make logging framework send the protocol to the writer.

for use in future writers, that have a special type for port, which includes the protocol.

src/LogMgr.cc

@@ -118,6 +118,10 @@ LogVal::~LogVal()
 
 		delete [] val.vector_val.vals;
 		}
+
+//	if ( type == TYPE_PORT && present )
+//		delete val.port_val.proto;
+
 	}
 
 bool LogVal::IsCompatibleType(BroType* t, bool atomic_only)
@@ -190,9 +194,12 @@ bool LogVal::Read(SerializationFormat* fmt)
 
 	case TYPE_COUNT:
 	case TYPE_COUNTER:
-	case TYPE_PORT:
 		return fmt->Read(&val.uint_val, "uint");
 
+	case TYPE_PORT:
+		val.port_val.proto = new string;
+		return fmt->Read(&val.port_val.port, "port") && fmt->Read(val.port_val.proto, "proto");
+
 	case TYPE_SUBNET:
 		{
 		uint32 net[4];
@@ -305,9 +312,11 @@ bool LogVal::Write(SerializationFormat* fmt) const
 
 	case TYPE_COUNT:
 	case TYPE_COUNTER:
-	case TYPE_PORT:
 		return fmt->Write(val.uint_val, "uint");
 
+	case TYPE_PORT:
+		return fmt->Write(val.port_val.port, "port") && fmt->Write(*val.port_val.proto, "proto");
+
 	case TYPE_SUBNET:
 		{
 		uint32 net[4];
@@ -1066,6 +1075,22 @@ bool LogMgr::Write(EnumVal* id, RecordVal* columns)
 	return true;
 	}
 
+string LogMgr::TransportProtoToString(TransportProto p) {
+	switch ( p ) {
+		case TRANSPORT_UNKNOWN:
+		       return "unknown";
+		case TRANSPORT_TCP:
+			return "tcp";
+		case TRANSPORT_UDP:
+			return "udp";
+		case TRANSPORT_ICMP:
+			return "icmp";
+	}
+
+	assert(false);
+	return "";
+}
+
 LogVal* LogMgr::ValToLogVal(Val* val, BroType* ty)
 	{
 	if ( ! ty )
@@ -1097,7 +1122,8 @@ LogVal* LogMgr::ValToLogVal(Val* val, BroType* ty)
 		break;
 
 	case TYPE_PORT:
-		lval->val.uint_val = val->AsPortVal()->Port();
+		lval->val.port_val.port = val->AsPortVal()->Port();
+		lval->val.port_val.proto = new string(TransportProtoToString(val->AsPortVal()->PortType()));
 		break;
 
 	case TYPE_SUBNET: