void PgsqlSaver::ProcPacket(Packet * pkt){ ostringstream oss; if(pkt->GetProtocol() != IPPROTO_TCP){return;} char ctstamp[100]; struct timeval tmp_time = pkt->GetTimestamp(); strftime(ctstamp, 100, "%Y-%m-%d %H:%M:%S", (const struct tm *)localtime(&tmp_time.tv_sec)); string tstamp = ctstamp; // BLUE cout << timetemp << endl;RESET /* oss << tmp->tm_year+1900 <<"-"<< tmp->tm_mon+1 <<"-"<<tmp->tm_mday <<" "<<tmp->tm_hour<<":"<<tmp->tm_min<<":"<<tmp->tm_sec; string tstamp = oss.str(); */ oss.str(""); oss << "insert into save_packet (id , src_ip ,dst_ip ,src_port ,dst_port ,timestamp , \ protocol, packet_size, packet_size_org, content_size, flag, content) values (\ default,'"<< pkt->GetSrcIPStr() <<"','"<<pkt->GetDstIPStr() <<"','"<< pkt->GetSrcPort() <<"','"\ <<pkt->GetDstPort() <<"','"<< tstamp <<"','"<<pkt->GetProtocol()<<"','"<< pkt->GetPacketSize() <<"','"<< pkt->GetPacketSizeOrg() <<"','"\ << pkt->GetContentSize(); string query = oss.str(); //flag row query += "','"; if(pkt->GetProtocol() == IPPROTO_TCP){ if(pkt->GetAck()){ query += "[ACK]"; } if(pkt->GetFin()){ query += "[FIN]"; } if(pkt->GetSyn()){ query += "[SYN]"; } if(pkt->GetRst()){ query += "[RST]"; } } //query += "',E'"+T.esc_raw(pkt->GetContent(), pkt->GetContentSize())+"');"; query += "',E'"+escape_binary(pkt->GetContent(), pkt->GetContentSize())+"');"; connection *conn = pgsql->GetConn(); work T(*conn); try{ // T.exec(query); // T.commit(); } catch(const exception &e){ cerr << e.what() << endl; } catch(...){ cerr << "unhandled exception" << endl; } // pgsql.ExecSql(query); oss.str(""); return; }
void ResultSaver::Proc(Packet *pkt){ for(list<Result *>::iterator it=result_pool->GetResultFirstIt(); it != result_pool->GetResultLastIt(); it++){ ostringstream oss; oss.str(""); oss << "insert into save_result(id, stream_id, date, rule_id, result) values "\ << "NULL" << "," << (*it)->GetParentStream()->GetStreamId() << "," << (*it)->GetFilterId() << "," \ << (*it)->GetStreamOffsetSize() << "," << (*it)->GetPacketOffsetSize() << "," << (*it)->GetPacketContentSize() ; string query = oss.str(); #ifdef USE_POSTGRES query += "',E'"+escape_binary((*it)->GetResultString(), (*it)->GetResultSize())+"');"; #endif #ifdef FILEWRITE_MODE file_writer->Write(query); #endif #ifdef USE_POSTGRES #ifdef POSTGRES_MODE connection *conn = pgsql->GetConn(); work T(*conn); try{ T.exec(query); T.commit(); } catch(const exception &e){ cerr << e.what() << endl; } catch(...){ cerr << "unhandled exception" << endl; } #endif //POSTGRES_MODE #endif //USE_POSTGRES oss.str(""); } }
void PgsqlSaver::Proc(Stream * stream){ //add struct timeval tmp_time = stream->GetTimestamp(); struct tm *tmp = localtime(&tmp_time.tv_sec); ostringstream oss; oss << tmp->tm_year+1900 <<"-"<< tmp->tm_mon+1 <<"-"<<tmp->tm_mday <<" "<<tmp->tm_hour<<":"<<tmp->tm_min<<":"<<tmp->tm_sec; string tstamp = oss.str(); // cout << str_src_addr <<":"<<str_dst_addr << endl; oss.str(""); oss << "insert into save_stream (" <<"id, srim_version, src_ip, dst_ip, src_port, dst_port, timestamp, " <<"direction ,truncate , regexp_id, " <<"st_size, st_size_org, " <<"error, " <<"l7_error, " <<"l7prot, http_size, http_compress, " <<"http_header_size, http_chunked, hit_count, " <<"match_str, stream, stream_org, " <<"after_ipfilter, after_prefilter, prefilter_log" <<") values ('" << stream->GetStreamId() << "','2.2','"<<stream->GetSrcIPStr()<<"','"<<stream->GetDstIPStr()<<"','"<<stream->GetSrcPort()<<"','"<<stream->GetDstPort()<<"','"<<tstamp<<"','" << stream->GetDirection() <<"','"<< stream->GetTruncated() <<"','"<< stream->GetRuleIds() <<"','" // << stream->GetDirection() <<"','"<< stream->GetTruncated() <<"','""','" << stream->GetStreamSize() <<"','"<< stream->GetOrgStreamSize() <<"','" << stream->GetError() <<"','" << stream->GetL7Error() <<"','" << stream->GetL7Protocol() <<"','"<< stream->GetHttpContentSize() <<"','"<< stream->GetHttpCompress() <<"','" \ << stream->GetHttpHeaderSize() <<"','"<< stream->GetHttpChunked() <<"','"<< stream->GetHitCount(); string query = oss.str(); //match_str //query += "',E'"+T.esc_raw(stream->GetMatchString())+"'"; query += "',E'"+escape_binary(stream->GetMatchString())+"'"; //stream if(!no_stream_save){ query += ",E'"; // for(list<Packet*>::iterator it = stream->GetPacketFirstIt(); it != stream->GetPacketLastIt(); it++){ // query += T.esc_raw((*it)->GetContent(), (*it)->GetContentSize()); // } query += "'"; }else{ query += ",''"; } //stream_org if(!no_stream_org_save){ query += ",''"; }else{ query += ",''"; } //MatchPreFilter //after_ipfilter, after_prefilter, prefilter_log if(stream->GetMatchPreFilterState() != 0){ oss.str(""); oss << ", " << stream->GetMatchPreFilterState()->GetAfterIpFilter() << ", " << stream->GetMatchPreFilterState()->GetAfterPreFilter(); query += oss.str() + ", '" + stream->GetMatchPreFilterState()->GetMatchPreFilterLog() + "'"; }else{ query += ", -1, -1, ''"; } query += ");"; #ifdef FILEWRITE_MODE file_writer->Write(query); #endif #ifdef POSTGRES_MODE connection *conn = pgsql->GetConn(); work T(*conn); try{ // T.exec(query); // T.commit(); } catch(const exception &e){ cerr << e.what() << endl; } catch(...){ cerr << "unhandled exception" << endl; } #endif oss.str(""); return; }