|
[-]
[+]
|
Changed |
ntopng.changes
|
|
|
|
[-]
[+]
|
Changed |
ntopng.spec
^
|
|
|
|
[-]
[+]
|
Changed |
nDPI.tar.bz2/src/lib/ndpi_main.c
^
|
| @@ -5159,9 +5159,6 @@
const void *ret;
ndpi_default_ports_tree_node_t node;
- if(shost && dhost && is_skype_connection(ndpi_struct, shost, dhost))
- return(NDPI_PROTOCOL_SKYPE);
-
node.default_port = sport;
ret = ndpi_tfind(&node, (proto == IPPROTO_TCP) ? (void*)&ndpi_struct->tcpRoot : (void*)&ndpi_struct->udpRoot, ndpi_default_ports_tree_node_t_cmp);
@@ -5172,9 +5169,14 @@
if(ret != NULL) {
ndpi_default_ports_tree_node_t *found = *(ndpi_default_ports_tree_node_t**)ret;
+
return(found->proto->protoId);
}
+ /* Use skype as last resort */
+ if(shost && dhost && is_skype_connection(ndpi_struct, shost, dhost))
+ return(NDPI_PROTOCOL_SKYPE);
+
return(NDPI_PROTOCOL_UNKNOWN);
}
@@ -5351,7 +5353,7 @@
/* ****************************************************** */
char* ndpi_revision() {
- return("$Revision: 6880 $");
+ return("$Revision: 6898 $");
}
/* ****************************************************** */
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/ActivityStats.cpp
^
|
| @@ -62,9 +62,9 @@
/* when comes from time() and thus is in UTC whereas we must wrap in localtime */
void ActivityStats::set(time_t when) {
- if(last_set_requested != when) {
+ if((last_set_requested != when) || (when < begin_time)) {
EWAHBoolArray<u_int32_t> *bitset = (EWAHBoolArray<u_int32_t>*)_bitset;
- u_int16_t w;
+ u_int32_t w;
last_set_requested = when;
@@ -83,8 +83,6 @@
if(w == last_set_time) return;
- // ntop->getTrace()->traceEvent(TRACE_NORMAL, "[%p] %u\n", this, (unsigned int)w);
-
m.lock(__FILE__, __LINE__);
bitset->set((size_t)w);
m.unlock(__FILE__, __LINE__);
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/CollectorInterface.cpp
^
|
| @@ -25,18 +25,26 @@
#include <uuid/uuid.h>
#endif
+#define MSG_VERSION 0
+
+struct zmq_msg_hdr {
+ char url[32];
+ u_int32_t version;
+ u_int32_t size;
+};
+
/* **************************************************** */
-CollectorInterface::CollectorInterface(const char *_endpoint, const char *_script_name)
+CollectorInterface::CollectorInterface(const char *_endpoint, const char *_topic)
: NetworkInterface(_endpoint) {
char *slash;
num_drops = 0;
- endpoint = (char*)_endpoint, script_name = strdup(_script_name);
-
+ endpoint = (char*)_endpoint, topic = strdup(_topic);
+
/*
- We need to cleanup the interface name
-
+ We need to cleanup the interface name
+
Format <tcp|udp>://<host>:<port>
*/
@@ -52,43 +60,180 @@
ifname = strdup(buf);
}
- l = new Lua();
+
+ context = zmq_ctx_new();
+ subscriber = zmq_socket(context, ZMQ_SUB);
+
+ if(zmq_connect(subscriber, endpoint) != 0) {
+ zmq_close(subscriber);
+ zmq_ctx_destroy(context);
+ ntop->getTrace()->traceEvent(TRACE_ERROR, "Unable to connect to the specified ZMQ endpoint");
+ throw("Unable to connect to the specified ZMQ endpoint");
+ }
+
+ if(zmq_setsockopt(subscriber, ZMQ_SUBSCRIBE, topic, strlen(topic)) != 0) {
+ zmq_close(subscriber);
+ zmq_ctx_destroy(context);
+ ntop->getTrace()->traceEvent(TRACE_ERROR, "Unable to connect to the specified ZMQ endpoint");
+ throw("Unable to subscribe to the specified ZMQ endpoint");
+ }
}
/* **************************************************** */
CollectorInterface::~CollectorInterface() {
- shutdown();
-
- delete l;
- free(endpoint);
- free(script_name);
-
- deleteDataStructures();
+ if(endpoint) free(endpoint);
+ if(topic) free(topic);
+ zmq_close(subscriber);
+ zmq_ctx_destroy(context);
}
/* **************************************************** */
-void CollectorInterface::run_collector_script() {
- char script[MAX_PATH];
- struct stat buf;
-
- snprintf(script, sizeof(script), "%s/%s", ntop->get_callbacks_dir(), script_name);
-
- if(stat(script, &buf) != 0) {
- ntop->getTrace()->traceEvent(TRACE_ERROR, "The script %s does not exist", script);
- exit(0);
- } else {
- ntop->getTrace()->traceEvent(TRACE_INFO, "Running flow collector %s.. [%s]", ifname, script);
- l->run_script(script, ifname);
+void CollectorInterface::collect_flows() {
+ struct zmq_msg_hdr h;
+ char payload[8192];
+ u_int payload_len = sizeof(payload)-1;
+ zmq_pollitem_t item;
+ int rc, size;
+
+ ntop->getTrace()->traceEvent(TRACE_NORMAL, "Collecting flows...");
+
+ while(isRunning()) {
+ item.socket = subscriber, item.events = ZMQ_POLLIN;
+
+ do {
+ rc = zmq_poll(&item, 1, 1000);
+ if((rc < 0) || (!isRunning())) return;
+ } while(rc == 0);
+
+ size = zmq_recv(subscriber, &h, sizeof(h), 0);
+
+ if((size != sizeof(h)) || (h.version != MSG_VERSION)) {
+ ntop->getTrace()->traceEvent(TRACE_WARNING,
+ "Unsupported publisher version [%d]: your nProbe sender is outdated?",
+ h.version);
+ continue;
+ }
+
+ size = zmq_recv(subscriber, payload, payload_len, 0);
+
+ if(size > 0) {
+ json_object *o;
+ ZMQ_Flow flow;
+
+ payload[size] = '\0';
+ o = json_tokener_parse(payload);
+
+ if(o != NULL) {
+ struct json_object_iterator it = json_object_iter_begin(o);
+ struct json_object_iterator itEnd = json_object_iter_end(o);
+
+ /* Reset data */
+ memset(&flow, 0, sizeof(flow));
+ flow.additional_fields = json_object_new_object();
+
+ while(!json_object_iter_equal(&it, &itEnd)) {
+ const char *key = json_object_iter_peek_name(&it);
+ json_object *v = json_object_iter_peek_value(&it);
+ const char *value = json_object_get_string(v);
+
+ if((key != NULL) && (value != NULL)) {
+ u_int key_id = atoi(key);
+
+ ntop->getTrace()->traceEvent(TRACE_INFO, "[%s]=[%s]", key, value);
+
+ switch(key_id) {
+ case IN_SRC_MAC:
+ /* Format 00:00:00:00:00:00 */
+ sscanf(value, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
+ &flow.src_mac[0], &flow.src_mac[1], &flow.src_mac[2],
+ &flow.src_mac[3], &flow.src_mac[4], &flow.src_mac[5]);
+ break;
+ case OUT_DST_MAC:
+ sscanf(value, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
+ &flow.dst_mac[0], &flow.dst_mac[1], &flow.dst_mac[2],
+ &flow.dst_mac[3], &flow.dst_mac[4], &flow.dst_mac[5]);
+ break;
+ case IPV4_SRC_ADDR:
+ case IPV6_SRC_ADDR:
+ flow.src_ip.set_from_string((char*)value);
+ break;
+ case IPV4_DST_ADDR:
+ case IPV6_DST_ADDR:
+ flow.dst_ip.set_from_string((char*)value);
+ break;
+ case L4_SRC_PORT:
+ flow.src_port = atoi(value);
+ break;
+ case L4_DST_PORT:
+ flow.dst_port = atoi(value);
+ break;
+ case SRC_VLAN:
+ case DST_VLAN:
+ flow.vlan_id = atoi(value);
+ break;
+ case L7_PROTO:
+ flow.l7_proto = atoi(value);
+ break;
+ case PROTOCOL:
+ flow.l4_proto = atoi(value);
+ break;
+ case TCP_FLAGS:
+ flow.tcp_flags = atoi(value);
+ break;
+ case IN_PKTS:
+ flow.in_pkts = atol(value);
+ break;
+ case IN_BYTES:
+ flow.in_bytes = atol(value);
+ break;
+ case OUT_PKTS:
+ flow.out_pkts = atol(value);
+ break;
+ case OUT_BYTES:
+ flow.out_bytes = atol(value);
+ break;
+ case FIRST_SWITCHED:
+ flow.first_switched = atol(value);
+ break;
+ case LAST_SWITCHED:
+ flow.last_switched = atol(value);
+ break;
+ default:
+ ntop->getTrace()->traceEvent(TRACE_INFO, "Not handled ZMQ field %u", key_id);
+ json_object_object_add(flow.additional_fields, key, json_object_new_string(value));
+ break;
+ }
+ }
+
+ /* Move to the next element */
+ json_object_iter_next(&it);
+ }
+
+ /* Process Flow */
+ flow_processing(&flow);
+
+ /* Dispose memory */
+ json_object_put(o);
+ json_object_put(flow.additional_fields);
+ } else
+ ntop->getTrace()->traceEvent(TRACE_WARNING,
+ "Invalid message received: your nProbe sender is outdated?");
+
+
+ ntop->getTrace()->traceEvent(TRACE_INFO, "[%u] %s", h.size, payload);
+ }
}
+
+ ntop->getTrace()->traceEvent(TRACE_NORMAL, "Flow collection is over.");
}
/* **************************************************** */
static void* packetPollLoop(void* ptr) {
CollectorInterface *iface = (CollectorInterface*)ptr;
- iface->run_collector_script();
+ iface->collect_flows();
return(NULL);
}
@@ -103,7 +248,7 @@
void CollectorInterface::shutdown() {
void *res;
-
+
if(running) {
NetworkInterface::shutdown();
pthread_join(pollLoop, &res);
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/CollectorInterface.h
^
|
| @@ -28,22 +28,20 @@
class CollectorInterface : public NetworkInterface {
private:
- Lua *l;
- char *script_name;
- char *endpoint;
+ char *endpoint, *topic;
+ void *context, *subscriber;
u_int32_t num_drops;
-
+
public:
CollectorInterface(const char *_endpoint, const char *_script_name);
~CollectorInterface();
inline const char* get_type() { return("zmq"); };
inline bool is_ndpi_enabled() { return(false); };
- char *getScriptName() { return script_name; };
char *getEndpoint() { return endpoint; };
inline void incrDrops(u_int32_t num) { num_drops += num; };
u_int32_t getNumDrops() { return(num_drops); };
- void run_collector_script();
+ void collect_flows();
void startPacketPolling();
void shutdown();
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Flow.cpp
^
|
| @@ -220,7 +220,9 @@
/* *************************************** */
-void Flow::setJSONInfo(char *json) {
+void Flow::setJSONInfo(const char *json) {
+ if(json == NULL) return;
+
if (json_info != NULL) free(json_info);
json_info = strdup(json);
}
@@ -368,7 +370,7 @@
lua_push_int_table_entry(vm, "rcvd", srv2cli_bytes);
lua_push_int_table_entry(vm, "sent.last", get_current_bytes_cli2srv());
lua_push_int_table_entry(vm, "rcvd.last", get_current_bytes_srv2cli());
-
+ lua_push_int_table_entry(vm, "duration", get_duration());
lua_push_float_table_entry(vm, "client.latitude", get_cli_host()->get_latitude());
lua_push_float_table_entry(vm, "client.longitude", get_cli_host()->get_longitude());
lua_push_str_table_entry(vm, "client.city", get_cli_host()->get_city() ? get_cli_host()->get_city() : (char*)"");
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Flow.h
^
|
| @@ -75,7 +75,7 @@
inline void updateTcpFlags(u_int8_t flags) { tcp_flags |= flags; };
void processDetectedProtocol();
void setDetectedProtocol(u_int16_t proto_id);
- void setJSONInfo(char *json);
+ void setJSONInfo(const char *json);
bool isFlowPeer(char *numIP);
void incStats(bool cli2srv_direction, u_int pkt_len);
void updateActivities();
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/FlowHash.cpp
^
|
| @@ -29,6 +29,8 @@
/* ************************************ */
+static u_int16_t max_num_loops = 0;
+
Flow* FlowHash::find(IpAddress *src_ip, IpAddress *dst_ip,
u_int16_t src_port, u_int16_t dst_port,
u_int16_t vlanId, u_int8_t protocol,
@@ -36,12 +38,22 @@
u_int32_t hash = ((src_ip->key()+dst_ip->key()+src_port+dst_port+vlanId+protocol) % num_hashes);
Flow *head = (Flow*)table[hash];
+ u_int16_t num_loops = 0;
while(head) {
- if(head->equal(src_ip, dst_ip, src_port, dst_port, vlanId, protocol, src2dst_direction))
+ if(head->equal(src_ip, dst_ip, src_port, dst_port, vlanId, protocol, src2dst_direction)) {
+ if(num_loops > max_num_loops) {
+ ntop->getTrace()->traceEvent(TRACE_INFO, "DEBUG: [Num loops: %u][hashId: %u]", num_loops, hash);
+ max_num_loops = num_loops;
+ }
return(head);
- else
- head = (Flow*)head->next();
+ } else
+ head = (Flow*)head->next(), num_loops++;
+ }
+
+ if(num_loops > max_num_loops) {
+ ntop->getTrace()->traceEvent(TRACE_INFO, "DEBUG: [Num loops: %u][hashId: %u]", num_loops, hash);
+ max_num_loops = num_loops;
}
return(NULL);
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/GenericHash.cpp
^
|
| @@ -63,6 +63,13 @@
if(current_size < max_hash_size) {
u_int32_t hash = (h->key() % num_hashes);
+ if(false) {
+ char buf[256];
+
+ ntop->getTrace()->traceEvent(TRACE_NORMAL, "%s(): adding %s/%u",
+ __FUNCTION__, h->get_string_key(buf, sizeof(buf)), h->key());
+ }
+
locks[hash]->lock(__FILE__, __LINE__);
h->set_next(table[hash]);
table[hash] = h, current_size++;
@@ -93,6 +100,13 @@
}
if(head) {
+ if(false) {
+ char buf[256];
+
+ ntop->getTrace()->traceEvent(TRACE_NORMAL, "%s(): removing %s",
+ __FUNCTION__, h->get_string_key(buf, sizeof(buf)));
+ }
+
if(prev != NULL)
prev->set_next(head->next());
else
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/GenericHost.cpp
^
|
| @@ -26,7 +26,7 @@
GenericHost::GenericHost(NetworkInterface *_iface) : GenericHashEntry(_iface) {
ndpiStats = new NdpiStats();
- localHost = false;
+ localHost = false, last_activity_update = 0;
last_bytes = 0, bytes_thpt = 0, bytes_thpt_trend = trend_unknown;
last_update_time.tv_sec = 0, last_update_time.tv_usec = 0;
// readStats(); - Commented as if put here it's too early and the key is not yet set
@@ -91,11 +91,14 @@
void GenericHost::updateActivities() {
time_t when = iface->getTimeLastPktRcvd();
-
- /* Set a bit every CONST_TREND_TIME_GRANULARITY seconds */
- when -= when % CONST_TREND_TIME_GRANULARITY;
- if(when > activityStats.get_wrap_time()) dumpStats(false);
