mirror of
https://github.com/zeek/zeek.git
synced 2025-10-14 04:28:20 +00:00
056b70bd2d
* origin/topic/awelzel/community-id-new-connection:
policy/community-id: Populate conn$community_id in new_connection()
(cherry picked from commit d3579c1f34)
31 lines
822 B
Text
31 lines
822 B
Text
# Source this script to add Community ID to notices.
|
|
# This script will automatically load the main community-id script.
|
|
|
|
@load base/protocols/conn
|
|
@load base/frameworks/notice
|
|
@load policy/protocols/conn/community-id-logging
|
|
|
|
module CommunityID::Notice;
|
|
|
|
export {
|
|
# Turn notice support on/off at runtime. When disabled,
|
|
# this still leaves the `community_id` string in the notice
|
|
# log, just unset.
|
|
option enabled: bool = T;
|
|
|
|
redef record Notice::Info += {
|
|
community_id: string &optional &log;
|
|
};
|
|
}
|
|
|
|
hook Notice::notice(n: Notice::Info)
|
|
{
|
|
if ( CommunityID::Notice::enabled && n?$conn && n$conn?$conn )
|
|
{
|
|
local info = n$conn$conn;
|
|
# This is set during new_connection(), so it should
|
|
# always be there, but better safe than sorry.
|
|
if ( info?$community_id )
|
|
n$community_id = info$community_id;
|
|
}
|
|
}
|