SSADetector: Added pkt entry structure

hynekkar · hynekkar · commit 1eb931abbe2d · 2023-03-15T10:24:46.000+01:00
diff --git a/process/ssadetector.cpp b/process/ssadetector.cpp
@@ -100,6 +100,24 @@ int SSADetectorPlugin::post_update(Flow &rec, const Packet &pkt)
 
 void SSADetectorPlugin::pre_export(Flow &rec)
 {
+//--------------------RecordExtSSADetector::pkt_entry-------------------------------
+void RecordExtSSADetector::pkt_entry::reset() 
+{
+      ts_dir1.tv_sec = 0;
+      ts_dir1.tv_usec = 0;
+      ts_dir2.tv_sec = 0;
+      ts_dir2.tv_usec = 0;
+}
+
+timeval& RecordExtSSADetector::pkt_entry::get_time(dir_t dir)
+{
+   return (dir == 1)? ts_dir1 : ts_dir2;
+}
+
+RecordExtSSADetector::pkt_entry::pkt_entry()
+{
+   reset();
+}
 }
 
 }
diff --git a/process/ssadetector.hpp b/process/ssadetector.hpp
@@ -64,13 +64,24 @@ UR_FIELDS (
    uint8 SSA_CONF_LEVEL
 )
 
+using dir_t = uint8_t;
 /**
  * \brief Flow record extension header for storing parsed SSADETECTOR data.
  */
 struct RecordExtSSADetector : public RecordExt {
    static int REGISTERED_ID;
 
-   uint8_t possible_vpn;
+
+   struct pkt_entry 
+   {
+      pkt_entry();
+      void reset();
+      timeval& get_time(dir_t dir);
+
+      timeval ts_dir1;
+      timeval ts_dir2;
+      
+   };
 
    RecordExtSSADetector() : RecordExt(REGISTERED_ID)
    {