- activityStats.set(when);
+
+ if(when != last_activity_update) {
+ /* Set a bit every CONST_TREND_TIME_GRANULARITY seconds */
+ when -= when % CONST_TREND_TIME_GRANULARITY;
+ if(when > activityStats.get_wrap_time()) dumpStats(false);
+ activityStats.set(when);
+ last_activity_update = when;
+ }
}
/* *************************************** */
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/GenericHost.h
^
|
| @@ -36,7 +36,8 @@
ValueTrend bytes_thpt_trend;
u_int64_t last_bytes;
struct timeval last_update_time;
-
+ time_t last_activity_update;
+
void dumpStats(bool forceDump);
void readStats();
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/IpAddress.cpp
^
|
| @@ -25,27 +25,28 @@
IpAddress::IpAddress() {
memset(&addr, 0, sizeof(addr));
+ compute_key();
}
/* ******************************************* */
IpAddress::IpAddress(char *string) {
set_from_string(string);
-checkPrivate();
+ compute_key();
}
/* ******************************************* */
IpAddress::IpAddress(IpAddress *ip) {
memcpy(&addr, &ip->addr, sizeof(struct ipAddress));
- checkPrivate();
+ compute_key();
}
/* ******************************************* */
IpAddress::IpAddress(u_int32_t _ipv4) {
set_ipv4(_ipv4);
- checkPrivate();
+ compute_key();
}
/* ******************************************* */
@@ -53,6 +54,7 @@
IpAddress::IpAddress(struct ndpi_in6_addr *_ipv6) {
set_ipv6(_ipv6);
addr.privateIP = false;
+ compute_key();
}
/* ******************************************* */
@@ -68,6 +70,8 @@
addr.ipVersion = 6, addr.localHost = 0;
}
}
+
+ compute_key();
}
/* ******************************************* */
@@ -103,7 +107,9 @@
if(((a & 0xFF000000) == 0x0A000000 /* 10.0.0.0/8 */)
|| ((a & 0xFFF00000) == 0xAC100000 /* 172.16.0.0/12 */)
- || ((a & 0xFFFF0000) == 0xC0A80000 /* 192.168.0.0/16 */))
+ || ((a & 0xFFFF0000) == 0xC0A80000 /* 192.168.0.0/16 */)
+ || ((a & 0xFF000000) == 0x7F000000 /* 127.0.0.0/8 */)
+ )
addr.privateIP = true;
}
@@ -122,16 +128,18 @@
/* ******************************************* */
-u_int32_t IpAddress::key() {
+void IpAddress::compute_key() {
+ checkPrivate();
+
if(addr.ipVersion == 4)
- return(addr.ipType.ipv4);
+ ip_key = ntohl(addr.ipType.ipv4);
else {
u_int32_t key=0;
for(u_int32_t i=0; i<4; i++)
key += addr.ipType.ipv6.__u6_addr.__u6_addr32[i];
- return(key);
+ ip_key = key;
}
}
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/IpAddress.h
^
|
| @@ -40,10 +40,12 @@
class IpAddress {
private:
struct ipAddress addr;
+ u_int32_t ip_key;
char* _intoaV4(unsigned int addr, char* buf, u_short bufLen);
char* _intoa(char* buf, u_short bufLen);
void checkPrivate();
+ void compute_key();
public:
IpAddress();
@@ -53,10 +55,11 @@
IpAddress(struct ndpi_in6_addr *_ipv6);
bool isEmpty();
+ inline void reset() { memset(&addr, 0, sizeof(addr)); }
inline bool isIPv4() { return((addr.ipVersion == 4) ? true : false); }
- inline void set_ipv4(u_int32_t _ipv4) { addr.ipVersion = 4, addr.ipType.ipv4 = _ipv4; }
- inline void set_ipv6(struct ndpi_in6_addr *_ipv6) { addr.ipVersion = 6, memcpy(&addr.ipType.ipv6, _ipv6, sizeof(struct ndpi_in6_addr)); }
- inline u_int32_t get_ipv4() { return((addr.ipVersion == 4) ? addr.ipType.ipv4 : 0); }
+ inline void set_ipv4(u_int32_t _ipv4) { addr.ipVersion = 4, addr.ipType.ipv4 = _ipv4; compute_key(); }
+ inline void set_ipv6(struct ndpi_in6_addr *_ipv6) { addr.ipVersion = 6, memcpy(&addr.ipType.ipv6, _ipv6, sizeof(struct ndpi_in6_addr)); compute_key(); }
+ inline u_int32_t get_ipv4() { return((addr.ipVersion == 4) ? addr.ipType.ipv4 : 0); }
inline struct ndpi_in6_addr* get_ipv6() { return((addr.ipVersion == 6) ? &addr.ipType.ipv6 : NULL); }
inline struct ipAddress* getIP() { return(&addr); };
inline bool equal(u_int32_t ipv4_addr) { if((addr.ipVersion == 4) && (addr.ipType.ipv4 == ipv4_addr)) return(true); else return(false); };
@@ -65,7 +68,7 @@
void set_from_string(char *string);
int compare(IpAddress *ip);
- u_int key();
+ inline u_int32_t key() { return(ip_key); };
void dump(struct sockaddr *sa);
inline bool isPrivateAddress() { return(addr.privateIP); };
char* print(char *str, u_int str_len);
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Lua.cpp
^
|
| @@ -45,6 +45,9 @@
#endif
};
+/* Included by Categorization.cpp */
+extern char* http_get(char *host, u_int port, char *page, char* rsp, u_int rsp_len);
+
/* ******************************* */
Lua::Lua() {
@@ -437,14 +440,37 @@
}
payload_len = h.size + 1;
- if((payload = (char*)malloc(payload_len)) != NULL) {
+ if((payload = (char*)malloc(payload_len)) != NULL) {
size = zmq_recv(subscriber, payload, payload_len, 0);
-
payload[h.size] = '\0';
- lua_pushfstring(vm, "%s", payload);
- ntop->getTrace()->traceEvent(TRACE_INFO, "[%u] %s", h.size, payload);
- free(payload);
- return(CONST_LUA_OK);
+
+ if(size > 0) {
+ json_object *o = json_tokener_parse(payload);
+
+ if(o != NULL) {
+ struct json_object_iterator it = json_object_iter_begin(o);
+ struct json_object_iterator itEnd = json_object_iter_end(o);
+
+ while (!json_object_iter_equal(&it, &itEnd)) {
+ char *key = (char*)json_object_iter_peek_name(&it);
+ const char *value = json_object_get_string(json_object_iter_peek_value(&it));
+
+ ntop->getTrace()->traceEvent(TRACE_NORMAL, "[%s]=[%s]", key, value);
+
+ json_object_iter_next(&it);
+ }
+
+ json_object_put(o);
+ }
+
+ lua_pushfstring(vm, "%s", payload);
+ ntop->getTrace()->traceEvent(TRACE_INFO, "[%u] %s", h.size, payload);
+ free(payload);
+ return(CONST_LUA_OK);
+ } else {
+ free(payload);
+ return(CONST_LUA_PARAM_ERROR);
+ }
} else
return(CONST_LUA_PARAM_ERROR);
}
@@ -886,6 +912,25 @@
/* ****************************************** */
+static int ntop_http_get(lua_State* vm) {
+ char *page, *host, rsp[4096], *out;
+ u_int port = 80;
+
+ if(ntop_lua_check(vm, __FUNCTION__, 1, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
+ if((host = (char*)lua_tostring(vm, 1)) == NULL) return(CONST_LUA_PARAM_ERROR);
+
+ if(ntop_lua_check(vm, __FUNCTION__, 2, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
+ if((page = (char*)lua_tostring(vm, 2)) == NULL) return(CONST_LUA_PARAM_ERROR);
+
+ out = http_get(host, port, page, rsp, sizeof(rsp));
+
+ lua_pushstring(vm, out ? out : "");
+
+ return(CONST_LUA_OK);
+}
+
+/* ****************************************** */
+
static int ntop_get_prefs(lua_State* vm) {
lua_newtable(vm);
lua_push_bool_table_entry(vm, "is_dns_resolution_enabled_for_all_hosts", ntop->getPrefs()->is_dns_resolution_enabled_for_all_hosts());
@@ -921,111 +966,6 @@
/* ****************************************** */
-static int ntop_process_flow(lua_State* vm) {
- NetworkInterface *ntop_interface;
- IpAddress src_ip, dst_ip;
- u_int16_t src_port, dst_port;
- u_int16_t vlan_id;
- u_int16_t proto_id;
- u_int8_t l4_proto, tcp_flags, id = 1;
- u_int in_pkts, in_bytes, out_pkts, out_bytes;
- u_int first_switched, last_switched;
- char *additional_fields_json;
- char *str;
- u_char smac[6], dmac[6];
-
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
- if((str = (char*)lua_tostring(vm, id)) == NULL) return(CONST_LUA_PARAM_ERROR);
- sscanf(str, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
- &smac[0], &smac[1], &smac[2], &smac[3], &smac[4], &smac[5]);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
- if((str = (char*)lua_tostring(vm, id)) == NULL) return(CONST_LUA_PARAM_ERROR);
- sscanf(str, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
- &dmac[0], &dmac[1], &dmac[2], &dmac[3], &dmac[4], &dmac[5]);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
- if((str = (char*)lua_tostring(vm, id)) == NULL) return(CONST_LUA_PARAM_ERROR);
- src_ip.set_from_string(str);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
- if((str = (char*)lua_tostring(vm, id)) == NULL) return(CONST_LUA_PARAM_ERROR);
- dst_ip.set_from_string(str);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- src_port = htons((u_int16_t)lua_tonumber(vm, id));
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- dst_port = htons((u_int16_t)lua_tonumber(vm, id));
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- vlan_id = htons((u_int16_t)lua_tonumber(vm, id));
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- proto_id = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- l4_proto = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- tcp_flags = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- in_pkts = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- in_bytes = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- out_pkts = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- out_bytes = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- first_switched = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TNUMBER)) return(CONST_LUA_ERROR);
- last_switched = (u_int32_t)lua_tonumber(vm, id);
-
- id++;
- if(ntop_lua_check(vm, __FUNCTION__, id, LUA_TSTRING)) return(CONST_LUA_PARAM_ERROR);
- if((additional_fields_json = (char*)lua_tostring(vm, id)) == NULL) return(CONST_LUA_PARAM_ERROR);
-
- lua_getglobal(vm, "ntop_interface");
- if((ntop_interface = (NetworkInterface*)lua_touserdata(vm, lua_gettop(vm))) == NULL) {
- handle_null_interface(vm);
- return(CONST_LUA_ERROR);
- // ntop_interface = ntop->getInterfaceId(0);
- }
-
- if(ntop_interface)
- ntop_interface->flow_processing(smac, dmac, &src_ip, &dst_ip, src_port, dst_port,
- vlan_id, proto_id, l4_proto, tcp_flags,
- in_pkts, in_bytes, out_pkts, out_bytes,
- first_switched, last_switched,
- additional_fields_json);
-
- return(true);
-}
-
-/* ****************************************** */
-
static int ntop_get_users(lua_State* vm) {
ntop->getUsers(vm);
@@ -1360,7 +1300,6 @@
{ "getFlowPeers", ntop_get_interface_flows_peers },
{ "findFlowByKey", ntop_get_interface_flow_by_key },
{ "getEndpoint", ntop_get_interface_endpoint },
- { "processFlow", ntop_process_flow },
{ "incrDrops", ntop_increase_drops },
{ "isRunning", ntop_interface_is_running },
{ "name2id", ntop_interface_name2id },
@@ -1400,6 +1339,7 @@
/* HTTP */
{ "httpRedirect", ntop_http_redirect },
+ { "httpGet", ntop_http_get },
/* Admin */
{ "getUsers", ntop_get_users },
@@ -1425,9 +1365,7 @@
ntop_class_reg ntop[] = {
{ "interface", ntop_interface_reg },
{ "ntop", ntop_reg },
- // { "luaejdb", ejdb_reg },
-
- {NULL, NULL}
+ {NULL, NULL}
};
for(i=0; ntop[i].class_name != NULL; i++) {
@@ -1537,6 +1475,8 @@
return hex[code & 15];
}
+/* ****************************************** */
+
/* Returns a url-encoded version of str */
/* IMPORTANT: be sure to free() the returned string after use */
static char* http_encode(char *str) {
@@ -1555,11 +1495,15 @@
}
#endif
+/* ****************************************** */
+
/* Converts a hex character to its integer value */
static char from_hex(char ch) {
return isdigit(ch) ? ch - '0' : tolower(ch) - 'a' + 10;
}
+/* ****************************************** */
+
/* Returns a url-decoded version of str */
/* IMPORTANT: be sure to free() the returned string after use */
static char* http_decode(char *str) {
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Makefile.in
^
|
| @@ -1,3 +1,4 @@
+SHELL=/bin/bash
OS := $(shell uname -s)
######
CREDIS_HOME=third-party/credis-0.2.3
@@ -120,7 +121,11 @@
#
rm -rf ntopng-data-@PACKAGE_VERSION@
mkdir -p ntopng-data-@PACKAGE_VERSION@/usr/local/share/ntopng/httpdocs/geoip/
- cp ~/dat_files/* ntopng-data-@PACKAGE_VERSION@/usr/local/share/ntopng/httpdocs/geoip/
+ @if test -d ~/dat_files ; then \
+ cp ~/dat_files/* ntopng-data-@PACKAGE_VERSION@/usr/local/share/ntopng/httpdocs/geoip/; \
+ else \
+ cp ./httpdocs/geoip/* ntopng-data-@PACKAGE_VERSION@/usr/local/share/ntopng/httpdocs/geoip/ ;\
+ fi
gunzip ntopng-data-@PACKAGE_VERSION@/usr/local/share/ntopng/httpdocs/geoip/*.gz
tar cvfz ntopng-data-@PACKAGE_VERSION@.tgz ntopng-data-@PACKAGE_VERSION@
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/NetworkInterface.cpp
^
|
| @@ -150,7 +150,7 @@
}
if(ifname) {
- ntop->getTrace()->traceEvent(TRACE_NORMAL, "Interface %s shutdown", ifname);
+ // ntop->getTrace()->traceEvent(TRACE_NORMAL, "Interface %s shutdown", ifname);
free(ifname);
ifname = NULL;
}
@@ -186,7 +186,8 @@
time_t first_seen, time_t last_seen) {
Flow *ret;
- ret = flows_hash->find(src_ip, dst_ip, src_port, dst_port, vlan_id, l4_proto, src2dst_direction);
+ ret = flows_hash->find(src_ip, dst_ip, src_port, dst_port,
+ vlan_id, l4_proto, src2dst_direction);
if(ret == NULL) {
ret = new Flow(this, vlan_id, l4_proto,
@@ -207,39 +208,40 @@
/* **************************************************** */
-void NetworkInterface::flow_processing(u_int8_t *src_eth, u_int8_t *dst_eth,
- IpAddress *src_ip, IpAddress *dst_ip,
