]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e54084f)
detect/analyzer: add more details for tcp_seq 10795/head
authorDaniel Olatunji <danielolatunji20@outlook.com>
Tue, 30 Jan 2024 17:30:37 +0000 (18:30 +0100)
committerVictor Julien <victor@inliniac.net>
Wed, 10 Apr 2024 05:03:09 +0000 (07:03 +0200)
Log the matched Sequence number of a packet
Issue: 6353

src/detect-engine-analyzer.c patch | blob | blame | history

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 354c93413fc44c95bade53bc070a20e60c2e36e0..d0f712388004d1d828de85b6790f13ac5a0fb9dc 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -41,6 +41,7 @@
 #include "detect-tcp-flags.h"
 #include "detect-tcp-ack.h"
 #include "detect-ipopts.h"
+#include "detect-tcp-seq.h"
 #include "feature.h"
 #include "util-print.h"
 #include "util-time.h"
@@ -912,6 +913,14 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js);
                 break;
             }
+            case DETECT_SEQ: {
+                const DetectSeqData *cd = (const DetectSeqData *)smd->ctx;
+
+                jb_open_object(js, "seq");
+                jb_set_uint(js, "number", cd->seq);
+                jb_close(js);
+                break;
+            }
         }
         jb_close(js);
 
Mirror of https://github.com/OISF/suricata.git