Context Navigation

← Previous Change
Next Change →

renetcolRC.py

Timestamp:

01/12/11 17:55:54 (12 years ago)

Author:

andreu

Message:

DoS detection update

Files:

: 1 modified

trunk/tool/renetcolRC.py (modified) (8 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/tool/renetcolRC.py

r149	r150
48	48	collectorPort = 52571 # if you change this port number, apply the
49	49	# modification on the renetcolSender.h file
50		# and you'll need a new compilation of the colllector
	50	# and you'll need a new compilation of the collector
51	51	##############################################################################
52	52
…	…
113	113	]
114	114	flowCpt = 0
	115	flowCptW = 0
115	116	mask = [ 0,0,0 ]
116	117	spaceSep = " "
…	…
126	127	os_type = 0
127	128	oldTpl = 0
	129	oldTplW = 0
128	130	fromRouter = ""
129	131	myTimer = None
130	132	myCPT = 1
	133	rrt = 3600
131	134
132	135	class InputControl(threading.Thread):
…	…
283	286	strFlow += "\t"
284	287	if (printValue[69]):
285		strFlow += fromRouter
	288	strFlow += fromRouter+"\t"+time.strftime("%Y/%m/%d %H:%M", time.gmtime())
286	289	print strFlow
287	290	oldTpl = self.flow[0]
…	…
289	292	# flow record
290	293	def write_flow2(self):
291		global printValue, record_file, tpl_def
	294	global printValue, record_file, tpl_def, flowCptW, fieldsName, oldTplW, os_type, fromRouter
292	295	myliste = []
	296	myTpl = []
	297	strFlow = ""
	298	strField = ""
	299	underscore_line = ""
	300	flowCptW+=1
	301	if (flowCptW%6 == 0 or oldTplW != self.flow[0]):
	302	## if (flowCpt%100 == 0):
	303	flowCptW = 0
	304	for i in range (0, len(tpl_def[self.flow[0]])):
	305	f = tpl_def[self.flow[0]][i][0]
	306	if printValue[f]:
	307	if ( f==27 or f==28 or f==62 or f==63 ):
	308	strField += str(fieldsName[f])
	309	l = len(str(fieldsName[f]))
	310	if ((40-l)%8 == 0):
	311	tabNb = int((40-l)/8)
	312	else:
	313	tabNb = int((40-l)/8) + 1
	314	for j in range (0, tabNb):
	315	strField += ";"
	316	for k in range (0, 40):
	317	underscore_line += "-"
	318	elif ( f==8 or f==15 or f==12 or f==18 or f==47 ):
	319	strField += str(fieldsName[f])
	320	l = len(str(fieldsName[f]))
	321	if ((16-l)%8 == 0):
	322	tabNb = int((16-l)/8)
	323	else:
	324	tabNb = int((16-l)/8) + 1
	325	for j in range (0, tabNb):
	326	strField += ";"
	327	for k in range (0, 16):
	328	underscore_line += "-"
	329	else:
	330	strField += str(fieldsName[f])
	331	strField += ";"
	332	for k in range (0, 8):
	333	underscore_line += "-"
	334	if (oldTplW != self.flow[0]):
	335	record_file.write("")
	336	if (os_type == 0):
	337	esc = '\x1b['
	338	sep = ';'
	339	end = 'm'
	340	if (printValue[69]):
	341	rt = str(fieldsName[69])
	342	toprint = esc+"37"+sep+"44"+end+strField+rt+esc+"0"+end+"\n"
	343	else:
	344	toprint = esc+"37"+sep+"44"+end+strField+esc+"0"+end+"\n"
	345	record_file.write(toprint)
	346	else:
	347	if (printValue[69]):
	348	strField += str(fieldsName[69])
	349	if (record_file!=None):
	350	record_file.write(strField)
	351	record_file.write("\n")
	352	record_file.write(underscore_line)
	353	record_file.write("\n")
293	354	for i in range (0, len(tpl_def[self.flow[0]])):
294	355	f = tpl_def[self.flow[0]][i][0]
…	…
300	361	else:
301	362	myliste += [str(self.flow[1][i])]
302		theflow = string.join(myliste, "~~\t")+"\t"+fromRouter~~+"\n"
	363	theflow = string.join(myliste, ";")+";"+fromRouter+";"+time.strftime("%Y%m%d%H%M", time.gmtime())+"\n"
303	364	if (record_file!=None):
304	365	record_file.write(theflow)
	366	oldTplW = self.flow[0]
305	367
306	368	class FlowInput:
…	…
483	545
484	546	def timer_action():
485		global record_file, record_file_name, myTimer, myCPT
	547	global record_file, record_file_name, myTimer, myCPT, rrt
486	548	myCPT+=1
487	549	myTimer.cancel()
488		my_new_file_name = "%s_%s~~_%d" % (record_file_name,time.strftime("%Y%m%d", time.gmtime()),myCPT~~)
