Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lua dataset/v6 #12090

Draft
wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Lua dataset/v6 #12090

wants to merge 3 commits into from
+106 −5

Conversation

victorjulien
Copy link
Member

@victorjulien victorjulien commented Nov 6, 2024
edited
Loading

@victorjulien
detect/lua: improve stack dumping
6c3b054 
Only useful when debugging. Add a prefix and a stack size indication.
@victorjulien
detect/lua: add thread_init
18675ac 
Add optional `thread_init` function support. This function is called per
script, per thread to allow a user to initialize the lua state.
@victorjulien
detect/lua: add support for datasets
a945cd2 
dataset.get_ref
  gets a reference to an existing dataset

dataset.add
  returns 1 if a new entry was added
  returns 0 if entry was already in the set

Example:
```
function init (args)
    local needs = {}
    needs["packet"] = tostring(true)
    return needs
end

function thread_init (args)
    conn_new, err = dataset.get_ref("conn-seen")
    if err ~= nil then
        SCLogWarning("dataset warning: " .. err)
        return 0
    end
end

function match (args)
    ipver, srcip, dstip, proto, sp, dp = SCFlowTuple()
    str = ipver .. ":<" .. srcip .. ">:<" .. dstip .. ">:" .. dp

    ret, err = dataset.add(conn_new, str, #str);
    if ret == 1 then
        SCLogInfo(str .. " => " .. ret)
    end
    return ret
end
```

Ticket: OISF#7243.
@codecov Codecov
Copy link

codecov bot commented Nov 6, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 79.24528% with 11 lines in your changes missing coverage. Please review.

Project coverage is 83.28%. Comparing base (dd71ef0) to head (a945cd2).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #12090      +/-   ##
==========================================
+ Coverage   83.25%   83.28%   +0.02%     
==========================================
  Files         910      910              
  Lines      257571   257624      +53     
==========================================
+ Hits       214450   214559     +109     
+ Misses      43121    43065      -56
Flag Coverage Δ
fuzzcorpus 61.20% <0.00%> (+0.03%) ⬆️
livemode 19.40% <3.77%> (-0.01%) ⬇️
pcap 44.49% <3.77%> (+0.01%) ⬆️
suricata-verify 62.83% <79.24%> (+0.05%) ⬆️
unittests 59.34% <15.09%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23255

@victorjulien
Copy link
Member Author

Passed my QA. Ran this PR with SV PR OISF/suricata-verify#2120. Local pipeline 5131, run 627.

jasonish
jasonish reviewed Nov 12, 2024
View reviewed changes
src/detect-lua-extensions.c
return 1;
}

static int LuaDatasetAdd(lua_State *luastate)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Related to this function: OISF/suricata-verify#2120 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@victorjulien @suricata-qa @jasonish