- u_int16_t src_port, u_int16_t dst_port,
- u_int16_t vlan_id,
- u_int16_t proto_id,
- u_int8_t l4_proto, u_int8_t tcp_flags,
- u_int in_pkts, u_int in_bytes,
- u_int out_pkts, u_int out_bytes,
- u_int first_switched, u_int last_switched,
- char *additional_fields_json)
+void NetworkInterface::flow_processing(ZMQ_Flow *zflow)
{
bool src2dst_direction;
Flow *flow;
- if (last_switched > last_pkt_rcvd) last_pkt_rcvd = last_switched;
+ if((time_t)zflow->last_switched > (time_t)last_pkt_rcvd)
+ last_pkt_rcvd = zflow->last_switched;
/* Updating Flow */
- flow = getFlow(src_eth, dst_eth, vlan_id, src_ip, dst_ip, src_port, dst_port,
- l4_proto, &src2dst_direction, first_switched, last_switched);
+ flow = getFlow(zflow->src_mac, zflow->dst_mac,
+ zflow->vlan_id,
+ &zflow->src_ip, &zflow->dst_ip,
+ zflow->src_port, zflow->dst_port,
+ zflow->l4_proto, &src2dst_direction,
+ zflow->first_switched,
+ zflow->last_switched);
if(flow == NULL) return;
- if(l4_proto == IPPROTO_TCP) flow->updateTcpFlags(tcp_flags);
- flow->addFlowStats(src2dst_direction, in_pkts, in_bytes, out_pkts, out_bytes, last_switched);
- flow->setDetectedProtocol(proto_id);
- flow->setJSONInfo(additional_fields_json);
+ if(zflow->l4_proto == IPPROTO_TCP) flow->updateTcpFlags(zflow->tcp_flags);
+ flow->addFlowStats(src2dst_direction, zflow->in_pkts, zflow->in_bytes,
+ zflow->out_pkts, zflow->out_bytes,
+ zflow->last_switched);
+ flow->setDetectedProtocol(zflow->l7_proto);
+ flow->setJSONInfo(json_object_to_json_string(zflow->additional_fields));
flow->updateActivities();
- incStats(src_ip->isIPv4() ? ETHERTYPE_IP : ETHERTYPE_IPV6,
- flow->get_detected_protocol(), in_bytes+out_bytes, (in_pkts+out_pkts),
+ incStats(zflow->src_ip.isIPv4() ? ETHERTYPE_IP : ETHERTYPE_IPV6,
+ flow->get_detected_protocol(),
+ (zflow->in_bytes + zflow->out_bytes),
+ (zflow->in_pkts + zflow->out_pkts),
24 /* 8 Preamble + 4 CRC + 12 IFG */ + 14 /* Ethernet header */);
- purgeIdle(last_switched);
+ purgeIdle(zflow->last_switched);
}
/* **************************************************** */
@@ -540,7 +542,7 @@
/* **************************************************** */
void NetworkInterface::startPacketPolling() {
- if (cpu_affinity >= 0) Utils::setThreadAffinity(pollLoop, cpu_affinity);
+ if(cpu_affinity >= 0) Utils::setThreadAffinity(pollLoop, cpu_affinity);
ntop->getTrace()->traceEvent(TRACE_NORMAL, "Started packet polling on interface %s...", get_name());
running = true;
}
@@ -1075,14 +1077,15 @@
int i, numInterfaces = 0;
pcap_if_t *devpointer;
- if(help_printed) return; else help_printed = true;
+ if(printHelp && help_printed)
+ return;
ebuf[0] = '\0';
if(ifname == NULL) {
if(printHelp)
printf("Available interfaces (-i <interface index>):\n");
- else
+ else if(!help_printed)
ntop->getTrace()->traceEvent(TRACE_NORMAL, "Available interfaces (-i <interface index>):");
}
@@ -1103,7 +1106,7 @@
#else
printf(" %d. %s\n", numInterfaces, devpointer->name);
#endif
- } else
+ } else if(!help_printed)
ntop->getTrace()->traceEvent(TRACE_NORMAL, " %d. %s (%s)\n",
numInterfaces,
devpointer->description ? devpointer->description : "",
@@ -1128,6 +1131,8 @@
ntop->getTrace()->traceEvent(TRACE_WARNING, "No interfaces available: are you superuser?");
#endif
}
+
+ help_printed = true;
}
/* **************************************************** */
@@ -1148,7 +1153,7 @@
StringHost* NetworkInterface::findHostByString(char *keyname,
u_int16_t family_id,
bool createIfNotPresent) {
- StringHost *ret = strings_hash->get(keyname);
+ StringHost *ret = strings_hash->get(keyname, family_id);
if((ret == NULL) && createIfNotPresent) {
if((ret = new StringHost(this, keyname, family_id)) != NULL)
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/NetworkInterface.h
^
|
| @@ -34,6 +34,17 @@
u_int16_t protoType;
} Ether80211q;
+typedef struct zmq_flow {
+ IpAddress src_ip, dst_ip;
+ u_int16_t src_port, dst_port, l7_proto;
+ u_int16_t vlan_id;
+ u_int8_t l4_proto, tcp_flags;
+ u_int32_t in_pkts, in_bytes, out_pkts, out_bytes;
+ u_int32_t first_switched, last_switched;
+ json_object *additional_fields;
+ u_int8_t src_mac[6], dst_mac[6];
+} ZMQ_Flow;
+
class NetworkInterface {
protected:
char *ifname;
@@ -111,16 +122,7 @@
struct ndpi_iphdr *iph,
struct ndpi_ip6_hdr *ip6,
u_int16_t ipsize, u_int16_t rawsize);
- void flow_processing(u_int8_t *src_eth, u_int8_t *dst_eth,
- IpAddress *src_ip, IpAddress *dst_ip,
- u_int16_t src_port, u_int16_t dst_port,
- u_int16_t vlan_id,
- u_int16_t proto_id,
- u_int8_t l4_proto, u_int8_t tcp_flags,
- u_int in_pkts, u_int in_bytes,
- u_int out_pkts, u_int out_bytes,
- u_int first_switched, u_int last_switched,
- char *additional_fields_json);
+ void flow_processing(ZMQ_Flow *zflow);
void dumpFlows();
void getnDPIStats(NdpiStats *stats);
void updateHostStats();
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Ntop.cpp
^
|
| @@ -121,9 +121,9 @@
exit(-1);
}
- if(prefs->get_local_networks())
+ if(prefs->get_local_networks()) {
setLocalNetworks(prefs->get_local_networks());
- else {
+ } else {
/* Add defaults */
/* http://www.networksorcery.com/enp/protocol/ip/multicast.htm */
snprintf(buf, sizeof(buf), "%s,%s", CONST_DEFAULT_PRIVATE_NETS,
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Prefs.cpp
^
|
| @@ -25,16 +25,15 @@
Prefs::Prefs(Ntop *_ntop) {
ntop = _ntop, dump_timeline = false;
- local_networks = strdup(CONST_DEFAULT_HOME_NET);
+ local_networks = strdup(CONST_DEFAULT_HOME_NET","CONST_DEFAULT_LOCAL_NETS);
enable_dns_resolution = sniff_dns_responses = true;
categorization_enabled = false, resolve_all_host_ip = false;
host_max_idle = 60 /* sec */, flow_max_idle = 30 /* sec */;
- max_num_hosts = MAX_NUM_INTERFACE_HOSTS/2, max_num_flows = MAX_NUM_INTERFACE_HOSTS;
+ max_num_hosts = MAX_NUM_INTERFACE_HOSTS, max_num_flows = MAX_NUM_INTERFACE_HOSTS;
data_dir = strdup(CONST_DEFAULT_DATA_DIR);
docs_dir = strdup(CONST_DEFAULT_DOCS_DIR);
scripts_dir = strdup(CONST_DEFAULT_SCRIPTS_DIR);
callbacks_dir = strdup(CONST_DEFAULT_CALLBACKS_DIR);
- users_file_path = strdup(CONST_DEFAULT_USERS_FILE);
config_file_path = ndpi_proto_path = NULL;
http_port = CONST_DEFAULT_NTOP_PORT;
change_user = true, daemonize = false;
@@ -66,7 +65,6 @@
if(docs_dir) free(docs_dir);
if(scripts_dir) free(scripts_dir);
if(callbacks_dir) free(callbacks_dir);
- if(users_file_path) free(users_file_path);
if(config_file_path) free(config_file_path);
if(user) free(user);
if(pid_path) free(pid_path);
@@ -150,7 +148,7 @@
#endif
"[--packet-filter|-B] <filter> | Ingress packet filter (BPF filter)\n"
- "[--enable-aggregations|-A] <mode> | Setup data aggregation:"
+ "[--enable-aggregations|-A] <mode> | Setup data aggregation:\n"
" | 0 - No aggregations (default)\n"
" | 1 - Enable aggregations, no timeline dump\n"
" | 2 - Enable aggregations, with timeline dump (see -C)\n"
@@ -195,7 +193,6 @@
{ "core-affinity", required_argument, NULL, 'g' },
{ "dont-change-user", no_argument, NULL, 's' },
{ "disable-login", no_argument, NULL, 'l' },
- { "users-file", required_argument, NULL, 'u' },
{ "verbose", no_argument, NULL, 'v' },
{ "help", no_argument, NULL, 'h' },
{ "enable-aggregations", no_argument, NULL, 'A' },
@@ -351,11 +348,6 @@
enable_users_login = false;
break;
- case 'u':
- free(users_file_path);
- users_file_path = strdup(optarg);
- break;
-
case 'x':
max_num_hosts = max_val(atoi(optarg), 1024);
break;
@@ -426,7 +418,7 @@
int Prefs::loadFromCLI(int argc, char *argv[]) {
u_char c;
- while((c = getopt_long(argc, argv, "c:eg:hi:w:r:sg:m:n:p:d:x:1:2:3:lvu:A:B:CFG:U:X:",
+ while((c = getopt_long(argc, argv, "c:eg:hi:w:r:sg:m:n:p:d:x:1:2:3:lvA:B:CFG:U:X:",
long_options, NULL)) != '?') {
if(c == 255) break;
setOption(c, optarg);
@@ -498,8 +490,6 @@
int Prefs::save() {
FILE *fd;
- saveUsersToFile();
-
if(config_file_path == NULL)
return(-1);
@@ -528,7 +518,6 @@
if(cpu_affinity >= 0) fprintf(fd, "core-affinity=%d\n", cpu_affinity);
if(!change_user) fprintf(fd, "dont-change-user\n");
if(!enable_users_login) fprintf(fd, "disable-login\n");
- if(users_file_path) fprintf(fd, "users-file=%s\n", users_file_path);
if(docs_dir) fprintf(fd, "httpdocs-dir=%s\n", docs_dir);
if(scripts_dir) fprintf(fd, "scripts-dir=%s\n", scripts_dir);
if(callbacks_dir) fprintf(fd, "callbacks-dir=%s\n", callbacks_dir);
@@ -542,94 +531,3 @@
/* ******************************************* */
-int Prefs::loadUsersFromFile() {
- char buffer[512], *line, *key, *value, path[MAX_PATH];
- FILE *fd;
- int i;
-
- if(users_file_path == NULL)
- return(-1);
-
- snprintf(path, sizeof(path), "%s/%s", ntop->get_working_dir(), users_file_path);
- ntop->fixPath(path);
-
- fd = fopen(path, "r");
-
- if(fd == NULL) {
- ntop->getTrace()->traceEvent(TRACE_WARNING,
- "Config file %s not found (it will be created)", path);
- return(-1);
- }
-
- while(fd) {
- if(!(line = fgets(buffer, sizeof(buffer), fd)))
- break;
-
- if(((i = strlen(line)) <= 1) || (line[0] == '#'))
- continue;
- else
- line[i-1] = '\0';
-
- key = line;
- key = Utils::trim(key);
-
- value = strrchr(line, '=');
- if(value == NULL) {
- ntop->getTrace()->traceEvent(TRACE_WARNING, "Invalid line '%s'", line);
- continue;
- } else
- value[0] = 0, value = &value[1];
- value = Utils::trim(value);
-
- /* inserting all users info into redis */
- if(strncmp(key, "user.", 5) == 0) {
- if(ntop->getRedis()->set(key, value, 0) < 0)
- ntop->getTrace()->traceEvent(TRACE_WARNING, "Error setting '%s' = '%s'", key, value);
- }
- }
-
- fclose(fd);
-
- return(0);
-}
-
-/* ******************************************* */
-
-int Prefs::saveUsersToFile() {
- char **keys;
- char val[64], path[MAX_PATH];
- int rc, i;
- FILE *fd;
-
- if(users_file_path == NULL)
- return(-1);
-
- snprintf(path, sizeof(path), "%s/%s", data_dir, users_file_path);
- ntop->fixPath(path);
-
- fd = fopen(path, "w");
-
- if(fd == NULL) {
- ntop->getTrace()->traceEvent(TRACE_ERROR, "Unable to open file %s [%s]", path, strerror(errno));
- return(-1);
- }
-
- /* wrinting users */
- if((rc = ntop->getRedis()->keys("user.*", &keys)) > 0) {
- for (i = 0; i < rc; i++) {
- if(keys[i] == NULL) continue; /* safety check */
-
- if(ntop->getRedis()->get(keys[i], val, sizeof(val)) >= 0)
- fprintf(fd, "%s=%s\n", keys[i], val);
-
- free(keys[i]);
- }
-
- free(keys);
- }
-
- fclose(fd);
-
- return(rc);
-}
-
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/Prefs.h
^
|
| @@ -49,7 +49,7 @@
char *ifNames[MAX_NUM_INTERFACES], *local_networks;
char *data_dir, *docs_dir, *scripts_dir, *callbacks_dir;
char *categorization_key;
- char *users_file_path, *config_file_path, *ndpi_proto_path;
+ char *config_file_path, *ndpi_proto_path;
char *packet_filter;
char *user;
char *redis_host;
@@ -62,7 +62,6 @@
inline void help() { usage(); };
int setOption(int optkey, char *optarg);
int checkOptions();
- int saveUsersToFile();
public:
Prefs(Ntop *_ntop);
@@ -103,7 +102,6 @@
inline u_int32_t get_max_num_flows() { return(max_num_flows); };
inline bool daemonize_ntopng() { return(daemonize); };
inline void addDefaultInterface() { num_interfaces++; };
- int loadUsersFromFile();
int loadFromCLI(int argc, char *argv[]);
int loadFromFile(const char *path);
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/StringHash.cpp
^
|
| @@ -29,7 +29,7 @@
/* ************************************ */
-StringHost* StringHash::get(char *key) {
+StringHost* StringHash::get(char *key, u_int16_t family_id) {
u_int32_t hash = Utils::hashString(key) % num_hashes;
if(table[hash] == NULL) {
@@ -41,7 +41,8 @@
head = (StringHost*)table[hash];
while(head != NULL) {
- if(strcmp(key, head->host_key()) == 0)
+ if((head->get_family_id() == family_id)
+ && (strcmp(key, head->host_key()) == 0))
break;
else
head = (StringHost*)head->next();
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/StringHash.h
^
|
| @@ -28,7 +28,7 @@
public:
StringHash(NetworkInterface *iface, u_int _num_hashes, u_int _max_hash_size);
- StringHost* get(char *key);
+ StringHost* get(char *key, u_int16_t family_id);
};
#endif /* _STRING_HASH_H_ */
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/configure
^
|
| @@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for Makefile.in 1.0.2.
+# Generated by GNU Autoconf 2.69 for Makefile.in 1.0.9.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
# Identity of this package.
PACKAGE_NAME='Makefile.in'
PACKAGE_TARNAME='makefile-in'
-PACKAGE_VERSION='1.0.2'
-PACKAGE_STRING='Makefile.in 1.0.2'
+PACKAGE_VERSION='1.0.9'
+PACKAGE_STRING='Makefile.in 1.0.9'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -1235,7 +1235,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Makefile.in 1.0.2 to adapt to many kinds of systems.
