This adds dns header's flags in eve
log.
Signed-off-by: Eric Leblond <eric@regit.org>
typedef struct DNSTransaction_ {
uint16_t tx_num; /**< internal: id */
uint16_t tx_id; /**< transaction id */
+ uint16_t flags; /**< dns flags */
uint32_t logged; /**< flags for loggers done logging */
uint8_t replied; /**< bool indicating request is
replied to. */
tx->recursion_desired = 1;
}
+ tx->flags = ntohs(dns_header->flags);
tx->replied = 1;
}
if (f != NULL) {
/* id */
json_object_set_new(js, "id", json_integer(tx->tx_id));
+ /* dns */
+ char flags[7] = "";
+ snprintf(flags, sizeof(flags), "0x%4x", tx->flags);
+ json_object_set_new(js, "flags", json_string(flags));
+
/* rcode */
char rcode[16] = "";
DNSCreateRcodeString(tx->rcode, rcode, sizeof(rcode));
projects / thirdparty / suricata.git / commitdiff
