From: Nancy Enos <nicymimz@gmail.com>
Date: Wed, 23 Oct 2024 21:29:18 +0000 (+0300)
Subject: detect/analyzer: add more details for the tcp window keyword
X-Git-Tag: suricata-8.0.0-beta1~744
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=98cd2411b6467e4489a308874be3ea4b12cd8c64;p=thirdparty%2Fsuricata.git

detect/analyzer: add more details for the tcp window keyword

Ticket: 6352
---

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index dcf3ce60a6..d852792fd3 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -52,6 +52,7 @@
 #include "detect-flowbits.h"
 #include "util-var-name.h"
 #include "detect-icmp-id.h"
+#include "detect-tcp-window.h"
 
 static int rule_warnings_only = 0;
 
@@ -932,6 +933,14 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js);
                 break;
             }
+            case DETECT_WINDOW: {
+                const DetectWindowData *wd = (const DetectWindowData *)smd->ctx;
+                jb_open_object(js, "window");
+                jb_set_uint(js, "size", wd->size);
+                jb_set_bool(js, "negated", wd->negated);
+                jb_close(js);
+                break;
+            }
             case DETECT_FLOW_AGE: {
                 const DetectU32Data *cd = (const DetectU32Data *)smd->ctx;
                 jb_open_object(js, "flow_age");