📄 spalarm.c
字号:
return 1;
return 0;
}
//判断流量是否超出
int IsOverStep(int i)
{
int tlen = 0;
long flow_t = 0;
char sql[1024];
int cFlag = -1;
int ret = -1;
char time_begin[20], time_end[20];
MYSQL SmartQoS;
MYSQL_RES *res;
MYSQL_ROW row;
memset(sql,0,sizeof(sql));
memset(time_begin, 0, sizeof(time_begin));
memset(time_end, 0, sizeof(time_end));
switch(atoi(sp_control_table[i].direction)){//1表示in 即外部流入;0表示out 即内部流出;2表示双向
case 0:
sprintf(sql, "select sum(out_bytes) from hisflux_ip where ");
break;
case 1:
sprintf(sql, "select sum(in_bytes) from hisflux_ip where ");
break;
case 2:
sprintf(sql, "select sum(in_bytes+out_bytes) from hisflux_ip where ");
break;
default:
return -1;
}
unsigned char tip[16],tmask[16];
unsigned int nip,nmask,saddr1,saddr2;
memset(tip,0,sizeof(tip));
memset(tmask,0,sizeof(tmask));
sscanf(sp_control_table[i].ip,"%d.%d.%d.%d",(int*)&tip[0],(int*)&tip[1],(int*)&tip[2],(int*)&tip[3]);
sscanf(sp_control_table[i].mask,"%d.%d.%d.%d",(int*)&tmask[0],(int*)&tmask[1],(int*)&tmask[2],(int*)&tmask[3]);
memcpy(&nip,tip,4);
memcpy(&nmask,tmask,4);
saddr1 = nip & nmask;
saddr2 = saddr1 | (~nmask);
char sql_temp[128];
memset(sql_temp, 0, sizeof(sql_temp));
// sprintf(sql_temp, "ip=%u , saddr>=%u and saddr<=%u ", ntohl(inet_addr(sp_control_table[i].ip)),ntohl(saddr1),ntohl(saddr2));
// tests(sql_temp);
memset(sql_temp, 0, sizeof(sql_temp));
sprintf(sql_temp, "saddr>=%u and saddr<=%u ",ntohl(saddr1),ntohl(saddr2));
strcat(sql, sql_temp);
//atoi(sp_control_table[i].stattype) ------统计方式 0:每周 1:每月 2:每年
get_time_begin_end(atoi(sp_control_table[i].stattype), i, time_begin, time_end);
strcat(sql," and cjtime>= '");
strcat(sql,time_begin);
strcat(sql,"' and cjtime<= '");
strcat(sql,time_end);
strcat(sql,"'");
tests(sql);
mysql_init(&SmartQoS);
cFlag = (int)mysql_real_connect(&SmartQoS,DB_HOST_NAME,DB_USER_NAME,DB_USER_PWD,DB_DBAS_NAME,(unsigned int)mysql_port,(const char*)NULL,(unsigned int)0);
if(cFlag)
{
ret = mysql_real_query(&SmartQoS,sql,strlen(sql));
if (ret == 0)
{
res = mysql_store_result(&SmartQoS) ;
tlen = (int) mysql_num_rows(res);
if (tlen <= 0)
{
mysql_free_result(res);
mysql_close(&SmartQoS);
return -1;
}
row = mysql_fetch_row(res);
if(row[0] != NULL)
{//比较数值并处理 查询的数值需要/1024转换成MB
flow_t = atol(row[0])/1024;
setting_flow = atoi(sp_control_table[i].flow);
now_flow =(unsigned long long)flow_t;
if(flow_t>=atol(sp_control_table[i].flow))
{
mysql_free_result(res);
mysql_close(&SmartQoS);
return 1;//超出流量阀值
}
else
{
mysql_free_result(res);
mysql_close(&SmartQoS);
return 0;//未超出流量阀值
}
}
else
{
mysql_free_result(res);
mysql_close(&SmartQoS);
return 0;//未超出流量阀值
}
}
else
{
mysql_close(&SmartQoS);
return -1;
}
}
else
{//无法连接数据库 跳出
return -1;
}
return -1;
}
int DeleteFluxControl(char *id)
{
char sql[120];
int cFlag = -1;
MYSQL SmartQoS;
memset(sql,0,sizeof(sql));
sprintf(sql,"delete from Control where id=%s", id);
mysql_init(&SmartQoS);
cFlag = (int)mysql_real_connect(&SmartQoS,DB_HOST_NAME,DB_USER_NAME,DB_USER_PWD,DB_DBAS_NAME,(unsigned int)mysql_port,(const char*)NULL,(unsigned int)0);
if(cFlag)
{
int ret = mysql_real_query(&SmartQoS,sql,strlen(sql));
if (ret == 0)
{
mysql_close(&SmartQoS);
return 1;
}
else
{
mysql_close(&SmartQoS);
return -1;
}
}
return -1;
}
int InquiriesFlow(void)//流量查询 返回查询是否失败-1,是否需要阻断1(阻断):0(不阻断)
{
int i , j, exist, firecount = 0;
int firewallid = 0;
char buff[13];
interdiction_tablecount = 0;
memset(sp_interdiction_table, 0, sizeof(sp_interdiction_table));
memset(now, 0, sizeof(now));
get_ctime(now);
for (i=0;i<tablecount;i++)
{
exist = 0;
memset(buff,0,sizeof(buff));
//当前时间不在该策略生效时间范围之内
if (comparetime(now, sp_control_table[i].time_e)>0)
{
int ret = -1;
ret = DeleteFluxControl(sp_control_table[i].id);//删除该流量策略
if (ret > 0)
{
if (memcmp(sp_control_table[i].firewallid, "", strlen(sp_control_table[i].firewallid)) != 0 && memcmp(sp_control_table[i].firewallid, "0", strlen(sp_control_table[i].firewallid)) != 0)
{
ret = DeleteToFirewall(i);//删除防火墙策略
if (ret > 0)
firecount++;
}
}
continue;
}
if (memcmp(sp_control_table[i].state, "3", strlen(sp_control_table[i].state)) == 0)//该策略被释放
{
continue;
}
for(j=0; j<interdiction_tablecount; j++)
{
if ( memcmp(sp_control_table[i].ip, sp_interdiction_table[j].ip, 16) == 0 //IP相同
&& memcmp(sp_control_table[i].mask, sp_interdiction_table[j].mask, 16)== 0//网络掩码相同
&& memcmp(sp_control_table[i].direction, sp_interdiction_table[j].direction, 2)== 0//流量方向相同
&& istimeacross(i, j) == 1//时间范围交叉
)
exist = 1;
}
int_tests("exist ", exist);
if (exist == 0)//在此之前该IP、同方向、同时间范围内没有其他流量策略生效过
{
int result = IsOverStep(i);//判断流量是否超出,1:超出, 0:未超出, -1:查询错误
int_tests("result ", result);
if (result > 0)//超出
{
//该IP还未被阻断
if (atoi(sp_control_table[i].state) == 1
&&( memcmp(sp_control_table[i].firewallid, "", strlen(sp_control_table[i].firewallid)) == 0 || memcmp(sp_control_table[i].firewallid, "0", strlen(sp_control_table[i].firewallid)) == 0 ))
{
//增加阻断策略
if (memcmp(sp_control_table[i].direction, "2", strlen(sp_control_table[i].direction))==0)
{
int fire1, fire2;
fire1 = NoticeToFirewall(sp_control_table[i].ip,sp_control_table[i].mask,"0");
fire2 = NoticeToFirewall(sp_control_table[i].ip,sp_control_table[i].mask,"1");
firewallid=100;
sprintf(buff, "%d-%d", fire1, fire2);
}
else
{
firewallid = NoticeToFirewall(sp_control_table[i].ip,sp_control_table[i].mask,sp_control_table[i].direction);
