⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 flow-stat.c

📁 netflow,抓包
💻 C
📖 第 1 页 / 共 5 页
字号:
🔍
12345 
    ++nflows;    if (Last > xmax)      xmax = Last;    if (First < xmin)      xmin = First;    if (cur.octets > ymax)      ymax = cur.octets;    if (cur.octets < ymin)      ymin = cur.octets;    printf("%-10lu   %-10lu\n", (u_long)First, (u_long)cur.octets);    printf("%-10lu   %-10lu\n\n", (u_long)Last, (u_long)cur.octets);  }  printf("%c xmin=%-10lu   ymin=%-10lu   xmax=%-10lu   ymax=%-10lu\n",    args->cc, xmin, ymin, xmax, ymax);  return 0;} /* format13 *//* * function: format14 * *  octets for flow duration plot data * *  returns 0 for success. */int format14(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopd32 cur;  struct ftver ftv;  u_long ymin, ymax;  u_long xmin, xmax;  u_int64 nflows;  u_int32 First, Last;  char *rec;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  nflows = 0;  xmin = ymin = 0xFFFFFFFF;  xmax = ymax = 0;  printf("%c\n%c start     packets\n%c end       packets\n%c\n",    args->cc, args->cc, args->cc, args->cc);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {       CUR_GET_PLUS_FLOWS;    Last = *((u_int32*)(rec+fo.Last));    First = *((u_int32*)(rec+fo.First));    if (Last > xmax)      xmax = Last;    if (First < xmin)      xmin = First;    if (cur.octets > ymax)      ymax = cur.packets;    if (cur.octets < ymin)      ymin = cur.packets;    printf("%-10lu    %-10lu\n", (u_long)First,      (u_long)cur.packets);    printf("%-10lu    %-10lu\n\n", (u_long)Last,      (u_long)cur.packets);  }  printf("%c xmin=%-10lu   ymin=%-10lu   xmax=%-10lu   ymax=%-10lu\n",    args->cc, xmin, ymin, xmax, ymax);  return 0;} /* format14 *//* * function: format15 * *  short summary * * returns 0 for success. */int format15(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  double mbytes;  char fmt_buf[256];  u_int len;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  bzero(&total, sizeof total);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;      TOTAL_INC;  }  mbytes = (double)total.octets / (double)(1000000);  printf("%c\n%c Octets            Packets             MBytes\n%c\n",    args->cc, args->cc, args->cc);  len = fmt_uint64(fmt_buf, total.octets, FMT_PAD_RIGHT);  len += fmt_uint64(fmt_buf+len, total.packets, FMT_PAD_RIGHT);  printf("%s%3.3f\n", fmt_buf, mbytes);  return 0;} /* format15 *//* * function: format16 * *  Next hop flows,octets,packets,duration * * returns 0 for success. */int format16(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopd32 cur;  struct ftver ftv;  struct ftchash *ftch;  struct ftchash_rec_ip ftch_recip, *ftch_recipp;  struct fopd total;  u_int32 hash;  char *rec;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST| FT_XFIELD_NEXTHOP)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  bzero(&total, sizeof total);  bzero(&ftch_recip, sizeof ftch_recip);   if (!(ftch = ftchash_new(65536, sizeof (struct ftchash_rec_ip), 4, 65536))) {    fterr_warnx("ftchash_new(): failed");      return -1;  }  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;        TOTAL_INC;    ftch_recip.addr = *((u_int32*)(rec+fo.nexthop));      hash = (ftch_recip.addr>>16) ^ (ftch_recip.addr & 0xFFFF);       if (!(ftch_recipp = ftchash_update(ftch, &ftch_recip, hash))) {      fterr_warnx("ftch_update(): failed");      ftchash_free(ftch);      return -1;    }    STAT_INCP(ftch_recipp);  }  chash_ip_dump(ftch, args->cc, args->sort_order, args->options, &total);        ftchash_free(ftch);  return 0;} /* format16 *//* * function: format17 * *  input interface flows,octets,packets,duration * * returns 0 for success. */int format17(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopdi stat;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  u_int16 input;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST | FT_XFIELD_INPUT)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  if (fopdi_alloc(&stat, 65536) < 0)    return -1;  bzero(&total, sizeof total);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;      TOTAL_INC;           input = *((u_int16*)(rec+fo.input));    STAT_INCA(input);  }  /* doesn't make sense here */  args->options &= ~FT_OPT_NAMES;  