detect/analyzer: add more details for icmp_id

author Alice Akaki <akakialice@gmail.com>

Fri, 11 Oct 2024 22:02:18 +0000 (18:02 -0400)

committer Victor Julien <victor@inliniac.net>

Tue, 15 Oct 2024 11:54:29 +0000 (13:54 +0200)
author Alice Akaki <akakialice@gmail.com>
Fri, 11 Oct 2024 22:02:18 +0000 (18:02 -0400)
committer Victor Julien <victor@inliniac.net>
Tue, 15 Oct 2024 11:54:29 +0000 (13:54 +0200)
diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c

index 3ae77526db0815e57f308d9ae0e0e1d712d9e35e..3d4d8991a32d69e541f45d13535129783cdb49c1 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -51,6 +51,7 @@
  #include "util-conf.h"
  #include "detect-flowbits.h"
  #include "util-var-name.h"
+#include "detect-icmp-id.h"
  
  static int rule_warnings_only = 0;
  
@@ -924,6 +925,13 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                  jb_close(js);
                  break;
              }
+            case DETECT_ICMP_ID: {
+                const DetectIcmpIdData *cd = (const DetectIcmpIdData *)smd->ctx;
+                jb_open_object(js, "id");
+                jb_set_uint(js, "number", SCNtohs(cd->id));
+                jb_close(js);
+                break;
+            }
          }
          jb_close(js);
author	Alice Akaki <akakialice@gmail.com>
	Fri, 11 Oct 2024 22:02:18 +0000 (18:02 -0400)
committer	Victor Julien <victor@inliniac.net>
	Tue, 15 Oct 2024 11:54:29 +0000 (13:54 +0200)