From: Victor Julien <victor@inliniac.net>
Date: Wed, 6 Jul 2016 11:08:02 +0000 (+0200)
Subject: lua: add smtp for detection
X-Git-Tag: suricata-3.1.1~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=da8f9c1896adfd6146c5a20fb09a315c847e80df;p=thirdparty%2Fsuricata.git

lua: add smtp for detection
---

diff --git a/src/detect-lua.c b/src/detect-lua.c
index a05583e003..99cb13be37 100644
--- a/src/detect-lua.c
+++ b/src/detect-lua.c
@@ -165,8 +165,8 @@ void DetectLuaRegister(void)
 #define DATATYPE_DNS_RESPONSE               (1<<17)
 
 #define DATATYPE_TLS                        (1<<18)
-
 #define DATATYPE_SSH                        (1<<19)
+#define DATATYPE_SMTP                       (1<<20)
 
 #ifdef HAVE_LUAJIT
 static void *LuaStatePoolAlloc(void)
@@ -1027,6 +1027,12 @@ static int DetectLuaSetupPrime(DetectEngineCtx *de_ctx, DetectLuaData *ld)
 
             ld->flags |= DATATYPE_SSH;
 
+        } else if (strncmp(k, "smtp", 4) == 0 && strcmp(v, "true") == 0) {
+
+            ld->alproto = ALPROTO_SMTP;
+
+            ld->flags |= DATATYPE_SMTP;
+
         } else {
             SCLogError(SC_ERR_LUA_ERROR, "unsupported data type %s", k);
             goto error;
@@ -1126,6 +1132,8 @@ static int DetectLuaSetup (DetectEngineCtx *de_ctx, Signature *s, char *str)
         SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
     } else if (luajit->alproto == ALPROTO_SSH) {
         SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
+    } else if (luajit->alproto == ALPROTO_SMTP) {
+        SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
     } else {
         SCLogError(SC_ERR_LUA_ERROR, "luajit can't be used with protocol %s",
                    AppLayerGetProtoName(luajit->alproto));