]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 561b81d)
detect/analyzer: add more details for the tcp ack keyword
authorDaniel Olatunji <danielolatunji20@outlook.com>
Sat, 27 Jan 2024 13:28:02 +0000 (14:28 +0100)
committerVictor Julien <victor@inliniac.net>
Tue, 9 Apr 2024 08:27:32 +0000 (10:27 +0200)
Issue: 6354
Added the DETECT_ACK case to detect-engine-analyzer.c

src/detect-engine-analyzer.c patch | blob | blame | history

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 43fd6d84c59571ece10b6e7387d787a210eb4671..354c93413fc44c95bade53bc070a20e60c2e36e0 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -39,6 +39,7 @@
 #include "detect-bytetest.h"
 #include "detect-flow.h"
 #include "detect-tcp-flags.h"
+#include "detect-tcp-ack.h"
 #include "detect-ipopts.h"
 #include "feature.h"
 #include "util-print.h"
@@ -903,6 +904,14 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js); // object
                 break;
             }
+            case DETECT_ACK: {
+                const DetectAckData *cd = (const DetectAckData *)smd->ctx;
+
+                jb_open_object(js, "ack");
+                jb_set_uint(js, "number", cd->ack);
+                jb_close(js);
+                break;
+            }
         }
         jb_close(js);
 
Mirror of https://github.com/OISF/suricata.git