}
} else
#endif
- if ((PKT_IS_TOCLIENT(p))) {
- DNSTransaction *tx = NULL;
- for (; tx_id < total_txs; tx_id++)
- {
- tx = AppLayerGetTx(proto, dns_state, tx_id);
- if (tx == NULL)
- continue;
-
- DNSQueryEntry *query = NULL;
- TAILQ_FOREACH(query, &tx->query_list, next) {
- LogQuery(aft, timebuf, dstip, srcip, dp, sp, tx, query);
- }
- if (tx->no_such_name) {
- LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, NULL);
- }
+ DNSTransaction *tx = NULL;
+ for (; tx_id < total_txs; tx_id++)
+ {
+ tx = AppLayerGetTx(proto, dns_state, tx_id);
+ if (tx == NULL)
+ continue;
- DNSAnswerEntry *entry = NULL;
- TAILQ_FOREACH(entry, &tx->answer_list, next) {
- LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, entry);
- }
+ /* only consider toserver logging if tx has reply lost set */
+ if (PKT_IS_TOSERVER(p) && tx->reply_lost == 0)
+ continue;
- entry = NULL;
- TAILQ_FOREACH(entry, &tx->authority_list, next) {
- LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, entry);
- }
+ DNSQueryEntry *query = NULL;
+ TAILQ_FOREACH(query, &tx->query_list, next) {
+ LogQuery(aft, timebuf, dstip, srcip, dp, sp, tx, query);
+ }
+
+ if (tx->no_such_name) {
+ LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, NULL);
+ }
- SCLogDebug("calling AppLayerTransactionUpdateLoggedId");
- AppLayerTransactionUpdateLogId(p->flow);
+ DNSAnswerEntry *entry = NULL;
+ TAILQ_FOREACH(entry, &tx->answer_list, next) {
+ LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, entry);
}
+
+ entry = NULL;
+ TAILQ_FOREACH(entry, &tx->authority_list, next) {
+ LogAnswer(aft, timebuf, srcip, dstip, sp, dp, tx, entry);
+ }
+
+ SCLogDebug("calling AppLayerTransactionUpdateLoggedId");
+ AppLayerTransactionUpdateLogId(p->flow);
}
end:
projects / thirdparty / suricata.git / commitdiff
