Context Navigation

V9Header_mgmt.c @ 127

Revision 127, 6.8 KB (checked in by andreu, 12 years ago)
Change copyright timestamp - Some correction on WEB Section
Property svn:eol-style set to `native`

Rev	Line
[2]	1	/*
	2	* File: V9Header_mgmt.c
	3	*
[28]	4	* Authors: ANDREU Francois-Xavier
[2]	5	*
[127]	6	* Copyright (C) 2005-2010 GIP RENATER
[2]	7	*/
	8
	9	/ This file is part of renetcol.*
	10	*
	11	* renetcol is free software; you can redistribute it and/or modify
	12	* it under the terms of the GNU General Public License as published by
	13	* the Free Software Foundation; either version 2 of the License, or
	14	* (at your option) any later version.
	15	*
	16	* renetcol is distributed in the hope that it will be useful,
	17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	* GNU General Public License for more details.
	20	*
	21	* You should have received a copy of the GNU General Public License
	22	* along with renetcol; if not, write to the Free Software
	23	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	24	*/
	25
	26	#include "V9Header_mgmt.h"
	27
	28	/*
	29	* get NetFlow Header
	30	*/
	31	short
	32	getNetFlowHeader(DatagramPtr pcktPtr, unsigned char *buf,
	33	NetFlowV9HeaderPtr v9Ptr, unsigned short *offV9)
	34	{
	35	int correct;
	36	unsigned char buffer2[2];
	37	unsigned char buffer4[4];
	38	unsigned short offset = 28;
	39	unsigned short exportVersion;
	40
	41	*offV9 = 28;
	42	buffer2[1]= (buf+offset+0); (offV9)++;
	43	buffer2[0]= (buf+offset+1); (offV9)++;
	44	switch (exportVersion= ((unsigned* short*)&buffer2)) {
	45	case 1: / NETFLOW EXPORT VERSION 1/
	46	/ pcktPtr->entete_netflow->version = ((unsigned short)&buffer2); /
	47	buffer2[1]= *(buf+offset+2);
	48	buffer2[0]= *(buf+offset+3);
	49	/ pcktPtr->netflow_header->nombre_flows = ((unsigned short)&buffer2); /
	50	buffer4[3] = *(buf+offset+4)&0xff;
	51	buffer4[2] = *(buf+offset+5)&0xff;
	52	buffer4[1] = *(buf+offset+6)&0xff;
	53	buffer4[0] = *(buf+offset+7)&0xff;
	54	/ pcktPtr->netflow_header->duree_ms_depuis_boot_routeur = ((unsigned long)(&buffer4)); /
	55	buffer4[3] = *(buf+offset+8)&0xff;
	56	buffer4[2] = *(buf+offset+9)&0xff;
	57	buffer4[1] = *(buf+offset+10)&0xff;
	58	buffer4[0] = *(buf+offset+11)&0xff;
	59	/ pcktPtr->netflow_header->duree_s_depuis_UTC1970 = ((unsigned long)(&buffer4)); /
	60	buffer4[3] = *(buf+offset+12)&0xff;
	61	buffer4[2] = *(buf+offset+13)&0xff;
	62	buffer4[1] = *(buf+offset+14)&0xff;
	63	buffer4[0] = *(buf+offset+15)&0xff;
	64	/ pcktPtr->netflow_header->complement_ns_depuis_UTC1970 = ((unsigned long)(&buffer4)); /
	65	buffer4[3] = *(buf+offset+16)&0xff;
	66	buffer4[2] = *(buf+offset+17)&0xff;
	67	buffer4[1] = *(buf+offset+18)&0xff;
	68	buffer4[0] = *(buf+offset+19)&0xff;
	69	/ pcktPtr->netflow_header->total_flows_sequence = ((unsigned long)(&buffer4)); /
	70	/ pcktPtr->netflow_header->type_commutateur_flows = /
	71	/ (unsigned short)(buf+offset+20); /*
	72	/ pcktPtr->netflow_header->numero_slot_commutateur_flows = /
	73	/ (unsigned short)(buf+offset+21); /*
	74	buffer2[1] = *(buf+offset+22);
	75	buffer2[0] = *(buf+offset+23);
	76	/ pcktPtr->netflow_header->reserve = ((unsigned short)&buffer2); /
	77	correct = exportVersion;
	78	break;
	79	case 5: / NETFLOW EXPORT VERSION 5/
	80	/ pcktPtr->netflow_header->version = ((unsigned short)&buffer2); /
	81	buffer2[1]= *(buf+offset+2);
	82	buffer2[0]= *(buf+offset+3);
	83	/ pcktPtr->netflow_header->nombre_flows = ((unsigned short)&buffer2); /
	84	buffer4[3] = *(buf+offset+4)&0xff;
	85	buffer4[2] = *(buf+offset+5)&0xff;
	86	buffer4[1] = *(buf+offset+6)&0xff;
	87	buffer4[0] = *(buf+offset+7)&0xff;
	88	/ pcktPtr->netflow_header->duree_ms_depuis_boot_routeur = ((unsigned long)(&buffer4)); /
	89	buffer4[3] = *(buf+offset+8)&0xff;
	90	buffer4[2] = *(buf+offset+9)&0xff;
	91	buffer4[1] = *(buf+offset+10)&0xff;
	92	buffer4[0] = *(buf+offset+11)&0xff;
	93	/ pcktPtr->netflow_header->duree_s_depuis_UTC1970 = ((unsigned long)(&buffer4)); /
	94	buffer4[3] = *(buf+offset+12)&0xff;
	95	buffer4[2] = *(buf+offset+13)&0xff;
	96	buffer4[1] = *(buf+offset+14)&0xff;
	97	buffer4[0] = *(buf+offset+15)&0xff;
	98	/ pcktPtr->netflow_header->complement_ns_depuis_UTC1970 = ((unsigned long)(&buffer4)); /
	99	buffer4[3] = *(buf+offset+16)&0xff;
	100	buffer4[2] = *(buf+offset+17)&0xff;
	101	buffer4[1] = *(buf+offset+18)&0xff;
	102	buffer4[0] = *(buf+offset+19)&0xff;
	103	/ pcktPtr->netflow_header->total_flows_sequence = ((unsigned long)(&buffer4)); /
	104	/ pcktPtr->netflow_header->type_commutateur_flows = /
	105	/ (unsigned short)(buf+offset+20); /*
	106	/ pcktPtr->netflow_header->numero_slot_commutateur_flows = /
	107	/ (unsigned short)(buf+offset+21); /*
	108	buffer2[1] = *(buf+offset+22);
	109	buffer2[0] = *(buf+offset+23);
	110	/ pcktPtr->netflow_header->reserve = ((unsigned short)&buffer2); /
	111	correct = exportVersion;
	112	break;
	113	case 9: / NETFLOW EXPORT VERSION 9/
	114	v9Ptr->version = exportVersion;
	115	buffer2[1]= (buf+(offV9)); (*offV9)++;
	116	buffer2[0]= (buf+(offV9)); (*offV9)++;
	117	v9Ptr->count = ((unsigned* short*)&buffer2);
	118	buffer4[3] = (buf+(offV9)); (*offV9)++;
	119	buffer4[2] = (buf+(offV9)); (*offV9)++;
	120	buffer4[1] = (buf+(offV9)); (*offV9)++;
	121	buffer4[0] = (buf+(offV9)); (*offV9)++;
	122	v9Ptr->system_uptime = ((unsigned* long*)(&buffer4));
	123	buffer4[3] = (buf+(offV9)); (*offV9)++;
	124	buffer4[2] = (buf+(offV9)); (*offV9)++;
	125	buffer4[1] = (buf+(offV9)); (*offV9)++;
	126	buffer4[0] = (buf+(offV9)); (*offV9)++;
	127	v9Ptr->unix_seconds = ((unsigned* long*)(&buffer4));
	128	buffer4[3] = (buf+(offV9)); (*offV9)++;
	129	buffer4[2] = (buf+(offV9)); (*offV9)++;
	130	buffer4[1] = (buf+(offV9)); (*offV9)++;
	131	buffer4[0] = (buf+(offV9)); (*offV9)++;
	132	v9Ptr->package_sequence = ((unsigned* long*)(&buffer4));
	133	buffer4[3] = (buf+(offV9)); (*offV9)++;
	134	buffer4[2] = (buf+(offV9)); (*offV9)++;
	135	buffer4[1] = (buf+(offV9)); (*offV9)++;
	136	buffer4[0] = (buf+(offV9)); (*offV9)++;
	137	v9Ptr->sourceId = ((unsigned* long*)(&buffer4));
	138	correct = exportVersion;
	139	break;
	140	default:
	141	correct = 0;
	142	}
	143	return(correct);
	144	}
	145
	146
	147	/*
	148	* Few check on NetFlow Header
	149	*/
	150	short
	151	checkNetFlowHeader(DatagramPtr pcktPtr)
	152	{
	153	/ if ((pcktPtr->netflow_header->version != 5) /
	154	/ && (pcktPtr->netflow_header->version != 1)) /
	155	/ { /
	156	/ syslog(LOG_INFO,"Wrong netflow export version %u", /
	157	/ pcktPtr->netflow_header->version); /
	158	/ return(1); /
	159	/ } /
	160	/ if ((pcktPtr->netflow_header->nombre_flows <1) /
	161	/ \|\| (pcktPtr->netflow_header->nombre_flows > 30)) /
	162	/ { /
	163	/ return(1); /
	164	/ } /
	165	/ if (pcktPtr->ipH->length != 20+8+24+(pcktPtr->netflow_header->nombre_flows48)) /*
	166	/ { /
[8]	167	/ syslog(LOG_INFO,"IP length (%u), UDP length (%u) and netflow length (%u) differents", /
	168	/ pcktPtr->ipH->length,pcktPtr.entete_udp.longueur, /
	169	/ (pcktPtr->netflow_header->nombre_flows48)); /*
[2]	170	/ return(1); /
	171	/ } /
	172	return(0);
	173	}
	174
	175	/*
	176	* checkHeaderV9
	177	*/
	178	short
	179	checkHeaderV9()
	180	{
	181	return(0);
	182	}

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/src/V9Header_mgmt.c @ 127

Download in other formats: