Menu
▾
▴
[como-commits] SF.net SVN: como:[1262] src/trunk/modules
|
From: <ia...@us...> - 2008-08-14 22:32:53
|
Revision: 1262
http://como.svn.sourceforge.net/como/?rev=1262&view=rev
Author: iannak1
Date: 2008-08-14 22:32:50 +0000 (Thu, 14 Aug 2008)
Log Message:
-----------
Fixed compiler warning with gcc 4.2.3
Added "sessions" module to track flows using a timeout for termination.
Modified Paths:
--------------
src/trunk/modules/CMakeLists.txt
src/trunk/modules/apps.c
src/trunk/modules/assoc.c
src/trunk/modules/autofocus.c
src/trunk/modules/dhcp.c
src/trunk/modules/ewma.c
src/trunk/modules/frames.c
src/trunk/modules/ssid.c
src/trunk/modules/superaddr.c
src/trunk/modules/topaddr.c
src/trunk/modules/tophwaddr.c
src/trunk/modules/topports.c
src/trunk/modules/traffic.c
src/trunk/modules/tuple.c
src/trunk/modules/unknown-ports.c
src/trunk/modules/worm-signature.c
Added Paths:
-----------
src/trunk/modules/sessions.c
Modified: src/trunk/modules/CMakeLists.txt
===================================================================
--- src/trunk/modules/CMakeLists.txt 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/CMakeLists.txt 2008-08-14 22:32:50 UTC (rev 1262)
@@ -16,6 +16,7 @@
pattern-search
protocol
scanner-detector
+ sessions
ssid
superaddr
topaddr
Modified: src/trunk/modules/apps.c
===================================================================
--- src/trunk/modules/apps.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/apps.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -299,9 +299,9 @@
#define GNUPLOTFOOTER "e\n"
-#define PRETTYFMT "%.24s " /* 24 char to skip \n in asctime() */
-#define GNUPLOTFMT "%ld "
-#define PLAINFMT "%12ld "
+static char prettyfmt[] = "%.24s "; /* 24 char to skip \n in asctime() */
+static char gnuplotfmt[] = "%ld ";
+static char plainfmt[] = "%12ld ";
static char *
print(void * self, char *buf, size_t *len, char * const args[])
@@ -321,16 +321,16 @@
int n, j;
/* default is pretty printing */
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=pretty")) {
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
} else if (!strcmp(args[n], "format=gnuplot")) {
- fmt = GNUPLOTFMT;
+ fmt = gnuplotfmt;
isrelative = 0;
} else if (!strcmp(args[n], "isrelative")) {
isrelative = 1;
@@ -344,24 +344,24 @@
}
}
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, "%-24s", "Date");
for (j = 0; j < cf->classes; j++)
*len += sprintf(s + *len, "%-10s ", cf->names[j]);
*len += sprintf(s + *len, "\n");
- } else if (fmt == GNUPLOTFMT && isrelative) {
+ } else if (fmt == gnuplotfmt && isrelative) {
*len = sprintf(s, GNUPLOTHDR, "Percentage", "100",
2 * cf->classes, cf->names[cf->classes-1]);
for (j = cf->classes - 1; j > 0; j--)
*len += sprintf(s + *len, GNUPLOTLINE, 2*j, cf->names[j-1]);
*len += sprintf(s + *len, "\n");
- } else if (fmt == GNUPLOTFMT) {
+ } else if (fmt == gnuplotfmt) {
*len = sprintf(s, GNUPLOTHDR, "Mbps", "*",
2 * cf->classes, cf->names[cf->classes - 1]);
for (j = cf->classes - 1; j > 0; j--)
*len += sprintf(s + *len, GNUPLOTLINE, 2*j, cf->names[j-1]);
*len += sprintf(s + *len, "\n");
- } else if (fmt == PLAINFMT) {
+ } else if (fmt == plainfmt) {
*len = 0;
}
@@ -374,7 +374,7 @@
if (buf == NULL && args == NULL) {
/* no footer */
*len = 0;
- if (fmt == GNUPLOTFMT)
+ if (fmt == gnuplotfmt)
*len = sprintf(s, GNUPLOTFOOTER);
return s;
}
@@ -399,17 +399,17 @@
values[i].pkts /= granularity;
}
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&ts)));
for (i = 0; i < cf->classes; i++)
*len += sprintf(s + *len, "%8llu %8u ",
values[i].bytes, values[i].pkts);
- } else if (fmt == PLAINFMT) {
+ } else if (fmt == plainfmt) {
*len = sprintf(s, fmt, ts) ;
for (i = 0; i < cf->classes; i++)
*len += sprintf(s + *len, "%8llu %8u ",
values[i].bytes, values[i].pkts);
- } else if (fmt == GNUPLOTFMT && isrelative) {
+ } else if (fmt == gnuplotfmt && isrelative) {
/*
* we plot the percentage of traffic that we can
* map to each application.
