device_info, MAX_USER_AGENT_DEVICES) )
{
logger.log(RNA_EVENT_NEW, NEW_OS, p, &rt, (const struct in6_addr*)ip->get_ip6_ptr(),
- src_mac, (FpFingerprint*)uafp, packet_time());
+ src_mac, (FpFingerprint*)uafp, packet_time(), device_info, jail_broken);
}
}
void RnaLogger::log(uint16_t type, uint16_t subtype, const Packet* p, RnaTracker* ht,
const struct in6_addr* src_ip, const uint8_t* src_mac, const FpFingerprint* fp,
- uint32_t event_time)
+ uint32_t event_time, const char* device_info, bool jail_broken)
{
- log(type, subtype, src_ip, src_mac, ht, p, event_time, 0,
- nullptr, nullptr, fp);
+ log(type, subtype, src_ip, src_mac, ht, p, event_time, 0, nullptr, nullptr,
+ fp, nullptr, nullptr, nullptr, APP_ID_NONE, device_info, jail_broken);
}
void RnaLogger::log(uint16_t type, uint16_t subtype, const Packet* p, RnaTracker* ht,
const uint8_t* src_mac, RnaTracker* ht, const Packet* p, uint32_t event_time,
uint16_t proto, const HostMac* hm, const HostApplication* ha,
const FpFingerprint* fp, void* cond_var, const HostClient* hc,
- const char* user, AppId appid)
+ const char* user, AppId appid, const char* di, bool jb)
{
if ( !enabled )
return false;
assert(ht);
- RnaLoggerEvent rle(type, subtype, src_mac, ht, hm, proto, cond_var, ha, fp, hc, user, appid);
+ RnaLoggerEvent rle(type, subtype, src_mac, ht, hm, proto, cond_var,
+ ha, fp, hc, user, appid, di, jb);
if ( src_ip and (!IN6_IS_ADDR_V4MAPPED(src_ip) or src_ip->s6_addr32[3]) )
rle.ip = src_ip;
else
RnaLoggerEvent (uint16_t t, uint16_t st, const uint8_t* mc, const RnaTracker* rt,
const snort::HostMac* hmp, uint16_t pr, void* cv, const snort::HostApplication* hap,
const snort::FpFingerprint* fpr, const snort::HostClient* hcp, const char* u,
- int32_t app) : type(t), subtype(st), mac(mc), ht(rt), hm(hmp),
- proto(pr), cond_var(cv), ha(hap), fp(fpr), hc(hcp), user(u), appid(app) { }
+ int32_t app, const char* di, bool jb) : type(t), subtype(st), mac(mc), ht(rt), hm(hmp),
+ proto(pr), cond_var(cv), ha(hap), fp(fpr), hc(hcp), user(u), appid(app),
+ device_info(di), jail_broken(jb) { }
uint32_t event_time = 0;
uint16_t type;
const snort::HostClient* hc;
const char* user;
AppId appid;
+ const char* device_info;
+ bool jail_broken;
};
class RnaLogger
// for fingerprint
void log(uint16_t type, uint16_t subtype, const snort::Packet* p, RnaTracker* ht,
const struct in6_addr* src_ip, const uint8_t* src_mac, const snort::FpFingerprint* fp,
- uint32_t event_time);
+ uint32_t event_time, const char* device_info = nullptr, bool jail_broken = false);
// for event time
void log(uint16_t type, uint16_t subtype, const snort::Packet* p, RnaTracker* ht,
uint32_t event_time = 0, uint16_t proto = 0, const snort::HostMac* hm = nullptr,
const snort::HostApplication* ha = nullptr, const snort::FpFingerprint* fp = nullptr,
void* cond_var = nullptr, const snort::HostClient* hc = nullptr,
- const char* user = nullptr, AppId appid = APP_ID_NONE);
+ const char* user = nullptr, AppId appid = APP_ID_NONE, const char* device_info = nullptr,
+ bool jail_broken = false);
private:
const bool enabled;
projects / thirdparty / snort3.git / commitdiff
