📄 mainfrm.cpp
字号:
// MainFrm.cpp : implementation of the CMainFrame class
//
#include "stdafx.h"
#include "file_handle.h"
#include "Filter.h"
#include "database_show.h"
#include "pck_filter.h"
#include "result_show.h"
#include "safe_audit.h"
#include "MainFrm.h"
#include <pcap.h>
#include <remote-ext.h>
#include <winsock.h>
#include "data.h"
#pragma comment(lib,"wsock32")
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// CMainFrame
IMPLEMENT_DYNCREATE(CMainFrame, CFrameWnd)
BEGIN_MESSAGE_MAP(CMainFrame, CFrameWnd)
//{{AFX_MSG_MAP(CMainFrame)
ON_WM_CREATE()
ON_COMMAND(ID_FILE_OPEN, OnFileOpen)
ON_COMMAND(ID_FILTER_SET, OnFilterSet)
ON_COMMAND(ID_DATABASE_SHOW, OnDatabaseShow)
ON_COMMAND(ID_TIME_COUNT, TimeCount)
ON_COMMAND(ID_DM, Freq_count)
ON_COMMAND(ID_MACTH, OnMacth)
ON_COMMAND(ID_FILTER, OnFilter)
ON_COMMAND(ID_PRETREATMENT, Data_Pretreatment)
ON_COMMAND(ID_RESULTS, On_Results_show)
ON_WM_TIMER()
ON_COMMAND(ID_SAFE_CHECK, OnSafeCheck)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
static UINT indicators[] =
{
ID_SEPARATOR, // status line indicator
ID_INDICATOR_CAPS,
ID_INDICATOR_NUM,
ID_INDICATOR_SCRL,
ID_SHOW_TIME,
};
/////////////////////////////////////////////////////////////////////////////
// CMainFrame construction/destruction
CMainFrame::CMainFrame()
{
// TODO: add member initialization code here
}
CMainFrame::~CMainFrame()
{
}
int CMainFrame::OnCreate(LPCREATESTRUCT lpCreateStruct)
{
if (CFrameWnd::OnCreate(lpCreateStruct) == -1)
return -1;
if (!m_wndToolBar.CreateEx(this, TBSTYLE_FLAT, WS_CHILD | WS_VISIBLE | CBRS_TOP
| CBRS_GRIPPER | CBRS_TOOLTIPS | CBRS_FLYBY | CBRS_SIZE_DYNAMIC) ||
!m_wndToolBar.LoadToolBar(IDR_MAINFRAME))
{
TRACE0("Failed to create toolbar\n");
return -1; // fail to create
}
if (!m_wndStatusBar.Create(this) ||
!m_wndStatusBar.SetIndicators(indicators,
sizeof(indicators)/sizeof(UINT)))
{
TRACE0("Failed to create status bar\n");
return -1; // fail to create
}
// TODO: Delete these three lines if you don't want the toolbar to
// be dockable
m_wndToolBar.EnableDocking(CBRS_ALIGN_ANY);
EnableDocking(CBRS_ALIGN_ANY);
DockControlBar(&m_wndToolBar);
SetTimer(1,1000,NULL);
return 0;
}
BOOL CMainFrame::PreCreateWindow(CREATESTRUCT& cs)
{
if( !CFrameWnd::PreCreateWindow(cs) )
return FALSE;
// TODO: Modify the Window class or styles here by modifying
// the CREATESTRUCT cs
return TRUE;
}
/////////////////////////////////////////////////////////////////////////////
// CMainFrame diagnostics
#ifdef _DEBUG
void CMainFrame::AssertValid() const
{
CFrameWnd::AssertValid();
}
void CMainFrame::Dump(CDumpContext& dc) const
{
CFrameWnd::Dump(dc);
}
#endif //_DEBUG
/////////////////////////////////////////////////////////////////////////////
// CMainFrame message handlers
int CMainFrame::OnFileOpen()
{
// TODO: Add your command handler code here
return 1;
}
void CMainFrame::OnFilterSet()
{
// TODO: Add your command handler code here
Filter fdlg;
if(fdlg.DoModal()==IDOK)
{
}
}
void CMainFrame::OnDatabaseShow()
{
// TODO: Add your command handler code here
database_show dbdlg;
dbdlg.DoModal();
}
void CMainFrame::TimeCount() //计算通信时间
{
// TODO: Add your command handler code here
/* database_show t_count;
t_count.DBConnect();
CDBVariant varValue;
CString f_src_ip;
CString f_dst_ip;
CString day;
CRecordset rs_all(&t_count.m_db);
CRecordset rs_part(&t_count.m_db);
CTimeSpan ts;
CString strSQL;
CString b_time;
while(1)
{
rs_all.Open(CRecordset::dynaset,"select * from file_pck");
if(rs_all.GetRecordCount()!=0)
{
rs_all.MoveFirst();
rs_all.GetFieldValue(2,varValue);
f_src_ip = varValue.m_pstring->GetBuffer(1);
rs_all.GetFieldValue(3,varValue);
f_dst_ip = varValue.m_pstring->GetBuffer(1);
rs_all.Close();
rs_part.Open(CRecordset::dynaset,"select * from file_pck where f_src_ip = '" + f_src_ip + "' and f_dst_ip = '" +f_dst_ip +"' order by f_b_time desc");
//creat a new LinkList
struct LNode *L = new LNode;
L->next = NULL;
rs_part.MoveFirst();
//save the packages to the LinkList
