From e8dae2e0938b8d657083c54d2bf574e8130b2c52 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Fri, 16 Jun 2017 20:35:33 +0200 Subject: [PATCH] nfs: add to fileinfo events --- rust/src/nfs/nfs.rs | 2 +- src/output-json-file.c | 11 +++++++++++ src/output-json-nfs.c | 26 ++++++++++++++++++++++++++ src/output-json-nfs.h | 5 ++++- 4 files changed, 42 insertions(+), 2 deletions(-) diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs index 0be7acdcdb..650f2324a2 100644 --- a/rust/src/nfs/nfs.rs +++ b/rust/src/nfs/nfs.rs @@ -721,7 +721,7 @@ impl NFSState { tx.type_data = Some(NFSTransactionTypeData::FILE(NFSTransactionFile::new())); match tx.type_data { Some(NFSTransactionTypeData::FILE(ref mut d)) => { - d.file_tracker.tx_id = tx.id; + d.file_tracker.tx_id = tx.id - 1; }, _ => { }, } diff --git a/src/output-json-file.c b/src/output-json-file.c index 842a3d208e..0b7fbaa983 100644 --- a/src/output-json-file.c +++ b/src/output-json-file.c @@ -60,6 +60,7 @@ #include "output-json-http.h" #include "output-json-smtp.h" #include "output-json-email-common.h" +#include "output-json-nfs.h" #include "app-layer-htp.h" #include "util-memcmp.h" @@ -105,6 +106,16 @@ static void FileWriteJsonRecord(JsonFileLogThread *aft, const Packet *p, const F if (hjs) json_object_set_new(js, "email", hjs); break; +#ifdef HAVE_RUST + case ALPROTO_NFS: + hjs = JsonNFSAddMetadataRPC(p->flow, ff->txid); + if (hjs) + json_object_set_new(js, "rpc", hjs); + hjs = JsonNFSAddMetadata(p->flow, ff->txid); + if (hjs) + json_object_set_new(js, "nfs", hjs); + break; +#endif } json_object_set_new(js, "app_proto", diff --git a/src/output-json-nfs.c b/src/output-json-nfs.c index 070c279d59..2515605964 100644 --- a/src/output-json-nfs.c +++ b/src/output-json-nfs.c @@ -62,6 +62,32 @@ typedef struct LogNFSLogThread_ { MemBuffer *buffer; } LogNFSLogThread; +json_t *JsonNFSAddMetadataRPC(const Flow *f, uint64_t tx_id) +{ + NFSState *state = FlowGetAppState(f); + if (state) { + NFSTransaction *tx = AppLayerParserGetTx(f->proto, ALPROTO_NFS, state, tx_id); + if (tx) { + return rs_rpc_log_json_response(tx); + } + } + + return NULL; +} + +json_t *JsonNFSAddMetadata(const Flow *f, uint64_t tx_id) +{ + NFSState *state = FlowGetAppState(f); + if (state) { + NFSTransaction *tx = AppLayerParserGetTx(f->proto, ALPROTO_NFS, state, tx_id); + if (tx) { + return rs_nfs_log_json_response(state, tx); + } + } + + return NULL; +} + static int JsonNFSLogger(ThreadVars *tv, void *thread_data, const Packet *p, Flow *f, void *state, void *tx, uint64_t tx_id) { diff --git a/src/output-json-nfs.h b/src/output-json-nfs.h index 93e17510c5..a70a510d56 100644 --- a/src/output-json-nfs.h +++ b/src/output-json-nfs.h @@ -25,5 +25,8 @@ #define __OUTPUT_JSON_NFS_H__ void JsonNFSLogRegister(void); - +#ifdef HAVE_RUST +json_t *JsonNFSAddMetadataRPC(const Flow *f, uint64_t tx_id); +json_t *JsonNFSAddMetadata(const Flow *f, uint64_t tx_id); +#endif /* HAVE_RUST */ #endif /* __OUTPUT_JSON_NFS_H__ */ -- 2.47.2