/**
* Start function
*/
void IpfixCsExporter::performStart()
{
writeFileHeader();
addToCurTime(&nextChunkTimeout, maxChunkBufferTime*1000);
addToCurTime(&nextFileTimeout, maxFileCreationInterval*1000);
registerTimeout();
}
void IpfixCsExporter::onTimeout(void* dataPtr)
{
timeoutRegistered = false;
struct timeval now;
gettimeofday(&now, 0);
//check if this is one of the desired timeouts
if (nextFileTimeout.tv_sec <= now.tv_sec) {
//close File, add new one
writeChunkList();
writeFileHeader();
addToCurTime(&nextChunkTimeout, maxChunkBufferTime*1000);
addToCurTime(&nextFileTimeout, maxFileCreationInterval*1000);
} else if (nextChunkTimeout.tv_sec <= now.tv_sec) {
writeChunkList();
addToCurTime(&nextChunkTimeout, maxChunkBufferTime*1000);
}
registerTimeout();
}
/**
* Put new Data Record in outbound exporter queue
* @param rec Data Data Record
*/
void IpfixNetflowExporter::onDataRecord(IpfixDataRecord* record)
{
registerTimeout();
recordCache.push(record);
sendRecords();
}
/**
* Gets new Biflows from the aggregator and collects these data
*/
void P2PDetector::onDataDataRecord(IpfixDataDataRecord* record)
{
// convert ipfixrecord to connection struct
Connection conn(record);
conn.swapIfNeeded();
if((conn.srcIP & subnetmask) == (subnet & subnetmask)){
P2PEntry& entry = hostList[conn.srcIP];
//UDP biflows
if(conn.protocol == 17){
//number of UDP biflows
entry.numUDPBiFlows++;
//contacted UDP hosts
entry.contactedUDPHosts[conn.dstIP] = true;
}
//TCP biflows
if(conn.protocol == 6){
//number of all TCP biflows
entry.numTCPBiFlows++;
if(succConn(conn)){
uint64_t flowLength = (conn.srcTimeEnd < conn.dstTimeEnd ? conn.dstTimeEnd : conn.srcTimeEnd) - conn.srcTimeStart;
//sum of all biflow length
entry.sumTCPLength += flowLength;
//number of long TCP connections
if(flowLength >= 60000)
entry.numLongTCPCons++;
//list of all starting points of the biflows to calculate the variance of starting points
entry.succBiFlowStarts.push_back(conn.srcTimeStart);
}else{
//number of failed TCP connections
entry.numFailedTCPCons++;
//list of all starting points of the failed connections to calculate the variance of failed connection attempts
entry.failedBiFlowStarts.push_back(conn.srcTimeStart);
}
}
}
if((conn.dstIP & subnetmask) == (subnet & subnetmask)){
P2PEntry& entry = hostList[conn.dstIP];
//UDP biflows
if(conn.protocol == 17){
//number of UDP biflows
entry.numUDPBiFlows++;
}
//TCP biflows
if(conn.protocol == 6){
//number of all TCP biflows
entry.numTCPBiFlows++;
if(succConn(conn)){
uint64_t flowLength = (conn.srcTimeEnd < conn.dstTimeEnd ? conn.dstTimeEnd : conn.srcTimeEnd) - conn.srcTimeStart;
//sum of all biflow length
entry.sumTCPLength += flowLength;
//number of long TCP connections
if(flowLength >= 60000)
entry.numLongTCPCons++;
//list of all starting points of the biflows to calculate the variance of starting points
entry.succBiFlowStarts.push_back(conn.srcTimeStart);
}else{
//number of failed TCP connections
entry.numFailedTCPCons++;
//list of all starting points of the failed connections to calculate the variance of failed connection attempts
entry.failedBiFlowStarts.push_back(conn.srcTimeStart);
}
}
}
record->removeReference();
registerTimeout();
}
