#define DECODE_IPV6_SRC_MULTICAST   277

Definition at line 130 of file generators.h.

◆ DECODE_IPV6_SRC_MULTICAST_STR

#define DECODE_IPV6_SRC_MULTICAST_STR   "(snort_decoder) WARNING: IPv6 packet with multicast source address"

Definition at line 687 of file generators.h.

◆ DECODE_IPV6_TRUNCATED

#define DECODE_IPV6_TRUNCATED   273

Definition at line 126 of file generators.h.

◆ DECODE_IPV6_TRUNCATED_EXT

#define DECODE_IPV6_TRUNCATED_EXT   272

Definition at line 125 of file generators.h.

◆ DECODE_IPV6_TRUNCATED_EXT_STR

#define DECODE_IPV6_TRUNCATED_EXT_STR   "(snort decoder) WARNING: IPV6 truncated extension header"

Definition at line 681 of file generators.h.

◆ DECODE_IPV6_TRUNCATED_STR

#define DECODE_IPV6_TRUNCATED_STR   "(snort decoder) WARNING: IPV6 truncated header"

Definition at line 682 of file generators.h.

◆ DECODE_IPV6_TUNNELED_IPV4_TRUNCATED

#define DECODE_IPV6_TUNNELED_IPV4_TRUNCATED   291

Definition at line 145 of file generators.h.

◆ DECODE_IPV6_TUNNELED_IPV4_TRUNCATED_STR

#define DECODE_IPV6_TUNNELED_IPV4_TRUNCATED_STR   "(snort_decoder) WARNING: IPV6 tunneled over IPv4, IPv6 header truncated, possible Linux Kernel attack"

Definition at line 702 of file generators.h.

◆ DECODE_IPV6_TWO_ROUTE_HEADERS

#define DECODE_IPV6_TWO_ROUTE_HEADERS   283

Definition at line 136 of file generators.h.

◆ DECODE_IPV6_TWO_ROUTE_HEADERS_STR

#define DECODE_IPV6_TWO_ROUTE_HEADERS_STR   "(snort_decoder) WARNING: IPv6 header includes two routing extension headers"

Definition at line 693 of file generators.h.

◆ DECODE_IPV6_UNORDERED_EXTENSIONS

#define DECODE_IPV6_UNORDERED_EXTENSIONS   296

Definition at line 151 of file generators.h.

◆ DECODE_IPV6_UNORDERED_EXTENSIONS_STR

#define DECODE_IPV6_UNORDERED_EXTENSIONS_STR   "(snort_decoder) WARNING: IPv6 packet includes out-of-order extension headers"

Definition at line 710 of file generators.h.

◆ DECODE_MPLS_LABEL_STACK

#define DECODE_MPLS_LABEL_STACK   176

Definition at line 114 of file generators.h.

◆ DECODE_MPLS_LABEL_STACK_STR

#define DECODE_MPLS_LABEL_STACK_STR   "(snort_decoder) WARNING: Too Many MPLS headers"

Definition at line 831 of file generators.h.

◆ DECODE_MPLS_RESERVED_LABEL

#define DECODE_MPLS_RESERVED_LABEL   175

Definition at line 113 of file generators.h.

◆ DECODE_MPLS_RESERVEDLABEL_STR

#define DECODE_MPLS_RESERVEDLABEL_STR   "(snort_decoder) WARNING: MPLS Label 4, 5,.. or 15 Appears in Header"

Definition at line 830 of file generators.h.

◆ DECODE_MULTICAST_MPLS_STR

#define DECODE_MULTICAST_MPLS_STR   "(snort_decoder) WARNING: Multicast MPLS traffic detected"

Definition at line 832 of file generators.h.

◆ DECODE_NOT_IPV4_DGRAM

#define DECODE_NOT_IPV4_DGRAM   1

Definition at line 51 of file generators.h.

◆ DECODE_NOT_IPV4_DGRAM_STR

#define DECODE_NOT_IPV4_DGRAM_STR   "(snort_decoder) WARNING: Not IPv4 datagram"

Definition at line 616 of file generators.h.

◆ DECODE_NOT_IPV6_DGRAM_STR

#define DECODE_NOT_IPV6_DGRAM_STR   "(snort_decoder) WARNING: Not an IPv6 datagram"

Definition at line 622 of file generators.h.

◆ DECODE_PGM_NAK_OVERFLOW_STR

#define DECODE_PGM_NAK_OVERFLOW_STR   "(snort_decoder) WARNING: BAD-TRAFFIC PGM nak list overflow attempt"

Definition at line 767 of file generators.h.

◆ DECODE_START_INDEX

#define DECODE_START_INDEX   400

Definition at line 162 of file generators.h.

◆ DECODE_SYN_TO_MULTICAST_STR

#define DECODE_SYN_TO_MULTICAST_STR   "(snort_decoder) WARNING: Bad Traffic SYN to multicast address"

Definition at line 717 of file generators.h.

◆ DECODE_TCP_BAD_URP_STR

#define DECODE_TCP_BAD_URP_STR   "(snort_decoder) WARNING: TCP urgent pointer exceeds payload length or no payload"

Definition at line 732 of file generators.h.

◆ DECODE_TCP_DGRAM_LT_TCPHDR

#define DECODE_TCP_DGRAM_LT_TCPHDR   45

Definition at line 58 of file generators.h.

◆ DECODE_TCP_DGRAM_LT_TCPHDR_STR

#define DECODE_TCP_DGRAM_LT_TCPHDR_STR   "(snort_decoder) WARNING: TCP packet len is smaller than 20 bytes"

Definition at line 624 of file generators.h.

◆ DECODE_TCP_INVALID_OFFSET

#define DECODE_TCP_INVALID_OFFSET   46

Definition at line 59 of file generators.h.

◆ DECODE_TCP_INVALID_OFFSET_STR

#define DECODE_TCP_INVALID_OFFSET_STR   "(snort_decoder) WARNING: TCP Data Offset is less than 5"

Definition at line 625 of file generators.h.

◆ DECODE_TCP_LARGE_OFFSET

#define DECODE_TCP_LARGE_OFFSET   47

Definition at line 60 of file generators.h.

◆ DECODE_TCP_LARGE_OFFSET_STR

#define DECODE_TCP_LARGE_OFFSET_STR   "(snort_decoder) WARNING: TCP Header length exceeds packet length"

Definition at line 626 of file generators.h.

◆ DECODE_TCP_MUST_ACK_STR

#define DECODE_TCP_MUST_ACK_STR   "(snort_decoder) WARNING: TCP PDU missing ack for established session"

Definition at line 735 of file generators.h.

◆ DECODE_TCP_NMAP_XMAS_STR

#define DECODE_TCP_NMAP_XMAS_STR   "(snort_decoder) WARNING: Nmap XMAS Attack Detected"

Definition at line 714 of file generators.h.

◆ DECODE_TCP_NO_SYN_ACK_RST_STR

#define DECODE_TCP_NO_SYN_ACK_RST_STR   "(snort_decoder) WARNING: TCP has no SYN, ACK, or RST"

Definition at line 736 of file generators.h.

◆ DECODE_TCP_PORT_ZERO_STR

#define DECODE_TCP_PORT_ZERO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC TCP port 0 traffic"

Definition at line 759 of file generators.h.

◆ DECODE_TCP_SHAFT_SYNFLOOD_STR

#define DECODE_TCP_SHAFT_SYNFLOOD_STR   "(snort_decoder) WARNING: DDOS shaft synflood"

Definition at line 746 of file generators.h.

◆ DECODE_TCP_SYN_FIN_STR

#define DECODE_TCP_SYN_FIN_STR   "(snort_decoder) WARNING: TCP SYN with FIN"

Definition at line 733 of file generators.h.

