Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 05:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Move all of the rule matching code to zeek::detail

Browse source
This commit is contained in:
Tim Wojtulewicz 2020-07-17 11:18:43 -07:00
parent 25c0fc7ab2
commit 382812298d
29 changed files with 269 additions and 196 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/RuleAction.cc
View file

@ -12,13 +12,15 @@ using std::string;
#include "analyzer/Manager.h"
namespace zeek::detail {
RuleActionEvent::RuleActionEvent(const char* arg_msg)
{
msg = copy_string(arg_msg);
}
void RuleActionEvent::DoAction(const Rule* parent, RuleEndpointState* state,
const u_char* data, int len)
const u_char* data, int len)
{
if ( signature_match )
mgr.Enqueue(signature_match,
@ -78,7 +80,7 @@ void RuleActionAnalyzer::PrintDebug()
void RuleActionEnable::DoAction(const Rule* parent, RuleEndpointState* state,
const u_char* data, int len)
const u_char* data, int len)
{
if ( ! ChildAnalyzer() )
{
@ -107,7 +109,7 @@ void RuleActionEnable::PrintDebug()
}
void RuleActionDisable::DoAction(const Rule* parent, RuleEndpointState* state,
const u_char* data, int len)
const u_char* data, int len)
{
if ( ! ChildAnalyzer() )
{
@ -124,3 +126,5 @@ void RuleActionDisable::PrintDebug()
fprintf(stderr, " RuleActionDisable: ");
RuleActionAnalyzer::PrintDebug();
}
} // namespace zeek::detail