mirror of https://github.com/OISF/suricata
cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
f29e5459e6
Add flowint lua functions for incrementing and decrementing flowints.
First use creates the var and inits to 0. So a call:
a = ScFlowintIncr(0)
Results in a == 1.
If the var reached UINT_MAX (2^32), it's not further incremented. If the
var reaches 0 it's not decremented further.
Calling ScFlowintDecr on a uninitialized var will init it to 0.
Example script:
function init (args)
local needs = {}
needs["http.request_headers"] = tostring(true)
needs["flowint"] = {"cnt_incr"}
return needs
end
function match(args)
a = ScFlowintIncr(0);
if a == 23 then
return 1
end
return 0
end
return 0
This script matches the 23rd time it's invoked on a flow.
|
12 years ago | |
|---|---|---|
| benches | ||
| contrib | ||
| doc | ||
| libhtp | 12 years ago | |
| m4 | ||
| qa | 12 years ago | |
| rules | 12 years ago | |
| scripts | ||
| src | 12 years ago | |
| .gitignore | ||
| COPYING | ||
| ChangeLog | ||
| LICENSE | ||
| Makefile.am | ||
| Makefile.cvs | ||
| acsite.m4 | ||
| autogen.sh | ||
| classification.config | ||
| configure.ac | 12 years ago | |
| doxygen.cfg | ||
| mkinstalldirs | ||
| reference.config | ||
| suricata.yaml.in | 12 years ago | |
| threshold.config | ||