@@ -437,7 +437,7 @@
/* for the last value to be 100 */
*len += sprintf(s + *len, "%u %u ", 100, 100);
- } else if (fmt == GNUPLOTFMT && !isrelative) {
+ } else if (fmt == gnuplotfmt && !isrelative) {
/*
* we do not need relative values but the absolute
* contribution of each application
Modified: src/trunk/modules/assoc.c
===================================================================
--- src/trunk/modules/assoc.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/assoc.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -277,9 +277,10 @@
#define PRETTYHDR \
"Date Mode AP pkts_down \
Client pkts_up\n"
-#define PRETTYFMT "%.24s %14s %s %9u %s %9u\n"
-#define PLAINFMT "%d %s %s %u %s %u\n"
+static char prettyfmt[] = "%.24s %14s %s %9u %s %9u\n";
+static char plainfmt[] = "%d %s %s %u %s %u\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -298,13 +299,13 @@
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
return s;
}
}
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
return s;
}
@@ -319,11 +320,11 @@
pkts_ul = ntohl(x->pkts_upload);
pkts_dl = ntohl(x->pkts_download);
- pretty_mac(x->ap, buff1, sizeof(buff1), fmt == PRETTYFMT);
- pretty_mac(x->client, buff2, sizeof(buff2), fmt == PRETTYFMT);
+ pretty_mac(x->ap, buff1, sizeof(buff1), fmt == prettyfmt);
+ pretty_mac(x->client, buff2, sizeof(buff2), fmt == prettyfmt);
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&t)), \
x->adhoc ? "Ad-Hoc" : "Infrastructure",
buff1, pkts_dl, buff2, pkts_ul);
Modified: src/trunk/modules/autofocus.c
===================================================================
--- src/trunk/modules/autofocus.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/autofocus.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -503,12 +503,6 @@
#define PRETTY_HDR_DSTS \
"\tTimestamp\t\t\t\tDestination IP\t\t\t\tTraffic\n"
-#define PRETTY_FMT \
- "\t%u\t\t\t\t%s/%d\t\t\t\t%llu\n"
-
-#define PLAIN_FMT \
- "\t%u\t\t\t\t%s/%d\t\t\t\t%llu\n"
-
#define HTML_HDR \
"<html>\n" \
"<head>\n" \
@@ -546,10 +540,6 @@
"</table>\n" \
"</body></html>\n"
-#define HTML_FMT \
-"<tr><td>%d</td>" \
-"<td>%s/%d</td>" \
-"<td>%llu</td></tr>\n"
#define HTML_FMT2 \
"<tr><tr><td><br></td></tr>" \
@@ -565,6 +555,9 @@
" <td>Traffic (bytes)</td>\n" \
" </tr>\n"
+static char prettyfmt[] = "\t%u\t\t\t\t%s/%d\t\t\t\t%llu\n";
+static char plainfmt[] = "\t%u\t\t\t\t%s/%d\t\t\t\t%llu\n";
+static char htmlfmt[] = "<tr><td>%d</td><td>%s/%d</td><td>%llu</td></tr>\n";
/*
* -- print
@@ -603,22 +596,22 @@
else
*len = sprintf(s, PRETTY_HDR_SRCS);
- fmt = PRETTY_FMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAIN_FMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTML_HDR);
*len += sprintf(s + *len, HTML_TITLE, what[config->use_dst]);
- fmt = HTML_FMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTML_HDR);
*len += sprintf(s + *len, SIDEBOX_TITLE,
what[config->use_dst]);
- fmt = HTML_FMT;
+ fmt = htmlfmt;
}
}
count = 0; /* reset count */
@@ -628,7 +621,7 @@
/* last call of print */
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTML_FMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTML_FOOTER);
count = 0; /* reset count */
last_ts = 0; /* reset timestamp */
@@ -654,11 +647,11 @@
bytes = NTOHLL(record->bytes);
/* fill up each type of output */
- if (fmt == PLAIN_FMT)
+ if (fmt == plainfmt)
*len += sprintf(s + *len, fmt, ts, inet_ntoa(addr), mask, bytes);
- else if (fmt == PRETTY_FMT)
+ else if (fmt == prettyfmt)
*len += sprintf(s + *len, fmt, ts, inet_ntoa(addr), mask, bytes);
- else if (fmt == HTML_FMT) {
+ else if (fmt == htmlfmt) {
if (count == 1)
*len += sprintf(s + *len, HTML_FMT2, count, inet_ntoa(addr),
mask, bytes);
Modified: src/trunk/modules/dhcp.c
===================================================================
--- src/trunk/modules/dhcp.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/dhcp.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -244,8 +244,9 @@
#define PRETTYHDR \
"Date Timestamp Client IP MAC Address\n"
-#define PRETTYFMT "%.24s %12d.%06d %15s %19s\n"
+static char prettyfmt[] = "%.24s %12d.%06d %15s %19s\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -260,7 +261,7 @@
if (buf == NULL && args != NULL) {
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
return s;
}
@@ -285,7 +286,7 @@
}
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt,
asctime(localtime(&t)), TS2SEC(ts), TS2USEC(ts),
inet_ntoa(yiaddr), mac);
Modified: src/trunk/modules/ewma.c
===================================================================
--- src/trunk/modules/ewma.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/ewma.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -269,8 +269,6 @@
#define PRETTYHDR "Date Packets Bytes Connx\n"
-#define PRETTYFMT "%.24s %d.%1u %d.%1u %d.%1u\n"
-#define PLAINFMT "%12ld %d.%1u %d.%1u %d.%1u\n"
#define HTMLHDR \
"<html>\n" \
@@ -312,11 +310,6 @@
" <td><b>Connx</b></td>\n" \
" </tr>\n"
-#define HTMLFMT \
- "<tr><td><a href=%s target=_top>%s</a></td>" \
- "<td>%d.%1u</td>" \
- "<td>%d.%1u</td>" \
- "<td>%d.%1u</td></tr>\n"
#define HTMLFOOTER_ALERTS \
"</table>\n"
@@ -324,6 +317,11 @@
#define HTMLFOOTER \
"</body></html>\n"
+static char prettyfmt[] = "%.24s %d.%1u %d.%1u %d.%1u\n";
+static char plainfmt[] = "%12ld %d.%1u %d.%1u %d.%1u\n";
+static char htmlfmt[] = "<tr><td><a href=%s target=_top>%s</a></td>" \
+ "<td>%d.%1u</td><td>%d.%1u</td><td>%d.%1u</td></tr>\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -342,20 +340,20 @@
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, HTMLTITLE);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTMLHDR);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strncmp(args[n], "url=", 4)) {
url = args[n] + 4;
} else if (!strncmp(args[n], "urlargs=", 8)) {
@@ -378,7 +376,7 @@
if (buf == NULL && args == NULL) {
*len = alerts > 0 ? 0 : sprintf(s, STR_NOALERTS);
- if (fmt == HTMLFMT) {
+ if (fmt == htmlfmt) {
if (alerts > 0) {
*len += sprintf(s + *len, HTMLFOOTER_ALERTS);
}
@@ -391,7 +389,7 @@
*len = 0;
if (alerts == 0) {
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTML_ALERTS);
alerts = 1;
}
@@ -403,10 +401,10 @@
((int32_t) (ntohl(c) >> 8)), ((uint8_t) (ntohl(c) & 0xff))
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(gmtime(&ts)), print_ch(x->ch_pkts),
print_ch(x->ch_bytes), print_ch(x->ch_connx));
- } else if (fmt == HTMLFMT) {
+ } else if (fmt == htmlfmt) {
char timestr[30];
char tmp[2048] = "#";
Modified: src/trunk/modules/frames.c
===================================================================
--- src/trunk/modules/frames.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/frames.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -141,9 +141,6 @@
"ctrl (frames, bytes) " \
"data (frames, bytes)\n"
-#define GNUPLOTFMT "%ld %llu %llu %llu %llu %llu %llu %llu %llu %llu\n"
-#define PRETTYFMT \
- "%.24s %12d.%06d %-5llu %-20llu %-5llu %-20llu %-5llu %-20llu\n"
#define GNUPLOTHDR \
"set terminal postscript eps color solid lw 1 \"Helvetica\" 14;" \
@@ -162,6 +159,10 @@
#define GNUPLOTFOOTER "e\n"
+static char gnuplotfmt[] = "%ld %llu %llu %llu %llu %llu %llu %llu %llu %llu\n";
+static char prettyfmt[] =
+ "%.24s %12d.%06d %-5llu %-20llu %-5llu %-20llu %-5llu %-20llu\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -176,13 +177,13 @@
if (buf == NULL && args != NULL) {
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=gnuplot")) {
*len = sprintf(s, GNUPLOTHDR);
- fmt = GNUPLOTFMT;
+ fmt = gnuplotfmt;
} else if (!strncmp(args[n], "granularity=", 10)) {
char * val = index(args[n], '=') + 1;
@@ -197,7 +198,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == GNUPLOTFMT)
+ if (fmt == gnuplotfmt)
*len = sprintf(s, GNUPLOTFOOTER);
return s;
}
@@ -207,12 +208,12 @@
t = (time_t) TS2SEC(ts);
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&t)), TS2SEC(ts), TS2USEC(ts),
NTOHLL(x->mgmtpkts), NTOHLL(x->mgmtbytes), NTOHLL(x->ctrlpkts),
NTOHLL(x->ctrlbytes), NTOHLL(x->datapkts),
NTOHLL(x->databytes));
- } else if (fmt == GNUPLOTFMT) {
+ } else if (fmt == gnuplotfmt) {
*len = sprintf(s, fmt, (long int)t, NTOHLL(x->mgmtpkts),
NTOHLL(x->ctrlpkts), NTOHLL(x->datapkts), NTOHLL(x->mgmtbytes),
NTOHLL(x->ctrlbytes), NTOHLL(x->databytes));
Added: src/trunk/modules/sessions.c
===================================================================
--- src/trunk/modules/sessions.c (rev 0)
+++ src/trunk/modules/sessions.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -0,0 +1,656 @@
+/*
+ * Copyright (c) 2004-2006, Intel Corporation
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the distribution.
