json: somewhere along the way IP/port pairs had gotten swapped in

http and ssh eve logs

diff --git a/src/output-json-ssh.c b/src/output-json-ssh.c
index 80a81c97feb5845e9195779c8d0995886fae96a0..14cc7231e6a4ebe4568d6f2bcb46ff00b121c30e 100644 (file)
--- a/src/output-json-ssh.c
+++ b/src/output-json-ssh.c
@@ -88,7 +88,7 @@ static int JsonSshLogger(ThreadVars *tv, void *thread_data, const Packet *p) {
     if (ssh_state->cli_hdr.software_version == NULL || ssh_state->srv_hdr.software_version == NULL)
         goto end;
 
-    json_t *js = CreateJSONHeader((Packet *)p, 0, "ssh");//TODO
+    json_t *js = CreateJSONHeader((Packet *)p, 1, "ssh");//TODO
     if (unlikely(js == NULL))
         goto end;
 

diff --git a/src/output-json.c b/src/output-json.c
index 7c357cebbaad81b7a72f4ffb79831f3db3108c53..b369d032622c17ed04195bb31e7859b802d559ee 100644 (file)
--- a/src/output-json.c
+++ b/src/output-json.c
@@ -163,7 +163,7 @@ json_t *CreateJSONHeader(Packet *p, int direction_sensitive, char *event_type)
     srcip[0] = '\0';
     dstip[0] = '\0';
     if (direction_sensitive) {
-        if ((PKT_IS_TOCLIENT(p))) {
+        if ((PKT_IS_TOSERVER(p))) {
             if (PKT_IS_IPV4(p)) {
                 PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip));
                 PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip));