int main(int argc, char *argv[])
{
int ret_value = 0;
globals_alloc();
/* etterfilter copyright */
fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
GBL_PROGRAM, EC_VERSION, EC_COPYRIGHT, EC_AUTHORS);
/* initialize the line number */
GBL->lineno = 1;
/* getopt related parsing... */
parse_options(argc, argv);
/* set the input for source file */
if (GBL_OPTIONS->source_file) {
yyin = fopen(GBL_OPTIONS->source_file, "r");
if (yyin == NULL)
FATAL_ERROR("Input file not found !");
} else {
FATAL_ERROR("No source file.");
}
/* no buffering */
setbuf(yyin, NULL);
setbuf(stdout, NULL);
setbuf(stderr, NULL);
/* load the tables in etterfilter.tbl */
load_tables();
/* load the constants in etterfilter.cnt */
load_constants();
/* print the message */
fprintf(stdout, "\n Parsing source file \'%s\' ", GBL_OPTIONS->source_file);
fflush(stdout);
ef_debug(1, "\n");
/* begin the parsing */
if (yyparse() == 0)
fprintf(stdout, " done.\n\n");
else
fprintf(stdout, "\n\nThe script contains errors...\n\n");
/* write to file */
ret_value = write_output();
if (ret_value == -E_NOTHANDLED)
FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file);
else if (ret_value == -E_INVALID)
FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file);
globals_free();
return 0;
}
int parse_opt(int key, char *arg, struct argp_state *state) {
switch (key) {
case 'o':
printf("Output File\n");
break;
case ARGP_KEY_ARG:
/**
* parse input file and add contents to structures
*/
parse_input(arg, vars);
break;
case ARGP_KEY_END:
/**
* do the calculations
*/
compute(vars);
globals_free(&vars);
puts("Quit.");
break;
}
return 0;
}
int main(int argc, char *argv[])
{
int ret;
/* etterlog copyright */
globals_alloc();
fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
GBL_PROGRAM, EC_VERSION, EC_COPYRIGHT, EC_AUTHORS);
/* allocate the global target */
SAFE_CALLOC(GBL_TARGET, 1, sizeof(struct target_env));
/* initialize to all target */
GBL_TARGET->all_mac = 1;
GBL_TARGET->all_ip = 1;
GBL_TARGET->all_port = 1;
/* getopt related parsing... */
parse_options(argc, argv);
/* get the global header */
ret = get_header(&GBL->hdr);
if (ret == -EINVALID)
FATAL_ERROR("Invalid log file");
fprintf(stderr, "Log file version : %s\n", GBL->hdr.version);
/* display the date. ec_ctime() has no newline at end. */
fprintf(stderr, "Timestamp : %s [%lu]\n", ec_ctime(&GBL->hdr.tv), GBL->hdr.tv.tv_usec);
fprintf(stderr, "Type : %s\n\n", (GBL->hdr.type == LOG_PACKET) ? "LOG_PACKET" : "LOG_INFO" );
/* analyze the logfile */
if (GBL->analyze)
analyze();
/* rewind the log file and skip the global header */
gzrewind(GBL_LOG_FD);
get_header(&GBL->hdr);
/* create the connection table (respecting the filters) */
if (GBL->connections)
conn_table_create();
/* display the connection table */
if (GBL->connections && !GBL->decode)
conn_table_display();
/* extract files from the connections */
if (GBL->decode)
conn_decode();
/* not interested in the content... only analysis */
if (GBL->analyze || GBL->connections)
return 0;
/* display the content of the logfile */
display();
globals_free();
return 0;
}
