Restore/rename field in SMB2::Fscontrol record type

b41a4bf06d removed a field from this record
because it had a duplicate name as another field. The field does need to
exist, but it needs the correct name.

scripts/base/init-bare.zeek

@@ -3594,8 +3594,10 @@ export {
 	type SMB2::Fscontrol: record {
 		## minimum amount of free disk space required to begin document filtering
 		free_space_start_filtering : int;
-		## minimum amount of free disk space required to continue document filtering
+		## minimum amount of free disk space required to continue filtering documents and merging word lists
 		free_space_threshold       : int;
+		## minimum amount of free disk space required to continue content filtering
+		free_space_stop_filtering  : int;
 		## default per-user disk quota
 		delete_quota_threshold     : count;
 		## default per-user disk limit

testing/btest/Baseline/scripts.base.protocols.smb.smb2-fscontrol/out

@@ -0,0 +1,3 @@
+[credit_charge=0, status=0, command=17, credits=2, flags=255, message_id=576460756581679103, process_id=213, tree_id=0, session_id=11555726885438752000, signature=\x01\x05\x05\x02\xa0`0^\xa000.\x06\x09*\x86]
+[persistent=6859950276847483450, volatile=7016448126591398502]
+[free_space_start_filtering=1869373806, free_space_threshold=1601467760, free_space_stop_filtering=1933860724, delete_quota_threshold=7308895133777551220, default_quota_limit=100, fs_control_flags=4278190080]

testing/btest/scripts/base/protocols/smb/smb2-fscontrol.test

@@ -0,0 +1,11 @@
+# @TEST-EXEC: zeek -r $TRACES/smb/smb2_fscontrol.pcap %INPUT > out
+# @TEST-EXEC: btest-diff out
+
+@load base/protocols/smb
+
+event smb2_file_fscontrol(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, fs_control: SMB2::Fscontrol)
+    {
+    print hdr;
+    print file_id;
+    print fs_control;
+    }