Optimization #4753
openFix inconsistency in Lua functions for the "needs" key
Description
In Suricata, there's a difference in the usage of needs key, depending on whether one is writing a match or a log function in the lua scripts.
It is better to have the same behavior for both use cases.
Current behavior:
If one wants to use the log ability, the usage is:
function init (args)
local needs = {}
needs["protocol"] = "tls"
return needs
end
If one wants to write a match function in Lua scripts, then it must be:
function init(args)
local needs = {}
needs["tls"] = "true"
return needs
end
Real-life examples:
Example for match: https://github.com/OISF/suricata-verify/blob/master/tests/dns-lua-rules/test-rrname.lua Example for log: https://github.com/OISF/suricata-verify/blob/master/tests/lua-output-dns/test.lua
Expected behavior:
regardless of what function is being written, users should be able to use needs in the same way.
Updated by Juliana Fajardini Reichow over 1 year ago
- Related to Documentation #4725: Inconsistent "needs" key documentation for Lua functions added
Updated by Juliana Fajardini Reichow over 1 year ago
- Status changed from New to In Review
PR: https://github.com/OISF/suricata/pull/6480
(this PR is actually for the documentation, not for the change in the code itself)
Updated by Juliana Fajardini Reichow about 1 year ago
- Status changed from In Review to Assigned
Updated by Victor Julien 5 months ago
- Target version changed from 7.0.0-beta1 to 8.0beta1