]>
Commit | Line | Data |
---|---|---|
ce284ff3 MT |
1 | CREATE TABLE hits ( |
2 | oob_time_sec INTEGER NOT NULL, | |
3 | oob_time_usec INTEGER NOT NULL, | |
4 | oob_hook INTEGER, | |
5 | oob_prefix TEXT, | |
6 | mac_saddr_str TEXT, | |
7 | mac_daddr_str TEXT, | |
8 | oob_in TEXT, | |
9 | oob_out TEXT, | |
10 | oob_family INTEGER, | |
11 | oob_protocol INTEGER, | |
12 | oob_uid INTEGER, | |
13 | oob_gid INTEGER, | |
14 | oob_mark INTEGER, | |
15 | ip_saddr BLOB, | |
16 | ip_saddr_str TEXT, | |
17 | ip_daddr BLOB, | |
18 | ip_daddr_str TEXT, | |
19 | ip_protocol INTEGER, | |
20 | ip_tos INTEGER, | |
21 | ip_ttl INTEGER, | |
22 | ip_totlen INTEGER, | |
23 | ip_id INTEGER, | |
24 | ip_fragoff INTEGER, | |
25 | ip6_payloadlen INTEGER, | |
26 | ip6_priority INTEGER, | |
27 | ip6_hoplimit INTEGER, | |
28 | ip6_flowlabel INTEGER, | |
29 | ip6_nexthdr INTEGER, | |
30 | ip6_fragoff INTEGER, | |
31 | ip6_fragid INTEGER, | |
32 | tcp_sport INTEGER, | |
33 | tcp_dport INTEGER, | |
34 | tcp_seq INTEGER, | |
35 | tcp_ackseq INTEGER, | |
36 | tcp_window INTEGER, | |
37 | tcp_syn INTEGER, | |
38 | tcp_ack INTEGER, | |
39 | tcp_rst INTEGER, | |
40 | tcp_fin INTEGER, | |
41 | tcp_urg INTEGER, | |
42 | tcp_urgp INTEGER, | |
43 | udp_sport INTEGER, | |
44 | udp_dport INTEGER, | |
45 | udp_len INTEGER, | |
46 | icmp_type INTEGER, | |
47 | icmp_code INTEGER, | |
48 | icmp_echoid INTEGER, | |
49 | icmp_echoseq INTEGER, | |
50 | icmp_gateway INTEGER, | |
51 | icmp_fragmtu INTEGER, | |
52 | icmpv6_type INTEGER, | |
53 | icmpv6_code INTEGER, | |
54 | icmpv6_echoid INTEGER, | |
55 | icmpv6_echoseq INTEGER, | |
56 | icmpv6_csum INTEGER, | |
57 | ahesp_spi INTEGER, | |
58 | arp_hwtype INTEGER, | |
59 | arp_protocoltype INTEGER, | |
60 | arp_operation INTEGER, | |
61 | arp_shwaddr BLOB, | |
62 | arp_saddr_str TEXT, | |
63 | arp_dhwaddr BLOB, | |
64 | arp_daddr_str TEXT, | |
65 | sctp_sport INTEGER, | |
66 | sctp_dport INTEGER, | |
67 | sctp_csum INTEGER | |
68 | ); | |
d3964792 | 69 | |
ce284ff3 MT |
70 | CREATE INDEX hits_time ON hits(oob_time_sec); |
71 | CREATE INDEX hits_prefix ON hits(oob_prefix); | |
72 | CREATE INDEX hits_oob_family ON hits(oob_family); | |
73 | ||
74 | /* Layer 2 - MAC addresses */ | |
75 | CREATE INDEX hits_mac_saddr ON hits(mac_saddr_str); | |
76 | CREATE INDEX hits_mac_daddr ON hits(mac_daddr_str); | |
77 | ||
78 | /* Layer 3 - IP */ | |
79 | CREATE INDEX hits_ip_saddr ON hits(ip_saddr); | |
80 | CREATE INDEX hits_ip_daddr ON hits(ip_daddr); | |
81 | CREATE INDEX hits_ip_protocol ON hits(ip_protocol); | |
82 | ||
83 | /* Layer 4 protocols */ | |
84 | CREATE INDEX hits_tcp_sport ON hits(tcp_sport); | |
85 | CREATE INDEX hits_tcp_dport ON hits(tcp_dport); | |
86 | CREATE INDEX hits_udp_sport ON hits(udp_sport); | |
87 | CREATE INDEX hits_udp_dport ON hits(udp_dport); | |
88 | CREATE INDEX hits_sctp_sport ON hits(sctp_sport); | |
89 | CREATE INDEX hits_sctp_dport ON hits(sctp_dport); | |
90 | ||
91 | CREATE INDEX hits_icmpv6_type ON hits(icmpv6_type); | |
92 | CREATE INDEX hits_icmp_type ON hits(icmp_type); | |
93 | ||
94 | CREATE TABLE flows ( | |
95 | flow_start_sec INTEGER, | |
96 | flow_start_usec INTEGER, | |
97 | flow_end_sec INTEGER, | |
98 | flow_end_usec INTEGER, | |
99 | orig_ip_saddr BLOB NOT NULL, | |
100 | orig_ip_saddr_str TEXT NOT NULL, | |
101 | orig_ip_daddr BLOB NOT NULL, | |
102 | orig_ip_daddr_str TEXT NOT NULL, | |
103 | orig_ip_protocol INTEGER NOT NULL, | |
104 | orig_l4_sport INTEGER, | |
105 | orig_l4_dport INTEGER, | |
106 | orig_raw_pktcount INTEGER NOT NULL, | |
107 | orig_raw_pktlen INTEGER NOT NULL, | |
108 | reply_ip_saddr BLOB NOT NULL, | |
109 | reply_ip_saddr_str BLOB NOT NULL, | |
110 | reply_ip_daddr BLOB NOT NULL, | |
111 | reply_ip_daddr_str BLOB NOT NULL, | |
112 | reply_ip_protocol INTEGER NOT NULL, | |
113 | reply_l4_sport INTEGER, | |
114 | reply_l4_dport INTEGER, | |
115 | reply_raw_pktcount INTEGER NOT NULL, | |
116 | reply_raw_pktlen INTEGER NOT NULL, | |
117 | icmp_code INTEGER, | |
118 | icmp_type INTEGER, | |
119 | ct_id INTEGER NOT NULL, | |
120 | ct_event INTEGER NOT NULL, | |
121 | ct_mark INTEGER | |
122 | ); | |
123 | ||
124 | CREATE INDEX flows_ip_saddr ON flows(orig_ip_saddr); | |
125 | CREATE INDEX flows_ip_daddr ON flows(orig_ip_daddr); | |
126 | CREATE INDEX flows_ip_protocol ON flows(orig_ip_protocol); |