detect/analyzer: add more details for icmp_id

Ticket: #6360
OISF · Oct 10, 2024 · 8016a32 · 8016a32
1 parent d5dd549
commit 8016a32
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
@@ -51,6 +51,7 @@
 #include "util-conf.h"
 #include "detect-flowbits.h"
 #include "util-var-name.h"
+#include "detect-icmp-id.h"
 
 static int rule_warnings_only = 0;
 
@@ -924,6 +925,13 @@ static void DumpMatches(RuleAnalyzer *ctx, JsonBuilder *js, const SigMatchData *
                 jb_close(js);
                 break;
             }
+            case DETECT_ICMP_ID: {
+                const DetectIcmpIdData *cd = (const DetectIcmpIdData *)smd->ctx;
+                jb_open_object(js, "id");
+                jb_set_uint(js, "number", cd->id);
+                jb_close(js);
+                break;
+            }
         }
         jb_close(js);