LOCAL void reader_libpcapfile_monitor_do(struct inotify_event *event)
{
gchar *dirname = g_hash_table_lookup(wdHashTable, (void *)(long)event->wd);
gchar *fullfilename = g_build_filename (dirname, event->name, NULL);
if (config.pcapRecursive &&
(event->mask & IN_CREATE) &&
g_file_test(fullfilename, G_FILE_TEST_IS_DIR)) {
reader_libpcapfile_monitor_dir(fullfilename);
g_free(fullfilename);
return;
}
if ((event->mask & IN_CLOSE_WRITE) == 0) {
g_free(fullfilename);
return;
}
if (!g_regex_match(config.offlineRegex, fullfilename, 0, NULL)) {
g_free(fullfilename);
return;
}
MolochString_t *string = MOLOCH_TYPE_ALLOC0(MolochString_t);
string->str = fullfilename;
if (config.debug)
LOG("Monitor enqueing %s", string->str);
DLL_PUSH_TAIL(s_, &monitorQ, string);
return;
}
void reader_libpcapfile_init_monitor()
{
int dir;
for (dir = 0; config.pcapReadDirs[dir] && config.pcapReadDirs[dir][0]; dir++) {
reader_libpcapfile_monitor_dir(config.pcapReadDirs[dir]);
}
}
LOCAL void reader_libpcapfile_init_monitor()
{
int dir;
monitorFd = inotify_init1(IN_NONBLOCK);
if (monitorFd < 0)
LOGEXIT("Couldn't init inotify %s", strerror(errno));
wdHashTable = g_hash_table_new (g_direct_hash, g_direct_equal);
moloch_watch_fd(monitorFd, MOLOCH_GIO_READ_COND, reader_libpcapfile_monitor_read, NULL);
for (dir = 0; config.pcapReadDirs[dir] && config.pcapReadDirs[dir][0]; dir++) {
reader_libpcapfile_monitor_dir(config.pcapReadDirs[dir]);
}
}
LOCAL void reader_libpcapfile_monitor_dir(char *dirname)
{
if (config.debug)
LOG("Monitoring %s", dirname);
int rc = inotify_add_watch(monitorFd, dirname, IN_CLOSE_WRITE | IN_CREATE);
if (rc == -1) {
LOG ("WARNING - Couldn't watch %s %s", dirname, strerror(errno));
return;
} else {
g_hash_table_insert(wdHashTable, (void*)(long)rc, g_strdup(dirname));
}
if (!config.pcapRecursive)
return;
GError *error = NULL;
GDir *dir = g_dir_open(dirname, 0, &error);
if (error)
LOGEXIT("ERROR: Couldn't open pcap directory %s: Receive Error: %s", dirname, error->message);
while (1) {
const gchar *filename = g_dir_read_name(dir);
// No more files, stop processing this directory
if (!filename) {
break;
}
// Skip hidden files/directories
if (filename[0] == '.')
continue;
gchar *fullfilename = g_build_filename (dirname, filename, NULL);
if (g_file_test(fullfilename, G_FILE_TEST_IS_DIR)) {
reader_libpcapfile_monitor_dir(fullfilename);
}
g_free(fullfilename);
}
g_dir_close(dir);
}
void reader_libpcapfile_monitor_dir(char *dirname)
{
GError *error = 0;
if (config.debug)
LOG("Monitoring %s", dirname);
if (error) {
LOG("ERROR: Couldn't open pcap directory %s: Receive Error: %s", dirname, error->message);
exit(0);
}
GFile *filedir = g_file_new_for_path(dirname);
GFileMonitor *monitor = g_file_monitor_directory (filedir, 0, NULL, &error);
g_file_monitor_set_rate_limit(monitor, 0);
g_signal_connect (monitor, "changed", G_CALLBACK (reader_libpcapfile_monitor_changed), 0);
if (!config.pcapRecursive)
return;
GDir *dir = g_dir_open(dirname, 0, &error);
while (1) {
const gchar *filename = g_dir_read_name(dir);
// No more files, stop processing this directory
if (!filename) {
break;
}
// Skip hidden files/directories
if (filename[0] == '.')
continue;
gchar *fullfilename = g_build_filename (dirname, filename, NULL);
if (g_file_test(fullfilename, G_FILE_TEST_IS_DIR)) {
reader_libpcapfile_monitor_dir(fullfilename);
}
g_free(fullfilename);
}
g_dir_close(dir);
}
static void
reader_libpcapfile_monitor_changed (GFileMonitor *UNUSED(monitor),
GFile *file,
GFile *UNUSED(other_file),
GFileMonitorEvent event_type,
gpointer UNUSED(user_data))
{
// Monitor new directories?
if (config.pcapRecursive &&
event_type == G_FILE_MONITOR_EVENT_CREATED &&
g_file_query_file_type(file, G_FILE_QUERY_INFO_NONE, NULL) == G_FILE_TYPE_DIRECTORY) {
gchar *path = g_file_get_path(file);
reader_libpcapfile_monitor_dir(path);
g_free(path);
return;
}
if (event_type != G_FILE_MONITOR_EVENT_CHANGES_DONE_HINT)
return;
gchar *basename = g_file_get_path(file);
if (!g_regex_match(config.offlineRegex, basename, 0, NULL)) {
g_free(basename);
return;
}
g_free(basename);
gchar *path = g_file_get_path(file);
MolochString_t *string = MOLOCH_TYPE_ALLOC0(MolochString_t);
string->str = path;
if (config.debug)
LOG("Monitor enqueing %s", string->str);
DLL_PUSH_TAIL(s_, &monitorQ, string);
}
