oob_mark integer default NULL,
oob_in varchar(32) default NULL,
oob_out varchar(32) default NULL,
- ip_saddr inet default NULL,
- ip_daddr inet default NULL,
+ ip_saddr_str inet default NULL,
+ ip_daddr_str inet default NULL,
ip_protocol smallint default NULL,
ip_tos smallint default NULL,
ip_ttl smallint default NULL,
) WITH (OIDS=FALSE);
CREATE INDEX ulog2_timestamp ON ulog2(timestamp);
-CREATE INDEX ulog2_ip_saddr ON ulog2(ip_saddr);
-CREATE INDEX ulog2_ip_daddr ON ulog2(ip_daddr);
+CREATE INDEX ulog2_ip_saddr ON ulog2(ip_saddr_str);
+CREATE INDEX ulog2_ip_daddr ON ulog2(ip_daddr_str);
CREATE TABLE mac (
_mac_id bigint PRIMARY KEY UNIQUE NOT NULL,
-- shortcuts
CREATE OR REPLACE VIEW view_tcp_quad AS
- SELECT ulog2._id,ulog2.ip_saddr,tcp.tcp_sport,ulog2.ip_daddr,tcp.tcp_dport FROM ulog2 INNER JOIN tcp ON ulog2._id = tcp._tcp_id;
+ SELECT ulog2._id,ulog2.ip_saddr_str,tcp.tcp_sport,ulog2.ip_daddr_str,tcp.tcp_dport FROM ulog2 INNER JOIN tcp ON ulog2._id = tcp._tcp_id;
CREATE OR REPLACE VIEW view_udp_quad AS
- SELECT ulog2._id,ulog2.ip_saddr,udp.udp_sport,ulog2.ip_daddr,udp.udp_dport FROM ulog2 INNER JOIN udp ON ulog2._id = udp._udp_id;
+ SELECT ulog2._id,ulog2.ip_saddr_str,udp.udp_sport,ulog2.ip_daddr_str,udp.udp_dport FROM ulog2 INNER JOIN udp ON ulog2._id = udp._udp_id;
--
-- conntrack
CREATE SEQUENCE ulog2_ct__ct_id_seq;
CREATE TABLE ulog2_ct (
_ct_id bigint PRIMARY KEY UNIQUE NOT NULL DEFAULT nextval('ulog2_ct__ct_id_seq'),
- orig_ip_saddr inet default NULL,
- orig_ip_daddr inet default NULL,
+ orig_ip_saddr_str inet default NULL,
+ orig_ip_daddr_str inet default NULL,
orig_ip_protocol smallint default NULL,
orig_l4_sport integer default NULL,
orig_l4_dport integer default NULL,
orig_bytes bigint default 0,
orig_packets bigint default 0,
- reply_ip_saddr inet default NULL,
- reply_ip_daddr inet default NULL,
+ reply_ip_saddr_str inet default NULL,
+ reply_ip_daddr_str inet default NULL,
reply_ip_protocol smallint default NULL,
reply_l4_sport integer default NULL,
reply_l4_dport integer default NULL,
state smallint default 0
) WITH (OIDS=FALSE);
-CREATE INDEX ulog2_ct_orig_ip_saddr ON ulog2_ct(orig_ip_saddr);
-CREATE INDEX ulog2_ct_orig_ip_daddr ON ulog2_ct(orig_ip_daddr);
-CREATE INDEX ulog2_ct_reply_ip_saddr ON ulog2_ct(reply_ip_saddr);
-CREATE INDEX ulog2_ct_reply_ip_daddr ON ulog2_ct(reply_ip_daddr);
+CREATE INDEX ulog2_ct_orig_ip_saddr ON ulog2_ct(orig_ip_saddr_str);
+CREATE INDEX ulog2_ct_orig_ip_daddr ON ulog2_ct(orig_ip_daddr_str);
+CREATE INDEX ulog2_ct_reply_ip_saddr ON ulog2_ct(reply_ip_saddr_str);
+CREATE INDEX ulog2_ct_reply_ip_daddr ON ulog2_ct(reply_ip_daddr_str);
CREATE INDEX ulog2_ct_orig_l4_sport ON ulog2_ct(orig_l4_sport);
CREATE INDEX ulog2_ct_orig_l4_dport ON ulog2_ct(orig_l4_dport);
CREATE INDEX ulog2_ct_reply_l4_sport ON ulog2_ct(reply_l4_sport);
IN oob_mark integer,
IN oob_in varchar(32),
IN oob_out varchar(32),
- IN ip_saddr inet,
- IN ip_daddr inet,
+ IN ip_saddr_str inet,
+ IN ip_daddr_str inet,
IN ip_protocol smallint
)
RETURNS bigint AS $$
INSERT INTO ulog2 (oob_time_sec,oob_time_usec,oob_prefix,oob_mark,
- oob_in,oob_out,ip_saddr,ip_daddr,ip_protocol)
+ oob_in,oob_out,ip_saddr_str,ip_daddr_str,ip_protocol)
VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9);
SELECT currval('ulog2__id_seq');
$$ LANGUAGE SQL SECURITY INVOKER;
