upstream/suricata
1
0
Fork 0
mirror of https://github.com/OISF/suricata.git synced 2026-05-28 04:32:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

examples: add flow callbacks to rust plugin example

Browse source 
Ticket: #8446
This commit is contained in:
Jason Ish 2026-05-04 16:29:33 -06:00 committed by Victor Julien
parent 91b9dda0bf
commit 5e2a33d080
1 changed files with 37 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
examples/plugins/rust/src/mod.rs
View file

@ -1,26 +1,43 @@
use std::ptr::null_mut;
use suricata_ffi::eve::{self, Flow, Packet, SCJsonBuilder, ThreadVars};
use suricata_ffi::eve::{self, SCJsonBuilder};
use suricata_ffi::flow;
use suricata_ffi::jsonbuilder::JsonBuilder;
use suricata_ffi::{SCLogError, SCLogNotice};
use suricata_sys::sys::{SCEveRegisterCallback, SCPlugin};
use suricata_sys::sys::{Flow, Packet, SCEveRegisterCallback, SCPlugin, ThreadVars};
unsafe extern "C" fn init() {
suricata_ffi::plugin::init();
SCLogNotice!("Initializing rust example plugin");
if let Err(err) = register() {
SCLogError!("Failed to register rust example EVE callback: {}", err);
if let Err(err) = register_eve_callbacks() {
SCLogError!("Failed to register rust example EVE callbacks: {}", err);
}
if let Err(err) = register_flow_callbacks() {
SCLogError!("Failed to register rust example flow callbacks: {}", err);
}
}
pub fn register() -> Result<(), &'static str> {
register_eve_callbacks()?;
register_flow_callbacks()?;
Ok(())
}
pub fn register_eve_callbacks() -> Result<(), &'static str> {
if !unsafe { SCEveRegisterCallback(Some(log_eve_raw), null_mut()) } {
return Err("Failed to register raw EVE callback");
}
eve::register_callback(log_eve_wrapped)
}
pub fn register_flow_callbacks() -> Result<(), &'static str> {
flow::register_init_callback(log_flow_init)?;
flow::register_update_callback(log_flow_update)?;
flow::register_finish_callback(log_flow_finish)?;
Ok(())
}
unsafe extern "C" fn log_eve_raw(
_tv: *mut ThreadVars,
_p: *const Packet,
@ -47,6 +64,22 @@ fn log_eve_wrapped(
Ok(())
}
fn log_flow_init(_tv: *mut ThreadVars, _f: *mut Flow, _p: *const Packet) {
SCLogNotice!("rust example flow init callback: flow={:p}", _f);
}
fn log_flow_update(_tv: *mut ThreadVars, _f: *mut Flow, _p: *mut Packet) {
SCLogNotice!(
"rust example flow update callback: flow={:p}, packet={:p}",
_f,
_p
);
}
fn log_flow_finish(_tv: *mut ThreadVars, _f: *mut Flow) {
SCLogNotice!("rust example flow finish callback: flow={:p}", _f);
}
#[no_mangle]
extern "C" fn SCPluginRegister() -> *mut SCPlugin {
suricata_ffi::plugin::Plugin {