return LuaCallbackRuleIdsPushToStackFromPacketAlert(luastate, pa);
}
+/** \internal
+ * \brief fill lua stack with alert info
+ * \param luastate the lua state
+ * \param pa pointer to packet alert struct
+ * \retval cnt number of data items placed on the stack
+ *
+ * Places: action (string)
+ */
+static int LuaCallbackRuleActionPushToStackFromPacketAlert(
+ lua_State *luastate, const PacketAlert *pa)
+{
+ const char *action = "";
+ if (pa->s->action & ACTION_PASS) {
+ action = "pass";
+ } else if ((pa->s->action & ACTION_REJECT) || (pa->s->action & ACTION_REJECT_BOTH) ||
+ (pa->s->action & ACTION_REJECT_DST)) {
+ action = "reject";
+ } else if (pa->s->action & ACTION_DROP) {
+ action = "drop";
+ } else if (pa->s->action & ACTION_ALERT) {
+ action = "alert";
+ }
+ lua_pushstring(luastate, action);
+ return 1;
+}
+
+/** \internal
+ * \brief Wrapper for getting tuple info into a lua script
+ * \retval cnt number of items placed on the stack
+ */
+static int LuaCallbackRuleAction(lua_State *luastate)
+{
+ const PacketAlert *pa = LuaStateGetPacketAlert(luastate);
+ if (pa == NULL)
+ return LuaCallbackError(luastate, "internal error: no packet");
+
+ return LuaCallbackRuleActionPushToStackFromPacketAlert(luastate, pa);
+}
+
/** \internal
* \brief fill lua stack with alert info
* \param luastate the lua state
lua_pushcfunction(luastate, LuaCallbackRuleIds);
lua_setglobal(luastate, "SCRuleIds");
+ lua_pushcfunction(luastate, LuaCallbackRuleAction);
+ lua_setglobal(luastate, "SCRuleAction");
lua_pushcfunction(luastate, LuaCallbackRuleMsg);
lua_setglobal(luastate, "SCRuleMsg");
lua_pushcfunction(luastate, LuaCallbackRuleClass);
projects / thirdparty / suricata.git / commitdiff