+ * * Neither the name of Intel Corporation nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+ * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $Id: tuple.c 976 2006-10-30 19:01:52Z jsanjuas $
+ */
+
+/*
+ * Session tracker.
+ *
+ * This module tracks all sessions (defined by the usual 5 tuple).
+ * It uses a timeout approach to decide when to terminate a session.
+ * Any packet can start a session. Sessions are reported ordered by
+ * last packet timestamp.
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "comofunc.h"
+#include "module.h"
+
+#define FLOWDESC struct _tuple_stat
+FLOWDESC {
+ timestamp_t start_ts;
+ timestamp_t last_ts;
+ n32_t src_ip;
+ n32_t dst_ip;
+ n16_t src_port;
+ n16_t dst_port;
+ uint8_t proto;
+ char padding;
+ uint16_t sampling;
+ uint64_t bytes;
+ uint64_t pkts;
+};
+
+#define EFLOWDESC struct _session
+EFLOWDESC {
+ timestamp_t start_ts;
+ timestamp_t last_ts;
+ n32_t src_ip;
+ n32_t dst_ip;
+ n16_t src_port;
+ n16_t dst_port;
+ uint8_t proto;
+ char padding;
+ uint16_t sampling;
+ uint64_t bytes;
+ uint64_t pkts;
+};
+
+#define CONFIGDESC struct _tuple_config
+CONFIGDESC {
+ /*
+ * packet description and templates for the
+ * replay() callback or to know if we can process
+ * the packets from given sniffer
+ */
+ int compact;
+ uint32_t mask;
+ uint32_t timeout;
+};
+
+static timestamp_t
+init(void * self, char *args[])
+{
+ CONFIGDESC * config;
+ int i;
+ pkt_t * pkt;
+ metadesc_t *inmd, *outmd;
+
+ config = mem_mdl_malloc(self, sizeof(CONFIGDESC));
+ config->compact = 0;
+ config->mask = ~0;
+ config->timeout = 60;
+
+ /*
+ * process input arguments
+ */
+ for (i = 0; args && args[i]; i++) {
+ char * x;
+
+ if (strstr(args[i], "compact")) {
+ config->compact = 1;
+ } else if (strstr(args[i], "mask")) {
+ x = index(args[i], '=') + 1;
+ config->mask <<= atoi(x);
+ } else if (strstr(args[i], "timeout")) {
+ x = index(args[i], '=') + 1;
+ config->timeout = atoi(x);
+ }
+ }
+
+ /*
+ * our input stream needs to contain the port numbers and
+ * a packet length. for the timestamp, we use a default value of
+ * one second or whatever we receive from configuration
+ */
+
+ /* setup indesc */
+ inmd = metadesc_define_in(self, 0);
+
+ pkt = metadesc_tpl_add(inmd, "none:none:~ip:none");
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+
+ pkt = metadesc_tpl_add(inmd, "none:none:~ip:~tcp");
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+ N16(TCP(src_port)) = 0xffff;
+ N16(TCP(dst_port)) = 0xffff;
+
+ pkt = metadesc_tpl_add(inmd, "none:none:~ip:~udp");
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+ N16(UDP(src_port)) = 0xffff;
+ N16(UDP(dst_port)) = 0xffff;
+
+ /* setup outdesc */
+ outmd = metadesc_define_out(self, 0);
+ outmd->flags = META_PKT_LENS_ARE_AVERAGED;
+
+ pkt = metadesc_tpl_add(outmd, "~nf:none:~ip:none");
+ N16(NF(sampling)) = 0xffff;
+ N32(NF(duration)) = 0xffffffff;
+ N32(NF(pktcount)) = 0xffffffff;
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+
+ pkt = metadesc_tpl_add(outmd, "~nf:none:~ip:~tcp");
+ N16(NF(sampling)) = 0xffff;
+ N32(NF(duration)) = 0xffffffff;
+ N32(NF(pktcount)) = 0xffffffff;
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+ N16(TCP(src_port)) = 0xffff;
+ N16(TCP(dst_port)) = 0xffff;
+
+ pkt = metadesc_tpl_add(outmd, "~nf:none:~ip:~udp");
+ N16(NF(sampling)) = 0xffff;
+ N32(NF(duration)) = 0xffffffff;
+ N32(NF(pktcount)) = 0xffffffff;
+ IP(proto) = 0xff;
+ N16(IP(len)) = 0xff;
+ N32(IP(src_ip)) = 0xffffffff;
+ N32(IP(dst_ip)) = 0xffffffff;
+ N16(UDP(src_port)) = 0xffff;
+ N16(UDP(dst_port)) = 0xffff;
+
+ CONFIG(self) = config;
+ return TIME2TS(1, 0);
+}
+
+
+static uint32_t
+hash(void * self, pkt_t *pkt)
+{
+ uint sport, dport;
+
+ if (isTCP) {
+ sport = N16(TCP(src_port));
+ dport = N16(TCP(dst_port));
+ } else if (isUDP) {
+ sport = N16(UDP(src_port));
+ dport = N16(UDP(dst_port));
+ } else {
+ sport = dport = 0;
+ }
+
+ return (N32(IP(src_ip)) ^ N32(IP(dst_ip)) ^ (sport << 3) ^ (dport << 3));
+}
+
+static int
+match(void * self, pkt_t *pkt, void *fh)
+{
+ FLOWDESC *x = F(fh);
+ uint sport, dport;
+
+ if (isTCP) {
+ sport = N16(TCP(src_port));
+ dport = N16(TCP(dst_port));
+ } else if (isUDP) {
+ sport = N16(UDP(src_port));
+ dport = N16(UDP(dst_port));
+ } else {
+ sport = dport = 0;
+ }
+
+ return (
+ N32(IP(src_ip)) == N32(x->src_ip) &&
+ N32(IP(dst_ip)) == N32(x->dst_ip) &&
+ sport == N16(x->src_port) && dport == N16(x->dst_port) &&
+ IP(proto) == x->proto
+ );
+}
+
+static int
+update(void * self, pkt_t *pkt, void *fh, int isnew)
+{
+ FLOWDESC *x = F(fh);
+
+ if (isnew) {
+ x->start_ts = pkt->ts;
+ x->bytes = 0;
+ x->pkts = 0;
+ x->proto = IP(proto);
+ x->src_ip = IP(src_ip);
+ x->dst_ip = IP(dst_ip);
+
+ if (isTCP) {
+ x->src_port = TCP(src_port);
+ x->dst_port = TCP(dst_port);
+ } else if (isUDP) {
+ x->src_port = UDP(src_port);
+ x->dst_port = UDP(dst_port);
+ } else {
+ N16(x->src_port) = N16(x->dst_port) = 0;
+ }
+ }
+
+ x->last_ts = pkt->ts;
+ if (COMO(type) == COMOTYPE_NF) {
+ x->last_ts +=
+ TIME2TS(H32(NF(duration)) / 1000, (H32(NF(duration))%1000)*1000);
+ x->sampling = H16(NF(sampling));
+ x->bytes += H32(NF(pktcount)) * COMO(len);
+ x->pkts += (uint64_t) H32(NF(pktcount));
+ } else if (COMO(type) == COMOTYPE_SFLOW) {
+ x->sampling = (uint16_t) H32(SFLOW(sampling_rate));
+ x->bytes += (uint64_t) COMO(len) * (uint64_t) H32(SFLOW(sampling_rate));
+ x->pkts += (uint64_t) H32(SFLOW(sampling_rate));
+ } else {
+ x->sampling = 1;
+ x->bytes += H16(IP(len));
+ x->pkts++;
+ }
+
+ return 0;
+}
+
+static int
+compare(const void *efh1, const void *efh2)
+{
+ return CMPEF(efh1)->last_ts < CMPEF(efh2)->last_ts ? -1 : 1;
+}
+
+static int
+ematch(void *self, void *efh, void *fh)
+{
+ FLOWDESC *x = F(fh);
+ EFLOWDESC *ex = EF(efh);
+
+ return (
+ N32(x->src_ip) == N32(ex->src_ip) &&
+ N32(x->dst_ip) == N32(ex->dst_ip) &&
+ N16(x->src_port) == N16(ex->src_port) &&
+ N16(x->dst_port) == N16(ex->dst_port) &&
+ x->proto == ex->proto
+ );
+}
+
+static int
+export(void * self, void *efh, void *fh, int isnew)
+{
+ FLOWDESC *x = F(fh);
+ EFLOWDESC *ex = EF(efh);
+
+ if (isnew) {
+ bcopy(x, ex, sizeof(EFLOWDESC));
+ } else {
+ ex->pkts += x->pkts;
+ ex->bytes += x->bytes;
+ ex->last_ts = x->last_ts;
+ }
+
+ return 0;
+}
+
+static int
+action(void *self, void *efh, timestamp_t ivl,
+ timestamp_t current_time, int count)
+{
+ CONFIGDESC * config = CONFIG(self);
+ EFLOWDESC *ex = EF(efh);
+
+ if (efh == NULL)
+ return ACT_GO; /* always process all records */
+
+ /*
+ * if the flow has not seen any packets in the last
+ * config->timeout seconds, store it and discard the record
+ */
+ if (TS2SEC(current_time - ex->last_ts) > config->timeout)
+ return (ACT_STORE | ACT_DISCARD);
+
+ return ACT_GO;
+}
+
+static ssize_t
+store(void * self, void *efh, char *buf)
+{
+ FLOWDESC *x = F(efh);
+
+ PUTH64(buf, x->start_ts);
+ PUTH64(buf, x->last_ts);
+ PUTN32(buf, N32(x->src_ip));
+ PUTN32(buf, N32(x->dst_ip));
+ PUTN16(buf, N16(x->src_port));
+ PUTN16(buf, N16(x->dst_port));
+ PUTH8(buf, x->proto);
+ PUTH8(buf, x->padding);
+ PUTH16(buf, x->sampling);
+ PUTH64(buf, x->bytes);
+ PUTH64(buf, x->pkts);
+
+ return sizeof(FLOWDESC);
+}
+
+static size_t
+load(void * self, char * buf, size_t len, timestamp_t * ts)
+{
+ if (len < sizeof(FLOWDESC)) {
+ *ts = 0;
+ return 0;
+ }
+
+ *ts = NTOHLL(((FLOWDESC *)buf)->start_ts);
+ return sizeof(FLOWDESC);
+}
+
+
+#define PRETTYHDR \
+ "Start " \
+ "Duration " \
+ "Proto Source IP:Port Destination IP:Port " \
+ "Bytes Packets\n"
+
+#define HTMLHDR \
+ "<html>\n" \
+ "<head>\n" \
+ " <style type=\"text/css\">\n" \
+ " body { font-family: \"lucida sans unicode\", verdana, arial;\n" \
+ " font-size: 9pt; margin: 0; padding: 0;}\n" \
+ " table, tr, td {background-color: #eee;\n" \
+ " font-family: \"lucida sans unicode\", verdana, arial;\n" \
+ " font-size: 9pt;}\n" \
+ " a, a:visited { color: #475677; text-decoration: none;}\n" \
+ " .netviewbar{ \n" \
+ " color :#FFF; width :100%%; padding :2px; text-align:center;}\n" \
+ " .netview {\n" \
+ " top: 0px; width: 98%%; vertical-align:top;\n" \
+ " margin: 2; padding-left: 5px;\n" \
+ " padding-right: 5px; text-align:left;}\n" \
+ " .nvtitle {\n" \
+ " font-weight: bold; font-size: 9pt; padding-bottom: 3px;\n" \
+ " color: #475677;}\n" \
+ " </style>\n" \
+ "</head>\n" \
+ "<body>\n" \
+ "<div class=nvtitle style=\"border-top: 1px solid;\">" \
+ "Active connections</div>\n" \
+ "<table class=netview>\n" \
+ " <tr class=nvtitle>\n" \
+ " <td>Start Time</td>\n" \
+ " <td>Duration</td>\n" \
+ " <td>Protocol</td>\n" \
+ " <td>Source IP:Port</td>\n" \
+ " <td>Destination IP:Port</td>\n" \
+ " <td>Bytes</td>\n" \
+ " <td>Packets</td>\n" \
+ " </tr>\n"
+
+#define HTMLFOOTER \
+ "</table>\n" \
+ "</body></html>\n"
+
+static char plainfmt[] =
+ "%10u.%06d %3d.%06d %3d %15s %5u %15s %5u %8llu %8llu\n";
+static char prettyfmt[] =
+ "%s.%06d %3d.%06d %5s %15s %5u %15s %5u %8llu %8llu\n";
+static char htmlfmt[] =
+ "<tr><td>%s.%06d</td><td>%d.%06d</td><td>%s</td>"
+ "<td>%15s:%u</td><td>%15s:%u</td>"
+ "<td>%llu</td><td>%llu</td></tr>\n";
+
+static char *
+print(void * self, char *buf, size_t *len, char * const args[])
+{
+ static char s[2048];
+ static char * fmt;
+ CONFIGDESC * config = CONFIG(self);
+ char src[20], dst[20];
+ struct in_addr saddr, daddr;
+ FLOWDESC *x;
+ timestamp_t start_ts, last_ts;
+ uint start_sec, start_usec;
+ uint duration_sec, duration_usec;
+
+
+ if (buf == NULL && args != NULL) {
+ int n;
+
+ *len = sprintf(s, PRETTYHDR);
+ fmt = prettyfmt;
+
+ /* first call of print, process the arguments and return */
+ for (n = 0; args[n]; n++) {
+ if (!strcmp(args[n], "format=html")) {
+ *len = sprintf(s, HTMLHDR);
+ fmt = htmlfmt;
+ } else if (!strcmp(args[n], "format=plain")) {
+ *len = 0;
+ fmt = plainfmt;
+ }
+ }
+
+ return s;
+ }
+
+ if (buf == NULL && args == NULL) {
+ *len = 0;
+ if (fmt == htmlfmt)
+ *len = sprintf(s, HTMLFOOTER);
+ return s;
+ }
+
+ x = (FLOWDESC *) buf;
+ start_ts = NTOHLL(x->start_ts);
+ last_ts = NTOHLL(x->last_ts);
+
+ start_sec = TS2SEC(start_ts);
+ start_usec = TS2USEC(x->start_ts);
+ duration_sec = TS2SEC(last_ts - start_ts);
+ duration_usec = TS2USEC(last_ts - start_ts);
+
+ /* get IP addresses */
+ saddr.s_addr = N32(x->src_ip) & htonl(config->mask);
+ daddr.s_addr = N32(x->dst_ip) & htonl(config->mask);
+ sprintf(src, "%s", inet_ntoa(saddr));
+ sprintf(dst, "%s", inet_ntoa(daddr));
+
+ if (fmt == plainfmt) {
+ *len = sprintf(s, fmt, start_sec, start_usec,
+ duration_sec, duration_usec, x->proto,
+ src, (uint) H16(x->src_port),
+ dst, (uint) H16(x->dst_port),
+ NTOHLL(x->bytes) * ntohs(x->sampling),
+ NTOHLL(x->pkts) * ntohs(x->sampling));
+ } else {
+ char datestr[30];
+ struct tm * timeptr;
+ time_t t = (time_t) start_sec;
+
+ timeptr = gmtime(&t);
+ strftime(datestr, sizeof(datestr), "%b %e %Y %T", timeptr);
+
+ *len = sprintf(s, fmt,
+ datestr, start_usec, duration_sec, duration_usec,
+ getprotoname(x->proto),
+ src, (uint) H16(x->src_port),
+ dst, (uint) H16(x->dst_port),
+ NTOHLL(x->bytes) * ntohs(x->sampling),
+ NTOHLL(x->pkts) * ntohs(x->sampling));
+ }
+ return s;
+};
+
+
+static int
+replay(void * self, char *buf, char *out, size_t * len, int pleft)
+{
+ CONFIGDESC * config = CONFIG(self);
+ FLOWDESC * x;
+ timestamp_t pkt_ts, inter_ts;
+ uint32_t pkt_duration;
+ size_t outlen;
+ uint64_t nbytes, npkts;
+ int pktsz, paysz;
+
+ if (buf == NULL) {
+ *len = 0;
+ return 0; /* nothing to do */
+ }
+
+ /*
+ * generate packets as long as we have space in the output
+ * buffer. the packets will all be equal with the same timestamps
+ * and a packet length equal to the average packet lengths.
+ */
+ x = (FLOWDESC *) buf;
+ nbytes = NTOHLL(x->bytes);
+ npkts = NTOHLL(x->pkts);
+
+ /* initialize packet left count */
+ if (pleft == 0)
+ pleft = npkts;
+
+ /* fill the output buffer */
+ outlen = 0;
+ paysz = sizeof(struct _como_nf) + sizeof(struct _como_iphdr) +
+ sizeof(struct _como_udphdr);
+ pktsz = sizeof(pkt_t) + paysz;
+ while (outlen + pktsz < *len && pleft > 0) {
+ pkt_t * pkt;
+ uint32_t plen;
+ int pcount;
+
+ pkt = (pkt_t *) (out + outlen);
+ pkt->payload = (char *) pkt + sizeof(pkt_t);
+
+#ifdef BUILD_FOR_ARM
+ COMOX(caplen, paysz);
+ COMOX(type, COMOTYPE_NF);
+ COMOX(l2type, LINKTYPE_NONE);
+ COMOX(l3type, ETHERTYPE_IP);
+ COMOX(l3ofs, sizeof(struct _como_nf));
+ COMOX(l4type, x->proto);
+ COMOX(l4ofs, COMO(l3ofs) + sizeof(struct _como_iphdr));
+ COMOX(l7ofs, COMO(l4ofs) + sizeof(struct _como_udphdr));
+
+ NFX(sampling, x->sampling);
+ IPX(version, 0x4);
+ IPX(ihl, 0x5);
+ IPX(proto, x->proto);
+ IPX(len, htons((uint16_t) COMO(len)));
+ IPX(src_ip, x->src_ip);
+ IPX(dst_ip, x->dst_ip);
+
+ UDP(src_port, x->src_port);
+ UDP(dst_port, x->dst_port);
+#else
+ COMO(caplen) = paysz;
+ COMO(type) = COMOTYPE_NF;
+ COMO(l2type) = LINKTYPE_NONE;
+ COMO(l3type) = ETHERTYPE_IP;
+ COMO(l3ofs) = sizeof(struct _como_nf);
+ COMO(l4type) = x->proto;
+ COMO(l4ofs) = COMO(l3ofs) + sizeof(struct _como_iphdr);
+ COMO(l7ofs) = COMO(l4ofs) + sizeof(struct _como_udphdr);
+
+ N16(NF(sampling)) = x->sampling;
+
+ IP(version) = 0x4;
+ IP(ihl) = 0x5;
+ IP(proto) = x->proto;
+ N16(IP(len)) = htons((uint16_t) COMO(len));
+ IP(src_ip) = x->src_ip;
+ IP(dst_ip) = x->dst_ip;
+
+ UDP(src_port) = x->src_port;
+ UDP(dst_port) = x->dst_port;
+#endif
+
+ pcount = 1;
+ plen = nbytes / npkts;
+ if (pleft == 1)
+ plen += nbytes % npkts;
+
+ if (config->compact && pleft != 1) {
+ /*
+ * in compact mode we need to make sure we generate a number
+ * of packets with the correct size taking into account that
+ * the first packet will always weigh more (i.e. NF(pktcount)).