◆ DECODE_TCP_SYN_RST_STR

#define DECODE_TCP_SYN_RST_STR   "(snort_decoder) WARNING: TCP SYN with RST"

Definition at line 734 of file generators.h.

◆ DECODE_TCP_XMAS_STR

#define DECODE_TCP_XMAS_STR   "(snort_decoder) WARNING: XMAS Attack Detected"

Definition at line 713 of file generators.h.

◆ DECODE_TCPOPT_BADLEN

#define DECODE_TCPOPT_BADLEN   54

Definition at line 62 of file generators.h.

◆ DECODE_TCPOPT_BADLEN_STR

#define DECODE_TCPOPT_BADLEN_STR   "(snort_decoder) WARNING: Tcp Options found with bad lengths"

Definition at line 628 of file generators.h.

◆ DECODE_TCPOPT_EXPERIMENT

#define DECODE_TCPOPT_EXPERIMENT   58

Definition at line 66 of file generators.h.

◆ DECODE_TCPOPT_EXPERIMENT_STR

#define DECODE_TCPOPT_EXPERIMENT_STR   "(snort_decoder) WARNING: Experimental Tcp Options found"

Definition at line 632 of file generators.h.

◆ DECODE_TCPOPT_OBSOLETE

#define DECODE_TCPOPT_OBSOLETE   57

Definition at line 65 of file generators.h.

◆ DECODE_TCPOPT_OBSOLETE_STR

#define DECODE_TCPOPT_OBSOLETE_STR   "(snort_decoder) WARNING: Obsolete TCP Options found"

Definition at line 631 of file generators.h.

◆ DECODE_TCPOPT_TRUNCATED

#define DECODE_TCPOPT_TRUNCATED   55

Definition at line 63 of file generators.h.

◆ DECODE_TCPOPT_TRUNCATED_STR

#define DECODE_TCPOPT_TRUNCATED_STR   "(snort_decoder) WARNING: Truncated Tcp Options"

Definition at line 629 of file generators.h.

◆ DECODE_TCPOPT_TTCP

#define DECODE_TCPOPT_TTCP   56

Definition at line 64 of file generators.h.

◆ DECODE_TCPOPT_TTCP_STR

#define DECODE_TCPOPT_TTCP_STR   "(snort_decoder) WARNING: T/TCP Detected"

Definition at line 630 of file generators.h.

◆ DECODE_TCPOPT_WSCALE_INVALID

#define DECODE_TCPOPT_WSCALE_INVALID   59

Definition at line 67 of file generators.h.

◆ DECODE_TCPOPT_WSCALE_INVALID_STR

#define DECODE_TCPOPT_WSCALE_INVALID_STR   "(snort_decoder) WARNING: Tcp Window Scale Option found with length > 14"

Definition at line 633 of file generators.h.

◆ DECODE_UDP_DGRAM_INVALID_LENGTH

#define DECODE_UDP_DGRAM_INVALID_LENGTH   96

Definition at line 70 of file generators.h.

◆ DECODE_UDP_DGRAM_INVALID_LENGTH_STR

#define DECODE_UDP_DGRAM_INVALID_LENGTH_STR   "(snort_decoder) WARNING: Invalid UDP header, length field < 8"

Definition at line 636 of file generators.h.

◆ DECODE_UDP_DGRAM_LONG_PACKET

#define DECODE_UDP_DGRAM_LONG_PACKET   98

Definition at line 72 of file generators.h.

◆ DECODE_UDP_DGRAM_LONG_PACKET_STR

#define DECODE_UDP_DGRAM_LONG_PACKET_STR   "(snort_decoder) WARNING: Long UDP packet, length field < payload length"

Definition at line 638 of file generators.h.

◆ DECODE_UDP_DGRAM_LT_UDPHDR

#define DECODE_UDP_DGRAM_LT_UDPHDR   95

Definition at line 69 of file generators.h.

◆ DECODE_UDP_DGRAM_LT_UDPHDR_STR

#define DECODE_UDP_DGRAM_LT_UDPHDR_STR   "(snort_decoder) WARNING: Truncated UDP Header"

Definition at line 635 of file generators.h.

◆ DECODE_UDP_DGRAM_SHORT_PACKET

#define DECODE_UDP_DGRAM_SHORT_PACKET   97

Definition at line 71 of file generators.h.

◆ DECODE_UDP_DGRAM_SHORT_PACKET_STR

#define DECODE_UDP_DGRAM_SHORT_PACKET_STR   "(snort_decoder) WARNING: Short UDP packet, length field > payload length"

Definition at line 637 of file generators.h.

◆ DECODE_UDP_IPV6_ZERO_CHECKSUM_STR

#define DECODE_UDP_IPV6_ZERO_CHECKSUM_STR   "(snort_decoder) WARNING: Invalid IPv6 UDP packet, checksum zero"

Definition at line 720 of file generators.h.

◆ DECODE_UDP_LARGE_PACKET_STR

#define DECODE_UDP_LARGE_PACKET_STR   "(snort_decoder) WARNING: MISC Large UDP Packet"

Definition at line 758 of file generators.h.

◆ DECODE_UDP_PORT_ZERO_STR

#define DECODE_UDP_PORT_ZERO_STR   "(snort_decoder) WARNING: BAD-TRAFFIC UDP port 0 traffic"

Definition at line 760 of file generators.h.

◆ DECODE_ZERO_LENGTH_FRAG_STR

#define DECODE_ZERO_LENGTH_FRAG_STR   "(snort_decoder) WARNING: fragment with zero length"

Definition at line 772 of file generators.h.

◆ DECODE_ZERO_TTL_STR

#define DECODE_ZERO_TTL_STR   "(snort_decoder) WARNING: IPV4 packet with zero TTL"

Definition at line 718 of file generators.h.

◆ DNS_EVENT_EXPERIMENTAL_TYPES

#define DNS_EVENT_EXPERIMENTAL_TYPES   2

Definition at line 448 of file generators.h.

◆ DNS_EVENT_OBSOLETE_TYPES

#define DNS_EVENT_OBSOLETE_TYPES   1

Definition at line 447 of file generators.h.

◆ DNS_EVENT_RDATA_OVERFLOW

#define DNS_EVENT_RDATA_OVERFLOW   3

Definition at line 449 of file generators.h.

◆ FRAG3_ANOM_BADSIZE_LG_STR

#define FRAG3_ANOM_BADSIZE_LG_STR   "(spp_frag3) Bad fragment size, packet size is greater than 65536"

Definition at line 572 of file generators.h.

◆ FRAG3_ANOM_BADSIZE_SM_STR

#define FRAG3_ANOM_BADSIZE_SM_STR   "(spp_frag3) Bad fragment size, packet size is negative"

Definition at line 571 of file generators.h.

◆ FRAG3_ANOM_OVERSIZE_STR

#define FRAG3_ANOM_OVERSIZE_STR   "(spp_frag3) Fragment packet ends after defragmented packet"

Definition at line 569 of file generators.h.

◆ FRAG3_ANOM_OVLP_STR

#define FRAG3_ANOM_OVLP_STR   "(spp_frag3) Fragmentation overlap"

Definition at line 573 of file generators.h.

◆ FRAG3_ANOM_ZERO_STR

#define FRAG3_ANOM_ZERO_STR   "(spp_frag3) Zero-byte fragment packet"

Definition at line 570 of file generators.h.

◆ FRAG3_ANOMALY_BADSIZE_LG

#define FRAG3_ANOMALY_BADSIZE_LG   7

Definition at line 358 of file generators.h.

