return js;
}
-fn nfs_common_header(tx: &NFSTransaction) -> Json
+fn nfs_common_header(state: &NFSState, tx: &NFSTransaction) -> Json
{
let js = Json::object();
+ js.set_integer("version", state.nfs_version as u64);
js.set_string("procedure", &nfs3_procedure_string(tx.procedure));
let file_name = String::from_utf8_lossy(&tx.file_name);
js.set_string("filename", &file_name);
}
#[no_mangle]
-pub extern "C" fn rs_nfs_log_json_request(tx: &mut NFSTransaction) -> *mut JsonT
+pub extern "C" fn rs_nfs_log_json_request(state: &mut NFSState, tx: &mut NFSTransaction) -> *mut JsonT
{
- let js = nfs_common_header(tx);
+ let js = nfs_common_header(state, tx);
js.set_string("type", "request");
return js.unwrap();
}
#[no_mangle]
-pub extern "C" fn rs_nfs_log_json_response(tx: &mut NFSTransaction) -> *mut JsonT
+pub extern "C" fn rs_nfs_log_json_response(state: &mut NFSState, tx: &mut NFSTransaction) -> *mut JsonT
{
- let js = nfs_common_header(tx);
+ let js = nfs_common_header(state, tx);
js.set_string("type", "response");
js.set_string("status", &nfs3_status_string(tx.nfs_response_status));
is_udp: bool,
+ pub nfs_version: u16,
+
/// tx counter for assigning incrementing id's to tx's
tx_id: u64,
ts_gap:false,
tc_gap:false,
is_udp:false,
+ nfs_version:0,
tx_id:0,
de_state_count:0,
//ts_txs_updated:false,
let mut xidmap = NFSRequestXidMap::new(r.progver, r.procedure, 0);
let mut aux_file_name = Vec::new();
+ if self.nfs_version == 0 {
+ self.nfs_version = r.progver as u16;
+ }
+
if r.procedure == NFSPROC3_LOOKUP {
self.process_request_record_lookup(r, &mut xidmap);
},
}
+ if self.nfs_version == 0 {
+ self.nfs_version = xidmap.progver as u16;
+ }
+
match xidmap.progver {
3 => {
SCLogDebug!("NFSv3 reply record");
}
json_object_set_new(js, "rpc", rpcjs);
- nfsjs = rs_nfs_log_json_response(tx);
+ nfsjs = rs_nfs_log_json_response(state, tx);
if (unlikely(nfsjs == NULL)) {
goto error;
}
projects / thirdparty / suricata.git / commitdiff
