#include #include #include #include #include #include #include #include "iptable.h" #include "scancusts.h" #include "ip.h" /* printip() */ static iptable_t iptable[HASHSIZE]; #define BMPFORMAT "IPMETER;%s;0;;%s;0;%s;%s;%s;DATACENTER;ip;TCP;quantity;PACKET;%lu;BYTE;%qu;;;;;;;" char *buildip (uint32 ipaddr) { static char b[16]; unsigned int i1,i2,i3,i4; i1 = ipaddr >> 24 ; i2 = (ipaddr >> 16 ) & 0xff; i3 = (ipaddr >> 8) & 0xff; i4 = ipaddr & 0xff; sprintf(b,"%u.%u.%u.%u",i1,i2,i3,i4); return (b); } int addflow(struct saveflow *flow, uint32 starttime) { int hash1,hash2; uint32 absflowstart, absflowstop; char srcaddr[16]; char dstaddr[16]; absflowstart = starttime + ntohs(flow->startoffset); absflowstop = starttime + ntohs(flow->endoffset); hash1=matchip(htonl(flow->sip)); hash2=matchip(htonl(flow->dip)); printip(srcaddr,flow->sip); printip(dstaddr,flow->dip); /* This is a "local" flow, only traffic in "our.nets" */ if( (hash1 > 0) && (hash2 > 0) ) { /* fprintf(stderr,"Internal...%s->%s\n",srcaddr,dstaddr); */ iptable[hash1].localinbytes += ntohl(flow->dsbytes); iptable[hash1].localoutbytes += ntohl(flow->sdbytes); iptable[hash2].localinbytes += ntohl(flow->sdbytes); iptable[hash2].localoutbytes += ntohl(flow->dsbytes); } else if ( (hash1 == -1 ) && (hash2 == -1 ) ) { fprintf(stderr,"Strange...%s->%s\n",srcaddr,dstaddr); } else { /* if (iptable[hash1].free) return 0; Free IPs ( BCast, Network ) */ /* if (iptable[hash2].free) return 0; Free IPs ( BCast, Network ) */ if (iptable[hash1].starttime==0) { iptable[hash1].starttime = absflowstart; iptable[hash1].stoptime = absflowstop; } if (iptable[hash2].starttime==0) { iptable[hash2].starttime = absflowstart ; iptable[hash2].stoptime = absflowstop ; } iptable[hash1].outbytes += ntohl(flow->sdbytes); iptable[hash1].outpkts += ntohl(flow->sdpkts ); iptable[hash1].inbytes += ntohl(flow->dsbytes); iptable[hash1].inpkts += ntohl(flow->dspkts ); iptable[hash2].outbytes += ntohl(flow->dsbytes); iptable[hash2].outpkts += ntohl(flow->dspkts ); iptable[hash2].inbytes += ntohl(flow->sdbytes); iptable[hash2].inpkts += ntohl(flow->sdpkts ); if ( iptable[hash1].starttime > absflowstart ) iptable[hash1].starttime = absflowstart ; if ( iptable[hash1].stoptime < absflowstop ) iptable[hash1].stoptime = absflowstop ; if ( iptable[hash2].starttime > absflowstart ) iptable[hash2].starttime = absflowstart ; if ( iptable[hash2].stoptime < absflowstop ) iptable[hash2].stoptime = absflowstop ; iptable[hash1].outpkts += ntohl(flow->sdpkts ); iptable[hash1].inpkts += ntohl(flow->dspkts ); iptable[hash2].outpkts += ntohl(flow->dspkts ); iptable[hash2].inpkts += ntohl(flow->sdpkts ); if ( iptable[hash1].starttime > absflowstart ) iptable[hash1].starttime = absflowstart ; if ( iptable[hash1].stoptime < absflowstop ) iptable[hash1].stoptime = absflowstop ; if ( iptable[hash2].starttime > absflowstart ) iptable[hash2].starttime = absflowstart ; if ( iptable[hash2].stoptime < absflowstop ) iptable[hash2].stoptime = absflowstop ; } return 0; } int init_iptable() { FILE *nets; unsigned int i1,i2,i3,i4; unsigned netmask; uint32 addr,mask,network,bcast; cust_t *customer, *newcust; cust_t *rest; bzero(&iptable,HASHSIZE*sizeof(iptable_t)); nets=fopen(SUPERNETS,"r"); if (!nets) { perror("Open SUPERNETS"); exit(1); } rest = (cust_t *)calloc(1,sizeof(cust_t) ); strcpy(rest->name,"DEFAULT") ; while (!feof(nets)) { fscanf(nets,"%u.%u.%u.%u/%u\n", &i1,&i2,&i3,&i4,&netmask); fprintf(stderr,"%u.%u.%u.%u Mask:%u\n",i1,i2,i3,i4,netmask); addr=(i1<<24)+(i2<<16)+(i3<<8)+i4; mask = ~0<<(32-netmask); network = addr & mask; bcast = network ^ ~mask ; for (addr=network ; addr <= bcast ; addr++) { uint32 offset; uint32 coll=0; offset=HASHFUNC(addr); while ( iptable[offset].ipaddr ) { offset+=HASHJUMP; offset=offset % HASHSIZE; coll++; } if (coll > 5) fprintf(stderr,"Coll:%lu \n",coll); iptable[offset].ipaddr=addr; iptable[offset].customer=rest; /* Insert Debug printf("Insert:%s\n",buildip(addr)); */ } } /* Now the customer file ... */ while( (customer=getcust() ) ) { newcust=(cust_t *)calloc(1,sizeof(cust_t) ); memcpy(newcust,customer,sizeof(cust_t) ); mask = ~0<<(32-(customer->netmask)); network = customer->network & mask; bcast = network ^ ~mask ; for (addr=network ; addr <= bcast ; addr++) { uint32 offset; offset=matchip(addr); if (iptable[offset].customer!=rest) { fprintf(stderr,"Used\n"); fprintf(stderr,"IP:%s\n",buildip(iptable[offset].ipaddr) ); fprintf(stderr,"%s\n",iptable[offset].customer->name); fprintf(stderr,"%s\n",customer->name); fprintf(stderr,"Network:%x\n",(unsigned int)customer->network); fprintf(stderr,"Netmaks:%u\n",customer->netmask); } else { iptable[offset].customer=newcust; } } /* Broadcast and Network get a Tag */ /* For Star only ... */ #ifdef STAR21 if( customer->netmask < 30 ) { iptable[matchip(network)].free=1; iptable[matchip(bcast)].free=1; } #endif /* STAR21 */ } return 0; } int matchip(uint32 ipaddr) { int offset; offset=HASHFUNC(ipaddr); while ( iptable[offset].ipaddr ) { if(iptable[offset].ipaddr==ipaddr) return offset; /* Match*/ offset+=HASHJUMP; offset=offset % HASHSIZE; } return -1; /* XXX Not found, should be 0 ? */ } int dump_iptable() { int i; uint32 addr; for (i=0; i 4096) && (iptable[i].outbytes > 4096) ) { addr=iptable[i].ipaddr ; printf("%s %qu %qu %lu %lu %lu %lu %qu %qu %s\n", buildip(addr), iptable[i].inbytes, iptable[i].outbytes, iptable[i].inpkts , iptable[i].outpkts , iptable[i].starttime, iptable[i].stoptime, iptable[i].localinbytes, iptable[i].localoutbytes, iptable[i].customer->name); fflush(stdout); } } return 0; }