detect: make DetectEngineCtx more compact

diff --git a/src/detect.h b/src/detect.h
index e07ca7fa3949ca302d697172882869794125fc79..27fa7c471b098a3ea6ab81c5246dd677a4558150 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -785,7 +785,6 @@ enum DetectEngineType
 
 /** \brief main detection engine ctx */
 typedef struct DetectEngineCtx_ {
-    uint8_t flags;
     int failure_fatal;
 
     int tenant_id;
@@ -832,9 +831,13 @@ typedef struct DetectEngineCtx_ {
     DetectEngineIPOnlyCtx io_ctx;
     ThresholdCtx ths_ctx;
 
+    uint8_t flags;        /**< only DE_QUIET */
     uint8_t mpm_matcher;  /**< mpm matcher this ctx uses */
     uint16_t spm_matcher; /**< spm matcher this ctx uses */
 
+    /* maximum recursion depth for content inspection */
+    int inspection_recursion_limit;
+
     /* spm thread context prototype, built as spm matchers are constructed and
      * later used to construct thread context for each thread. */
     SpmGlobalThreadCtx *spm_global_thread_ctx;
@@ -844,17 +847,11 @@ typedef struct DetectEngineCtx_ {
     uint16_t max_uniq_toclient_groups;
     uint16_t max_uniq_toserver_groups;
 
-    /* specify the configuration for mpm context factory */
-    uint8_t sgh_mpm_ctx_cnf;
-
     /* max flowbit id that is used */
     uint32_t max_fb_id;
 
     MpmCtxFactoryContainer *mpm_ctx_factory_container;
 
-    /* maximum recursion depth for content inspection */
-    int inspection_recursion_limit;
-
     /* array containing all sgh's in use so we can loop
      * through it in Stage4. */
     struct SigGroupHead_ **sgh_array;
@@ -880,22 +877,26 @@ typedef struct DetectEngineCtx_ {
     uint32_t base64_decode_max_len;
 
     /** Store rule file and line so that parsers can use them in errors. */
-    char *rule_file;
     int rule_line;
+    char *rule_file;
+    const char *sigerror;
     bool sigerror_silent;
     bool sigerror_ok;
-    const char *sigerror;
 
+    bool filedata_config_initialized;
+
+    /* specify the configuration for mpm context factory */
+    uint8_t sgh_mpm_ctx_cnf;
+
+    int keyword_id;
     /** hash list of keywords that need thread local ctxs */
     HashListTable *keyword_hash;
-    int keyword_id;
 
     struct {
         uint32_t content_limit;
         uint32_t content_inspect_min_size;
         uint32_t content_inspect_window;
     } filedata_config[ALPROTO_MAX];
-    bool filedata_config_initialized;
 
 #ifdef PROFILING
     struct SCProfileDetectCtx_ *profile_ctx;
@@ -937,11 +938,11 @@ typedef struct DetectEngineCtx_ {
     HashListTable *buffer_type_hash_id;
     uint32_t buffer_type_id;
 
+    uint32_t app_mpms_list_cnt;
+    DetectBufferMpmRegistery *app_mpms_list;
     /* list with app inspect engines. Both the start-time registered ones and
      * the rule-time registered ones. */
     DetectEngineAppInspectionEngine *app_inspect_engines;
-    DetectBufferMpmRegistery *app_mpms_list;
-    uint32_t app_mpms_list_cnt;
     DetectEnginePktInspectionEngine *pkt_inspect_engines;
     DetectBufferMpmRegistery *pkt_mpms_list;
     uint32_t pkt_mpms_list_cnt;
@@ -958,15 +959,15 @@ typedef struct DetectEngineCtx_ {
     /** signatures stats */
     SigFileLoaderStat sig_stat;
 
+    /* list of Fast Pattern registrations. Initially filled using a copy of
+     * `g_fp_support_smlist_list`, then extended at rule loading time if needed */
+    SCFPSupportSMList *fp_support_smlist_list;
+
     /** per keyword flag indicating if a prefilter has been
      *  set for it. If true, the setup function will have to
      *  run. */
     bool sm_types_prefilter[DETECT_TBLSIZE];
     bool sm_types_silent_error[DETECT_TBLSIZE];
-
-    /* list of Fast Pattern registrations. Initially filled using a copy of
-     * `g_fp_support_smlist_list`, then extended at rule loading time if needed */
-    SCFPSupportSMList *fp_support_smlist_list;
 } DetectEngineCtx;
 
 /* Engine groups profiles (low, medium, high, custom) */