add ct-status bits
This commit is contained in:
parent
0cf8957c81
commit
b72176373e
|
@ -40,6 +40,7 @@ static int conntrack_event_cb(void *arg, unsigned int flags, int type, void *pri
|
|||
entry->src_ip = (ct->tuple[NFCT_DIR_ORIGINAL].src.v4 & netmask.s_addr);
|
||||
entry->protonum = ct->tuple[NFCT_DIR_ORIGINAL].protonum;
|
||||
entry->dst_port = ct->tuple[NFCT_DIR_ORIGINAL].l4dst.tcp.port;
|
||||
entry->flags = ct->status & (IPS_EXPECTED || IPS_SEEN_REPLY || IPS_ASSURED || IPS_CONFIRMED);
|
||||
|
||||
entry->src_bytes = ct->counters[NFCT_DIR_ORIGINAL].bytes;
|
||||
entry->dst_bytes = ct->counters[NFCT_DIR_REPLY].bytes;
|
||||
|
|
|
@ -12,6 +12,7 @@ CREATE TABLE IF NOT EXISTS `stats` (
|
|||
`srcip` int(10) unsigned NOT NULL default '0',
|
||||
`proto` int(10) unsigned NOT NULL default '0',
|
||||
`dport` int(10) unsigned NOT NULL default '0',
|
||||
`flags` int(10) unsigned NOT NULL default '0',
|
||||
`srcbytes` int(10) unsigned NOT NULL default '0',
|
||||
`dstbytes` int(10) unsigned NOT NULL default '0',
|
||||
`count` int(10) unsigned NOT NULL default '0',
|
||||
|
|
|
@ -19,9 +19,9 @@ static void purge_hash_cb(const struct hash_entry *entry, void *privdata)
|
|||
char query[256];
|
||||
|
||||
int len = snprintf(query, sizeof(query),
|
||||
"INSERT INTO stats SET timestamp='%lu', srcip='%u', proto='%u', dport='%u', srcbytes='%llu', dstbytes='%llu', count='%u'",
|
||||
"INSERT INTO stats SET timestamp='%lu', srcip='%u', proto='%u', dport='%u', flags='%u', srcbytes='%llu', dstbytes='%llu', count='%u'",
|
||||
*now, ntohl(entry->src_ip), entry->protonum, ntohs(entry->dst_port),
|
||||
entry->src_bytes, entry->dst_bytes, entry->count);
|
||||
entry->flags, entry->src_bytes, entry->dst_bytes, entry->count);
|
||||
|
||||
if (mysql_real_query(dbh, query, len +1) != 0)
|
||||
log_print(LOG_WARN, "purge_hash_cb: mysql_real_query(): %s", mysql_error(dbh));
|
||||
|
|
|
@ -34,7 +34,7 @@ struct hash_table * create_hash(uint32_t buckets)
|
|||
table->bucket[i] = NULL;
|
||||
|
||||
table->buckets = buckets;
|
||||
table->hash_rnd = 0x56789ABC;
|
||||
table->hash_rnd = time(NULL);
|
||||
|
||||
pthread_mutex_init(&table->mutex, NULL);
|
||||
return table;
|
||||
|
@ -61,6 +61,7 @@ void purge_hash(struct hash_table *table,
|
|||
table->bucket[i] = NULL;
|
||||
}
|
||||
|
||||
table->hash_rnd = time(NULL);
|
||||
pthread_mutex_unlock(&table->mutex);
|
||||
}
|
||||
|
||||
|
@ -74,7 +75,7 @@ void destroy_hash(struct hash_table *table)
|
|||
static uint32_t calc_hashkey(const struct hash_entry *entry, uint32_t initval)
|
||||
{
|
||||
uint32_t a = entry->src_ip;
|
||||
uint32_t b = entry->protonum;
|
||||
uint32_t b = (entry->flags << 8) | entry->protonum;
|
||||
uint32_t c = entry->dst_port;
|
||||
|
||||
a += JHASH_GOLDEN_RATIO;
|
||||
|
@ -90,7 +91,8 @@ static int cmp_entry(const struct hash_entry *a, const struct hash_entry *b)
|
|||
{
|
||||
return (a->src_ip ^ b->src_ip) |
|
||||
(a->protonum ^ b->protonum) |
|
||||
(a->dst_port ^ b->dst_port);
|
||||
(a->dst_port ^ b->dst_port) |
|
||||
(a->flags ^ b->flags);
|
||||
}
|
||||
|
||||
void hash_add(struct hash_table *table, struct hash_entry *entry)
|
||||
|
|
|
@ -7,8 +7,9 @@
|
|||
struct hash_entry {
|
||||
struct hash_entry *next;
|
||||
uint32_t src_ip;
|
||||
uint16_t protonum;
|
||||
uint16_t dst_port;
|
||||
uint8_t protonum;
|
||||
uint8_t flags;
|
||||
|
||||
uint64_t src_bytes;
|
||||
uint64_t dst_bytes;
|
||||
|
|
Loading…
Reference in New Issue