AppId service;
const char* username = appid_session_api.get_client_info(service);
if ( service > APP_ID_NONE and username and *username )
- discover_user(p, ht, (const struct in6_addr*) src_ip->get_ip6_ptr(), src_mac,
+ discover_user(p, ht, (const struct in6_addr*) p->ptrs.ip_api.get_dst()->get_ip6_ptr(),
logger, username, service, proto);
}
}
void RnaAppDiscovery::discover_user(const Packet* p, RnaTracker& rt,
- const struct in6_addr* src_ip, const uint8_t* src_mac, RnaLogger& logger,
- const char* username, AppId service, IpProtocol proto)
+ const struct in6_addr* ip, RnaLogger& logger, const char* username,
+ AppId service, IpProtocol proto)
{
if ( rt->update_service_user(p->flow->server_port, proto, username) )
{
- logger.log(RUA_EVENT, CHANGE_USER_LOGIN, p, &rt, src_ip, src_mac, username,
+ logger.log(RUA_EVENT, CHANGE_USER_LOGIN, p, &rt, ip, username,
service, (uint32_t) packet_time());
}
}
RnaLogger&, const char*, AppId client, AppId service);
static void discover_user(const snort::Packet*, RnaTracker&, const struct in6_addr*,
- const uint8_t* src_mac, RnaLogger&, const char* username, AppId, IpProtocol);
+ RnaLogger&, const char* username, AppId, IpProtocol);
private:
static void update_service_info(const snort::Packet*, IpProtocol, const char* vendor,
#ifdef DEBUG_MSGS
static inline void rna_logger_message(const RnaLoggerEvent& rle)
{
- char macbuf[19];
- snprintf(macbuf, 19, "%02X:%02X:%02X:%02X:%02X:%02X",
- rle.mac[0], rle.mac[1], rle.mac[2], rle.mac[3], rle.mac[4], rle.mac[5]);
+ char macbuf[19] = { 0 };
+ if ( rle.mac )
+ snprintf(macbuf, 19, "%02X:%02X:%02X:%02X:%02X:%02X",
+ rle.mac[0], rle.mac[1], rle.mac[2], rle.mac[3], rle.mac[4], rle.mac[5]);
+
if ( rle.ip )
{
SfIp ip;
SfIpString ipbuf;
ip.set(rle.ip); // using this instead of packet's ip to support ARP
- debug_logf(rna_trace, nullptr, "RNA log: type %u, subtype %u, mac %s, ip %s\n",
- rle.type, rle.subtype, macbuf, ip.ntop(ipbuf));
+ if ( rle.mac )
+ debug_logf(rna_trace, nullptr, "RNA log: type %u, subtype %u, mac %s, ip %s\n",
+ rle.type, rle.subtype, macbuf, ip.ntop(ipbuf));
+ else
+ debug_logf(rna_trace, nullptr, "RNA log: type %u, subtype %u, ip %s\n",
+ rle.type, rle.subtype, ip.ntop(ipbuf));
+
if ( rle.hc )
{
if ( rle.hc->version[0] != '\0' )
}
void RnaLogger::log(uint16_t type, uint16_t subtype, const Packet* p, RnaTracker* ht,
- const struct in6_addr* src_ip, const uint8_t* src_mac, const char* user, AppId appid,
- uint32_t event_time)
+ const struct in6_addr* ip, const char* user, AppId appid, uint32_t event_time)
{
- log(type, subtype, src_ip, src_mac, ht, p, event_time, 0,
+ log(type, subtype, ip, nullptr, ht, p, event_time, 0,
nullptr, nullptr, nullptr, nullptr, nullptr, user, appid);
}
// for host user
void log(uint16_t type, uint16_t subtype, const snort::Packet*, RnaTracker*,
- const struct in6_addr*, const uint8_t* src_mac, const char* user,
- AppId appid, uint32_t event_time);
+ const struct in6_addr*, const char* user, AppId appid, uint32_t event_time);
// for fingerprint
void log(uint16_t type, uint16_t subtype, const snort::Packet* p, RnaTracker* ht,
projects / thirdparty / snort3.git / commitdiff