while(!rs_part.IsEOF())
{
struct LNode *p = new LNode;
rs_part.GetFieldValue(2,varValue);
p->f_src_ip = varValue.m_pstring->GetBuffer(1);
//MessageBox(p->f_src_ip);
rs_part.GetFieldValue(3,varValue);
p->f_dst_ip = varValue.m_pstring->GetBuffer(1);
//MessageBox(p->f_dst_ip);
rs_part.GetFieldValue(7,varValue);
p->tm = CTime(varValue.m_pdate->year,varValue.m_pdate->month,varValue.m_pdate->day,
varValue.m_pdate->hour,varValue.m_pdate->minute,varValue.m_pdate->second);
p->next = L->next;
L->next = p;
rs_part.MoveNext();
}
//MessageBox("success");
rs_part.Close();
//count how long a communication continues
CString b_time;
while(L->next != NULL)
{
struct LNode *q = L->next;
struct LNode *r = L->next;
while(r->next != NULL)
{
ts = r->next->tm - r->tm;
if(ts.GetTotalSeconds() > 180)//相邻数据包的时间差超过timeout(3min)
break;
else
r = r->next;
}
//计算时间差
ts = r->tm - q->tm;
b_time = q->tm.Format("%Y-%m-%d %H:%M:%S");
//MessageBox(b_time);
//将相关的数据写入src_pck表中
strSQL.Format("insert into src_pck(src_ip,dst_ip,b_time,l_time) values('%s','%s','%s','%d')",q->f_src_ip,q->f_dst_ip,b_time,ts.GetTotalSeconds());
t_count.m_db.ExecuteSQL(strSQL);
//delete the datas having been dealed
strSQL.Format("delete from file_pck where f_src_ip = '" + f_src_ip + "' and f_dst_ip = '" + f_dst_ip + "'");
t_count.m_db.ExecuteSQL(strSQL);
//free the nodes
L->next = r->next;
if(q != r)
{
while(q->next != r)
{
struct LNode *M = q->next;
q->next = q->next->next;
delete M;
}
delete q;
delete r;
}
else
{
delete q;
}
}
delete L;
}
else
{
MessageBox("finished");
break;
}
}
t_count.m_db.Close();*/
}
void CMainFrame::Freq_count() //频繁项集的计算
{
// TODO: Add your command handler code here
database_show dm;
CDBVariant varValue;
dm.DBConnect();
CRecordset rs(&dm.m_db);
int max,min,lower,hight;
CString l_time;
CString hStr,lStr;
CTime tm;
int ltime;
//obtain the maximum and the minimum of the data from DB
rs.Open(CRecordset::dynaset,"select max(d_l_time),min(d_l_time) from dm_pck");
if(rs.GetRecordCount()!=0)
{
rs.MoveFirst();
int temp = 0;
rs.GetFieldValue(temp,varValue);
max = varValue.m_iVal;
rs.GetFieldValue(1,varValue);
min = varValue.m_iVal;
}
else
{
MessageBox("表中没有数据");
return;
}
rs.Close();
lower = min ;
do{
hight = lower + 60 ;//将数据库划分成多个小数据库,以60秒为一段
lStr.Format("%d",lower);
hStr.Format("%d",hight);
rs.Open(CRecordset::dynaset,"select d_b_time,d_l_time from dm_pck where d_l_time between '" + lStr + "' and '" + hStr + "'");
struct node *L = new node;
L->next = NULL;
if(rs.GetRecordCount()!=0)
{
struct node *p = new node;
rs.MoveFirst();
int temp = 0;
rs.GetFieldValue(temp,varValue);
p->tm = CTime(varValue.m_pdate->year,varValue.m_pdate->month,varValue.m_pdate->day,
varValue.m_pdate->hour,varValue.m_pdate->minute,varValue.m_pdate->second);
rs.GetFieldValue(1,varValue);
p->ltime = varValue.m_iVal;
p->count = 1;
p->next = L->next;
L->next = p;
rs.MoveNext();
}
else
{
rs.Close();
lower = hight;
continue;
}
while(!rs.IsEOF())//判断链表中是否有相同的<b_time,l_time>二元组
{
int temp = 0;
rs.GetFieldValue(temp,varValue);
tm = CTime(varValue.m_pdate->year,varValue.m_pdate->month,varValue.m_pdate->day,
varValue.m_pdate->hour,varValue.m_pdate->minute,varValue.m_pdate->second);
rs.GetFieldValue(1,varValue);
ltime = varValue.m_iVal;
bool same = false;
struct node *M = L->next;
while(M != NULL)
{
if((M->tm == tm)&&(M->ltime == ltime))
{
M->count = M->count +1;
same = true;
break;
}
else
M = M ->next;
}
if(!same)
{
struct node *N = new node;
N->tm = tm;
N->ltime = ltime;
N->count = 1;
N->next = L->next;
L->next = N;
}
rs.MoveNext();
}
rs.Close();
//选取计数大于2的链表节点数据保存入数据库
struct node *q = L->next;
CString sqlStr;
CString b_time;
while(q != NULL)
{
if(q->count >= 2)
{
//保存到数据库
b_time = q->tm.Format("%Y-%m-%d %H:%M:%S");
sqlStr.Format("insert into frequency values('%s','%d','%d')",b_time,q->ltime,q->count);
dm.m_db.ExecuteSQL(sqlStr);
}
q = q->next;
}
//释放链表
while(L->next != NULL)
{
struct node *temp = L->next;
L->next = L->next->next;
delete temp;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -