Add icmp id

Improve general view
1 changed files with 29 additions and 3 deletions
--- a/pgsql-schema.sql
+++ b/pgsql-schema.sql
@ -57,6 +57,7 @@ CREATE TABLE IF NOT EXISTS ulog2_ct_model (
  reply_raw_pktcount bigint default 0,
  icmp_code smallint default NULL,
  icmp_type smallint default NULL,
+  icmp_id smallint default NULL,
  ct_mark bigint default 0,
  flow_start_sec bigint default 0,
  flow_start_usec bigint default 0,
@ -120,9 +121,34 @@ INSERT INTO ct_event (event_id,event_name) VALUES
 --

 CREATE OR REPLACE VIEW view_log AS
-        SELECT * FROM ct_logs
-            INNER JOIN ip_proto ON ct_logs.orig_ip_protocol = ip_proto.proto_id
-            INNER JOIN ct_event ON ct_logs.ct_event = ct_event.event_id;
+        SELECT
+        ct_id,
+        flow_start,
+        flow_end,
+        orig_ip_saddr_str as origin_ip_saddr,
+        orig_ip_daddr_str as origin_ip_daddr,
+        orig_ip_protocol,
+        ip_proto1.proto_name as orig_ip_proto_name,
+        orig_l4_sport,
+        orig_l4_dport,
+        orig_raw_pktlen as orig_bytes,
+        orig_raw_pktcount as orig_pktcount,
+        reply_ip_saddr_str as replyin_ip_saddr,
+        reply_ip_daddr_str as replyin_ip_daddr,
+        reply_ip_protocol,
+        ip_proto2.proto_name as reply_ip_proto_name,
+        reply_l4_sport,
+        reply_l4_dport,
+        reply_raw_pktlen as reply_bytes,
+        reply_raw_pktcount as reply_pktcount,
+        icmp_code,
+        icmp_type,
+        ct_event,
+        event_name
+         FROM ct_logs
+            LEFT JOIN ip_proto ip_proto1 ON ct_logs.orig_ip_protocol = ip_proto1.proto_id
+            LEFT JOIN ip_proto ip_proto2 ON ct_logs.reply_ip_protocol = ip_proto2.proto_id
+            LEFT JOIN ct_event ON ct_logs.ct_event = ct_event.event_id;


 --
Author	SHA1	Message	Date
Thomas Chevalier	b7bfebc8ab	Add icmp id	4 years ago
Thomas Chevalier	7e79817e6f	Improve general view	4 years ago