Commit bbfc71d3 authored by 's avatar
Browse files

Update of abw_mysql_write_conf()


git-svn-id: file:///home/svn/mapi/trunk@389 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent c1ca3b14
......@@ -70,13 +70,6 @@ int main(int argc, char *argv[])
return -1;
}
/* Check if specified values are within acceptable limits */
if (check_conf(&global_spec)<0) {
fprintf(stderr, "%s: check_conf() failed\n", __func__);
exit(-1);
}
/* Remaining command-line arguments should form a header filter string */
if (!global_spec.conf_filename && !global_spec.conf_from_mysql) {
......@@ -108,6 +101,13 @@ int main(int argc, char *argv[])
}
}
/* Check if specified values are within acceptable limits */
if (check_conf(&global_spec)<0) {
fprintf(stderr, "%s: check_conf() failed\n", __func__);
exit(-1);
}
if (global_spec.conf_to_mysql) {
if (abw_mysql_write_conf(&global_spec)<0) {
fprintf(stderr, "%s: abw_mysql_write_conf() failed\n", __func__);
......@@ -164,11 +164,12 @@ int main(int argc, char *argv[])
}
/* Split string of protocols into individual protocols */
/* Moved to check_conf() */
if (split_protocols(p->protocols, p->protocols_array)<0) {
/* if (split_protocols(p->protocols, p->protocols_array)<0) {
fprintf(stderr, "%s: split_protocols() failed\n", __func__);
return -1;
}
} */
/* If we should do measurement, then create a MAPI flow for
each protocol, apply monitoring functions to it and connect to it */
......
......@@ -41,11 +41,11 @@ interface=eth0
[parameters]
id=1
header_filter=src net 195.113.0.0/16
# header_filter=src net 195.113.0.0/16
sau_mode=d
sau_threshold=2
# payload_string=virus
interval_sec=3
interval_sec=1
#interval_usec=100000
[parameters]
......
......@@ -121,6 +121,8 @@ typedef struct {
} global_spec_t;
int compstr(const void *str1, const void *str2);
flow_spec_t *new_flow_spec(void);
subject_t *new_subject(void);
......@@ -131,6 +133,8 @@ flow_run_t *new_flow_run(void);
int split_protocols(char *protocols, char *protocols_array[]);
int concat_protocols(char **protocols, char *protocols_array[]);
int protocol_filter(char *header_filter, char *protocol,
char **new_header_filter);
......
......@@ -6,6 +6,12 @@
#include "abw.h"
#include "abw_conf.h"
int compstr(const void *str1, const void *str2) {
char **p1 = (char **) str1;
char **p2 = (char **) str2;
return strcmp(*p1, *p2);
} /* compstr() */
flow_spec_t *new_flow_spec(void) {
flow_spec_t *p;
......@@ -136,9 +142,54 @@ int split_protocols(char *protocols, char *protocols_array[]) {
return -1;
}
return 0;
return j;
} /* split_protocols() */
int concat_protocols(char **protocols, char *protocols_array[]) {
int size;
int i;
char **chrchr;
/* Calculate number of characters of protocol string */
size=0;
chrchr=protocols_array;
i=0;
while (i<MAX_PROTOCOLS && *chrchr) {
size+=strlen(*chrchr);
chrchr++;
i++;
}
size+=i-1; /* add space for commas between protocols */
if (size>0) {
if ((*protocols=malloc(size+1))==NULL) {
fprintf(stderr, "%s: malloc() failed\n", __func__);
return -1;
}
memset(*protocols, 0, size+1);
/* Concatenate protocol string */
chrchr=protocols_array;
i=0;
while (i<MAX_PROTOCOLS && *chrchr) {
if (i)
strcat(*protocols, ",");
strcat(*protocols, *chrchr);
chrchr++;
i++;
}
}
/* If protocols_array was empty, make sure that protocol string is NULL */
else
*protocols=NULL;
return 0;
} /* concat_protocols() */
int protocol_filter(char *header_filter, char *protocol,
char **new_header_filter) {
......@@ -180,6 +231,7 @@ int protocol_filter(char *header_filter, char *protocol,
fprintf(stderr, "%s: malloc() failed\n", __func__);
return -1;
}
memset(*new_header_filter, 0, new_header_filter_length+1);
if (new_protocol)
strcpy(*new_header_filter, new_protocol);
......@@ -218,7 +270,7 @@ int get_local_hostname(char **hostname) {
strcat(buffer, buffer2);
}
else
fprintf(stderr, "%s: WARNING: could not obtain local domain name or local domain and local hostname are too long together, using local hostname (without domain name) as subject specification\n", __func__);
fprintf(stderr, "%s: WARNING: could not obtain local domain or local hostname and local domain are too long together, will use local hostname (without domain) as subject specification\n", __func__);
}
if ((*hostname=malloc(strlen(buffer)+1))==NULL) {
......
......@@ -254,6 +254,12 @@ int read_command_line(int argc, char *argv[], global_spec_t *global_spec) {
return -1;
}
/* If we do not specify any command-line arguments, use direct flow
with default subject and parameters */
if (argc==1)
direct_flow=1;
/* Connect direct subject and parameters to flow_spec */
if (direct_flow) {
......@@ -530,6 +536,7 @@ int check_conf(global_spec_t *global_spec) {
flow_spec_t *p, **pp;
subject_t *q, **qq;
parameters_t *r, **rr;
int protocols_no;
int i, j;
......@@ -684,8 +691,38 @@ int check_conf(global_spec_t *global_spec) {
return -1;
}
if (!(p->protocols) || !strlen(p->protocols))
p->protocols="all";
/* Split protocol string into individual protocols. If protocol string
is NULL or empty, then protocols_no will be zero and protocols_array
will be untouched (remains zeroed from new_flow_spec() ). */
if ((protocols_no=split_protocols(p->protocols, p->protocols_array))<0) {
fprintf(stderr, "%s: split_protocols() failed\n", __func__);
return -1;
}
/* Sort individual protocols alphabetically, does nothing when
protocols_no is zero. */
qsort(p->protocols_array, protocols_no, (size_t)sizeof(char *), compstr);
/* Replace protocol strings with the sorted one. If protocols_array is
empty, then NULL protocol strings will be produced. */
if (p->protocols)
free(p->protocols);
if (concat_protocols(&(p->protocols), p->protocols_array)<0) {
fprintf(stderr, "%s: concat_protocols() failed\n", __func__);
return -1;
}
/* For consistency allocate memory dynamically. */
if (!(p->protocols) || !strlen(p->protocols)) {
if ((p->protocols=malloc(strlen("all")+1))==NULL) {
fprintf(stderr, "%s: malloc() failed\n", __func__);
return -1;
}
strcpy(p->protocols, "all");
}
/* Find subject and parameters for this flow_spec */
......
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#define __USE_XOPEN
#include <time.h>
#include <sys/time.h>
#include <math.h>
#include <mysql/mysql.h>
#include "../../mapi.h"
#include "../../stdlib/sample.h"
#include "abw.h"
#include "abw_mysql.h"
#include "abw_time.h"
#include "abw_conf.h"
global_spec_t global_spec;
flow_spec_t *flow_spec[MAX_FLOWS];
int main(int argc, char *argv[])
{
int i, j;
struct timeval tm;
struct timezone tz;
flow_spec_t **pp;
flow_spec_t *p;
flow_run_t *q;
struct timeval next, wait;
int subject_id, parameters_id;
if (get_local_hostname(&(global_spec.hostname))<0) {
fprintf(stderr, "%s: get_local_hostname() failed\n", __func__);
return -1;
}
/* Read MySQL database name, username and password from command line */
if (read_command_line_mysql(argc, argv, &global_spec)<0) {
fprintf(stderr, "%s: read_command_line_mysql() failed\n", __func__);
return -1;
}
/* Start MySQL connection */
if (abw_mysql_start(&global_spec)<0) {
fprintf(stderr, "%s: abw_start_mysql() failed\n", __func__);
return -1;
}
/* Read configuration from MySQL */
if (abw_mysql_read_conf(flow_spec)<0) {
fprintf(stderr, "%s: abw_mysql_read_conf() failed\n", __func__);
return -1;
}
/* Check if specified values are within acceptable limits */
if (check_conf(&global_spec, flow_spec)<0) {
fprintf(stderr, "%s: check_conf() failed\n", __func__);
exit(-1);
}
/* Print configuration */
print_conf(&global_spec, flow_spec);
/*
* Go over all specified flows and for each flow:
* - go over all its protocols and for each protocol:
* - create a MAPI flow
* - apply MAPI functions to this flow according to flow spec.
* - connect MAPI to this flow
*/
pp=flow_spec;
i=0;
while (i<MAX_FLOWS && *pp) {
p=*pp;
/* Split string of protocols into individual protocols */
if (split_protocols(p->protocols, p->protocols_array)<0) {
fprintf(stderr, "%s: split_protocols() failed\n", __func__);
return -1;
}
j=0;
while (j<MAX_PROTOCOLS && p->protocols_array[j]) {
printf("protocol: |%s|\n", p->protocols_array[j]);
if ((p->flow_run[j]=new_flow_run())==NULL) {
fprintf(stderr, "%s: new_flow_run() failed\n", __func__);
return -1;
}
q=p->flow_run[j];
/* Prepare header filter for this protocol */
if (p->protocols_array[j] && p->protocols_array[j][0]) {
if ((q->protocol=malloc(strlen(p->protocols_array[j])+1))==NULL) {
fprintf(stderr, "%s: malloc() failed\n", __func__);
return -1;
}
strcpy(q->protocol, p->protocols_array[j]);
if (protocol_filter(p->header_filter, q->protocol,
&(q->header_filter))<0) {
fprintf(stderr, "%s: protocols_filter() failed\n", __func__);
return -1;
}
}
else
q->header_filter=p->header_filter;
printf("p->header_filter: %s, q->protocol: %s, q->header_filter: %s\n", p->header_filter, q->protocol, q->header_filter);
if ((q->fd=mapi_create_flow(p->device))<0) {
fprintf(stderr, "%s: mapi_create_flow(%s) failed\n", __func__,
p->device);
return -1;
}
/* Note that BPF_FILTER uses compiled header filter string that
selects packets of the given protocol */
if (q->header_filter) {
if ((q->bpf_filter_fid=
mapi_apply_function(q->fd, "BPF_FILTER", q->header_filter))<0) {
fprintf(stderr, "%s: BPF_FILTER for flow %d failed\n",
__func__, i);
return -1;
}
}
if (p->sau_mode == 'd' && p->sau_packet_threshold != 1) {
if ((q->sample_fid=
mapi_apply_function(q->fd, "SAMPLE", p->sau_packet_threshold),
PERIODIC)<0) {
fprintf(stderr, "%s: SAMPLE for flow %d failed\n",
__func__, i);
return -1;
}
}
else if (p->sau_mode == 'p' && p->sau_pass_probability != 1) {
if ((q->sample_fid=
mapi_apply_function(q->fd, "SAMPLE",
(p->sau_pass_probability)*100),
PROBABILISTIC)<0) {
fprintf(stderr, "%s: SAMPLE for flow %d failed\n",
__func__, i);
return -1;
}
}
if (p->payload_strings[0]) {
if ((q->str_search_fid=
mapi_apply_function(q->fd, "STR_SEARCH", p->payload_strings[0],
0, 0))<0) {
fprintf(stderr, "%s: STR_SEARCH for flow %d failed\n",
__func__, i);
return -1;
}
}
if ((q->pkt_counter_fid=
mapi_apply_function(q->fd, "PKT_COUNTER"))<0) {
fprintf(stderr, "%s: PKT_COUNTER for flow %d failed\n", __func__,
i);
return -1;
}
if ((q->byte_counter_fid=
mapi_apply_function(q->fd, "BYTE_COUNTER"))<0) {
fprintf(stderr, "%s: BYTE_COUNTER for flow %d failed\n",
__func__, i);
return -1;
}
if (mapi_connect(q->fd)<0) {
fprintf(stderr, "%s: mapi_connect() for flow %d failed\n",
__func__, i);
return -1;
}
j++;
} /* while (j<MAX_PROTOCOLS && p->protocols_array[j]) */
pp++;
i++;
} /* while (i<MAX_FLOWS && *pp) */
while (1) {
if (gettimeofday(&tm, &tz)<0) {
fprintf(stderr, "%s: gettimeofday() failed\n", __func__);
exit(-1);
}
if (!global_spec.no_stdout)
printf("%u.%u", (unsigned int)(tm.tv_sec), (unsigned int)(tm.tv_usec));
pp=flow_spec;
i=0;
while (i<MAX_FLOWS && *pp) {
p=*pp;
j=0;
while (j<MAX_PROTOCOLS && (q=p->flow_run[j])) {
if ((q->pkt_counter=
mapi_read_results(q->fd, q->pkt_counter_fid))==NULL) {
fprintf(stderr, "%s: mapi_read_results() for flow %d failed\n",
__func__, i);
return -1;
}
if ((q->byte_counter=
mapi_read_results(q->fd, q->byte_counter_fid))==NULL) {
fprintf(stderr, "%s: mapi_read_results() for flow %d failed\n",
__func__, i);
return -1;
}
if (!global_spec.no_stdout) {
printf(" %u/%u", *(q->pkt_counter)-q->old_pkt_counter,
*(q->byte_counter)-q->old_byte_counter);
}
if (global_spec.db) {
if (abw_mysql_insert_value(&global_spec, p, q,
tm.tv_sec, tm.tv_usec,
"packets", NULL, NULL,
*(q->pkt_counter)-q->old_pkt_counter, 0, NULL)<0) {
fprintf(stderr, "%s: abw_mysql_insert() failed\n", __func__);
return -1;
}
if (abw_mysql_insert_value(&global_spec, p, q,
tm.tv_sec, tm.tv_usec,
"bytes", NULL, NULL,
*(q->byte_counter)-q->old_byte_counter, 0, NULL)<0) {
fprintf(stderr, "%s: abw_mysql_insert() failed\n", __func__);
return -1;
}
}
q->old_pkt_counter=*(q->pkt_counter);
q->old_byte_counter=*(q->byte_counter);
j++;
} /* while (j<MAX_PROTOCOLS && (q=p->flow_run[j])) */
pp++;
i++;
} /* while (i<MAX_FLOWS && *pp) */
if (!global_spec.no_stdout)
printf("\n");
/* TODO: wait until next checkpoint (not a fixed delay) of
the flow whose checkpoint is earliest */
abw_next_timestamp(&(flow_spec[0]->interval), &next, &wait);
/* printf("next.tv_sec: %d, next.tv_usec: %d, wait.tv_sec: %d, wait.tv_usec: %d\n", (int)(next.tv_sec), (int)(next.tv_usec), (int)(wait.tv_sec), (int)(wait.tv_usec)); */
usleep(wait.tv_sec * 1000000 + wait.tv_usec);
/* usleep((flow_spec[0]->interval)*1000000); */
} /* while (1) */
/* TODO: this is never reached, move to interrupt handler */
if (global_spec.db) {
mysql_close(global_spec.mysql);
mysql_library_end();
}
return 0;
} /* main() */
......@@ -670,6 +670,10 @@ int abw_mysql_write_conf(global_spec_t *global_spec) {
sprintf(query+strlen(query), " AND end_timestamp_sec = '%u'",
(unsigned int)(p->end_time_timestamp));
if (p->protocols)
sprintf(query+strlen(query), " AND protocols = '%s'",
p->protocols);
printf("%s: query: %s\n", __func__, query);
if (mysql_query(global_spec->mysql, query)) {
fprintf(stderr, "%s: mysql_query(%s) failed\n", __func__, query);
......@@ -693,17 +697,19 @@ int abw_mysql_write_conf(global_spec_t *global_spec) {
if (num==1) {
if (debug)
printf("%s: measurement subject, parameters and time period found in tMeasurement\n", __func__);
printf("%s: measurement found in tMeasurement\n", __func__);
}
else {
if (debug)
printf("%s: measurement subject, parameters and time period not found in tMeasurement\n", __func__);
printf("%s: measurement not found in tMeasurement\n", __func__);
sprintf(query, "INSERT INTO tMeasurement (subject_id, parameters_id%s%s) VALUES ('%d', '%d'", (p->start_time_timestamp)?", start_timestamp_sec":"", (p->end_time_timestamp)?", end_timestamp_sec":"", subject_id, parameters_id);
sprintf(query, "INSERT INTO tMeasurement (subject_id, parameters_id%s%s%s) VALUES ('%d', '%d'", (p->start_time_timestamp)?", start_timestamp_sec":"", (p->end_time_timestamp)?", end_timestamp_sec":"", (p->protocols)?", protocols":"", subject_id, parameters_id);
if (p->start_time_timestamp)
sprintf(query+strlen(query), ", '%u'", (unsigned int)(p->start_time_timestamp));
if (p->end_time_timestamp)
sprintf(query+strlen(query), ", '%u'", (unsigned int)(p->end_time_timestamp));
if (p->protocols)
sprintf(query+strlen(query), ", '%s'", p->protocols);
sprintf(query+strlen(query), ");");
printf("%s: query: %s\n", __func__, query);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment