]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d4215fc)
eve-log: swap ip/port pairs in dns answers
authorTom DeCanio <decanio.tom@gmail.com>
Wed, 23 Apr 2014 15:41:15 +0000 (08:41 -0700)
committerVictor Julien <victor@inliniac.net>
Tue, 6 May 2014 11:48:34 +0000 (13:48 +0200)
src/output-json-dns.c patch | blob | blame | history

diff --git a/src/output-json-dns.c b/src/output-json-dns.c
index d94ffcbe3fd8678032e59811b433fedb1e4bb859..e9e579009c6f037bf38c82429162f71bd23c08ea 100644 (file)
--- a/src/output-json-dns.c
+++ b/src/output-json-dns.c
@@ -217,16 +217,23 @@ static int JsonDnsLogger(ThreadVars *tv, void *thread_data, const Packet *p, Flo
 
     LogDnsLogThread *td = (LogDnsLogThread *)thread_data;
     DNSTransaction *tx = txptr;
-
-    json_t *js = CreateJSONHeader((Packet *)p, 1, "dns");//TODO const
-    if (unlikely(js == NULL))
-        return TM_ECODE_OK;
+    json_t *js;
 
     DNSQueryEntry *query = NULL;
     TAILQ_FOREACH(query, &tx->query_list, next) {
+        js = CreateJSONHeader((Packet *)p, 1, "dns");
+        if (unlikely(js == NULL))
+            return TM_ECODE_OK;
+
         LogQuery(td, js, tx, query);
+
+        json_decref(js);
     }
 
+    js = CreateJSONHeader((Packet *)p, 0, "dns");
+    if (unlikely(js == NULL))
+        return TM_ECODE_OK;
+
     LogAnswers(td, js, tx);
 
     json_decref(js);
Mirror of https://github.com/OISF/suricata.git