static void write_flow_log() {
printf("Writing thresholded flows log to %s\n", FLOW_THRESHOLDING_LOG);
if (flow_table_write_thresholded_ips(&flow_table,
start_timestamp_microseconds,
sequence_number)) {
fprintf(stderr, "Couldn't write thresholded flows log\n");
}
}
/* Write an update to UPDATE_FILENAME. This is the file that will be sent to the
* server. The data is compressed on-the-fly using gzip. */
static void write_update() {
struct pcap_stat statistics;
int have_pcap_statistics;
if (pcap_handle) {
have_pcap_statistics = !pcap_stats(pcap_handle, &statistics);
#ifndef NDEBUG
if (!have_pcap_statistics) {
pcap_perror(pcap_handle, "Error fetching pcap statistics");
}
#endif
} else {
have_pcap_statistics = 0;
}
#ifndef DISABLE_FLOW_THRESHOLDING
if (flow_table_write_thresholded_ips(&flow_table,
start_timestamp_microseconds,
sequence_number)) {
#ifndef NDEBUG
fprintf(stderr, "Couldn't write thresholded flows log\n");
#endif
}
#endif
#ifndef NDEBUG
printf("Writing differential log to %s\n", PENDING_UPDATE_FILENAME);
#endif
gzFile handle = gzopen (PENDING_UPDATE_FILENAME, "wb");
if (!handle) {
#ifndef NDEBUG
perror("Could not open update file for writing");
#endif
exit(1);
}
dns_table_mark_unanonymized(&dns_table, &flow_table);
time_t current_timestamp = time(NULL);
if (!gzprintf(handle,
"%d\n%s\n",
FILE_FORMAT_VERSION,
BUILD_ID)) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
if (!gzprintf(handle,
"%s %" PRId64 " %d %" PRId64 "\n",
bismark_id,
start_timestamp_microseconds,
sequence_number,
(int64_t)current_timestamp)) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
if (have_pcap_statistics) {
if (!gzprintf(handle,
"%u %u %u\n",
statistics.ps_recv,
statistics.ps_drop,
statistics.ps_ifdrop)) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
}
if (!gzprintf(handle, "\n")) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
if (sequence_number == 0) {
if (domain_whitelist_write_update(&domain_whitelist, handle)) {
exit(1);
}
} else {
if (!gzprintf(handle, "\n")) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
}
#ifndef DISABLE_ANONYMIZATION
if (anonymization_write_update(handle)) {
exit(1);
}
#else
if (!gzprintf(handle, "UNANONYMIZED\n\n")) {
#ifndef NDEBUG
perror("Error writing update");
#endif
exit(1);
}
#endif
if (packet_series_write_update(&packet_data, handle)
|| flow_table_write_update(&flow_table, handle)
|| dns_table_write_update(&dns_table, handle)
|| address_table_write_update(&address_table, handle)
|| drop_statistics_write_update(&drop_statistics, handle)) {
exit(1);
}
gzclose(handle);
char update_filename[FILENAME_MAX];
snprintf(update_filename,
FILENAME_MAX,
UPDATE_FILENAME,
bismark_id,
start_timestamp_microseconds,
sequence_number);
if (rename(PENDING_UPDATE_FILENAME, update_filename)) {
#ifndef NDEBUG
perror("Could not stage update");
#endif
exit(1);
}
++sequence_number;
packet_series_init(&packet_data);
flow_table_advance_base_timestamp(&flow_table, current_timestamp);
dns_table_destroy(&dns_table);
dns_table_init(&dns_table, &domain_whitelist);
drop_statistics_init(&drop_statistics);
}
