root/trunk/src/renetcol.c @ 120

Revision 120, 29.8 KB (checked in by andreu, 12 years ago)

first monitoring web site

  • Property svn:eol-style set to native
Line 
1/*
2 * File: renetcol.c
3 *
4 * Authors: ANDREU Francois-Xavier
5 *
6 * Copyright (C) 2005 - 2009 GIP RENATER
7 */
8
9/*  This file is part of renetcol.
10 *
11 *  renetcol is free software; you can redistribute it and/or modify
12 *  it under the terms of the GNU General Public License as published by
13 *  the Free Software Foundation; either version 2 of the License, or
14 *  (at your option) any later version.
15 *
16 *  renetcol is distributed in the hope that it will be useful,
17 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
18 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19 *  GNU General Public License for more details.
20 *
21 *  You should have received a copy of the GNU General Public License
22 *  along with renetcol; if not, write to the Free Software
23 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
24 */
25
26#include "renetcol.h"
27
28struct MyPtrs myPtrs; /* defined in routers_mgmt.h */
29
30struct SHMForAgg *shmForAgg;
31
32unsigned short currentIPOutputFile = 0;    /* index on the current IP file */
33unsigned short currentMPLSOutputFile = 0;  /* index on the current MPLS file */
34char outputName[256];
35char cof_str[20];                          /* current ouput file name */
36FILE *fIP;                                 /* pointer on the IP output file */
37FILE *fMPLS;                              /* pointer on the MPLS output file */
38
39struct sigaction myAction; /* handler for renetcolSender communication */
40sigjmp_buf contextSigalrm; /* '' */
41volatile sig_atomic_t sigusr1Up = 0;
42/* struct sigaction myAction;  for timer not used in this version */
43
44unsigned short currentIntervalle = 0;        /* based on 5 min intervalles */ 
45
46unsigned short offsetV9 = 0;                 /* index in a neflow v9 packet */
47
48unsigned char buffer1;
49unsigned char buffer2[2];
50unsigned char buffer4[4];
51unsigned char buffer6[6];
52
53short currentFlowsetNumber;
54short currentFlowsetId;
55TplFlowSetPtr curTplFlSetPtr; /* current template flowset pointer */
56TplOptionPtr curTplOptionPtr;
57RouterPtr routersListPtr;
58NDEEnginePtr enginePtrTmp;
59
60unsigned long sortedRouterList[ROUTER_INDEX_MAX];
61unsigned long indexedRouterList[ROUTER_INDEX_MAX];
62int routerNb = 0;                                  /* routers number */
63
64key_t myKey = 0;
65int myQueue = 0;
66
67/* Next structure used as cache in rules reading */
68RuleDefPtr rulesAddress[FIELD_TYPE_NUMBER+1][MAX_RULES_PER_FIELD];
69
70int reInitConf = 0;
71
72static struct tm *tmPtr;
73
74extern int errno;
75static int inputSock;
76static int sockNamelg;
77static int inputSock2;
78static int sockNameFromlg;
79static int rcv;
80static int sockBufSize = SOCKET_BUFFER_SIZE;           
81/* static unsigned short flowNumber; */
82static unsigned short receptPort = RECEPTION_PORT;
83/* static unsigned char *ptr_buffer; */
84static char *receptAddress = RECEPTION_ADDRESS;
85static struct sockaddr_in name;
86static struct sockaddr_in name2;
87static struct sockaddr_in fromName;
88#ifdef READFROMFILE
89  char *myPcapFileName, errBuffer[PCAP_ERRBUF_SIZE];
90  pcap_t *myPcapHandle;
91#endif
92
93/*
94 * Main
95 * ----
96 */
97int 
98main (int argc, char *argv[])
99{
100  RulesPtr tmp = NULL;
101  int shmid;
102  key_t key;
103  int i,j;
104  int k;
105  unsigned short routerIndex = 0;
106
107#if defined(READFROMFILE)
108  if ( argc != 2) {
109    fprintf (stderr,
110             "%s: Usage: %s <pcap file>\n exp: %s /tmp/my_pcap_file.pcap\n",
111             argv[0], argv[0], argv[0]);
112    exit(1);
113  }
114  myPcapFileName = argv[1];
115  if ((myPcapHandle = pcap_open_offline(myPcapFileName, errBuffer)) == NULL) {
116    fprintf(stderr, "Couldn't open PCAP file %s: %s\n", myPcapFileName, errBuffer);
117    exit(1);
118  }
119#endif
120
121#if defined(IPV4AGGIDR)
122  fprintf(stderr, "renetcol compilation and execution with IPv4 Prefixes Aggregation feature enable based on routers ID in %s file.\n", ROUTERS_LIST);
123#endif
124
125#if defined(IPV4AGGIDSNMP)
126  fprintf(stderr, "renetcol compilation and execution with IPv4 Prefixes Aggregation feature enable based on SNMP ID in %s file.\n", INTERFACES_TYPE_LIST);
127#endif
128#if defined(IPV6AGGIDSNMP)
129  fprintf(stderr, "renetcol compilation and execution with IPv6 Prefixes Aggregation feature enable based on SNMP ID in %s file.\n", INTERFACES_TYPE_LIST);
