From 069ef786b097a7ce8ec8157f9e57be15385d04a7 Mon Sep 17 00:00:00 2001
From: Olivier Bilodeau <obilodeau@gosecure.net>
Date: Fri, 1 Dec 2023 11:19:18 -0500
Subject: [PATCH 1/3] Ensure MITM start and termination messages are in the
 JSON logs

This way we can retain honeypot IP in the logs
---
 bin/pyrdp-mitm.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/pyrdp-mitm.py b/bin/pyrdp-mitm.py
index 71dae0712..561db359b 100755
--- a/bin/pyrdp-mitm.py
+++ b/bin/pyrdp-mitm.py
@@ -27,7 +27,7 @@
 
 def main():
     config = configure()
-    logger = logging.getLogger(LOGGER_NAMES.PYRDP)
+    logger = logging.getLogger(LOGGER_NAMES.MITM_CONNECTIONS)
 
     # Create a listening socket to accept connections.
     s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

From fce39df20afad631bf8668aa1778520404fb480f Mon Sep 17 00:00:00 2001
From: Olivier Bilodeau <obilodeau@gosecure.net>
Date: Fri, 1 Dec 2023 11:20:56 -0500
Subject: [PATCH 2/3] logs: host_ip is now hostIp

Non-breaking change since it was not in the JSON logs until previous commit.
Aligned the naming case with what we use for clientIp.
---
 bin/pyrdp-mitm.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/pyrdp-mitm.py b/bin/pyrdp-mitm.py
index 561db359b..7b936998d 100755
--- a/bin/pyrdp-mitm.py
+++ b/bin/pyrdp-mitm.py
@@ -50,8 +50,8 @@ def main():
     params = {"address": config.listenAddress, "port": config.listenPort}
 
     if "HOST_IP" in os.environ:
-        message += ". Host IP: %(host_ip)s"
-        params["host_ip"] = os.environ["HOST_IP"]
+        message += ". Host IP: %(hostIp)s"
+        params["hostIp"] = os.environ["HOST_IP"]
 
     logger.info(message, params)
 

From 7e647b83e536c40044100a736b87cd8ea16fbd04 Mon Sep 17 00:00:00 2001
From: Olivier Bilodeau <obilodeau@gosecure.net>
Date: Fri, 1 Dec 2023 11:27:59 -0500
Subject: [PATCH 3/3] Updated CHANGELOG

---
 CHANGELOG.adoc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
index 705695342..238b0ab6f 100644
--- a/CHANGELOG.adoc
+++ b/CHANGELOG.adoc
@@ -13,6 +13,7 @@ For a detailed view of what has changed, refer to the {uri-repo}/commits/master[
 
 * Support for RDP version 10.11 ({uri-issue}433[#433])
 * Support for Python 3.11 by updating PyAV to get pre-built binary wheels ({uri-issue}437[#437], {uri-issue}438[#438])
+* MITM start and termination log messages are now part of the JSON logs ({uri-issue}447[#447])
 
 === Bug fixes