]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b8a0a0d)
detect/http_user_agent: set alternative and info flags
authorVictor Julien <victor@inliniac.net>
Tue, 27 Nov 2018 09:50:51 +0000 (10:50 +0100)
committerVictor Julien <victor@inliniac.net>
Tue, 29 Jan 2019 12:27:57 +0000 (13:27 +0100)
src/detect-http-ua.c patch | blob | blame | history

diff --git a/src/detect-http-ua.c b/src/detect-http-ua.c
index 2007e0d75207d67a70990ffecbe6e6d6faeb6e44..7772c65351a000016f8df6ca6f640a3e4602d329 100644 (file)
--- a/src/detect-http-ua.c
+++ b/src/detect-http-ua.c
@@ -84,6 +84,8 @@ void DetectHttpUARegister(void)
     sigmatch_table[DETECT_AL_HTTP_USER_AGENT].RegisterTests = DetectHttpUARegisterTests;
 #endif
     sigmatch_table[DETECT_AL_HTTP_USER_AGENT].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_AL_HTTP_USER_AGENT].flags |= SIGMATCH_INFO_CONTENT_MODIFIER;
+    sigmatch_table[DETECT_AL_HTTP_USER_AGENT].alternative = DETECT_HTTP_UA;
 
     /* http.user_agent sticky buffer */
     sigmatch_table[DETECT_HTTP_UA].name = "http.user_agent";
@@ -91,6 +93,7 @@ void DetectHttpUARegister(void)
     sigmatch_table[DETECT_HTTP_UA].url = DOC_URL DOC_VERSION "/rules/http-keywords.html#http-user-agent";
     sigmatch_table[DETECT_HTTP_UA].Setup = DetectHttpUserAgentSetup;
     sigmatch_table[DETECT_HTTP_UA].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_HTTP_UA].flags |= SIGMATCH_INFO_STICKY_BUFFER;
 
     DetectAppLayerInspectEngineRegister2("http_user_agent", ALPROTO_HTTP,
             SIG_FLAG_TOSERVER, HTP_REQUEST_HEADERS,
Mirror of https://github.com/OISF/suricata.git