static void filter(char *filename,char *operation) { char file_m[100],buffer[100]; int len; printf("%s %s\n",filename,operation); if(*(filename+0)!='.') { if(strstr(filename,"~")!=NULL && strcmp(operation,"CREATED")==0) { len=strlen(filename); *(filename+len-1)='\0'; strcpy(buffer,filename); strcat(buffer,"\n"); if(if_exists(buffer,0)==0) strcpy(u_files[u_cnt++],buffer); return; } strcpy(buffer,filename); strcat(buffer,"\n"); if(strcmp(operation,"DELETED")==0) { if(if_exists(buffer,1)==0) strcpy(d_files[d_cnt++],buffer); return; } else { if(if_exists(buffer,0)==0) strcpy(u_files[u_cnt++],buffer); return; } } else { if(strstr(filename,"swp")!=NULL && strcmp(operation,"MODIFIED")==0) { sscanf(filename,".%[^.].swp",file_m); len=strlen(file_m); *(file_m+len)='\n'; *(file_m+len+1)='\0'; if(if_exists(file_m,0)==0) strcpy(u_files[u_cnt++],file_m); } } return; }
int main(int argc, char **argv) { int ch, np, ret, Xflag = 0; pcap_handler phandler = dump_packet; const char *errstr = NULL; char *pidf = NULL; ret = 0; closefrom(STDERR_FILENO + 1); while ((ch = getopt(argc, argv, "Dxd:f:i:p:s:")) != -1) { switch (ch) { case 'D': Debug = 1; break; case 'd': delay = strtonum(optarg, 5, 60*60, &errstr); if (errstr) usage(); break; case 'f': filename = optarg; break; case 'i': interface = optarg; break; case 'p': pidf = optarg; break; case 's': snaplen = strtonum(optarg, 0, PFLOGD_MAXSNAPLEN, &errstr); if (snaplen <= 0) snaplen = DEF_SNAPLEN; if (errstr) snaplen = PFLOGD_MAXSNAPLEN; break; case 'x': Xflag++; break; default: usage(); } } log_debug = Debug; argc -= optind; argv += optind; /* does interface exist */ if (!if_exists(interface)) { warn("Failed to initialize: %s", interface); logmsg(LOG_ERR, "Failed to initialize: %s", interface); logmsg(LOG_ERR, "Exiting, init failure"); exit(1); } if (!Debug) { openlog("pflogd", LOG_PID | LOG_CONS, LOG_DAEMON); if (daemon(0, 0)) { logmsg(LOG_WARNING, "Failed to become daemon: %s", strerror(errno)); } pidfile(pidf); } tzset(); (void)umask(S_IRWXG | S_IRWXO); /* filter will be used by the privileged process */ if (argc) { filter = copy_argv(argv); if (filter == NULL) logmsg(LOG_NOTICE, "Failed to form filter expression"); } /* initialize pcap before dropping privileges */ if (init_pcap()) { logmsg(LOG_ERR, "Exiting, init failure"); exit(1); } /* Privilege separation begins here */ if (priv_init()) { logmsg(LOG_ERR, "unable to privsep"); exit(1); } setproctitle("[initializing]"); /* Process is now unprivileged and inside a chroot */ signal(SIGTERM, sig_close); signal(SIGINT, sig_close); signal(SIGQUIT, sig_close); signal(SIGALRM, sig_alrm); signal(SIGUSR1, sig_usr1); signal(SIGHUP, sig_hup); alarm(delay); buffer = malloc(PFLOGD_BUFSIZE); if (buffer == NULL) { logmsg(LOG_WARNING, "Failed to allocate output buffer"); phandler = dump_packet_nobuf; } else { bufleft = buflen = PFLOGD_BUFSIZE; bufpos = buffer; bufpkt = 0; } if (reset_dump(Xflag) < 0) { if (Xflag) return (1); logmsg(LOG_ERR, "Logging suspended: open error"); set_suspended(1); } else if (Xflag) return (0); while (1) { np = pcap_dispatch(hpcap, PCAP_NUM_PKTS, phandler, (u_char *)dpcap); if (np < 0) { if (!if_exists(interface) == -1) { logmsg(LOG_NOTICE, "interface %s went away", interface); ret = -1; break; } logmsg(LOG_NOTICE, "%s", pcap_geterr(hpcap)); } if (gotsig_close) break; if (gotsig_hup) { if (reset_dump(0)) { logmsg(LOG_ERR, "Logging suspended: open error"); set_suspended(1); } gotsig_hup = 0; } if (gotsig_alrm) { if (dpcap) flush_buffer(dpcap); else gotsig_hup = 1; gotsig_alrm = 0; alarm(delay); } if (gotsig_usr1) { log_pcap_stats(); gotsig_usr1 = 0; } } logmsg(LOG_NOTICE, "Exiting"); if (dpcap) { flush_buffer(dpcap); fclose(dpcap); } purge_buffer(); log_pcap_stats(); pcap_close(hpcap); if (!Debug) closelog(); return (ret); }
for_each(line,lines) { int col, accept = 0, /*proxyflag = 0, */valid = 1, setchainname = 0, commonflag = 0; unsigned long long traffic = 0; unsigned long pkts = 0; char *ipaddr = NULL,*ptr; valid_columns(ptr, line->str, ' ', col) if(valid) switch(col) { case 1: if(eq(ptr,"Chain")) { setchainname = 1; } else if(eq(ptr,"pkts")) { valid = 0; } else { sscanf(ptr,"%lu",&pkts); } break; case 2: if(setchainname) { if(!strncmp(ptr,"post_",5) || eq(ptr,"POSTROUTING")) { downloadflag = 1; } else { if(!strncmp(ptr,"forw_",5) || eq(ptr,"FORWARD")) { downloadflag = 0; } } if(eq(ptr,"post_common") || eq(ptr,"forw_common")) { commonflag = 1; } } else { sscanf(ptr,"%Lu",&traffic); traffic += (1<<19); traffic >>= 20; } break; case 3: if((strncmp(ptr,"post_",5) && strncmp(ptr,"forw_",5)) || commonflag) { accept = eq(ptr,mark); } break; case 7: if(ipv6 && !downloadflag) { ipaddr = ptr; } break; case 8: if(ipv6 && downloadflag) { ipaddr = ptr; } else if(!ipv6) { /* if(downloadflag) { if(strstr(proxy_ip,ptr)) { proxyflag = 1; } } else { */ if(!downloadflag) { ipaddr = ptr; } } break; case 9: if(!ipv6 && downloadflag) { ipaddr = ptr; } break; } if(accept && traffic>0 && ipaddr) { /* IPv6 subnet - /64 */ char *isipv6 = strstr(ipaddr,"/64"); if(ipv6 && isipv6) { *isipv6=0; printf("(IPv6) "); } else { printf("(IPv4) "); } /* if(proxyflag) { printf("(proxy) "); } else */ if(!downloadflag) { printf("(up) "); } else { printf("(down) "); } traffic_detected = 1; printf("%s %Lu MB (%ld pkts)\n", ipaddr, traffic, pkts); if_exists(ip, ips, eqi(ip->addr,ipaddr)); else {
int64_t prune_local_prefix_tree(trans* orig_tree, int64_t tree_size, int64_t *freq1, trans* pruned_tree, int64_t* pruned_freq, trans* label_list, int64_t list_size){ #if 0 if(!orig_tree or !freq1 or tree_size == 0) { cout << "Cannot prune a empty tree \n"; return -1; } if(!pruned_tree or !pruned_freq){ cout << "Please allocate memory for pruned tree\n"; return -1; } if(!label_list){ cout << "No lables assigned to this process, returning empty tree \n"; pruned_tree = NULL; pruned_freq = NULL; return 0; } trans label, tmp; int64_t label_freq; stack s; /* copy root to result and on top of stack */ pruned_tree[0] = ROOT; pruned_freq[0] = freq1[0]; int64_t pruned_size = 1; s.push(ROOT, freq1[0]); /* Start after Root of tree*/ for(int64_t i=1; i < tree_size; i++) { label = orig_tree[i]; label_freq = freq1[i]; if(label != delimiter){ s.push(label, label_freq); } else{ /* next label in tree is a delimiter * Find what is on top of stack */ tmp = s.peek_label(); if(tmp == ROOT) { // add delimiter to result if stack top is ROOT pruned_tree[pruned_size] = label; pruned_freq[pruned_size] = freq1[i]; pruned_size++; } else if(if_exists(tmp, label_list, list_size)) { /* empty the stacks and add everythign * including current delimiter to result */ s.push(label, label_freq); pruned_size = s.pop_to_array(pruned_tree, pruned_freq, pruned_size); }else{ //pop the label on top and discard s.pop(); } }// end of "if delimiter" }// end of for loop/original tree return pruned_size; #endif }