[Bro] More connection info in Software::Info?

[Nicholas Siow]

Hey, had a quick question about the connection information in the
Software::Info structure.

>From what I can see in the source code / manual there seems to be only one
side of the connection represented ( only "host" and "host_p" ).

For what we are trying to do, we want the full connection to be logged.
Just how HTTP for example records the originating / responding host / port.
Since the Software::found function seems to take a connection as a
parameter, would it be possible to pull c$id$orig_h, c$id$orig_p,
c$id$resp_h, and c$id$resp_p fields out and log all of them? Or is there
some limitation that prevents those fields from being accessed / logged?

Thanks,
N. Siow
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131001/1936e2df/attachment.html