From f49c181cebc46a1279f2e79719ff04544df9021f Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Mon, 8 Feb 2021 08:28:37 +0100
Subject: [PATCH] detect/analyzer: display per rule prefilter details

---
 src/detect-engine-analyzer.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 88cce4ca64..0cad2dccd4 100644
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -911,6 +911,18 @@ void EngineAnalysisRules2(const DetectEngineCtx *de_ctx, const Signature *s)
             smd++;
         } while (1);
         jb_close(ctx.js);
+    } else if (s->init_data->prefilter_sm) {
+        jb_open_object(ctx.js, "prefilter");
+        int prefilter_list = SigMatchListSMBelongsTo(s, s->init_data->prefilter_sm);
+        const char *name;
+        if (prefilter_list < DETECT_SM_LIST_DYNAMIC_START)
+            name = DetectListToHumanString(prefilter_list);
+        else
+            name = DetectBufferTypeGetNameById(de_ctx, prefilter_list);
+        jb_set_string(ctx.js, "buffer", name);
+        const char *mname = sigmatch_table[s->init_data->prefilter_sm->type].name;
+        jb_set_string(ctx.js, "name", mname);
+        jb_close(ctx.js);
     }
 
     if (ctx.js_warnings) {