Add a new record type REC_TYPE_SYSTEMD_JOURNAL.

Systemd journal entries aren't file-type-specific; they're found in both systemd journal entry blocks in pcapng files and in systemd journal export files. Give it a record type, for use with both file types. This fixes #16955. It also means that you can open a systemd journal export file and save it as a pcapng file.
author: Guy Harris <gharris@sonic.net> 2020-10-27 20:06:26 -0700
committer: Guy Harris <gharris@sonic.net> 2020-10-27 20:06:26 -0700
commit: 889e0d5cb6a4e082e13d71c88c0fe40a4e8f8d2d (patch)
tree: ae6a1288ab5aac5ac6e0b64c0ccb1d73b93eceef /wiretap/systemd_journal.c
parent: edd71daa907a9c0b7c6d05048b5cdfcd38d4b5aa (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/wiretap/systemd_journal.c b/wiretap/systemd_journal.c
index c247bd5411..4414404199 100644
--- a/wiretap/systemd_journal.c
+++ b/wiretap/systemd_journal.c
@@ -225,10 +225,9 @@ systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec, Buffer *buf, int *er
         return FALSE;
     }
 
-    rec->rec_type = REC_TYPE_FT_SPECIFIC_EVENT;
+    rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL;
     rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN;
-    rec->rec_header.ft_specific_header.record_type = WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL;
-    rec->rec_header.ft_specific_header.record_len = (guint32) fld_end;
+    rec->rec_header.systemd_journal_header.record_len = (guint32) fld_end;
 
     return TRUE;
 }
author	Guy Harris <gharris@sonic.net>	2020-10-27 20:06:26 -0700
committer	Guy Harris <gharris@sonic.net>	2020-10-27 20:06:26 -0700
commit	889e0d5cb6a4e082e13d71c88c0fe40a4e8f8d2d (patch)
tree	ae6a1288ab5aac5ac6e0b64c0ccb1d73b93eceef /wiretap/systemd_journal.c
parent	edd71daa907a9c0b7c6d05048b5cdfcd38d4b5aa (diff)