Merge branch 'topic/bernhard/log-send-proto' into topic/bernhard/log-threads

Send protocol type to log writers - the ascii writer simply ignores this, but the input reader needs support for this. Conflicts: src/LogMgr.h src/logging/Manager.cc
2025-10-06 08:38:20 +00:00 · 2012-02-06 11:08:32 -08:00 · 2012-02-06 11:08:32 -08:00 · 115e6a18b4
commit 115e6a18b4
parent 23b2c95644 4b3cc95f72
4 changed files with 37 additions and 4 deletions
--- a/src/logging/Manager.cc
+++ b/src/logging/Manager.cc
@ -850,7 +850,8 @@ threading::Value* Manager::ValToLogVal(Val* val, BroType* ty)
 		break;

 	case TYPE_PORT:
-		lval->val.uint_val = val->AsPortVal()->Port();
+		lval->val.port_val.port = val->AsPortVal()->Port();
+		lval->val.port_val.proto = val->AsPortVal()->PortType();
 		break;

 	case TYPE_SUBNET:
--- a/src/logging/writers/Ascii.cc
+++ b/src/logging/writers/Ascii.cc
@ -169,10 +169,13 @@ bool Ascii::DoWriteOne(ODesc* desc, Value* val, const Field* field)

 	case TYPE_COUNT:
 	case TYPE_COUNTER:
-	case TYPE_PORT:
 		desc->Add(val->val.uint_val);
 		break;

+	case TYPE_PORT:
+		desc->Add(val->val.port_val.port);
+		break;
+
 	case TYPE_SUBNET:
 		desc->Add(dotted_addr(val->val.subnet_val.net));
 		desc->Add("/");
--- a/src/threading/SerializationTypes.cc
+++ b/src/threading/SerializationTypes.cc
@ -117,9 +117,34 @@ bool Value::Read(SerializationFormat* fmt)

 	case TYPE_COUNT:
 	case TYPE_COUNTER:
-	case TYPE_PORT:
 		return fmt->Read(&val.uint_val, "uint");

+	case TYPE_PORT: {
+		int proto;
+		if ( ! (fmt->Read(&val.port_val.port, "port") && fmt->Read(&proto, "proto") ) ) {
+			return false;
+		}
+		
+		switch (proto) {
+			case 0:
+				val.port_val.proto = TRANSPORT_UNKNOWN;
+				break;
+			case 1:
+				val.port_val.proto = TRANSPORT_TCP;
+				break;
+			case 2:
+				val.port_val.proto = TRANSPORT_UDP;
+				break;
+			case 3:
+				val.port_val.proto = TRANSPORT_ICMP;
+				break;
+			default:
+				return false;
+		}
+		return true;
+		}
+
+
 	case TYPE_SUBNET:
 		{
 		uint32 net[4];
@ -232,9 +257,11 @@ bool Value::Write(SerializationFormat* fmt) const

 	case TYPE_COUNT:
 	case TYPE_COUNTER:
-	case TYPE_PORT:
 		return fmt->Write(val.uint_val, "uint");

+	case TYPE_PORT:
+		return fmt->Write(val.port_val.port, "port") && fmt->Write(val.port_val.proto, "proto");	
+
 	case TYPE_SUBNET:
 		{
 		uint32 net[4];
--- a/src/threading/SerializationTypes.h
+++ b/src/threading/SerializationTypes.h
@ -60,6 +60,7 @@ struct Value {

 	struct set_t { bro_int_t size; Value** vals; };
 	typedef set_t vec_t;
+	struct port_t { bro_uint_t port; TransportProto proto; };

 	/**
 	 * This union is a subset of BroValUnion, including only the types we
@ -68,6 +69,7 @@ struct Value {
 	union _val {
 		bro_int_t int_val;
 		bro_uint_t uint_val;
+		port_t port_val;
 		uint32 addr_val[NUM_ADDR_WORDS];
 		subnet_type subnet_val;
 		double double_val;