From: Daniel Olatunji <danielolatunji20@outlook.com>
Date: Sat, 27 Jan 2024 13:28:02 +0000 (+0100)
Subject: detect/analyzer: add more details for the tcp ack keyword
X-Git-Tag: suricata-8.0.0-beta1~1560
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d4051750255465244dd0ffa01966324cea66353;p=thirdparty%2Fsuricata.git

detect/analyzer: add more details for the tcp ack keyword

Issue: 6354
Added the DETECT_ACK case to detect-engine-analyzer.c
---

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 43fd6d84c5..354c93413f 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -39,6 +39,7 @@
 #include "detect-bytetest.h"
 #include "detect-flow.h"
 #include "detect-tcp-flags.h"
+#include "detect-tcp-ack.h"
 #include "detect-ipopts.h"
 #include "feature.h"
 #include "util-print.h"
@@ -903,6 +904,14 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js); // object
                 break;
             }
+            case DETECT_ACK: {
+                const DetectAckData *cd = (const DetectAckData *)smd->ctx;
+
+                jb_open_object(js, "ack");
+                jb_set_uint(js, "number", cd->ack);
+                jb_close(js);
+                break;
+            }
         }
         jb_close(js);