tbl_out1(args, 65536, &stat, &total, "interface ", (void*)0L);      fopdi_free(&stat);  return 0;} /* format17 *//* * function: format18 * *  output interface flows,octets,packets,duration  * * returns 0 for success. */int format18(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopdi stat;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  u_int16 output;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST | FT_XFIELD_OUTPUT)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  if (fopdi_alloc(&stat, 65536) < 0)    return -1;  bzero(&total, sizeof total);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;     TOTAL_INC;    output = *((u_int16*)(rec+fo.output));    STAT_INCA(output);  }  /* doesn't make sense here */  args->options &= ~FT_OPT_NAMES;  tbl_out1(args, 65536, &stat, &total, "interface ", (void*)0L);      fopdi_free(&stat);  return 0;} /* format18 *//* * function: format19 * *  Source AS flows,octets,packets,duration * * returns 0 for success. */int format19(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopdi stat;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  u_int16 src_as;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST | FT_XFIELD_SRC_AS)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  if (fopdi_alloc(&stat, 65536) < 0)    return -1;  bzero(&total, sizeof total);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;    TOTAL_INC;           src_as = *((u_int16*)(rec+fo.src_as));    STAT_INCA(src_as);  }  tbl_out1(args, 65536, &stat, &total, "src AS    ", FT_PATH_SYM_ASN);      fopdi_free(&stat);  return 0;} /* format19 *//* * function: format20 * *  Destination AS flows,octets,packets,duration * * returns 0 for success. */int format20(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopdi stat;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  u_int16 dst_as;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST | FT_XFIELD_DST_AS)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  if (fopdi_alloc(&stat, 65536) < 0)    return -1;      bzero(&total, sizeof total);  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {       CUR_GET_PLUS_FLOWS;     TOTAL_INC;           dst_as = *((u_int16*)(rec+fo.dst_as));    STAT_INCA(dst_as);  }  tbl_out1(args, 65536, &stat, &total, "dst AS    ", FT_PATH_SYM_ASN);      fopdi_free(&stat);  return 0;} /* format20 *//* * function: format21 * * Source/Destination AS flows,octets,packets,duration * * returns 0 for success. */int format21(struct fmtargs *args){  struct fts3rec_offsets fo;  struct ftchash_rec_as2 ftch_recas2, *ftch_recas2p;  struct ftchash *ftch;  struct ftver ftv;  struct fopd total;  struct fopd32 cur;  u_long hash;  char *rec;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST |    FT_XFIELD_DST_AS | FT_XFIELD_SRC_AS)) {    fterr_warnx("Flow record missing required field for format.");    return -1;  }  fts3rec_compute_offsets(&fo, &ftv);  bzero(&total, sizeof total);  bzero(&ftch_recas2, sizeof ftch_recas2);   if (!(ftch = ftchash_new(65536, sizeof (struct ftchash_rec_as2), 4, 65536))) {    fterr_warnx("ftchash_new(): failed");    return -1;  }  cur.flows = 1;  while ((rec = ftio_read(&args->ftio))) {    CUR_GET_PLUS_FLOWS;    TOTAL_INC;    ftch_recas2.src_as = *((u_int16*)(rec+fo.src_as));    ftch_recas2.dst_as = *((u_int16*)(rec+fo.dst_as));    hash = (ftch_recas2.src_as) ^ (ftch_recas2.dst_as);    if (!(ftch_recas2p = ftchash_update(ftch, &ftch_recas2, hash))) {      fterr_warnx("ftch_update(): failed");      ftchash_free(ftch);      return -1;    }        STAT_INCP(ftch_recas2p);  }  chash_as2_dump(ftch, args->cc, args->sort_order, args->options,    &total, FT_PATH_SYM_ASN);      ftchash_free(ftch);  return 0;} /* format21 *//* * function: format22 * *  flows,octets,packets,duration by IP ToS * * returns 0 for success. */int format22(struct fmtargs *args){  struct fts3rec_offsets fo;  struct fopdi stat;  struct fopd total;  struct fopd32 cur;  struct ftver ftv;  char *rec;  u_int8 tos;  ftio_get_ver(&args->ftio, &ftv);  if (ftio_check_xfield(&args->ftio, FT_XFIELD_DPKTS |    FT_XFIELD_DOCTETS | FT_XFIELD_FIRST | FT_XFIELD_LAST | FT_XFIELD_TOS)) {
12345

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -