mirror of https://github.com/OISF/suricata
cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
f29e5459e6
Add flowint lua functions for incrementing and decrementing flowints.
First use creates the var and inits to 0. So a call:
a = ScFlowintIncr(0)
Results in a == 1.
If the var reached UINT_MAX (2^32), it's not further incremented. If the
var reaches 0 it's not decremented further.
Calling ScFlowintDecr on a uninitialized var will init it to 0.
Example script:
function init (args)
local needs = {}
needs["http.request_headers"] = tostring(true)
needs["flowint"] = {"cnt_incr"}
return needs
end
function match(args)
a = ScFlowintIncr(0);
if a == 23 then
return 1
end
return 0
end
return 0
This script matches the 23rd time it's invoked on a flow.
|
12 years ago | |
|---|---|---|
| benches | ||
| contrib | 13 years ago | |
| doc | 13 years ago | |
| libhtp | 12 years ago | |
| m4 | 16 years ago | |
| qa | 12 years ago | |
| rules | 12 years ago | |
| scripts | 13 years ago | |
| src | 12 years ago | |
| .gitignore | 13 years ago | |
| COPYING | ||
| ChangeLog | 13 years ago | |
| LICENSE | 16 years ago | |
| Makefile.am | 13 years ago | |
| Makefile.cvs | ||
| acsite.m4 | 16 years ago | |
| autogen.sh | 13 years ago | |
| classification.config | 16 years ago | |
| configure.ac | 12 years ago | |
| doxygen.cfg | 13 years ago | |
| mkinstalldirs | 16 years ago | |
| reference.config | 14 years ago | |
| suricata.yaml.in | 12 years ago | |
| threshold.config | 13 years ago | |