json: add tcp flags to json utility function

Turns a flags bitfield into a set of json bools.

diff --git a/src/output-json.c b/src/output-json.c
index 547f0ac3d4dcd22e1b0ac51a9524b9eade2ff925..3fd5500066b452b620f7e285cb05e1fb758b08fb 100644 (file)
--- a/src/output-json.c
+++ b/src/output-json.c
@@ -147,6 +147,28 @@ static enum JsonOutput json_out = ALERT_FILE;
 
 static enum JsonFormat format = COMPACT;
 
+/** \brief jsonify tcp flags field
+ *  Only add 'true' fields in an attempt to keep things reasonably compact.
+ */
+void JsonTcpFlags(uint8_t flags, json_t *js) {
+    if (flags & TH_SYN)
+        json_object_set_new(js, "syn", json_true());
+    if (flags & TH_FIN)
+        json_object_set_new(js, "fin", json_true());
+    if (flags & TH_RST)
+        json_object_set_new(js, "rst", json_true());
+    if (flags & TH_PUSH)
+        json_object_set_new(js, "psh", json_true());
+    if (flags & TH_ACK)
+        json_object_set_new(js, "ack", json_true());
+    if (flags & TH_URG)
+        json_object_set_new(js, "urg", json_true());
+    if (flags & TH_ECN)
+        json_object_set_new(js, "ecn", json_true());
+    if (flags & TH_CWR)
+        json_object_set_new(js, "cwr", json_true());
+}
+
 json_t *CreateJSONHeader(Packet *p, int direction_sensitive, char *event_type)
 {
     char timebuf[64];

diff --git a/src/output-json.h b/src/output-json.h
index 4a42f1e532ea00ec3203068294132b60ee466334..418c9de1b8847d33d79fcc7832be1ef6049479f0 100644 (file)
--- a/src/output-json.h
+++ b/src/output-json.h
@@ -32,6 +32,7 @@ void TmModuleOutputJsonRegister (void);
 #include "util-buffer.h"
 #include "util-logopenfile.h"
 
+void JsonTcpFlags(uint8_t flags, json_t *js);
 json_t *CreateJSONHeader(Packet *p, int direction_sensative, char *event_type);
 TmEcode OutputJSON(json_t *js, void *data, uint64_t *count);
 int OutputJSONBuffer(json_t *js, LogFileCtx *file_ctx, MemBuffer *buffer);