- Timestamp:
- 06/17/09 14:44:04 (14 years ago)
- Location:
- trunk
- Files:
-
- 5 modified
-
configure.in (modified) (2 diffs)
-
src/dataFlowSet.c (modified) (11 diffs)
-
src/renetcol.c (modified) (20 diffs)
-
src/renetcol.h (modified) (2 diffs)
-
src/template.c (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/configure.in
r109 r111 21 21 CFLAGS_PRINTUNKNOWNSUBNET="-DPRINTUNKNOWNSUBNET" 22 22 CFLAGS_MULTISAMPLING="-DMULTISAMPLING" 23 CFLAGS_READFROMFILE="-DREADFROMFILE -lpcap" 23 24 24 25 # Checks for programs. … … 51 52 if test $multisampling = yes ; then 52 53 CFLAGS="$CFLAGS $CFLAGS_MULTISAMPLING" 54 fi 55 56 AC_ARG_ENABLE(readfromfile,[ --enable-readfromfile Read NDE from pcap FILE mode=no], 57 readfromfile=$enableval,readfromfile=no) 58 if test $readfromfile = yes ; then 59 CFLAGS="$CFLAGS $CFLAGS_READFROMFILE" 53 60 fi 54 61 -
trunk/src/dataFlowSet.c
r97 r111 81 81 int paddingCounter = 0; 82 82 int crazyCounter = 0; 83 #ifdef DEBUG 84 int flowCpt = 0; 85 #endif 83 86 84 87 buffer2[1] = *(myPtrs->ptr_buffer+(*myPtrs->offsetV9Ptr)); … … 93 96 data_length = *((unsigned short*)&buffer2); 94 97 if (data_length == 0) { 95 syslog(LOG_INFO, "data flowset length null; all next informations of this data flowset are not considered! flowset ID: %hu, from router: %lu.%lu.%lu.%lu", 96 (*myPtrs->currentFlowsetIdPtr), 97 (myPtrs->pcktPtr->ipH->srcAdd>>24), 98 (myPtrs->pcktPtr->ipH->srcAdd<<8>>24), 99 (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), 100 (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); 98 #ifdef DEBUG 99 fprintf (stderr, " dlg==0 <--| "); 100 #endif 101 /* syslog(LOG_INFO, "data flowset length null; all next informations of this data flowset are not considered! flowset ID: %hu, from router: %lu.%lu.%lu.%lu", */ 102 /* (*myPtrs->currentFlowsetIdPtr), */ 103 /* (myPtrs->pcktPtr->ipH->srcAdd>>24), */ 104 /* (myPtrs->pcktPtr->ipH->srcAdd<<8>>24), */ 105 /* (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), */ 106 /* (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); */ 101 107 return (-1); 102 108 … … 112 118 data_length); 113 119 if ( (*myPtrs->currentFlowsetIdPtr) > TRESHOLD_TEMPLATE_ID ) { 114 /* fprintf(stderr,"Bad TID from router: %lu.%lu.%lu.%lu\n", */115 /* (*myPtrs->currentFlowsetIdPtr), */116 /* (myPtrs->pcktPtr->ipH->srcAdd>>24), */117 /* (myPtrs->pcktPtr->ipH->srcAdd<<8>>24), */118 /* (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), */119 /* (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); */120 /* fprintf(stderr," Bytes : \n"); */121 /* while ( ( myPtrs->ptr_buffer+(*myPtrs->offsetV9Ptr) ) > (myPtrs->ptr_buffer+1416) ){ */122 /* buffer1= *(myPtrs->ptr_buffer+(*myPtrs->offsetV9Ptr));(*myPtrs->offsetV9Ptr)++; */123 /* tmp = *((unsigned char*)&buffer1); */124 /* fprintf (stderr, " %s ", tmp); */125 /* } */126 /* exit(-1); */120 fprintf(stderr,"Bad TID from router: %lu.%lu.%lu.%lu\n", 121 (*myPtrs->currentFlowsetIdPtr), 122 (myPtrs->pcktPtr->ipH->srcAdd>>24), 123 (myPtrs->pcktPtr->ipH->srcAdd<<8>>24), 124 (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), 125 (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); 126 fprintf(stderr," Bytes : \n"); 127 while ( ( myPtrs->ptr_buffer+(*myPtrs->offsetV9Ptr) ) > (myPtrs->ptr_buffer+1416) ){ 128 buffer1= *(myPtrs->ptr_buffer+(*myPtrs->offsetV9Ptr));(*myPtrs->offsetV9Ptr)++; 129 tmp = *((unsigned char*)&buffer1); 130 fprintf (stderr, " %s ", tmp); 131 } 132 exit(-1); 127 133 return (data_length+shift); 128 134 } … … 134 140 if ( data_length%flow_size >= 9 ) { 135 141 (*myPtrs->currentFlowsetNumberPtr) = myPtrs->currentHeaderV9Ptr->count; 136 syslog(LOG_INFO, "data flowset length not match with length from template definition, wrong template definition suspected; all next informations of this data flowset are not considered! flowset ID: %hu, from router: %lu.