From dbb5992f432aafa89c7bef8567277d4e32b13a5e Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Fri, 19 Feb 2016 00:23:05 -0500
Subject: [PATCH] Disable the smb_cmd.log by default.

---
 scripts/base/protocols/smb/main.bro      | 4 ++++
 scripts/base/protocols/smb/smb1-main.bro | 2 +-
 scripts/base/protocols/smb/smb2-main.bro | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/base/protocols/smb/main.bro b/scripts/base/protocols/smb/main.bro
index 945a0ee01d..d13f9f9f64 100644
--- a/scripts/base/protocols/smb/main.bro
+++ b/scripts/base/protocols/smb/main.bro
@@ -130,6 +130,10 @@ export {
 		smb : Info &optional;
 	};
 
+	## Optionally write out the SMB commands log.  This is 
+	## primarily useful for debugging so is disabled by default.
+	const write_cmd_log = F &redef;
+
 	## This is an internally used function.
 	const set_current_file: function(smb: Info, file_id: count) &redef;
 
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index 8dc38806ed..78a203b0c3 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -64,7 +64,7 @@ event smb1_message(c: connection, hdr: SMB1::Header, is_orig: bool) &priority=-5
 		# so let's get rid of it.
 		delete c$smb$pending_cmds[hdr$mid];
 
-	if ( c?$smb )
+	if ( SMB::write_cmd_log && c?$smb )
 		Log::write(SMB::CMD_LOG, c$smb);
 	}
 
diff --git a/scripts/base/protocols/smb/smb2-main.bro b/scripts/base/protocols/smb/smb2-main.bro
index a5bff4a3dc..7380784192 100644
--- a/scripts/base/protocols/smb/smb2-main.bro
+++ b/scripts/base/protocols/smb/smb2-main.bro
@@ -64,7 +64,7 @@ event smb2_message(c: connection, hdr: SMB2::Header, is_orig: bool) &priority=-5
 		# so let's get rid of it.
 		delete c$smb$pending_cmds[hdr$message_id];
 
-	if ( c?$smb )
+	if ( SMB::write_cmd_log && c?$smb )
 		Log::write(SMB::CMD_LOG, c$smb);
 	}