Merge remote-tracking branch 'origin/topic/seth/fix-packetfilter-log'

* origin/topic/seth/fix-packetfilter-log:
  Hack to make sure that the starting BPF filter is logged on clusters.

scripts/base/frameworks/packet-filter/__load__.bro

@@ -1,3 +1,8 @@
 @load ./utils
 @load ./main
 @load ./netstats
+
+@load base/frameworks/cluster
+@if ( Cluster::is_enabled() )
+@load ./cluster
+@endif

scripts/base/frameworks/packet-filter/cluster.bro

@@ -0,0 +1,14 @@
+
+module PacketFilter;
+
+event remote_connection_handshake_done(p: event_peer) &priority=3
+	{
+	if ( Cluster::local_node_type() == Cluster::WORKER && 
+	     p$descr in Cluster::nodes && 
+	     Cluster::nodes[p$descr]$node_type == Cluster::MANAGER )
+		{
+		# This ensures that a packet filter is installed and logged
+		# after the manager connects to us.
+		install();
+		}
+	}

scripts/base/frameworks/packet-filter/main.bro

@@ -294,6 +294,7 @@ function install(): bool
 	# Do an audit log for the packet filter.
 	local info: Info;
 	info$ts = network_time();
+	info$node = peer_description;
 	# If network_time() is 0.0 we're at init time so use the wall clock.
 	if ( info$ts == 0.0 )
 		{