void
RaParseComplete (int sig)
{
if (sig >= 0) {
if (!ArgusParser->RaParseCompleting++) {
if ((ArgusParser->ArgusWfileList != NULL) && (!(ArgusListEmpty(ArgusParser->ArgusWfileList)))) {
struct ArgusWfileStruct *wfile = NULL, *start = NULL;
if ((wfile = (struct ArgusWfileStruct *) ArgusFrontList(ArgusParser->ArgusWfileList)) != NULL) {
start = wfile;
fflush(wfile->fd);
ArgusPopFrontList(ArgusParser->ArgusWfileList, ARGUS_NOLOCK);
ArgusPushBackList(ArgusParser->ArgusWfileList, (struct ArgusListRecord *) wfile, ARGUS_NOLOCK);
wfile = (struct ArgusWfileStruct *) ArgusFrontList(ArgusParser->ArgusWfileList);
} while (wfile != start);
}
fflush(stdout);
exit(0);
}
}
#ifdef ARGUSDEBUG
ArgusDebug (1, "RaParseComplete (%d) returning\n", sig);
#endif
}
void
ArgusClientInit (struct ArgusParserStruct *parser)
{
struct ArgusModeStruct *mode;
int i = 0, x = 0;
if (!(parser->RaInitialized)) {
(void) signal (SIGHUP, (void (*)(int)) RaParseComplete);
(void) signal (SIGTERM, (void (*)(int)) RaParseComplete);
(void) signal (SIGQUIT, (void (*)(int)) RaParseComplete);
(void) signal (SIGINT, (void (*)(int)) RaParseComplete);
parser->RaWriteOut = 0;
if (parser->vflag)
ArgusReverseSortDir++;
if ((ArgusSorter = ArgusNewSorter()) == NULL)
ArgusLog (LOG_ERR, "ArgusClientInit ArgusNewSorter error %s", strerror(errno));
bzero ((char *) ArgusSorter->ArgusSortAlgorithms, sizeof(ArgusSorter->ArgusSortAlgorithms));
ArgusSorter->ArgusSortAlgorithms[0] = ArgusSortAlgorithmTable[0];
if ((mode = parser->ArgusModeList) != NULL) {
while (mode) {
if (!(strcmp ("replace", mode->mode))) {
ArgusSorter->ArgusReplaceMode++;
if ((parser->ArgusWfileList != NULL) && (!(ArgusListEmpty(parser->ArgusWfileList)))) {
ArgusLog (LOG_ERR, "replace mode and -w option are incompatible\n");
}
}
mode = mode->nxt;
}
}
if ((mode = parser->ArgusMaskList) != NULL) {
while (mode) {
for (x = 0; x < MAX_SORT_ALG_TYPES; x++) {
if (!strncmp (ArgusSortKeyWords[x], mode->mode, strlen(ArgusSortKeyWords[x]))) {
ArgusSorter->ArgusSortAlgorithms[i++] = ArgusSortAlgorithmTable[x];
break;
}
}
if (x == MAX_SORT_ALG_TYPES)
ArgusLog (LOG_ERR, "sort syntax error. \'%s\' not supported", mode->mode);
mode = mode->nxt;
}
}
parser->RaInitialized++;
}
}
int
RaSendArgusRecord(struct ArgusRecordStruct *ns)
{
int retn = 1;
char buf[MAXSTRLEN];
if (ns->status & ARGUS_RECORD_WRITTEN)
return (retn);
if ((ArgusParser->ArgusWfileList != NULL) && (!(ArgusListEmpty(ArgusParser->ArgusWfileList)))) {
struct ArgusWfileStruct *wfile = NULL;
struct ArgusListObjectStruct *lobj = NULL;
int i, count = ArgusParser->ArgusWfileList->count;
if ((lobj = ArgusParser->ArgusWfileList->start) != NULL) {
for (i = 0; i < count; i++) {
if ((wfile = (struct ArgusWfileStruct *) lobj) != NULL) {
int pass = 1;
if (wfile->filterstr) {
struct nff_insn *wfcode = wfile->filter.bf_insns;
pass = ArgusFilterRecord (wfcode, ns);
}
if (pass != 0) {
if ((ArgusParser->exceptfile == NULL) || strcmp(wfile->filename, ArgusParser->exceptfile)) {
struct ArgusRecord *argusrec = NULL;
char buf[2048];
if ((argusrec = ArgusGenerateRecord (ns, 0L, buf)) != NULL) {
#ifdef _LITTLE_ENDIAN
ArgusHtoN(argusrec);
#endif
ArgusWriteNewLogfile (ArgusParser, ns->input, wfile, argusrec);
}
}
}
}
lobj = lobj->nxt;
}
}
} else {
if (!ArgusParser->qflag) {
if (ArgusParser->Lflag) {
if (ArgusParser->RaLabel == NULL)
ArgusParser->RaLabel = ArgusGenerateLabel(ArgusParser, ns);
if (!(ArgusParser->RaLabelCounter++ % ArgusParser->Lflag))
printf ("%s\n", ArgusParser->RaLabel);
if (ArgusParser->Lflag < 0)
ArgusParser->Lflag = 0;
}
*(int *)&buf = 0;
ArgusPrintRecord(ArgusParser, buf, ns, MAXSTRLEN);
fprintf (stdout, "%s\n", buf);
fflush(stdout);
}
}
ns->status |= ARGUS_RECORD_WRITTEN;
return (retn);
}
void
ArgusClientInit (struct ArgusParserStruct *parser)
{
struct ArgusModeStruct *mode = NULL;
int correct = 1;
parser->RaWriteOut = 0;
if (!(parser->RaInitialized)) {
(void) signal (SIGHUP, (void (*)(int)) RaParseComplete);
(void) signal (SIGTERM, (void (*)(int)) RaParseComplete);
(void) signal (SIGQUIT, (void (*)(int)) RaParseComplete);
(void) signal (SIGINT, (void (*)(int)) RaParseComplete);
if ((mode = parser->ArgusModeList) != NULL) {
while (mode) {
if (!(strncasecmp (mode->mode, "correct", 7)))
correct = 1;
if (!(strncasecmp (mode->mode, "nocorrect", 9)))
correct = 0;
if (!(strncasecmp (mode->mode, "rmon", 4)))
parser->RaMonMode++;
if (!(strncasecmp (mode->mode, "norep", 5)))
parser->RaAgMode++;
if (!(strncasecmp (mode->mode, "ind", 3)))
ArgusProcessFileIndependantly = 1;
if (!(strncasecmp (mode->mode, "replace", 7))) {
ArgusProcessFileIndependantly = 1;
parser->ArgusReplaceMode++;
if ((parser->ArgusWfileList != NULL) && (!(ArgusListEmpty(parser->ArgusWfileList)))) {
ArgusLog (LOG_ERR, "replace mode and -w option are incompatible\n");
}
}
mode = mode->nxt;
}
}
if ((parser->ArgusMaskList) == NULL)
parser->ArgusReverse = 1;
else
parser->ArgusReverse = 0;
if (parser->ArgusFlowModelFile) {
if ((parser->ArgusAggregator = ArgusParseAggregator(parser, parser->ArgusFlowModelFile, NULL)) == NULL)
ArgusLog (LOG_ERR, "ArgusClientInit: ArgusParseAggregator error");
} else
if ((parser->ArgusAggregator = ArgusNewAggregator(parser, NULL)) == NULL)
ArgusLog (LOG_ERR, "ArgusClientInit: ArgusNewAggregator error");
if (correct == 0) {
if (parser->ArgusAggregator->correct != NULL)
free(parser->ArgusAggregator->correct);
parser->ArgusAggregator->correct = NULL;
} else {
if (parser->ArgusAggregator->correct != NULL)
free(parser->ArgusAggregator->correct);
parser->ArgusAggregator->correct = strdup("yes");
}
if (parser->Hstr)
if (!(ArgusHistoMetricParse (parser, parser->ArgusAggregator)))
usage ();
if (parser->vflag)
ArgusReverseSortDir++;
if ((parser->ArgusWfileList != NULL) && (!(ArgusListEmpty(parser->ArgusWfileList))))
parser->nflag = 2;
parser->RaInitialized++;
parser->RaParseCompleting = 0;
parser->ArgusLastRecordTime = 0;
parser->RaSortedInput = 1;
}
}