130#endif
131#if defined(IPV6LINKAGG)
132  fprintf(stderr, "renetcol compilation and execution with IPv6 Links Aggregation.\n");
133#endif
134
135  openlog(argv[0], LOG_PID, LOG_USER);
136
137  initCache();
138  /* GET the list of routers who are available to send NDE to the collector */
139  if ( (routerNb = getRegisteredRouters(ROUTERS_LIST,
140                                        &sortedRouterList[0],
141                                        &indexedRouterList[0])) == -1) {
142    fprintf(stderr,
143            "ERROR in getRegisteredRouters from file %s\n",
144            ROUTERS_LIST);
145    exit(-1);
146  }
147  /* Create the list of routers */
148  for (routerIndex=0; routerIndex<routerNb; routerIndex++){
149    routersListPtr = addRouter(routersListPtr, sortedRouterList[routerIndex],routerIndex);
150  }
151 
152  /* Shared memory */
153  key = 8765;
154  if ((shmid = shmget(key, SHMSIZE, IPC_CREAT | 0666)) < 0) {
155    perror("shmget");
156    exit(1);
157  }
158  if ((shmForAgg = (struct SHMForAgg *)shmat(shmid, (void *)0, 0)) == (void *) -1) {
159    perror("shmat");
160    exit(1);
161  }
162
163  if ( (shmForAgg->v4PrefixNb =
164        getPrefixV4(SUBNETS_LIST,
165                    &(shmForAgg->prefixV4Tab[0][0]),
166                    &(shmForAgg->prefixV4SubnetTab[0][0]),
167                    &(shmForAgg->v4SubnetNb)
168                    )) < 1){
169    fprintf(stderr, "renetcol: Error in %s\n", SUBNETS_LIST);
170  } else {
171    fprintf(stderr, "We have found %hu supernets from %s\n",
172            shmForAgg->v4PrefixNb,
173            SUBNETS_LIST);
174    fprintf(stderr, "and %hu subnets\n",
175            shmForAgg->v4SubnetNb);   
176  }
177  if ( (shmForAgg->v4PrefixNb =
178        getPrefixV4(SUBNETS_LIST,
179                    &(shmForAgg->prefixV4Tab[1][0]),
180                    &(shmForAgg->prefixV4SubnetTab[1][0]),
181                    &(shmForAgg->v4SubnetNb)
182                    )) < 1){
183    fprintf(stderr, "renetcol: Error in %s\n", SUBNETS_LIST);
184    exit(1);
185  }
186#if defined(IPV6AGGIDSNMP)
187  if ( (shmForAgg->v6PrefixNb =
188        getPrefixV6(SUBNETS_V6_LIST,
189                    &(shmForAgg->prefixV6Tab[0][0])
190                    )) < 1){
191    fprintf(stderr, "renetcol: Error in %s\n", SUBNETS_V6_LIST);
192  } else {
193    fprintf(stderr, "We have found %hu IPv6 prefixes from %s\n",
194            shmForAgg->v6PrefixNb,
195            SUBNETS_V6_LIST);
196  }
197  if ( (shmForAgg->v6PrefixNb =
198        getPrefixV6(SUBNETS_V6_LIST,
199                    &(shmForAgg->prefixV6Tab[1][0])
200                    )) < 1){
201    fprintf(stderr, "renetcol: Error in %s\n", SUBNETS_V6_LIST);
202    exit(1);
203  }
204#endif
205
206/*   for (i=0; i<shmForAgg->v4PrefixNb; i++){ */
207/*    fprintf(stderr, "SUPERNET : %lu, %hu\n",shmForAgg->prefixV4Tab[0][i].beginning, shmForAgg->prefixV4Tab[0][i].hasSubnet); */
208/*   } */
209/*   for (i=0; i<shmForAgg->v4SubnetNb; i++){ */
210/*    fprintf(stderr, "SUBNET : %lu, %hu\n",shmForAgg->prefixV4SubnetTab[0][i].beginning, shmForAgg->prefixV4SubnetTab[0][i].hasSubnet); */
211/*   } */
212
213  shmForAgg->currentTable = 0;
214  shmForAgg->secondTable = 1;
215  shmForAgg->readed = 0;
216  /* get the rules */
217  myPtrs.rulesListPtr = NULL;
218  myPtrs.rulesListPtr = getRules(myPtrs.rulesListPtr, RULES_FILE);
219  tmp = myPtrs.rulesListPtr;
220 if (tmp!=NULL){
221   for ( ; tmp->next; tmp=tmp->next) {
222     if (tmp->type != 2) {
223       myPtrs.rulesListPtr = delRule(tmp, myPtrs.rulesListPtr);
224     }
225   }
226 }
227  tmp = NULL;
228#ifdef DEBUG
229  printRule(myPtrs.rulesListPtr);
230#endif
231
232#ifdef ASACC
233  /* get the AS list */
234  if ( (shmForAgg->ASNb = getAS(AS_LIST, &(shmForAgg->ASTab[0][0]))) < 1){
235    fprintf(stderr, "renetcol: Error in %s\n", AS_LIST);
236    exit(1);
237  } else {
238    fprintf(stderr, "%hu AS are readed from %s\n",
239            shmForAgg->ASNb,
240            AS_LIST);
241  }
242  if ( (shmForAgg->ASNb = getAS(AS_LIST, &(shmForAgg->ASTab[1][0]))) < 1){
243    fprintf(stderr, "renetcol: Error in %s\n", AS_LIST);
244    exit(1);
245  }
246#endif
247
248  /* the fork */
249  fprintf(stderr, "renetcol: I become a deamon, next messages via syslogd. Bye.\n");
250  if (fork () != 0)
251    exit (0);
252  if (setsid() == -1){
253    exit(4);
254  }
255  /* handler, SIGUSR1 from renetcolSender */
256  myAction.sa_handler = sigusr1Mgmt;
257  myAction.sa_flags = SA_RESTART;
258  sigemptyset (&(myAction.sa_mask));
259  sigaddset (&(myAction.sa_mask), SIGALRM);
260  sigaction (SIGUSR1, &myAction, NULL);
261
262  /* Cache for fast rules access */
263  setCache(myPtrs.rulesListPtr);
264  myPtrs.rulesAddressPtr = (RuleDefPtr *)rulesAddress;
265  /* IPC messages queue init */
266  myKey = createKey(argv[0]);
267  myQueue = createQueue(myKey);
268  sendMyPid(myQueue);
269  /* get SNMP index information */
270#ifdef IPV4AGGIDSNMP
271  k = getSNMPIndexList(INTERFACES_TYPE_LIST, routersListPtr);
272#endif
273  /* INIT THE CURRENTS VARIABLES*/
274  myPtrs.currentRouterPtr = routersListPtr;
275  myPtrs.currentHeaderV9Ptr = (NetFlowV9HeaderPtr)
276    malloc(sizeof(struct NetFlowV9Header));
277  myPtrs.offsetV9Ptr = &offsetV9;
278  myPtrs.currentFlowsetIdPtr = &currentFlowsetId;
279  myPtrs.pcktPtr = (DatagramPtr) malloc(sizeof(struct Datagram));
280  myPtrs.currentFlowsetNumberPtr = &currentFlowsetNumber;
281  myPtrs.currentMIB = shmForAgg->myMIB[shmForAgg->currentTable];
282  myPtrs.secondMIB = shmForAgg->myMIB[shmForAgg->secondTable];
283  if (initMIB(myPtrs.currentMIB)!=1) {
284    fprintf(stderr, "ERROR in MIB initialisation\n");
285    exit(1);}
286  if (initMIB(myPtrs.secondMIB)!=1) {
287    fprintf(stderr, "ERROR in second MIB initialisation\n");
288    exit(1);}
289#ifdef IPV4AGGIDR
290  myPtrs.routersID = &indexedRouterList;
291#endif
292  myPtrs.currentV4Tab = shmForAgg->prefixV4Tab[shmForAgg->currentTable];
293  myPtrs.secondV4Tab = shmForAgg->prefixV4Tab[shmForAgg->secondTable];
294#ifdef IPV6AGGIDSNMP
295  myPtrs.currentV6Tab = shmForAgg->prefixV6Tab[shmForAgg->currentTable];
296  myPtrs.secondV6Tab = shmForAgg->prefixV6Tab[shmForAgg->secondTable];
297#endif
298#ifdef IPV6LINKAGG
299  myPtrs.currentV6IndexTab = shmForAgg->indexV6Tab[shmForAgg->currentTable];
300  myPtrs.secondV6IndexTab = shmForAgg->indexV6Tab[shmForAgg->secondTable];
301#endif
302#ifdef ASACC
303  myPtrs.asNb = shmForAgg->ASNb;
304  myPtrs.currentASTab = shmForAgg->ASTab[shmForAgg->currentTable];
305  myPtrs.secondASTab = shmForAgg->ASTab[shmForAgg->secondTable];
306#endif
307#ifdef MATRIX
308  myPtrs.matrixPOP = &(shmForAgg->matrixPOP[shmForAgg->currentTable][0][0]);
309#endif
310
311  /* INIT MATRIX TABLES */
312#ifdef MATRIX
313  for (i=0; i<ROUTER_INDEX_MAX; i++){
314    for (j=0; j<ROUTER_INDEX_MAX; j++) {
315      shmForAgg->matrixPOP[0][i][j].bytesNb = 0;
316      shmForAgg->matrixPOP[0][i][j].pktsNb = 0;
317      shmForAgg->matrixPOP[0][i][j].flowNb = 0;
318      shmForAgg->matrixPOP[1][i][j].bytesNb = 0;
319      shmForAgg->matrixPOP[1][i][j].pktsNb = 0;
320      shmForAgg->matrixPOP[1][i][j].flowNb = 0;
321    }
322  }
323#endif
324  /* INIT IPV6 index TABLES */
325#ifdef IPV6LINKAGG
326  for (i=0; i<ROUTER_INDEX_MAX; i++){
327    for (j=0; j<MAX_INDEX_BY_ROUTER; j++) {
328      shmForAgg->indexV6Tab[0][i][j].routerIPAddress = 0;
329      shmForAgg->indexV6Tab[0][i][j].indexSNMP = 0;
330      shmForAgg->indexV6Tab[0][i][j].hasStats = 0;
331      shmForAgg->indexV6Tab[0][i][j].sampling = 0;
332      shmForAgg->indexV6Tab[0][i][j].bytesNbIN = 0;
333      shmForAgg->indexV6Tab[0][i][j].pktsNbIN = 0;
334      shmForAgg->indexV6Tab[0][i][j].flowNbIN = 0;
335      shmForAgg->indexV6Tab[0][i][j].bytesNbOUT = 0;
336      shmForAgg->indexV6Tab[0][i][j].pktsNbOUT = 0;
337      shmForAgg->indexV6Tab[0][i][j].flowNbOUT = 0;
338      shmForAgg->indexV6Tab[1][i][j].routerIPAddress = 0;
339      shmForAgg->indexV6Tab[1][i][j].indexSNMP = 0;
340      shmForAgg->indexV6Tab[1][i][j].hasStats = 0;
341      shmForAgg->indexV6Tab[1][i][j].sampling = 0;
342      shmForAgg->indexV6Tab[1][i][j].bytesNbIN = 0;
343      shmForAgg->indexV6Tab[1][i][j].pktsNbIN = 0;
344      shmForAgg->indexV6Tab[1][i][j].flowNbIN = 0;
345      shmForAgg->indexV6Tab[1][i][j].bytesNbOUT = 0;
346      shmForAgg->indexV6Tab[1][i][j].pktsNbOUT = 0;
347      shmForAgg->indexV6Tab[1][i][j].flowNbOUT = 0;
348    }
349  }
350#endif
351
352  /* Checkup */
353  if (myPtrs.pcktPtr==NULL) {
354    fprintf(stderr, "ERROR in struct Datagram allocation\n");
355    exit(1);
356  } else {
357    myPtrs.pcktPtr->ipH = (IpHeaderPtr) malloc(sizeof(struct IpHeader));
358    myPtrs.pcktPtr->udp_header = (UdpHeaderPtr) malloc(sizeof(struct UdpHeader));
359  }
360  if (! (myPtrs.ptr_buffer = malloc(sockBufSize))) 
361    {
362      printf("ERROR during socket buffer allocation\n");
363      exit(2);
364    }
365
366  /* INIT INPUT STREAM*/
367  initStream();
368
369  socketLoop(); /* all work on datagram is made here */
370
371  closelog();
372
373  fprintf(stderr, "END\n");
374
375  return (0);
376}
377
378/*
379 * send his PID to another program via IPC message queue
380 *
381 * @param queueID the IPC queue ident
382 *
383 */
384void 
385sendMyPid(int queueID)
386{
387  msgType myMsg;
388  char *msgTextIndex;
389  unsigned short tplMsgType = 12;
390  pid_t myPID;
391 
392  myPID = getpid();
393  msgTextIndex = mempcpy(mempcpy(myMsg.text,
394                                 &tplMsgType,
395                                 sizeof (unsigned short)
396                                 ),
397                         &myPID,
398                         sizeof(pid_t)
399                         );
400  myMsg.type = 1;
401  msgSend(queueID, myMsg);
402}
403
404/*
405 * Send the "read rules list" message to another program
406 *
407 * @param queueID the IPC queue ident
408 *
409 */
410void sendReadRulesSignal(int queueID)
411{
412  msgType myMsg;
413  char *msgTextIndex;
414  unsigned short tplMsgType = 13;
415 
416  msgTextIndex = mempcpy(myMsg.text,
417                         &tplMsgType,
418                         sizeof (unsigned short)
419                         );
420  myMsg.type = 1;
421  msgSend(queueID, myMsg);
422}
423
424/*
425 *
426 */
427void 
428sigusr1Mgmt(int num)
429{
430  sigusr1Up = 1;
431}
432
433/*
434 * init the rule structure
435 */
436void 
437initRule()
438{
439  RulesPtr tmp = NULL;
440  initCache();
441  tmp = myPtrs.rulesListPtr;
442  for ( ; tmp; tmp=tmp->next) {
443    myPtrs.rulesListPtr = delRule(tmp, myPtrs.rulesListPtr);
444  }
445  myPtrs.rulesListPtr = NULL;
446  myPtrs.rulesListPtr = getRules(myPtrs.rulesListPtr, RULES_FILE);
447  tmp = myPtrs.rulesListPtr;
448  for ( ; tmp; tmp=tmp->next) {
449    if (tmp->type != 2) {
450      myPtrs.rulesListPtr = delRule(tmp, myPtrs.rulesListPtr);
451    }
452  }
453  tmp = NULL;
454  initCache();
455  setCache(myPtrs.rulesListPtr);
456  sendReadRulesSignal(myQueue);
457#ifdef DEBUG
458  printRule(myPtrs.rulesListPtr);
459#endif
460}
461
462/*
463 * init cache table
464 */
465void
466initCache()
467{
468  int i,j;
469  for (i=0; i<FIELD_TYPE_NUMBER+1; i++){
470    for (j=0; j<MAX_RULES_PER_FIELD; j++){
471      rulesAddress[i][j] = NULL;
472    }
473  }
474}
475
476/*
477 * setCache()
478 */
479void
480setCache(RulesPtr rPtr)
481{
482  int i=0;
483  RulesPtr tmp = rPtr;
484  RuleDefPtr def = NULL;
485
486#ifdef DEBUG
487  fprintf(stderr,"Cache for Rules: \n");
488#endif 
489  while (tmp) {
490    def = tmp->def;
491    while (def) {
492      i = 0;
493      while (rulesAddress[def->fieldType][i] != NULL){
494        i++;
495      }
496      rulesAddress[def->fieldType][i] = def;
497#ifdef DEBUG
498      fprintf(stderr,"%d: %d \n", def->fieldType, i);
499#endif     
500      def = def->next;
501    }
502#ifdef DEBUG
503    fprintf(stderr,"\n");
504#endif     
505    tmp = tmp->next;
506  }
507#ifdef DEBUG
508  fprintf(stderr,"Cache for Rules: OK");
509#endif 
510}
511
512/*
513 * initStream()
514 *
515 * Stream can be a file (pcap format) or a socket
516 */
517void 
518initStream()
519{
520  static unsigned short n0, n1, n2, n3;
521
522#ifdef READFROMFILE
523  initFile();
524#else
525  initSocket();
526  if (sscanf(receptAddress,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3)==0) {
527    perror("sscanf");
528  }             
529  buffer4[0] = (unsigned char)n3;
530  buffer4[1] = (unsigned char)n2;
531  buffer4[2] = (unsigned char)n1;
532  buffer4[3] = (unsigned char)n0;
533#endif
534}
535
536/*
537 * socketLoop()
538 */
539int 
540socketLoop()
541{
542  short shift;
543  short version = 0;
544  int regRouter = 0;
545  time_t now = time((time_t *)NULL);
546  int loopNb = 0;
547  int gardeFou = 0;
548  time_t lastIPOutput, lastMPLSOutput;
549  RouterPtr tmp = routersListPtr; 
550  int dd = 0;
551  FILE *TPLFILE;
552
553  now = time((time_t *)NULL);
554  tmPtr = localtime(&now);
555  currentIntervalle = tmPtr->tm_min;
556  lastMPLSOutput = now;
557  lastIPOutput = now;
558  do {
559#ifdef DEBUG   
560    fprintf (stderr, "[");
561#endif
562    if ( ((tmPtr->tm_min)%STEP == 0) && (currentIntervalle != tmPtr->tm_min)){
563      currentIntervalle = tmPtr->tm_min;
564      if (shmForAgg->currentTable == 0) {
565        shmForAgg->currentTable = 1;
566        shmForAgg->secondTable = 0;
567      }else{
568        shmForAgg->currentTable = 0;
569        shmForAgg->secondTable = 1;
570      }
571      shmForAgg->readed = 1;
572      myPtrs.currentMIB = shmForAgg->myMIB[shmForAgg->currentTable];
573      myPtrs.secondMIB = shmForAgg->myMIB[shmForAgg->secondTable];
574#ifdef ASACC
575      myPtrs.currentASTab = shmForAgg->ASTab[shmForAgg->currentTable];
576#endif
577#ifdef MATRIX
578      myPtrs.matrixPOP = &(shmForAgg->matrixPOP[shmForAgg->currentTable][0][0]);
579#endif
580#ifdef IPV6LINKAGG
581      myPtrs.currentV6IndexTab = &(shmForAgg->indexV6Tab[shmForAgg->currentTable][0][0]);
582      myPtrs.secondV6IndexTab = &(shmForAgg->indexV6Tab[shmForAgg->secondTable][0][0]);
583      /* FIXME : to delete : */
584      if (!(TPLFILE = fopen("/tmp/IPV6LINKAGG.txt", "w"))) {
585        syslog (LOG_ERR, "error during %s opening", "/tmp/IPV6LINKAGG.txt");
586      }
587      tmp = routersListPtr;
588      for (; tmp; tmp=tmp->next) {
589        for (dd=0;dd<MAX_INDEX_BY_ROUTER;dd++) {
590          if ( tmp->snmpIndexType[dd] != 2) {
591            fprintf(TPLFILE,
592                    "router: %lu.%lu.%lu.%lu dd: %hu , indexSNMP : %hu , type : %hu ,total bytes IN : %llu, OUT : %llu\n",
593                    (tmp->IpAddress>>24),
594                    (tmp->IpAddress<<8>>24),
595                    (tmp->IpAddress<<16>>24),
596                    (tmp->IpAddress<<24>>24),
597                    dd,
598                    tmp->snmpIndexID[dd],
599                    tmp->snmpIndexType[dd],
600                    ((struct IndexV6 *)((myPtrs.secondV6IndexTab)
601                                        +((tmp->ID)*MAX_INDEX_BY_ROUTER)
602                                        +(tmp->snmpIndexID[dd])))->bytesNbIN,
603                    ((struct IndexV6 *)((myPtrs.secondV6IndexTab)
604                                        +((tmp->ID)*MAX_INDEX_BY_ROUTER)
605                                        +(tmp->snmpIndexID[dd])))->bytesNbOUT
606                    );
607          }
608        }
609      }
610      fclose(TPLFILE); /* <-- */
611#endif
612    }
613    if (sigusr1Up == 1){
614      sigusr1Up = 0;
615      initRule();
616    }
617#ifdef READFROMFILE
618    fileReading();
619#else
620    socketReading();
621#endif
622    getIpHeader(myPtrs.pcktPtr, myPtrs.ptr_buffer);
623    regRouter = checkIpHeader(myPtrs.pcktPtr, &sortedRouterList[0], routerNb);
624    myPtrs.currentMIB->ipPacketNb += 1;
625    getUdpHeader(myPtrs.pcktPtr, myPtrs.ptr_buffer);
626    if ( checkUdpHeader(myPtrs.pcktPtr, regRouter, receptPort) == 1 ){
627      continue;
628    }
629    myPtrs.currentMIB->udpPacketNb += 1;
630    switch( version =
631            getNetFlowHeader(myPtrs.pcktPtr, myPtrs.ptr_buffer,
632                             myPtrs.currentHeaderV9Ptr, myPtrs.offsetV9Ptr)){
633    case 9:
634#ifdef DEBUG
635      fprintf (stderr, ", %d %hu %lu ,",
636               myPtrs.currentHeaderV9Ptr->version,
637               myPtrs.currentHeaderV9Ptr->count,
638               myPtrs.currentHeaderV9Ptr->package_sequence);
639#endif
640      myPtrs.currentMIB->v9PacketNb += 1;
641      myPtrs.currentMIB->flowNb += myPtrs.currentHeaderV9Ptr->count;
642      if ((myPtrs.currentRouterPtr=notExistRouter(routersListPtr,
643                                                  myPtrs.pcktPtr->ipH->srcAdd))==NULL) {
644        myPtrs.currentRouterPtr = routersListPtr;
645      }
646      if ((enginePtrTmp = existEngId(myPtrs.currentRouterPtr,myPtrs.currentHeaderV9Ptr->sourceId))==NULL) {
647        /* add new engineID */
648        enginePtrTmp = newRouterEngineList();
649        enginePtrTmp->next = myPtrs.currentRouterPtr->engineList;
650        if (myPtrs.currentRouterPtr->engineList!=NULL) {
651          myPtrs.currentRouterPtr->engineList->prev=enginePtrTmp;}
652        myPtrs.currentRouterPtr->engineList = enginePtrTmp;
653        enginePtrTmp->engineId = myPtrs.currentHeaderV9Ptr->sourceId;
654        enginePtrTmp->package_sequence = myPtrs.currentHeaderV9Ptr->package_sequence;
655      } else {
656        enginePtrTmp->engineId = myPtrs.currentHeaderV9Ptr->sourceId;
657        if (enginePtrTmp->package_sequence != (myPtrs.currentHeaderV9Ptr->package_sequence-1)) {
658          myPtrs.currentMIB->v9UnSeqNb += 1;
659        }
660        enginePtrTmp->package_sequence = myPtrs.currentHeaderV9Ptr->package_sequence;
661      }
662      currentFlowsetNumber = 0;
663      shift = 0;
664      gardeFou=0;
665      while ((currentFlowsetNumber < myPtrs.currentHeaderV9Ptr->count)
666             && (shift+48 < myPtrs.pcktPtr->udp_header->length)) {
667        gardeFou++;
668        curTplFlSetPtr = NULL;
669        currentFlowsetId=getFlowsetId(currentFlowsetNumber,
670                                      myPtrs.offsetV9Ptr, myPtrs.ptr_buffer);
