Implements l7 category and dns request added to exclusion alerts

Implements #4942
2026-04-29 23:49:33 +00:00 · 2021-02-16 16:05:16 +01:00 · 2021-02-16 16:05:16 +01:00 · 12cd9069d1
commit 12cd9069d1
parent 370ed8a475
5 changed files with 94 additions and 23 deletions
--- a/scripts/lua/modules/user_scripts.lua
+++ b/scripts/lua/modules/user_scripts.lua
@ -141,7 +141,26 @@ local available_subdirs = {
 		  -- Check for equality on either the master or application protocol
 		  return flow.getProtocol() == tonumber(val)
 	       end
-	    }
+	    },
+	    l7_cat = {
+	       lint = http_lint.validateCategory,
+	       match = function(context, val)
+		  -- If val is the application name, then it is converted to application id
+		  if not tonumber(val) then val = interface.getnDPICategoryId(val) end
+		  -- For integers represented as strings
+		  val = tonumber(val)
+		  -- Check for equality on either the master or application ids
+		  return flow.getnDPICategoryId() == val
+	       end
+	    },
+	    dns_last_query = {
+	       lint = http_lint.validateSingleWord,
+	       match = function(context, val)
+		  -- Check for equality on either the master or application ids
+		  return flow.getDnsQuery() == val
+	       end
+	    },
+
 --	    info     = http_lint.validateUnquoted,
 	 },
      },
@ -1224,6 +1243,7 @@ function user_scripts.updateScriptConfig(confid, script_key, subdir, new_config,
      
      if not filter_conf["filter"]["current_filters"] then
 	 filter_conf["filter"]["current_filters"] = {}
+	 filter_conf["filter"]["current_filters"] = (user_scripts.getDefaultFilters(interface.getId(), subdir, script_key))["current_filters"] or {}
      end
      
      if table.len(additional_filters) == 0 then
@ -1621,7 +1641,7 @@ function user_scripts.getFilterPreset(alert)
   if not available_subdirs[subdir_id]["filter"] then
      return ''
   end
-   
+
   -- Checking if the script has default filter fields or not
   -- if not, getting the default for the subdir
   if script["filter"] and script["filter"]["default_fields"] then
@ -1847,4 +1867,20 @@ end

 -- ##############################################

+function user_scripts.getDefaultFilters(ifid, subdir, script_key)
+
+   local script_type = user_scripts.getScriptType(subdir)
+   local script = user_scripts.loadModule(ifid, script_type, subdir, script_key)
+   local filters = {}
+   filters["current_filters"] = {}
+
+   if script["filter"] and script["filter"]["default_filters"] then
+      filters["current_filters"] = script["filter"]["default_filters"] 
+   end
+
+   return filters
+end
+
+-- ##############################################
+
 return(user_scripts)