Browse Source

database connection

master
Olaf Rempel 12 years ago
parent
commit
a30314eb7a
6 changed files with 68 additions and 31 deletions
  1. +1
    -1
      Makefile
  2. +15
    -5
      conntrack.c
  3. +1
    -1
      conntrack.h
  4. +3
    -2
      ctstats.c
  5. +2
    -1
      ctstats.conf
  6. +46
    -21
      database.c

+ 1
- 1
Makefile View File

@@ -1,5 +1,5 @@
CFLAGS := -O2 -pipe -Wall
LDFLAGS := -lpthread -lnfnetlink -lnetfilter_conntrack
LDFLAGS := -lpthread -lnfnetlink -lnetfilter_conntrack -lmysqlclient

OBJS := configfile.o conntrack.o database.o hashtable.o logging.o ctstats.o


+ 15
- 5
conntrack.c View File

@@ -2,6 +2,10 @@
#include <time.h>
#include <pthread.h>

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include <libnfnetlink/libnfnetlink.h>
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>

@@ -10,6 +14,7 @@
#include "hashtable.h"

#define DEFAULT_HASHSIZE 127
#define DEFAULT_NETMASK "255.255.255.255"

static pthread_t ct_thread;

@@ -17,6 +22,7 @@ static struct nfct_handle *cth;

static struct hash_table *table[2];
static int hash_select = 0;
static struct in_addr netmask;

static int conntrack_event_cb(void *arg, unsigned int flags, int type, void *privdata)
{
@@ -31,7 +37,7 @@ static int conntrack_event_cb(void *arg, unsigned int flags, int type, void *pri
return -1;
}

entry->src_ip = ct->tuple[NFCT_DIR_ORIGINAL].src.v4;
entry->src_ip = (ct->tuple[NFCT_DIR_ORIGINAL].src.v4 & netmask.s_addr);
entry->protonum = ct->tuple[NFCT_DIR_ORIGINAL].protonum;
entry->dst_port = ct->tuple[NFCT_DIR_ORIGINAL].l4dst.tcp.port;

@@ -42,7 +48,7 @@ static int conntrack_event_cb(void *arg, unsigned int flags, int type, void *pri
return 0;
}

int conntrack_dump_hash(void (*callback)(struct hash_entry *entry, void *privdata), void *privdata)
struct hash_table * conntrack_get_hash(void)
{
/*
* switch hashtable
@@ -52,13 +58,17 @@ int conntrack_dump_hash(void (*callback)(struct hash_entry *entry, void *privdat
*/
int used_hash = hash_select;
hash_select ^= 0x01;

purge_hash(table[used_hash], callback, privdata);
return 0;
return table[used_hash];
}

int conntrack_init(void)
{
char *mask = config_get_string("global", "netmask", DEFAULT_NETMASK);
if (inet_aton(mask, &netmask) == 0) {
log_print(LOG_ERROR, "conntrack_init: invalid netmask");
return -1;
}

cth = nfct_open(CONNTRACK, NF_NETLINK_CONNTRACK_DESTROY);
if (cth == NULL) {
log_print(LOG_ERROR, "conntrack_init: nfct_open()");

+ 1
- 1
conntrack.h View File

@@ -7,6 +7,6 @@ int conntrack_init(void);
int conntrack_start_event_thread(void);
int conntrack_close(void);

int conntrack_dump_hash(void (*callback)(struct hash_entry *entry, void *privdata), void *privdata);
struct hash_table * conntrack_get_hash(void);

#endif // _CONNTRACK_H_

+ 3
- 2
ctstats.c View File

@@ -61,7 +61,7 @@ int main(int argc, char *argv[])
if (config_parse(config))
exit(1);

/* init netlink, hashtables, mutexes */
/* init netlink & hashtables */
if (conntrack_init())
exit(1);

@@ -71,13 +71,14 @@ int main(int argc, char *argv[])
exit(1);
}

/* start event listener */
conntrack_start_event_thread();

int intervall = config_get_int("global", "intervall", DEFAULT_INTERVALL);
while (1) {
sleep(intervall);

/* fill database */
/* parse hashes, fill database */
database_analyse();
}


+ 2
- 1
ctstats.conf View File

@@ -1,10 +1,11 @@
[global]
intervall 30
hashsize 127
netmask 255.255.255.255
logfile ctstats.log

[mysql]
hostname localhost
hostname cinnagar.lan
username ctstats
password ctstats
database ctstats

+ 46
- 21
database.c View File

@@ -1,52 +1,77 @@
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include <mysql/mysql.h>

#include "configfile.h"
#include "conntrack.h"
#include "database.h"
#include "hashtable.h"
#include "logging.h"

static MYSQL *dbh;

static void purge_hash_cb(struct hash_entry *entry, void *privdata)
{
struct in_addr src_ip = { .s_addr = entry->src_ip };
char *proto;

switch (entry->protonum) {
case IPPROTO_TCP:
proto = "tcp ";
break;

case IPPROTO_UDP:
proto = "udp ";
break;
char query[256];

case IPPROTO_ICMP:
proto = "icmp";
break;
int len = snprintf(query, sizeof(query),
"INSERT INTO stats SET srcip='%s', proto='%u', dport='%u', srcbytes='%llu', dstbytes='%llu', count='%u'",
inet_ntoa(src_ip), entry->protonum, ntohs(entry->dst_port),
entry->src_bytes, entry->dst_bytes, entry->count);

default:
proto = "unkn";
break;
}
if (mysql_real_query(dbh, query, len +1) != 0)
log_print(LOG_WARN, "purge_hash_cb: mysql_real_query(): %s", mysql_error(dbh));

log_print(LOG_DEBUG, "%4s %15s:%5d -> %8llu / %8llu (%u)",
proto, inet_ntoa(src_ip), ntohs(entry->dst_port),
entry->src_bytes, entry->dst_bytes, entry->count);
log_print(LOG_DEBUG, query);
}

int database_analyse(void)
{
conntrack_dump_hash(purge_hash_cb, NULL);
struct hash_table *hash = conntrack_get_hash();

if (mysql_ping(dbh) != 0) {
log_print(LOG_WARN, "database_analyse: mysql_ping(): %s", mysql_error(dbh));
purge_hash(hash, NULL, NULL);
return 0;
}

purge_hash(hash, purge_hash_cb, NULL);
return 0;
}

int database_init(void)
{
dbh = mysql_init(NULL);
if (dbh == NULL) {
log_print(LOG_ERROR, "database_init: mysql_init(): %s", mysql_error(dbh));
return -1;
}

char *hostname = config_get_string("mysql", "hostname", NULL);
char *username = config_get_string("mysql", "username", NULL);
char *password = config_get_string("mysql", "password", NULL);
MYSQL *ret = mysql_real_connect(dbh, hostname, username, password, NULL, 0, NULL, 0);
if (ret != dbh) {
log_print(LOG_ERROR, "database_init: mysql_real_connect(): %s", mysql_error(dbh));
mysql_close(dbh);
return -1;
}

char *database = config_get_string("mysql", "database", NULL);
if (mysql_select_db(dbh, database) != 0) {
log_print(LOG_ERROR, "database_init: mysql_select_db(): %s", mysql_error(dbh));
mysql_close(dbh);
return -1;
}
return 0;
}

int database_close(void)
{
mysql_close(dbh);
return 0;
}

Loading…
Cancel
Save