sprintf(buff,"%d",firewallid);
}
if(firewallid>0){
ModifyDB(1, sp_control_table[i].id,buff);//更新Control表,为该纪录添加防火墙ID并设置State=0
firecount=firecount+1;
SetDBTable(1,sp_control_table[i].ip, sp_control_table[i].mask, atoi(sp_control_table[i].direction), setting_flow, now_flow);//向告警信息表添加告警信息
AddFlag(i);//增加生效标记
}
}
else//该IP已经被阻断
AddFlag(i);//增加生效标记
}
else if (result == 0)//未超出
{
if (atoi(sp_control_table[i].state) == 1 )
AddFlag(i);//增加生效标记
else//该IP已经被阻断
{
int ret = DeleteToFirewall(i);
if (ret > 0)
{
strcpy(buff, "0");
ModifyDB(2, sp_control_table[i].id, buff);//更新Control表,为该纪录删除防火墙ID(firewallid=0)并设置State=1
firecount=firecount+1;
AddFlag(i);//增加生效标记
}
}
}
else
{
continue;
}
}
else//在此之前该IP、同方向、同时间范围内有其他流量策略生效过
{
//该流量策略没有向防火墙阻断表里添加过纪录
if (atoi(sp_control_table[i].state) == 1
&&( memcmp(sp_control_table[i].firewallid, "", strlen(sp_control_table[i].firewallid)) == 0 || memcmp(sp_control_table[i].firewallid, "0", strlen(sp_control_table[i].firewallid)) == 0 ))
{
continue;
}
else
{
int ret = DeleteToFirewall(i);
if (ret > 0)
{
strcpy(buff, "0");
ModifyDB(2, sp_control_table[i].id, buff);//更新Control表,为该纪录删除防火墙ID(firewallid=0)并设置State=1
firecount=firecount+1;
}
}
}
}
if(firecount>0)
Setrun();//防火墙策略生效
return 1;
}
//防火墙策略生效
int Setrun(void)
{
int result,elen;
char sendbuf[255];
memset(sendbuf,0,sizeof(sendbuf));
sendbuf[0]=0x7e;
sendbuf[1]=0x4f;
sendbuf[2]=0x00;
sendbuf[3]=0x00;
sendbuf[4]=0x00;
sendbuf[5]=0x4e;
sendbuf[6]=0x78;
strncpy(&sendbuf[7+0],".admin.",24);
strncpy(&sendbuf[7+24],"setup",50);
memcpy(&sendbuf[6+75],"1",1);
sendbuf[6+76]=0x7e;
elen=83;
result=ClientToServer(sendbuf,elen,16551,1,1);
return 0;
}
//删除防火墙策略
int DeleteToFirewall(int i)
{
int result,elen;
char sendbuf[512];
memset(sendbuf,0,sizeof(sendbuf));
if (memcmp(sp_control_table[i].direction,"2", strlen(sp_control_table[i].direction))==0)
{
int fire1,fire2;
sscanf(sp_control_table[i].firewallid, "%d-%d", &fire1,&fire2);
char str_fire1[11], str_fire2[11];
memset(str_fire1, 0, sizeof(str_fire1));
memset(str_fire2, 0, sizeof(str_fire2));
sprintf(str_fire1, "%d", fire1);
sprintf(str_fire2, "%d", fire2);
sendbuf[0]=0x7e;
sendbuf[1]=0x56;
sendbuf[2]=0x00;
sendbuf[3]=0x00;
sendbuf[4]=0x00;
sendbuf[5]=0x4e;
sendbuf[6]=0x77;
strncpy(&sendbuf[7+0],".admin.",7);
strncpy(&sendbuf[7+24],"setup",5);
strncpy(&sendbuf[6+75],str_fire1,6);
memcpy(&sendbuf[6+81],"0",1);
memcpy(&sendbuf[6+82],"0",1);
sendbuf[6+83]=0x7e;
elen=90;
result=ClientToServer(sendbuf,elen,16551,1,1);
if(result<=0){
return 0;
}
else{
memset(sendbuf,0,sizeof(sendbuf));
sendbuf[0]=0x7e;
sendbuf[1]=0x56;
sendbuf[2]=0x00;
