diff options
author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-02-03 11:24:07 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-02-03 11:24:07 +0000 |
commit | bbf77c173d5a8a49d867875351f887b05cf190a6 (patch) | |
tree | 28b7676e228e202bb010860d36aa4ee3e89f8fe6 | |
parent | 2af9730138c2bc3298a41a8155b28bcc7381c895 (diff) |
From: Eric leblond <eric@inl.fr>
This patch clarifies code which will be modified in next patch.
-rw-r--r-- | doc/pgsql-ulogd2.sql | 46 | ||||
-rw-r--r-- | util/db.c | 2 | ||||
-rw-r--r-- | util/printflow.c | 43 |
3 files changed, 52 insertions, 39 deletions
diff --git a/doc/pgsql-ulogd2.sql b/doc/pgsql-ulogd2.sql index 016abc8..d6e6efd 100644 --- a/doc/pgsql-ulogd2.sql +++ b/doc/pgsql-ulogd2.sql @@ -44,8 +44,8 @@ CREATE TABLE ulog2 ( oob_mark integer default NULL, oob_in varchar(32) default NULL, oob_out varchar(32) default NULL, - ip_saddr inet default NULL, - ip_daddr inet default NULL, + ip_saddr_str inet default NULL, + ip_daddr_str inet default NULL, ip_protocol smallint default NULL, ip_tos smallint default NULL, ip_ttl smallint default NULL, @@ -58,8 +58,8 @@ CREATE TABLE ulog2 ( ) WITH (OIDS=FALSE); CREATE INDEX ulog2_timestamp ON ulog2(timestamp); -CREATE INDEX ulog2_ip_saddr ON ulog2(ip_saddr); -CREATE INDEX ulog2_ip_daddr ON ulog2(ip_daddr); +CREATE INDEX ulog2_ip_saddr ON ulog2(ip_saddr_str); +CREATE INDEX ulog2_ip_daddr ON ulog2(ip_daddr_str); CREATE TABLE mac ( _mac_id bigint PRIMARY KEY UNIQUE NOT NULL, @@ -136,10 +136,10 @@ CREATE OR REPLACE VIEW ulog AS -- shortcuts CREATE OR REPLACE VIEW view_tcp_quad AS - SELECT ulog2._id,ulog2.ip_saddr,tcp.tcp_sport,ulog2.ip_daddr,tcp.tcp_dport FROM ulog2 INNER JOIN tcp ON ulog2._id = tcp._tcp_id; + SELECT ulog2._id,ulog2.ip_saddr_str,tcp.tcp_sport,ulog2.ip_daddr_str,tcp.tcp_dport FROM ulog2 INNER JOIN tcp ON ulog2._id = tcp._tcp_id; CREATE OR REPLACE VIEW view_udp_quad AS - SELECT ulog2._id,ulog2.ip_saddr,udp.udp_sport,ulog2.ip_daddr,udp.udp_dport FROM ulog2 INNER JOIN udp ON ulog2._id = udp._udp_id; + SELECT ulog2._id,ulog2.ip_saddr_str,udp.udp_sport,ulog2.ip_daddr_str,udp.udp_dport FROM ulog2 INNER JOIN udp ON ulog2._id = udp._udp_id; -- -- conntrack @@ -148,15 +148,15 @@ DROP SEQUENCE IF EXISTS ulog2_ct__ct_id_seq; CREATE SEQUENCE ulog2_ct__ct_id_seq; CREATE TABLE ulog2_ct ( _ct_id bigint PRIMARY KEY UNIQUE NOT NULL DEFAULT nextval('ulog2_ct__ct_id_seq'), - orig_ip_saddr inet default NULL, - orig_ip_daddr inet default NULL, + orig_ip_saddr_str inet default NULL, + orig_ip_daddr_str inet default NULL, orig_ip_protocol smallint default NULL, orig_l4_sport integer default NULL, orig_l4_dport integer default NULL, orig_bytes bigint default 0, orig_packets bigint default 0, - reply_ip_saddr inet default NULL, - reply_ip_daddr inet default NULL, + reply_ip_saddr_str inet default NULL, + reply_ip_daddr_str inet default NULL, reply_ip_protocol smallint default NULL, reply_l4_sport integer default NULL, reply_l4_dport integer default NULL, @@ -172,10 +172,10 @@ CREATE TABLE ulog2_ct ( state smallint default 0 ) WITH (OIDS=FALSE); -CREATE INDEX ulog2_ct_orig_ip_saddr ON ulog2_ct(orig_ip_saddr); -CREATE INDEX ulog2_ct_orig_ip_daddr ON ulog2_ct(orig_ip_daddr); -CREATE INDEX ulog2_ct_reply_ip_saddr ON ulog2_ct(reply_ip_saddr); -CREATE INDEX ulog2_ct_reply_ip_daddr ON ulog2_ct(reply_ip_daddr); +CREATE INDEX ulog2_ct_orig_ip_saddr ON ulog2_ct(orig_ip_saddr_str); +CREATE INDEX ulog2_ct_orig_ip_daddr ON ulog2_ct(orig_ip_daddr_str); +CREATE INDEX ulog2_ct_reply_ip_saddr ON ulog2_ct(reply_ip_saddr_str); +CREATE INDEX ulog2_ct_reply_ip_daddr ON ulog2_ct(reply_ip_daddr_str); CREATE INDEX ulog2_ct_orig_l4_sport ON ulog2_ct(orig_l4_sport); CREATE INDEX ulog2_ct_orig_l4_dport ON ulog2_ct(orig_l4_dport); CREATE INDEX ulog2_ct_reply_l4_sport ON ulog2_ct(reply_l4_sport); @@ -263,13 +263,13 @@ CREATE OR REPLACE FUNCTION INSERT_IP_PACKET( IN oob_mark integer, IN oob_in varchar(32), IN oob_out varchar(32), - IN ip_saddr inet, - IN ip_daddr inet, + IN ip_saddr_str inet, + IN ip_daddr_str inet, IN ip_protocol smallint ) RETURNS bigint AS $$ INSERT INTO ulog2 (oob_time_sec,oob_time_usec,oob_prefix,oob_mark, - oob_in,oob_out,ip_saddr,ip_daddr,ip_protocol) + oob_in,oob_out,ip_saddr_str,ip_daddr_str,ip_protocol) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9); SELECT currval('ulog2__id_seq'); $$ LANGUAGE SQL SECURITY INVOKER; @@ -282,8 +282,8 @@ CREATE OR REPLACE FUNCTION INSERT_IP_PACKET_FULL( IN oob_mark integer, IN oob_in varchar(32), IN oob_out varchar(32), - IN ip_saddr inet, - IN ip_daddr inet, + IN ip_saddr_str inet, + IN ip_daddr_str inet, IN ip_protocol smallint, IN ip_tos smallint, IN ip_ttl smallint, @@ -295,7 +295,7 @@ CREATE OR REPLACE FUNCTION INSERT_IP_PACKET_FULL( ) RETURNS bigint AS $$ INSERT INTO ulog2 (oob_time_sec,oob_time_usec,oob_prefix,oob_mark, - oob_in,oob_out,ip_saddr,ip_daddr,ip_protocol, + oob_in,oob_out,ip_saddr_str,ip_daddr_str,ip_protocol, ip_tos,ip_ttl,ip_totlen,ip_ihl,ip_csum,ip_id,ip_fragoff) VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16); SELECT currval('ulog2__id_seq'); @@ -371,8 +371,8 @@ CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL( IN oob_mark integer, IN oob_in varchar(32), IN oob_out varchar(32), - IN ip_saddr inet, - IN ip_daddr inet, + IN ip_saddr_str inet, + IN ip_daddr_str inet, IN ip_protocol smallint, IN ip_tos smallint, IN ip_ttl smallint, @@ -498,4 +498,4 @@ $$ LANGUAGE SQL SECURITY INVOKER; -- Add foreign keys to tables SELECT ULOG2_ADD_FOREIGN_KEYS(); - +-- Pierre Chifflier <chifflier AT inl DOT fr> @@ -90,7 +90,7 @@ static int sql_createstmt(struct ulogd_pluginstance *upi) return -ENOMEM; } - sprintf(mi->stmt, "CALL %s(", procedure); + sprintf(mi->stmt, "SELECT %s(", procedure); mi->stmt_val = mi->stmt + strlen(mi->stmt); diff --git a/util/printflow.c b/util/printflow.c index aa354d4..1d0b9e9 100644 --- a/util/printflow.c +++ b/util/printflow.c @@ -28,6 +28,19 @@ #include <ulogd/ulogd.h> #include <ulogd/printflow.h> +enum printflow_fields { + PRINTFLOW_IP_SADDR = 0, + PRINTFLOW_IP_DADDR, + PRINTFLOW_IP_PROTOCOL, + PRINTFLOW_L4_SPORT, + PRINTFLOW_L4_DPORT, + PRINTFLOW_RAW_PKTLEN, + PRINTFLOW_RAW_PKTCOUNT, + PRINTFLOW_ICMP_CODE, + PRINTFLOW_ICMP_TYPE, + PRINTFLOW_DIR, +}; + struct ulogd_key printflow_keys[] = { { .type = ULOGD_RET_IPADDR, @@ -94,38 +107,38 @@ int printflow_print(struct ulogd_key *res, char *buf) { char *buf_cur = buf; - if (pp_is_valid(res, 9)) + if (pp_is_valid(res, PRINTFLOW_DIR)) buf_cur += sprintf(buf_cur, "DIR=%s ", - GET_VALUE(res, 9).b ? "REPLY" : "ORIG "); + GET_VALUE(res, PRINTFLOW_DIR).b ? "REPLY" : "ORIG "); - if (pp_is_valid(res, 0)) + if (pp_is_valid(res, PRINTFLOW_IP_SADDR)) buf_cur += sprintf(buf_cur, "SRC=%s ", inet_ntoa( (struct in_addr) {htonl(GET_VALUE(res, 0).ui32)})); - if (pp_is_valid(res, 1)) + if (pp_is_valid(res, PRINTFLOW_IP_DADDR)) buf_cur += sprintf(buf_cur, "DST=%s ", inet_ntoa( (struct in_addr) {htonl(GET_VALUE(res, 1).ui32)})); - if (!pp_is_valid(res, 2)) + if (!pp_is_valid(res, PRINTFLOW_IP_PROTOCOL)) goto out; - switch (GET_VALUE(res, 2).ui8) { + switch (GET_VALUE(res, PRINTFLOW_IP_PROTOCOL).ui8) { case IPPROTO_TCP: buf_cur += sprintf(buf_cur, "PROTO=TCP "); - pp_print(buf_cur, "SPT", res, 3, ui16); - pp_print(buf_cur, "DPT", res, 4, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_L4_SPORT, ui16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_L4_DPORT, ui16); break; case IPPROTO_UDP: buf_cur += sprintf(buf_cur, "PROTO=UDP "); - pp_print(buf_cur, "SPT", res, 3, ui16); - pp_print(buf_cur, "DPT", res, 4, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_L4_SPORT, ui16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_L4_DPORT, ui16); break; case IPPROTO_ICMP: buf_cur += sprintf(buf_cur, "PROTO=ICMP "); - pp_print(buf_cur, "TYPE", res, 7, ui8); - pp_print(buf_cur, "CODE", res, 8, ui8); + pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8); + pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8); break; case IPPROTO_ESP: @@ -137,13 +150,13 @@ int printflow_print(struct ulogd_key *res, char *buf) break; default: - pp_print(buf_cur, "PROTO", res, 2, ui8); + pp_print(buf_cur, "PROTO", res, PRINTFLOW_IP_PROTOCOL, ui8); break; } out: - pp_print(buf_cur, "PKTS", res, 6, ui32); - pp_print(buf_cur, "BYTES", res, 5, ui32); + pp_print(buf_cur, "PKTS", res, PRINTFLOW_RAW_PKTCOUNT, ui32); + pp_print(buf_cur, "BYTES", res, PRINTFLOW_RAW_PKTLEN, ui32); strcat(buf_cur, "\n"); return 0; |