671        myPtrs.currentMIB->flowSetNb += 1;
672        if ( currentFlowsetId == 0 ) {
673          if ( (shift = checkTemplateFlowSet(shift, myPtrs.currentRouterPtr,
674                                             myPtrs.currentMIB,
675                                             myPtrs.offsetV9Ptr,
676                                             myPtrs.ptr_buffer,
677                                             myPtrs.currentHeaderV9Ptr,
678                                             curTplFlSetPtr,
679                                             myPtrs.currentFlowsetNumberPtr,
680                                             myQueue)) < 0 ) {
681#ifdef DEBUG
682            fprintf (stderr, "w> ");
683#endif
684            currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1;
685          }
686          /* writeAllTplFlSet(); */
687        } else if (currentFlowsetId == 1) {
688          if ( (shift = checkTemplateOption(shift, myPtrs.currentRouterPtr,
689                                            myPtrs.currentMIB,
690                                            myPtrs.offsetV9Ptr,
691                                            myPtrs.ptr_buffer,
692                                            myPtrs.currentHeaderV9Ptr,
693                                            curTplOptionPtr,
694                                            myPtrs.currentFlowsetNumberPtr) ) < 0 ) {
695#ifdef DEBUG
696            fprintf (stderr, "wo> ");
697#endif 
698            currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1;
699          }
700        } else if (currentFlowsetId > 255) {
701          if ( (shift = checkDataFlowSet(shift,
702                                         &myPtrs,
703                                         myQueue,
704                                         shmForAgg->prefixV4Tab[shmForAgg->currentTable],
705                                         (size_t) shmForAgg->v4PrefixNb,
706                                         shmForAgg->prefixV4SubnetTab[shmForAgg->currentTable],
707                                         (size_t) shmForAgg->v4SubnetNb) ) < 0 ) {
708#ifdef DEBUG   
709            fprintf (stderr, "wd> ");
710#endif
711            currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1;
712          }
713        } else {
714#ifdef DEBUG   
715          fprintf (stderr, " 1<<255 ");
716#endif
717          currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1;
718        }
719        if ( gardeFou > 200) { exit(-1); }
720      } /* end while flowset exist */
721#ifdef DEBUG
722      if (shift > 1456) {
723        fprintf(stderr," SHIT SHIFT > 1456 : %d \n", shift);
724      }
725#endif
726      break;
727    default:
728      syslog(LOG_INFO,
729             "NetFlow exp. version unknown: %hu, from router: %lu.%lu.%lu.%lu",
730             (unsigned short) version,
731             (myPtrs.pcktPtr->ipH->srcAdd>>24),
732             (myPtrs.pcktPtr->ipH->srcAdd<<8>>24),
733             (myPtrs.pcktPtr->ipH->srcAdd<<16>>24),
734             (myPtrs.pcktPtr->ipH->srcAdd<<24>>24));
735      break;
736    }
737    if (loopNb  > 140000 ){
738      /* FIXME perhaps call this function via the compilation options */
739      writeAllTplFlSet();
740#ifdef DEBUG   
741      fprintf(stderr, "W");
742#endif
743      loopNb = 0;
744    }
745    loopNb++;
746
747    now = time((time_t *)NULL);
748    tmPtr = localtime(&now);
749#ifdef DEBUG   
750    fprintf (stderr, "]\n");
751    fprintf (stderr, "IP: %llu , UDP: %llu, NDEv9: %llu, drops: %llu, FS: %llu, Flows: %llu, realFl: %llu Diff:%llu\n",
752             myPtrs.currentMIB->ipPacketNb,
753             myPtrs.currentMIB->udpPacketNb,
754             myPtrs.currentMIB->v9PacketNb,
755             myPtrs.currentMIB->v9UnSeqNb,
756             myPtrs.currentMIB->flowSetNb,
757             myPtrs.currentMIB->flowNb,
758             myPtrs.currentMIB->realFlowNb,
759             myPtrs.currentMIB->flowNb - myPtrs.currentMIB->realFlowNb
760             );
761#endif
762  } while (1);
763}
764
765/*
766 * initSocket()
767 */
768short 
769initSocket()
770{
771  inputSock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
772  if (inputSock < 0)
773    {
774      syslog(LOG_ERR,"socket : %s", strerror(errno));
775      exit(1);
776    }
777  memset((void*)&name, 0, sizeof(name));
778  name.sin_family = AF_INET;
779  name.sin_addr.s_addr = htonl(INADDR_ANY);
780  if (name.sin_addr.s_addr == INADDR_NONE){
781    syslog(LOG_ERR, " INADDR_NONE ");
782    exit(1);
783  }
784  name.sin_port = htons(receptPort);
785  if (bind(inputSock,(struct sockaddr *)(&name), sizeof(name)) < 0)
786    {
787      syslog(LOG_ERR, "bind : %s", strerror(errno));
788      exit(1);
789    }                                                           
790  sockNamelg = sizeof(name);
791  if (getsockname(inputSock, (struct sockaddr *) (&name),
792                  (socklen_t *)&sockNamelg) < 0)
793    {
794      syslog(LOG_ERR, "getsockname: %s", strerror(errno));
795      exit(1);
796    }
797  /* Here socket DGRAM creation, only to not have a unreachable service */
798  /* message in return */
799  inputSock2 = socket(AF_INET, SOCK_DGRAM, 0);
800  if (inputSock2 < 0)
801    {
802      syslog(LOG_ERR,"socket : %s", strerror(errno));
803      exit(1);
804    }
805  memset((void*)&name, 0, sizeof(name));
806  name2.sin_family = AF_INET;
807  name2.sin_addr.s_addr = htonl(INADDR_ANY);
808  if (name2.sin_addr.s_addr == INADDR_NONE){
809    syslog(LOG_ERR, " INADDR_NONE ");
810    exit(1);
811  }
812  name2.sin_port = htons(receptPort);
813  if (bind(inputSock2,(struct sockaddr *)(&name2), sizeof(name2)) < 0)
814    {
815      syslog(LOG_ERR, "bind : %s", strerror(errno));
816      exit(1);
817    }                                                           
818  sockNamelg = sizeof(name2);
819  if (getsockname(inputSock2, (struct sockaddr *) (&name2),
820                  (socklen_t *)&sockNamelg) < 0)
821    {
822      syslog(LOG_ERR, "getsockname: %s", strerror(errno));
823      exit(1);
824    }
825  return(0);
826}
827
828/*
829 * initFile
830 */
831short initFile()
832{
833 
834}
835
836/*
837 * socketReading
838 */
839short 
840socketReading()
841{
842  signed short sockLg;
843
844  sockNameFromlg = sizeof(fromName);
845  rcv = recvfrom(inputSock, myPtrs.ptr_buffer, sockBufSize, 0,
846                 (struct sockaddr *)(&fromName),
847                 (socklen_t *)&sockNameFromlg);   
848  sockLg = rcv;
849  if (sockLg < 0) {
850    syslog(LOG_ERR,"recvfrom : %s", strerror(errno));
851    exit(1);
852  }
853  if (sockLg == 0) {
854    syslog(LOG_ERR,"recvfrom : %s", strerror(errno));
855    exit(1);
856  }
857  return(0);
858}
859
860/*
861 * fileReading
862 */
863short fileReading()
864{
865#ifdef READFROMFILE
866  struct pcap_pkthdr myPcapHeader; 
867  const u_char *ethernetPacket;
868
869  if ((ethernetPacket = pcap_next(myPcapHandle, &myPcapHeader)) == NULL) {
870    pcap_close(myPcapHandle);
871    exit(0);
872  }
873  myPtrs.ptr_buffer = (DatagramPtr) (ethernetPacket + 14);
874#ifdef DEBUG
875  fprintf(stderr,"P");
876#endif
877#endif
878}
879 
880/*
881 * check up flow datagramme 
882 */
883short 
884checkFlow(short flowNumber)
885{
886  return(0); /* FIXME : why this function ??? */
887}
888
889/*
890 * showAllTplFlSet
891 *
892 * to use only in debug mode
893 */
894void 
895showAllTplFlSet()
896{
897  RouterPtr tmp = routersListPtr;
898  TplFlowSetPtr tmpFS;
899  TplOptionPtr tmpOP;
900  fprintf(stderr,"\n*********************************************\n* All template definitions: (field, size) : *\n*********************************************\n");
901  for (; tmp; tmp=tmp->next) {
902    fprintf(stderr,"----------------------\nrouter %lu.%lu.%lu.%lu : \n----------------------\n",
903            (tmp->IpAddress>>24),
904            (tmp->IpAddress<<8>>24),
905            (tmp->IpAddress<<16>>24),
906            (tmp->IpAddress<<24>>24));
907    tmpFS =  tmp->tplList;
908    for (; tmpFS; tmpFS=tmpFS->next) {
909      fprintf(stderr,"TId %hu (sourceId: %lu):\n",
910              tmpFS->templateFlowSetId,
911              tmpFS->sourceId);
912      printFieldSet(stderr, tmpFS->fieldSet);
913      fprintf(stderr,"\n");
914    }
915    if ((tmpOP = tmp->tplOptList) != NULL){
916      for (; tmpOP; tmpOP=tmpOP->next) {
917        fprintf(stderr,"OpTId %hu (sourceId: %lu) >\n",
918                tmpOP->templateOptionId,
919                tmpOP->sourceId);
920        printFieldSet(stderr, tmpOP->fieldSet);
921        fprintf(stderr,"\n");
922      }
923      fprintf(stderr,"\n");
924    }
925  }
926}
927
928
929/*
930 * writeAllTplFlSet
931 *
932 */
933void 
934writeAllTplFlSet()
935{
936
937  RouterPtr tmp = routersListPtr;
938  TplFlowSetPtr tmpFS;
939  TplOptionPtr tmpOP;
940  FILE *TPLFILE;
941  if (!(TPLFILE = fopen("/tmp/TemplateDef.txt", "w"))) {
942    syslog (LOG_ERR, "error during %s opening", "/tmp/TemplateDef.txt");
943  }
944  for (; tmp; tmp=tmp->next) {
945    tmpFS =  tmp->tplList;
946    for (; tmpFS; tmpFS=tmpFS->next) {
947      fprintf(TPLFILE,"%lu.%lu.%lu.%lu TId %hu %lu ",