+ * therefore we need n packets with size bytes/pkts and 1 last
+ * packet with size "bytes/pkts + bytes%pkts" to carry the
+ * leftovers.
+ *
+ */
+ pcount = pleft;
+ if (nbytes % npkts != 0)
+ pcount--;
+ }
+
+ inter_ts = NTOHLL(x->last_ts) - NTOHLL(x->start_ts);
+ inter_ts /= (uint64_t) npkts;
+ pkt_ts = NTOHLL(x->start_ts) + (npkts - pleft) * inter_ts;
+ pkt_duration = TS2SEC(inter_ts * (pcount - 1)) * 1000 +
+ TS2MSEC(inter_ts * (pcount - 1));
+
+#ifdef BUILD_FOR_ARM
+ COMOX(ts, pkt_ts);
+ COMOX(len, plen);
+ NFX(pktcount, htonl(pcount));
+ NFX(duration, htonl(pduration));
+#else
+ COMO(ts) = pkt_ts;
+ COMO(len) = plen;
+ N32(NF(pktcount)) = htonl(pcount);
+ N32(NF(duration)) = htonl(pkt_duration);
+#endif
+
+ pleft -= pcount;
+ outlen += pktsz;
+ }
+
+ *len = outlen;
+ return pleft;
+}
+
+MODULE(tuple) = {
+ ca_recordsize: sizeof(FLOWDESC),
+ ex_recordsize: sizeof(FLOWDESC),
+ st_recordsize: sizeof(FLOWDESC),
+ capabilities: {has_flexible_flush: 0, 0},
+ init: init,
+ check: NULL,
+ hash: hash,
+ match: match,
+ update: update,
+ flush: NULL,
+ ematch: ematch,
+ export: export,
+ compare: compare,
+ action: action,
+ store: store,
+ load: load,
+ print: print,
+ replay: replay,
+ formats: "plain pretty html"
+};
Modified: src/trunk/modules/ssid.c
===================================================================
--- src/trunk/modules/ssid.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/ssid.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -211,9 +211,10 @@
#define PRETTYHDR \
"Date Signal (dbm) Noise (dbm) Channel \
Samples WEP MAC SSID\n"
-#define PRETTYFMT "%.24s %-15d %-15d %-10d %-10d %-5s %s %-32s\n"
-#define PLAINFMT "%12ld %1d %2d %2d %2d %2d\n"
+static char prettyfmt[] = "%.24s %-15d %-15d %-10d %-10d %-5s %s %-32s\n";
+static char plainfmt[] = "%12ld %1d %2d %2d %2d %2d\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -232,13 +233,13 @@
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
return s;
}
}
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
return s;
}
@@ -255,7 +256,7 @@
noise = (int32_t)ntohl(x->noise) / x->samples;
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
char * wepmode = x->wepmode? "Y": "N";
char bssid[64];
Modified: src/trunk/modules/superaddr.c
===================================================================
--- src/trunk/modules/superaddr.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/superaddr.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -372,12 +372,7 @@
#define PRETTY_HDR_DST_SRCS \
"\tTimestamp\t\t\t\tDestination IP\t\t\t\t#Sources\n"
-#define PRETTY_FMT \
- "\t%u\t\t\t\t%s\t\t\t\t%u\n"
-#define PLAIN_FMT \
- "\t%u\t\t\t\t%s\t\t\t\t%u\n"
-
#define HTML_HDR \
"<html>\n" \
"<head>\n" \
@@ -415,11 +410,6 @@
"</table>\n" \
"</body></html>\n"
-#define HTML_FMT \
- "<tr><td>%d</td>" \
-"<td>%s</td>" \
-"<td>%u</td></tr>\n"
-
#define HTML_FMT2 \
"<tr><tr><td><br></td></tr>" \
"<td>%d</td>" \
@@ -439,8 +429,6 @@
"set format x \"%%H:%%M\";" \
"plot \"-\" using 1:2 with lines lt 4\n"
-#define GNUPLOT_FMT "%u %u\n"
-
#define GNUPLOT_FOOTER "e\n"
#define SIDEBOX_TITLE \
@@ -451,6 +439,10 @@
" <td>%s</td>\n" \
" </tr>\n"
+static char prettyfmt[] = "\t%u\t\t\t\t%s\t\t\t\t%u\n";
+static char plainfmt[] = "\t%u\t\t\t\t%s\t\t\t\t%u\n";
+static char gnuplotfmt[] = "%u %u\n";
+static char htmlfmt[] = "<tr><td>%d</td><td>%s</td><td>%u</td></tr>\n";
/*
* -- print
@@ -488,28 +480,28 @@
else
*len = sprintf(s, PRETTY_HDR_SRC_DSTS);
- fmt = PRETTY_FMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAIN_FMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTML_HDR);
*len += sprintf(s + *len, HTML_TITLE, what1[config->use_dst],
what2[config->use_dst],
what3[config->use_dst]);
- fmt = HTML_FMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=gnuplot")) {
*len = sprintf(s, GNUPLOT_HDR, what3[config->use_dst]);
- fmt = GNUPLOT_FMT;
+ fmt = gnuplotfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTML_HDR);
*len += sprintf(s + *len, SIDEBOX_TITLE,
what2[config->use_dst],
what3[config->use_dst]);
- fmt = HTML_FMT;
+ fmt = htmlfmt;
}
}
count = 0; /* reset count */
@@ -519,9 +511,9 @@
/* last call of print */
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTML_FMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTML_FOOTER);
- if (fmt == GNUPLOT_FMT)
+ if (fmt == gnuplotfmt)
*len = sprintf(s, GNUPLOT_FOOTER);
count = 0; /* reset count */
last_ts = 0; /* reset timestamp */
@@ -549,11 +541,11 @@
count++;
super_addrs++;
- if (fmt == PLAIN_FMT)
+ if (fmt == plainfmt)
*len = sprintf(s, fmt, ts, inet_ntoa(addr), meter);
- else if (fmt == PRETTY_FMT)
+ else if (fmt == prettyfmt)
*len = sprintf(s, fmt, ts, inet_ntoa(addr), meter);
- else if (fmt == HTML_FMT) {
+ else if (fmt == htmlfmt) {
if (count == 1)
*len = sprintf(s, HTML_FMT2, count, inet_ntoa(addr), meter);
else
Modified: src/trunk/modules/topaddr.c
===================================================================
--- src/trunk/modules/topaddr.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/topaddr.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -255,10 +255,6 @@
#define PRETTYHDR \
"Date %-15s Bytes Packets \n"
-#define PRETTYFMT "%.24s %d %15s %10llu %8u\n"
-
-#define PLAINFMT "%12u %d %15s %10llu %8u\n"
-
#define HTMLHDR \
"<html>\n" \
"<head>\n" \
@@ -297,10 +293,6 @@
"</table>\n" \
"</body></html>\n"
-#define HTMLFMT \
- "<tr><td>%d</td><td><a href=%s target=_new>%15s</a></td>" \
- "<td>%.2f%c</td><td>%.2f%c</td></tr>\n"
-
#define SIDEBOXTITLE \
"<table class=netview>\n" \
" <tr class=nvtitle>\n" \
@@ -310,6 +302,12 @@
" <td>pps</td>\n" \
" </tr>\n"
+static char prettyfmt[] = "%.24s %d %15s %10llu %8u\n";
+static char plainfmt[] = "%12u %d %15s %10llu %8u\n";
+static char htmlfmt[] =
+ "<tr><td>%d</td><td><a href=%s target=_new>%15s</a></td>"
+ "<td>%.2f%c</td><td>%.2f%c</td></tr>\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -332,22 +330,22 @@
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR, what[config->use_dst]);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, HTMLTITLE, config->topn,
what[config->use_dst]);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, SIDEBOXTITLE);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strncmp(args[n], "url=", 4)) {
url = args[n] + 4;
} else if (!strncmp(args[n], "urlargs=", 8)) {
@@ -371,7 +369,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTMLFOOTER);
count = 0; /* reset count */
last_ts = 0; /* reset timestamp */
@@ -389,10 +387,10 @@
addr.s_addr = x->addr & htonl(config->mask);
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&ts)), count, inet_ntoa(addr),
NTOHLL(x->bytes), ntohl(x->pkts));
- } else if (fmt == HTMLFMT) {
+ } else if (fmt == htmlfmt) {
float bps, pps;
char bunit = ' ';
char punit = ' ';
Modified: src/trunk/modules/tophwaddr.c
===================================================================
--- src/trunk/modules/tophwaddr.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/tophwaddr.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -261,10 +261,6 @@
#define PRETTYHDR \
"Date %-15s Bytes Packets \n"
-#define PRETTYFMT "%.24s %d %15s %10llu %8u\n"
-
-#define PLAINFMT "%12u %d %15s %10llu %8u\n"
-
#define HTMLHDR \
"<html>\n" \
"<head>\n" \
@@ -303,10 +299,6 @@
"</table>\n" \
"</body></html>\n"
-#define HTMLFMT \
- "<tr><td>%d</td><td><a href=%s target=_new>%15s</a></td>" \
- "<td>%.2f%c</td><td>%.2f%c</td></tr>\n"
-
#define SIDEBOXTITLE \
"<table class=netview>\n" \
" <tr class=nvtitle>\n" \
@@ -316,6 +308,13 @@
" <td>pps</td>\n" \
" </tr>\n"
+static char prettyfmt[] = "%.24s %d %15s %10llu %8u\n";
+static char plainfmt[] = "%12u %d %15s %10llu %8u\n";
+static char htmlfmt[] =
+ "<tr><td>%d</td><td><a href=%s target=_new>%15s</a></td>"
+ "<td>%.2f%c</td><td>%.2f%c</td></tr>\n";
+
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -337,22 +336,22 @@
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR, what[config->use_dst]);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, HTMLTITLE, config->topn,
what[config->use_dst]);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, SIDEBOXTITLE);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strncmp(args[n], "url=", 4)) {
url = args[n] + 4;
} else if (!strncmp(args[n], "urlargs=", 8)) {
@@ -376,7 +375,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTMLFOOTER);
count = 0; /* reset count */
last_ts = 0; /* reset timestamp */
@@ -392,11 +391,11 @@
last_ts = ts;
count++;
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&ts)), count,
ether_ntoa((struct ether_addr *) &x->addr),
NTOHLL(x->bytes), ntohl(x->pkts));
- } else if (fmt == HTMLFMT) {
+ } else if (fmt == htmlfmt) {
float bps, pps;
char bunit = ' ';
char punit = ' ';
Modified: src/trunk/modules/topports.c
===================================================================
--- src/trunk/modules/topports.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/topports.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -327,10 +327,6 @@
#define PRETTYHDR \
"Date Port Name Bytes Packets \n"
-#define PRETTYFMT "%.24s %5u/%s %s %10llu %8u\n"
-
-#define PLAINFMT "%u %u %s %s %llu %u\n"
-
#define HTMLHDR \
"<html>\n" \
"<head>\n" \
@@ -375,8 +371,10 @@
"</table>\n" \
"</body></html>\n"
-#define HTMLFMT \
- "<tr><td>%d</td><td>%5u/%s</td><td>%s</td><td>%.2f</td></tr>\n"
+static char prettyfmt[] = "%.24s %5u/%s %s %10llu %8u\n";
+static char plainfmt[] = "%u %u %s %s %llu %u\n";
+static char htmlfmt[] =
+ "<tr><td>%d</td><td>%5u/%s</td><td>%s</td><td>%.2f</td></tr>\n";
static char *
print(void * self, char *buf, size_t *len, char * const args[])
@@ -397,22 +395,22 @@
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
pn = 1;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, HTMLTITLE, config->topn);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, SIDEBOXHDR);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
}
}
@@ -421,7 +419,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTMLFOOTER);
return s;
}
@@ -439,10 +437,10 @@
name = "Unknown";
/* read each field of the record */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&ts)),
port, getprotoname(proto), name, bytes, pkts);
- } else if (fmt == HTMLFMT) {
+ } else if (fmt == htmlfmt) {
float mbps = ((float) bytes * 8 / (float) config->meas_ivl) / 1000000;
*len = sprintf(s, fmt, pn, port, getprotoname(proto), name, mbps);
pn++;
Modified: src/trunk/modules/traffic.c
===================================================================
--- src/trunk/modules/traffic.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/traffic.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -153,11 +153,6 @@
#define PRETTYHDR \
"Date Timestamp Input Output\n"
-#define PRETTYFMT "%.24s %12d.%06d %8llu %8u\n"
-#define PLAINFMT "%12ld %16llu %12llu %12u\n"
-
-#define GNUPLOTFMT "%ld %u %u\n"
-
#define GNUPLOTHDR \
"set terminal postscript eps color solid lw 1 \"Helvetica\" 14;" \
"set grid;" \
@@ -174,6 +169,10 @@
#define GNUPLOTFOOTER "e\n"
+static char prettyfmt[] = "%.24s %12d.%06d %8llu %8u\n";
+static char plainfmt[] = "%12ld %16llu %12llu %12u\n";
+static char gnuplotfmt[] = "%ld %u %u\n";
+
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -192,15 +191,15 @@
if (buf == NULL && args != NULL) {
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=gnuplot")) {
- fmt = GNUPLOTFMT;
+ fmt = gnuplotfmt;
} else if (!strcmp(args[n], "use-bytes")) {
use_bytes = 1;
} else if (!strncmp(args[n], "granularity=", 10)) {
@@ -213,7 +212,7 @@
}
}
- if (fmt == GNUPLOTFMT) {
+ if (fmt == gnuplotfmt) {
*len = sprintf(s, GNUPLOTHDR, use_bytes? "Mbps" : "packets/sec");
}
@@ -222,7 +221,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == GNUPLOTFMT)
+ if (fmt == gnuplotfmt)
*len = sprintf(s, GNUPLOTFOOTER);
return s;
}
@@ -244,10 +243,10 @@
count[1] /= granularity;
/* print according to the requested format */
- if (fmt == PRETTYFMT) {
+ if (fmt == prettyfmt) {
*len = sprintf(s, fmt, asctime(localtime(&t)),
TS2SEC(ts), TS2USEC(ts), count[0], count[1]);
- } else if (fmt == GNUPLOTFMT) {
+ } else if (fmt == gnuplotfmt) {
if (use_bytes) {
float mbps_in = 8.0 * (float) count[0] / 1000000.0;
float mbps_out = 8.0 * (float) count[1] / 1000000.0;
Modified: src/trunk/modules/tuple.c
===================================================================
--- src/trunk/modules/tuple.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/tuple.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -341,7 +341,6 @@
return sizeof(FLOWDESC);
}
-#define PLAINFMT "%10u.%06d %3d.%06d %3d %15s %5u %15s %5u %8llu %8llu\n"
#define PRETTYHDR \
"Start " \
@@ -349,8 +348,6 @@
"Proto Source IP:Port Destination IP:Port " \
"Bytes Packets\n"
-#define PRETTYFMT "%s.%06d %3d.%06d %5s %15s %5u %15s %5u %8llu %8llu\n"
-
#define HTMLHDR \
"<html>\n" \
"<head>\n" \
@@ -390,12 +387,15 @@
"</table>\n" \
"</body></html>\n"
-#define HTMLFMT \
- "<tr><td>%s.%06d</td><td>%d.%06d</td><td>%s</td>" \
- "<td>%15s:%u</td><td>%15s:%u</td>" \
- "<td>%llu</td><td>%llu</td></tr>\n"
+static char plainfmt[] =
+ "%10u.%06d %3d.%06d %3d %15s %5u %15s %5u %8llu %8llu\n";
+static char prettyfmt[] =
+ "%s.%06d %3d.%06d %5s %15s %5u %15s %5u %8llu %8llu\n";
+static char htmlfmt[] =
+ "<tr><td>%s.%06d</td><td>%d.%06d</td><td>%s</td>"
+ "<td>%15s:%u</td><td>%15s:%u</td>"
+ "<td>%llu</td><td>%llu</td></tr>\n";
-
static char *
print(void * self, char *buf, size_t *len, char * const args[])
{
@@ -414,16 +414,16 @@
int n;
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
}
}
@@ -432,7 +432,7 @@
if (buf == NULL && args == NULL) {
*len = 0;
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTMLFOOTER);
return s;
}
@@ -452,7 +452,7 @@
sprintf(src, "%s", inet_ntoa(saddr));
sprintf(dst, "%s", inet_ntoa(daddr));
- if (fmt == PLAINFMT) {
+ if (fmt == plainfmt) {
*len = sprintf(s, fmt, start_sec, start_usec,
duration_sec, duration_usec, x->proto,
src, (uint) H16(x->src_port),
Modified: src/trunk/modules/unknown-ports.c
===================================================================
--- src/trunk/modules/unknown-ports.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/unknown-ports.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -305,9 +305,6 @@
#define PRETTYHDR \
"Date Port Name Bytes Packets \n"
-#define PRETTYFMT "%5u/%s %8u %5u%c %5u\n"
-#define PLAINFMT "%u/%s %u %u%c %u\n"
-
#define HTMLHDR \
"<html>\n" \
"<head>\n" \
@@ -346,8 +343,10 @@
"</table>\n" \
"</body></html>\n"
-#define HTMLFMT \
- "<tr><td>%u/%s</td><td>%u</td><td>%u%c</td><td>%u</td></tr>\n"
+static char prettyfmt[] = "%5u/%s %8u %5u%c %5u\n";
+static char plainfmt[] = "%u/%s %u %u%c %u\n";
+static char htmlfmt[] =
+ "<tr><td>%u/%s</td><td>%u</td><td>%u%c</td><td>%u</td></tr>\n";
static char *
print(void * self, char *buf, size_t *len, char * const args[])
@@ -368,22 +367,22 @@
/* by default, pretty print */
*len = sprintf(s, PRETTYHDR);
- fmt = PRETTYFMT;
+ fmt = prettyfmt;
/* first call of print, process the arguments and return */
for (n = 0; args[n]; n++) {
if (!strcmp(args[n], "format=plain")) {
*len = 0;
- fmt = PLAINFMT;
+ fmt = plainfmt;
} else if (!strcmp(args[n], "format=html")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, HTMLTITLE);
*len += sprintf(s + *len, SIDEBOXHDR);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
} else if (!strcmp(args[n], "format=sidebox")) {
*len = sprintf(s, HTMLHDR);
*len += sprintf(s + *len, SIDEBOXHDR);
- fmt = HTMLFMT;
+ fmt = htmlfmt;
}
}
@@ -391,7 +390,7 @@
}
if (buf == NULL && args == NULL) {
- if (fmt == HTMLFMT)
+ if (fmt == htmlfmt)
*len = sprintf(s, HTMLFOOTER);
return s;
}
@@ -414,9 +413,9 @@
unit = 'K';
}
- if (fmt == PRETTYFMT)
+ if (fmt == prettyfmt)
*len += sprintf(s + *len, "%.24s ", asctime(localtime(&ts)));
- else if (fmt == PLAINFMT)
+ else if (fmt == plainfmt)
*len += sprintf(s + *len, "%u ", (uint) ts);
*len += sprintf(s + *len, fmt, ntohs(tp[i].port),
Modified: src/trunk/modules/worm-signature.c
===================================================================
--- src/trunk/modules/worm-signature.c 2008-07-03 00:08:22 UTC (rev 1261)
+++ src/trunk/modules/worm-signature.c 2008-08-14 22:32:50 UTC (rev 1262)
@@ -557,7 +557,7 @@
int stored;
/* format for print callback */
- char * format;
+ int format;
/* total signatures */
int total_sig;
@@ -1370,10 +1370,10 @@
/* Print MACROS */
-#define DATAHEX "0"
-#define DATABIN "1"
-#define DATASNORT "2"
-#define GNUPLOTFMT "3"
+#define DATAHEX 0
+#define DATABIN 1
+#define DATASNORT 2
+#define GNUPLOTFMT 3
#define GNUPLOTHDR \
"set terminal postscript eps color solid lw 1 \"Helvetica\" 14;" \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
