void flushclosedentries(struct tcptable *table, unsigned long *screen_idx,
int logging, FILE *logfile)
{
struct tcptableent *ptmp = table->head;
struct tcptableent *ctmp = NULL;
unsigned long idx = 1;
time_t now;
time_t lastupdated = 0;
while (ptmp != NULL) {
now = time(NULL);
lastupdated = (now - ptmp->lastupdate) / 60;
if ((ptmp->inclosed) || (lastupdated > options.timeout)) {
ctmp = ptmp;
/*
* Mark and flush timed out TCP entries.
*/
if (lastupdated > options.timeout) {
if ((!(ptmp->timedout)) && (!(ptmp->inclosed))) {
write_timeout_log(logging, logfile,
ptmp);
ptmp->timedout =
ptmp->oth_connection->timedout = 1;
}
}
/*
* Advance to next entry and destroy target entry.
*/
ptmp = ptmp->next_entry;
/*
* If the targeted entry is highlighted, and the next entry is
* not NULL (we're still in the list) we move the bar pointer to
* the next entry otherwise we move it to the previous entry.
*/
if (ptmp != NULL) {
if (table->barptr == ctmp) {
table->barptr = ptmp;
}
} else {
if (table->barptr == ctmp) {
table->barptr =
table->barptr->prev_entry;
}
}
/*
* Do the dirty deed
*/
del_tcp_hash_node(table, ctmp);
destroy_tcp_entry(table, ctmp);
/*
* Adjust screen index if the deleted entry was "above"
* the screen.
*/
if (idx < *screen_idx)
(*screen_idx)--;
} else {
/*
* Set the first visible pointer once the index matches
* the screen index.
*/
if (idx == *screen_idx)
table->firstvisible = ptmp;
/*
* Keep setting the last visible pointer until the scan
* index "leaves" the screen
*/
if (idx <= (*screen_idx) + (table->imaxy - 1))
table->lastvisible = ptmp;
ptmp->index = idx;
idx++;
ptmp = ptmp->next_entry;
}
}
table->lastpos = idx - 1;
table->count = table->lastpos / 2;
destroy_closed_entries(table);
/*
* Shift entries down if the deletion causes the last entry to
* occupy anywhere other than the last line of the TCP display
* window.
*/
if (table->head != NULL) {
/*
* Point screen index to the last table entry if the tail entry is
* "above" the screen index. Set the firstvisible pointer to that
* as well.
*/
if (table->tail->index < *screen_idx) {
*screen_idx = table->tail->index;
table->firstvisible = table->tail;
}
/*
* Move the screen index and firstvisible entry up until the tail
* hits the bottom of the window (tail is at screen index plus
* screen length minus 1) or the firstvisible pointer hits the
* head of the table. The highlight bar should "go along" with
* the shifting.
*/
while ((table->tail->index < *screen_idx + table->imaxy - 1)
&& (table->firstvisible->prev_entry != NULL)) {
table->firstvisible = table->firstvisible->prev_entry;
(*screen_idx)--;
}
/*
* Set the bar position index once everything's done.
*/
table->baridx = table->barptr->index - *screen_idx + 1;
}
}
struct tcptableent *in_table(struct tcptable *table,
struct sockaddr_storage *saddr,
struct sockaddr_storage *daddr,
char *ifname, int logging,
FILE *logfile, time_t timeout)
{
struct tcp_hashentry *hashptr;
unsigned int hp;
time_t now;
if (table->head == NULL) {
return 0;
}
/*
* Determine hash table index for this set of addresses and ports
*/
hp = tcp_hash(saddr, daddr, ifname);
hashptr = table->hash_table[hp];
while (hashptr != NULL) {
if (sockaddr_is_equal(&hashptr->tcpnode->saddr, saddr)
&& sockaddr_is_equal(&hashptr->tcpnode->daddr, daddr)
&& (strcmp(hashptr->tcpnode->ifname, ifname) == 0))
break;
now = time(NULL);
/*
* Add the timed out entries to the closed list in case we didn't
* find any closed ones.
*/
if ((timeout > 0)
&& ((now - hashptr->tcpnode->lastupdate) / 60 > timeout)
&& (!(hashptr->tcpnode->inclosed))) {
hashptr->tcpnode->timedout = 1;
hashptr->tcpnode->oth_connection->timedout = 1;
addtoclosedlist(table, hashptr->tcpnode);
if (logging)
write_timeout_log(logging, logfile,
hashptr->tcpnode);
}
hashptr = hashptr->next_entry;
}
if (hashptr != NULL) { /* needed to avoid SIGSEGV */
if ((((hashptr->tcpnode->finsent == 2)
&& (hashptr->tcpnode->oth_connection->finsent == 2)))
||
(((hashptr->tcpnode->stat & FLAG_RST)
|| (hashptr->tcpnode->oth_connection->
stat & FLAG_RST)))) {
return NULL;
} else {
return hashptr->tcpnode;
}
} else {
return NULL;
}
}
struct tcptableent *in_table(struct tcptable *table, unsigned long saddr,
unsigned long daddr, unsigned int sport,
unsigned int dport, char *ifname,
int logging, FILE * logfile,
int *nomem, struct OPTIONS *opts)
{
struct tcp_hashentry *hashptr;
unsigned int hp;
// int hastimeouts = 0;
time_t now;
time_t timeout;
if (opts != NULL)
timeout = opts->timeout;
else
timeout = 0;
if (table->head == NULL) {
return 0;
}
/*
* Determine hash table index for this set of addresses and ports
*/
hp = tcp_hash(saddr, sport, daddr, dport, ifname);
hashptr = table->hash_table[hp];
while (hashptr != NULL) {
if ((hashptr->tcpnode->saddr.s_addr == saddr) &&
(hashptr->tcpnode->daddr.s_addr == daddr) &&
(hashptr->tcpnode->sport == sport) &&
(hashptr->tcpnode->dport == dport) &&
(strcmp(hashptr->tcpnode->ifname, ifname) == 0))
break;
now = time(NULL);
/*
* Add the timed out entries to the closed list in case we didn't
* find any closed ones.
*/
if ((timeout > 0)
&& ((now - hashptr->tcpnode->lastupdate) / 60 > timeout)
&& (!(hashptr->tcpnode->inclosed))) {
hashptr->tcpnode->timedout = 1;
hashptr->tcpnode->oth_connection->timedout = 1;
addtoclosedlist(table, hashptr->tcpnode, nomem);
//if (!(*nomem))
// hastimeouts = 1;
if (logging)
write_timeout_log(logging, logfile, hashptr->tcpnode,
opts);
}
hashptr = hashptr->next_entry;
}
if (hashptr != NULL) { /* needed to avoid SIGSEGV */
if ((((hashptr->tcpnode->finsent == 2) &&
(hashptr->tcpnode->oth_connection->finsent == 2))) ||
(((hashptr->tcpnode->stat & FLAG_RST) ||
(hashptr->tcpnode->oth_connection->stat & FLAG_RST)))) {
return NULL;
} else {
return hashptr->tcpnode;
}
} else {
return NULL;
}
}
