Dns logger display flags information

diff --git a/rust/src/dns/log.rs b/rust/src/dns/log.rs
index c1334ba3e93111a32732eff49dba828767dd5a84..58935bd92309ad985af51098f38e47d4f32eccf4 100644 (file)
--- a/rust/src/dns/log.rs
+++ b/rust/src/dns/log.rs
@@ -379,6 +379,22 @@ fn dns_log_json_answer(header: &DNSHeader, answer: &DNSAnswerEntry)
 
     js.set_string("type", "answer");
     js.set_integer("id", header.tx_id as u64);
+    js.set_string("flags", format!("{:x}", header.flags).as_str());
+    if header.flags & 0x8000 != 0 {
+        js.set_boolean("qr", true);
+    }
+    if header.flags & 0x0400 != 0 {
+        js.set_boolean("aa", true);
+    }
+    if header.flags & 0x0200 != 0 {
+        js.set_boolean("tc", true);
+    }
+    if header.flags & 0x0100 != 0 {
+        js.set_boolean("rd", true);
+    }
+    if header.flags & 0x0080 != 0 {
+        js.set_boolean("ra", true);
+    }
     js.set_string("rcode", &dns_rcode_string(header.flags));
     js.set_string_from_bytes("rrname", &answer.name);
     js.set_string("rrtype", &dns_rrtype_string(answer.rrtype));

diff --git a/src/output-json-dns.c b/src/output-json-dns.c
index 3e2aae735d713c37683ad9bdf28e81d0ac465e55..d18ca84b8422cc4411800e36135ea14fbefe2183 100644 (file)
--- a/src/output-json-dns.c
+++ b/src/output-json-dns.c
@@ -467,8 +467,19 @@ static void OutputAnswer(LogDnsLogThread *aft, json_t *djs,
 
     /* dns */
     char flags[7] = "";
-    snprintf(flags, sizeof(flags), "0x%4x", tx->flags);
+    snprintf(flags, sizeof(flags), "%4x", tx->flags);
     json_object_set_new(js, "flags", json_string(flags));
+    if (tx->flags & 0x8000)
+        json_object_set_new(js, "qr", json_true());
+    if (tx->flags & 0x0400)
+        json_object_set_new(js, "aa", json_true());
+    if (tx->flags & 0x0200)
+        json_object_set_new(js, "tc", json_true());
+    if (tx->flags & 0x0100)
+        json_object_set_new(js, "rd", json_true());
+    if (tx->flags & 0x0080)
+        json_object_set_new(js, "ra", json_true());
+
 
     /* rcode */
     char rcode[16] = "";