]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
decode/tcp: count urg flag
authorVictor Julien <vjulien@oisf.net>
Thu, 10 Oct 2024 12:56:21 +0000 (14:56 +0200)
committerVictor Julien <vjulien@oisf.net>
Wed, 11 Dec 2024 08:34:29 +0000 (09:34 +0100)
etc/schema.json
src/decode-tcp.c
src/decode.c
src/decode.h

index 18710cda4592380d006b729ee0c93e02dcefe559..17cf802c6b3f7099252cab31e6b331f8974677ca 100644 (file)
                         },
                         "synack": {
                             "type": "integer"
+                        },
+                        "urg": {
+                            "description": "Number of TCP packets with the urgent flag set",
+                            "type": "integer"
                         }
                     },
                     "additionalProperties": false
index dd03f794d95385dd52926a5293ccd494f8f1a96f..193303615ae841066a7f1f5e9040715735c3b2c9 100644 (file)
@@ -257,6 +257,9 @@ static int DecodeTCPPacket(
     if (tcph->th_flags & (TH_RST)) {
         StatsIncr(tv, dtv->counter_tcp_rst);
     }
+    if (tcph->th_flags & (TH_URG)) {
+        StatsIncr(tv, dtv->counter_tcp_urg);
+    }
 
 #ifdef DEBUG
     SCLogDebug("TCP sp: %u -> dp: %u - HLEN: %" PRIu32 " LEN: %" PRIu32 " %s%s%s%s%s%s", p->sp,
index 0ed546def2251a52b7f89c0bde2567339919078f..9fe5d183fdd6a5f3da3a1047a3b74b49a8bf92e4 100644 (file)
@@ -619,6 +619,7 @@ void DecodeRegisterPerfCounters(DecodeThreadVars *dtv, ThreadVars *tv)
     dtv->counter_tcp_syn = StatsRegisterCounter("tcp.syn", tv);
     dtv->counter_tcp_synack = StatsRegisterCounter("tcp.synack", tv);
     dtv->counter_tcp_rst = StatsRegisterCounter("tcp.rst", tv);
+    dtv->counter_tcp_urg = StatsRegisterCounter("tcp.urg", tv);
 
     dtv->counter_udp = StatsRegisterCounter("decoder.udp", tv);
     dtv->counter_sctp = StatsRegisterCounter("decoder.sctp", tv);
index f7ef222336260c24d33ff25faf356d987db420b6..f8f4a18af06a6b4e9d39cca0bd110df9a24cdd10 100644 (file)
@@ -950,6 +950,7 @@ typedef struct DecodeThreadVars_
     uint16_t counter_tcp_syn;
     uint16_t counter_tcp_synack;
     uint16_t counter_tcp_rst;
+    uint16_t counter_tcp_urg;
     uint16_t counter_udp;
     uint16_t counter_icmpv4;
     uint16_t counter_icmpv6;