From: Victor Julien Date: Fri, 22 Mar 2024 10:19:47 +0000 (+0100) Subject: alert/syslog: stringify addresses outside alert loop X-Git-Tag: suricata-8.0.0-beta1~1499 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ad1a6b21be7ffc1c406934858e6cb6f7f6dc613;p=thirdparty%2Fsuricata.git alert/syslog: stringify addresses outside alert loop --- diff --git a/src/alert-syslog.c b/src/alert-syslog.c index e8178f3232..6b06feccea 100644 --- a/src/alert-syslog.c +++ b/src/alert-syslog.c @@ -211,16 +211,16 @@ static TmEcode AlertSyslogIPv4(ThreadVars *tv, const Packet *p, void *data) protoptr = proto; } + char srcip[16], dstip[16]; + PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip)); + PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip)); + for (int i = 0; i < p->alerts.cnt; i++) { const PacketAlert *pa = &p->alerts.alerts[i]; if (unlikely(pa->s == NULL)) { continue; } - char srcip[16], dstip[16]; - PrintInet(AF_INET, (const void *)GET_IPV4_SRC_ADDR_PTR(p), srcip, sizeof(srcip)); - PrintInet(AF_INET, (const void *)GET_IPV4_DST_ADDR_PTR(p), dstip, sizeof(dstip)); - if ((pa->action & ACTION_DROP) && EngineModeIsIPS()) { action = "[Drop] "; } else if (pa->action & ACTION_DROP) { @@ -266,16 +266,16 @@ static TmEcode AlertSyslogIPv6(ThreadVars *tv, const Packet *p, void *data) protoptr = proto; } + char srcip[46], dstip[46]; + PrintInet(AF_INET6, (const void *)GET_IPV6_SRC_ADDR(p), srcip, sizeof(srcip)); + PrintInet(AF_INET6, (const void *)GET_IPV6_DST_ADDR(p), dstip, sizeof(dstip)); + for (int i = 0; i < p->alerts.cnt; i++) { const PacketAlert *pa = &p->alerts.alerts[i]; if (unlikely(pa->s == NULL)) { continue; } - char srcip[46], dstip[46]; - PrintInet(AF_INET6, (const void *)GET_IPV6_SRC_ADDR(p), srcip, sizeof(srcip)); - PrintInet(AF_INET6, (const void *)GET_IPV6_DST_ADDR(p), dstip, sizeof(dstip)); - if ((pa->action & ACTION_DROP) && EngineModeIsIPS()) { action = "[Drop] "; } else if (pa->action & ACTION_DROP) {