Пример #1
0
static int
_callback(lua_State *L) {
    struct snlua *lua = lua_touserdata(L, lua_upvalueindex(1));
    if (lua == NULL || lua->ctx == NULL) {
        return luaL_error(L, "Init skynet context first");
    }
    struct skynet_context * context = lua->ctx;

    luaL_checktype(L,1,LUA_TFUNCTION);
    lua_settop(L,1);
    lua_rawsetp(L, LUA_REGISTRYINDEX, _cb);

    lua_rawgeti(L, LUA_REGISTRYINDEX, LUA_RIDX_MAINTHREAD);
    lua_State *gL = lua_tothread(L,-1);

    struct stat * S = lua_newuserdata(L, sizeof(*S));
    memset(S, 0, sizeof(*S));
    S->L = gL;
    S->trace = trace_create();
    S->lua = lua;

    lua_createtable(L,0,1);
    lua_pushcfunction(L, _delete_stat);
    lua_setfield(L,-2,"__gc");
    lua_setmetatable(L, -2);

    lua_rawsetp(L, LUA_REGISTRYINDEX, _stat);

    skynet_callback(context, S, _cb);

    return 0;
}
Пример #2
0
qfTraceSource_t *qfTraceOpen(const char *uri,
                             const char *bpf,
                             int snaplen,
                             GError **err)
{
    qfTraceSource_t *lts;
    libtrace_err_t  terr;
    
    lts = g_new0(qfTraceSource_t, 1);
    
    if (!(lts->packet = trace_create_packet())) {
        g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO,
                    "Could not initialize libtrace packet");
        goto err;
    }
    
    lts->trace = trace_create(uri);
    if (trace_is_err(lts->trace)) {
        terr = trace_get_err(lts->trace);
        g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO,
                    "Could not open libtrace URI %s: %s",
                    uri, terr.problem);
        goto err;
    }
    
    if (trace_config(lts->trace, TRACE_OPTION_SNAPLEN, &snaplen) == -1) {
        terr = trace_get_err(lts->trace);
        g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO,
                    "Could not set snaplen on libtrace URI %s: %s",
                    uri, terr.problem);
        goto err;
    }
    
    if (bpf) {
        if (!(lts->filter = trace_create_filter(bpf))) {
            g_warning("Could not compile libtrace BPF %s", bpf);
            goto err;
        }
        
        if (trace_config(lts->trace, TRACE_OPTION_FILTER, lts->filter) == -1) {
            terr = trace_get_err(lts->trace);
            g_warning("Could not set libtrace filter: %s", terr.problem);
            goto err;
        }
    }
    
    /* start processing */
    if (trace_start(lts->trace) == -1) {
        terr = trace_get_err(lts->trace);
        g_warning("libtrace trace_start() error: %s", terr.problem);
        goto err;
    }

    
    return lts;
  
err:
    qfTraceClose(lts);
    return NULL;
}
Пример #3
0
int main(int argc, char *argv[])
{
	/* This is essentially the same main function from readdemo.c */
	
	libtrace_t *trace = NULL;
	libtrace_packet_t *packet = NULL;

	/* Ensure we have at least one argument after the program name */
        if (argc < 2) {
                fprintf(stderr, "Usage: %s inputURI\n", argv[0]);
                return 1;
        }	
	
	packet = trace_create_packet();

	if (packet == NULL) {
		perror("Creating libtrace packet");
		libtrace_cleanup(trace, packet);
		return 1;
	}

	trace = trace_create(argv[1]);

	if (trace_is_err(trace)) {
		trace_perror(trace,"Opening trace file");
		libtrace_cleanup(trace, packet);
		return 1;
	}

	if (trace_start(trace) == -1) {
		trace_perror(trace,"Starting trace");
		libtrace_cleanup(trace, packet);
		return 1;
	}


	while (trace_read_packet(trace,packet)>0) {
		per_packet(packet);
	}


	if (trace_is_err(trace)) {
		trace_perror(trace,"Reading packets");
		libtrace_cleanup(trace, packet);
		return 1;
	}

	/* Print the stats for the final reporting period that was probably
	 * not complete when the trace finished */
	printf("%u\t", next_report);
	printf("%.2f\t\t", ((double)wire_count) / packet_count);
	printf("%.2f\n", ((double)capture_count) / packet_count);

	libtrace_cleanup(trace, packet);
	return 0;
}
Пример #4
0
int main(int argc, char* argv[]) {
	if(argc != 2) { 
		fprintf(stderr, "Missing *.pcap file path as argument");
		exit(1);
	}
	char* filepath = argv[1];

	setvbuf(stdout, NULL, _IOLBF, 0);
	printf("Starting...\n");

	long int total_ns;
	struct timespec start_time;
	struct timespec end_time;
	int exit_code = 0;
	int i, psize = 0;

	libtrace_packet_t **packets = malloc(100 * sizeof(libtrace_packet_t*));
	i = 0;

	char* trace_string = malloc(5 + strlen(filepath) + 1);
	strcpy(trace_string, "pcap:");
	strcat(trace_string, filepath);
	libtrace_t* trace = trace_create(trace_string);

	iferr(trace);
	trace_start(trace);
	libtrace_packet_t* packet = trace_create_packet();
	while ((psize = trace_read_packet(trace, packet)) > 0){
		libtrace_tcp_t* tcp = trace_get_tcp(packet);
		if(tcp != NULL){
			packets[i++] = packet;
			packet = trace_create_packet();
		} 

	}
	int len = i;

	for (i = 0; i < 1000; i++) {
		clock_gettime(CLOCK_MONOTONIC, &start_time);
		test(packets, len);
		clock_gettime(CLOCK_MONOTONIC, &end_time);
		total_ns += (end_time.tv_sec - start_time.tv_sec) * 1000000000 + (end_time.tv_nsec - start_time.tv_nsec);
	}

	int runs = i;

	for (i = 0; i < len; i++){
		trace_destroy_packet(packets[i]);
	}

	free(packets);
	printf("Took %ld nanoseconds.\n", total_ns/runs);
}
Пример #5
0
int main(int argc, char *argv[])
{
        /* This is essentially the same main function from readdemo.c */

        libtrace_t *trace = NULL;
        libtrace_packet_t *packet = NULL;

        /* Ensure we have at least one argument after the program name */
        if (argc < 2) {
                fprintf(stderr, "Usage: %s inputURI\n", argv[0]);
                return 1;
        }

	packet = trace_create_packet();

        if (packet == NULL) {
                perror("Creating libtrace packet");
                libtrace_cleanup(trace, packet);
                return 1;
        }

        trace = trace_create(argv[1]);

        if (trace_is_err(trace)) {
                trace_perror(trace,"Opening trace file");
                libtrace_cleanup(trace, packet);
                return 1;
        }

        if (trace_start(trace) == -1) {
                trace_perror(trace,"Starting trace");
                libtrace_cleanup(trace, packet);
                return 1;
        }


        while (trace_read_packet(trace,packet)>0) {
                per_packet(packet);
        }


        if (trace_is_err(trace)) {
                trace_perror(trace,"Reading packets");
                libtrace_cleanup(trace, packet);
                return 1;
        }

	printf("Packet Count = %" PRIu64 "\n", count);

        libtrace_cleanup(trace, packet);
        return 0;
}
Пример #6
0
int main(int argc, char *argv[]) {
        char *uri = lookup_uri(argv[1]);
        int psize = 0;
	int error = 0;
	int count = 0;
	libtrace_packet_t *packet;

	trace = trace_create(uri);
	iferr(trace);

	trace_start(trace);
	iferr(trace);
	
	packet=trace_create_packet();
        for (;;) {
		double ts;
		double tsdiff;
		struct timeval tv;
		if ((psize = trace_read_packet(trace, packet)) <0) {
			error = 1;
			break;
		}
		if (psize == 0) {
			error = 0;
			break;
		}
		count ++;
		tv=trace_get_timeval(packet);
		ts=trace_get_seconds(packet);
		tsdiff = (tv.tv_sec+tv.tv_usec/1000000.0)-ts;
		assert(tsdiff > -0.001 && tsdiff < 0.001);

        }
	trace_destroy_packet(packet);
	if (error == 0) {
		if (count == 100) {
			printf("success: 100 packets read\n");
		} else {
			printf("failure: 100 packets expected, %d seen\n",count);
			error = 1;
		}
	} else {
		iferr(trace);
	}
        trace_destroy(trace);
        return error;
}
Пример #7
0
/* If you don't specify O_WONLY or O_RDWR on the fileflags, then this should
 * fail.
 */
void test_forgotten_wronly()
{
    libtrace_out_t *out;
    libtrace_t *trace;
    libtrace_packet_t *packet;
    int err;
    int zero = 0;

    out = trace_create_output("pcapfile:traces/100_packets_out.pcap");
    assert(out);
    assert (!trace_is_err_output(out));
    /* Note: no WRONLY/RDWR */
    err = trace_config_output(out,TRACE_OPTION_OUTPUT_FILEFLAGS,&zero);
    assert(err==0);
    assert(!trace_is_err_output(out));

    err = trace_start_output(out);
    assert(err == 0);
    assert(!trace_is_err_output(out));

    trace = trace_create("pcapfile:traces/100_packets.pcap");
    assert(trace);
    assert(!trace_is_err(trace));

    err = trace_start(trace);
    assert(!trace_is_err(trace));
    assert(err == 0);

    packet = trace_create_packet();
    assert(packet);

    err = trace_read_packet(trace, packet);
    assert(err>0);

    err = trace_write_packet(out,packet);
    assert(err == -1); 		/* Should fail */
    assert(trace_is_err_output(out));

    trace_destroy_output(out);
    trace_destroy_packet(packet);
    trace_destroy(trace);
}
Пример #8
0
int main(int argc, char *argv[]) {
        int psize = 0;
	int error = 0;
	int count = 0;
	int level = 0;
	int expected = 100;
	libtrace_t *trace;
	libtrace_out_t *outtrace;
	libtrace_packet_t *packet;

	trace = trace_create(lookup_uri("pcap"));
	iferr(trace);

	outtrace = trace_create_output(lookup_out_uri("pcap"));
	iferrout(outtrace);

	level=0;
	trace_config_output(outtrace,TRACE_OPTION_OUTPUT_COMPRESS,&level);
	iferrout(outtrace);

	trace_start(trace);
	iferr(trace);
	trace_start_output(outtrace);
	iferrout(outtrace);
	
	packet=trace_create_packet();
        for (;;) {
		if ((psize = trace_read_packet(trace, packet)) <0) {
			error = 1;
			break;
		}
		if (psize == 0) {
			error = 0;
			break;
		}
		count ++;
		/* Force promotion */
		if (trace_get_source_port(packet)==80) {
			trace_set_direction(packet,TRACE_DIR_OUTGOING);
			assert(trace_get_direction(packet)==TRACE_DIR_OUTGOING);
			assert(trace_get_source_port(packet)==80);
		}
		else {
			trace_set_direction(packet,TRACE_DIR_INCOMING);
			assert(trace_get_direction(packet)==TRACE_DIR_INCOMING);
		}
		/* And then force demotion */
		trace_write_packet(outtrace,packet);
		iferrout(outtrace);
		if (count>100)
			break;
        }
	trace_destroy_packet(packet);
	if (error == 0) {
		if (count != expected) {
			printf("failure: %d packets expected, %d seen\n",expected,count);
			error = 1;
		}
	} else {
		iferr(trace);
	}
        trace_destroy(trace);
	trace_destroy_output(outtrace);

        return error;
}
Пример #9
0
/* Process a trace, counting packets that match filter(s) */
static void run_trace(char *uri, libtrace_filter_t *filter, int count) 
{
	struct libtrace_packet_t *packet = trace_create_packet();

	/* Already read the maximum number of packets - don't need to read
	 * anything from this trace */
	if ((count >= 0 && packets_read >= count) || done)
		return;

	trace = trace_create(uri);
	
	if (trace_is_err(trace)) {
		trace_perror(trace,"trace_create");
		return;
	}

	if (filter) {
		trace_config(trace,TRACE_OPTION_FILTER,filter);
	}

	if (trace_start(trace)==-1) {
		trace_perror(trace,"trace_start");
		return;
	}

	while (1) {
		int psize;
		
		if (count >= 0 && packets_read >= count)
			break;
		if (done)
			break;
		if ((psize = trace_read_packet(trace, packet)) <1) {
			break;
		}
                if (IS_LIBTRACE_META_PACKET(packet))
                        continue;

		if (reports_required & REPORT_TYPE_MISC)
			misc_per_packet(packet);
		if (reports_required & REPORT_TYPE_ERROR)
			error_per_packet(packet);
		if (reports_required & REPORT_TYPE_PORT)
			port_per_packet(packet);
		if (reports_required & REPORT_TYPE_PROTO)
			protocol_per_packet(packet);
		if (reports_required & REPORT_TYPE_TOS)
			tos_per_packet(packet);
		if (reports_required & REPORT_TYPE_TTL)
			ttl_per_packet(packet);
		if (reports_required & REPORT_TYPE_FLOW)
			flow_per_packet(packet);
		if (reports_required & REPORT_TYPE_TCPOPT)
			tcpopt_per_packet(packet);
		if (reports_required & REPORT_TYPE_SYNOPT)
			synopt_per_packet(packet);
		if (reports_required & REPORT_TYPE_NLP)
			nlp_per_packet(packet);
		if (reports_required & REPORT_TYPE_DIR)
			dir_per_packet(packet);
		if (reports_required & REPORT_TYPE_ECN)
			ecn_per_packet(packet);
		if (reports_required & REPORT_TYPE_TCPSEG)
			tcpseg_per_packet(packet);

		packets_read ++;
	}
	if (reports_required & REPORT_TYPE_DROPS)
		drops_per_trace(trace);
        trace_destroy_packet(packet);
	trace_destroy(trace);
}
Пример #10
0
int main(int argc, char *argv[])
{
	libtrace_t *trace;
	libtrace_packet_t *packet;
	libtrace_filter_t *filter=NULL;
	int snaplen=-1;
	int promisc=-1;

	while(1) {
		int option_index;
		struct option long_options[] = {
			{ "filter",		1, 0, 'f' },
			{ "snaplen",		1, 0, 's' },
			{ "promisc",		1, 0, 'p' },
			{ "help",		0, 0, 'h' },
			{ "libtrace-help",	0, 0, 'H' },
			{ NULL,			0, 0, 0 }
		};

		int c= getopt_long(argc, argv, "f:s:p:hH",
				long_options, &option_index);

		if (c==-1)
			break;

		switch (c) {
			case 'f':
				filter=trace_create_filter(optarg);
				break;
			case 's':
				snaplen=atoi(optarg);
				break;
			case 'p':
				promisc=atoi(optarg);
				break;
			case 'H':
				trace_help();
				return 1;
			default:
				fprintf(stderr,"Unknown option: %c\n",c);
				/* FALL THRU */
			case 'h':
				usage(argv[0]);
				return 1;
		}
	}

	if (optind>=argc) {
		fprintf(stderr,"Missing input uri\n");
		usage(argv[0]);
		return 1;
	}

	while (optind<argc) {
		trace = trace_create(argv[optind]);
		++optind;

		if (trace_is_err(trace)) {
			trace_perror(trace,"Opening trace file");
			return 1;
		}

		if (snaplen>0)
			if (trace_config(trace,TRACE_OPTION_SNAPLEN,&snaplen)) {
				trace_perror(trace,"ignoring: ");
			}
		if (filter)
			if (trace_config(trace,TRACE_OPTION_FILTER,filter)) {
				trace_perror(trace,"ignoring: ");
			}
		if (promisc!=-1) {
			if (trace_config(trace,TRACE_OPTION_PROMISC,&promisc)) {
				trace_perror(trace,"ignoring: ");
			}
		}

		if (trace_start(trace)) {
			trace_perror(trace,"Starting trace");
			trace_destroy(trace);
			return 1;
		}

		packet = trace_create_packet();

		while (trace_read_packet(trace,packet)>0) {
			per_packet(packet);
		}

		trace_destroy_packet(packet);

