suricata
suricata copied to clipboard
Published
20 hours ago •
OISF
OISF
detect/analyzer: add more details for the tcp ack keyword - v5
Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/6354
Previous PR: https://github.com/OISF/suricata/pull/9659
Describe changes:
- Included the detect-tcp-ack header.
- Made a mistake submitting this PR before the Suricata-verify PR; had to resubmit so the CI will pick it.
Output:
{
"raw": "alert tcp any any -> any any (msg:\"Testing ack\"; ack:782; sid:1;)",
"id": 1,
"gid": 1,
"rev": 0,
"msg": "Testing ack",
"app_proto": "unknown",
"requirements": [],
"type": "pkt",
"flags": [
"src_any",
"dst_any",
"sp_any",
"dp_any",
"need_packet",
"toserver",
"toclient"
],
"pkt_engines" : [
{
"name": "packet",
"is_mpm": false
}
],
"frame_engines": [],
"lists": {
"packet": {
"matches": [
{
"name": "tcp.ack",
"ack": {
"number": 782
}
}
]
}
}
}
SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1627
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Comparison is base (
c3b3c11) 82.28% compared to head (83c7f92) 82.35%. Report is 12 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #10266 +/- ##
==========================================
+ Coverage 82.28% 82.35% +0.07%
==========================================
Files 977 977
Lines 271950 271956 +6
==========================================
+ Hits 223784 223982 +198
+ Misses 48166 47974 -192
| Flag | Coverage Δ | |
|---|---|---|
| fuzzcorpus | 63.59% <0.00%> (+0.19%) |
:arrow_up: |
| suricata-verify | 61.52% <100.00%> (+<0.01%) |
:arrow_up: |
| unittests | 62.82% <0.00%> (-0.01%) |
:arrow_down: |
Flags with carried forward coverage won't be shown. Click here to find out more.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Re-triggered CI runs to see if they're still green with the new SV PR that was linked to it.
