Source

quechua / modules / data / dionaeaconnections.h

Full commit
/* 
 * Quechua - the lightweight data mining framework
 *
 * Copyright (C) 2012 Marek Denis <quechua@octogan.net>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#ifndef DIONAEACONNECTIONS_H
#define DIONAEACONNECTIONS_H

#include "../../../include/types.h"
#include "../../../include/interface-common.h"

using std::list;


class db_stamp : public Stamp {
 public:
     db_stamp();
     virtual ~db_stamp();
     dbresult_t db;
     string_t from;
     string_t to;
     int interval;
     int minsup;
};

class DionaeaConnections : public DataPack {
 public:
 struct unindexedTransaction {
     bool generator;
     u_int32_t count;

     const char* dst_host;
     const char* src_host;
     const char* protocol;
     u_int16_t   dst_port;
     u_int16_t   src_port;
     unindexedTransaction() {dst_host=src_host=protocol=NULL; dst_port=src_port=0;generator=false;}
 };

 struct range_s {
     string_t from;
     string_t to;

 };

 public:
     DionaeaConnections();
     virtual ~DionaeaConnections();
     void forceclean();
     list<unindexedTransaction*> rows;
     
     void set_dbresult(dbresult_t db);
     void set_date_range(const string_t& from, const string_t& to, const int interval=0);
     void debug();
 private:
     range_s range;
     inline void cleanTransaction(unindexedTransaction* transaction);
     bool init_stamp();
};

// stubs
db_stamp::db_stamp() : Stamp() {};
db_stamp::~db_stamp() {};


DionaeaConnections::DionaeaConnections() : DataPack() {
    init_stamp();
};

DionaeaConnections::~DionaeaConnections() {
    list<unindexedTransaction*>::iterator it;
    it=rows.begin();
    for(;it!=rows.end();++it) delete *it;
    rows.clear();
};

void DionaeaConnections::forceclean() {
    std::list<unindexedTransaction*>::iterator it;
    it=rows.begin();
    for(;it!=rows.end();++it) cleanTransaction(*it);
    rows.clear();
};

void DionaeaConnections::debug() {                                                                
    LOG(DEBUG) << "DionaeaConnections debug mechanism "
               << "It will simply show all transactions";
        if(rows.empty())
               LOG(DEBUG) << "Oouups, no connections harvested";
        else {
            std::list<unindexedTransaction*>::iterator it,end;
            end = rows.end();
            int i = 1;
            for(it=rows.begin();it!=end;++it,++i) {
                LOG(DEBUG) << "Transaction " << i << " "
                           << (*it)->protocol <<": "
                           << (*it)->src_host << ":" << (*it)->src_port
                           << "->" << (*it)->dst_host << ":" << (*it)->dst_port;
            }
        }
};

inline void DionaeaConnections::cleanTransaction(unindexedTransaction* txn) {
    delete txn->dst_host;
    delete txn->src_host;
    delete txn->protocol;
    delete txn;
};

bool DionaeaConnections::init_stamp() {
    
    if(has_stamp()) return true;

    db_stamp *d = new(std::nothrow) db_stamp;
    if(!d) {
        LOG(WARN) << "DionaeaConnections at: " << this
                  << " couldn's allocate memory for db_stamp";
        return false;
    }
    setstamp(stamp_ptr(d));
    return true;
};

void DionaeaConnections::set_dbresult(dbresult_t db) {
    if(has_stamp()) 
        dynamic_cast<db_stamp*>(DataPack::stamp.get())->db = db;
};

void DionaeaConnections::set_date_range(const string_t& from, const string_t& to, const int interval) {
    if(has_stamp()) {
        db_stamp* dbs = dynamic_cast<db_stamp*>(DataPack::stamp.get());
        dbs->from = from;
        dbs->to   = to;
        dbs->interval = interval;
    }
};

#endif //DIONAEACONNECTIONS_H