		if (trace_is_err(trace)) {
			trace_perror(trace,"Reading packets");
		}

		trace_destroy(trace);
	}

	return 0;
}
Пример #11
0
/* Process a trace, counting packets that match filter(s) */
static void run_trace(char *uri)
{
    struct libtrace_packet_t *packet = trace_create_packet();
    int i;
    uint64_t count = 0;
    uint64_t bytes = 0;
    uint64_t packets;

    fprintf(stderr,"%s:\n",uri);

    trace = trace_create(uri);

    if (trace_is_err(trace)) {
        trace_perror(trace,"Failed to create trace");
        return;
    }

    if (trace_start(trace)==-1) {
        trace_perror(trace,"Failed to start trace");
        return;
    }


    for (;;) {
        int psize;
        int wlen;
        int match = 0;
        if ((psize = trace_read_packet(trace, packet)) <1) {
            break;
        }

        if (done)
            break;
        wlen = trace_get_wire_length(packet);

        for(i=0; i<filter_count; ++i) {
            if (filters[i].filter == NULL)
                continue;
            if(trace_apply_filter(filters[i].filter,packet) > 0) {
                ++filters[i].count;
                filters[i].bytes+=wlen;
                match = 1;
            }
            if (trace_is_err(trace)) {
                trace_perror(trace, "trace_apply_filter");
                fprintf(stderr, "Removing filter from filterlist\n");
                filters[i].filter = NULL;
            }
        }

        if(match == 1 || filter_count == 0)
        {
            libtrace_ip_t *ip_hdr = trace_get_ip(packet);
            if(ip_hdr != NULL)
            {
                char src_ip[INET_ADDRSTRLEN];
                char dst_ip[INET_ADDRSTRLEN];

                inet_ntop(AF_INET, &ip_hdr->ip_src, &src_ip[0], INET_ADDRSTRLEN);
                inet_ntop(AF_INET, &ip_hdr->ip_dst, &dst_ip[0], INET_ADDRSTRLEN);

                printf("%f\t%s\t%s\t%"PRIu16"\t%"PRIu16"\t"
                       "%"PRIu8"\t%"PRIu16"\t%"PRIu16"\n",
                       trace_get_seconds(packet), src_ip, dst_ip,
                       trace_get_source_port(packet),
                       trace_get_destination_port(packet),
                       ip_hdr->ip_p,
                       ntohs(ip_hdr->ip_id),
                       ntohs(ip_hdr->ip_len)
                      );
            }
        }

        ++count;
        bytes+=wlen;
    }

    fprintf(stderr, "%-30s\t%12s\t%12s\t%7s\n","filter","count","bytes","%");
    for(i=0; i<filter_count; ++i) {
        fprintf(stderr, "%30s:\t%12"PRIu64"\t%12"PRIu64"\t%7.03f\n",
                filters[i].expr,filters[i].count,
                filters[i].bytes,filters[i].count*100.0/count);
        filters[i].bytes=0;
        filters[i].count=0;
    }
    packets=trace_get_received_packets(trace);
    if (packets!=UINT64_MAX)
        fprintf(stderr,"%30s:\t%12" PRIu64"\n",
                "Input packets", packets);
    packets=trace_get_filtered_packets(trace);
    if (packets!=UINT64_MAX)
        fprintf(stderr,"%30s:\t%12" PRIu64"\n",
                "Filtered packets", packets);
    packets=trace_get_dropped_packets(trace);
    if (packets!=UINT64_MAX)
        fprintf(stderr,"%30s:\t%12" PRIu64"\n",
                "Dropped packets",packets);
    packets=trace_get_accepted_packets(trace);
    if (packets!=UINT64_MAX)
        fprintf(stderr,"%30s:\t%12" PRIu64 "\n",
                "Accepted Packets",packets);
    fprintf(stderr, "%30s:\t%12"PRIu64"\t%12" PRIu64 "\n","Total",count,bytes);
    totcount+=count;
    totbytes+=bytes;

    if (trace_is_err(trace))
        trace_perror(trace,"%s",uri);

    trace_destroy(trace);
}
Пример #12
0
int main(int argc, char *argv[]) {
	struct libtrace_t *input = NULL;
	struct libtrace_out_t *in_write = NULL;
	struct libtrace_out_t *out_write = NULL;
	libtrace_err_t trace_err;
	struct libtrace_packet_t *packet = trace_create_packet();
	
	if (argc < 3) {
		usage(argv[0]);
		return 1;
	}

	input = trace_create(argv[1]);
	if (trace_is_err(input)) {
		trace_err = trace_get_err(input);
		printf("Problem reading input trace: %s\n", trace_err.problem);
		return 1;
	}
	if (trace_start(input)==-1) {
		trace_perror(input,"Unable to start trace: %s",argv[1]);
		return 1;
	}
	
	while(1) {
		if (trace_read_packet(input, packet) < 1)
			break;

		switch(trace_get_direction(packet)) {
			case TRACE_DIR_INCOMING:
				if (!out_write) {
					out_write = create_output(argv[3]);
					if (!out_write)
						return 1;
				}
				if (trace_write_packet(out_write, packet)==-1){
					trace_perror_output(in_write,"write");
					return 1;
				}
				break;
			case TRACE_DIR_OUTGOING:
				if (!in_write) {
					in_write = create_output(argv[2]);
					if (!in_write)
						return 1;
				}
				if (trace_write_packet(in_write, packet)==-1) {
					trace_perror_output(in_write,"write");
					return 1;
				}
				break;
			default:
				ignored++;
		}

