src/output-plugins/log_ringbuffer.c

   1 /**
   2  * \author Torgeir Natvig <torgeir.natvig@redpill-linpro.com>
   3  */
   4
   5 #include <sys/ipc.h>
   6 #include <sys/shm.h>
   7 #include "../prads.h"
   8 #include "../sys_func.h" // u_ntop
   9 #include "../cxt.h"
  10 #include "log.h"
  11 #include "log_ringbuffer.h"
  12
  13 static int shm_id;
  14 output_plugin p_ringbuffer;
  15
  16 output_plugin *init_log_ringbuffer()
  17 {
  18     void *buffer;
  19     key_t key;
  20
  21     printf("init_log_ringbuffer\n\n");
  22
  23     key = ftok("/etc/prads/prads.conf", 'R');
  24     shm_id = shmget(key, sizeof(struct log_ringbuffer), 0640 | IPC_CREAT );
  25     if (shm_id == -1) {
  26         perror("shmget");
  27         return NULL;
  28     }
  29
  30     buffer = shmat(shm_id, (void *)0, 0);
  31     if (buffer == (char *)-1) {
  32         perror("shmat");
  33         return NULL;
  34     }
  35
  36     memset(buffer, 0, sizeof(struct log_ringbuffer));
  37
  38     output_plugin tmp = {
  39         .init = NULL,
  40         .arp = NULL,
  41         .os = NULL,
  42         .service = NULL,
  43         .connection = &log_ringbuffer_connection,
  44         .denit = &destory_log_ringbuffer,
  45         .data = buffer
  46     };
  47     p_ringbuffer = tmp;
  48     return &p_ringbuffer;
  49 }
  50
  51 int destory_log_ringbuffer (output_plugin *plugin)
  52 {
  53     int rc;
  54
  55     rc = shmctl(shm_id, IPC_RMID, NULL);
  56     if (rc == -1)
  57         perror("shmctl");
  58
  59     return rc;
  60 }
  61
  62 void log_ringbuffer_connection (output_plugin *plugin, connection *cxt, int outputmode)
  63 {
  64     unsigned int head;
  65     struct log_ringbuffer *rb;
  66     char stime[80], ltime[80];
  67     time_t tot_time;
  68 //    uint32_t s_ip_t, d_ip_t;
  69     char src_s[INET6_ADDRSTRLEN];
  70     char dst_s[INET6_ADDRSTRLEN];
  71
  72     strftime(stime, 80, "%F %H:%M:%S", gmtime(&cxt->start_time));
  73     strftime(ltime, 80, "%F %H:%M:%S", gmtime(&cxt->last_pkt_time));
  74     tot_time = cxt->last_pkt_time - cxt->start_time;
  75
  76 //    if (outputmode != CX_NONE || outputmode || cxt->af == AF_INET6) {
  77         if (!inet_ntop(cxt->af,
  78                       (cxt->af == AF_INET6 ? (void*)&cxt->s_ip : (void*)cxt->s_ip.s6_addr32),
  79                       src_s, sizeof(src_s)))
  80             perror("inet_ntop");
  81
  82         if (!inet_ntop(cxt->af,
  83                       (cxt->af == AF_INET6 ? (void*)&cxt->d_ip : (void*)cxt->d_ip.s6_addr32),
  84                       dst_s, sizeof(dst_s)))
  85             perror("inet_ntop");
  86 /*
  87     } else if (cxt->af == AF_INET) {
  88         s_ip_t = ntohl(cxt->s_ip.s6_addr32[0]);
  89         d_ip_t = ntohl(cxt->d_ip.s6_addr32[0]);
  90     }
  91 */
  92     rb = (struct log_ringbuffer*)plugin->data;
  93     snprintf(rb->items[rb->head].text, sizeof(rb->items[head].text),
  94         "%ld%09ju|%s|%s|%ld|%u|%s|%u|%s|%u|%ju|%ju|%ju|%ju|%u|%u|%d",
  95         cxt->start_time,
  96         cxt->cxid,
  97         stime,
  98         ltime,
  99         tot_time,
 100         cxt->proto,
 101         //
 102         src_s,
 103         ntohs(cxt->s_port),
 104         dst_s,
 105         ntohs(cxt->d_port),
 106         //
 107         cxt->s_total_pkts,
 108         cxt->s_total_bytes,
 109         cxt->d_total_pkts,
 110         cxt->d_total_bytes,
 111         cxt->s_tcpFlags,
 112         cxt->d_tcpFlags,
 113         //
 114         outputmode
 115     );
 116     rb->head++;
 117     if (rb->head >= RINGBUFFER_ITEMS)
 118         rb->head = 0;
 119 }