From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 29 Apr 2010 17:31:29 +0000 (+0200)
Subject: Add some new events (still experimental).
X-Git-Url: http://git.ipfire.org/?p=oddments%2Fcappie.git;a=commitdiff_plain;h=b6f2a21b3fdaea9b5590e9247f614c0f1ea8ae53

Add some new events (still experimental).
---

diff --git a/cappie/constants.py b/cappie/constants.py
index de00993..d68fcc7 100644
--- a/cappie/constants.py
+++ b/cappie/constants.py
@@ -25,3 +25,6 @@ TYPE_ARP = 0
 
 OPERATION_REQUEST = 0
 OPERATION_RESPONSE = 1
+
+DB_LASTSEEN_MAX = 5*60 # 5 minutes
+DB_GC_INTERVAL = 60
diff --git a/cappie/events.py b/cappie/events.py
index edb6051..236e19f 100644
--- a/cappie/events.py
+++ b/cappie/events.py
@@ -23,6 +23,7 @@ import os
 import subprocess
 import time
 
+from constants import *
 from errors import *
 
 class Event(object):
@@ -81,3 +82,89 @@ class EventShell(Event):
 			p.returncode)
 
 		return p.returncode
+
+
+class EventRequestTrigger(Event):
+	def __init__(self, interface, packet):
+		Event.__init__(self, interface)
+
+		self.db = interface.cappie.db
+		self.packet = packet
+
+	def _updateAddress(self, mac, address):
+		where = "WHERE mac = '%s' AND address = '%s'" % (mac, address)
+
+		if self.db.get("SELECT * FROM addresses %s" % where):
+			self.db.execute("UPDATE addresses SET lastseen='%d' %s" % \
+				(time.time(), where))
+		else:
+			self.db.execute("INSERT INTO addresses VALUES('%s', '%s', '%d')" % \
+				(mac, address, time.time()))
+
+	def _updateChanges(self, *args):
+		for arg in args:
+			where = "WHERE address = '%s'" % arg
+			if self.db.get("SELECT * FROM changes %s" % where):
+				self.db.execute("UPDATE changes SET lastchange = '%d' %s" % \
+					(time.time(), where))
+			else:
+				self.db.execute("INSERT INTO changes VALUES('%s', '%d')" % \
+					(arg, time.time()))
+
+	def run(self):
+		mac = self.packet.source_address
+		address = self.packet.source_ip_address
+
+		self._updateAddress(mac, address)
+		self._updateChanges(mac, address)
+
+
+class EventResponseTrigger(EventRequestTrigger):
+	pass
+
+
+class EventGarbageCollector(Event):
+	def __init__(self, db, log):
+		self.db = db
+		self.log = log
+
+	def run(self):
+		# Remove old addresses
+		self.db.execute("DELETE FROM addresses WHERE lastseen >= '%d'" % \
+			(time.time() - DB_LASTSEEN_MAX))
+
+		self.db.commit()
+
+
+class EventCheckDuplicate(Event):
+	def __init__(self, interface, packet):
+		Event.__init__(self, interface)
+		self.packet = packet
+
+	def run(self):
+		entries = self.db.query("SELECT * FROM addresses WHERE address = '%s'" % \
+			self.packet.source_ip_address)
+
+		if not entries:
+			return
+
+		for entry in entries:
+			if self.packet.source_address == entry.mac:
+				entries.remove(entry)
+
+		if len(entries) > 1:
+			self.addEvent(EventHandleDuplicate(self.interface, self.packet))
+
+
+class EventHandleDuplicate(Event):
+	def __init__(self, interface, packet):
+		Event.__init__(self, interface)
+		self.packet = packet
+
+	def run(self):
+		self.log.warning("We probably have a mac spoofing for %s" % \
+			self.packet.source_address)
+
+
+class EventCheckFlipFlop(Event):
+	pass