From: Victor Julien <victor@inliniac.net>
Date: Tue, 27 Nov 2018 09:50:51 +0000 (+0100)
Subject: detect/http_user_agent: set alternative and info flags
X-Git-Tag: suricata-5.0.0-beta1~264
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e222017a296ccd2e069b287bacd4f9e114c89bc7;p=thirdparty%2Fsuricata.git

detect/http_user_agent: set alternative and info flags
---

diff --git a/src/detect-http-ua.c b/src/detect-http-ua.c
index 2007e0d752..7772c65351 100644
--- a/src/detect-http-ua.c
+++ b/src/detect-http-ua.c
@@ -84,6 +84,8 @@ void DetectHttpUARegister(void)
     sigmatch_table[DETECT_AL_HTTP_USER_AGENT].RegisterTests = DetectHttpUARegisterTests;
 #endif
     sigmatch_table[DETECT_AL_HTTP_USER_AGENT].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_AL_HTTP_USER_AGENT].flags |= SIGMATCH_INFO_CONTENT_MODIFIER;
+    sigmatch_table[DETECT_AL_HTTP_USER_AGENT].alternative = DETECT_HTTP_UA;
 
     /* http.user_agent sticky buffer */
     sigmatch_table[DETECT_HTTP_UA].name = "http.user_agent";
@@ -91,6 +93,7 @@ void DetectHttpUARegister(void)
     sigmatch_table[DETECT_HTTP_UA].url = DOC_URL DOC_VERSION "/rules/http-keywords.html#http-user-agent";
     sigmatch_table[DETECT_HTTP_UA].Setup = DetectHttpUserAgentSetup;
     sigmatch_table[DETECT_HTTP_UA].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_HTTP_UA].flags |= SIGMATCH_INFO_STICKY_BUFFER;
 
     DetectAppLayerInspectEngineRegister2("http_user_agent", ALPROTO_HTTP,
             SIG_FLAG_TOSERVER, HTP_REQUEST_HEADERS,