From: Russ Combs (rucombs) Date: Thu, 17 Nov 2016 00:51:21 +0000 (-0500) Subject: Merge pull request #705 in SNORT/snort3 from sdf_out_mask to master X-Git-Tag: 3.0.0-233~188 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de70ac743458b1825e923237cb680edb8bbf027f;p=thirdparty%2Fsnort3.git Merge pull request #705 in SNORT/snort3 from sdf_out_mask to master Squashed commit of the following: commit 969cf8b3badde3bd15c7c58613fff279a76bb690 Author: Bhagya Tholpady Date: Mon Nov 14 12:14:59 2016 -0500 sdf changes --- diff --git a/src/log/log_text.cc b/src/log/log_text.cc index 631f8f992..6e8c2cc96 100644 --- a/src/log/log_text.cc +++ b/src/log/log_text.cc @@ -1502,7 +1502,7 @@ void LogPayload(TextLog* log, Packet* p) std::string buf(p->data, p->data + p->dsize); for ( const auto& b : *p->obfuscator ) - buf.replace(b.offset, b.length, b.length, '.'); + buf.replace(b.offset, b.length, b.length, p->obfuscator->get_mask_char()); LogNetData(log, (const uint8_t*)buf.c_str(), p->dsize, p); } diff --git a/src/log/obfuscator.h b/src/log/obfuscator.h index 67a67abdf..aa2be6e83 100644 --- a/src/log/obfuscator.h +++ b/src/log/obfuscator.h @@ -65,9 +65,13 @@ public: bool first(ObfuscatorBlock &b); bool next(ObfuscatorBlock &b); + const char get_mask_char() + { return mask_char; } + private: ObSet blocks; iterator it; + const char mask_char = 'X'; }; #endif diff --git a/src/loggers/unified2.cc b/src/loggers/unified2.cc index ed2a16908..5b137c44a 100644 --- a/src/loggers/unified2.cc +++ b/src/loggers/unified2.cc @@ -555,7 +555,7 @@ static void _Unified2LogPacketAlert( off = 0; for ( const auto& b : *p->obfuscator ) - memset(&start[ off + b.offset ], '.', b.length); + memset(&start[ off + b.offset ], p->obfuscator->get_mask_char(), b.length); } }