dnp3: set byte order when logging dnp3 src and dst

DNP3 uses little endian on the wire, for the most part this
is handled as the messages are deserialize. However, the link
header is a cast over raw data, so swap these bytes as they
are being logged.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4173

(cherry picked from commit 76e011a5ba9ef50b53692bbfeaf25ad28bc96389)

diff --git a/src/output-json-dnp3.c b/src/output-json-dnp3.c
index dfa6ba054b55d0910bad9f6cb590772356c4890f..b24320f36a61c7bba56c8cefc72f90033e66210d 100644 (file)
--- a/src/output-json-dnp3.c
+++ b/src/output-json-dnp3.c
@@ -209,8 +209,8 @@ json_t *JsonDNP3LogRequest(DNP3Transaction *dnp3tx)
         json_object_set_new(dnp3js, "control", lcjs);
     }
 
-    json_object_set_new(dnp3js, "src", json_integer(dnp3tx->request_lh.src));
-    json_object_set_new(dnp3js, "dst", json_integer(dnp3tx->request_lh.dst));
+    json_object_set_new(dnp3js, "src", json_integer(DNP3_SWAP16(dnp3tx->request_lh.src)));
+    json_object_set_new(dnp3js, "dst", json_integer(DNP3_SWAP16(dnp3tx->request_lh.dst)));
 
     /* DNP3 application layer. */
     json_t *al = json_object();
@@ -260,8 +260,8 @@ json_t *JsonDNP3LogResponse(DNP3Transaction *dnp3tx)
         json_object_set_new(dnp3js, "control", lcjs);
     }
 
-    json_object_set_new(dnp3js, "src", json_integer(dnp3tx->response_lh.src));
-    json_object_set_new(dnp3js, "dst", json_integer(dnp3tx->response_lh.dst));
+    json_object_set_new(dnp3js, "src", json_integer(DNP3_SWAP16(dnp3tx->response_lh.src)));
+    json_object_set_new(dnp3js, "dst", json_integer(DNP3_SWAP16(dnp3tx->response_lh.dst)));
 
     /* DNP3 application layer. */
     json_t *al = json_object();