/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V1(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
uint32_t tmp32;
/* Check sizes of fields we've expanded in later versions */
if (rwRecGetInput(rwrec) > 255 || rwRecGetOutput(rwrec) > 255) {
return SKSTREAM_ERR_SNMP_OVRFLO;
}
/* Check sizes of fields we've expanded in later versions */
if (rwRecGetSensor(rwrec) > 255) {
return SKSTREAM_ERR_SENSORID_OVRFLO;
}
/* sIP, dIP, sPort, dPort */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
/* proto, flags, input, output */
ar[12] = rwRecGetProto(rwrec);
ar[13] = rwRecGetFlags(rwrec);
ar[14] = (uint8_t)rwRecGetInput(rwrec);
ar[15] = (uint8_t)rwRecGetOutput(rwrec);
/* nhIP */
rwRecMemGetNhIPv4(rwrec, &ar[16]);
/* sTime */
tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000);
memcpy(&ar[20], &tmp32, 4);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[24]);
rwRecMemGetBytes(rwrec, &ar[28]);
/* elapsed */
tmp32 = rwRecGetElapsed(rwrec) / 1000;
memcpy(&ar[32], &tmp32, 4);
/* sID */
ar[36] = (uint8_t)rwRecGetSensor(rwrec);
/* clear padding if present (for consistent output) */
if (rwIOS->recLen == 40) {
memset(&ar[37], 0, 3);
}
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V1(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V2(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
uint32_t tmp32;
/* sIP, dIP, sPort, dPort, nhIP, input, output */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
rwRecMemGetNhIPv4(rwrec, &ar[12]);
rwRecMemGetInput(rwrec, &ar[16]);
rwRecMemGetOutput(rwrec, &ar[18]);
/* sTime, elapsed */
tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000);
memcpy(&ar[20], &tmp32, 4);
tmp32 = rwRecGetElapsed(rwrec) / 1000;
memcpy(&ar[24], &tmp32, 4);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[28]);
rwRecMemGetBytes(rwrec, &ar[32]);
/* proto, flow_type, sID, flags, init_flags, rest_flags, tcp_state */
rwRecMemGetProto(rwrec, &ar[36]);
rwRecMemGetFlowType(rwrec, &ar[37]);
rwRecMemGetSensor(rwrec, &ar[38]);
rwRecMemGetFlags(rwrec, &ar[40]);
rwRecMemGetInitFlags(rwrec, &ar[41]);
rwRecMemGetRestFlags(rwrec, &ar[42]);
rwRecMemGetTcpState(rwrec, &ar[43]);
/* bpp field no longer exists */
memset(&ar[44], 0, 4);
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V2(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V3(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
imaxdiv_t idiv;
uint32_t quot;
uint16_t rem;
/* sIP, dIP, sPort, dPort, nhIP, input, output */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
rwRecMemGetNhIPv4(rwrec, &ar[12]);
rwRecMemGetInput(rwrec, &ar[16]);
rwRecMemGetOutput(rwrec, &ar[18]);
/* sTime, sTime_msec */
idiv = imaxdiv(rwRecGetStartTime(rwrec), 1000);
quot = (uint32_t)idiv.quot;
rem = (uint16_t)idiv.rem;
memcpy(&ar[20], ", 4);
memcpy(&ar[48], &rem, 2);
/* elapsed, elapsed_msec */
idiv = imaxdiv(rwRecGetElapsed(rwrec), 1000);
quot = (uint32_t)idiv.quot;
rem = (uint16_t)idiv.rem;
