@load http-request
@load http-entity
@load http-reply

module HTTP;

global http_geo_log = open_log_file("http-geo");
global http_logged_countries: set[string] = {"GB", "JP", "AU", "US"} &redef;

event http_message_done(c: connection, is_orig: bool, stat: http_message_stat)
	{
	if ( is_orig )
		{
		local orig_cc = lookup_location(c$id$orig_h)$country_code;
		local resp_cc = lookup_location(c$id$resp_h)$country_code;
		if ( orig_cc !in http_logged_countries && resp_cc !in http_logged_countries )
			{
			local s = lookup_http_request_stream(c);
			local r = s$requests[s$first_pending_request];
			local msg = get_http_message(s, is_orig);

			local host = (s$next_request$host=="") ? fmt("%s", c$id$resp_h) : s$next_request$host;
			local url = fmt("%s http://%s%s", r$method, host, r$URI);
			print http_geo_log, fmt("%.6f %s %s -> %s %s", network_time(), id_string(c$id), orig_cc, resp_cc, url);
			}
		}
	}