+\`configure' configures Makefile.in 1.0.9 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1296,7 +1296,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Makefile.in 1.0.2:";;
+ short | recursive ) echo "Configuration of Makefile.in 1.0.9:";;
esac
cat <<\_ACEOF
@@ -1376,7 +1376,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Makefile.in configure 1.0.2
+Makefile.in configure 1.0.9
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1674,7 +1674,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Makefile.in $as_me 1.0.2, which was
+It was created by Makefile.in $as_me 1.0.9, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -4310,7 +4310,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Makefile.in $as_me 1.0.2, which was
+This file was extended by Makefile.in $as_me 1.0.9, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -4372,7 +4372,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-Makefile.in config.status 1.0.2
+Makefile.in config.status 1.0.9
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/configure.in
^
|
| @@ -1,4 +1,4 @@
-AC_INIT([Makefile.in], 1.0.2)
+AC_INIT([Makefile.in], 1.0.9)
AC_PROG_CPP
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/main.cpp
^
|
| @@ -86,8 +86,6 @@
ntop->registerPrefs(prefs);
- prefs->loadUsersFromFile();
-
if(prefs->get_num_interfaces() == 0) {
/* We need to add a default interface */
prefs->addDefaultInterface();
@@ -99,26 +97,18 @@
ifName = ntop->get_if_name(i);
/* [ zmq-collector.lua@tcp://127.0.0.1:5556 ] */
- if(ifName && (strstr(ifName, "tcp://") || strstr(ifName, "ipc://"))) {
+ if(ifName && (strstr(ifName, "tcp://")
+ || strstr(ifName, "ipc://"))
+ ) {
char *at = strchr(ifName, '@');
- char *script, *endpoint;
-
- if(at != NULL) {
- u_int len = strlen(ifName)-strlen(at);
-
- script = (char*)malloc(len+1);
- if(script == NULL) {
- ntop->getTrace()->traceEvent(TRACE_ERROR, "Not enough memory");
- exit(-1);
- }
+ char *topic = (char*)"flow", *endpoint;
- strncpy(script, ifName, len);
- script[len] = '\0';
+ if(at != NULL)
endpoint = &at[1];
- } else
- script = strdup("nprobe-collector.lua"), endpoint = ifName;
+ else
+ endpoint = ifName;
- iface = new CollectorInterface(endpoint, script);
+ iface = new CollectorInterface(endpoint, topic);
} else {
#ifdef HAVE_PF_RING
try {
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/ntop_defines.h
^
|
| @@ -22,6 +22,8 @@
#ifndef _NTOP_DEFINES_H_
#define _NTOP_DEFINES_H_
+#include "ntop_flow.h"
+
#define NUM_ROOTS 512
/* ***************************************************** */
@@ -61,7 +63,7 @@
#define NO_NDPI_PROTOCOL ((u_int)-1)
#define NDPI_MIN_NUM_PACKETS 10
#define GTP_U_V1_PORT 2152
-#define MAX_NUM_INTERFACE_HOSTS 65536
+#define MAX_NUM_INTERFACE_HOSTS 131072
#define MAX_NUM_INTERFACES 16
#define FLOW_PURGE_FREQUENCY 1 /* sec */
@@ -134,8 +136,8 @@
#define CONST_MAX_ACTIVITY_DURATION 86400 /* sec */
#define CONST_TREND_TIME_GRANULARITY 1 /* sec */
-#define CONST_DEFAULT_PRIVATE_NETS "192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"
-#define CONST_DEFAULT_LOCAL_NETS "0.0.0.0/32,224.0.0.0/8,239.0.0.0/8,255.255.255.255/32"
+#define CONST_DEFAULT_PRIVATE_NETS "192.168.0.0/16,172.16.0.0/12,10.0.0.0/8,127.0.0.0/8"
+#define CONST_DEFAULT_LOCAL_NETS "0.0.0.0/32,224.0.0.0/8,239.0.0.0/8,255.255.255.255/32,127.0.0.0/8"
#define PAGE_NOT_FOUND "<html><head><title>ntop</title></head><body><center><img src=/img/warning.png> Page "%s" was not found</body></html>"
#define PAGE_ERROR "<html><head><title>ntop</title></head><body><img src=/img/warning.png> Script "%s" returned an error:<p>\n<pre>%s</pre></body></html>"
|
|
[-]
[+]
|
Added |
ntopng-1.0.2.tar.bz2/ntop_flow.h
^
|
| @@ -0,0 +1,373 @@
+/*
+ *
+ * (C) 2013 - ntop.org
+ *
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+/*
+ NOTE
+
+ This is the companion file of nProbe/template.h
+*/
+
+#ifndef _NTOP_FLOW_H_
+#define _NTOP_FLOW_H_
+
+
+#define NTOP_BASE_ID 57472
+
+/* 1024 custom ntop elements for v9 should be enough */
+#define NTOP_BASE_NETFLOW_ID NTOP_BASE_ID+1024
+
+#define IN_BYTES 1
+#define SYSTEM_ID 1
+#define IN_PKTS 2
+#define INTERFACE_ID 2
+#define FLOWS 3
+#define LINE_CARD 3
+#define PROTOCOL 4
+#define PROTOCOL_MAP NTOP_BASE_NETFLOW_ID+4
+#define NETFLOW_CACHE 4
+#define SRC_TOS 5
+#define TEMPLATE_ID 5
+#define TCP_FLAGS 6
+#define L4_SRC_PORT 7
+#define L4_SRC_PORT_MAP NTOP_BASE_NETFLOW_ID+7
+#define IPV4_SRC_ADDR 8
+#define IPV4_SRC_MASK 9
+#define INPUT_SNMP 10
+#define L4_DST_PORT 11
+#define L4_DST_PORT_MAP NTOP_BASE_NETFLOW_ID+11
+#define L4_SRV_PORT NTOP_BASE_NETFLOW_ID+12
+#define L4_SRV_PORT_MAP NTOP_BASE_NETFLOW_ID+13
+#define IPV4_DST_ADDR 12
+#define IPV4_DST_MASK 13
+#define OUTPUT_SNMP 14
+#define IPV4_NEXT_HOP 15
+#define SRC_AS 16
+#define DST_AS 17
+#define BGP_IPV4_NEXT_HOP 18
+#define MUL_DST_PKTS 19
+#define MUL_DST_BYTES 20
+#define LAST_SWITCHED 21
+#define FIRST_SWITCHED 22
+#define OUT_BYTES 23
+#define OUT_PKTS 24
+#define IPV6_SRC_ADDR 27
+#define IPV6_DST_ADDR 28
+#define IPV6_SRC_MASK 29
+#define IPV6_DST_MASK 30
+#define IPV6_FLOW_LABEL 31
+#define ICMP_TYPE 32
+#define MUL_IGMP_TYPE 33
+#define SAMPLING_INTERVAL 34
+#define SAMPLING_ALGORITHM 35
+#define FLOW_ACTIVE_TIMEOUT 36
+#define FLOW_INACTIVE_TIMEOUT 37
+#define ENGINE_TYPE 38
+#define ENGINE_ID 39
+#define TOTAL_BYTES_EXP 40
+#define TOTAL_PKTS_EXP 41
+#define TOTAL_FLOWS_EXP 42
+#define MIN_TTL 52
+#define MAX_TTL 53
+#define IN_SRC_MAC 56
+#define SRC_VLAN 58
+#define DST_VLAN 59
+#define IP_PROTOCOL_VERSION 60
+#define DIRECTION 61
+#define IPV6_NEXT_HOP 62
+#define BPG_IPV6_NEXT_HOP 63
+#define IPV6_OPTION_HEADERS 64
+#define MPLS_LABEL_1 70
+#define MPLS_LABEL_2 71
+#define MPLS_LABEL_3 72
+#define MPLS_LABEL_4 73
+#define MPLS_LABEL_5 74
+#define MPLS_LABEL_6 75
+#define MPLS_LABEL_7 76
+#define MPLS_LABEL_8 77
+#define MPLS_LABEL_9 78
+#define MPLS_LABEL_10 79
+#define OUT_DST_MAC 80
+#define APPLICATION_ID 95
+#define PACKET_SECTION_OFFSET 102
+#define SAMPLED_PACKET_SIZE 103
+#define SAMPLED_PACKET_ID 104
+#define EXPORTER_IPV4_ADDRESS 130
+#define EXPORTER_IPV6_ADDRESS 131
+#define FLOW_ID 148
+#define FLOW_START_SEC 150
+#define FLOW_END_SEC 151
+#define FLOW_START_MILLISECONDS 152
+#define FLOW_END_MILLISECONDS 153
+#define BIFLOW_DIRECTION 239
+#define OBSERVATION_POINT_TYPE 277
+#define OBSERVATION_POINT_ID 300
+#define SELECTOR_ID 302
+#define IPFIX_SAMPLING_ALGORITHM 304
+#define SAMPLING_SIZE 309
+#define SAMPLING_POPULATION 310
+#define FRAME_LENGTH 312
+#define PACKETS_OBSERVED 318
+#define PACKETS_SELECTED 319
+#define SELECTOR_NAME 335
+#define FRAGMENTS NTOP_BASE_ID+80
+#define CLIENT_NW_DELAY_SEC NTOP_BASE_ID+82
+#define CLIENT_NW_DELAY_USEC NTOP_BASE_ID+83
+#define SERVER_NW_DELAY_SEC NTOP_BASE_ID+84
+#define SERVER_NW_DELAY_USEC NTOP_BASE_ID+85
+#define APPL_LATENCY_SEC NTOP_BASE_ID+86
+#define APPL_LATENCY_USEC NTOP_BASE_ID+87
+#define NUM_PKTS_UP_TO_128_BYTES NTOP_BASE_ID+88
+#define NUM_PKTS_128_TO_256_BYTES NTOP_BASE_ID+89
+#define NUM_PKTS_256_TO_512_BYTES NTOP_BASE_ID+90
+#define NUM_PKTS_512_TO_1024_BYTES NTOP_BASE_ID+91
+#define NUM_PKTS_1024_TO_1514_BYTES NTOP_BASE_ID+92
+#define NUM_PKTS_OVER_1514_BYTES NTOP_BASE_ID+93
+#define CUMULATIVE_ICMP_TYPE NTOP_BASE_ID+98
+#define SRC_IP_COUNTRY NTOP_BASE_ID+101
+#define SRC_IP_CITY NTOP_BASE_ID+102
+#define DST_IP_COUNTRY NTOP_BASE_ID+103
+#define DST_IP_CITY NTOP_BASE_ID+104
+#define FLOW_PROTO_PORT NTOP_BASE_ID+105
+#define UPSTREAM_TUNNEL_ID NTOP_BASE_ID+106
+#define LONGEST_FLOW_PKT NTOP_BASE_ID+107
+#define SHORTEST_FLOW_PKT NTOP_BASE_ID+108
+#define RETRANSMITTED_IN_PKTS NTOP_BASE_ID+109
+#define RETRANSMITTED_OUT_PKTS NTOP_BASE_ID+110
+#define OOORDER_IN_PKTS NTOP_BASE_ID+111
+#define OOORDER_OUT_PKTS NTOP_BASE_ID+112
+#define UNTUNNELED_PROTOCOL NTOP_BASE_ID+113
+#define UNTUNNELED_IPV4_SRC_ADDR NTOP_BASE_ID+114
+#define UNTUNNELED_L4_SRC_PORT NTOP_BASE_ID+115
+#define UNTUNNELED_IPV4_DST_ADDR NTOP_BASE_ID+116
+#define UNTUNNELED_L4_DST_PORT NTOP_BASE_ID+117
+#define L7_PROTO NTOP_BASE_ID+118
+#define L7_PROTO_NAME NTOP_BASE_ID+119
+#define DOWNSTREAM_TUNNEL_ID NTOP_BASE_ID+120
+#define FLOW_USER_NAME NTOP_BASE_ID+121
+#define FLOW_SERVER_NAME NTOP_BASE_ID+122
+#define CLIENT_NW_DELAY_MS NTOP_BASE_ID+123
+#define SERVER_NW_DELAY_MS NTOP_BASE_ID+124
+#define APPL_LATENCY_MS NTOP_BASE_ID+125
+#define PLUGIN_NAME NTOP_BASE_ID+126
+#define NUM_PKTS_TTL_EQ_1 NTOP_BASE_ID+347
+#define NUM_PKTS_TTL_2_5 NTOP_BASE_ID+346
+#define NUM_PKTS_TTL_5_32 NTOP_BASE_ID+334
+#define NUM_PKTS_TTL_32_64 NTOP_BASE_ID+335
+#define NUM_PKTS_TTL_64_96 NTOP_BASE_ID+336
+#define NUM_PKTS_TTL_96_128 NTOP_BASE_ID+337
+#define NUM_PKTS_TTL_128_160 NTOP_BASE_ID+338
+#define NUM_PKTS_TTL_160_192 NTOP_BASE_ID+339
+#define NUM_PKTS_TTL_192_224 NTOP_BASE_ID+340
+#define NUM_PKTS_TTL_224_255 NTOP_BASE_ID+341
+#define IN_SRC_OSI_SAP NTOP_BASE_ID+349
+#define OUT_DST_OSI_SAP NTOP_BASE_ID+350
+
+/* SIP */
+#define SIP_CALL_ID NTOP_BASE_ID+130
+#define SIP_CALLING_PARTY NTOP_BASE_ID+131
+#define SIP_CALLED_PARTY NTOP_BASE_ID+132
+#define SIP_RTP_CODECS NTOP_BASE_ID+133
+#define SIP_INVITE_TIME NTOP_BASE_ID+134
+#define SIP_TRYING_TIME NTOP_BASE_ID+135
+#define SIP_RINGING_TIME NTOP_BASE_ID+136
+#define SIP_INVITE_OK_TIME NTOP_BASE_ID+137
+#define SIP_INVITE_FAILURE_TIME NTOP_BASE_ID+138
+#define SIP_BYE_TIME NTOP_BASE_ID+139
+#define SIP_BYE_OK_TIME NTOP_BASE_ID+140
+#define SIP_CANCEL_TIME NTOP_BASE_ID+141
+#define SIP_CANCEL_OK_TIME NTOP_BASE_ID+142
+#define SIP_RTP_IPV4_SRC_ADDR NTOP_BASE_ID+143
+#define SIP_RTP_L4_SRC_PORT NTOP_BASE_ID+144
+#define SIP_RTP_IPV4_DST_ADDR NTOP_BASE_ID+145
+#define SIP_RTP_L4_DST_PORT NTOP_BASE_ID+146
+#define SIP_FAILURE_CODE NTOP_BASE_ID+147
+#define SIP_REASON_CAUSE NTOP_BASE_ID+148
+
+
+/* RTP */
+#define RTP_FIRST_SSRC NTOP_BASE_ID+150
+#define RTP_FIRST_TS NTOP_BASE_ID+151
+#define RTP_LAST_SSRC NTOP_BASE_ID+152
+#define RTP_LAST_TS NTOP_BASE_ID+153
+#define RTP_IN_JITTER NTOP_BASE_ID+154
+#define RTP_OUT_JITTER NTOP_BASE_ID+155
+#define RTP_IN_PKT_LOST NTOP_BASE_ID+156
+#define RTP_OUT_PKT_LOST NTOP_BASE_ID+157
+#define RTP_OUT_PAYLOAD_TYPE NTOP_BASE_ID+158
+#define RTP_IN_MAX_DELTA NTOP_BASE_ID+159
+#define RTP_OUT_MAX_DELTA NTOP_BASE_ID+160
+#define RTP_IN_PAYLOAD_TYPE NTOP_BASE_ID+161
+#define RTP_SIP_CALL_ID NTOP_BASE_ID+348
+/* Process */
+#define PROC_ID NTOP_BASE_ID+168
+#define PROC_NAME NTOP_BASE_ID+169
+
+/* HTTP */
+#define HTTP_URL NTOP_BASE_ID+180
+#define HTTP_METHOD NTOP_BASE_ID+360
+#define HTTP_RET_CODE NTOP_BASE_ID+181
+#define HTTP_REFERER NTOP_BASE_ID+182
+#define HTTP_UA NTOP_BASE_ID+183
+#define HTTP_MIME NTOP_BASE_ID+184
+#define HTTP_HOST NTOP_BASE_ID+187
+#define HTTP_FBOOK_CHAT NTOP_BASE_ID+188
+
+/* SMTP */
+#define SMTP_MAIL_FROM NTOP_BASE_ID+185
+#define SMTP_RCPT_TO NTOP_BASE_ID+186
+
+/* MySQL */
+#define MYSQL_SRV_VERSION NTOP_BASE_ID+195
+#define MYSQL_USERNAME NTOP_BASE_ID+196
+#define MYSQL_DB NTOP_BASE_ID+197
+#define MYSQL_QUERY NTOP_BASE_ID+198
+#define MYSQL_RESPONSE NTOP_BASE_ID+199
+#define MYSQL_APPL_LATENCY_USEC NTOP_BASE_ID+320
+
+/* Oracle */
+#define ORACLE_USERNAME NTOP_BASE_ID+200
+#define ORACLE_QUERY NTOP_BASE_ID+201
+#define ORACLE_RSP_CODE NTOP_BASE_ID+202
+#define ORACLE_RSP_STRING NTOP_BASE_ID+203
+#define ORACLE_QUERY_DURATION NTOP_BASE_ID+204
+
+/* DNS */
+#define DNS_QUERY NTOP_BASE_ID+205
+#define DNS_QUERY_ID NTOP_BASE_ID+206
+#define DNS_QUERY_TYPE NTOP_BASE_ID+207
+#define DNS_RET_CODE NTOP_BASE_ID+208
+#define DNS_NUM_ANSWERS NTOP_BASE_ID+209
+#define DNS_TTL_ANSWER NTOP_BASE_ID+352
+
+/* POP */
+#define POP_USER NTOP_BASE_ID+210
+
+/* GTPv1 */
+#define GTPV1_REQ_MSG_TYPE NTOP_BASE_ID+220
+#define GTPV1_RSP_MSG_TYPE NTOP_BASE_ID+221
+#define GTPV1_C2S_TEID_DATA NTOP_BASE_ID+222
+#define GTPV1_C2S_TEID_CTRL NTOP_BASE_ID+223
+#define GTPV1_S2C_TEID_DATA NTOP_BASE_ID+224
+#define GTPV1_S2C_TEID_CTRL NTOP_BASE_ID+225
+#define GTPV1_END_USER_IP NTOP_BASE_ID+226
+#define GTPV1_END_USER_IMSI NTOP_BASE_ID+227
+#define GTPV1_END_USER_MSISDN NTOP_BASE_ID+228
+#define GTPV1_END_USER_IMEI NTOP_BASE_ID+229
+#define GTPV1_APN_NAME NTOP_BASE_ID+230
+#define GTPV1_RAI_MCC NTOP_BASE_ID+231
+#define GTPV1_RAI_MNC NTOP_BASE_ID+232
+#define GTPV1_RAI_LAC NTOP_BASE_ID+342
+#define GTPV1_RAI_RAC NTOP_BASE_ID+343
+#define GTPV1_ULI_MCC NTOP_BASE_ID+344
+#define GTPV1_ULI_MNC NTOP_BASE_ID+345
+#define GTPV1_ULI_CELL_LAC NTOP_BASE_ID+233
+#define GTPV1_ULI_CELL_CI NTOP_BASE_ID+234
+#define GTPV1_ULI_SAC NTOP_BASE_ID+235
+#define GTPV1_RESPONSE_CAUSE NTOP_BASE_ID+332
+
+/* Radius */
+#define RADIUS_REQ_MSG_TYPE NTOP_BASE_ID+240
+#define RADIUS_RSP_MSG_TYPE NTOP_BASE_ID+241
+#define RADIUS_USER_NAME NTOP_BASE_ID+242
+#define RADIUS_CALLING_STATION_ID NTOP_BASE_ID+243
+#define RADIUS_CALLED_STATION_ID NTOP_BASE_ID+244
+#define RADIUS_NAS_IP_ADDR NTOP_BASE_ID+245
+#define RADIUS_NAS_IDENTIFIER NTOP_BASE_ID+246
+#define RADIUS_USER_IMSI NTOP_BASE_ID+247
+#define RADIUS_USER_IMEI NTOP_BASE_ID+248
+#define RADIUS_FRAMED_IP_ADDR NTOP_BASE_ID+249
+#define RADIUS_ACCT_SESSION_ID NTOP_BASE_ID+250
+#define RADIUS_ACCT_STATUS_TYPE NTOP_BASE_ID+251
+#define RADIUS_ACCT_IN_OCTETS NTOP_BASE_ID+252
+#define RADIUS_ACCT_OUT_OCTETS NTOP_BASE_ID+253
+#define RADIUS_ACCT_IN_PKTS NTOP_BASE_ID+254
+#define RADIUS_ACCT_OUT_PKTS NTOP_BASE_ID+255
+
+/* IMAP */
+#define IMAP_LOGIN NTOP_BASE_ID+260
+
+/* GTPv2 */
+#define GTPV2_REQ_MSG_TYPE NTOP_BASE_ID+270
+#define GTPV2_RSP_MSG_TYPE NTOP_BASE_ID+271
+#define GTPV2_C2S_S1U_GTPU_TEID NTOP_BASE_ID+272
+#define GTPV2_C2S_S1U_GTPU_IP NTOP_BASE_ID+273
+#define GTPV2_S2C_S1U_GTPU_TEID NTOP_BASE_ID+274
+#define GTPV2_S2C_S1U_GTPU_IP NTOP_BASE_ID+275
+#define GTPV2_END_USER_IMSI NTOP_BASE_ID+276
+#define GTPV2_END_USER_MSISDN NTOP_BASE_ID+277
+#define GTPV2_APN_NAME NTOP_BASE_ID+278
+#define GTPV2_ULI_MCC NTOP_BASE_ID+279
+#define GTPV2_ULI_MNC NTOP_BASE_ID+280
+#define GTPV2_ULI_CELL_TAC NTOP_BASE_ID+281
+#define GTPV2_ULI_CELL_ID NTOP_BASE_ID+282
+#define GTPV2_RESPONSE_CAUSE NTOP_BASE_ID+333
+
+/* BGP */
+#define SRC_AS_PATH_1 NTOP_BASE_ID+290
+#define SRC_AS_PATH_2 NTOP_BASE_ID+291
+#define SRC_AS_PATH_3 NTOP_BASE_ID+292
+#define SRC_AS_PATH_4 NTOP_BASE_ID+293
+#define SRC_AS_PATH_5 NTOP_BASE_ID+294
+#define SRC_AS_PATH_6 NTOP_BASE_ID+295
+#define SRC_AS_PATH_7 NTOP_BASE_ID+296
+#define SRC_AS_PATH_8 NTOP_BASE_ID+297
+#define SRC_AS_PATH_9 NTOP_BASE_ID+298
+#define SRC_AS_PATH_10 NTOP_BASE_ID+299
+#define DST_AS_PATH_1 NTOP_BASE_ID+300
+#define DST_AS_PATH_2 NTOP_BASE_ID+301
+#define DST_AS_PATH_3 NTOP_BASE_ID+302
+#define DST_AS_PATH_4 NTOP_BASE_ID+303
+#define DST_AS_PATH_5 NTOP_BASE_ID+304
+#define DST_AS_PATH_6 NTOP_BASE_ID+305
+#define DST_AS_PATH_7 NTOP_BASE_ID+306
+#define DST_AS_PATH_8 NTOP_BASE_ID+307
+#define DST_AS_PATH_9 NTOP_BASE_ID+308
+#define DST_AS_PATH_10 NTOP_BASE_ID+309
+
+/* GTPv0 */
+/* Note NTOP_BASE_ID+320 is used by MySQL */
+#define GTPV0_REQ_MSG_TYPE NTOP_BASE_ID+321
+#define GTPV0_RSP_MSG_TYPE NTOP_BASE_ID+322
+#define GTPV0_TID NTOP_BASE_ID+323
+#define GTPV0_END_USER_IP NTOP_BASE_ID+324
+#define GTPV0_END_USER_MSISDN NTOP_BASE_ID+325
+#define GTPV0_APN_NAME NTOP_BASE_ID+326
+#define GTPV0_RAI_MCC NTOP_BASE_ID+327
+#define GTPV0_RAI_MNC NTOP_BASE_ID+328
+#define GTPV0_RAI_CELL_LAC NTOP_BASE_ID+329
+#define GTPV0_RAI_CELL_RAC NTOP_BASE_ID+330
+#define GTPV0_RESPONSE_CAUSE NTOP_BASE_ID+331
+
+#define WHOIS_DAS_DOMAIN NTOP_BASE_ID+351
+
+#define DHCP_CLIENT_MAC NTOP_BASE_ID+353
+#define DHCP_CLIENT_IP NTOP_BASE_ID+354
+#define DHCP_CLIENT_NAME NTOP_BASE_ID+355
+
+#define FTP_LOGIN NTOP_BASE_ID+356
+#define FTP_PASSWORD NTOP_BASE_ID+357
+#define FTP_COMMAND NTOP_BASE_ID+358
+#define FTP_COMMAND_RET_CODE NTOP_BASE_ID+359
+
+/* Last used identifier is NTOP_BASE_ID+360 (HTTP_METHOD) */
+
+
+#endif /* _NTOP_FLOW_H_ */
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/ntopng.8
^
|
| @@ -39,8 +39,6 @@
.RB [ -U
.IR <sys_user> ]
.RB [ -l ]
-.RB [ -u
-.IR <users_file> ]
.RB [ -X
.IR <max num flows> ]
.RB [ -B
@@ -206,17 +204,6 @@
.It -v|--verbose
Verbose tracing
-.It -u|--users-file
-Specifies the file containing users credentials, using the following format:
-
-user.utente.password=5f4dcc3b5aa765d61d8327deb882cf99
-user.utente.full_name=New User
-user.utente.group=administrator
-
-The md5 sum of the password has to be provided.
-This file can be used to overwrite the default "admin" password.
-Users can be added/deleted also from the web gui. Changes are written back to the users file, if any.
-
.It -h|--help
Help
|
|
[-]
[+]
|
Deleted |
ntopng-1.0.2.tar.bz2/scripts/callbacks/nprobe-collector.lua
^
|
| @@ -1,133 +0,0 @@
---
--- (C) 2013 - ntop.org
---
-
-dirs = ntop.getDirs()
-package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
-
-require "lua_utils"
-require "template"
-local json = require ("dkjson")
-
-local debug_collector = ntop.verboseTrace()
-
-local handled_fields = {
-[template.IN_SRC_MAC] = true,
-[template.OUT_DST_MAC] = true,
-[template.IPV4_SRC_ADDR] = true,
-[template.IPV4_SRC_MASK] = true,
-[template.IPV4_DST_ADDR] = true,
-[template.IPV4_DST_MASK] = true,
-[template.IPV6_SRC_ADDR] = true,
-[template.IPV6_DST_ADDR] = true,
-[template.L4_SRC_PORT] = true,
-[template.L4_DST_PORT] = true,
-[template.SRC_VLAN] = true,
-[template.DST_VLAN] = true,
-[template.L7_PROTO] = true,
-[template.L7_PROTO_NAME] = true,
-[template.TCP_FLAGS] = true,
-[template.PROTOCOL] = true,
-[template.IN_PKTS] = true,
-[template.IN_BYTES] = true,
-[template.OUT_PKTS] = true,
-[template.OUT_BYTES] = true,
-[template.FIRST_SWITCHED] = true,
-[template.LAST_SWITCHED] = true,
-[template.TOTAL_FLOWS_EXP] = true
-}
-
-print("Starting ZMQ collector on "..ifname)
-interface.find(ifname)
-local endpoint = interface.getEndpoint()
-ntop.zmq_connect(endpoint, "flow")
-
-local last_total_flows_exp = 0
-local total_flow_drops = 0
-
-print("ZMQ Collector connected to " .. endpoint .. "\n")
-
-while(interface.isRunning) do
- flowjson = ntop.zmq_receive()
-
- if(debug_collector) then print("[ZMQ] "..flowjson) end
- local flow, pos, err = json.decode(flowjson, 1, nil)
- if err then
- print("JSON parser error: " .. err)
- else
-
- if(false) then
- for key,value in pairs(flow) do
- print(key.."="..value)
- end
- end
-
- local unhandled_fields = {}
-
- -- Flows can be sent with numeric ("PROTOCOL":6) or symbolic keys ("4":6)
- -- so we need to convert all of them, this to make sure they are uniform
-
- for _key,value in pairs(flow) do
- val = template[_key]
- if(val ~= nil) then
- key = val -- This was a symbolic key we convert to numeric
- flow[key] = value
- else
- key = _key
- end
-
- if not handled_fields[key] then
- if rtemplate[key] ~= nil then
- unhandled_fields[rtemplate[key]] = value
- else
- unhandled_fields['"'..key..'"'] = value
- end
- end
- end
-
- local unhandled_fields_json = json.encode(unhandled_fields, {})
-
- if(flow[template.TOTAL_FLOWS_EXP]) then
- --io.write("Flow [rcvd: "..flow[template.TOTAL_FLOWS_EXP].."][last: "..last_total_flows_exp.."]\n")
-
- if((last_total_flows_exp > 0) and (last_total_flows_exp < flow[template.TOTAL_FLOWS_EXP])) then
- -- The probe has NOT been reset so let's start over
-
- if(flow[template.TOTAL_FLOWS_EXP] > (last_total_flows_exp+1)) then
- diff = flow[template.TOTAL_FLOWS_EXP]- (last_total_flows_exp+1)
- --io.write("Flow drop [rcvd: "..flow[template.TOTAL_FLOWS_EXP].."][last: "..last_total_flows_exp.."][total: "..total_flow_drops.."]\n")
- total_flow_drops = total_flow_drops + diff
- interface.incrDrops(diff)
- end
- end
-
- last_total_flows_exp = flow[template.TOTAL_FLOWS_EXP]
- end
-
- interface.processFlow(
- flow[template.IN_SRC_MAC] or "00:00:00:00:00:00",
- flow[template.OUT_DST_MAC] or "00:00:00:00:00:00",
- flow[template.IPV4_SRC_ADDR] or flow[template.IPV6_SRC_ADDR] or "0.0.0.0",
- flow[template.IPV4_DST_ADDR] or flow[template.IPV6_DST_ADDR] or "0.0.0.0",
- flow[template.L4_SRC_PORT] or flow['L4_SRC_PORT'] or 0,
- flow[template.L4_DST_PORT] or 0,
- flow[template.SRC_VLAN] or flow[template.DST_VLAN] or 0,
- flow[template.L7_PROTO] or 0,
- flow[template.PROTOCOL] or 0,
- flow[template.TCP_FLAGS] or 0,
- flow[template.IN_PKTS] or 0,
- flow[template.IN_BYTES] or 0,
- flow[template.OUT_PKTS] or 0,
- flow[template.OUT_BYTES] or 0,
- flow[template.FIRST_SWITCHED] or 0,
- flow[template.LAST_SWITCHED] or 0,
- unhandled_fields_json or "{}"
- )
-
- if debug_collector == 1 then
- print("Unhandled fields: " .. unhandled_fields_json)
- end
- end
-end
-
-ntop.zmq_disconnect()
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/flow_details.lua
^
|
| @@ -79,7 +79,7 @@
print("<tr><th width=30%>Client to Server Traffic</th><td colspan=2><span id=cli2srv>" .. formatPackets(flow["cli2srv.packets"]) .. " / ".. bytesToSize(flow["cli2srv.bytes"]) .. "</span> <span id=sent_trend></span></td></tr>\n")
print("<tr><th width=30%>Server to Client Traffic</th><td colspan=2><span id=srv2cli>" .. formatPackets(flow["srv2cli.packets"]) .. " / ".. bytesToSize(flow["srv2cli.bytes"]) .. "</span> <span id=rcvd_trend></span></td></tr>\n")
print("<tr><th width=30%>Actual Throughput</th><td width=20%>")
-
+
print("<span id=throughput>" .. bitsToSize(8*flow["throughput"]) .. "</span> <span id=throughput_trend></span>")
print("</td><td><span id=thpt_load_chart>0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0</span>")
@@ -99,8 +99,13 @@
end
local info, pos, err = json.decode(flow["moreinfo.json"], 1, nil)
+ num = 0
for key,value in pairs(info) do
+ if(num == 0) then
+ print("<tr><th colspan=3 bgcolor=lightgray>Additional Flow Elements</th></tr>\n")
+ end
print("<tr><th width=30%>" .. getFlowKey(key) .. "</th><td colspan=2>" .. handleCustomFlowField(key, value) .. "</td></tr>\n")
+ num = num + 1
end
print("</table>\n")
@@ -116,13 +121,14 @@
var thptChart = $("#thpt_load_chart").peity("line", { width: 64 });
-
]]
-print("var cli2srv_packets = " .. flow["cli2srv.packets"] .. ";")
-print("var srv2cli_packets = " .. flow["srv2cli.packets"] .. ";")
-print("var throughput = " .. flow["throughput"] .. ";")
-print("var bytes = " .. flow["bytes"] .. ";")
+if(flow ~= nil) then
+ print("var cli2srv_packets = " .. flow["cli2srv.packets"] .. ";")
+ print("var srv2cli_packets = " .. flow["srv2cli.packets"] .. ";")
+ print("var throughput = " .. flow["throughput"] .. ";")
+ print("var bytes = " .. flow["bytes"] .. ";")
+end
print [[
setInterval(function() {
@@ -146,7 +152,7 @@
} else {
$('#sent_trend').html("<i class=icon-arrow-up></i>");
}
-
+
if(srv2cli_packets == rsp["srv2cli.packets"]) {
$('#rcvd_trend').html("<i class=icon-minus></i>");
} else {
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/hello_world.lua
^
|
| @@ -18,10 +18,8 @@
print(key.."="..value.."<p>\n")
end
-stats = interface.getStats()
-
-print(stats["packets"])
-print(stats["bytes"])
+rsp = ntop.httpGet("www.google.com", "/")
+print(rsp)
print('</body></html>\n')
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/host_l4_stats.lua
^
|
| @@ -13,58 +13,61 @@
host = interface.getHostInfo(_GET["host"])
-tot = 0
-_ifstats = {}
-
-tot = 0
-for id, _ in ipairs(l4_keys) do
- label = l4_keys[id][1]
- key = l4_keys[id][2]
- traffic = host[key..".bytes.sent"] + host[key..".bytes.rcvd"]
- _ifstats[traffic] = label
- tot = tot + traffic
-end
-
--- Print up to this number of entries
-max_num_entries = 5
-
--- Print entries whose value >= 5% of the total
-threshold = (tot * 3) / 100
-
-
-print "[\n"
-num = 0
-accumulate = 0
-for key, value in pairsByKeys(_ifstats, rev) do
- if(key < threshold) then
- break
+if(host == nil) then
+ print("\t[ ]\n")
+else
+ tot = 0
+ _ifstats = {}
+
+ tot = 0
+ for id, _ in ipairs(l4_keys) do
+ label = l4_keys[id][1]
+ key = l4_keys[id][2]
+ traffic = host[key..".bytes.sent"] + host[key..".bytes.rcvd"]
+ _ifstats[traffic] = label
+ tot = tot + traffic
end
- if(num > 0) then
- print ",\n"
+ -- Print up to this number of entries
+ max_num_entries = 5
+
+ -- Print entries whose value >= 5% of the total
+ threshold = (tot * 3) / 100
+
+
+ print "[\n"
+ num = 0
+ accumulate = 0
+ for key, value in pairsByKeys(_ifstats, rev) do
+ if(key < threshold) then
+ break
+ end
+
+ if(num > 0) then
+ print ",\n"
+ end
+
+ print("\t { \"label\": \"" .. value .."\", \"value\": ".. key .." }")
+ accumulate = accumulate + key
+ num = num + 1
+
+ if(num == max_num_entries) then
+ break
+ end
end
- print("\t { \"label\": \"" .. value .."\", \"value\": ".. key .." }")
- accumulate = accumulate + key
- num = num + 1
-
- if(num == max_num_entries) then
- break
-end
-end
-
-if(tot == 0) then
- tot = 1
-end
-
--- In case there is some leftover do print it as "Other"
-if(accumulate < tot) then
- if(num > 0) then
- print (",\n")
+ if(tot == 0) then
+ tot = 1
end
- print("\t { \"label\": \"Other\", \"value\": ".. (tot-accumulate) .." }")
-end
+ -- In case there is some leftover do print it as "Other"
+ if(accumulate < tot) then
+ if(num > 0) then
+ print (",\n")
+ end
-print "\n]"
+ print("\t { \"label\": \"Other\", \"value\": ".. (tot-accumulate) .." }")
+ end
+ print "\n]"
+end
\ No newline at end of file
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/iface_flows_sankey.lua
^
|
| @@ -17,13 +17,17 @@
max_num_links = 32
max_num_hosts = 8
+local debug = false
+
-- 1. compute total traffic
total_traffic = 0
for key, values in pairs(peers) do
total_traffic = total_traffic + values["sent.last"] + values["rcvd.last"]
- -- print("->"..key.."(".. total_traffic..")" .. "\n")
+ if(debug) then io.write("->"..key.."\t[".. (values["sent.last"] + values["rcvd.last"]) .."][".. values["duration"].."]" .. "\n") end
end
+if(debug) then io.write("\n") end
+
-- 2. compute flow threshold under which we do not print any relation
if(tracked_host == nil) then
threshold = (total_traffic * 3) / 100
@@ -31,6 +35,8 @@
threshold = 1
end
+if(debug) then io.write("\nThreshold: "..threshold.."\n") end
+
hosts = {}
num = 0
print '{"nodes":[\n'
@@ -41,8 +47,12 @@
for key, values in pairs(peers) do
--print("[" .. key .. "][" .. values["client"] .. "][" .. values["server"] .. "]\n")
last = values["sent.last"] + values["rcvd.last"]
+ if((last == 0) and (values.duration < 3)) then
+ last = values["sent"] + values["rcvd"]
+ end
+ if(last > threshold) then
+ if(debug) then io.write("==>"..key.."\t[".. (values["sent.last"] + values["rcvd.last"]) .."][".. values["duration"].."][" .. last.. "]\n") end
- if((last == 0) or (last > threshold)) then
if((tracked_host == nil) or findString(key, tracked_host) or findString(values["client"], tracked_host) or findString(values["server"], tracked_host)) then
-- print("[" .. key .. "][" .. tracked_host .. "]\n")
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/index.lua
^
|
| @@ -14,6 +14,8 @@
ntop.dumpFile(dirs.installdir .. "/httpdocs/inc/header.inc")
+-- NOTE: in the home page, footer.lua checks the ntopng version
+-- so in case we change it, footer.lua must also be updated
active_page = "home"
dofile(dirs.installdir .. "/scripts/lua/inc/menu.lua")
@@ -61,4 +63,19 @@
end
- dofile(dirs.installdir .. "/scripts/lua/inc/footer.lua")
\ No newline at end of file
+info = ntop.getInfo()
+
+if(page == "TopFlowTalkers") then
+ rsp = ntop.httpGet("www.ntop.org", "/ntopng.version")
+
+ version_elems = split(info["version"], " ");
+
+ stable_version = version2int(rsp)
+ this_version = version2int(version_elems[1])
+
+ if(stable_version > this_version) then
+ print("<p><div class=\"alert alert-ok\"><i class=\"icon-cloud-download\"></i> A new ntopng version (v." .. rsp .. ") is available for <A HREF=http://www.ntop.org>download</A>: please upgrade.</div></p>")
+ end
+end
+
+dofile(dirs.installdir .. "/scripts/lua/inc/footer.lua")
\ No newline at end of file
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/modules/flow_utils.lua
^
|
| @@ -2,6 +2,11 @@
-- (C) 2013 - ntop.org
--
+dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+
+require "template"
+
function handleCustomFlowField(key, value)
if(key == 'TCP_FLAGS') then
return(formatTcpFlags(value))
@@ -25,7 +30,6 @@
if(bit.band(flags, 1) == 1) then rsp = rsp .. " FIN " end
if(bit.band(flags, 4) == 4) then rsp = rsp .. " RST " end
if(bit.band(flags, 8) == 8 ) then rsp = rsp .. " PUSH " end
-
return(rsp .. "</A>")
end
@@ -40,209 +44,213 @@
end
end
-
-- #######################
-flow_fields_description = {
- IN_BYTES = "Incoming flow bytes (src->dst)",
- IN_PKTS = "Incoming flow packets (src->dst)",
- FLOWS = "Number of flows",
- PROTOCOL = "IP protocol byte",
- PROTOCOL_MAP = "IP protocol name",
- SRC_TOS = "Type of service (TOS)",
- TCP_FLAGS = "Cumulative of all flow TCP flags",
- L4_SRC_PORT = "IPv4 source port",
- L4_SRC_PORT_MAP = "Layer 4 source port symbolic name",
- IPV4_SRC_ADDR = "IPv4 source address",
- IPV4_SRC_MASK = "IPv4 source subnet mask (/<bits>)",
- INPUT_SNMP = "Input interface SNMP idx",
- L4_DST_PORT = "IPv4 destination port",
- L4_DST_PORT_MAP = "Layer 4 destination port symbolic name",
- L4_SRV_PORT = "Layer 4 server port",
- L4_SRV_PORT_MAP = "Layer 4 server port symbolic name",
- IPV4_DST_ADDR = "IPv4 destination address",
- IPV4_DST_MASK = "IPv4 dest subnet mask (/<bits>)",
- OUTPUT_SNMP = "Output interface SNMP idx",
- IPV4_NEXT_HOP = "IPv4 Next Hop",
- SRC_AS = "Source BGP AS",
- DST_AS = "Destination BGP AS",
- LAST_SWITCHED = "SysUptime (msec) of the last flow pkt",
- FIRST_SWITCHED = "SysUptime (msec) of the first flow pkt",
- OUT_BYTES = "Outgoing flow bytes (dst->src)",
- OUT_PKTS = "Outgoing flow packets (dst->src)",
- IPV6_SRC_ADDR = "IPv6 source address",
- IPV6_DST_ADDR = "IPv6 destination address",
- IPV6_SRC_MASK = "IPv6 source mask",
- IPV6_DST_MASK = "IPv6 destination mask",
- ICMP_TYPE = "ICMP Type * 256 + ICMP code",
- SAMPLING_INTERVAL = "Sampling rate",
- SAMPLING_ALGORITHM = "Sampling type (deterministic/random)",
- FLOW_ACTIVE_TIMEOUT = "Activity timeout of flow cache entries",
- FLOW_INACTIVE_TIMEOUT = "Inactivity timeout of flow cache entries",
- ENGINE_TYPE = "Flow switching engine",
- ENGINE_ID = "Id of the flow switching engine",
- TOTAL_BYTES_EXP = "Total bytes exported",
- TOTAL_PKTS_EXP = "Total flow packets exported",
- TOTAL_FLOWS_EXP = "Total number of exported flows",
- MIN_TTL = "Min flow TTL",
- MAX_TTL = "Max flow TTL",
- IN_SRC_MAC = "Source MAC Address",
- SRC_VLAN = "Source VLAN",
- DST_VLAN = "Destination VLAN",
- IP_PROTOCOL_VERSION = "[4=IPv4][6=IPv6]",
- DIRECTION = "It indicates where a sample has been taken (always 0)",
- IPV6_NEXT_HOP = "IPv6 next hop address",
- MPLS_LABEL_1 = "MPLS label at position 1",
- MPLS_LABEL_2 = "MPLS label at position 2",
- MPLS_LABEL_3 = "MPLS label at position 3",
- MPLS_LABEL_4 = "MPLS label at position 4",
- MPLS_LABEL_5 = "MPLS label at position 5",
- MPLS_LABEL_6 = "MPLS label at position 6",
- MPLS_LABEL_7 = "MPLS label at position 7",
- MPLS_LABEL_8 = "MPLS label at position 8",
- MPLS_LABEL_9 = "MPLS label at position 9",
- MPLS_LABEL_10 = "MPLS label at position 10",
- OUT_DST_MAC = "Destination MAC Address",
- APPLICATION_ID = "Cisco NBAR Application Id",
- PACKET_SECTION_OFFSET = "Packet section offset",
- SAMPLED_PACKET_SIZE = "Sampled packet size",
- SAMPLED_PACKET_ID = "Sampled packet id",
- EXPORTER_IPV4_ADDRESS = "Exporter IPv4 Address",
- EXPORTER_IPV6_ADDRESS = "Exporter IPv6 Address",
- FLOW_ID = "Serial Flow Identifier",
- FLOW_START_SEC = "Seconds (epoch) of the first flow packet",
- FLOW_END_SEC = "Seconds (epoch) of the last flow packet",
- FLOW_START_MILLISECONDS = "Msec (epoch) of the first flow packet",
- FLOW_END_MILLISECONDS = "Msec (epoch) of the last flow packet",
- BIFLOW_DIRECTION = "1=initiator, 2=reverseInitiator",
- OBSERVATION_POINT_TYPE = "Observation point type",
- OBSERVATION_POINT_ID = "Observation point id",
- SELECTOR_ID = "Selector id",
- IPFIX_SAMPLING_ALGORITHM = "Sampling algorithm",
- SAMPLING_SIZE = "Number of packets to sample",
- SAMPLING_POPULATION = "Sampling population",
- FRAME_LENGTH = "Original L2 frame length",
- PACKETS_OBSERVED = "Tot number of packets seen",
- PACKETS_SELECTED = "Number of pkts selected for sampling",
- SELECTOR_NAME = "Sampler name",
- FRAGMENTS = "Number of fragmented flow packets",
- CLIENT_NW_DELAY_SEC = "Network latency client <-> nprobe (sec) [deprecated]",
- CLIENT_NW_DELAY_USEC = "Network latency client <-> nprobe (residual usec) [deprecated]",
- CLIENT_NW_DELAY_MS = "Network latency client <-> nprobe (msec)",
- SERVER_NW_DELAY_SEC = "Network latency nprobe <-> server (sec) [deprecated]",
- SERVER_NW_DELAY_USEC = "Network latency nprobe <-> server (residual usec) [deprecated]",
- SERVER_NW_DELAY_MS = "Network latency nprobe <-> server (residual msec)",
- APPL_LATENCY_SEC = "Application latency (sec) [deprecated]",
- APPL_LATENCY_USEC = "Application latency (residual usec) [deprecated]",
- APPL_LATENCY_MS = "Application latency (msec)",
- NUM_PKTS_UP_TO_128_BYTES = "# packets whose size <= 128",
- NUM_PKTS_128_TO_256_BYTES = "# packets whose size > 128 and <= 256",
- NUM_PKTS_256_TO_512_BYTES = "# packets whose size > 256 and < 512",
- NUM_PKTS_512_TO_1024_BYTES = "# packets whose size > 512 and < 1024",
- NUM_PKTS_1024_TO_1514_BYTES = "# packets whose size > 1024 and <= 1514",
- NUM_PKTS_OVER_1514_BYTES = "# packets whose size > 1514",
- CUMULATIVE_ICMP_TYPE = "Cumulative OR of ICMP type packets",
- SRC_IP_COUNTRY = "Country where the src IP is located",
- SRC_IP_CITY = "City where the src IP is located",
- DST_IP_COUNTRY = "Country where the dst IP is located",
- DST_IP_CITY = "City where the dst IP is located",
- FLOW_PROTO_PORT = "L7 port that identifies the flow protocol or 0 if unknown",
- UPSTREAM_TUNNEL_ID = "Upstream tunnel identifier (e.g. GTP TEID) or 0 if unknown",
- LONGEST_FLOW_PKT = "Longest packet (bytes) of the flow",
- SHORTEST_FLOW_PKT = "Shortest packet (bytes) of the flow",
- RETRANSMITTED_IN_PKTS = "Number of retransmitted TCP flow packets (src->dst)",
- RETRANSMITTED_OUT_PKTS = "Number of retransmitted TCP flow packets (dst->src)",
- OOORDER_IN_PKTS = "Number of out of order TCP flow packets (dst->src)",
- OOORDER_OUT_PKTS = "Number of out of order TCP flow packets (dst->src)",
- UNTUNNELED_PROTOCOL = "Untunneled IP protocol byte",
- UNTUNNELED_IPV4_SRC_ADDR = "Untunneled IPv4 source address",
- UNTUNNELED_L4_SRC_PORT = "Untunneled IPv4 source port",
- UNTUNNELED_IPV4_DST_ADDR = "Untunneled IPv4 destination address",
- UNTUNNELED_L4_DST_PORT = "Untunneled IPv4 destination port",
- L7_PROTO = "Layer 7 protocol (numeric)",
- L7_PROTO_NAME = "Layer 7 protocol name",
- DOWNSTREAM_TUNNEL_ID = "Downstream tunnel identifier (e.g. GTP TEID) or 0 if unknown",
- FLOW_USER_NAME = "Flow username of the tunnel (if known)",
- FLOW_SERVER_NAME = "Flow server name (if known)",
- PLUGIN_NAME = "Plugin name used by this flow (if any)",
- NUM_PKTS_TTL_EQ_1 = "# packets with TTL = 1",
- NUM_PKTS_TTL_2_5 = "# packets with TTL > 1 and TTL <= 5",
- NUM_PKTS_TTL_5_32 = "# packets with TTL > 5 and TTL <= 32",
- NUM_PKTS_TTL_32_64 = "# packets with TTL > 32 and <= 64 ",
- NUM_PKTS_TTL_64_96 = "# packets with TTL > 64 and <= 96",
- NUM_PKTS_TTL_96_128 = "# packets with TTL > 96 and <= 128",
- NUM_PKTS_TTL_128_160 = "# packets with TTL > 128 and <= 160",
- NUM_PKTS_TTL_160_192 = "# packets with TTL > 160 and <= 192",
- NUM_PKTS_TTL_192_224 = "# packets with TTL > 192 and <= 224",
- NUM_PKTS_TTL_224_255 = "# packets with TTL > 224 and <= 255",
- IN_SRC_OSI_SAP = "OSI Source SAP (OSI Traffic Only)",
- OUT_DST_OSI_SAP = "OSI Destination SAP (OSI Traffic Only)",
- MYSQL_SERVER_VERSION = "MySQL server version",
- MYSQL_USERNAME = "MySQL username",
- MYSQL_DB = "MySQL database in use",
- MYSQL_QUERY = "MySQL Query",
- MYSQL_RESPONSE = "MySQL server response",
- MYSQL_APPL_LATENCY_USEC = "MySQL request->response latecy (usec)",
- SRC_AS_PATH_1 = "Src AS path position 1",
- SRC_AS_PATH_2 = "Src AS path position 2",
- SRC_AS_PATH_3 = "Src AS path position 3",
- SRC_AS_PATH_4 = "Src AS path position 4",
- SRC_AS_PATH_5 = "Src AS path position 5",
- SRC_AS_PATH_6 = "Src AS path position 6",
- SRC_AS_PATH_7 = "Src AS path position 7",
- SRC_AS_PATH_8 = "Src AS path position 8",
- SRC_AS_PATH_9 = "Src AS path position 9",
- SRC_AS_PATH_10 = "Src AS path position 10",
- DST_AS_PATH_1 = "Dest AS path position 1",
- DST_AS_PATH_2 = "Dest AS path position 2",
- DST_AS_PATH_3 = "Dest AS path position 3",
- DST_AS_PATH_4 = "Dest AS path position 4",
- DST_AS_PATH_5 = "Dest AS path position 5",
- DST_AS_PATH_6 = "Dest AS path position 6",
- DST_AS_PATH_7 = "Dest AS path position 7",
- DST_AS_PATH_8 = "Dest AS path position 8",
- DST_AS_PATH_9 = "Dest AS path position 9",
- DST_AS_PATH_10 = "Dest AS path position 10",
- GTPV1_REQ_MSG_TYPE = "GTPv1 Request Msg Type",
- GTPV1_RSP_MSG_TYPE = "GTPv1 Response Msg Type",
- GTPV1_C2S_TEID_DATA = "GTPv1 Client->Server TunnelId Data",
- GTPV1_C2S_TEID_CTRL = "GTPv1 Client->Server TunnelId Control",
- GTPV1_S2C_TEID_DATA = "GTPv1 Server->Client TunnelId Data",
- GTPV1_S2C_TEID_CTRL = "GTPv1 Server->Client TunnelId Control",
- GTPV1_END_USER_IP = "GTPv1 End User IP Address",
- GTPV1_END_USER_IMSI = "GTPv1 End User IMSI",
- GTPV1_END_USER_MSISDN = "GTPv1 End User MSISDN",
- GTPV1_END_USER_IMEI = "GTPv1 End User IMEI",
- GTPV1_APN_NAME = "GTPv1 APN Name",
- GTPV1_RAI_MCC = "GTPv1 RAI Mobile Country Code",
- GTPV1_RAI_MNC = "GTPv1 RAI Mobile Network Code",
- GTPV1_RAI_LAC = "GTPv1 RAI Location Area Code",
- GTPV1_RAI_RAC = "GTPv1 RAI Routing Area Code",
- GTPV1_ULI_MCC = "GTPv1 ULI Mobile Country Code",
- GTPV1_ULI_MNC = "GTPv1 ULI Mobile Network Code",
- GTPV1_ULI_CELL_LAC = "GTPv1 ULI Cell Location Area Code",
- GTPV1_ULI_CELL_CI = "GTPv1 ULI Cell CI",
- GTPV1_ULI_SAC = "GTPv1 ULI SAC",
- GTPV1_RESPONSE_CAUSE = "GTPv1 Cause of Operation",
- HTTP_URL = "HTTP URL",
- HTTP_RET_CODE = "HTTP return code (e.g. 200, 304...)",
- HTTP_REFERER = "HTTP Referer",
- HTTP_UA = "HTTP User Agent",
- HTTP_MIME = "HTTP Mime Type",
- HTTP_HOST = "HTTP Host Name",
- HTTP_FBOOK_CHAT = "HTTP Facebook Chat"
+local flow_fields_description = {
+ ["IN_BYTES"] = "Incoming flow bytes (src->dst)",
+ ["IN_PKTS"] = "Incoming flow packets (src->dst)",
+ ["FLOWS"] = "Number of flows",
+ ["PROTOCOL"] = "IP protocol byte",
+ ["PROTOCOL_MAP"] = "IP protocol name",
+ ["SRC_TOS"] = "Type of service (TOS)",
+ ["TCP_FLAGS"] = "Cumulative of all flow TCP flags",
+ ["L4_SRC_PORT"] = "IPv4 source port",
+ ["L4_SRC_PORT_MAP"] = "Layer 4 source port symbolic name",
+ ["IPV4_SRC_ADDR"] = "IPv4 source address",
+ ["IPV4_SRC_MASK"] = "IPv4 source subnet mask (/<bits>)",
+ ["INPUT_SNMP"] = "Input interface SNMP idx",
+ ["L4_DST_PORT"] = "IPv4 destination port",
+ ["L4_DST_PORT_MAP"] = "Layer 4 destination port symbolic name",
+ ["L4_SRV_PORT"] = "Layer 4 server port",
+ ["L4_SRV_PORT_MAP"] = "Layer 4 server port symbolic name",
+ ["IPV4_DST_ADDR"] = "IPv4 destination address",
+ ["IPV4_DST_MASK"] = "IPv4 dest subnet mask (/<bits>)",
+ ["OUTPUT_SNMP"] = "Output interface SNMP idx",
+ ["IPV4_NEXT_HOP"] = "IPv4 Next Hop",
+ ["SRC_AS"] = "Source BGP AS",
+ ["DST_AS"] = "Destination BGP AS",
+ ["LAST_SWITCHED"] = "SysUptime (msec) of the last flow pkt",
+ ["FIRST_SWITCHED"] = "SysUptime (msec) of the first flow pkt",
+ ["OUT_BYTES"] = "Outgoing flow bytes (dst->src)",
+ ["OUT_PKTS"] = "Outgoing flow packets (dst->src)",
+ ["IPV6_SRC_ADDR"] = "IPv6 source address",
+ ["IPV6_DST_ADDR"] = "IPv6 destination address",
+ ["IPV6_SRC_MASK"] = "IPv6 source mask",
+ ["IPV6_DST_MASK"] = "IPv6 destination mask",
+ ["ICMP_TYPE"] = "ICMP Type * 256 + ICMP code",
+ ["SAMPLING_INTERVAL"] = "Sampling rate",
+ ["SAMPLING_ALGORITHM"] = "Sampling type (deterministic/random)",
+ ["FLOW_ACTIVE_TIMEOUT"] = "Activity timeout of flow cache entries",
+ ["FLOW_INACTIVE_TIMEOUT"] = "Inactivity timeout of flow cache entries",
+ ["ENGINE_TYPE"] = "Flow switching engine",
+ ["ENGINE_ID"] = "Id of the flow switching engine",
+ ["TOTAL_BYTES_EXP"] = "Total bytes exported",
+ ["TOTAL_PKTS_EXP"] = "Total flow packets exported",
+ ["TOTAL_FLOWS_EXP"] = "Total number of exported flows",
+ ["MIN_TTL"] = "Min flow TTL",
+ ["MAX_TTL"] = "Max flow TTL",
+ ["IN_SRC_MAC"] = "Source MAC Address",
+ ["SRC_VLAN"] = "Source VLAN",
+ ["DST_VLAN"] = "Destination VLAN",
+ ["IP_PROTOCOL_VERSION"] = "4=IPv4]6=IPv6]",
+ ["DIRECTION"] = "It indicates where a sample has been taken (always 0)",
+ ["IPV6_NEXT_HOP"] = "IPv6 next hop address",
+ ["MPLS_LABEL_1"] = "MPLS label at position 1",
+ ["MPLS_LABEL_2"] = "MPLS label at position 2",
+ ["MPLS_LABEL_3"] = "MPLS label at position 3",
+ ["MPLS_LABEL_4"] = "MPLS label at position 4",
+ ["MPLS_LABEL_5"] = "MPLS label at position 5",
+ ["MPLS_LABEL_6"] = "MPLS label at position 6",
+ ["MPLS_LABEL_7"] = "MPLS label at position 7",
+ ["MPLS_LABEL_8"] = "MPLS label at position 8",
+ ["MPLS_LABEL_9"] = "MPLS label at position 9",
+ ["MPLS_LABEL_10"] = "MPLS label at position 10",
+ ["OUT_DST_MAC"] = "Destination MAC Address",
+ ["APPLICATION_ID"] = "Cisco NBAR Application Id",
+ ["PACKET_SECTION_OFFSET"] = "Packet section offset",
+ ["SAMPLED_PACKET_SIZE"] = "Sampled packet size",
+ ["SAMPLED_PACKET_ID"] = "Sampled packet id",
+ ["EXPORTER_IPV4_ADDRESS"] = "Exporter IPv4 Address",
+ ["EXPORTER_IPV6_ADDRESS"] = "Exporter IPv6 Address",
+ ["FLOW_ID"] = "Serial Flow Identifier",
+ ["FLOW_START_SEC"] = "Seconds (epoch) of the first flow packet",
+ ["FLOW_END_SEC"] = "Seconds (epoch) of the last flow packet",
+ ["FLOW_START_MILLISECONDS"] = "Msec (epoch) of the first flow packet",
+ ["FLOW_END_MILLISECONDS"] = "Msec (epoch) of the last flow packet",
+ ["BIFLOW_DIRECTION"] = "1=initiator, 2=reverseInitiator",
+ ["OBSERVATION_POINT_TYPE"] = "Observation point type",
+ ["OBSERVATION_POINT_ID"] = "Observation point id",
+ ["SELECTOR_ID"] = "Selector id",
+ ["IPFIX_SAMPLING_ALGORITHM"] = "Sampling algorithm",
+ ["SAMPLING_SIZE"] = "Number of packets to sample",
+ ["SAMPLING_POPULATION"] = "Sampling population",
+ ["FRAME_LENGTH"] = "Original L2 frame length",
+ ["PACKETS_OBSERVED"] = "Tot number of packets seen",
+ ["PACKETS_SELECTED"] = "Number of pkts selected for sampling",
+ ["SELECTOR_NAME"] = "Sampler name",
+ ["FRAGMENTS"] = "Number of fragmented flow packets",
+ ["CLIENT_NW_DELAY_SEC"] = "Network latency client <-> nprobe (sec) deprecated]",
+ ["CLIENT_NW_DELAY_USEC"] = "Network latency client <-> nprobe (residual usec) deprecated]",
+ ["CLIENT_NW_DELAY_MS"] = "Network latency client <-> nprobe (msec)",
+ ["SERVER_NW_DELAY_SEC"] = "Network latency nprobe <-> server (sec) deprecated]",
+ ["SERVER_NW_DELAY_USEC"] = "Network latency nprobe <-> server (residual usec) deprecated]",
+ ["SERVER_NW_DELAY_MS"] = "Network latency nprobe <-> server (residual msec)",
+ ["APPL_LATENCY_SEC"] = "Application latency (sec) deprecated]",
+ ["APPL_LATENCY_USEC"] = "Application latency (residual usec) deprecated]",
+ ["APPL_LATENCY_MS"] = "Application latency (msec)",
+ ["NUM_PKTS_UP_TO_128_BYTES"] = "# packets whose size <= 128",
+ ["NUM_PKTS_128_TO_256_BYTES"] = "# packets whose size > 128 and <= 256",
+ ["NUM_PKTS_256_TO_512_BYTES"] = "# packets whose size > 256 and < 512",
+ ["NUM_PKTS_512_TO_1024_BYTES"] = "# packets whose size > 512 and < 1024",
+ ["NUM_PKTS_1024_TO_1514_BYTES"] = "# packets whose size > 1024 and <= 1514",
+ ["NUM_PKTS_OVER_1514_BYTES"] = "# packets whose size > 1514",
+ ["CUMULATIVE_ICMP_TYPE"] = "Cumulative OR of ICMP type packets",
+ ["SRC_IP_COUNTRY"] = "Country where the src IP is located",
+ ["SRC_IP_CITY"] = "City where the src IP is located",
+ ["DST_IP_COUNTRY"] = "Country where the dst IP is located",
+ ["DST_IP_CITY"] = "City where the dst IP is located",
+ ["FLOW_PROTO_PORT"] = "L7 port that identifies the flow protocol or 0 if unknown",
+ ["UPSTREAM_TUNNEL_ID"] = "Upstream tunnel identifier (e.g. GTP TEID) or 0 if unknown",
+ ["LONGEST_FLOW_PKT"] = "Longest packet (bytes) of the flow",
+ ["SHORTEST_FLOW_PKT"] = "Shortest packet (bytes) of the flow",
+ ["RETRANSMITTED_IN_PKTS"] = "Number of retransmitted TCP flow packets (src->dst)",
+ ["RETRANSMITTED_OUT_PKTS"] = "Number of retransmitted TCP flow packets (dst->src)",
+ ["OOORDER_IN_PKTS"] = "Number of out of order TCP flow packets (dst->src)",
+ ["OOORDER_OUT_PKTS"] = "Number of out of order TCP flow packets (dst->src)",
+ ["UNTUNNELED_PROTOCOL"] = "Untunneled IP protocol byte",
+ ["UNTUNNELED_IPV4_SRC_ADDR"] = "Untunneled IPv4 source address",
+ ["UNTUNNELED_L4_SRC_PORT"] = "Untunneled IPv4 source port",
+ ["UNTUNNELED_IPV4_DST_ADDR"] = "Untunneled IPv4 destination address",
+ ["UNTUNNELED_L4_DST_PORT"] = "Untunneled IPv4 destination port",
+ ["L7_PROTO"] = "Layer 7 protocol (numeric)",
+ ["L7_PROTO_NAME"] = "Layer 7 protocol name",
+ ["DOWNSTREAM_TUNNEL_ID"] = "Downstream tunnel identifier (e.g. GTP TEID) or 0 if unknown",
+ ["FLOW_USER_NAME"] = "Flow username of the tunnel (if known)",
+ ["FLOW_SERVER_NAME"] = "Flow server name (if known)",
+ ["PLUGIN_NAME"] = "Plugin name used by this flow (if any)",
+ ["NUM_PKTS_TTL_EQ_1"] = "# packets with TTL = 1",
+ ["NUM_PKTS_TTL_2_5"] = "# packets with TTL > 1 and TTL <= 5",
+ ["NUM_PKTS_TTL_5_32"] = "# packets with TTL > 5 and TTL <= 32",
+ ["NUM_PKTS_TTL_32_64"] = "# packets with TTL > 32 and <= 64 ",
+ ["NUM_PKTS_TTL_64_96"] = "# packets with TTL > 64 and <= 96",
+ ["NUM_PKTS_TTL_96_128"] = "# packets with TTL > 96 and <= 128",
+ ["NUM_PKTS_TTL_128_160"] = "# packets with TTL > 128 and <= 160",
+ ["NUM_PKTS_TTL_160_192"] = "# packets with TTL > 160 and <= 192",
+ ["NUM_PKTS_TTL_192_224"] = "# packets with TTL > 192 and <= 224",
+ ["NUM_PKTS_TTL_224_255"] = "# packets with TTL > 224 and <= 255",
+ ["IN_SRC_OSI_SAP"] = "OSI Source SAP (OSI Traffic Only)",
+ ["OUT_DST_OSI_SAP"] = "OSI Destination SAP (OSI Traffic Only)",
+ ["MYSQL_SERVER_VERSION"] = "MySQL server version",
+ ["MYSQL_USERNAME"] = "MySQL username",
+ ["MYSQL_DB"] = "MySQL database in use",
+ ["MYSQL_QUERY"] = "MySQL Query",
+ ["MYSQL_RESPONSE"] = "MySQL server response",
+ ["MYSQL_APPL_LATENCY_USEC"] = "MySQL request->response latecy (usec)",
+ ["SRC_AS_PATH_1"] = "Src AS path position 1",
+ ["SRC_AS_PATH_2"] = "Src AS path position 2",
+ ["SRC_AS_PATH_3"] = "Src AS path position 3",
+ ["SRC_AS_PATH_4"] = "Src AS path position 4",
+ ["SRC_AS_PATH_5"] = "Src AS path position 5",
+ ["SRC_AS_PATH_6"] = "Src AS path position 6",
+ ["SRC_AS_PATH_7"] = "Src AS path position 7",
+ ["SRC_AS_PATH_8"] = "Src AS path position 8",
+ ["SRC_AS_PATH_9"] = "Src AS path position 9",
+ ["SRC_AS_PATH_10"] = "Src AS path position 10",
+ ["DST_AS_PATH_1"] = "Dest AS path position 1",
+ ["DST_AS_PATH_2"] = "Dest AS path position 2",
+ ["DST_AS_PATH_3"] = "Dest AS path position 3",
+ ["DST_AS_PATH_4"] = "Dest AS path position 4",
+ ["DST_AS_PATH_5"] = "Dest AS path position 5",
+ ["DST_AS_PATH_6"] = "Dest AS path position 6",
+ ["DST_AS_PATH_7"] = "Dest AS path position 7",
+ ["DST_AS_PATH_8"] = "Dest AS path position 8",
+ ["DST_AS_PATH_9"] = "Dest AS path position 9",
+ ["DST_AS_PATH_10"] = "Dest AS path position 10",
+ ["GTPV1_REQ_MSG_TYPE"] = "GTPv1 Request Msg Type",
+ ["GTPV1_RSP_MSG_TYPE"] = "GTPv1 Response Msg Type",
+ ["GTPV1_C2S_TEID_DATA"] = "GTPv1 Client->Server TunnelId Data",
+ ["GTPV1_C2S_TEID_CTRL"] = "GTPv1 Client->Server TunnelId Control",
+ ["GTPV1_S2C_TEID_DATA"] = "GTPv1 Server->Client TunnelId Data",
+ ["GTPV1_S2C_TEID_CTRL"] = "GTPv1 Server->Client TunnelId Control",
+ ["GTPV1_END_USER_IP"] = "GTPv1 End User IP Address",
+ ["GTPV1_END_USER_IMSI"] = "GTPv1 End User IMSI",
+ ["GTPV1_END_USER_MSISDN"] = "GTPv1 End User MSISDN",
+ ["GTPV1_END_USER_IMEI"] = "GTPv1 End User IMEI",
+ ["GTPV1_APN_NAME"] = "GTPv1 APN Name",
+ ["GTPV1_RAI_MCC"] = "GTPv1 RAI Mobile Country Code",
+ ["GTPV1_RAI_MNC"] = "GTPv1 RAI Mobile Network Code",
+ ["GTPV1_RAI_LAC"] = "GTPv1 RAI Location Area Code",
+ ["GTPV1_RAI_RAC"] = "GTPv1 RAI Routing Area Code",
+ ["GTPV1_ULI_MCC"] = "GTPv1 ULI Mobile Country Code",
+ ["GTPV1_ULI_MNC"] = "GTPv1 ULI Mobile Network Code",
+ ["GTPV1_ULI_CELL_LAC"] = "GTPv1 ULI Cell Location Area Code",
+ ["GTPV1_ULI_CELL_CI"] = "GTPv1 ULI Cell CI",
+ ["GTPV1_ULI_SAC"] = "GTPv1 ULI SAC",
+ ["GTPV1_RESPONSE_CAUSE"] = "GTPv1 Cause of Operation",
+ ["HTTP_URL"] = "HTTP URL",
+ ["HTTP_RET_CODE"] = "HTTP return code (e.g. 200, 304...)",
+ ["HTTP_REFERER"] = "HTTP Referer",
+ ["HTTP_UA"] = "HTTP User Agent",
+ ["HTTP_MIME"] = "HTTP Mime Type",
+ ["HTTP_HOST"] = "HTTP Host Name",
+ ["HTTP_FBOOK_CHAT"] = "HTTP Facebook Chat"
}
-- #######################
function getFlowKey(name)
- for key,value in pairs(flow_fields_description) do
- if(key == name) then
- return(value)
- end
- end
+ v = rtemplate[tonumber(name)]
+ if(v == nil) then return(name) end
+
+ s = flow_fields_description[v]
- return(name)
+ if(s ~= nil) then
+ s = string.gsub(s, "<", "<")
+ s = string.gsub(s, ">", ">")
+ return(s)
+ else
+ return(name)
+ end
end
-- #######################
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/modules/lua_utils.lua
^
|
| @@ -3,11 +3,11 @@
--
-- Note that ifname can be set by Lua.cpp so don't touch it if already defined
-if((ifname == nil) and (_GET ~= nil)) then
- ifname = _GET["ifname"]
- if(ifname == nil) then
- ifname = _SESSION["ifname"]
- end
+if((ifname == nil) and (_GET ~= nil)) then
+ ifname = _GET["ifname"]
+ if(ifname == nil) then
+ ifname = _SESSION["ifname"]
+ end
end
l4_keys = {
@@ -230,29 +230,29 @@
string.split = function(s, p)
local temp = {}
- local index = 0
+ local index = 0
local last_index = string.len(s)
- while true do
- local i, e = string.find(s, p, index)
+ while true do
+ local i, e = string.find(s, p, index)
- if i and e then
- local next_index = e + 1
- local word_bound = i - 1
- table.insert(temp, string.sub(s, index, word_bound))
- index = next_index
- else
- if index > 0 and index <= last_index then
- table.insert(temp, string.sub(s, index, last_index))
- elseif index == 0 then
- temp = nil
- end
- break
- end
- end
+ if i and e then
+ local next_index = e + 1
+ local word_bound = i - 1
+ table.insert(temp, string.sub(s, index, word_bound))
+ index = next_index
+ else
+ if index > 0 and index <= last_index then
+ table.insert(temp, string.sub(s, index, last_index))
+ elseif index == 0 then
+ temp = nil
+ end
+ break
+ end
+ end
- return temp
- end
+ return temp
+ end
function formatEpoch(epoch)
return(os.date("%d/%m/%Y %X", epoch))
@@ -592,7 +592,7 @@
-- Typical call: if hasbit(x, bit(3)) then ...
function hasbit(x, p)
- return x % (p + p) >= p
+ return x % (p + p) >= p
end
function setbit(x, p)
@@ -609,7 +609,7 @@
-- print(ip)
t = string.split(ip, "%.")
