5 changed files with 11 additions and 6 deletions
+ 1
- 0
conntrack.c
View File
| @@ -40,6 +40,7 @@ static int conntrack_event_cb(void *arg, unsigned int flags, int type, void *pri | |||
| entry->src_ip = (ct->tuple[NFCT_DIR_ORIGINAL].src.v4 & netmask.s_addr); | |||
| entry->protonum = ct->tuple[NFCT_DIR_ORIGINAL].protonum; | |||
| entry->dst_port = ct->tuple[NFCT_DIR_ORIGINAL].l4dst.tcp.port; | |||
| entry->flags = ct->status & (IPS_EXPECTED || IPS_SEEN_REPLY || IPS_ASSURED || IPS_CONFIRMED); | |||
| entry->src_bytes = ct->counters[NFCT_DIR_ORIGINAL].bytes; | |||
| entry->dst_bytes = ct->counters[NFCT_DIR_REPLY].bytes; | |||
+ 1
- 0
ctstats.sql
View File
| @@ -12,6 +12,7 @@ CREATE TABLE IF NOT EXISTS `stats` ( | |||
| `srcip` int(10) unsigned NOT NULL default '0', | |||
| `proto` int(10) unsigned NOT NULL default '0', | |||
| `dport` int(10) unsigned NOT NULL default '0', | |||
| `flags` int(10) unsigned NOT NULL default '0', | |||
| `srcbytes` int(10) unsigned NOT NULL default '0', | |||
| `dstbytes` int(10) unsigned NOT NULL default '0', | |||
| `count` int(10) unsigned NOT NULL default '0', | |||
+ 2
- 2
database.c
View File
| @@ -19,9 +19,9 @@ static void purge_hash_cb(const struct hash_entry *entry, void *privdata) | |||
| char query[256]; | |||
| int len = snprintf(query, sizeof(query), | |||
| "INSERT INTO stats SET timestamp='%lu', srcip='%u', proto='%u', dport='%u', srcbytes='%llu', dstbytes='%llu', count='%u'", | |||
| "INSERT INTO stats SET timestamp='%lu', srcip='%u', proto='%u', dport='%u', flags='%u', srcbytes='%llu', dstbytes='%llu', count='%u'", | |||
| *now, ntohl(entry->src_ip), entry->protonum, ntohs(entry->dst_port), | |||
| entry->src_bytes, entry->dst_bytes, entry->count); | |||
| entry->flags, entry->src_bytes, entry->dst_bytes, entry->count); | |||
| if (mysql_real_query(dbh, query, len +1) != 0) | |||
| log_print(LOG_WARN, "purge_hash_cb: mysql_real_query(): %s", mysql_error(dbh)); | |||
+ 5
- 3
hashtable.c
View File
| @@ -34,7 +34,7 @@ struct hash_table * create_hash(uint32_t buckets) | |||
| table->bucket[i] = NULL; | |||
| table->buckets = buckets; | |||
| table->hash_rnd = 0x56789ABC; | |||
| table->hash_rnd = time(NULL); | |||
| pthread_mutex_init(&table->mutex, NULL); | |||
| return table; | |||
| @@ -61,6 +61,7 @@ void purge_hash(struct hash_table *table, | |||
| table->bucket[i] = NULL; | |||
| } | |||
| table->hash_rnd = time(NULL); | |||
| pthread_mutex_unlock(&table->mutex); | |||
| } | |||
| @@ -74,7 +75,7 @@ void destroy_hash(struct hash_table *table) | |||
| static uint32_t calc_hashkey(const struct hash_entry *entry, uint32_t initval) | |||
| { | |||
| uint32_t a = entry->src_ip; | |||
| uint32_t b = entry->protonum; | |||
| uint32_t b = (entry->flags << 8) | entry->protonum; | |||
| uint32_t c = entry->dst_port; | |||
| a += JHASH_GOLDEN_RATIO; | |||
| @@ -90,7 +91,8 @@ static int cmp_entry(const struct hash_entry *a, const struct hash_entry *b) | |||
| { | |||
| return (a->src_ip ^ b->src_ip) | | |||
| (a->protonum ^ b->protonum) | | |||
| (a->dst_port ^ b->dst_port); | |||
| (a->dst_port ^ b->dst_port) | | |||
| (a->flags ^ b->flags); | |||
| } | |||
| void hash_add(struct hash_table *table, struct hash_entry *entry) | |||
+ 2
- 1
hashtable.h
View File
| @@ -7,8 +7,9 @@ | |||
| struct hash_entry { | |||
| struct hash_entry *next; | |||
| uint32_t src_ip; | |||
| uint16_t protonum; | |||
| uint16_t dst_port; | |||
| uint8_t protonum; | |||
| uint8_t flags; | |||
| uint64_t src_bytes; | |||
| uint64_t dst_bytes; | |||
Loading…