diff options
| author | 刘学利 <[email protected]> | 2023-04-06 08:39:08 +0000 |
|---|---|---|
| committer | 刘学利 <[email protected]> | 2023-04-06 08:39:08 +0000 |
| commit | bb264ca20f2722ae58d5930406160ba7dd2f2b2c (patch) | |
| tree | a972e347d384466f83f4d3e471307a70caf76072 /src/tsg_rule.cpp | |
| parent | fce380243e9407f313e59bcb84e6d4f0b61262e6 (diff) | |
tableID定义出现重复, 定义扫描LUA返回值的库表结构, 扫描时传入的protocol错误v6.0.2
Diffstat (limited to 'src/tsg_rule.cpp')
| -rw-r--r-- | src/tsg_rule.cpp | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index 539451a..6fb64b4 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -2287,16 +2287,31 @@ size_t tsg_scan_ipv4_address(const struct streaminfo *a_stream, struct maat *fea } int is_hited=0; + int protocol=-1; size_t n_matched_rules=0; long long matched_rules[MAX_RESULT_NUM]; + + switch(a_stream->type) + { + case STREAM_TYPE_TCP: + protocol=6; + break; + case STREAM_TYPE_UDP: + protocol=17; + break; + default: + protocol=-1; + break; + } + switch(idx) { case MAAT_SCAN_SRC_IP_ADDR: - is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->saddr, p_addr->v4->source, -1, + is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->saddr, p_addr->v4->source, protocol, matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid); break; case MAAT_SCAN_DST_IP_ADDR: - is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->daddr, p_addr->v4->dest, -1, + is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->daddr, p_addr->v4->dest, protocol, matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid); break; default: |