sendbuf[3]=0x00;
sendbuf[4]=0x00;
sendbuf[5]=0x4e;
sendbuf[6]=0x77;
strncpy(&sendbuf[7+0],".admin.",7);
strncpy(&sendbuf[7+24],"setup",5);
strncpy(&sendbuf[6+75],str_fire2,6);
memcpy(&sendbuf[6+81],"0",1);
memcpy(&sendbuf[6+82],"0",1);
sendbuf[6+83]=0x7e;
elen=90;
result=ClientToServer(sendbuf,elen,16551,1,1);
if(result<=0){
return 0;
}
else{
return result;
}
}
}
else
{
sendbuf[0]=0x7e;
sendbuf[1]=0x56;
sendbuf[2]=0x00;
sendbuf[3]=0x00;
sendbuf[4]=0x00;
sendbuf[5]=0x4e;
sendbuf[6]=0x77;
strncpy(&sendbuf[7+0],".admin.",7);
strncpy(&sendbuf[7+24],"setup",5);
strncpy(&sendbuf[6+75],sp_control_table[i].firewallid,6);
memcpy(&sendbuf[6+81],"0",1);
memcpy(&sendbuf[6+82],"0",1);
sendbuf[6+83]=0x7e;
elen=90;
result=ClientToServer(sendbuf,elen,16551,1,1);
if(result<=0){
return 0;
}
else{
return result;
}
}
return 0;
}
//增加防火墙策略
int NoticeToFirewall(char *ip,char *mask,char *direct)
{
int result,elen;
char sendbuf[512];
char prcvbuf[512];
char filewallid[20];
memset(sendbuf,0,sizeof(sendbuf));
memset(prcvbuf,0,sizeof(prcvbuf));
memset(filewallid,0,sizeof(filewallid));
sendbuf[0]=0x7e;
sendbuf[1]=0xb6;
sendbuf[2]=0x01;
sendbuf[3]=0x00;
sendbuf[4]=0x00;
sendbuf[5]=0x4e;
sendbuf[6]=0x74;
strncpy(&sendbuf[7+0],".admin.",7);//24
strncpy(&sendbuf[7+24],"setup",5);//50
strncpy(&sendbuf[6+75],"0",1); //10
memcpy(&sendbuf[6+85],ip,20); //20
memcpy(&sendbuf[6+105],mask,20);//20
memcpy(&sendbuf[6+125],"0",1); //10
memcpy(&sendbuf[6+135],"0",1); //10
memcpy(&sendbuf[6+145],"0",1); //10
memcpy(&sendbuf[6+155],"0",1); //20
memcpy(&sendbuf[6+175],"0",1); //20
memcpy(&sendbuf[6+195],"0",1); //20
memcpy(&sendbuf[6+215],"0",1); //10
memcpy(&sendbuf[6+225],"0",1); //10
memcpy(&sendbuf[6+235],"0",1); //10
memcpy(&sendbuf[6+245],"0",1); //20
switch(atoi(direct)){
case 0:
memcpy(&sendbuf[6+265],"0",1);//1
break;
default:
memcpy(&sendbuf[6+265],"1",1);//1
break;
}
memcpy(&sendbuf[6+266],"1",1); //1
memcpy(&sendbuf[6+267],"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",168); //168
sendbuf[6+435]=0x7e;
elen=442;
//result=ClientToServer(sendbuf,elen,16551,1,1);
result=General_CreatSocket_SendData_GetData(sendbuf, elen, prcvbuf, 16551,1,1);
if(result<=0){
return 0;
}
else{
memcpy(filewallid, &prcvbuf[Max_Rec_DataBegin_Index+2+1], 6);
return atoi(filewallid);
}
return 0;
}
int ClientToServer(char *sendbuf,int sendbuf_len,int server_port,int server_index,int timeout)
{
char rcvbuf[256*5+1];
memset(rcvbuf,0,sizeof(rcvbuf));
return General_CreatSocket_SendData_GetData(sendbuf,sendbuf_len,rcvbuf,server_port,server_index,timeout);
}
int General_CreatSocket_SendData_GetData(char *sendbuf,int sendlen,char *prcvbuf,int server_port,int server_index,int timeout)
{
int nRet;
int sockfd;
nRet = General_CreatSocket_SendData(&sockfd,sendbuf,sendlen,server_port,server_index,timeout);
if (nRet != 1){
return 0;
}
nRet = General_Only_GetData(&sockfd,prcvbuf,timeout);
if (nRet > 0){
close(sockfd);
return nRet;
}
else{
return 0;
}
}
int General_CreatSocket_SendData(int *sockfd,char *sendbuf,int sendlen,int server_port,int server_index,int timeout)
{
int nRet;
nRet = General_CreatSocket(sockfd,server_port,server_index);
if (nRet != 1){
return nRet;
}
return General_Only_SendData(sockfd,sendbuf,sendlen,timeout);
}
int General_Only_SendData(int *sockfd,char *sendbuf,int sendlen,int timeout)
{
int writebytes,nRet,maxfdp;
fd_set my_writefd;
struct timeval Timeout;
Timeout.tv_sec = MSG_Server_Timeout*timeout;
Timeout.tv_usec = 0;
FD_ZERO(&my_writefd);
FD_SET(*sockfd, &my_writefd);
maxfdp=*sockfd+1;
nRet = select(maxfdp,NULL, &my_writefd, NULL, &Timeout);
if(nRet<=0) {
close(*sockfd);
return __Message_Id_102;
}
//write
//显示
#ifdef CM_SHOW_SEND_SERVER_DATA
// xml_s();
// xml_cmd(sendbuf,sendlen);
// xml_e(__Message_Id_109,0);
return __Message_Id_109;
#else
writebytes=write(*sockfd,sendbuf,sendlen);
if(writebytes<=0) {
close(*sockfd);
return __Message_Id_103;
}
return 1;
#endif
}
int General_CreatSocket(int *sockfd,int server_port,int server_index)
{
int nRet;
struct sockaddr_in address;
*sockfd=socket(AF_INET,SOCK_STREAM,0);
address.sin_family=AF_INET;
address.sin_addr.s_addr=inet_addr(getServer_Ip(server_index));
address.sin_port=htons(server_port);
nRet=connect(*sockfd,(struct sockaddr *)&address,sizeof(address));
if(nRet==-1){
return __Message_Id_101;
}
return 1;
}
char * getServer_Ip(int server_index)
{
return "127.0.0.1";
}
int General_Only_GetData(int *sockfd,char *prcvbuf,int timeout)
{
int readbytes,nRet=0,maxfdp;
char rcvbuf[Max_Rec_Size+1];
char temp[20];
fd_set my_readfd;
struct timeval Timeout;
Timeout.tv_sec = MSG_Server_Timeout*timeout;
Timeout.tv_usec = 0;
FD_ZERO(&my_readfd);
FD_SET(*sockfd, &my_readfd);
maxfdp=*sockfd+1;
nRet = select(maxfdp, &my_readfd,NULL, NULL, &Timeout);
if(nRet<=0) {
close(*sockfd);
return __Message_Id_104;
}
//read
memset(rcvbuf,0,sizeof(rcvbuf));
readbytes = read(*sockfd,rcvbuf,sizeof(rcvbuf));
if(readbytes<=0 || readbytes>Max_Rec_Size) {
close(*sockfd);
return __Message_Id_105;
}
//
#ifdef CM_SHOW_RECEIVE_SERVER_DATA
// xml_cmd(rcvbuf,readbytes);
return __Message_Id_109;
#else
if(rcvbuf[0] !=0x7e /**/ || rcvbuf[3+(int) ( (rcvbuf[1] >= 0 ? rcvbuf[1] :256 + rcvbuf[1]) +((rcvbuf[2] >= 0 ? rcvbuf[2] :256 + rcvbuf[2]) <<8))] !=0x7e /*妫⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -