dns/eve: add 'HTTPS' type logging

author Haleema Khan <hsadia538@gmail.com>

Sat, 15 Oct 2022 04:17:42 +0000 (09:17 +0500)

committer Victor Julien <victor@inliniac.net>

Tue, 5 Sep 2023 05:27:43 +0000 (07:27 +0200)
author Haleema Khan <hsadia538@gmail.com>
Sat, 15 Oct 2022 04:17:42 +0000 (09:17 +0500)
committer Victor Julien <victor@inliniac.net>
Tue, 5 Sep 2023 05:27:43 +0000 (07:27 +0200)
diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs

index 31add6dd640e94c92f886583edea5236ee13bf36..6307fa091abd04c97315141071e8ca69064ad7f5 100644 (file)
--- a/rust/src/dns/dns.rs
+++ b/rust/src/dns/dns.rs
@@ -85,6 +85,7 @@ pub const DNS_RECORD_TYPE_TLSA        : u16 = 52;
  pub const DNS_RECORD_TYPE_HIP         : u16 = 55;
  pub const DNS_RECORD_TYPE_CDS         : u16 = 59;
  pub const DNS_RECORD_TYPE_CDNSKEY     : u16 = 60;
+pub const DNS_RECORD_TYPE_HTTPS       : u16 = 65;
  pub const DNS_RECORD_TYPE_SPF         : u16 = 99;  // Obsolete
  pub const DNS_RECORD_TYPE_TKEY        : u16 = 249;
  pub const DNS_RECORD_TYPE_TSIG        : u16 = 250;
diff --git a/rust/src/dns/log.rs b/rust/src/dns/log.rs

index 27abab245afc508ab5abb98b713ebb9342492d47..5e8e54d8c8c934dc8a4bcc2488d3d9d06d77d8b5 100644 (file)
--- a/rust/src/dns/log.rs
+++ b/rust/src/dns/log.rs
@@ -86,6 +86,7 @@ pub const LOG_URI        : u64 = BIT_U64!(59);
  
  pub const LOG_FORMAT_GROUPED  : u64 = BIT_U64!(60);
  pub const LOG_FORMAT_DETAILED : u64 = BIT_U64!(61);
+pub const LOG_HTTPS      : u64 = BIT_U64!(62);
  
  fn dns_log_rrtype_enabled(rtype: u16, flags: u64) -> bool
  {
@@ -250,6 +251,9 @@ fn dns_log_rrtype_enabled(rtype: u16, flags: u64) -> bool
          DNS_RECORD_TYPE_CDNSKEY => {
              return flags & LOG_CDNSKEY != 0;
          }
+        DNS_RECORD_TYPE_HTTPS => {
+            return flags & LOG_HTTPS != 0;
+        }
          DNS_RECORD_TYPE_SPF => {
              return flags & LOG_SPF != 0;
          }
@@ -324,6 +328,7 @@ pub fn dns_rrtype_string(rrtype: u16) -> String {
          DNS_RECORD_TYPE_HIP => "HIP",
          DNS_RECORD_TYPE_CDS => "CDS",
          DNS_RECORD_TYPE_CDNSKEY => "CDSNKEY",
+        DNS_RECORD_TYPE_HTTPS => "HTTPS",
          DNS_RECORD_TYPE_MAILA => "MAILA",
          DNS_RECORD_TYPE_URI => "URI",
          DNS_RECORD_TYPE_MB => "MB",
diff --git a/src/output-json-dns.c b/src/output-json-dns.c

index cf9043bc05ce26af61e949ce59cf446aab8d003b..6d376c631f63e3d76279d54c7dd57e50fe3d7bd5 100644 (file)
--- a/src/output-json-dns.c
+++ b/src/output-json-dns.c
@@ -119,6 +119,7 @@
  
  #define LOG_FORMAT_GROUPED     BIT_U64(60)
  #define LOG_FORMAT_DETAILED    BIT_U64(61)
+#define LOG_HTTPS              BIT_U64(62)
  
  #define LOG_FORMAT_ALL (LOG_FORMAT_GROUPED|LOG_FORMAT_DETAILED)
  #define LOG_ALL_RRTYPES (~(uint64_t)(LOG_QUERIES|LOG_ANSWERS|LOG_FORMAT_DETAILED|LOG_FORMAT_GROUPED))
@@ -176,6 +177,7 @@ typedef enum {
      DNS_RRTYPE_HIP,
      DNS_RRTYPE_CDS,
      DNS_RRTYPE_CDNSKEY,
+    DNS_RRTYPE_HTTPS,
      DNS_RRTYPE_SPF,
      DNS_RRTYPE_TKEY,
      DNS_RRTYPE_TSIG,
@@ -196,6 +198,7 @@ static struct {
      const char *config_rrtype;
      uint64_t flags;
  } dns_rrtype_fields[] = {
+    // clang-format off
     { "a", LOG_A },
     { "ns", LOG_NS },
     { "md", LOG_MD },
@@ -248,12 +251,14 @@ static struct {
     { "hip", LOG_HIP },
     { "cds", LOG_CDS },
     { "cdnskey", LOG_CDNSKEY },
+   { "https", LOG_HTTPS },
     { "spf", LOG_SPF },
     { "tkey", LOG_TKEY },
     { "tsig", LOG_TSIG },
     { "maila", LOG_MAILA },
     { "any", LOG_ANY },
     { "uri", LOG_URI }
+    // clang-format on
  };
  
  typedef struct LogDnsFileCtx_ {
author	Haleema Khan <hsadia538@gmail.com>
	Sat, 15 Oct 2022 04:17:42 +0000 (09:17 +0500)
committer	Victor Julien <victor@inliniac.net>
	Tue, 5 Sep 2023 05:27:43 +0000 (07:27 +0200)
rust/src/dns/dns.rs		patch \| blob \| blame \| history
rust/src/dns/log.rs		patch \| blob \| blame \| history
src/output-json-dns.c		patch \| blob \| blame \| history