%lu.%lu.%lu", 142 syslog(LOG_INFO, "data flowset length not match with length from template definition, wrong template definition suspected; all next informations of this data flowset are not considered! sourceID: %lu flowset ID: %hu, from router: %lu.%lu.%lu.%lu", 143 myPtrs->currentHeaderV9Ptr->sourceId, 137 144 (*myPtrs->currentFlowsetIdPtr), 138 145 (myPtrs->pcktPtr->ipH->srcAdd>>24), … … 140 147 (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), 141 148 (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); 149 #ifdef DEBUG 150 fprintf (stderr, " dlg%flsz >=9 skip data "); 151 #endif 142 152 return (data_length+shift); 143 153 } … … 149 159 (myPtrs->pcktPtr->ipH->srcAdd<<16>>24), 150 160 (myPtrs->pcktPtr->ipH->srcAdd<<24>>24)); 161 #ifdef DEBUG 162 fprintf (stderr, " dlg >= 1452 skip pckt "); 163 #endif 151 164 return (-1); 152 165 } … … 641 654 * end of one flow (not the flowset) 642 655 */ 643 656 #ifdef DEBUG 657 flowCpt++; 658 fprintf(stderr," F%d ", flowCpt); 659 #endif 644 660 /* put aggregation cache information to IPv4 Prefixes table */ 645 661 /* Aggregation mode must be enable in ./configure options */ … … 1212 1228 /* not the flow end, progress in field list */ 1213 1229 pftmp = pftmp->prev; 1214 } 1230 } 1215 1231 } /* end of the while on one flow record */ 1216 1232 1217 1233 while ( ((*myPtrs->offsetV9Ptr)-48-shift) < data_length ) { 1218 1234 (*myPtrs->offsetV9Ptr)++; /* if padding */ 1219 1235 paddingCounter++; 1236 #ifdef DEBUG 1237 fprintf(stderr,", pC: %d ", paddingCounter); 1220 1238 if ( paddingCounter > 8 ) { 1221 #ifdef DEBUG1222 fprintf(stderr," padding too high: %d ", paddingCounter);1223 #endif1224 1239 syslog(LOG_INFO,"padding too high: %d ", paddingCounter); 1240 fprintf(stderr,", pC: %d <--| ", paddingCounter); 1225 1241 return (-1); 1242 #endif 1226 1243 } 1244 return (-1); 1227 1245 } 1228 1246 while ( (*myPtrs->offsetV9Ptr)-48-shift > data_length ) { … … 1232 1250 #ifdef DEBUG 1233 1251 if (crazyCounter != 0){ fprintf(stderr," crazyCounter: %d ", crazyCounter); } 1234 #endif1235 1252 if (crazyCounter!=0) { syslog(LOG_INFO,"crazyCounter: %d ", crazyCounter);} 1236 1237 #ifdef DEBUG 1238 fprintf(stderr,"}"); 1253 fprintf(stderr,"(%hu,%hu)}", data_length, data_length+shift); 1239 1254 #endif 1240 1255 … … 1326 1341 } else { 1327 1342 /* 1328 * template unknown, we skip th is all the data1343 * template unknown, we skip the data 1329 1344 */ 1330 1345 (*myPtrs->offsetV9Ptr)+=(data_length-4); 1331 (*myPtrs->currentFlowsetNumberPtr) = myPtrs->currentHeaderV9Ptr->count; 1346 (*myPtrs->currentFlowsetNumberPtr)+= 1 ; 1347 /* (*myPtrs->currentFlowsetNumberPtr) = myPtrs->currentHeaderV9Ptr->count;*/ 1332 1348 #ifdef DEBUG 1333 fprintf(stderr, " U, r: %lu.%lu.%lu.%lu, sourceId: %lu, TID: %hu ",1349 fprintf(stderr, " U, r: %lu.%lu.%lu.%lu, sourceId: %lu, TID: %hu ", 1334 1350 (myPtrs->pcktPtr->ipH->srcAdd>>24), 1335 1351 (myPtrs->pcktPtr->ipH->srcAdd<<8>>24), … … 1339 1355 (*myPtrs->currentFlowsetIdPtr) 1340 1356 ); 1357 fprintf(stderr,"(%hu,%hu) ", data_length, data_length+shift); 1341 1358 #endif 1342 1359 return (data_length+shift); -
trunk/src/renetcol.c
