📄 analyze.c
字号:
fseek(fptr,-SumDataSize,SEEK_CUR);
/*再写入*/
fwrite(dataPtr,SumDataSize,1,fptr);
/*2.修改月总数数据*/
/*移动文件指针到相应位置*/
fseek(fptr,(CurrentMonth-1)*32*SumDataSize,SEEK_SET);
/*读取文件中的数据*/
fread(dataPtr,SumDataSize,1,fptr);
/*修改数据*/
for (i = 0; i < TIME_STAGE_NUM; i++)
for (j = 0; j < NET_PART_NUM; j++)
{
data.inPackets[i][j] += user->data.inPackets[i][j];
data.inPacketsBytes[i][j] += user->data.inPacketsBytes[i][j];
data.outPackets[i][j] += user->data.outPackets[i][j];
data.outPacketsBytes[i][j] += user->data.outPacketsBytes[i][j];
}
/*重新定位*/
fseek(fptr,-SumDataSize,SEEK_CUR);
/*再写入*/
fwrite(dataPtr,SumDataSize,1,fptr);
fclose(fptr);
/*将数据清0*/
memset(&user->data,0,SumDataSize);
}
user = user->nextInList;
}
}
/*
改变当前的日期或时间段
字符串格式:1|month|day
2|time stage
若第一个域为1,则表明是日期
若第一个域为2,则表明是时间段
flag==0,保存进入数据
flag== 1,保存外出数据
*/
void ChangeTimeStageOrDate(char* str)
{
char result[20],*startField;
int flag;
int month,day,timeStage;
static int state = 0;
/*得到标识*/
startField = GetOneField(str,result);
flag = atoi(result);
switch (flag)
{
case 1:/*日期发生了变化*/
startField = GetOneField(startField,result);
month = atoi(result);
startField = GetOneField(startField,result);
day = atoi(result);
if (state == 0)
{/*若是第一次调用本函数,则不保存数据,因为数据文件的第一行一定是日期行*/
state = 1;
CurrentMonth = month;
CurrentDay = day;
return;
}
if ((CurrentMonth != month) || (CurrentDay != day))
{
/*时间发生变化,将数据保存*/
SaveOneDayData();
CurrentMonth = month;
CurrentDay = day;
}
break;
case 2:/*时间段发生了变化*/
startField = GetOneField(startField,result);
timeStage = atoi(result);
if ((timeStage >= TIME_STAGE_1) && (timeStage < TIME_STAGE_NUM))
CurrentTimeStage = timeStage;
break;
}
}
/*
分析IP流量细节文件
IP流量细节文件格式:0 or 1|userID|source Ip|destination Ip|length
0表示进入,1表示外出
*/
void AnalyzeIpDataFile()
{
FILE* fptr;
char oneStr[200];
char result[30];
char* startField;
int netPartNo;
struct in_addr srcIp,dstIp;
struct in_addr *srcIpPtr = &srcIp,*dstIpPtr = &dstIp;
int inOut,userID;
long length;
UserType* user;
if ((fptr = fopen(IpDataFile,"r")) == NULL)
{/*正常传入的IP包数据细节文件指针*/
PrintError("Don't open file:%s.\n",IpDataFile);
return;
}
while (!feof(fptr))
{
fgets(oneStr,200,fptr);
if (feof(fptr))
break;
if (oneStr[0] == '*')
{/*表明这一行为日期或时间段控制信息*/
ChangeTimeStageOrDate(&oneStr[1]);
continue;
}
/*得到方向0---传入,1---传出*/
startField = GetOneField(oneStr,result);
inOut = atoi(result);
/*得到用户ID*/
startField = GetOneField(startField,result);
userID = atoi(result);
/*得到源IP地址*/
startField = GetOneField(startField,result);
TransIpAddress(0,result,srcIpPtr);
/*得到目的IP地址*/
startField = GetOneField(startField,result);
TransIpAddress(0,result,dstIpPtr);
/*得到长度*/
startField = GetOneField(startField,result);
length = atol(startField);
/*修改内存中的数据*/
user = FindUserByID(userID);
if (user != NULL)
{
netPartNo = GetNetPartNo(srcIp);
if (inOut == 0)
{/*进入包*/
#ifdef ZOOM-OP
length *= ZoomRatio[0];
#endif
user->data.inPackets[CurrentTimeStage][netPartNo]++;
