From 37facba57cc46d83c770fa176fa9f9793ebad47f Mon Sep 17 00:00:00 2001
From: Jungkeun Park <parkjk@konkuk.ac.kr>
Date: Mon, 3 Jun 2024 22:50:54 +0900
Subject: [PATCH] Add total L2 length field to connection log

---
 CHANGELOG.md          | 6 ++++++
 src/ingest/network.rs | 8 ++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8dacfc6..05aa65a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,12 @@ file is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and
 this project adheres to [Semantic
 Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+### Changed
+
+- Modified connection log structure to include total L2 frame length of a session.
+
 ## [0.17.0] - 2024-05-16
 
 ### Added
diff --git a/src/ingest/network.rs b/src/ingest/network.rs
index 3fbc3d1..ebfd516 100644
--- a/src/ingest/network.rs
+++ b/src/ingest/network.rs
@@ -24,13 +24,15 @@ pub struct Conn {
     pub resp_bytes: u64,
     pub orig_pkts: u64,
     pub resp_pkts: u64,
+    pub orig_l2_bytes: u64,
+    pub resp_l2_bytes: u64,
 }
 
 impl Display for Conn {
     fn fmt(&self, f: &mut Formatter) -> std::fmt::Result {
         write!(
             f,
-            "{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}",
+            "{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}\t{}",
             self.orig_addr,
             self.orig_port,
             self.resp_addr,
@@ -42,7 +44,9 @@ impl Display for Conn {
             self.orig_bytes,
             self.resp_bytes,
             self.orig_pkts,
-            self.resp_pkts
+            self.resp_pkts,
+            self.orig_l2_bytes,
+            self.resp_l2_bytes
         )
     }
 }