UniRec  2.9.3
ur_values.c
Go to the documentation of this file.
1 /************* THIS IS AUTOMATICALLY GENERATED FILE, DO NOT EDIT *************/
2 /* Edit "values" file and run ur_values.sh script to add UniRec values. */
3 
4 #include "ur_values.h"
5 
6 const ur_values_t ur_values[] = {
7  {0x1, "TCP_FIN", "Finish bit"},
8  {0x2, "TCP_SYN", "Synchronize bit"},
9  {0x4, "TCP_RST", "Reset bit"},
10  {0x8, "TCP_PSH", "Push bit"},
11  {0x10, "TCP_ACK", "Acknowledgement bit"},
12  {0x20, "TCP_URG", "Urgent bit"},
13  {1, "DIR_IN", "Direction"},
14  {0, "DIR_OUT", "Direction"},
15  {0x8, "DIR_FLAG_REQ", "Request"},
16  {0x4, "DIR_FLAG_RSP", "Response"},
17  {0x2, "DIR_FLAG_SF", "Single"},
18  {0x1, "DIR_FLAG_NRC", "Not"},
19  {0, "IPV6_TUN_NATIVE", "Native"},
20  {1, "IPV6_TUN_TEREDO", "Teredo"},
21  {2, "IPV6_TUN_ISATAP", "ISATAP"},
22  {4, "IPV6_TUN_6TO4", "6to4"},
23  {8, "IPV6_TUN_AYIYA", "AYIYA"},
24  {16, "IPV6_TUN_OTHER", "Other protocol"},
25  {32, "IPV6_TUN_6OVER4", "6over4"},
26  {0x1, "SPOOF_BOGONS", "Bogon"},
27  {0x2, "SPOOF_SYMETRIC", "Symetric"},
28  {0x4, "SPOOF_NEWIP", "New IP"},
29  {0x8, "SPOOF_TCPHIST", "TCP history"},
30  {1, "EVT_T_PORTSCAN", "Portscan (unspecified"},
31  {2, "EVT_T_PORTSCAN_H", "Horizontal portscan (one or a few ports, many"},
32  {3, "EVT_T_PORTSCAN_V", "Vertical portscan (one address, many"},
33  {10, "EVT_T_DOS", "Denial of service attack (unspecified"},
34  {11, "EVT_T_SYNFLOOD", "TCP SYN"},
35  {15, "EVT_T_DNSAMP", "DNS Amplification"},
36  {30, "EVT_T_BRUTEFORCE", "Bruteforce password"},
37  {40, "EVT_T_VOIP_PREFIX_GUESS", "VoIP prefix"},
38  {41, "EVT_T_VOIP_CALL_DIFFERENT_COUNTRY", "VoIP call to different"},
39  {1, "TUN_T_REQUEST_TUNNEL", "Request anomaly - detected"},
40  {2, "TUN_T_REQUEST_OTHER", "Request anomaly - detected other anomaly than"},
41  {3, "TUN_T_REQUEST_MALFORMED_P", "Request anomaly - malformed"},
42  {4, "TUN_T_RESPONSE_TUNNEL_REQ", "Response anomaly - detected tunnel in request string"},
43  {5, "TUN_T_RESPONSE_TUNNEL_TXT", "Response anomaly - detected tunnel in TXT"},
44  {6, "TUN_T_RESPONSE_TUNNEL_CNAME", "Response anomaly - detected tunnel in CNAME"},
45  {7, "TUN_T_RESPONSE_TUNNEL_MX", "Response anomaly - detected tunnel in MX"},
46  {8, "TUN_T_RESPONSE_TUNNEL_NS", "Response anomaly - detected tunnel in NS"},
47  {9, "TUN_T_RESPONSE_OTHER", "Response anomaly - detected other anomaly than"},
48  {10, "TUN_T_RESPONSE_MALFORMED_P", "Response anomaly - malformed"},
49  {24, "HB_HEARTBEAT", "Type of message is heartbeat"},
50  {0, "HB_UNKNOWN", "Unknow direction - if message is"},
51  {1, "HB_REQUEST", "Heartbeat"},
52  {2, "HB_RESPONSE", "Heartbeat"},
53  {1, "HB_AT_MIN_SIZE", "Request smaller then minimal request"},
54  {2, "HB_AT_DIFF_SIZE", "Payload size is greater then real message"},
55  {4, "HB_AT_DIFF_REQ_RESP", "Difference of request and response size is too"},
56  {8, "HB_AVG_RESP", "Average response size is suspicious (only if do not have"},
57  {1, "WT_PORTSCAN", ""},
58  {2, "WT_BRUTEFORCE", ""},
59  {3, "WT_PROBE", ""},
60  {4, "WT_SPAM", ""},
61  {5, "WT_PHISHING", ""},
62  {6, "WT_BOTNET_C_C", ""},
63  {7, "WT_DOS", ""},
64  {8, "WT_MALWARE", ""},
65  {9, "WT_COPYRIGHT", ""},
66  {10, "WT_WEBATTACK", ""},
67  {11, "WT_VULNERABILITY", ""},
68  {12, "WT_TEST", ""},
69  {13, "WT_OTHER", ""},
70  {1, "HTTP_SDM_METHOD_GET", "Constants taken from http-sdm.h in sources of http-sdm exporter"},
71  {2, "HTTP_SDM_METHOD_POST", ""},
72  {4, "HTTP_SDM_METHOD_HEAD", ""},
73  {5, "HTTP_SDM_METHOD_PUT", ""},
74  {6, "HTTP_SDM_METHOD_OPTIONS", ""},
75  {7, "HTTP_SDM_METHOD_DELETE", ""},
76  {8, "HTTP_SDM_METHOD_TRACE", ""},
77  {9, "HTTP_SDM_METHOD_CONNECT", ""},
78 
79 };
ur_values.h
ur_values
const ur_values_t ur_values[]
Definition: ur_values.c:6
ur_values_t
Values names and descriptions It contains a table mapping a value to name and description.
Definition: ur_values.h:13
Generated by   doxygen 1.8.14