/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
augsnmpoutioRecordPack_V4(
skstream_t *stream,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
int rv = SKSTREAM_OK; /* return value */
/* sTime, elapsed, pkts, bytes, proto, tcp-flags, state, application */
rv = rwpackPackFlagsTimesVolumes(ar, rwrec, stream->hdr_starttime, 16);
if (rv) {
return rv;
}
/* sPort, dPort */
rwRecMemGetSPort(rwrec, &ar[16]);
rwRecMemGetDPort(rwrec, &ar[18]);
/* sIP, dIP */
rwRecMemGetSIPv4(rwrec, &ar[20]);
rwRecMemGetDIPv4(rwrec, &ar[24]);
/* output */
rwRecMemGetOutput(rwrec, &ar[28]);
/* swap if required */
if (stream->swapFlag) {
augsnmpoutioRecordSwap_V4(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V1(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
uint32_t tmp32;
/* Check sizes of fields we've expanded in later versions */
if (rwRecGetInput(rwrec) > 255 || rwRecGetOutput(rwrec) > 255) {
return SKSTREAM_ERR_SNMP_OVRFLO;
}
/* Check sizes of fields we've expanded in later versions */
if (rwRecGetSensor(rwrec) > 255) {
return SKSTREAM_ERR_SENSORID_OVRFLO;
}
/* sIP, dIP, sPort, dPort */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
/* proto, flags, input, output */
ar[12] = rwRecGetProto(rwrec);
ar[13] = rwRecGetFlags(rwrec);
ar[14] = (uint8_t)rwRecGetInput(rwrec);
ar[15] = (uint8_t)rwRecGetOutput(rwrec);
/* nhIP */
rwRecMemGetNhIPv4(rwrec, &ar[16]);
/* sTime */
tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000);
memcpy(&ar[20], &tmp32, 4);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[24]);
rwRecMemGetBytes(rwrec, &ar[28]);
/* elapsed */
tmp32 = rwRecGetElapsed(rwrec) / 1000;
memcpy(&ar[32], &tmp32, 4);
/* sID */
ar[36] = (uint8_t)rwRecGetSensor(rwrec);
/* clear padding if present (for consistent output) */
if (rwIOS->recLen == 40) {
memset(&ar[37], 0, 3);
}
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V1(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
augsnmpoutioRecordPack_V1(
skstream_t *stream,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
int rv = SKSTREAM_OK; /* return value */
uint32_t msec_flags;
uint8_t is_tcp, prot_flags;
/* sTime, pkts, bytes, elapsed, proto, tcp-flags, bpp */
rv = rwpackPackTimeBytesPktsFlags((uint32_t*)&ar[12], (uint32_t*)&ar[16],
&msec_flags,
rwrec, stream->hdr_starttime);
if (rv) {
return rv;
}
rwpackPackProtoFlags(&is_tcp, &prot_flags, &ar[26], &ar[27], rwrec);
/* msec_flags: sTime_msec:10; elaps_msec:10; pflag:1;
* is_tcp:1; pad:2; prot_flags:8; */
/* overwrite the least significant 11 bits */
msec_flags = ((msec_flags & (MASKARRAY_21 << 11))
| (is_tcp ? (1 << 10) : 0)
| prot_flags);
/* sIP, dIP, sPort, dPort */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
/* msec_flags */
memcpy(&ar[20], &msec_flags, 4);
/* application */
rwRecMemGetApplication(rwrec, &ar[24]);
/* output interfaces */
rwRecMemGetOutput(rwrec, &ar[28]);
/* swap if required */
if (stream->swapFlag) {
augsnmpoutioRecordSwap_V1(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V2(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
uint32_t tmp32;
/* sIP, dIP, sPort, dPort, nhIP, input, output */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
rwRecMemGetNhIPv4(rwrec, &ar[12]);
rwRecMemGetInput(rwrec, &ar[16]);
rwRecMemGetOutput(rwrec, &ar[18]);
/* sTime, elapsed */
tmp32 = (uint32_t)(rwRecGetStartTime(rwrec) / 1000);
memcpy(&ar[20], &tmp32, 4);
tmp32 = rwRecGetElapsed(rwrec) / 1000;
memcpy(&ar[24], &tmp32, 4);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[28]);
rwRecMemGetBytes(rwrec, &ar[32]);
/* proto, flow_type, sID, flags, init_flags, rest_flags, tcp_state */
rwRecMemGetProto(rwrec, &ar[36]);
