2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 * Author : Maxim Mamontov <faust@stg.dp.ua>
27 $Date: 2009/12/13 12:56:07 $
37 #include "stg/os_int.h"
38 #include "stg/plugin.h"
39 #include "stg/module_settings.h"
40 #include "stg/logger.h"
42 #define VERSION "CAP_NF v. 0.4"
55 uint16_t version; // Protocol version
56 uint16_t count; // Flows count
57 uint32_t uptime; // System uptime
58 uint32_t timestamp; // UNIX timestamp
59 uint32_t nsecs; // Residual nanoseconds
60 uint32_t flowSeq; // Sequence counter
61 uint8_t eType; // Engine type
62 uint8_t eID; // Engine ID
63 uint16_t sInterval; // Sampling mode and interval
67 uint32_t srcAddr; // Flow source address
68 uint32_t dstAddr; // Flow destination address
69 uint32_t nextHop; // IP addres on next hop router
70 uint16_t inSNMP; // SNMP index of input iface
71 uint16_t outSNMP; // SNMP index of output iface
72 uint32_t packets; // Packets in flow
73 uint32_t octets; // Total number of bytes in flow
74 uint32_t timeStart; // Uptime on first packet in flow
75 uint32_t timeFinish;// Uptime on last packet in flow
76 uint16_t srcPort; // Flow source port
77 uint16_t dstPort; // Flow destination port
78 uint8_t pad1; // 1-byte padding
79 uint8_t TCPFlags; // Cumulative OR of TCP flags
80 uint8_t proto; // IP protocol type (tcp, udp, etc.)
81 uint8_t tos; // IP Type of Service (ToS)
82 uint16_t srcAS; // Source BGP autonomous system number
83 uint16_t dstAS; // Destination BGP autonomus system number
84 uint8_t srcMask; // Source address mask in "slash" notation
85 uint8_t dstMask; // Destination address mask in "slash" notation
86 uint16_t pad2; // 2-byte padding
89 #define BUF_SIZE (sizeof(NF_HEADER) + 30 * sizeof(NF_DATA))
91 class NF_CAP : public PLUGIN {
96 void SetTraffcounter(TRAFFCOUNTER * tc) { traffCnt = tc; }
97 void SetSettings(const MODULE_SETTINGS & s) { settings = s; }
102 int Reload() { return 0; }
103 bool IsRunning() { return runningTCP || runningUDP; }
104 const std::string & GetStrError() const { return errorStr; }
105 std::string GetVersion() const { return VERSION; }
106 uint16_t GetStartPosition() const { return START_POS; }
107 uint16_t GetStopPosition() const { return STOP_POS; }
110 NF_CAP(const NF_CAP & rvalue);
111 NF_CAP & operator=(const NF_CAP & rvalue);
113 TRAFFCOUNTER * traffCnt;
114 MODULE_SETTINGS settings;
125 mutable std::string errorStr;
126 PLUGIN_LOGGER logger;
128 static void * RunUDP(void *);
129 static void * RunTCP(void *);
130 void ParseBuffer(uint8_t * buf, ssize_t size);
134 void CloseTCP() { close(sockTCP); }
135 void CloseUDP() { close(sockUDP); }