3.6. Modules¶

struct module¶

Module structure.

type¶

Module type.

MODULE_UNKNOWN¶
MODULE_PACKET¶
MODULE_LOG¶
MODULE_EXTENSION¶

const wchar_t *name¶

const wchar_t *description¶

const wchar_t *author¶

int (*init)(struct parameters *args)¶

Initialize the module. This function is called by the application.

Returns:	Non zero in case of an error. In this case the module will be unloaded but cleanup is not going to be called.

void (*cleanup)()¶: Cleanup the module. This function is called by the application when the module is unloaded.

struct packet_module¶

Packet module used to interact with the low-level packets. The module will be used to receive packets and set a verdict on them. It also define an interface to access the packet fields.

struct module module

bool (*multi_threaded)()¶: Does this module supports multi-threading.

struct packet_module_state *(*init_state)(int thread_id)¶: Initialize the packet module state. This function will be called to create multiple states if the module supports multi-threading.

void (*cleanup_state)(struct packet_module_state *state)¶: Cleanup the packet module state.

int (*receive)(struct packet_module_state *state, struct packet **pkt)¶

Callback used to receive a new packet. This function should block until a packet is received.

Returns:	Non zero in case of error.

void (*verdict)(struct packet *pkt, filter_result result)¶

Apply a verdict on a received packet. The module should then apply this verdict on the underlying packet.

Parameters:	pkt – The received packet. After calling this function the packet address is never used again by the application but allow the module to free it if needed. result – The verdict to apply to this packet.

size_t (*get_length)(struct packet *pkt)¶: Get the length of a packet.

uint8 *(*make_modifiable)(struct packet *pkt)¶: Make the packet modifiable.

int (*resize)(struct packet *pkt, size_t size)¶: Resize the packet to a new size.

uint64 (*get_id)(struct packet *pkt)¶: Get the id fo the packet.

const uint8 *(*get_data)(struct packet *pkt)¶: Get the data of a packet.

const char *(*get_dissector)(struct packet *pkt)¶: Get the packet dissector.

struct module *module_load(const char *module_name, ...)¶

Load a module given its name. It is not needed to call module_addref on the result as this is done before returning.

Returns:	The loaded module structure or NULL in case of an error.

void module_addref(struct module *module)¶: Keep the module. Must match with a call to module_release otherwise the module will not be able to be removed correctly when unused.

void module_release(struct module *module)¶: Release a module.

void module_set_path(const char *path)¶

Set the path used to load haka modules. This path must be in the form:

path/to/modules/*;another/path/*

const char *module_get_path()¶: Get the modules path.

Haka

Software Defined Security

3.6. Modules¶