◆ FRAG3_ANOMALY_BADSIZE_SM

#define FRAG3_ANOMALY_BADSIZE_SM   6

Definition at line 357 of file generators.h.

◆ FRAG3_ANOMALY_OVERSIZE

#define FRAG3_ANOMALY_OVERSIZE   4

Definition at line 355 of file generators.h.

◆ FRAG3_ANOMALY_OVLP

#define FRAG3_ANOMALY_OVLP   8

Definition at line 359 of file generators.h.

◆ FRAG3_ANOMALY_ZERO

#define FRAG3_ANOMALY_ZERO   5

Definition at line 356 of file generators.h.

◆ FRAG3_EXCESSIVE_OVERLAP

#define FRAG3_EXCESSIVE_OVERLAP   12

Definition at line 369 of file generators.h.

◆ FRAG3_EXCESSIVE_OVERLAP_STR

#define FRAG3_EXCESSIVE_OVERLAP_STR   "(spp_frag3) Excessive fragment overlap"

Definition at line 583 of file generators.h.

◆ FRAG3_IPOPTIONS

#define FRAG3_IPOPTIONS   1

Definition at line 352 of file generators.h.

◆ FRAG3_IPOPTIONS_STR

#define FRAG3_IPOPTIONS_STR   "(spp_frag3) Inconsistent IP Options on Fragmented Packets"

Definition at line 566 of file generators.h.

◆ FRAG3_MIN_TTL_EVASION

#define FRAG3_MIN_TTL_EVASION   11

Definition at line 368 of file generators.h.

◆ FRAG3_MIN_TTL_EVASION_STR

#define FRAG3_MIN_TTL_EVASION_STR   "(spp_frag3) TTL value less than configured minimum, not using for reassembly"

Definition at line 582 of file generators.h.

◆ FRAG3_SHORT_FRAG

#define FRAG3_SHORT_FRAG   3

Definition at line 354 of file generators.h.

◆ FRAG3_SHORT_FRAG_STR

#define FRAG3_SHORT_FRAG_STR   "(spp_frag3) Short fragment, possible DoS attempt"

Definition at line 568 of file generators.h.

◆ FRAG3_TEARDROP

#define FRAG3_TEARDROP   2

Definition at line 353 of file generators.h.

◆ FRAG3_TEARDROP_STR

#define FRAG3_TEARDROP_STR   "(spp_frag3) Teardrop attack"

Definition at line 567 of file generators.h.

◆ FRAG3_TINY_FRAGMENT

#define FRAG3_TINY_FRAGMENT   13

Definition at line 370 of file generators.h.

◆ FRAG3_TINY_FRAGMENT_STR

#define FRAG3_TINY_FRAGMENT_STR   "(spp_frag3) Tiny fragment"

Definition at line 584 of file generators.h.

◆ FTPP_FTP_BOUNCE

#define FTPP_FTP_BOUNCE   8

Definition at line 407 of file generators.h.

◆ FTPP_FTP_ENCRYPTED

#define FTPP_FTP_ENCRYPTED   7

Definition at line 406 of file generators.h.

◆ FTPP_FTP_INVALID_CMD

#define FTPP_FTP_INVALID_CMD   2

Definition at line 401 of file generators.h.

◆ FTPP_FTP_MALFORMED_PARAMETER

#define FTPP_FTP_MALFORMED_PARAMETER   4

Definition at line 403 of file generators.h.

◆ FTPP_FTP_PARAMETER_LENGTH_OVERFLOW

#define FTPP_FTP_PARAMETER_LENGTH_OVERFLOW   3

Definition at line 402 of file generators.h.

◆ FTPP_FTP_PARAMETER_STR_FORMAT

#define FTPP_FTP_PARAMETER_STR_FORMAT   5

Definition at line 404 of file generators.h.

◆ FTPP_FTP_RESPONSE_LENGTH_OVERFLOW

#define FTPP_FTP_RESPONSE_LENGTH_OVERFLOW   6

Definition at line 405 of file generators.h.

◆ FTPP_FTP_TELNET_CMD

#define FTPP_FTP_TELNET_CMD   1

Definition at line 400 of file generators.h.

◆ FTPP_TELNET_AYT_OVERFLOW

#define FTPP_TELNET_AYT_OVERFLOW   1

Definition at line 409 of file generators.h.

◆ FTPP_TELNET_ENCRYPTED

#define FTPP_TELNET_ENCRYPTED   2

Definition at line 410 of file generators.h.

◆ FTPP_TELNET_SUBNEG_BEGIN_NO_END

#define FTPP_TELNET_SUBNEG_BEGIN_NO_END   3

Definition at line 411 of file generators.h.

◆ GENERATOR_DCE2

#define GENERATOR_DCE2   133

Definition at line 453 of file generators.h.

◆ GENERATOR_DNS

#define GENERATOR_DNS   131

Definition at line 446 of file generators.h.

◆ GENERATOR_INTERNAL

#define GENERATOR_INTERNAL   135

Definition at line 519 of file generators.h.

◆ GENERATOR_PPM

#define GENERATOR_PPM   134

Definition at line 514 of file generators.h.

◆ GENERATOR_PSNG

#define GENERATOR_PSNG   122

Definition at line 318 of file generators.h.

◆ GENERATOR_SKYPE

#define GENERATOR_SKYPE   132

Definition at line 451 of file generators.h.

◆ GENERATOR_SMTP

#define GENERATOR_SMTP   124

Definition at line 372 of file generators.h.

◆ GENERATOR_SNORT_DECODE

#define GENERATOR_SNORT_DECODE   116

Definition at line 50 of file generators.h.

◆ GENERATOR_SNORT_ENGINE

#define GENERATOR_SNORT_ENGINE   1

Definition at line 26 of file generators.h.

◆ GENERATOR_SPP_ARPSPOOF

#define GENERATOR_SPP_ARPSPOOF   112

Definition at line 44 of file generators.h.

◆ GENERATOR_SPP_BO

#define GENERATOR_SPP_BO   105

Definition at line 31 of file generators.h.

◆ GENERATOR_SPP_CIP

#define GENERATOR_SPP_CIP   148

Definition at line 545 of file generators.h.

◆ GENERATOR_SPP_DNP3

#define GENERATOR_SPP_DNP3   145

Definition at line 540 of file generators.h.

◆ GENERATOR_SPP_FRAG3

#define GENERATOR_SPP_FRAG3   123

Definition at line 351 of file generators.h.

◆ GENERATOR_SPP_FTPP_FTP

#define GENERATOR_SPP_FTPP_FTP   125

Definition at line 399 of file generators.h.

◆ GENERATOR_SPP_FTPP_TELNET

#define GENERATOR_SPP_FTPP_TELNET   126

Definition at line 408 of file generators.h.

◆ GENERATOR_SPP_GTP

#define GENERATOR_SPP_GTP   143

Definition at line 536 of file generators.h.

◆ GENERATOR_SPP_HTTP_INSPECT

#define GENERATOR_SPP_HTTP_INSPECT   120

Definition at line 295 of file generators.h.

◆ GENERATOR_SPP_HTTP_INSPECT_CLIENT

#define GENERATOR_SPP_HTTP_INSPECT_CLIENT   119

Definition at line 251 of file generators.h.

◆ GENERATOR_SPP_ISAKMP

#define GENERATOR_SPP_ISAKMP   127

Definition at line 413 of file generators.h.

◆ GENERATOR_SPP_MODBUS

#define GENERATOR_SPP_MODBUS   144

Definition at line 538 of file generators.h.

◆ GENERATOR_SPP_REPUTATION

#define GENERATOR_SPP_REPUTATION   136

Definition at line 524 of file generators.h.