948              (tmp->IpAddress>>24),
949              (tmp->IpAddress<<8>>24),
950              (tmp->IpAddress<<16>>24),
951              (tmp->IpAddress<<24>>24),
952              tmpFS->templateFlowSetId,
953              tmpFS->sourceId);
954      printFieldSet(TPLFILE, tmpFS->fieldSet);
955      fprintf(TPLFILE,"\n");
956    }
957    if ((tmpOP = tmp->tplOptList) != NULL){
958      for (; tmpOP; tmpOP=tmpOP->next) {
959        fprintf(TPLFILE,"%lu.%lu.%lu.%lu OpTId %hu %lu %d %hu %hu %hu ",
960                (tmp->IpAddress>>24),
961                (tmp->IpAddress<<8>>24),
962                (tmp->IpAddress<<16>>24),
963                (tmp->IpAddress<<24>>24),
964                tmpOP->templateOptionId,
965                tmpOP->sourceId,
966                tmpOP->optionScopeLg/4, /* last x brackets are scope */
967                tmpOP->length,
968                tmpOP->optionScopeLg,
969                tmpOP->optionLg);
970        printFieldSet(TPLFILE, tmpOP->fieldSet);
971        fprintf(TPLFILE,"\n");
972      }
973      /*      fprintf(TPLFILE,"\n");*/
974    }
975  }
976  fclose(TPLFILE);
977}
978
979/*
980 * initMIB
981 */
982int initMIB(struct RenetcolMIB *theMIB)
983{
984  theMIB->ipPacketNb = 0;
985  theMIB->udpPacketNb = 0;
986  theMIB->v9PacketNb = 0;
987  theMIB->v9UnSeqNb = 0;
988  theMIB->flowSetNb = 0;
989  theMIB->dataFlowSetNb = 0;
990  theMIB->defFlowSetNb = 0;
991  theMIB->optDataFlowSetNb = 0;
992  theMIB->optDefFlowSetNb = 0;
993  theMIB->flowNb = 0;         
994  theMIB->realFlowNb = 0;
995  theMIB->ipv4Bytes = 0;
996  theMIB->ipv4Pckts = 0;
997  theMIB->ipv4Flow = 0;   
998  theMIB->ipv4IcmpFlowNb = 0;
999  theMIB->ipv4IcmpBytesNb = 0;
1000  theMIB->ipv4IcmpPktsNb = 0;
1001  theMIB->ipv4UDPFlowNb = 0;
1002  theMIB->ipv4UDPBytesNb = 0;
1003  theMIB->ipv4UDPPktsNb = 0;
1004  theMIB->ipv4TCPFlowNb = 0;
1005  theMIB->ipv4TCPBytesNb = 0;
1006  theMIB->ipv4TCPPktsNb = 0;
1007  theMIB->ipv4OthersFlowNb = 0;
1008  theMIB->ipv4OthersBytesNb = 0;
1009  theMIB->ipv4OthersPktsNb = 0;
1010  theMIB->ipv4FlowSizePcktsE1 = 0;   
1011  theMIB->ipv4FlowSizePcktsLT10 = 0;
1012  theMIB->ipv4FlowSizePcktsLT100 = 0;
1013  theMIB->ipv4FlowSizePcktsLT1k = 0;
1014  theMIB->ipv4FlowSizePcktsLT10k = 0;
1015  theMIB->ipv4FlowSizePcktsMT10k = 0;
1016  theMIB->ipv4FlowSizeBytesLT50 = 0;
1017  theMIB->ipv4FlowSizeBytesLT100 = 0;
1018  theMIB->ipv4FlowSizeBytesLT1k = 0;
1019  theMIB->ipv4FlowSizeBytesLT10k = 0;
1020  theMIB->ipv4FlowSizeBytesLT100k = 0;
1021  theMIB->ipv4FlowSizeBytesLT1M = 0; 
1022  theMIB->ipv4FlowSizeBytesLT10M = 0;
1023  theMIB->ipv4FlowSizeBytesLT100M = 0;
1024  theMIB->ipv4FlowSizeBytesMT100M = 0;
1025  theMIB->ipv4WebBytesNb = 0;
1026  theMIB->ipv4WebPcktsNb = 0;
1027  theMIB->ipv4WebFlowNb = 0;
1028  theMIB->ipv4DNSBytesNb = 0;
1029  theMIB->ipv4DNSPcktsNb = 0;
1030  theMIB->ipv4DNSFlowNb = 0;
1031  theMIB->ipv4OthersApBytesNb = 0;
1032  theMIB->ipv4OthersApPcktsNb = 0;
1033  theMIB->ipv4OthersApFlowNb = 0;
1034  theMIB->ipv6Bytes = 0;
1035  theMIB->ipv6Pckts = 0;
1036  theMIB->ipv6Flow = 0;
1037  theMIB->ipv6IcmpFlowNb = 0;
1038  theMIB->ipv6IcmpBytesNb = 0;
1039  theMIB->ipv6IcmpPktsNb = 0;
1040  theMIB->ipv6UDPFlowNb = 0;
1041  theMIB->ipv6UDPBytesNb = 0;
1042  theMIB->ipv6UDPPktsNb = 0;
1043  theMIB->ipv6TCPFlowNb = 0;
1044  theMIB->ipv6TCPBytesNb = 0;
1045  theMIB->ipv6TCPPktsNb = 0;
1046  theMIB->ipv6OthersFlowNb = 0;
1047  theMIB->ipv6OthersBytesNb = 0;
1048  theMIB->ipv6OthersPktsNb = 0;
1049  theMIB->ipv6FlowSizePcktsE1 = 0;     
1050  theMIB->ipv6FlowSizePcktsLT10 = 0;   
1051  theMIB->ipv6FlowSizePcktsLT100 = 0; 
1052  theMIB->ipv6FlowSizePcktsLT1k = 0;   
1053  theMIB->ipv6FlowSizePcktsLT10k = 0; 
1054  theMIB->ipv6FlowSizePcktsMT10k = 0; 
1055  theMIB->ipv6FlowSizeBytesLT50 = 0;   
1056  theMIB->ipv6FlowSizeBytesLT100 = 0; 
1057  theMIB->ipv6FlowSizeBytesLT1k = 0;   
1058  theMIB->ipv6FlowSizeBytesLT10k = 0; 
1059  theMIB->ipv6FlowSizeBytesLT100k = 0;
1060  theMIB->ipv6FlowSizeBytesLT1M = 0;   
1061  theMIB->ipv6FlowSizeBytesLT10M = 0; 
1062  theMIB->ipv6FlowSizeBytesLT100M = 0;
1063  theMIB->ipv6FlowSizeBytesMT100M = 0; 
1064  theMIB->ipv6WebBytesNb = 0;
1065  theMIB->ipv6WebPcktsNb = 0;
1066  theMIB->ipv6WebFlowNb = 0;
1067  theMIB->ipv6DNSBytesNb = 0;
1068  theMIB->ipv6DNSPcktsNb = 0;
1069  theMIB->ipv6DNSFlowNb = 0;
1070  theMIB->ipv6OthersApBytesNb = 0;
1071  theMIB->ipv6OthersApPcktsNb = 0;
1072  theMIB->ipv6OthersApFlowNb = 0;
1073  return 1;
1074}
Note: See TracBrowser for help on using the browser.