Menu
▾
▴
[como-commits] SF.net SVN: como: [1246] src/branches/2.0
|
From: <jsa...@us...> - 2008-05-29 17:40:41
|
Revision: 1246
http://como.svn.sourceforge.net/como/?rev=1246&view=rev
Author: jsanjuas
Date: 2008-05-29 10:39:54 -0700 (Thu, 29 May 2008)
Log Message:
-----------
ported module pattern search to 2.0
fixed default cfg file
adding default formats for other mdls
enabled necessary logging in query
Modified Paths:
--------------
src/branches/2.0/base/query.c
src/branches/2.0/como.conf.cmake
src/branches/2.0/modules/apps/query.c
src/branches/2.0/modules/build_modules.sh
src/branches/2.0/modules/trace/query.c
Added Paths:
-----------
src/branches/2.0/modules/pattern_search/
src/branches/2.0/modules/pattern_search/capture.c
src/branches/2.0/modules/pattern_search/data.h
src/branches/2.0/modules/pattern_search/init.c
src/branches/2.0/modules/pattern_search/query.c
Modified: src/branches/2.0/base/query.c
===================================================================
--- src/branches/2.0/base/query.c 2008-05-29 00:25:39 UTC (rev 1245)
+++ src/branches/2.0/base/query.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -42,7 +42,7 @@
#include <err.h>
#include <errno.h> /* errno */
-#define LOG_DISABLE
+#define LOG_DEBUG_DISABLE
#include "como.h"
#include "comopriv.h"
#include "storage.h"
Modified: src/branches/2.0/como.conf.cmake
===================================================================
--- src/branches/2.0/como.conf.cmake 2008-05-29 00:25:39 UTC (rev 1245)
+++ src/branches/2.0/como.conf.cmake 2008-05-29 17:39:54 UTC (rev 1246)
@@ -199,55 +199,51 @@
# default: unused
module "traffic"
- source "trafficCC" # implemented by trafficCC.so
+ source "traffic" # implemented by traffic.so
description "Packet/Bytes counter"
args "interval" = "1"
# args "interface=1"
end
module "flowcount"
- source "flowcountCC"
+ source "flowcount"
description "Flow counter"
# aggregate flows using the 5-tuple
args "flowdef" = "src_ip|dst_ip|proto|src_port|dst_port"
end
module "protocol"
- source "protocolCC"
+ source "protocol"
description "Protocol breakdown"
end
module "topaddr"
- source "topaddrCC"
+ source "topaddr"
description "Popular destination IP Addresses"
args "use-dst" = "1"
on-demand
end
#module "tophwaddr"
-# source "tophwaddrCC"
+# source "tophwaddr"
# description "Popular destination HW Addresses"
# args "use-dst"
#end
module "topports"
- source "topportsCC"
+ source "topports"
description "Top destination port numbers in bytes"
args "interval" = "5", "topn" = "10"
end
module "trace"
- source "traceCC"
+ source "trace"
description "Packet trace"
streamsize 1GB
end
-#module "trafficCCS"
-# source "trafficCCS"
-#end
-
module "tuple"
- source "tupleCC"
+ source "tuple"
end
module "apps"
@@ -255,7 +251,11 @@
dns=udp 53,tcp 53"
end
+#module "pattern_search"
+# args "pattern" = "GET /"
+#end
+
# The ethtypes module computes the number of packets and bytes divided by
# ethertype. Each individual ethertype has to be specified in the
# configuration. The packets have an ethertype which is not declared in the
@@ -274,7 +274,7 @@
# default: IP,IPv6,ARP
/*
module "ethtypes"
- source "ethtypesCC"
+ source "ethtypes"
description "Ethertypes breakdown"
args "interval" = "60"
args "ethtypes" = "IP=0x0800,
Modified: src/branches/2.0/modules/apps/query.c
===================================================================
--- src/branches/2.0/modules/apps/query.c 2008-05-29 00:25:39 UTC (rev 1245)
+++ src/branches/2.0/modules/apps/query.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -46,6 +46,8 @@
{ FORMAT_GNUPLOT, "gnuplot", "text/plain" },
QUERY_FORMATS_END
+DEFAULT_FORMAT = "pretty";
+
struct qstate {
uint64_t aggr_pkts[CLASSES_MAX];
uint64_t aggr_bytes[CLASSES_MAX];
Modified: src/branches/2.0/modules/build_modules.sh
===================================================================
--- src/branches/2.0/modules/build_modules.sh 2008-05-29 00:25:39 UTC (rev 1245)
+++ src/branches/2.0/modules/build_modules.sh 2008-05-29 17:39:54 UTC (rev 1246)
@@ -4,7 +4,7 @@
# passed as the first argument. CoMo must be already installed in the system.
#
-MODULES="apps autofocus ethtypes flowcount protocol topaddr topaddr_csharp tophwaddr topports trace traffic traffic_csharp tuple"
+MODULES="apps autofocus ethtypes flowcount pattern_search protocol topaddr topaddr_csharp tophwaddr topports trace traffic traffic_csharp tuple"
if [ $# != 2 ]
then
Added: src/branches/2.0/modules/pattern_search/capture.c
===================================================================
--- src/branches/2.0/modules/pattern_search/capture.c (rev 0)
+++ src/branches/2.0/modules/pattern_search/capture.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2004-2008, Intel Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the distribution.
+ * * Neither the name of Intel Corporation nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id: capture.c 1226 2008-01-31 17:52:13Z jsanjuas $
+ */
+
+#include <string.h> /* memcpy */
+
+#include "pattern_search.h"
+#include "module.h"
+#include "data.h"
+
+void *
+ca_init(mdl_t *self, timestamp_t ts)
+{
+ config_t *cfg = mdl_get_config(self, config_t);
+ pattern_search_t *psearch;
+
+ psearch = (pattern_search_t *) mdl_malloc(self, sizeof(pattern_search_t));
+ pattern_search_initialize(psearch, cfg->pattern);
+
+ return psearch;
+}
+
+void
+capture(mdl_t *self, pkt_t *pkt, pattern_search_t *s, double srate)
+{
+ config_t *cfg;
+ record_t *r;
+ int len;
+
+ if (! pattern_search(s, COMO(payload), COMO(caplen), NULL))
+ return;
+
+ cfg = mdl_get_config(self, config_t);
+ r = mdl_alloc_tuple(self, record_t);
+
+ r->ts = COMO(ts);
+ len = (COMO(caplen) > cfg->snaplen) ? cfg->snaplen : COMO(caplen);
+ memcpy(r->buf, pkt, sizeof(pkt_t));
+ ((pkt_t *) r->buf)->payload = NULL;
+ ((pkt_t *) r->buf)->caplen = len;
+ memcpy(r->buf + sizeof(pkt_t), COMO(payload), len);
+ r->len = len + sizeof(pkt_t);
+}
+
Added: src/branches/2.0/modules/pattern_search/data.h
===================================================================
--- src/branches/2.0/modules/pattern_search/data.h (rev 0)
+++ src/branches/2.0/modules/pattern_search/data.h 2008-05-29 17:39:54 UTC (rev 1246)
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2004-2006, Intel Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the distribution.
+ * * Neither the name of Intel Corporation nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id: data.h 1211 2007-09-26 15:01:49Z jsanjuas $
+ */
+
+#include "como.h"
+
+#define BUFSIZE 2048
+
+como_tuple como_record struct record {
+ timestamp_t ts;
+ int len;
+ uint8_t buf[BUFSIZE];
+};
+
+como_config struct config {
+ uint32_t snaplen; /* bytes to capture in each packet */
+ char * pattern;
+};
+
+typedef struct record record_t;
+typedef struct config config_t;
+
+#define SNAPLEN_MAX (BUFSIZE - sizeof(pkt_t))
+
Added: src/branches/2.0/modules/pattern_search/init.c
===================================================================
--- src/branches/2.0/modules/pattern_search/init.c (rev 0)
+++ src/branches/2.0/modules/pattern_search/init.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2004-2008, Intel Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the distribution.
+ * * Neither the name of Intel Corporation nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id: init.c 1211 2007-09-26 15:01:49Z jsanjuas $
+ */
+
+#include "module.h"
+#include "data.h"
+
+config_t *
+init(mdl_t * self, hash_t * args)
+{
+ config_t *config;
+ int i;
+ /* pkt_t *pkt;
+ metadesc_t *inmd, *outmd; */
+ char *val;
+
+ config = mdl_alloc_config(self, config_t);
+ config->snaplen = SNAPLEN_MAX;
+
+ /* get config args */
+ if ((val = hash_lookup_string(args, "snaplen"))) {
+ config->snaplen = atoi(val); /* set the snaplen */
+ if (config->snaplen > SNAPLEN_MAX)
+ config->snaplen = SNAPLEN_MAX;
+ }
+
+ if ((val = hash_lookup_string(args, "pattern")))
+ config->pattern = val;
+
+ /* setup indesc */
+ /*inmd = metadesc_define_in(self, 0);
+ inmd->ts_resolution = TIME2TS(1, 0);
+
+ pkt = metadesc_tpl_add(inmd, "none:none:none:none");*/
+
+ /* setup outdesc */
+ /*outmd = metadesc_define_out(self, 0);
+
+ pkt = metadesc_tpl_add(outmd, "any:any:any:any");
+ COMO(caplen) = config->snaplen;*/
+
+ self->flush_ivl = TIME2TS(1, 0);
+
+ return config;
+}
+
Added: src/branches/2.0/modules/pattern_search/query.c
===================================================================
--- src/branches/2.0/modules/pattern_search/query.c (rev 0)
+++ src/branches/2.0/modules/pattern_search/query.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2004-2008, Intel Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the distribution.
+ * * Neither the name of Intel Corporation nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id: query.c 1211 2007-09-26 15:01:49Z jsanjuas $
+ */
+
+#include <sys/types.h>
+#include <string.h> /* bcopy */
+#include <stdio.h> /* fprintf, stderr */
+
+#include "module.h"
+#include "data.h"
+#include "stdpkt.h" /* ethernet headers, etc. */
+#include "pcap.h" /* bpf_int32, etc. */
+#include "printpkt.h"
+
+#define PRETTYFMT 0
+#define PCAPFMT 1
+
+enum {
+ FORMAT_PRETTY,
+ FORMAT_PCAP
+};
+
+QUERY_FORMATS_BEGIN
+ { FORMAT_PRETTY, "pretty", "text/plain" },
+ { FORMAT_PCAP, "pcap", "application/binary" },
+QUERY_FORMATS_END
+
+DEFAULT_FORMAT = "pretty";
+
+char buffer[65536];
+
+void *
+qu_init(mdl_t *self, int format_id, hash_t *args)
+{
+ size_t len;
+
+ if (format_id == FORMAT_PCAP) {
+ len = print_pcap_file_header(buffer);
+ mdl_write(self, buffer, len);
+ }
+
+ return NULL;
+}
+
+void
+qu_finish(mdl_t *self, int format_id, void *state)
+{
+ /* nothing to do here */
+}
+
+void
+print_rec(mdl_t *self, int format_id, record_t *r, void * state)
+{
+ pkt_t *pkt = (pkt_t *) r->buf;
+ size_t len = 0;
+
+ /*
+ * we need to fix pkt->payload before using the pkt, as
+ * the pointer has changed. Using pointers inside the records
+ * does not work unless we can correct them.
+ */
+ pkt->payload = (char *)&r->buf[sizeof(pkt_t)];
+
+ switch(format_id) {
+ case FORMAT_PCAP:
+ len = print_pkt_pcap(pkt, buffer);
+ break;
+ case FORMAT_PRETTY:
+ len = print_pkt_pretty(pkt, buffer, PRINTPKT_L2 | PRINTPKT_L3);
+ len += sprintf(buffer + len, "\n");
+ break;
+ }
+
+ mdl_write(self, buffer, len);
+}
+
+
+void
+replay(mdl_t * self, record_t *r, void *state)
+{
+ mdl_write(self, (char *)r->buf, r->len);
+}
+
Modified: src/branches/2.0/modules/trace/query.c
===================================================================
--- src/branches/2.0/modules/trace/query.c 2008-05-29 00:25:39 UTC (rev 1245)
+++ src/branches/2.0/modules/trace/query.c 2008-05-29 17:39:54 UTC (rev 1246)
@@ -53,6 +53,8 @@
{ FORMAT_PCAP, "pcap", "application/binary" },
QUERY_FORMATS_END
+DEFAULT_FORMAT = "pretty";
+
char buffer[65536];
void *
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
