From: Mark Janssen <mark@praseodym.net>
Date: Thu, 24 Jan 2019 21:04:51 +0000 (+0100)
Subject: eve/flow: add in_iface field
X-Git-Tag: suricata-5.0.0-beta1~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0cc3c2cc6c4743600101e8fe74005515737757c7;p=thirdparty%2Fsuricata.git

eve/flow: add in_iface field

Fixes #2057
---

diff --git a/src/flow.h b/src/flow.h
index aac932bf79..56216cb4f3 100644
--- a/src/flow.h
+++ b/src/flow.h
@@ -27,6 +27,7 @@
 #include "decode.h"
 #include "util-var.h"
 #include "util-atomic.h"
+#include "util-device.h"
 #include "detect-tag.h"
 #include "util-optimize.h"
 
diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 04e05a1c47..09f2a7ccee 100644
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -118,6 +118,12 @@ static json_t *CreateJSONHeaderFromFlow(const Flow *f, const char *event_type)
     if (sensor_id >= 0)
         json_object_set_new(js, "sensor_id", json_integer(sensor_id));
 #endif
+
+    /* input interface */
+    if (f->livedev) {
+        json_object_set_new(js, "in_iface", json_string(f->livedev->dev));
+    }
+
     if (event_type) {
         json_object_set_new(js, "event_type", json_string(event_type));
     }
diff --git a/src/output-json-netflow.c b/src/output-json-netflow.c
index e00029943f..570cc11e3c 100644
--- a/src/output-json-netflow.c
+++ b/src/output-json-netflow.c
@@ -126,6 +126,12 @@ static json_t *CreateJSONHeaderFromFlow(const Flow *f, const char *event_type, i
     if (sensor_id >= 0)
         json_object_set_new(js, "sensor_id", json_integer(sensor_id));
 #endif
+
+    /* input interface */
+    if (f->livedev) {
+        json_object_set_new(js, "in_iface", json_string(f->livedev->dev));
+    }
+
     if (event_type) {
         json_object_set_new(js, "event_type", json_string(event_type));
     }