aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

flow log: log TCP state

Browse Source 
Log the TCP state at timeout.
pull/1058/head
Victor Julien 11 years ago
parent 8c231702d9
commit e6ed6731b1
1 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File

43
src/output-json-flow.c
Unescape Escape View File

@ -236,6 +236,49 @@ static void JsonFlowLogJSON(JsonFlowLogThread *aft, json_t *js, Flow *f)
JsonTcpFlags(ssn ? ssn->tcp_packet_flags : 0, tjs);
if (ssn) {
char *state = NULL;
switch (ssn->state) {
case TCP_NONE:
state = "none";
break;
case TCP_LISTEN:
state = "listen";
break;
case TCP_SYN_SENT:
state = "syn_sent";
break;
case TCP_SYN_RECV:
state = "syn_recv";
break;
case TCP_ESTABLISHED:
state = "established";
break;
case TCP_FIN_WAIT1:
state = "fin_wait1";
break;
case TCP_FIN_WAIT2:
state = "fin_wait2";
break;
case TCP_TIME_WAIT:
state = "time_wait";
break;
case TCP_LAST_ACK:
state = "last_ack";
break;
case TCP_CLOSE_WAIT:
state = "close_wait";
break;
case TCP_CLOSING:
state = "closing";
break;
case TCP_CLOSED:
state = "closed";
break;
}
json_object_set_new(tjs, "state", json_string(state));
}
json_object_set_new(js, "tcp", tjs);
}
}

Write Preview
Loading…
Cancel
Save