flow: track bytes per direction

Track bytes in both flow directions for logging purposes.

diff --git a/src/alert-debuglog.c b/src/alert-debuglog.c
index bfe9b493a28b7df9aa751211966d82825f265e3d..944aa7a76ddb1900753d1279516d9824c65eac07 100644 (file)
--- a/src/alert-debuglog.c
+++ b/src/alert-debuglog.c
@@ -221,7 +221,7 @@ static TmEcode AlertDebugLogger(ThreadVars *tv, const Packet *p, void *thread_da
                              "FLOW PKTS TOSRC:   %"PRIu32"\n"
                              "FLOW Total Bytes:  %"PRIu64"\n",
                              p->flow->todstpktcnt, p->flow->tosrcpktcnt,
-                             p->flow->bytecnt);
+                             p->flow->todstbytecnt + p->flow->tosrcbytecnt);
 #endif
         MemBufferWriteString(aft->buffer,
                              "FLOW IPONLY SET:   TOSERVER: %s, TOCLIENT: %s\n"

diff --git a/src/flow-util.h b/src/flow-util.h
index 3ed8c2f6d5cede1cc7a417ff9ef77c331351e2ed..cdffba38cadbac448f265e4271ac014d8cf04160 100644 (file)
--- a/src/flow-util.h
+++ b/src/flow-util.h
@@ -33,7 +33,8 @@
 #define RESET_COUNTERS(f) do { \
         (f)->todstpktcnt = 0; \
         (f)->tosrcpktcnt = 0; \
-        (f)->bytecnt = 0; \
+        (f)->todstbytecnt = 0; \
+        (f)->tosrcbytecnt = 0; \
     } while (0)
 #else
 #define RESET_COUNTERS(f)

diff --git a/src/flow.c b/src/flow.c
index b18697bd1b0b440105aeaa91deec427be3aff34d..bcdad8285ab2123204fab51192836bc11ad98fdf 100644 (file)
--- a/src/flow.c
+++ b/src/flow.c
@@ -256,6 +256,7 @@ void FlowHandlePacket(ThreadVars *tv, Packet *p)
         }
 #ifdef DEBUG
         f->todstpktcnt++;
+        f->todstbytecnt += GET_PKT_LEN(p);
 #endif
         p->flowflags |= FLOW_PKT_TOSERVER;
     } else {
@@ -264,11 +265,11 @@ void FlowHandlePacket(ThreadVars *tv, Packet *p)
         }
 #ifdef DEBUG
         f->tosrcpktcnt++;
+        f->tosrcbytecnt += GET_PKT_LEN(p);
 #endif
         p->flowflags |= FLOW_PKT_TOCLIENT;
     }
 #ifdef DEBUG
-    f->bytecnt += GET_PKT_LEN(p);
 #endif
 
     if ((f->flags & FLOW_TO_DST_SEEN) && (f->flags & FLOW_TO_SRC_SEEN)) {

diff --git a/src/flow.h b/src/flow.h
index 6ede7c6b2a57a84cc5421b3a3f967f733f2d257b..ada1f993e0e9f47cf267102d7fc679421c603481 100644 (file)
--- a/src/flow.h
+++ b/src/flow.h
@@ -380,7 +380,8 @@ typedef struct Flow_
 #ifdef DEBUG
     uint32_t todstpktcnt;
     uint32_t tosrcpktcnt;
-    uint64_t bytecnt;
+    uint64_t todstbytecnt;
+    uint64_t tosrcbytecnt;
 #endif
 } Flow;
 

diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 1ebfcfd3826ae517be7e2885558d428527f449e5..db3ba7a7858aa643b33db3e0d4f7d238e0cf42f8 100644 (file)
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -193,8 +193,10 @@ static void JsonFlowLogJSON(JsonFlowLogThread *aft, json_t *js, Flow *f)
             json_integer(f->todstpktcnt));
     json_object_set_new(hjs, "pkts_toclient",
             json_integer(f->tosrcpktcnt));
-    json_object_set_new(hjs, "bytes",
-            json_integer(f->bytecnt));
+    json_object_set_new(hjs, "bytes_toserver",
+            json_integer(f->todstbytecnt));
+    json_object_set_new(hjs, "bytes_toclient",
+            json_integer(f->tosrcbytecnt));
 
 
 #endif