IN oob_mark integer,
IN oob_in varchar(32),
IN oob_out varchar(32),
- IN ip_saddr inet,
- IN ip_daddr inet,
+ IN ip_saddr_str inet,
+ IN ip_daddr_str inet,
IN ip_protocol smallint,
IN ip_tos smallint,
IN ip_ttl smallint,
)
RETURNS bigint AS $$
INSERT INTO ulog2 (oob_time_sec,oob_time_usec,oob_prefix,oob_mark,
- oob_in,oob_out,ip_saddr,ip_daddr,ip_protocol,
+ oob_in,oob_out,ip_saddr_str,ip_daddr_str,ip_protocol,
ip_tos,ip_ttl,ip_totlen,ip_ihl,ip_csum,ip_id,ip_fragoff)
VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16);
SELECT currval('ulog2__id_seq');
IN oob_mark integer,
IN oob_in varchar(32),
IN oob_out varchar(32),
- IN ip_saddr inet,
- IN ip_daddr inet,
+ IN ip_saddr_str inet,
+ IN ip_daddr_str inet,
IN ip_protocol smallint,
IN ip_tos smallint,
IN ip_ttl smallint,
-- Add foreign keys to tables
SELECT ULOG2_ADD_FOREIGN_KEYS();
-
+-- Pierre Chifflier <chifflier AT inl DOT fr>
#include <ulogd/ulogd.h>
#include <ulogd/printflow.h>
+enum printflow_fields {
+ PRINTFLOW_IP_SADDR = 0,
+ PRINTFLOW_IP_DADDR,
+ PRINTFLOW_IP_PROTOCOL,
+ PRINTFLOW_L4_SPORT,
+ PRINTFLOW_L4_DPORT,
+ PRINTFLOW_RAW_PKTLEN,
+ PRINTFLOW_RAW_PKTCOUNT,
+ PRINTFLOW_ICMP_CODE,
+ PRINTFLOW_ICMP_TYPE,
+ PRINTFLOW_DIR,
+};
+
struct ulogd_key printflow_keys[] = {
{
.type = ULOGD_RET_IPADDR,
{
char *buf_cur = buf;
- if (pp_is_valid(res, 9))
+ if (pp_is_valid(res, PRINTFLOW_DIR))
buf_cur += sprintf(buf_cur, "DIR=%s ",
- GET_VALUE(res, 9).b ? "REPLY" : "ORIG ");
+ GET_VALUE(res, PRINTFLOW_DIR).b ? "REPLY" : "ORIG ");
- if (pp_is_valid(res, 0))
+ if (pp_is_valid(res, PRINTFLOW_IP_SADDR))
buf_cur += sprintf(buf_cur, "SRC=%s ", inet_ntoa(
(struct in_addr) {htonl(GET_VALUE(res, 0).ui32)}));
- if (pp_is_valid(res, 1))
+ if (pp_is_valid(res, PRINTFLOW_IP_DADDR))
buf_cur += sprintf(buf_cur, "DST=%s ", inet_ntoa(
(struct in_addr) {htonl(GET_VALUE(res, 1).ui32)}));
- if (!pp_is_valid(res, 2))
+ if (!pp_is_valid(res, PRINTFLOW_IP_PROTOCOL))
goto out;
- switch (GET_VALUE(res, 2).ui8) {
+ switch (GET_VALUE(res, PRINTFLOW_IP_PROTOCOL).ui8) {
case IPPROTO_TCP:
buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- pp_print(buf_cur, "SPT", res, 3, ui16);
- pp_print(buf_cur, "DPT", res, 4, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_L4_SPORT, ui16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_L4_DPORT, ui16);
break;
case IPPROTO_UDP:
buf_cur += sprintf(buf_cur, "PROTO=UDP ");
- pp_print(buf_cur, "SPT", res, 3, ui16);
- pp_print(buf_cur, "DPT", res, 4, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_L4_SPORT, ui16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_L4_DPORT, ui16);
break;
case IPPROTO_ICMP:
buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
- pp_print(buf_cur, "TYPE", res, 7, ui8);
- pp_print(buf_cur, "CODE", res, 8, ui8);
+ pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8);
+ pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8);
break;
case IPPROTO_ESP:
break;
default:
- pp_print(buf_cur, "PROTO", res, 2, ui8);
+ pp_print(buf_cur, "PROTO", res, PRINTFLOW_IP_PROTOCOL, ui8);
break;
}
out:
- pp_print(buf_cur, "PKTS", res, 6, ui32);
- pp_print(buf_cur, "BYTES", res, 5, ui32);
+ pp_print(buf_cur, "PKTS", res, PRINTFLOW_RAW_PKTCOUNT, ui32);
+ pp_print(buf_cur, "BYTES", res, PRINTFLOW_RAW_PKTLEN, ui32);
strcat(buf_cur, "\n");
return 0;
projects / thirdparty / ulogd2.git / commitdiff