r110 r111 85 85 static struct sockaddr_in name2; 86 86 static struct sockaddr_in fromName; 87 #ifdef READFROMFILE 88 char *myPcapFileName, errBuffer[PCAP_ERRBUF_SIZE]; 89 pcap_t *myPcapHandle; 90 #endif 87 91 88 92 /* … … 100 104 unsigned short routerIndex = 0; 101 105 106 #if defined(READFROMFILE) 107 if ( argc != 2) { 108 fprintf (stderr, 109 "%s: Usage: %s <pcap file>\n exp: %s /tmp/my_pcap_file.pcap\n", 110 argv[0], argv[0], argv[0]); 111 exit(1); 112 } 113 myPcapFileName = argv[1]; 114 if ((myPcapHandle = pcap_open_offline(myPcapFileName, errBuffer)) == NULL) { 115 fprintf(stderr, "Couldn't open PCAP file %s: %s\n", myPcapFileName, errBuffer); 116 exit(1); 117 } 118 #endif 119 102 120 #if defined(IPV4AGGIDR) 103 121 fprintf(stderr, "renetcol compilation and execution with IPv4 Prefixes Aggregation feature enable based on routers ID in %s file.\n", ROUTERS_LIST); … … 113 131 fprintf(stderr, "renetcol compilation and execution with IPv6 Links Aggregation.\n"); 114 132 #endif 115 133 116 134 openlog(argv[0], LOG_PID, LOG_USER); 117 135 … … 299 317 for (i=0; i<ROUTER_INDEX_MAX; i++){ 300 318 for (j=0; j<MAX_INDEX_BY_ROUTER; j++) { 319 shmForAgg->indexV6Tab[0][i][j].routerIPAddress = 0; 320 shmForAgg->indexV6Tab[0][i][j].indexSNMP = 0; 301 321 shmForAgg->indexV6Tab[0][i][j].hasStats = 0; 302 322 shmForAgg->indexV6Tab[0][i][j].sampling = 0; … … 307 327 shmForAgg->indexV6Tab[0][i][j].pktsNbOUT = 0; 308 328 shmForAgg->indexV6Tab[0][i][j].flowNbOUT = 0; 329 shmForAgg->indexV6Tab[1][i][j].routerIPAddress = 0; 330 shmForAgg->indexV6Tab[1][i][j].indexSNMP = 0; 309 331 shmForAgg->indexV6Tab[1][i][j].hasStats = 0; 310 332 shmForAgg->indexV6Tab[1][i][j].sampling = 0; … … 454 476 455 477 #ifdef DEBUG 456 fprintf(stderr,"Cache for Rules \n");478 fprintf(stderr,"Cache for Rules: \n"); 457 479 #endif 458 480 while (tmp) { … … 464 486 } 465 487 rulesAddress[def->fieldType][i] = def; 488 #ifdef DEBUG 489 fprintf(stderr,"%d: %d \n", def->fieldType, i); 490 #endif 466 491 def = def->next; 467 #ifdef DEBUG468 fprintf(stderr,"%d: %d ", def->fieldType, i);469 #endif470 492 } 471 493 #ifdef DEBUG … … 474 496 tmp = tmp->next; 475 497 } 498 #ifdef DEBUG 499 fprintf(stderr,"Cache for Rules: OK"); 500 #endif 476 501 } 477 502 478 503 /* 479 504 * initStream() 505 * 506 * Stream can be a file (pcap format) or a socket 480 507 */ 481 508 void … … 484 511 static unsigned short n0, n1, n2, n3; 485 512 513 #ifdef READFROMFILE 514 initFile(); 515 #else 486 516 initSocket(); 487 517 if (sscanf(receptAddress,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3)==0) { … … 492 522 buffer4[2] = (unsigned char)n1; 493 523 buffer4[3] = (unsigned char)n0; 524 #endif 494 525 } 495 526 … … 572 603 initRule(); 573 604 } 605 #ifdef READFROMFILE 606 fileReading(); 607 #else 574 608 socketReading(); 609 #endif 575 610 getIpHeader(myPtrs.pcktPtr, myPtrs.ptr_buffer); 576 611 regRouter = checkIpHeader(myPtrs.pcktPtr, &sortedRouterList[0], routerNb); … … 584 619 myPtrs.currentHeaderV9Ptr, myPtrs.offsetV9Ptr)){ 585 620 case 9: 621 #ifdef DEBUG 622 fprintf (stderr, ", %d %hu %lu ,", 623 myPtrs.currentHeaderV9Ptr->version, 624 myPtrs.currentHeaderV9Ptr->count, 625 myPtrs.currentHeaderV9Ptr->package_sequence); 626 #endif 586 627 if ((myPtrs.currentRouterPtr=notExistRouter(routersListPtr, 587 628 myPtrs.pcktPtr->ipH->srcAdd))==NULL) { … … 591 632 shift = 0; 592 633 gardeFou=0; 593 while ((currentFlowsetNumber < myPtrs.currentHeaderV9Ptr->count) ) {634 while ((currentFlowsetNumber < myPtrs.currentHeaderV9Ptr->count) && (shift <= 1456)) { 594 635 gardeFou++; 595 636 curTplFlSetPtr = NULL; … … 605 646 myQueue)) < 0 ) { 606 