	}
	if (out_write)
		trace_destroy_output(out_write);
	if (in_write)
		trace_destroy_output(in_write);
	trace_destroy(input);
	trace_destroy_packet(packet);

	if (ignored)
		fprintf(stderr,"warning: Ignored %" PRIu64 " packets with unknown directions\n",
				ignored);
	
	return 0;
}
Пример #13
0
int main(int argc, char *argv[]) {
    int psize = 0;
    int error = 0;
    int ip_count = 0;
    int arp_count = 0;
    libtrace_t *trace;
    libtrace_packet_t *packet;

    (void)argc;
    (void)argv;

    trace = trace_create("pcapfile:traces/vxlan.pcap");
    iferr(trace);

    trace_start(trace);
    iferr(trace);

    packet=trace_create_packet();
    for (;;) {
        uint8_t proto;
        uint32_t remaining;
        void *transport;
        void *layer2;
        void *vxlan;

        if ((psize = trace_read_packet(trace, packet)) < 0) {
            error = 1;
            iferr(trace);
            break;
        }
        if (psize == 0) {
            break;
        }

        transport = trace_get_transport(packet, &proto, &remaining);
        if (proto != TRACE_IPPROTO_UDP) {
            printf("Failed to find a UDP header\n");
            error = 1;
            continue;
        }

        vxlan = trace_get_vxlan_from_udp(transport, &remaining);
        if (!vxlan) {
            printf("Failed to find a VXLAN header\n");
            error = 1;
            continue;
        }

        layer2 = trace_get_payload_from_vxlan(vxlan, &remaining);

        switch (ntohs(((libtrace_ether_t *)layer2)->ether_type)) {
            case 0x0800:
                ip_count++;
                break;
            case 0x0806:
                arp_count++;
                break;
            default:
                fprintf(stderr, "Unexpected vxlan ethertype: %08x\n",
                        ntohs(((libtrace_ether_t *)layer2)->ether_type));
                error = 1;
                continue;
        }
    }
    trace_destroy_packet(packet);
    if (ip_count != 8 || arp_count != 2) {
        fprintf(stderr, "Incorrect number of ip/arp packets\n");
        error = 1;
    }
    if (error == 0) {
        printf("success\n");
    } else {
        iferr(trace);
    }
    trace_destroy(trace);
    return error;
}
Пример #14
0
int main(int argc, char *argv[]) {

        char *uri = 0;
        int psize = 0;
        struct libtrace_ip *ipptr = 0;
	struct libtrace_packet_t *packet = trace_create_packet();
	libtrace_err_t trace_err;

	uint32_t last_second = 0;
	double ts = 0.0;


        if (argc == 2) {
                uri = strdup(argv[1]);
        }

        // create an trace to uri
        trace = trace_create(uri);
	if (trace_is_err(trace)) {
                trace_err = trace_get_err(trace);
                printf("Error in trace_create: %s\n", trace_err.problem);
                return -1;
        }
        trace_start(trace);
        if (trace_is_err(trace)) {
                trace_err = trace_get_err(trace);
                printf("Error in trace_start: %s\n", trace_err.problem);
                return -1;
        }


        for (;;) {
                if ((psize = trace_read_packet(trace,packet)) < 1) {
                        // terminate
                        break;
                }
                if (psize == 0) {
                        continue;
                }

                if((ipptr = trace_get_ip(packet)) == 0) {
			continue;
		}
		
                counter[BYTES][INSTANT] += ntohs(ipptr->ip_len);
                counter[PACKETS][INSTANT] ++;

		ts = trace_get_seconds(packet);
		if(last_second == 0) {
			last_second = ts;
		} else if (last_second < ts) {
			last_second = ts;
			docalc++;
		}

                if(docalc) {
                        secondreport();
                }


        }

        trace_destroy(trace);
        return 0;
}
Пример #15
0
int main(int argc, char *argv[])
{
	clock_t start;
	clock_t end;
	double function_time;

	struct time_adjust_record time_adjust_flow1 = {"0.0.0.0", 0, "0.0.0.0", 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1};
	char * p = NULL;
	FILE * fp_time_adjust = NULL;
	FILE * fp_write = NULL;
	char time_adjust_file[128];
	char file_write[256];
	char input_file[256];
	char buffer[256];

	if (argc < 4)
	{
		printf("Please enter two parameters: read_file and write_file\n");
		return 1;
	}

	strcpy(input_file, argv[1]);
	strcpy(time_adjust_file, argv[2]);
	strcpy(file_write, argv[3]);

