Example #1
0
	int initialize(const configuration &conf,
				   const std::string &outputDirectory,
				   const std::string &)
	{
		if (conf.get(maxFlows, "max-flows", "sensor_dns")
				!= configuration::OK)
		{
			cerr << "sensor_dns: missing or invalid max-flows" << endl;
			return 1;
		}

		if (conf.get(queryTimeout, "query-timeout", "sensor_dns")
				!= configuration::OK)
		{
			cerr << "sensor_dns: missing or invalid query-timeout" << endl;
			return 1;
		}

		flowTable.rehash(maxFlows);
		boost::shared_ptr<StrftimeWriteEnumerator<DNS> >
		enumerator(new StrftimeWriteEnumerator<DNS>(
		outputDirectory, "%Y/%m/%d/dns_%H"));

		boost::shared_ptr<InferFileWriter<FlatFileWriter<DNS> > > inferWriter(new InferFileWriter<FlatFileWriter<DNS> >(enumerator));
		writer = new AsynchronousWriter<InferFileWriter<FlatFileWriter<DNS> > >(inferWriter);
		flowTableLocks = new pthread_mutex_t[flowTable.bucket_count()];
		for (size_t bucket = 0; bucket < flowTable.bucket_count(); ++bucket) {
			if (pthread_mutex_init(&(flowTableLocks[bucket]), NULL) != 0) {
				abort();
			}
		}
		pthread_mutex_init(&flushLock, NULL);
		return 0;
	}
Example #2
0
	int flush() {
		static time_t _time;
		static size_t bucket, index;
		static unordered_map <string, DNS*>::local_iterator flowItr;
		static vector <string> eraseList;
		_time = time(NULL);
		/* Debug output. */
		cout << "dns: flush() called (flowTable: " << flowTable.size()
			 << ", numBadPackets: " << numBadPackets << ')' << endl;
		/* Prevents interference with finish(). */
		pthread_mutex_lock(&flushLock);
		if (flowTable.size()) {
			for (bucket = 0; bucket < flowTable.bucket_count(); ++bucket) {
				if (eraseList.size() > 0) {
					eraseList.clear();
				}
				/* Prevents interference with processPacket(). */
				pthread_mutex_lock(&flowTableLocks[bucket]);
				for (flowItr = flowTable.begin(bucket);
					 flowItr != flowTable.end(bucket);
					 ++flowItr)
				{
					if (_time - flowItr -> second -> queryTime().seconds() >= queryTimeout) {
						writer->write(flowItr -> second);
						eraseList.push_back(flowItr -> first);
					}
				}
				for (index = 0; index < eraseList.size(); ++index) {
					flowTable.erase(flowTable.find(eraseList[index]));
				}
				pthread_mutex_unlock(&flowTableLocks[bucket]);
			}
		}
		pthread_mutex_unlock(&flushLock);
		return 0;
	}