void main (int argc, char* argv[])
{
int i;
char input_name[256] = "";
char output_name[256] = "";
long idle_limit = 2000; /* default threshold for idleness in millisec. */
long elapsed;
char parse_line[500];
char discard[50];
char *cursor;
char *vp;
/* Parse the command line */
i = 1;
while (i < argc) {
if (strcmp (argv[i], "-r") == 0) {
if (++i >= argc) Usage (argv[0]);
strcpy (input_name, argv[i]);
}
else if (strcmp (argv[i], "-w") == 0) {
if (++i >= argc) Usage (argv[0]);
strcpy (output_name, argv[i]);
}
else if (strcmp (argv[i], "-I") == 0) {
if (++i >= argc) Usage (argv[0]);
idle_limit = (long)atoi(argv[i]);
}
else
Usage (argv[0]);
i++;
}
/* Open files */
if (strcmp(output_name, "") == 0)
outFP = stdout;
else
{
strcat(output_name, ".activity");
if ((outFP = fopen (output_name, "w")) == NULL) {
fprintf (stderr, "error opening %s\n", output_name);
exit (-1);
}
}
if (strcmp(input_name, "") == 0)
dumpFP = stdin;
else
{
if ((dumpFP = fopen (input_name, "r")) == NULL) {
fprintf (stderr, "error opening %s\n", input_name);
exit (-1);
}
}
/* Read each record in the input file. Look for a change in the
source IP address (which indicates a new client). If a new
client, log the end of an idle period (if any) for the old
client and initialize the connection table for the new client.
If a record for the current client has been read, classify the
type of event it represent and process it to update the client
and connection state.
*/
while (!feof (dumpFP)) {
/* Get and parse line of data */
if (fgets (new_line, sizeof(new_line), dumpFP) == NULL)
break;
/* get first line pieces */
sscanf (new_line, "%s %s %s %s %s %s %s",
&ts, &sh, &sp, >, &dh, &dp, &fl);
/* if an ERR line, just show it */
if (strcmp(fl, "ERR:") == 0)
{
error_line(new_line);
continue;
}
/* now get variable part starting with the ":" considering that */
/* interpretation of the remaining fields depends on the flag value */
/* This is necessary to find the ending timestamp for FIN, RST, and
TRM events.
*/
strcpy(parse_line, new_line);
cursor = parse_line;
vp = (char *)strsep(&cursor, ":" );
if ((cursor == (char *)NULL) ||
(vp == (char *)NULL))
{
error_line(new_line);
continue;
}
/* Classify the event type by looking at the flag field from input
records */
if ((strcmp(fl, "REQ") == 0) ||
(strcmp(fl, "REQ-") == 0))
event_type = REQ;
else
{
if ((strcmp(fl, "RSP") == 0) ||
(strcmp(fl, "RSP-") == 0))
event_type = RSP;
else
{
if ((strcmp(fl, "FIN") == 0) ||
(strcmp(fl, "TRM") == 0) ||
(strcmp(fl, "RST") == 0))
{
/* need the ending timestamp from these record types */
sscanf(cursor, "%s %s", &discard, &earliest_end);
event_type = END;
}
else
{
if (strcmp(fl, "SYN") == 0)
event_type = SYN;
else
{
if (strcmp(fl, "ACT-REQ") == 0)
event_type = ACT_REQ;
else
if (strcmp(fl, "ACT-RSP") == 0)
event_type = ACT_RSP;
}
}
}
}
/* now use data from new trace record to update status */
/* first check to see if this is the same client host */
if (strcmp(current_src, sh) != 0)
{
if (client_state == IDLE)
log_IDLE(last_client_ts);
ClearConnections();
client_state = PENDING_ACTIVE;
strcpy(current_src, sh);
}
/* update the connection status for this client's connection */
set_connection(sp, dh, dp, event_type);
/* The main processing for idle periods is done by maintaining a state
variable (client_status) for the client and looking for specific input
record types at different values of the state variable. The
values of client_state and their implications are:
PENDING_ACTIVE - A new client is started and remains PENDING_ACTIVE
until an activity indication such as ACT-REQ,
ACT-RSP, or REQ is seen in which case it enters
the ACTIVE state. If there is an initial response,
PENDING_IDLE is entered.
ACTIVE - At least one request is outstanding and the state
can only change if there is a response completion
or connection termination.
PENDING_IDLE - There are no requests outstanding but the idle
period threshold has not elapsed since it entered
the PENDING_IDLE state.
IDLE - No outstanding requests for a period greater than
the idle threshold. The IDLE (and PENDING_IDLE)
states are exited on activity indication such as
ACT-REQ, ACT-RSP, or REQ
*/
switch (client_state)
{
case PENDING_ACTIVE:
switch (event_type)
{
case SYN:
break;
case ACT_REQ:
case ACT_RSP:
client_state = ACTIVE;
break;
case REQ:
client_state = ACTIVE;
log_REQ();
break;
case RSP:
client_state = PENDING_IDLE;
strcpy(idle_begin, ts);
log_RSP();
break;
case END:
break;
}
break;
case ACTIVE:
switch (event_type)
{
case SYN:
case ACT_REQ:
case ACT_RSP:
break;
case REQ:
log_REQ();
break;
case RSP:
log_RSP();
if (ConnectionsActive() == 0) /* Any active connections?*/
{
client_state = PENDING_IDLE;
strcpy(idle_begin, ts);
}
break;
case END:
if (ConnectionsActive() == 0) /* Any active connections?*/
{
client_state = PENDING_IDLE;
strcpy(idle_begin, earliest_end);
}
break;
}
break;
case PENDING_IDLE:
/* must start checking time, if > n seconds elapse since
entering PENDING_IDLE state, enter IDLE state */
elapsed = elapsed_ms(ts, idle_begin);
if (elapsed < idle_limit)
{
switch (event_type)
{
case SYN:
case END:
break;
case ACT_REQ:
case ACT_RSP:
client_state = ACTIVE;
break;
case REQ:
client_state = ACTIVE;
log_REQ();
break;
case RSP:
log_RSP();
break;
}
break; /* ends case PENDING_IDLE */
}
else /* it has crossed the idle threshold */
client_state = IDLE;
/* NOTE: drop through to IDLE to handle the current event */
case IDLE:
switch (event_type)
{
case SYN:
case END:
break;
case ACT_REQ:
case ACT_RSP:
client_state = ACTIVE;
log_IDLE(ts);
break;
case REQ:
client_state = ACTIVE;
log_IDLE(ts);
log_REQ();
break;
case RSP:
log_RSP();
break;
break; /* ends case PENDING_IDLE */
}
break;
default:
break;
} /* end switch */
strcpy(last_client_ts, ts);
} /* end while (!feof ....) */
close (dumpFP);
close (outFP);
}
void Fl_Canvas::RemoveDevice(Fl_DeviceGUI* Device)
{
ClearConnections(Device);
remove(Device);
redraw();
}