◆ GENERATOR_SPP_RPC_DECODE

#define GENERATOR_SPP_RPC_DECODE   106

Definition at line 37 of file generators.h.

◆ GENERATOR_SPP_S7COMMPLUS

#define GENERATOR_SPP_S7COMMPLUS   149

Definition at line 546 of file generators.h.

◆ GENERATOR_SPP_SDF_PREPROC

#define GENERATOR_SPP_SDF_PREPROC   139

Definition at line 529 of file generators.h.

◆ GENERATOR_SPP_SDF_RULES

#define GENERATOR_SPP_SDF_RULES   138

Definition at line 528 of file generators.h.

◆ GENERATOR_SPP_SSH

#define GENERATOR_SPP_SSH   128

Definition at line 415 of file generators.h.

◆ GENERATOR_SPP_SSLPP

#define GENERATOR_SPP_SSLPP   137

Definition at line 526 of file generators.h.

◆ GENERATOR_SPP_STREAM

#define GENERATOR_SPP_STREAM   129

Definition at line 424 of file generators.h.

◆ GENERATOR_TAG

#define GENERATOR_TAG   2

Definition at line 28 of file generators.h.

◆ HI_ANOM_SERVER_ALERT

#define HI_ANOM_SERVER_ALERT   1 /* done */

Definition at line 296 of file generators.h.

◆ HI_CLIENT_APACHE_WS

#define HI_CLIENT_APACHE_WS   12 /* done */

Definition at line 266 of file generators.h.

◆ HI_CLIENT_ASCII

#define HI_CLIENT_ASCII   1 /* done */

Definition at line 252 of file generators.h.

◆ HI_CLIENT_BARE_BYTE

#define HI_CLIENT_BARE_BYTE   4 /* done */

Definition at line 255 of file generators.h.

◆ HI_CLIENT_BASE36

#define HI_CLIENT_BASE36   5 /* done */

Definition at line 259 of file generators.h.

◆ HI_CLIENT_BOTH_TRUEIP_XFF_HDRS

#define HI_CLIENT_BOTH_TRUEIP_XFF_HDRS   30

Definition at line 284 of file generators.h.

◆ HI_CLIENT_CHUNK_SIZE_MISMATCH

#define HI_CLIENT_CHUNK_SIZE_MISMATCH   22

Definition at line 276 of file generators.h.

◆ HI_CLIENT_CONSECUTIVE_SMALL_CHUNK_SIZES

#define HI_CLIENT_CONSECUTIVE_SMALL_CHUNK_SIZES   27

Definition at line 281 of file generators.h.

◆ HI_CLIENT_DIR_TRAV

#define HI_CLIENT_DIR_TRAV   11 /* done */

Definition at line 265 of file generators.h.

◆ HI_CLIENT_DOUBLE_DECODE

#define HI_CLIENT_DOUBLE_DECODE   2 /* done */

Definition at line 253 of file generators.h.

◆ HI_CLIENT_EXCEEDS_SPACES

#define HI_CLIENT_EXCEEDS_SPACES   26

Definition at line 280 of file generators.h.

◆ HI_CLIENT_IIS_BACKSLASH

#define HI_CLIENT_IIS_BACKSLASH   9 /* done */

Definition at line 263 of file generators.h.

◆ HI_CLIENT_IIS_DELIMITER

#define HI_CLIENT_IIS_DELIMITER   13 /* done */

Definition at line 267 of file generators.h.

◆ HI_CLIENT_IIS_UNICODE

#define HI_CLIENT_IIS_UNICODE   7 /* done */

Definition at line 261 of file generators.h.

◆ HI_CLIENT_INVALID_RANGE_UNIT_FMT

#define HI_CLIENT_INVALID_RANGE_UNIT_FMT   36

Definition at line 290 of file generators.h.

◆ HI_CLIENT_INVALID_TRUEIP

#define HI_CLIENT_INVALID_TRUEIP   23

Definition at line 277 of file generators.h.

◆ HI_CLIENT_LARGE_CHUNK

#define HI_CLIENT_LARGE_CHUNK   16 /* done */

Definition at line 270 of file generators.h.

◆ HI_CLIENT_LONG_HDR

#define HI_CLIENT_LONG_HDR   19 /* done */

Definition at line 273 of file generators.h.

◆ HI_CLIENT_LONG_HOSTNAME

#define HI_CLIENT_LONG_HOSTNAME   25

Definition at line 279 of file generators.h.

◆ HI_CLIENT_MAX_HEADERS

#define HI_CLIENT_MAX_HEADERS   20 /* done */

Definition at line 274 of file generators.h.

◆ HI_CLIENT_MULTI_SLASH

#define HI_CLIENT_MULTI_SLASH   8 /* done */

Definition at line 262 of file generators.h.

◆ HI_CLIENT_MULTIPLE_CONTLEN

#define HI_CLIENT_MULTIPLE_CONTLEN   21

Definition at line 275 of file generators.h.

◆ HI_CLIENT_MULTIPLE_HOST_HDRS

#define HI_CLIENT_MULTIPLE_HOST_HDRS   24

Definition at line 278 of file generators.h.

◆ HI_CLIENT_MULTIPLE_TRUEIP_IN_SESSION

#define HI_CLIENT_MULTIPLE_TRUEIP_IN_SESSION   29

Definition at line 283 of file generators.h.

◆ HI_CLIENT_NON_RFC_CHAR

#define HI_CLIENT_NON_RFC_CHAR   14 /* done */

Definition at line 268 of file generators.h.

◆ HI_CLIENT_OVERSIZE_DIR

#define HI_CLIENT_OVERSIZE_DIR   15 /* done */

Definition at line 269 of file generators.h.

◆ HI_CLIENT_PIPELINE_MAX

#define HI_CLIENT_PIPELINE_MAX   34

Definition at line 288 of file generators.h.

◆ HI_CLIENT_PROXY_USE

#define HI_CLIENT_PROXY_USE   17 /* done */

Definition at line 271 of file generators.h.

◆ HI_CLIENT_RANGE_FIELD_ERROR

#define HI_CLIENT_RANGE_FIELD_ERROR   38

Definition at line 292 of file generators.h.

◆ HI_CLIENT_RANGE_NON_GET_METHOD

#define HI_CLIENT_RANGE_NON_GET_METHOD   37

Definition at line 291 of file generators.h.

◆ HI_CLIENT_SELF_DIR_TRAV

#define HI_CLIENT_SELF_DIR_TRAV   10 /* done */

Definition at line 264 of file generators.h.

◆ HI_CLIENT_SIMPLE_REQUEST

#define HI_CLIENT_SIMPLE_REQUEST   32

Definition at line 286 of file generators.h.

◆ HI_CLIENT_U_ENCODE

#define HI_CLIENT_U_ENCODE   3 /* done */

Definition at line 254 of file generators.h.

◆ HI_CLIENT_UNBOUNDED_POST

#define HI_CLIENT_UNBOUNDED_POST   28

Definition at line 282 of file generators.h.

◆ HI_CLIENT_UNESCAPED_SPACE_URI

#define HI_CLIENT_UNESCAPED_SPACE_URI   33

Definition at line 287 of file generators.h.

◆ HI_CLIENT_UNKNOWN_METHOD

#define HI_CLIENT_UNKNOWN_METHOD   31

Definition at line 285 of file generators.h.

◆ HI_CLIENT_UTF_8

#define HI_CLIENT_UTF_8   6 /* done */

Definition at line 260 of file generators.h.

◆ HI_CLIENT_WEBROOT_DIR

#define HI_CLIENT_WEBROOT_DIR   18 /* done */

Definition at line 272 of file generators.h.

◆ HI_CLISRV_MSG_SIZE_EXCEPTION

#define HI_CLISRV_MSG_SIZE_EXCEPTION   8

Definition at line 303 of file generators.h.

◆ HI_SERVER_CONSECUTIVE_SMALL_CHUNK_SIZES

#define HI_SERVER_CONSECUTIVE_SMALL_CHUNK_SIZES   7

Definition at line 302 of file generators.h.

◆ HI_SERVER_DECOMPR_FAILED

#define HI_SERVER_DECOMPR_FAILED   6

Definition at line 301 of file generators.h.

◆ HI_SERVER_INVALID_CONTENT_RANGE_UNIT_FMT

#define HI_SERVER_INVALID_CONTENT_RANGE_UNIT_FMT   30

Definition at line 314 of file generators.h.

◆ HI_SERVER_INVALID_STATCODE

#define HI_SERVER_INVALID_STATCODE   2

Definition at line 297 of file generators.h.

◆ HI_SERVER_JS_EXCESS_WS

#define HI_SERVER_JS_EXCESS_WS   10

Definition at line 305 of file generators.h.

◆ HI_SERVER_JS_OBFUSCATION_EXCD

#define HI_SERVER_JS_OBFUSCATION_EXCD   9

Definition at line 304 of file generators.h.

◆ HI_SERVER_MIXED_ENCODINGS

#define HI_SERVER_MIXED_ENCODINGS   11

Definition at line 306 of file generators.h.

◆ HI_SERVER_NO_CONTLEN

#define HI_SERVER_NO_CONTLEN   3

Definition at line 298 of file generators.h.

◆ HI_SERVER_PDF_CASC_COMP

#define HI_SERVER_PDF_CASC_COMP   16

Definition at line 311 of file generators.h.

◆ HI_SERVER_PDF_DEFLATE_FAILURE

#define HI_SERVER_PDF_DEFLATE_FAILURE   14

Definition at line 309 of file generators.h.

◆ HI_SERVER_PDF_PARSE_FAILURE

#define HI_SERVER_PDF_PARSE_FAILURE   17

Definition at line 312 of file generators.h.

◆ HI_SERVER_PDF_UNSUP_COMP_TYPE

#define HI_SERVER_PDF_UNSUP_COMP_TYPE   15

Definition at line 310 of file generators.h.

◆ HI_SERVER_RANGE_FIELD_ERROR

#define HI_SERVER_RANGE_FIELD_ERROR   31

Definition at line 315 of file generators.h.

◆ HI_SERVER_SWF_LZMA_FAILURE

#define HI_SERVER_SWF_LZMA_FAILURE   13

Definition at line 308 of file generators.h.

◆ HI_SERVER_SWF_ZLIB_FAILURE

#define HI_SERVER_SWF_ZLIB_FAILURE   12

Definition at line 307 of file generators.h.

◆ HI_SERVER_UTF7

#define HI_SERVER_UTF7   5

Definition at line 300 of file generators.h.

◆ HI_SERVER_UTF_NORM_FAIL

#define HI_SERVER_UTF_NORM_FAIL   4

Definition at line 299 of file generators.h.

◆ INTERNAL_EVENT_SESSION_ADD

#define INTERNAL_EVENT_SESSION_ADD   2

Definition at line 521 of file generators.h.

◆ INTERNAL_EVENT_SESSION_DEL

#define INTERNAL_EVENT_SESSION_DEL   3

Definition at line 522 of file generators.h.

◆ INTERNAL_EVENT_SYN_RECEIVED

#define INTERNAL_EVENT_SYN_RECEIVED   1

Definition at line 520 of file generators.h.

◆ PPM_EVENT_PACKET_ABORTED

#define PPM_EVENT_PACKET_ABORTED   3

Definition at line 517 of file generators.h.

◆ PPM_EVENT_PACKET_ABORTED_STR

#define PPM_EVENT_PACKET_ABORTED_STR   "PPM Packet Aborted due to Latency"

Definition at line 613 of file generators.h.

◆ PPM_EVENT_RULE_TREE_DISABLED

#define PPM_EVENT_RULE_TREE_DISABLED   1

Definition at line 515 of file generators.h.

◆ PPM_EVENT_RULE_TREE_DISABLED_STR

#define PPM_EVENT_RULE_TREE_DISABLED_STR   "PPM Rule Options Disabled by Rule Latency"

Definition at line 611 of file generators.h.

◆ PPM_EVENT_RULE_TREE_ENABLED

#define PPM_EVENT_RULE_TREE_ENABLED   2

Definition at line 516 of file generators.h.

◆ PPM_EVENT_RULE_TREE_ENABLED_STR

#define PPM_EVENT_RULE_TREE_ENABLED_STR   "PPM Rule Options Re-enabled by Rule Latency"

Definition at line 612 of file generators.h.

◆ PSNG_ICMP_PORTSWEEP

#define PSNG_ICMP_PORTSWEEP   25

Definition at line 346 of file generators.h.

◆ PSNG_ICMP_PORTSWEEP_FILTERED

#define PSNG_ICMP_PORTSWEEP_FILTERED   26

Definition at line 347 of file generators.h.

◆ PSNG_ICMP_PORTSWEEP_FILTERED_STR

#define PSNG_ICMP_PORTSWEEP_FILTERED_STR   "(portscan) ICMP Filtered Sweep"

Definition at line 821 of file generators.h.

◆ PSNG_ICMP_PORTSWEEP_STR

#define PSNG_ICMP_PORTSWEEP_STR   "(portscan) ICMP Sweep"

Definition at line 820 of file generators.h.

◆ PSNG_IP_DECOY_PORTSCAN

#define PSNG_IP_DECOY_PORTSCAN   10

Definition at line 329 of file generators.h.

◆ PSNG_IP_DECOY_PORTSCAN_STR

#define PSNG_IP_DECOY_PORTSCAN_STR   "(portscan) IP Decoy Protocol Scan"

Definition at line 803 of file generators.h.

◆ PSNG_IP_DISTRIBUTED_PORTSCAN

#define PSNG_IP_DISTRIBUTED_PORTSCAN   12

Definition at line 331 of file generators.h.

◆ PSNG_IP_DISTRIBUTED_PORTSCAN_STR

#define PSNG_IP_DISTRIBUTED_PORTSCAN_STR   "(portscan) IP Distributed Protocol Scan"

Definition at line 805 of file generators.h.

◆ PSNG_IP_FILTERED_DECOY_PORTSCAN

#define PSNG_IP_FILTERED_DECOY_PORTSCAN   14

Definition at line 333 of file generators.h.

◆ PSNG_IP_FILTERED_DECOY_PORTSCAN_STR

#define PSNG_IP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) IP Filtered Decoy Protocol Scan"

Definition at line 807 of file generators.h.

◆ PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN

#define PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN   16

Definition at line 335 of file generators.h.

◆ PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN_STR

#define PSNG_IP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) IP Filtered Distributed Protocol Scan"

Definition at line 808 of file generators.h.

◆ PSNG_IP_FILTERED_PORTSCAN

#define PSNG_IP_FILTERED_PORTSCAN   13

Definition at line 332 of file generators.h.

◆ PSNG_IP_FILTERED_PORTSCAN_STR

#define PSNG_IP_FILTERED_PORTSCAN_STR   "(portscan) IP Filtered Protocol Scan"

Definition at line 806 of file generators.h.

◆ PSNG_IP_PORTSCAN

#define PSNG_IP_PORTSCAN   9

Definition at line 328 of file generators.h.

◆ PSNG_IP_PORTSCAN_STR

#define PSNG_IP_PORTSCAN_STR   "(portscan) IP Protocol Scan"

Definition at line 802 of file generators.h.

◆ PSNG_IP_PORTSWEEP

#define PSNG_IP_PORTSWEEP   11

Definition at line 330 of file generators.h.

◆ PSNG_IP_PORTSWEEP_FILTERED

#define PSNG_IP_PORTSWEEP_FILTERED   15

Definition at line 334 of file generators.h.

◆ PSNG_IP_PORTSWEEP_FILTERED_STR

#define PSNG_IP_PORTSWEEP_FILTERED_STR   "(portscan) IP Filtered Protocol Sweep"

Definition at line 809 of file generators.h.

◆ PSNG_IP_PORTSWEEP_STR

#define PSNG_IP_PORTSWEEP_STR   "(portscan) IP Protocol Sweep"

Definition at line 804 of file generators.h.

◆ PSNG_OPEN_PORT

#define PSNG_OPEN_PORT   27

Definition at line 349 of file generators.h.

◆ PSNG_OPEN_PORT_STR

#define PSNG_OPEN_PORT_STR   "(portscan) Open Port"

Definition at line 823 of file generators.h.

◆ PSNG_TCP_DECOY_PORTSCAN

#define PSNG_TCP_DECOY_PORTSCAN   2

Definition at line 320 of file generators.h.

◆ PSNG_TCP_DECOY_PORTSCAN_STR

#define PSNG_TCP_DECOY_PORTSCAN_STR   "(portscan) TCP Decoy Portscan"

Definition at line 794 of file generators.h.

◆ PSNG_TCP_DISTRIBUTED_PORTSCAN

#define PSNG_TCP_DISTRIBUTED_PORTSCAN   4

Definition at line 322 of file generators.h.

◆ PSNG_TCP_DISTRIBUTED_PORTSCAN_STR

#define PSNG_TCP_DISTRIBUTED_PORTSCAN_STR   "(portscan) TCP Distributed Portscan"

Definition at line 796 of file generators.h.

◆ PSNG_TCP_FILTERED_DECOY_PORTSCAN

#define PSNG_TCP_FILTERED_DECOY_PORTSCAN   6

Definition at line 324 of file generators.h.

◆ PSNG_TCP_FILTERED_DECOY_PORTSCAN_STR

#define PSNG_TCP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) TCP Filtered Decoy Portscan"

Definition at line 798 of file generators.h.

◆ PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN

#define PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN   8

Definition at line 326 of file generators.h.

◆ PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN_STR

#define PSNG_TCP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) TCP Filtered Distributed Portscan"

Definition at line 799 of file generators.h.

◆ PSNG_TCP_FILTERED_PORTSCAN

#define PSNG_TCP_FILTERED_PORTSCAN   5

Definition at line 323 of file generators.h.

◆ PSNG_TCP_FILTERED_PORTSCAN_STR

#define PSNG_TCP_FILTERED_PORTSCAN_STR   "(portscan) TCP Filtered Portscan"

Definition at line 797 of file generators.h.

◆ PSNG_TCP_PORTSCAN

#define PSNG_TCP_PORTSCAN   1

Definition at line 319 of file generators.h.

◆ PSNG_TCP_PORTSCAN_STR

#define PSNG_TCP_PORTSCAN_STR   "(portscan) TCP Portscan"

Definition at line 793 of file generators.h.

◆ PSNG_TCP_PORTSWEEP

#define PSNG_TCP_PORTSWEEP   3

Definition at line 321 of file generators.h.

◆ PSNG_TCP_PORTSWEEP_FILTERED

#define PSNG_TCP_PORTSWEEP_FILTERED   7

Definition at line 325 of file generators.h.

◆ PSNG_TCP_PORTSWEEP_FILTERED_STR

#define PSNG_TCP_PORTSWEEP_FILTERED_STR   "(portscan) TCP Filtered Portsweep"

Definition at line 800 of file generators.h.

◆ PSNG_TCP_PORTSWEEP_STR

#define PSNG_TCP_PORTSWEEP_STR   "(portscan) TCP Portsweep"

Definition at line 795 of file generators.h.

◆ PSNG_UDP_DECOY_PORTSCAN

#define PSNG_UDP_DECOY_PORTSCAN   18

Definition at line 338 of file generators.h.

◆ PSNG_UDP_DECOY_PORTSCAN_STR

#define PSNG_UDP_DECOY_PORTSCAN_STR   "(portscan) UDP Decoy Portscan"

Definition at line 812 of file generators.h.

◆ PSNG_UDP_DISTRIBUTED_PORTSCAN

#define PSNG_UDP_DISTRIBUTED_PORTSCAN   20

Definition at line 340 of file generators.h.

◆ PSNG_UDP_DISTRIBUTED_PORTSCAN_STR

#define PSNG_UDP_DISTRIBUTED_PORTSCAN_STR   "(portscan) UDP Distributed Portscan"

Definition at line 814 of file generators.h.

◆ PSNG_UDP_FILTERED_DECOY_PORTSCAN

#define PSNG_UDP_FILTERED_DECOY_PORTSCAN   22

Definition at line 342 of file generators.h.

◆ PSNG_UDP_FILTERED_DECOY_PORTSCAN_STR

#define PSNG_UDP_FILTERED_DECOY_PORTSCAN_STR   "(portscan) UDP Filtered Decoy Portscan"

Definition at line 816 of file generators.h.

◆ PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN

#define PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN   24

Definition at line 344 of file generators.h.

◆ PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN_STR

#define PSNG_UDP_FILTERED_DISTRIBUTED_PORTSCAN_STR   "(portscan) UDP Filtered Distributed Portscan"

Definition at line 817 of file generators.h.

◆ PSNG_UDP_FILTERED_PORTSCAN

#define PSNG_UDP_FILTERED_PORTSCAN   21

Definition at line 341 of file generators.h.

◆ PSNG_UDP_FILTERED_PORTSCAN_STR

#define PSNG_UDP_FILTERED_PORTSCAN_STR   "(portscan) UDP Filtered Portscan"

Definition at line 815 of file generators.h.

◆ PSNG_UDP_PORTSCAN

#define PSNG_UDP_PORTSCAN   17

Definition at line 337 of file generators.h.

◆ PSNG_UDP_PORTSCAN_STR

#define PSNG_UDP_PORTSCAN_STR   "(portscan) UDP Portscan"

Definition at line 811 of file generators.h.

◆ PSNG_UDP_PORTSWEEP

#define PSNG_UDP_PORTSWEEP   19

Definition at line 339 of file generators.h.

◆ PSNG_UDP_PORTSWEEP_FILTERED

#define PSNG_UDP_PORTSWEEP_FILTERED   23

Definition at line 343 of file generators.h.

◆ PSNG_UDP_PORTSWEEP_FILTERED_STR

#define PSNG_UDP_PORTSWEEP_FILTERED_STR   "(portscan) UDP Filtered Portsweep"

Definition at line 818 of file generators.h.

◆ PSNG_UDP_PORTSWEEP_STR

#define PSNG_UDP_PORTSWEEP_STR   "(portscan) UDP Portsweep"

Definition at line 813 of file generators.h.

◆ RPC_FRAG_TRAFFIC

#define RPC_FRAG_TRAFFIC   1

Definition at line 38 of file generators.h.

◆ RPC_FRAG_TRAFFIC_STR

#define RPC_FRAG_TRAFFIC_STR   "(spp_rpc_decode) Fragmented RPC Records"

Definition at line 787 of file generators.h.

◆ RPC_INCOMPLETE_SEGMENT

#define RPC_INCOMPLETE_SEGMENT   4

Definition at line 41 of file generators.h.

◆ RPC_INCOMPLETE_SEGMENT_STR

#define RPC_INCOMPLETE_SEGMENT_STR   "(spp_rpc_decode) Incomplete RPC segment"

Definition at line 790 of file generators.h.

◆ RPC_LARGE_FRAGSIZE

#define RPC_LARGE_FRAGSIZE   3

Definition at line 40 of file generators.h.

◆ RPC_LARGE_FRAGSIZE_STR

#define RPC_LARGE_FRAGSIZE_STR   "(spp_rpc_decode) Large RPC Record Fragment"

Definition at line 789 of file generators.h.

◆ RPC_MULTIPLE_RECORD

#define RPC_MULTIPLE_RECORD   2

Definition at line 39 of file generators.h.

◆ RPC_MULTIPLE_RECORD_STR

#define RPC_MULTIPLE_RECORD_STR   "(spp_rpc_decode) Multiple RPC Records"

Definition at line 788 of file generators.h.

◆ RPC_ZERO_LENGTH_FRAGMENT

#define RPC_ZERO_LENGTH_FRAGMENT   5

Definition at line 42 of file generators.h.

◆ RPC_ZERO_LENGTH_FRAGMENT_STR

#define RPC_ZERO_LENGTH_FRAGMENT_STR   "(spp_rpc_decode) Zero-length RPC Fragment"

Definition at line 791 of file generators.h.

◆ SDF_COMBO_ALERT

#define SDF_COMBO_ALERT   1

Definition at line 533 of file generators.h.

◆ SMTP_B64_DECODING_FAILED

#define SMTP_B64_DECODING_FAILED   10

Definition at line 383 of file generators.h.

◆ SMTP_COMMAND_OVERFLOW

#define SMTP_COMMAND_OVERFLOW   1

Definition at line 373 of file generators.h.

◆ SMTP_DATA_HDR_OVERFLOW

#define SMTP_DATA_HDR_OVERFLOW   2

Definition at line 374 of file generators.h.

◆ SMTP_HEADER_NAME_OVERFLOW

#define SMTP_HEADER_NAME_OVERFLOW   7

Definition at line 379 of file generators.h.

◆ SMTP_ILLEGAL_CMD

#define SMTP_ILLEGAL_CMD   6

Definition at line 378 of file generators.h.

◆ SMTP_QP_DECODING_FAILED

#define SMTP_QP_DECODING_FAILED   11

Definition at line 384 of file generators.h.

◆ SMTP_RESPONSE_OVERFLOW

#define SMTP_RESPONSE_OVERFLOW   3

Definition at line 375 of file generators.h.

◆ SMTP_SPECIFIC_CMD_OVERFLOW

#define SMTP_SPECIFIC_CMD_OVERFLOW   4

Definition at line 376 of file generators.h.

◆ SMTP_UNKNOWN_CMD

#define SMTP_UNKNOWN_CMD   5

Definition at line 377 of file generators.h.

◆ SMTP_UU_DECODING_FAILED

#define SMTP_UU_DECODING_FAILED   13

Definition at line 388 of file generators.h.

◆ SMTP_XLINK2STATE_OVERFLOW

#define SMTP_XLINK2STATE_OVERFLOW   8

Definition at line 380 of file generators.h.

◆ SSH_EVENT_CRC32

#define SSH_EVENT_CRC32   2

Definition at line 417 of file generators.h.

◆ SSH_EVENT_PAYLOAD_SIZE

#define SSH_EVENT_PAYLOAD_SIZE   6

Definition at line 421 of file generators.h.

◆ SSH_EVENT_PROTOMISMATCH

#define SSH_EVENT_PROTOMISMATCH   4

Definition at line 419 of file generators.h.

◆ SSH_EVENT_RESPOVERFLOW

#define SSH_EVENT_RESPOVERFLOW   1

Definition at line 416 of file generators.h.

◆ SSH_EVENT_SECURECRT

#define SSH_EVENT_SECURECRT   3

Definition at line 418 of file generators.h.

◆ SSH_EVENT_VERSION

#define SSH_EVENT_VERSION   7

Definition at line 422 of file generators.h.

◆ SSH_EVENT_WRONGDIR

#define SSH_EVENT_WRONGDIR   5

Definition at line 420 of file generators.h.

◆ STREAM_4WAY_HANDSHAKE

#define STREAM_4WAY_HANDSHAKE   13

Definition at line 437 of file generators.h.

◆ STREAM_4WAY_HANDSHAKE_STR

#define STREAM_4WAY_HANDSHAKE_STR   "4-way handshake detected"

Definition at line 599 of file generators.h.

◆ STREAM_BAD_ACK

#define STREAM_BAD_ACK   17

Definition at line 441 of file generators.h.

◆ STREAM_BAD_ACK_STR

#define STREAM_BAD_ACK_STR   "ACK number is greater than prior FIN"

Definition at line 603 of file generators.h.

◆ STREAM_BAD_FIN

#define STREAM_BAD_FIN   16

Definition at line 440 of file generators.h.

◆ STREAM_BAD_FIN_STR

#define STREAM_BAD_FIN_STR   "FIN number is greater than prior FIN"

Definition at line 602 of file generators.h.

◆ STREAM_BAD_RST

#define STREAM_BAD_RST   15

Definition at line 439 of file generators.h.

◆ STREAM_BAD_RST_STR

#define STREAM_BAD_RST_STR   "Reset outside window"

Definition at line 601 of file generators.h.

◆ STREAM_BAD_SEGMENT

#define STREAM_BAD_SEGMENT   5

Definition at line 429 of file generators.h.

◆ STREAM_BAD_SEGMENT_STR

#define STREAM_BAD_SEGMENT_STR   "Bad segment, adjusted size <= 0"

Definition at line 591 of file generators.h.

◆ STREAM_BAD_TIMESTAMP

#define STREAM_BAD_TIMESTAMP   4

Definition at line 428 of file generators.h.

◆ STREAM_BAD_TIMESTAMP_STR

#define STREAM_BAD_TIMESTAMP_STR   "TCP Timestamp is outside of PAWS window"

Definition at line 590 of file generators.h.

◆ STREAM_DATA_AFTER_RESET

#define STREAM_DATA_AFTER_RESET   8

Definition at line 432 of file generators.h.

◆ STREAM_DATA_AFTER_RESET_STR

#define STREAM_DATA_AFTER_RESET_STR   "Data sent on stream after TCP Reset sent"

Definition at line 594 of file generators.h.

◆ STREAM_DATA_AFTER_RST_RCVD

#define STREAM_DATA_AFTER_RST_RCVD   18

Definition at line 442 of file generators.h.

◆ STREAM_DATA_AFTER_RST_RCVD_STR

#define STREAM_DATA_AFTER_RST_RCVD_STR   "Data sent on stream after TCP Reset received"

Definition at line 604 of file generators.h.

◆ STREAM_DATA_ON_CLOSED

#define STREAM_DATA_ON_CLOSED   3

Definition at line 427 of file generators.h.

◆ STREAM_DATA_ON_CLOSED_STR

#define STREAM_DATA_ON_CLOSED_STR   "Data sent on stream not accepting data"

Definition at line 589 of file generators.h.

◆ STREAM_DATA_ON_SYN

#define STREAM_DATA_ON_SYN   2

Definition at line 426 of file generators.h.

◆ STREAM_DATA_ON_SYN_STR

#define STREAM_DATA_ON_SYN_STR   "Data on SYN packet"

Definition at line 588 of file generators.h.

◆ STREAM_DATA_WITHOUT_FLAGS

#define STREAM_DATA_WITHOUT_FLAGS   11

Definition at line 435 of file generators.h.

◆ STREAM_DATA_WITHOUT_FLAGS_STR

#define STREAM_DATA_WITHOUT_FLAGS_STR   "TCP Data with no TCP Flags set"

Definition at line 597 of file generators.h.

