From: Alice Akaki <akakialice@gmail.com>
Date: Fri, 11 Oct 2024 22:02:18 +0000 (-0400)
Subject: detect/analyzer: add more details for icmp_id
X-Git-Tag: suricata-8.0.0-beta1~792
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa1addae641deb7b41fa250e05503fa999d2d467;p=thirdparty%2Fsuricata.git

detect/analyzer: add more details for icmp_id

Ticket: #6360
---

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 3ae77526db..3d4d8991a3 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -51,6 +51,7 @@
 #include "util-conf.h"
 #include "detect-flowbits.h"
 #include "util-var-name.h"
+#include "detect-icmp-id.h"
 
 static int rule_warnings_only = 0;
 
@@ -924,6 +925,13 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js);
                 break;
             }
+            case DETECT_ICMP_ID: {
+                const DetectIcmpIdData *cd = (const DetectIcmpIdData *)smd->ctx;
+                jb_open_object(js, "id");
+                jb_set_uint(js, "number", SCNtohs(cd->id));
+                jb_close(js);
+                break;
+            }
         }
         jb_close(js);