647 #ifdef DEBUG 607 fprintf (stderr, "w> \n");648 fprintf (stderr, "w> "); 608 649 #endif 609 650 currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1; … … 618 659 myPtrs.currentFlowsetNumberPtr) ) < 0 ) { 619 660 #ifdef DEBUG 620 fprintf (stderr, "wo> \n");661 fprintf (stderr, "wo> "); 621 662 #endif 622 663 currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1; … … 631 672 (size_t) shmForAgg->v4SubnetNb) ) < 0 ) { 632 673 #ifdef DEBUG 633 fprintf (stderr, "wd> \n");674 fprintf (stderr, "wd> "); 634 675 #endif 635 676 currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1; … … 637 678 } else { 638 679 #ifdef DEBUG 639 fprintf (stderr, " 1<<255\n");680 fprintf (stderr, " 1<<255 "); 640 681 #endif 641 682 currentFlowsetNumber = myPtrs.currentHeaderV9Ptr->count + 1; … … 643 684 if ( gardeFou > 200) { exit(-1); } 644 685 } /* end while flowset exist */ 686 #ifdef DEBUG 687 if (shift > 1456) { 688 fprintf(stderr," SHIT SHIFT > 1456 : %d \n", shift); 689 } 690 #endif 645 691 break; 646 692 default: … … 735 781 } 736 782 783 /* 784 * initFile 785 */ 786 short initFile() 787 { 788 789 } 737 790 738 791 /* 739 * init socket792 * socketReading 740 793 */ 741 794 short … … 758 811 } 759 812 return(0); 813 } 814 815 /* 816 * fileReading 817 */ 818 short fileReading() 819 { 820 #ifdef READFROMFILE 821 struct pcap_pkthdr myPcapHeader; 822 const u_char *ethernetPacket; 823 824 if ((ethernetPacket = pcap_next(myPcapHandle, &myPcapHeader)) == NULL) { 825 pcap_close(myPcapHandle); 826 exit(0); 827 } 828 myPtrs.ptr_buffer = (DatagramPtr) (ethernetPacket + 14); 829 #ifdef DEBUG 830 fprintf(stderr,"P"); 831 #endif 832 #endif 760 833 } 761 834 -
trunk/src/renetcol.h
r95 r111 46 46 #include <signal.h> 47 47 #include <setjmp.h> 48 49 #ifdef READFROMFILE 50 #include <pcap.h> 51 #endif 48 52 49 53 #include "routers_mgmt.h" … … 96 100 int socketLoop(); 97 101 short initSocket(); 102 short initFile(); 98 103 short socketReading(); 104 short fileReading(); 99 105 short getFlow(short); 100 106 short checkFlow(short); -
trunk/src/template.c
r78 r111 212 212 #endif 213 213 } 214 #ifdef DEBUG 214 215 syslog (LOG_INFO, 215 "in new template: field nb gt 216, field lg gt 16 or too many fields, bad template definition possibility"); 216 "New template: field nb, field lg or too many fields, bad template def possibility SId: %lu", 217 v9Ptr->sourceId); 218 #endif 216 219 ptpltmp = cTFSPtr; 217 220 if (ptpltmp->prev == NULL) { … … 309 312 #endif 310 313 } 314 #ifdef DEBUG 311 315 syslog (LOG_INFO, 312 316 "in update template function: too many fields, bug collector or wrong template def in template update"); 313 #ifdef DEBUG314 317 fprintf(stderr, 315 318 "\nin update template function: too many fields, bug collector or wrong template def in template update\n"); … … 469 472 cr->IpAddress<<16>>24, 470 473 cr->IpAddress<<24>>24); 471 #endif472 474 syslog (LOG_INFO, 473 475 "in option template function: too many fields, bug collector or wrong template def in template update"); 474 #ifdef DEBUG475 476 fprintf(stderr, 476 477 "\nin option template function: too many fields, bug collector or wrong template def in template update\n"); … … 566 567 cr->IpAddress<<16>>24, 567 568 cr->IpAddress<<24>>24); 568 #endif569 569 syslog (LOG_INFO, 570 570 "in update option tpl function: too many fields, bug collector or wrong template def in template update"); 571 #ifdef DEBUG572 571 fprintf(stderr, 573 572 "\nin update option tpl function: too many fields, bug collector or wrong template def in template update\n");