◆ STREAM_EXCESSIVE_TCP_OVERLAPS

#define STREAM_EXCESSIVE_TCP_OVERLAPS   7

Definition at line 431 of file generators.h.

◆ STREAM_EXCESSIVE_TCP_OVERLAPS_STR

#define STREAM_EXCESSIVE_TCP_OVERLAPS_STR   "Limit on number of overlapping TCP packets reached"

Definition at line 593 of file generators.h.

◆ STREAM_INTERNAL_EVENT_STR

#define STREAM_INTERNAL_EVENT_STR   ""

Definition at line 608 of file generators.h.

◆ STREAM_NO_3WHS

#define STREAM_NO_3WHS   20

Definition at line 444 of file generators.h.

◆ STREAM_NO_3WHS_STR

#define STREAM_NO_3WHS_STR   "TCP session without 3-way handshake"

Definition at line 606 of file generators.h.

◆ STREAM_NO_TIMESTAMP

#define STREAM_NO_TIMESTAMP   14

Definition at line 438 of file generators.h.

◆ STREAM_NO_TIMESTAMP_STR

#define STREAM_NO_TIMESTAMP_STR   "TCP Timestamp is missing"

Definition at line 600 of file generators.h.

◆ STREAM_SESSION_HIJACKED_CLIENT

#define STREAM_SESSION_HIJACKED_CLIENT   9

Definition at line 433 of file generators.h.

◆ STREAM_SESSION_HIJACKED_CLIENT_STR

#define STREAM_SESSION_HIJACKED_CLIENT_STR   "TCP Client possibly hijacked, different Ethernet Address"

Definition at line 595 of file generators.h.

◆ STREAM_SESSION_HIJACKED_SERVER

#define STREAM_SESSION_HIJACKED_SERVER   10

Definition at line 434 of file generators.h.

◆ STREAM_SESSION_HIJACKED_SERVER_STR

#define STREAM_SESSION_HIJACKED_SERVER_STR   "TCP Server possibly hijacked, different Ethernet Address"

Definition at line 596 of file generators.h.

◆ STREAM_SMALL_SEGMENT

#define STREAM_SMALL_SEGMENT   12

Definition at line 436 of file generators.h.

◆ STREAM_SMALL_SEGMENT_STR

#define STREAM_SMALL_SEGMENT_STR   "Consecutive TCP small segments exceeding threshold"

Definition at line 598 of file generators.h.

◆ STREAM_SYN_ON_EST

#define STREAM_SYN_ON_EST   1

Definition at line 425 of file generators.h.

◆ STREAM_SYN_ON_EST_STR

#define STREAM_SYN_ON_EST_STR   "Syn on established session"

Definition at line 587 of file generators.h.

◆ STREAM_WINDOW_SLAM

#define STREAM_WINDOW_SLAM   19

Definition at line 443 of file generators.h.

◆ STREAM_WINDOW_SLAM_STR

#define STREAM_WINDOW_SLAM_STR   "TCP window closed before receiving data"

Definition at line 605 of file generators.h.

◆ STREAM_WINDOW_TOO_LARGE

#define STREAM_WINDOW_TOO_LARGE   6

Definition at line 430 of file generators.h.

◆ STREAM_WINDOW_TOO_LARGE_STR

#define STREAM_WINDOW_TOO_LARGE_STR   "Window size (after scaling) larger than policy allows"

Definition at line 592 of file generators.h.

◆ TAG_LOG_PKT

#define TAG_LOG_PKT   1

Definition at line 29 of file generators.h.

Enumeration Type Documentation

◆ anonymous enum

anonymous enum
Enumerator
DECODE_TCP_XMAS 
DECODE_TCP_NMAP_XMAS 
DECODE_DOS_NAPTHA 
DECODE_SYN_TO_MULTICAST 
DECODE_ZERO_TTL 
DECODE_BAD_FRAGBITS 
DECODE_UDP_IPV6_ZERO_CHECKSUM 
DECODE_IP4_LEN_OFFSET 
DECODE_IP4_SRC_THIS_NET 
DECODE_IP4_DST_THIS_NET 
DECODE_IP4_SRC_MULTICAST 
DECODE_IP4_SRC_RESERVED 
DECODE_IP4_DST_RESERVED 
DECODE_IP4_SRC_BROADCAST 
DECODE_IP4_DST_BROADCAST 
DECODE_ICMP4_DST_MULTICAST 
DECODE_ICMP4_DST_BROADCAST 
DECODE_ICMP4_TYPE_OTHER 
DECODE_TCP_BAD_URP 
DECODE_TCP_SYN_FIN 
DECODE_TCP_SYN_RST 
DECODE_TCP_MUST_ACK 
DECODE_TCP_NO_SYN_ACK_RST 
DECODE_ETH_HDR_TRUNC 
DECODE_IP4_HDR_TRUNC 
DECODE_ICMP4_HDR_TRUNC 
DECODE_ICMP6_HDR_TRUNC 
DECODE_IP4_MIN_TTL 
DECODE_IP6_ZERO_HOP_LIMIT 
DECODE_IP4_DF_OFFSET 
DECODE_ICMP6_TYPE_OTHER 
DECODE_ICMP6_DST_MULTICAST 
DECODE_TCP_SHAFT_SYNFLOOD 
DECODE_ICMP_PING_NMAP 
DECODE_ICMP_ICMPENUM 
DECODE_ICMP_REDIRECT_HOST 
DECODE_ICMP_REDIRECT_NET 
DECODE_ICMP_TRACEROUTE_IPOPTS 
DECODE_ICMP_SOURCE_QUENCH 
DECODE_ICMP_BROADSCAN_SMURF_SCANNER 
DECODE_ICMP_DST_UNREACH_ADMIN_PROHIBITED 
DECODE_ICMP_DST_UNREACH_DST_HOST_PROHIBITED 
DECODE_ICMP_DST_UNREACH_DST_NET_PROHIBITED 
DECODE_IP_OPTION_SET 
DECODE_UDP_LARGE_PACKET 
DECODE_TCP_PORT_ZERO 
DECODE_UDP_PORT_ZERO 
DECODE_IP_RESERVED_FRAG_BIT 
DECODE_IP_UNASSIGNED_PROTO 
DECODE_IP_BAD_PROTO 
DECODE_ICMP_PATH_MTU_DOS 
DECODE_ICMP_DOS_ATTEMPT 
DECODE_IPV6_ISATAP_SPOOF 
DECODE_PGM_NAK_OVERFLOW 
DECODE_IGMP_OPTIONS_DOS 
DECODE_IP6_EXCESS_EXT_HDR 
DECODE_ICMPV6_UNREACHABLE_NON_RFC_4443_CODE 
DECODE_IPV6_BAD_FRAG_PKT 
DECODE_ZERO_LENGTH_FRAG 
DECODE_ICMPV6_NODE_INFO_BAD_CODE 
DECODE_IPV6_ROUTE_ZERO 
DECODE_ERSPAN_HDR_VERSION_MISMATCH 
DECODE_ERSPAN2_DGRAM_LT_HDR 
DECODE_ERSPAN3_DGRAM_LT_HDR 
DECODE_AUTH_HDR_TRUNC 
DECODE_AUTH_HDR_BAD_LEN 
DECODE_FPATH_HDR_TRUNC 
DECODE_CISCO_META_HDR_TRUNC 
DECODE_CISCO_META_HDR_OPT_LEN 
DECODE_CISCO_META_HDR_OPT_TYPE 
DECODE_CISCO_META_HDR_SGT 
DECODE_INDEX_MAX 

Definition at line 164 of file generators.h.