Optimization #4753
closedlua: fix inconsistency in the init "needs" key
Description
In Suricata, there's a difference in the usage of needs key, depending on whether one is writing a match or a log function in the lua scripts.
It is better to have the same behavior for both use cases.
Current behavior:
If one wants to use the log ability, the usage is:
function init (args)
local needs = {}
needs["protocol"] = "tls"
return needs
end
If one wants to write a match function in Lua scripts, then it must be:
function init(args)
local needs = {}
needs["tls"] = "true"
return needs
end
Real-life examples:
Example for match: https://github.com/OISF/suricata-verify/blob/master/tests/dns-lua-rules/test-rrname.lua Example for log: https://github.com/OISF/suricata-verify/blob/master/tests/lua-output-dns/test.lua
Expected behavior:
regardless of what function is being written, users should be able to use needs in the same way.
JF Updated by Juliana Fajardini Reichow over 4 years ago
- Related to Documentation #4725: Inconsistent "needs" key documentation for Lua functions added
JF Updated by Juliana Fajardini Reichow over 4 years ago
- Status changed from New to In Review
PR: https://github.com/OISF/suricata/pull/6480
(this PR is actually for the documentation, not for the change in the code itself)
JF Updated by Juliana Fajardini Reichow over 4 years ago
- Status changed from In Review to Assigned
VJ Updated by Victor Julien over 3 years ago
- Target version changed from 7.0.0-beta1 to 8.0.0-beta1
VJ Updated by Victor Julien about 2 years ago
- Assignee changed from Juliana Fajardini Reichow to OISF Dev
VJ Updated by Victor Julien about 2 years ago
- Status changed from Assigned to New
- Assignee changed from OISF Dev to Jo Johnson
VJ Updated by Victor Julien almost 2 years ago
- Assignee changed from Jo Johnson to Jason Ish
VJ Updated by Victor Julien almost 2 years ago
- Subject changed from Fix inconsistency in Lua functions for the "needs" key to lua: fix inconsistency in the init "needs" key
VJ Updated by Victor Julien almost 2 years ago
- Blocks Story #7128: lua: sandboxed lua support with mimimum set of bindings added
VJ Updated by Victor Julien about 1 year ago
The idea of hooks as in #7485 will replace the hooks like registration the needs logic currently provides. This will allow the rule to control where the script is hooked in.
VJ Updated by Victor Julien about 1 year ago
- Related to Feature #7485: rules: allow specifying explicit hooks added
VJ Updated by Victor Julien about 1 year ago
- Related to Task #7486: lua: turn flowvars into lib added
VJ Updated by Victor Julien about 1 year ago
- Related to Task #7487: lua: turn flowints into lib added
VJ Updated by Victor Julien about 1 year ago
- Blocked by Task #7492: lua: remove script_api_ver check from needs block added
JI Updated by Jason Ish about 1 year ago
- Status changed from New to Assigned
As discussed, returning a table here can still make sense.
Make it consistent between output and rules.
VJ Updated by Victor Julien 12 months ago
- Target version changed from 8.0.0-beta1 to 8.0.0-rc1
JI Updated by Jason Ish 10 months ago ยท Edited
- Target version changed from 8.0.0-rc1 to 8.0.0
Pushing back to 8.0.0 final. It is clear we still need this table returned in some cases, and I think its more of a documentation issue at this point.
We could also continue to make it better between rc1 and final, but keeping backwards compatibility, which should be simple and not messy.
JI Updated by Jason Ish 9 months ago
- Status changed from Assigned to Closed
Closing. Where needed, this now accepts `true`, and doesn't need `tostring(true)`. There is probably some room for cleanup which will be found during documentation review of the other items, but that can be done while preserving backward compatibility, as we're not going to change of this in the timeline for 8.0.0, and that means we need to keep compatibility for the 8.0 cycle.