	if((fp_time_adjust = fopen(time_adjust_file, "r")) == NULL)  //open the file to read
	{
		fprintf(stderr, "Open time adjust file: %s failed\n", time_adjust_file);
		exit(1);
	}
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	p = strtok(buffer, " ");
	if(p)
	{
		strcpy( time_adjust_flow1.src_ip, p);
	}
	p = strtok(NULL, " ");
	if(p)
	{
		time_adjust_flow1.src_port = atoi(p);
	}
	p = strtok(NULL, " ");
	if(p)
	{
		strcpy( time_adjust_flow1.dest_ip, p);
	}
	p = strtok(NULL, " ");
	if(p)
	{
		time_adjust_flow1.dest_port = atoi(p);
	}
	//printf("flow: %s:%d %s:%d\n", time_adjust_flow1.src_ip, time_adjust_flow1.src_port, time_adjust_flow1.dest_ip, time_adjust_flow1.dest_port);
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	if( Set_Time_Adjust(buffer, &time_adjust_flow1.first_pkt_sec, &time_adjust_flow1.first_pkt_usec) != 0 )
	{
		printf("line: %d\n", __LINE__);
		exit(1);
	}
	//printf("First packet second: %d, usecond: %d\n", time_adjust_flow1.first_pkt_sec, time_adjust_flow1.first_pkt_usec);
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	if( Set_Time_Adjust(buffer, &time_adjust_flow1.client_inter_sec, &time_adjust_flow1.client_inter_usec) != 0 )
	{
		printf("line: %d\n", __LINE__);
		exit(1);
	}
	//printf("Client packet inter arrival second: %d, usecond: %d\n", time_adjust_flow1.client_inter_sec, time_adjust_flow1.client_inter_usec);
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	if( Set_Time_Adjust(buffer, &time_adjust_flow1.server_inter_sec, &time_adjust_flow1.server_inter_usec) != 0 )
	{
		printf("line: %d\n", __LINE__);
		exit(1);
	}
	//printf("Server packet inter arrival second: %d, usecond: %d\n", time_adjust_flow1.server_inter_sec, time_adjust_flow1.server_inter_usec);
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	if( Set_Time_Adjust(buffer, &time_adjust_flow1.reaction_sec, &time_adjust_flow1.reaction_usec) != 0 )
	{
		printf("line: %d\n", __LINE__);
		exit(1);
	}
	//printf("Client reaction second: %d, usecond: %d\n", time_adjust_flow1.reaction_sec, time_adjust_flow1.reaction_usec);
	memset(buffer, '\0', sizeof(buffer));
	fgets(buffer, sizeof(buffer), fp_time_adjust);
	if( Set_Time_Adjust(buffer, &time_adjust_flow1.rtt_sec, &time_adjust_flow1.rtt_usec) != 0 )
	{
		printf("line: %d\n", __LINE__);
		exit(1);
	}
	//time_adjust_flow1.rtt_usec = time_adjust_flow1.rtt_sec*1000 + time_adjust_flow1.rtt_usec*1000;
	//time_adjust_flow1.rtt_sec = time_adjust_flow1.rtt_sec/1000;
	//printf("Client RTT second: %d, usecond: %d\n", time_adjust_flow1.rtt_sec, time_adjust_flow1.rtt_usec);
	fclose(fp_time_adjust);
	
	if((fp_write=fopen(file_write, "w")) == NULL)  //open the file to read
        {
                fprintf(stderr, "Open write file: %s failed\n", file_write);
                exit(1);
        }

	libtrace_t *trace = 0;
	libtrace_out_t *writer = 0;
	libtrace_packet_t *pkt = trace_create_packet();

	// Open traces for reading and writing.
	trace = trace_create(input_file);
	if (trace_is_err(trace)) {
		trace_perror(trace, "trace_create");
		trace_destroy(trace);
		return 1;
	}
	if (trace_start(trace) == -1) {
		trace_perror(trace,"Starting trace");
		//libtrace_cleanup(trace, output, packet);
		return 1;
	}

	//char output_file[] = "pcap:ttt.pcap";
	//writer = trace_create_output("pcap:testcp");
	/*writer = trace_create_output(output_file);
	if (trace_is_err_output(writer)) {
		trace_perror_output(writer, "trace_create_output");
		trace_destroy_output(writer);
		trace_destroy(trace);
		trace_destroy_packet(pkt);
		return 1;
	}

	if (trace_start_output(writer) == -1) {
		trace_perror_output(writer,"Starting output trace");
		//libtrace_cleanup(trace, output, packet);
		return 1;
	}*/

	int psize = 0;
	int pkt_count = 0;
	for (;;) {
		psize = trace_read_packet(trace, pkt);
		if (psize == 0) {
			break;
		}
		if (psize < 0) {
			trace_perror(trace, "read_packet");
			break;
		}
		//if(pkt_count < 50)
		{
			//printf("packet: %d\n", pkt_count);
			if ((per_packet(pkt, fp_write, &time_adjust_flow1)) == -1)
			{
				fprintf(stderr, "Something went wrong in per_packet.\n");
				break;
			}
		}
		pkt_count++;
	}

	trace_destroy_packet(pkt);
	trace_destroy(trace);
	//trace_destroy_output(writer);
	fclose(fp_write);

	return 0;
}
Пример #16
0
corsaro_file_in_t *corsaro_file_ropen(const char *filename)
{
  corsaro_file_in_t *f = NULL;
  char buffer[1024];
  int len;

  /* 2013-01-22 AK has removed all of the logging output on failures this is
     because i dont want to need a corsaro_t object to open a file. but also
     because i think it should be up to the caller to log the errors. logs from
     this deep in corsaro just confuse people when somewhat common errors occur
     (file not found etc). */

  if((f = malloc(sizeof(corsaro_file_in_t))) == NULL)
    {
      return NULL;
    }

  /* we need to try and guess the mode... */
  /* if there is a : in the uri, we guess it is a libtrace file */
  /* this should be refined to do something more intelligent */
  if(strchr(filename, ':') != NULL)
    {
      f->mode = CORSARO_FILE_MODE_TRACE;

      /* open this as a trace file */
      f->trace_io = trace_create(filename);

      if(trace_is_err(f->trace_io))
	{
	  free(f);
	  return NULL;
	}

      if (trace_start(f->trace_io) == -1) {
	free(f);
	return NULL;
      }
      /* trace is set to go! */
      return f;
    }
  else
    {
      /* lets open the file and take a peek to see what we find */
      if((f->wand_io = wandio_create(filename)) == NULL)
	{
	  free(f);
	  return NULL;
	}

      len = wandio_peek(f->wand_io, buffer, sizeof(buffer));

      /* an ASCII corsaro file will start with "# CORSARO_VERSION" */
      if(len >= strlen(CORSARO_FILE_ASCII_CHECK) &&
	 memcmp(CORSARO_FILE_ASCII_CHECK, buffer,
		strlen(CORSARO_FILE_ASCII_CHECK)) == 0)
	{
	  f->mode = CORSARO_FILE_MODE_ASCII;
	}
      /* a binary corsaro file will start with an corsaro header "EDGRHEAD" but,
	 it is possible that an old binary corsaro file can just start with an
	 interval header - "EDGRINTR", so we will only look for "EDGR" */
      else if(len >= 4 && buffer[0] == 'E' && buffer[1] == 'D' &&
	      buffer[2] == 'G' && buffer[3] == 'R')
	{
	  f->mode = CORSARO_FILE_MODE_BINARY;
	}
      else
	{
	  /* who knows, but maybe someone wants to read a non-corsaro file */
	  f->mode = CORSARO_FILE_MODE_UNKNOWN;
	}
    }

  return f;
}
Пример #17
0
int main(int argc, char *argv[])
{
	char *compress_type_str=NULL;
	struct libtrace_filter_t *filter=NULL;
	struct libtrace_t *input = NULL;
	struct libtrace_packet_t *packet = trace_create_packet();
	struct sigaction sigact;
	int i;	
	
	if (argc<2) {
		usage(argv[0]);
		return 1;
	}

	/* Parse command line options */
	while(1) {
		int option_index;
		struct option long_options[] = {
			{ "filter",	   1, 0, 'f' },
			{ "count",	   1, 0, 'c' },
			{ "bytes",	   1, 0, 'b' },
			{ "starttime",	   1, 0, 's' },
			{ "endtime",	   1, 0, 'e' },
			{ "interval",	   1, 0, 'i' },
			{ "libtrace-help", 0, 0, 'H' },
			{ "maxfiles", 	   1, 0, 'm' },
			{ "snaplen",	   1, 0, 'S' },
			{ "verbose",       0, 0, 'v' },
			{ "compress-level", 1, 0, 'z' },
			{ "compress-type", 1, 0, 'Z' },
			{ NULL, 	   0, 0, 0   },
		};

		int c=getopt_long(argc, argv, "f:c:b:s:e:i:m:S:Hvz:Z:",
				long_options, &option_index);

		if (c==-1)
			break;

		switch (c) {
			case 'f': filter=trace_create_filter(optarg);
				break;
			case 'c': count=atoi(optarg);
				break;
			case 'b': bytes=atoi(optarg);
				break;
			case 's': starttime=atof(optarg); /* FIXME: use getdate */
				  break;
			case 'e': endtime=atof(optarg);
				  break;
			case 'i': interval=atoi(optarg);
				  break;
			case 'm': maxfiles=atoi(optarg);
				  break;
			case 'S': snaplen=atoi(optarg);
				  break;
			case 'H':
				  trace_help();
				  exit(1);
				  break;
			case 'v':
				  verbose++;
				  break;
			case 'z':
				  compress_level=atoi(optarg);
				  if (compress_level<0 || compress_level>9) {
					usage(argv[0]);
				  	exit(1);
				  }
				  break;
			case 'Z':
				  compress_type_str=optarg;
				  break;	
			default:
				fprintf(stderr,"Unknown option: %c\n",c);
				usage(argv[0]);
				return 1;
		}
	}


	if (compress_type_str == NULL && compress_level >= 0) {
		fprintf(stderr, "Compression level set, but no compression type was defined, setting to gzip\n");
		compress_type = TRACE_OPTION_COMPRESSTYPE_ZLIB;
	}

	else if (compress_type_str == NULL) {
		/* If a level or type is not specified, use the "none"
		 * compression module */
		compress_type = TRACE_OPTION_COMPRESSTYPE_NONE;
	}

	/* I decided to be fairly generous in what I accept for the
	 * compression type string */
	else if (strncmp(compress_type_str, "gz", 2) == 0 ||
			strncmp(compress_type_str, "zlib", 4) == 0) {
		compress_type = TRACE_OPTION_COMPRESSTYPE_ZLIB;
	} else if (strncmp(compress_type_str, "bz", 2) == 0) {
		compress_type = TRACE_OPTION_COMPRESSTYPE_BZ2;
	} else if (strncmp(compress_type_str, "lzo", 3) == 0) {
		compress_type = TRACE_OPTION_COMPRESSTYPE_LZO;
	} else if (strncmp(compress_type_str, "no", 2) == 0) {
		compress_type = TRACE_OPTION_COMPRESSTYPE_NONE;
	} else {
		fprintf(stderr, "Unknown compression type: %s\n", 
			compress_type_str);
		return 1;
	}

	if (optind+2>argc) {
		fprintf(stderr,"missing inputuri or outputuri\n");
		usage(argv[0]);
	}

	output_base = argv[argc - 1];

	sigact.sa_handler = cleanup_signal;
	sigemptyset(&sigact.sa_mask);
	sigact.sa_flags = SA_RESTART;

	sigaction(SIGINT, &sigact, NULL);
	sigaction(SIGTERM, &sigact, NULL);

	output=NULL;

	signal(SIGINT,&cleanup_signal);
	signal(SIGTERM,&cleanup_signal);

	for (i = optind; i < argc - 1; i++) {


		input = trace_create(argv[i]);	
		
		if (trace_is_err(input)) {
			trace_perror(input,"%s",argv[i]);
			return 1;
		}

		if (filter && trace_config(input, TRACE_OPTION_FILTER, filter) == 1) {
			trace_perror(input, "Configuring filter for %s", 
					argv[i]);
			return 1;
		}

		if (trace_start(input)==-1) {
			trace_perror(input,"%s",argv[i]);
			return 1;
		}

		while (trace_read_packet(input,packet)>0) {
			if (per_packet(packet) < 1)
				done = 1;
			if (done)
				break;
		}

		if (done)
			break;
		
		if (trace_is_err(input)) {
			trace_perror(input,"Reading packets");
			trace_destroy(input);
			break;
		}

		trace_destroy(input);
	}

	if (verbose) {
		uint64_t f;
		f=trace_get_received_packets(input);
		if (f!=UINT64_MAX)
			fprintf(stderr,"%" PRIu64 " packets on input\n",f);
		f=trace_get_filtered_packets(input);
		if (f!=UINT64_MAX)
			fprintf(stderr,"%" PRIu64 " packets filtered\n",f);
		f=trace_get_dropped_packets(input);
		if (f!=UINT64_MAX)
			fprintf(stderr,"%" PRIu64 " packets dropped\n",f);
		f=trace_get_accepted_packets(input);
		if (f!=UINT64_MAX)
			fprintf(stderr,"%" PRIu64 " packets accepted\n",f);
	}
	
	if (output)
		trace_destroy_output(output);

	trace_destroy_packet(packet);

	return 0;
}
Пример #18
0
int main(int argc, char *argv[])
{
  libtrace_t *trace;
  libtrace_packet_t *packet;
  libtrace_filter_t *filter=NULL;
  session_manager_t *sm;
  uint64_t f;

  while(1) {
    int option_index;
    struct option long_options[] = {
      { "filter",	1, 0, 'f' },
      { "interval",	1, 0, 'i' },
      { "count",        1, 0, 'c' },
      { "exit",         1, 0, 'e' },			
      { "relative",     0, 0, 'r' },
      { "help",		0, 0, 'h' },
      { "libtrace-help",0, 0, 'H' },
      { NULL,		0, 0, 0 }
    };

    int c= getopt_long(argc, argv, "c:e:f:i:hHr",
		       long_options, &option_index);

    if (c==-1)
      break;

    switch (c) {
    case 'f':
      filter=trace_create_filter(optarg);
      break;
    case 'i':
      packet_interval=atof(optarg);
      break;
    case 'c':
      packet_count=atoi(optarg);
      packet_interval=UINT32_MAX; // make sure only one is defined
      break;
    case 'e':
      report_periods=atoi(optarg);
      break;      
    case 'r':
      report_rel_time = 1;
      break;
    case 'H':
      trace_help();
      return 1;
    default:
      fprintf(stderr,"Unknown option: %c\n",c);
      /* FALL THRU */
    case 'h':
      usage(argv[0]);
      return 1;
    }
  }

  if (optind>=argc) {
    fprintf(stderr,"Missing input uri\n");
    usage(argv[0]);
    return 1;
  }

  while (optind<argc) {
    // create tcp session manager
    sm = session_manager_create();
    // create and register the data-ack based RTT module
    session_manager_register_module(sm,rtt_n_sequence_module()); 

    fprintf(stderr, "Processing %s\n",argv[optind]);
    trace = trace_create(argv[optind]);
    ++optind;

    if (trace_is_err(trace)) {
      trace_perror(trace,"Opening trace file");
      return 1;
    }

    if (filter && trace_config(trace,TRACE_OPTION_FILTER,filter)==1) {
	trace_perror(trace,"Configuring filter");
    }

    if (trace_start(trace)) {
      trace_perror(trace,"Starting trace");
      trace_destroy(trace);
      return 1;
    }

    packet = trace_create_packet();

    print_report_hdr();
    reset_report();
    last_report_ts = 0;
    last_packet_ts = 0;

    while (trace_read_packet(trace,packet)>0) {      
      per_packet(packet,session_manager_update(sm,packet));
      if (report_periods != UINT64_MAX && reported >= report_periods) {
	break;
      }
    }

    // remaining pkts (or all if no period set)
    if ((reports[OUT].count+reports[IN].count) > 0 || 
	(packet_interval == UINT32_MAX && packet_count == UINT64_MAX)) {
      double ts = trace_get_seconds(packet);
      if (report_rel_time) {
	print_report(ts-last_report_ts);
      } else {
	print_report(ts);
      }
    }

    trace_destroy_packet(packet);

    if (trace_is_err(trace)) {
      trace_perror(trace,"Reading packets");
    }

    // some stats
    f=trace_get_received_packets(trace);
    if (f!=UINT64_MAX)
      fprintf(stderr,"%" PRIu64 " packets on input\n",f);
    f=trace_get_filtered_packets(trace);
    if (f!=UINT64_MAX)
      fprintf(stderr,"%" PRIu64 " packets filtered\n",f);
    f=trace_get_dropped_packets(trace);
    if (f!=UINT64_MAX)
      fprintf(stderr,"%" PRIu64 " packets dropped\n",f);
    f=trace_get_accepted_packets(trace);
    if (f!=UINT64_MAX)
      fprintf(stderr,"%" PRIu64 " packets accepted\n",f);

    trace_destroy(trace);
    session_manager_destroy(sm);
  }

  return 0;
}