/* * Pack the record 'rwrec' into an array of bytes 'ar' */ static int genericioRecordPack_V1( skstream_t *rwIOS, const rwGenericRec_V5 *rwrec, uint8_t *ar) { uint32_t tmp32; /* Check sizes of fields we've expanded in later versions */ if (rwRecGetInput(rwrec) > 255 || rwRecGetOutput(rwrec) > 255) { return SKSTREAM_ERR_SNMP_OVRFLO; } /* Check sizes of fields we've expanded in later versions */ if (rwRecGetSensor(rwrec) > 255) { return SKSTREAM_ERR_SENSORID_OVRFLO; } /* sIP, dIP, sPort, dPort */ rwRecMemGetSIPv4(rwrec, &ar[0]); rwRecMemGetDIPv4(rwrec, &ar[4]); rwRecMemGetSPort(rwrec, &ar[8]); rwRecMemGetDPort(rwrec, &ar[10]); /* proto, flags, input, output */ ar[12] = rwRecGetProto(rwrec); ar[13] = rwRecGetFlags(rwrec); ar[14] = (uint8_t)rwRecGetInput(rwrec); ar[15] = (uint8_t)rwRecGetOutput(rwrec); /* nhIP */ rwRecMemGetNhIPv4(rwrec, &ar[16]); /* sTime */ tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000); memcpy(&ar[20], &tmp32, 4); /* pkts, bytes */ rwRecMemGetPkts(rwrec, &ar[24]); rwRecMemGetBytes(rwrec, &ar[28]); /* elapsed */ tmp32 = rwRecGetElapsed(rwrec) / 1000; memcpy(&ar[32], &tmp32, 4); /* sID */ ar[36] = (uint8_t)rwRecGetSensor(rwrec); /* clear padding if present (for consistent output) */ if (rwIOS->recLen == 40) { memset(&ar[37], 0, 3); } /* swap if required */ if (rwIOS->swapFlag) { genericioRecordSwap_V1(ar); } return SKSTREAM_OK; }
/* * Pack the record 'rwrec' into an array of bytes 'ar' */ static int genericioRecordPack_V2( skstream_t *rwIOS, const rwGenericRec_V5 *rwrec, uint8_t *ar) { uint32_t tmp32; /* sIP, dIP, sPort, dPort, nhIP, input, output */ rwRecMemGetSIPv4(rwrec, &ar[0]); rwRecMemGetDIPv4(rwrec, &ar[4]); rwRecMemGetSPort(rwrec, &ar[8]); rwRecMemGetDPort(rwrec, &ar[10]); rwRecMemGetNhIPv4(rwrec, &ar[12]); rwRecMemGetInput(rwrec, &ar[16]); rwRecMemGetOutput(rwrec, &ar[18]); /* sTime, elapsed */ tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000); memcpy(&ar[20], &tmp32, 4); tmp32 = rwRecGetElapsed(rwrec) / 1000; memcpy(&ar[24], &tmp32, 4); /* pkts, bytes */ rwRecMemGetPkts(rwrec, &ar[28]); rwRecMemGetBytes(rwrec, &ar[32]); /* proto, flow_type, sID, flags, init_flags, rest_flags, tcp_state */ rwRecMemGetProto(rwrec, &ar[36]); rwRecMemGetFlowType(rwrec, &ar[37]); rwRecMemGetSensor(rwrec, &ar[38]); rwRecMemGetFlags(rwrec, &ar[40]); rwRecMemGetInitFlags(rwrec, &ar[41]); rwRecMemGetRestFlags(rwrec, &ar[42]); rwRecMemGetTcpState(rwrec, &ar[43]); /* bpp field no longer exists */ memset(&ar[44], 0, 4); /* swap if required */ if (rwIOS->swapFlag) { genericioRecordSwap_V2(ar); } return SKSTREAM_OK; }
/* * Pack the record 'rwrec' into an array of bytes 'ar' */ static int genericioRecordPack_V3( skstream_t *rwIOS, const rwGenericRec_V5 *rwrec, uint8_t *ar) { imaxdiv_t idiv; uint32_t quot; uint16_t rem; /* sIP, dIP, sPort, dPort, nhIP, input, output */ rwRecMemGetSIPv4(rwrec, &ar[0]); rwRecMemGetDIPv4(rwrec, &ar[4]); rwRecMemGetSPort(rwrec, &ar[8]); rwRecMemGetDPort(rwrec, &ar[10]); rwRecMemGetNhIPv4(rwrec, &ar[12]); rwRecMemGetInput(rwrec, &ar[16]); rwRecMemGetOutput(rwrec, &ar[18]); /* sTime, sTime_msec */ idiv = imaxdiv(rwRecGetStartTime(rwrec), 1000); quot = (uint32_t)idiv.quot; rem = (uint16_t)idiv.rem; memcpy(&ar[20], ", 4); memcpy(&ar[48], &rem, 2); /* elapsed, elapsed_msec */ idiv = imaxdiv(rwRecGetElapsed(rwrec), 1000); quot = (uint32_t)idiv.quot; rem = (uint16_t)idiv.rem; memcpy(&ar[24], ", 4); memcpy(&ar[50], &rem, 2); /* pkts, bytes */ rwRecMemGetPkts(rwrec, &ar[28]); rwRecMemGetBytes(rwrec, &ar[32]); /* proto, flowtype, sensor, flags, init_flags, rest_flags, tcp_state */ rwRecMemGetProto(rwrec, &ar[36]); rwRecMemGetFlowType(rwrec, &ar[37]); rwRecMemGetSensor(rwrec, &ar[38]); rwRecMemGetFlags(rwrec, &ar[40]); rwRecMemGetInitFlags(rwrec, &ar[41]); rwRecMemGetRestFlags(rwrec, &ar[42]); rwRecMemGetTcpState(rwrec, &ar[43]); /* bpp field no longer exists */ memset(&ar[44], 0, 4); /* sTime_msec (above), elapsed_msec (above) */ /* application */ rwRecMemGetApplication(rwrec, &ar[52]); /* padding */ memset(&ar[54], 0, 2); /* swap if required */ if (rwIOS->swapFlag) { genericioRecordSwap_V3(ar); } return SKSTREAM_OK; }
static void printRecords( const rwRec rec[]) { char starttime[2][RWCOMPARE_BUFSIZ]; uint32_t elapsed[2]; uint32_t sport[2]; uint32_t dport[2]; uint32_t proto[2]; uint32_t flowtype[2]; uint32_t sensor[2]; uint32_t flags[2]; uint32_t initflags[2]; uint32_t restflags[2]; uint32_t tcpstate[2]; uint32_t application[2]; uint32_t memo[2]; uint32_t input[2]; uint32_t output[2]; uint32_t pkts[2]; uint32_t bytes[2]; char sip[2][RWCOMPARE_BUFSIZ]; char dip[2][RWCOMPARE_BUFSIZ]; char nhip[2][RWCOMPARE_BUFSIZ]; skipaddr_t ip; unsigned i; for (i = 0; i < 2; ++i) { sktimestamp_r( starttime[i], rwRecGetStartTime(&rec[i]), SKTIMESTAMP_EPOCH); elapsed[i] = rwRecGetElapsed(&rec[i]); sport[i] = rwRecGetSPort(&rec[i]); dport[i] = rwRecGetDPort(&rec[i]); proto[i] = rwRecGetProto(&rec[i]); flowtype[i] = rwRecGetFlowType(&rec[i]); sensor[i] = rwRecGetSensor(&rec[i]); flags[i] = rwRecGetFlags(&rec[i]); initflags[i] = rwRecGetInitFlags(&rec[i]); restflags[i] = rwRecGetRestFlags(&rec[i]); tcpstate[i] = rwRecGetTcpState(&rec[i]); application[i] = rwRecGetApplication(&rec[i]); memo[i] = rwRecGetMemo(&rec[i]); input[i] = rwRecGetInput(&rec[i]); output[i] = rwRecGetOutput(&rec[i]); pkts[i] = rwRecGetPkts(&rec[i]); bytes[i] = rwRecGetBytes(&rec[i]); rwRecMemGetSIP(&rec[i], &ip); skipaddrString(sip[i], &ip, SKIPADDR_HEXADECIMAL); rwRecMemGetDIP(&rec[i], &ip); skipaddrString(dip[i], &ip, SKIPADDR_HEXADECIMAL); rwRecMemGetNhIP(&rec[i], &ip); skipaddrString(nhip[i], &ip, SKIPADDR_HEXADECIMAL); } compareStrings("StartTime", starttime); compareNumbers("Elapsed", elapsed); compareNumbers("SPort", sport); compareNumbers("DPort", dport); compareNumbers("Proto", proto); compareNumbers("FlowType", flowtype); compareNumbers("Sensor", sensor); compareNumbers("Flags", flags); compareNumbers("InitFlags", initflags); compareNumbers("RestFlags", restflags); compareNumbers("TcpState", tcpstate); compareNumbers("Application", application); compareNumbers("Memo", memo); compareNumbers("Input", input); compareNumbers("Output", output); compareNumbers("Pkts", pkts); compareNumbers("Bytes", bytes); compareStrings("SIP", sip); compareStrings("DIP", dip); compareStrings("NhIP", nhip); }