From: Victor Julien <victor@inliniac.net>
Date: Mon, 8 Feb 2021 07:28:37 +0000 (+0100)
Subject: detect/analyzer: display per rule prefilter details
X-Git-Tag: suricata-7.0.0-beta1~1497
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f49c181cebc46a1279f2e79719ff04544df9021f;p=thirdparty%2Fsuricata.git

detect/analyzer: display per rule prefilter details
---

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 88cce4ca64..0cad2dccd4 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -911,6 +911,18 @@ void EngineAnalysisRules2(const DetectEngineCtx *de_ctx, const Signature *s)
             smd++;
         } while (1);
         jb_close(ctx.js);
+    } else if (s->init_data->prefilter_sm) {
+        jb_open_object(ctx.js, "prefilter");
+        int prefilter_list = SigMatchListSMBelongsTo(s, s->init_data->prefilter_sm);
+        const char *name;
+        if (prefilter_list < DETECT_SM_LIST_DYNAMIC_START)
+            name = DetectListToHumanString(prefilter_list);
+        else
+            name = DetectBufferTypeGetNameById(de_ctx, prefilter_list);
+        jb_set_string(ctx.js, "buffer", name);
+        const char *mname = sigmatch_table[s->init_data->prefilter_sm->type].name;
+        jb_set_string(ctx.js, "name", mname);
+        jb_close(ctx.js);
     }
 
     if (ctx.js_warnings) {