Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* evt.dir can be used in filters evt.dir was flagged as EPF_PRINT_ONLY, but it can be used in filters as well. Fix the flag. * Flag filters using args with EPF_REQUIRES_ARGUMENT Many filters required an argument in the form .arg or [arg], but they didn't have the flag EPF_REQUIRES_ARGUMENT. This flag wasn't used anywhere, but we plan on using it in falco soon, so it needs to be accurate. Do a pass over all filterchecks that call extract_arg and add EPF_REQUIRES_ARGUMENT as needed. * Flag addl filters w/ EPF_REQUIRES_ARGUMENT. Missed some in the previous commit.