rwRecMemGetFlowType(rwrec, &ar[37]);
rwRecMemGetSensor(rwrec, &ar[38]);
rwRecMemGetFlags(rwrec, &ar[40]);
rwRecMemGetInitFlags(rwrec, &ar[41]);
rwRecMemGetRestFlags(rwrec, &ar[42]);
rwRecMemGetTcpState(rwrec, &ar[43]);
/* bpp field no longer exists */
memset(&ar[44], 0, 4);
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V2(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
augsnmpoutioRecordPack_V5(
skstream_t *stream,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
int rv;
/* Start time, TCP Flags, Protocol, TCP State */
rv = rwpackPackTimesFlagsProto(rwrec, ar, stream->hdr_starttime);
if (rv) {
return rv;
}
/* application */
rwRecMemGetApplication(rwrec, &ar[6]);
/* sPort, dPort */
rwRecMemGetSPort(rwrec, &ar[ 8]);
rwRecMemGetDPort(rwrec, &ar[10]);
/* Elapsed */
rwRecMemGetElapsed(rwrec, &ar[12]);
/* packets, bytes */
rwRecMemGetPkts(rwrec, &ar[16]);
rwRecMemGetBytes(rwrec, &ar[20]);
/* sIP, dIP */
rwRecMemGetSIPv4(rwrec, &ar[24]);
rwRecMemGetDIPv4(rwrec, &ar[28]);
/* output */
rwRecMemGetOutput(rwrec, &ar[32]);
/* swap if required */
if (stream->swapFlag) {
augsnmpoutioRecordSwap_V5(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V5(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
#if !SK_ENABLE_IPV6
memcpy(ar, rwrec, RECLEN_RWGENERIC_V5);
#else
rwRecMemGetStartTime(rwrec, &ar[0]);
rwRecMemGetElapsed(rwrec, &ar[8]);
rwRecMemGetSPort(rwrec, &ar[12]);
rwRecMemGetDPort(rwrec, &ar[14]);
rwRecMemGetProto(rwrec, &ar[16]);
rwRecMemGetFlowType(rwrec, &ar[17]);
rwRecMemGetSensor(rwrec, &ar[18]);
rwRecMemGetFlags(rwrec, &ar[20]);
rwRecMemGetInitFlags(rwrec, &ar[21]);
rwRecMemGetRestFlags(rwrec, &ar[22]);
rwRecMemGetTcpState(rwrec, &ar[23]);
rwRecMemGetApplication(rwrec, &ar[24]);
rwRecMemGetMemo(rwrec, &ar[26]);
rwRecMemGetInput(rwrec, &ar[28]);
rwRecMemGetOutput(rwrec, &ar[30]);
rwRecMemGetPkts(rwrec, &ar[32]);
rwRecMemGetBytes(rwrec, &ar[36]);
rwRecMemGetSIPv4(rwrec, &ar[40]);
rwRecMemGetDIPv4(rwrec, &ar[44]);
rwRecMemGetNhIPv4(rwrec, &ar[48]);
#endif
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V5(ar);
}
return SKSTREAM_OK;
}
/*
* Pack the record 'rwrec' into an array of bytes 'ar'
*/
static int
genericioRecordPack_V3(
skstream_t *rwIOS,
const rwGenericRec_V5 *rwrec,
uint8_t *ar)
{
imaxdiv_t idiv;
uint32_t quot;
uint16_t rem;
/* sIP, dIP, sPort, dPort, nhIP, input, output */
rwRecMemGetSIPv4(rwrec, &ar[0]);
rwRecMemGetDIPv4(rwrec, &ar[4]);
rwRecMemGetSPort(rwrec, &ar[8]);
rwRecMemGetDPort(rwrec, &ar[10]);
rwRecMemGetNhIPv4(rwrec, &ar[12]);
rwRecMemGetInput(rwrec, &ar[16]);
rwRecMemGetOutput(rwrec, &ar[18]);
/* sTime, sTime_msec */
idiv = imaxdiv(rwRecGetStartTime(rwrec), 1000);
quot = (uint32_t)idiv.quot;
rem = (uint16_t)idiv.rem;
memcpy(&ar[20], ", 4);
memcpy(&ar[48], &rem, 2);
/* elapsed, elapsed_msec */
idiv = imaxdiv(rwRecGetElapsed(rwrec), 1000);
quot = (uint32_t)idiv.quot;
rem = (uint16_t)idiv.rem;
memcpy(&ar[24], ", 4);
memcpy(&ar[50], &rem, 2);
/* pkts, bytes */
rwRecMemGetPkts(rwrec, &ar[28]);
rwRecMemGetBytes(rwrec, &ar[32]);
/* proto, flowtype, sensor, flags, init_flags, rest_flags, tcp_state */
rwRecMemGetProto(rwrec, &ar[36]);
rwRecMemGetFlowType(rwrec, &ar[37]);
rwRecMemGetSensor(rwrec, &ar[38]);
rwRecMemGetFlags(rwrec, &ar[40]);
rwRecMemGetInitFlags(rwrec, &ar[41]);
rwRecMemGetRestFlags(rwrec, &ar[42]);
rwRecMemGetTcpState(rwrec, &ar[43]);
/* bpp field no longer exists */
memset(&ar[44], 0, 4);
/* sTime_msec (above), elapsed_msec (above) */
/* application */
rwRecMemGetApplication(rwrec, &ar[52]);
/* padding */
memset(&ar[54], 0, 2);
/* swap if required */
if (rwIOS->swapFlag) {
genericioRecordSwap_V3(ar);
}
return SKSTREAM_OK;
}