-- print(table.concat(t, "\n"))
- if(t == nil) then
+ if(t == nil) then
return(false) -- Might be an IPv6 address
else
if(tonumber(t[1]) >= 224) then return(true) end
@@ -622,36 +622,36 @@
function addGauge(name, url, maxValue, width, height)
if(url ~= nil) then print('<A HREF="'..url..'">') end
print('<canvas id="'..name..'" height="'..height..'" width="'..width..'"></canvas>\n')
--- print('<div id="'..name..'-text" style="font-size: 12px;"></div>\n')
+ -- print('<div id="'..name..'-text" style="font-size: 12px;"></div>\n')
if(url ~= nil) then print('</A>') end
-print [[
- <script type="text/javascript">
-
-var opts = {
-fontSize: 40,
- lines: 12, // The number of lines to draw
- angle: 0.15, // The length of each line
- lineWidth: 0.44, // The line thickness
- pointer: {
- length: 0.85, // The radius of the inner circle
- strokeWidth: 0.051, // The rotation offset
- color: '#000000' // Fill color
- },
- limitMax: 'false', // If true, the pointer will not go past the end of the gauge
-
- colorStart: '#6FADCF', // Colors
- colorStop: '#8FC0DA', // just experiment with them
- strokeColor: '#E0E0E0', // to see which ones work best for you
- generateGradient: true
-};
-]]
+ print [[
+ <script type="text/javascript">
-print('var target = document.getElementById("'..name..'"); // your canvas element\n')
-print('var '..name..' = new Gauge(target).setOptions(opts);\n')
---print(name..'.setTextField(document.getElementById("'..name..'-text"));\n')
-print(name..'.maxValue = '..maxValue..'; // set max gauge value\n')
-print("</script>\n")
+ var opts = {
+ fontSize: 40,
+ lines: 12, // The number of lines to draw
+ angle: 0.15, // The length of each line
+ lineWidth: 0.44, // The line thickness
+ pointer: {
+ length: 0.85, // The radius of the inner circle
+ strokeWidth: 0.051, // The rotation offset
+ color: '#000000' // Fill color
+ },
+ limitMax: 'false', // If true, the pointer will not go past the end of the gauge
+
+ colorStart: '#6FADCF', // Colors
+ colorStop: '#8FC0DA', // just experiment with them
+ strokeColor: '#E0E0E0', // to see which ones work best for you
+ generateGradient: true
+ };
+ ]]
+
+ print('var target = document.getElementById("'..name..'"); // your canvas element\n')
+ print('var '..name..' = new Gauge(target).setOptions(opts);\n')
+ --print(name..'.setTextField(document.getElementById("'..name..'-text"));\n')
+ print(name..'.maxValue = '..maxValue..'; // set max gauge value\n')
+ print("</script>\n")
end
-- Compute the difference in seconds between local time and UTC.
@@ -661,13 +661,13 @@
end
--- Return the first 'howmany' hosts
+-- Return the first 'howmany' hosts
function getTopInterfaceHosts(howmany, localHostsOnly)
hosts_stats = interface.getHostsInfo()
ret = {}
sortTable = {}
n = 0
- for k,v in pairs(hosts_stats) do
+ for k,v in pairs(hosts_stats) do
if((not localHostsOnly) or ((v["localhost"] ~= nil) and (v["ip"] ~= nil))) then
sortTable[v["bytes.sent"]+v["bytes.rcvd"]+n] = k
n = n +0.01
@@ -675,8 +675,8 @@
end
n = 0
- for _v,k in pairsByKeys(sortTable, rev) do
- if(n < howmany) then
+ for _v,k in pairsByKeys(sortTable, rev) do
+ if(n < howmany) then
ret[k] = hosts_stats[k]
n = n+1
else
@@ -692,7 +692,7 @@
return string.format("%%%02X", string.byte(c))
end)
s = string.gsub(s, " ", "+")
- return s
+ return s
end
-- Windows fixes for interfaces with "uncommon chars"
@@ -728,3 +728,14 @@
return(getOSIcon(name) .. name)
end
+-- version is major.minor.veryminor
+function version2int(v)
+ e = string.split(v, "%.");
+ if(e ~= nil) then
+ version = tonumber(e[1])*100 + tonumber(e[2])*10 + tonumber(e[3])
+ return(version)
+ else
+ return(0)
+ end
+end
+
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/scripts/lua/modules/template.lua
^
|
| @@ -329,7 +329,7 @@
-- template id to name
rtemplate = {}
for key,value in pairs(template) do
- rtemplate[value] = key
+ rtemplate[tonumber(value)] = key
end
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/third-party/htmlget.c
^
|
| @@ -2,6 +2,8 @@
http://coding.debuntu.org/system/files/htmlget.c
GPL
+
+ Strongly debugged by Luca Deri <deri@ntop.org>
*/
#include <stdio.h>
@@ -23,15 +25,24 @@
int sock, tmpres;
u_int out_len = 0;
char *ip, _ip[64];
- char *get, _get[256];
- char buf[BUFSIZ+1];
+ char get_buf[256];
+ char buf[1024];
+ int htmlstart = 0, debug = 0;
+ char *htmlcontent;
- if((sock = create_tcp_socket()) < 0) return(NULL);
- if((ip = get_ip(host, _ip, sizeof(_ip))) == NULL) return(NULL);
+ if((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
+ // perror("Can't create TCP socket");
+ return(NULL);
+ }
+ snprintf(get_buf, sizeof(get_buf), "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n", (page[0] == '/') ? &page[1] : page, host);
+
+ if(debug) fprintf(stderr, "Query is:\n---\n%s---\n", get_buf);
+
+ if((ip = get_ip(host, _ip, sizeof(_ip))) == NULL) return(NULL);
remote.sin_family = AF_INET;
tmpres = inet_pton(AF_INET, ip, (void *)(&(remote.sin_addr.s_addr)));
- if( tmpres < 0) {
+ if(tmpres < 0) {
// perror("Can't set remote.sin_addr.s_addr");
return(NULL);
} else if(tmpres == 0) {
@@ -45,143 +56,70 @@
// perror("Could not connect");
return(NULL);
}
-
- get = build_get_query(host, page, _get, sizeof(_get));
- // fprintf(stderr, "Query is:\n<<START>>\n%s<<END>>\n", get);
- //Send the query to the server
+ // Send the query to the server
u_int sent = 0;
- while(sent < strlen(get))
- {
- tmpres = send(sock, get+sent, strlen(get)-sent, 0);
-
- if(tmpres == -1) {
- // perror("Can't send query");
- return(NULL);
- }
- sent += tmpres;
+ while(sent < strlen(get_buf)) {
+ tmpres = send(sock, get_buf+sent, strlen(get_buf)-sent, 0);
+
+ if(tmpres == -1) {
+ // perror("Can't send query");
+ return(NULL);
}
+ sent += tmpres;
+ }
//now it is time to receive the page
memset(buf, 0, sizeof(buf));
- int htmlstart = 0;
- char * htmlcontent;
- while((tmpres = recv(sock, buf, BUFSIZ, 0)) > 0) {
- if(htmlstart == 0)
- {
- /* Under certain conditions this will not work.
- * If the \r\n\r\n part is splitted into two messages
- * it will fail to detect the beginning of HTML content
- */
- htmlcontent = strstr(buf, "\r\n\r\n");
- if(htmlcontent != NULL) {
- htmlstart = 1;
- htmlcontent += 4;
- }
- }else{
- htmlcontent = buf;
- }
+
+ while((tmpres = recv(sock, buf, sizeof(buf)-1, 0)) > 0) {
+ buf[tmpres] = '\0';
+
+ if(debug) fprintf(stderr, "Received %u bytes\n", tmpres);
+
+ if(htmlstart == 0) {
+ /* Under certain conditions this will not work.
+ * If the \r\n\r\n part is splitted into two messages
+ * it will fail to detect the beginning of HTML content
+ */
+ htmlcontent = strstr(buf, "\r\n\r\n");
+
+ if(htmlcontent != NULL) {
+ htmlstart = 1;
+ htmlcontent += 4;
+ }
+ } else
+ htmlcontent = buf;
if(htmlstart) {
if(rsp_len > out_len) {
int n = snprintf(&rsp[out_len], rsp_len-out_len, "%s", htmlcontent);
- if(n == 0)
- out_len += n;
- else
- break;
+ if(n > 0) out_len += n;
// fprintf(stdout, "%s", htmlcontent);
}
}
-
- memset(buf, 0, tmpres);
- }
- if(tmpres < 0) {
- // perror("Error receiving data");
}
close(sock);
-
- return(rsp);
-}
-#if 0
-int main(int argc, char **argv) {
- char rsp[256], *out, *host, *page;
-
- if(argc == 1) {
- usage();
- exit(2);
- }
- host = argv[1];
- if(argc > 2) {
- page = argv[2];
- }
-
- if(!host || !page) usage();
-
- out = http_get(host, 80, page, rsp, sizeof(rsp));
+ if(debug) fprintf(stderr, "%s\n", rsp);
- if(out)
- printf("%s\n", out);
- else
- printf("Error or empty response received\n");
-
- return(0);
-}
-
-
-void usage()
-{
- fprintf(stderr, "USAGE: htmlget host [page]\n\
-\thost: the website hostname. ex: coding.debuntu.org\n\
-\tpage: the page to retrieve. ex: index.html, default: /\n");
-}
-#endif
-
-
-int create_tcp_socket()
-{
- int sock;
- if((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
- // perror("Can't create TCP socket");
- return(-1);
- }
- return sock;
+ return(rsp);
}
-
char *get_ip(char *host, char *ip, u_int ip_len) {
struct hostent *hent;
- memset(ip, 0, ip_len+1);
- if((hent = gethostbyname(host)) == NULL)
- {
- //herror("Can't get IP");
- return(NULL);
- }
-
- if(inet_ntop(AF_INET, (void *)hent->h_addr_list[0], ip, ip_len) == NULL)
- {
- // perror("Can't resolve host");
- return(NULL);
- }
-
- return ip;
-}
-
-char *build_get_query(char *host, char *page, char *buf, u_int buf_len)
-{
- char *getpage = page;
- const char *tpl = "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n";
-
- if(getpage[0] == '/') {
- getpage = getpage + 1;
- //fprintf(stderr,"Removing leading \"/\", converting %s to %s\n", page, getpage);
+ memset(ip, 0, ip_len);
+ if((hent = gethostbyname(host)) == NULL) {
+ //herror("Can't get IP");
+ return(NULL);
}
- // -5 is to consider the %s %s %s in tpl and the ending \0
- snprintf(buf, buf_len, tpl, getpage, host);
+ if(inet_ntop(AF_INET, (void *)hent->h_addr_list[0], ip, ip_len) == NULL) {
+ // perror("Can't resolve host");
+ return(NULL);
+ }
- return(buf);
+ return ip;
}
-
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/third-party/json-c/Makefile.am.inc
^
|
| @@ -1,2 +1,2 @@
-AM_CFLAGS = -Wall -Werror -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT
+AM_CFLAGS = -Wall -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT
|
|
[-]
[+]
|
Added |
ntopng-1.0.2.tar.bz2/third-party/json-c/Makefile.am.inc.orig
^
|
| @@ -0,0 +1,2 @@
+AM_CFLAGS = -Wall -Werror -Wextra -Wwrite-strings -Wno-unused-parameter -std=gnu99 -D_GNU_SOURCE -D_REENTRANT
+
|
|
[-]
[+]
|
Changed |
ntopng-1.0.2.tar.bz2/third-party/rrdtool-1.4.7/libtool
^
|
| @@ -2,7 +2,7 @@
# libtool - Provide generalized library-building support services.
# Generated automatically by config.status (rrdtool) 1.4.7
-# Libtool was configured on host ubuntu:
+# Libtool was configured on host nbox:
# NOTE: Changes made to this file will be lost: look at ltmain.sh.
#
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
@@ -56,12 +56,12 @@
# The host system.
host_alias=
-host=x86_64-unknown-linux-gnu
+host=i686-pc-linux-gnu
host_os=linux-gnu
# The build system.
build_alias=
-build=x86_64-unknown-linux-gnu
+build=i686-pc-linux-gnu
build_os=linux-gnu
# A sed program that does not truncate output.
@@ -86,7 +86,7 @@
LN_S="ln -s"
# What is the maximum length of a command?
-max_cmd_len=3458764513820540925
+max_cmd_len=805306365
# Object file suffix (normally "o").
objext=o
@@ -234,10 +234,10 @@
hardcode_into_libs=yes
# Compile-time system search path for libraries.
-sys_lib_search_path_spec="/usr/lib/gcc/x86_64-linux-gnu/4.6 /usr/lib/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib"
+sys_lib_search_path_spec="/usr/lib/gcc/i686-linux-gnu/4.6 /usr/lib/i386-linux-gnu /usr/lib /lib/i386-linux-gnu /lib"
# Run-time system search path for libraries.
-sys_lib_dlsearch_path_spec="/lib /usr/lib /usr/local/lib /usr/local/lib /lib/x86_64-linux-gnu /usr/lib/x86_64-linux-gnu "
+sys_lib_dlsearch_path_spec="/lib /usr/lib /usr/lib/i386-linux-gnu/mesa /lib/i386-linux-gnu /usr/lib/i386-linux-gnu /lib/i686-linux-gnu /usr/lib/i686-linux-gnu /usr/local/lib /opt/napatech3/lib "
# Whether dlopen is supported.
dlopen_support=unknown
@@ -254,7 +254,7 @@
# The linker used to build libraries.
-LD="/usr/bin/ld -m elf_x86_64"
+LD="/usr/bin/ld"
# Commands used to build an old-style archive.
old_archive_cmds="\$AR \$AR_FLAGS \$oldlib\$oldobjs~\$RANLIB \$oldlib"
|
|
[-]
[+]
|
Changed |
ntopng.init
^
|
| @@ -122,7 +122,7 @@
fi
fi
echo -n "instance on interface ${IFACE} "
- /sbin/startproc -p /var/run/ntopng/ntopng-${IFACE}.pid $NTOPNG_BIN -i ${IFACE} ${NTOPNG_OPTS}
+ /sbin/startproc -p /var/run/ntopng/ntopng-${IFACE}.pid $NTOPNG_BIN -i ${IFACEN} ${NTOPNG_OPTS}
rc_status -v
done
;;
|
