-/* Copyright (C) 2007-2014 Open Information Security Foundation
+/* Copyright (C) 2007-2020 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
if (p->alerts.cnt == 0)
return TM_ECODE_OK;
+ char proto[16] = "";
+ char *protoptr;
+ if (SCProtoNameValid(IPV4_GET_IPPROTO(p))) {
+ protoptr = known_proto[IPV4_GET_IPPROTO(p)];
+ } else {
+ snprintf(proto, sizeof(proto), "PROTO:%03" PRIu32, IPV4_GET_IPPROTO(p));
+ protoptr = proto;
+ }
+
/* Not sure if this mutex is needed around calls to syslog. */
SCMutexLock(&ast->file_ctx->fp_mutex);
action = "[wDrop] ";
}
- if (SCProtoNameValid(IPV4_GET_IPPROTO(p)) == TRUE) {
- syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
- PRIu32 "] %s [Classification: %s] [Priority: %"PRIu32"]"
- " {%s} %s:%" PRIu32 " -> %s:%" PRIu32 "", action, pa->s->gid,
- pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg, pa->s->prio,
- known_proto[IPV4_GET_IPPROTO(p)], srcip, p->sp, dstip, p->dp);
- } else {
- syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
- PRIu32 "] %s [Classification: %s] [Priority: %"PRIu32"]"
- " {PROTO:%03" PRIu32 "} %s:%" PRIu32 " -> %s:%" PRIu32 "",
- action, pa->s->gid, pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg,
- pa->s->prio, IPV4_GET_IPPROTO(p), srcip, p->sp, dstip, p->dp);
- }
+ syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
+ PRIu32 "] %s [Classification: %s] [Priority: %"PRIu32"]"
+ " {%s} %s:%" PRIu32 " -> %s:%" PRIu32 "", action, pa->s->gid,
+ pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg, pa->s->prio,
+ protoptr, srcip, p->sp, dstip, p->dp);
}
SCMutexUnlock(&ast->file_ctx->fp_mutex);
if (p->alerts.cnt == 0)
return TM_ECODE_OK;
+ char proto[16] = "";
+ char *protoptr;
+ if (SCProtoNameValid(IPV6_GET_L4PROTO(p))) {
+ protoptr = known_proto[IPV6_GET_L4PROTO(p)];
+ } else {
+ snprintf(proto, sizeof(proto), "PROTO:03%" PRIu32, IPV6_GET_L4PROTO(p));
+ protoptr = proto;
+ }
+
SCMutexLock(&ast->file_ctx->fp_mutex);
for (i = 0; i < p->alerts.cnt; i++) {
action = "[wDrop] ";
}
- if (SCProtoNameValid(IPV6_GET_L4PROTO(p)) == TRUE) {
- syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
- "" PRIu32 "] %s [Classification: %s] [Priority: %"
- "" PRIu32 "] {%s} %s:%" PRIu32 " -> %s:%" PRIu32 "",
- action, pa->s->gid, pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg,
- pa->s->prio, known_proto[IPV6_GET_L4PROTO(p)], srcip, p->sp,
- dstip, p->dp);
-
- } else {
- syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
- "" PRIu32 "] %s [Classification: %s] [Priority: %"
- "" PRIu32 "] {PROTO:%03" PRIu32 "} %s:%" PRIu32 " -> %s:%" PRIu32 "",
- action, pa->s->gid, pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg,
- pa->s->prio, IPV6_GET_L4PROTO(p), srcip, p->sp, dstip, p->dp);
- }
+ syslog(alert_syslog_level, "%s[%" PRIu32 ":%" PRIu32 ":%"
+ "" PRIu32 "] %s [Classification: %s] [Priority: %"
+ "" PRIu32 "] {%s} %s:%" PRIu32 " -> %s:%" PRIu32 "",
+ action, pa->s->gid, pa->s->id, pa->s->rev, pa->s->msg, pa->s->class_msg,
+ pa->s->prio, protoptr, srcip, p->sp,
+ dstip, p->dp);
}
SCMutexUnlock(&ast->file_ctx->fp_mutex);
projects / thirdparty / suricata.git / commitdiff
