X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fheaders%2Frules_op.h;h=1b80e08d3178fac9e0af93cc87da3b6aac012bd6;hp=3adc5c3ee6ca371bc23e15b80288adcf867c7451;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a

diff --git a/src/headers/rules_op.h b/src/headers/rules_op.h
index 3adc5c3..1b80e08 100755
--- a/src/headers/rules_op.h
+++ b/src/headers/rules_op.h
@@ -1,19 +1,20 @@
-/* @(#) $Id: rules_op.h,v 1.3 2009/06/24 17:06:26 dcid Exp $ */
+/* @(#) $Id: ./src/headers/rules_op.h, 2011/09/08 dcid Exp $
+ */
 
 /* Copyright (C) 2009 Trend Micro Inc.
  * All rights reserved.
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
  * License details at the LICENSE file included with OSSEC or
  * online at: http://www.ossec.net/en/licensing.html
  */
- 
+
 /* Common API for dealing with directory trees */
-          
+
 
 #ifndef _OS_RULESOP_H
 #define _OS_RULESOP_H
@@ -29,6 +30,7 @@
 #define DIFFERENT_URL   0x010 /* */
 #define SAME_SRCPORT    0x020
 #define SAME_DSTPORT    0x040
+#define SAME_DODIFF     0x100
 #define NOT_SAME_USER   0xffe /* 0xfff - 0x001  */
 #define NOT_SAME_SRCIP  0xffd /* 0xfff - 0x002  */
 #define NOT_SAME_ID     0xffb /* 0xfff - 0x004  */
@@ -39,6 +41,7 @@
 #define DO_FTS          0x001
 #define DO_MAILALERT    0x002
 #define DO_LOGALERT     0x004
+#define NO_AR           0x008
 #define NO_ALERT        0x010
 #define DO_OVERWRITE    0x020
 #define DO_PACKETINFO   0x040
@@ -91,7 +94,7 @@ typedef struct _RuleInfo
 
     int __frequency;
     char **last_events;
-    
+
 
     /* Not an option in the rule */
     u_int16_t alert_opts;
@@ -101,7 +104,7 @@ typedef struct _RuleInfo
 
     /* category */
     u_int8_t category;
-   
+
     /* Decoded as */
     u_int16_t decoded_as;
 
@@ -123,7 +126,7 @@ typedef struct _RuleInfo
 
     /* Function pointer to the event_search. */
     void *(*event_search)(void *lf, void *rule);
-    
+
 
     char *group;
     OSMatch *match;
@@ -145,11 +148,11 @@ typedef struct _RuleInfo
     OSMatch *program_name;
     OSMatch *extra_data;
     char *action;
-    
+
     char *comment; /* description in the xml */
     char *info;
     char *cve;
-    
+
     char *if_sid;
     char *if_level;
     char *if_group;
@@ -157,14 +160,14 @@ typedef struct _RuleInfo
     OSRegex *if_matched_regex;
     OSMatch *if_matched_group;
     int if_matched_sid;
-    
+
     void **ar;
 
 }RuleInfo;
 
 
 /** Prototypes **/
-int OS_ReadXMLRules(char *rulefile, 
+int OS_ReadXMLRules(char *rulefile,
                     void *(*ruleact_function)(RuleInfo *rule, void *data),
                     void *data);