]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e713cb)
detect/analyzer: Include ICMP icode information
authorJeff Lucovsky <jlucovsky@oisf.net>
Sun, 15 Jun 2025 14:12:46 +0000 (10:12 -0400)
committerVictor Julien <victor@inliniac.net>
Fri, 27 Jun 2025 02:11:49 +0000 (04:11 +0200)
Issue: 6359

Extend the rules analysis to include ICMP icode information.

src/detect-engine-analyzer.c patch | blob | blame | history

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index b262868271caa7f8e28184bf3193dd0fff428914..98eb1b95589858090d4a39d1e1f48f7a80423294 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -942,6 +942,13 @@ static void DumpMatches(RuleAnalyzer *ctx, SCJsonBuilder *js, const SigMatchData
                 SCJbClose(js);
                 break;
             }
+            case DETECT_ICODE: {
+                const DetectU8Data *cd = (const DetectU8Data *)smd->ctx;
+                SCJbOpenObject(js, "code");
+                SCDetectU8ToJson(js, cd);
+                SCJbClose(js);
+                break;
+            }
             case DETECT_ICMP_ID: {
                 const DetectIcmpIdData *cd = (const DetectIcmpIdData *)smd->ctx;
                 SCJbOpenObject(js, "id");
Mirror of https://github.com/OISF/suricata.git