	550	my_new_file_name = "%s_%s.txt" % (record_file_name,time.strftime("%Y%m%d%H%M", time.gmtime()))
489	551	##my_new_file_name = "%s_%d" % (record_file_name,myCPT)
490	552	print my_new_file_name
491		new_record_file = file(my_new_file_name, 'w')
	553	new_record_file = file(my_new_file_name, 'a+')
492	554	old_record_file = record_file
493	555	record_file = new_record_file
494	556	old_record_file.close()
495	557	now2 = time.time()
496		reste = ~~300-(operator.mod(now2,300~~))
497		myTimer = threading.Timer(~~300.0~~,timer_action)
	558	reste = rrt-(operator.mod(now2,rrt))
	559	myTimer = threading.Timer(rrt,timer_action)
498	560	myTimer.start()
499	561
500		def callback_RotRec(widget, data=None):
501		global record, myTimer
502		if ((record == 0) and (widget.get_active() == 1)):
503		info_dialog(widget, None, "You must before activated the record ! ")
504		widget.set_active(0)
505		else:
506		if widget.get_active() == 1:
507		print "STARTING RECORD ROTATION"
508		now2 = time.time()
509		reste = 300-(operator.mod(now2,300))
510		myTimer = threading.Timer(300,timer_action)
511		myTimer.start()
512		if widget.get_active() == 0:
513		myTimer.cancel()
514		print "STOPPING RECORD ROTATION"
	562	def RotRec():
	563	global record, myTimer, rrt
515	564
516	565	if __name__ == "__main__":
517	566	global comboRouter, os_type, printShit
518	567	global localAddr, localPort
	568	global rrt, record, record_file_name
	569
	570	print ""
	571	print ""
	572	print ""
	573
	574	print "----------------------------------------------------------------------------"
	575	print " renetcolRC is part of renetcol "
	576	print " This module writed in python is a remote client which can received flows "
	577	print " information from renetcol. It was built from renetcolGUI source without "
	578	print " the gtk interface and without the interaction with renetcol."
	579	print " To receive flows from renetcol the filter with the field number 69 MUST be"
	580	print " actived on renetcol (in your file rules.txt)"
	581	print "----------------------------------------------------------------------------"
519	582
520	583	if (os.name =="nt"):
…	…
525	588	os_type = 3
526	589
	590	parser = OptionParser()
	591	parser.add_option("-o", "--output", dest="out", help ="Output filename prefix, ex: \"/tmp/myrecord\", timestamp will be add to the filename")
	592	parser.add_option("-t", "--time", dest="tim", help ="Round robin interval (in seconde), default is \"3600\" for 1h")
	593	(options, args) = parser.parse_args()
	594	outputFileName = options.out
	595	rrt = int(options.tim)
	596
	597	if (outputFileName!=None):
	598	record = 1
	599	record_file_name = outputFileName
	600	record_file = file(record_file_name, 'a+')
	601	RotRec()
	602	else:
	603	record = 0
	604
	605	print ""
	606	print ""
	607	print ""
	608	print " ---------------------------------------"
	609	print " STARTING RECORD ROTATION"
	610	print " with following parameters:"
	611	print " output filename prefix :",outputFileName
	612	print " interval: ",rrt, " seconds"
	613	print " ---------------------------------------"
	614	now2 = time.time()
	615	reste = rrt-(operator.mod(now2,rrt))
	616	myTimer = threading.Timer(rrt,timer_action)
	617	myTimer.start()
	618	##myTimer.cancel()
	619	##print "STOPPING RECORD ROTATION"
	620
527	621	myInputControlThread = InputControl(localAddr, localPort)
528	622	myInputControlThread.start()
529	623
530		~~print "---------------------------------------------------------------"~~
531		~~print " renetcolRC is part of renetcol "~~
532		~~print " this module is a remote client which can recieved flow \ "~~
533		~~print " information from renetcol. "~~
534		~~print "----------------------------------------------------------------"~~

Context Navigation

Changeset 150 for trunk/tool/renetcolRC.py

Legend:

trunk/tool/renetcolRC.py

Download in other formats: