Adding missing script file.

2025-10-05 16:18:19 +00:00 · 2016-05-30 10:58:19 -07:00 · 2016-05-30 10:58:19 -07:00 · a2423f7d43
commit a2423f7d43
parent 57aef6d49f
3 changed files with 28 additions and 1 deletions
--- a/4
+++ b/4
@ -1,4 +1,8 @@

+2.4-581 | 2016-05-30 10:58:19 -0700
+
+  * Adding missing new script file mac-logging.bro. (Robin Sommer)
+
 2.4-580 | 2016-05-29 13:41:10 -0700

  * Add Ethernet MAC addresses to connection record. c$eth_src and
--- a/2
+++ b/2
@ -1 +1 @@
-2.4-580
+2.4-581
--- a/scripts/policy/protocols/conn/mac-logging.bro
+++ b/scripts/policy/protocols/conn/mac-logging.bro
@ -0,0 +1,23 @@
+##! This script adds MAC address information to the connection logs.
+
+@load base/protocols/conn
+
+module Conn;
+
+redef record Info += {
+	## The Ethernet MAC source address for this connection, if applicable.
+	eth_src: string &log &optional;
+
+	## The Ethernet MAC destination address for this connection, if applicable.
+	eth_dst: string &log &optional;
+};
+
+event connection_state_remove(c: connection)
+	{
+	if ( c?$eth_src )
+		c$conn$eth_src = c$eth_src;
+	
+	if ( c?$eth_dst )
+		c$conn$eth_dst = c$eth_dst;
+	}
+
 @ -1 +1 @@
 .4-580
 .4-581