memcpy(&ar[24], ", 4);
memcpy(&ar[50], &rem, 2);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[28]);
rwRecMemGetBytes(rwrec, &ar[32]);
/* proto, flowtype, sensor, flags, init_flags, rest_flags, tcp_state */
rwRecMemGetProto(rwrec, &ar[36]);
rwRecMemGetFlowType(rwrec, &ar[37]);
rwRecMemGetSensor(rwrec, &ar[38]);
rwRecMemGetFlags(rwrec, &ar[40]);
rwRecMemGetInitFlags(rwrec, &ar[41]);
rwRecMemGetRestFlags(rwrec, &ar[42]);
rwRecMemGetTcpState(rwrec, &ar[43]);
/* bpp field no longer exists */
memset(&ar[44], 0, 4);
/* sTime_msec (above), elapsed_msec (above) */
/* application */
rwRecMemGetApplication(rwrec, &ar[52]);
/* padding */
memset(&ar[54], 0, 2);
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V3(ar);
}
return SKSTREAM_OK;
}
static void
printRecords(
const rwRec rec[])
{
char starttime[2][RWCOMPARE_BUFSIZ];
uint32_t elapsed[2];
uint32_t sport[2];
uint32_t dport[2];
uint32_t proto[2];
uint32_t flowtype[2];
uint32_t sensor[2];
uint32_t flags[2];
uint32_t initflags[2];
uint32_t restflags[2];
uint32_t tcpstate[2];
uint32_t application[2];
uint32_t memo[2];
uint32_t input[2];
uint32_t output[2];
uint32_t pkts[2];
uint32_t bytes[2];
char sip[2][RWCOMPARE_BUFSIZ];
char dip[2][RWCOMPARE_BUFSIZ];
char nhip[2][RWCOMPARE_BUFSIZ];
skipaddr_t ip;
unsigned i;
for (i = 0; i < 2; ++i) {
sktimestamp_r(
starttime[i], rwRecGetStartTime(&rec[i]), SKTIMESTAMP_EPOCH);
elapsed[i] = rwRecGetElapsed(&rec[i]);
sport[i] = rwRecGetSPort(&rec[i]);
dport[i] = rwRecGetDPort(&rec[i]);
proto[i] = rwRecGetProto(&rec[i]);
flowtype[i] = rwRecGetFlowType(&rec[i]);
sensor[i] = rwRecGetSensor(&rec[i]);
flags[i] = rwRecGetFlags(&rec[i]);
initflags[i] = rwRecGetInitFlags(&rec[i]);
restflags[i] = rwRecGetRestFlags(&rec[i]);
tcpstate[i] = rwRecGetTcpState(&rec[i]);
application[i] = rwRecGetApplication(&rec[i]);
memo[i] = rwRecGetMemo(&rec[i]);
input[i] = rwRecGetInput(&rec[i]);
output[i] = rwRecGetOutput(&rec[i]);
pkts[i] = rwRecGetPkts(&rec[i]);
bytes[i] = rwRecGetBytes(&rec[i]);
rwRecMemGetSIP(&rec[i], &ip);
skipaddrString(sip[i], &ip, SKIPADDR_HEXADECIMAL);
rwRecMemGetDIP(&rec[i], &ip);
skipaddrString(dip[i], &ip, SKIPADDR_HEXADECIMAL);
rwRecMemGetNhIP(&rec[i], &ip);
skipaddrString(nhip[i], &ip, SKIPADDR_HEXADECIMAL);
}
compareStrings("StartTime", starttime);
compareNumbers("Elapsed", elapsed);
compareNumbers("SPort", sport);
compareNumbers("DPort", dport);
compareNumbers("Proto", proto);
compareNumbers("FlowType", flowtype);
compareNumbers("Sensor", sensor);
compareNumbers("Flags", flags);
compareNumbers("InitFlags", initflags);
compareNumbers("RestFlags", restflags);
compareNumbers("TcpState", tcpstate);
compareNumbers("Application", application);
compareNumbers("Memo", memo);
compareNumbers("Input", input);
compareNumbers("Output", output);
compareNumbers("Pkts", pkts);
compareNumbers("Bytes", bytes);
compareStrings("SIP", sip);
compareStrings("DIP", dip);
compareStrings("NhIP", nhip);
}