user->data.inPacketsBytes[CurrentTimeStage][netPartNo] += length;
}
else
{/*外出包*/
#ifdef ZOOM-OP
length *= ZoomRatio[1];
#endif
user->data.outPackets[CurrentTimeStage][netPartNo]++;
user->data.outPacketsBytes[CurrentTimeStage][netPartNo] += length;
}
user->change = 1;/*数据发生变化*/
}
}
}
/*
分析用户登陆细节文件
*/
void AnalyzeLoginDataFile()
{
FILE* fptr,*userFptr,*sumFptr;
int i;
char oneStr[200],*logtime;
char userIDStr[20];
char groupIDStr[20];
int userID;
long inPackets,inPacketsBytes;
long outPackets,outPacketsBytes;
long loginTime,logoutTime;
char str1[50],*str2,*dataPtr;
char fileName[150];
char logoutTimeStr[30];
struct tm * now,*now1;
int month,day;
SumDataType sumData,*sumDataPtr = &sumData;
UserType* user;
/*1.处理传入传出总体数据文件*/
strcat(IpSumDataFile,".tmp");
if ((fptr = fopen(IpSumDataFile,"r")) == NULL)
{/*正常传入的IP包数据总体文件指针*/
PrintError("Don't open file:%s.\n",IpSumDataFile);
exit(-1);
}
while (!feof(fptr))
{
fgets(oneStr,200,fptr);
/*
printf("\nstr = %s",oneStr);
*/
if (feof(fptr))
break;
/*1.得到上述各个数据inPackets|inPacketsBytes|outPackets|outPacketsBytes|logout Time*/
str2 = GetOneField(oneStr,str1);/*timeID*/
str2 = GetOneField(str2,userIDStr);/*user id*/
userID = atoi(userIDStr);
user = FindUserByID(userID);
if (!user)
continue;
else sprintf(groupIDStr,"%d",user->groupID);
dataPtr = GetOneField(str2,str1);/*ip address*/
str2 = GetOneField(dataPtr,str1);/*inPackets*/
inPackets = atol(str1);
str2 = GetOneField(str2,str1);/*inpackets bytes*/
inPacketsBytes = atol(str1);
str2 = GetOneField(str2,str1);/*outPackets*/
outPackets = atol(str1);
logtime = GetOneField(str2,str1);/*outpackets bytes*/
outPacketsBytes = atol(str1);
#ifdef ZOOM-OP
inPackets *= ZoomRatio[0];
inPacketsBytes *= ZoomRatio[0];
outPackets *= ZoomRatio[1];
outPacketsBytes *= ZoomRatio[1];
#endif
str2 = GetOneField(logtime,str1);/*login time*/
loginTime = atol(str1);
str2 = GetOneField(str2,str1);/*logout time*/
logoutTime = atol(str1);
sprintf(fileName,"%s/%s%s",groupIDStr,userIDStr,SumSuffix);
if ((sumFptr = fopen(fileName,"rb+")) == NULL)
{/*该文件一定存在,因为在增加用户时创建了该文件*/
continue;
}
/*存入到用户细节文件中*/
sprintf(fileName,"%s/%s",groupIDStr,userIDStr);
if ((userFptr = fopen(fileName,"a+")) == NULL)
{
PrintError("Open File Error:%s.in MaintainSumDataFile().\n",userIDStr);
continue;
}
/*处理用户统计文件*/
/*1。得到月份*/
now = localtime(&logoutTime);
sprintf(logoutTimeStr,"%d.%d.%d %d:%d:%d",
now->tm_year,now->tm_mon+1,now->tm_mday,now->tm_hour,now->tm_min,now->tm_sec);
month = now->tm_mon;
day = now->tm_mday;
now1 = localtime(&loginTime);
/*给logtime赋值实际上就是修改oneStr中的后两个域值*/
#ifdef ZOOM-OP
sprintf(dataPtr,"%ld|%ld|%ld|%ld|%d.%d.%d %d:%d:%d|%s\n",
inPackets,inPacketsBytes,outPackets,outPacketsBytes,
now1->tm_year,now1->tm_mon+1,now1->tm_mday,now1->tm_hour,now1->tm_min,now1->tm_sec,logoutTimeStr);
#else
sprintf(logtime,"%d.%d.%d %d:%d:%d|%s\n",
now1->tm_year,now1->tm_mon+1,now1->tm_mday,now1->tm_hour,now1->tm_min,now1->tm_sec,logoutTimeStr);
#endif
fprintf(userFptr,oneStr);
fclose(userFptr);
/*
printf("userid = %s.\n",userIDStr);
printf("inPackets=%ld.\n",inPackets);
printf("logout time = %ld.\n",logoutTime);
printf("filename = %s.\n",fileName);
*/
/*2。读取该用户当月数据*/
/*将该用户当月数据增加后,再存入*/
/*
printf("month = %d,day = %d.\n",month,day);
*/
fseek(sumFptr,SumDataSize*month*32,SEEK_SET);
fread(sumDataPtr,SumDataSize,1,sumFptr);
/*若按照IP包流量来分析,则关于流量部分不必在本部分处理,但连接时间则要处理*/
#ifndef ANALYZE_BY_IP
sumData.inPackets[0][0] += inPackets;
sumData.inPacketsBytes[0][0] += inPacketsBytes;
sumData.outPackets[0][0] += outPackets;
sumData.outPacketsBytes[0][0] += outPacketsBytes;
#endif
sumData.connectTime += (logoutTime - loginTime);
fseek(sumFptr,-SumDataSize,SEEK_CUR);
fwrite(sumDataPtr,SumDataSize,1,sumFptr);
/*将该用户当日数据增加后,再存入*/
fseek(sumFptr,SumDataSize*(month*32 + day),SEEK_SET);
fread(sumDataPtr,SumDataSize,1,sumFptr);
/*若按照IP包流量来分析,则关于流量部分不必在本部分处理,但连接时间则要处理*/
#ifndef ANALYZE_BY_IP
sumData.inPackets[0][0] += inPackets;
sumData.inPacketsBytes[0][0] += inPacketsBytes;
sumData.outPackets[0][0] += outPackets;
sumData.outPacketsBytes[0][0] += outPacketsBytes;
#endif
sumData.connectTime += (logoutTime - loginTime);
fseek(sumFptr,-SumDataSize,SEEK_CUR);
fwrite(sumDataPtr,SumDataSize,1,sumFptr);
fclose (sumFptr);
/*生成月统计数据文件*/
}
fclose(fptr);
/*将该文件删除*/
sprintf(str1,"rm -f %s ",IpSumDataFile);
system(str1);
}
/*
转储总体文件以外的文件
方法:将文件名加上当天的日期
*/
void MaintainDataFile()
{
char command[150];
char today[20];
struct tm *now;
time_t day;
/*得到当前日期*/
time(&day);
now = localtime(&day);
sprintf(today,"%d-%d",now->tm_mon+1,now->tm_mday);
/*将数据文件改为以当前日期为前缀的文件*/
/*正常IP包数据控制文件名称*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",IpDataControlFile,today,IpDataControlFile);
system(command);
/*正常传入传出的IP包数据细节文件名称*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",IpDataFile,today,IpDataFile);
/* system(command);*/ /*liu change 980703*/
/*领导IP包数据文件名称*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",LeadIpDataFile,today,LeadIpDataFile);
system(command);
/*应被封锁的IP包数据文件名称,因为有可能仍有一些数据传输.*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",BlockIpDataFile,today,BlockIpDataFile);
system(command);
}
main()
{
char command[150];
/*初始化*/
printf("\n\nnow analyze start\n");
printf("init system...\n");
InitVar();
printf("init system completed..\n");
/*将用户帐户文件保存备份*/
printf("save user account file...\n");
sprintf(command,"cp %s %s.bak",UserFile,UserFile);
system(command);
/*分析IP流量细节文件*/
#ifdef ANALYZE_BY_IP
printf("analyze ipdata.dat file...\n");
AnalyzeIpDataFile();
#endif
/*将数据文件转储*/
printf("mv data file...\n");
MaintainDataFile();
/*分析输入和输出的总体文件,然后将其删除*/
printf("analyze ipsumdata.dat file..\n");
AnalyzeLoginDataFile();
printf("analyze ipsumdata.dat file completed..\n");
/*检查系统中是否有僵尸CGI进程,有将其KILL掉*/
/*??????????*/
/*检查系统中4个消息队列中是否有不能响应的消息,有则将其删除*/
/*????????????*/
/**/
printf("analyze finished\n\n\n");
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -