Beispiel #1
0
def main():
	verbose = 0
	utc = 0

	try:
		opts, args = getopt.getopt(sys.argv[1:], 'huv')
	except getopt.GetoptError:
		print >> sys.stderr, "Invalid commandline arguments"
		usage()

	for o, a in opts:
		if o in ('-h', '--help'):
			usage()
			sys.exit(0)
		if o in ('-v', '--verbose'):
			verbose = 1
			continue
		if o in ('-u', '--utc'):
			utc = 1
			continue

	if len(args) == 0:
		print >> sys.stderr, "No log socket specified"
		usage()
	if len(args) > 1:
		print >> sys.stderr, "Too many log sockets specified"
		usage()

	if verbose:
		mask = flowd.DISPLAY_ALL
	else:
		mask = flowd.DISPLAY_BRIEF

	s = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
	s.bind(args[0])
	try:
		while 1:
			flowrec = s.recv(1024)
			flow = flowd.Flow(blob = flowrec)
			print flow.format(mask = mask, utc = utc)
	except:
		os.unlink(args[0])
		raise
Beispiel #2
0
def process_from_socket(sockpath, rrdpath):
    if not os.access(rrdpath, os.R_OK | os.W_OK):
        create_rrd(rrdpath)
    s = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
    s.bind(sockpath)
    start_time = quantise(time.time())
    flows = FlowTrack()
    try:
        while 1:
            elapsed = time.time() - start_time
            if elapsed > 0:
                select.select([s], [], [], UPDATE_RATE - elapsed)
            elapsed = time.time() - start_time
            if elapsed > UPDATE_RATE:
                flows.store_in_rrd(rrdpath)
                flows = FlowTrack()
                start_time = time.time()
                continue
            flowrec = s.recv(2048)
            flow = flowd.Flow(blob=flowrec)
            flows.update(flow)
    except:
        os.unlink(sockpath)
        raise
Beispiel #3
0
    def processFlow(self, flowrec):
        flow = flowd.Flow(blob=flowrec)

        # these seem to be backwards.. strange
        # make sure we get it right, just in case
        if flow.flow_start > flow.flow_finish:
            large = flow.flow_start
            small = flow.flow_finish
        else:
            large = flow.flow_finish
            small = flow.flow_start
        # TODO: handle wrapping, ie finish has wrapped but start has not

        flow_start_in_ms = (flow.agent_sec * 1000 +
                            flow.agent_usec) + (flow.sys_uptime_ms - large)
        flow_finish_in_ms = (flow.agent_sec * 1000 +
                             flow.agent_usec) + (flow.sys_uptime_ms - small)

        try:
            if_in = self.ifs[flow.agent_addr][flow.if_ndx_in]['type']
        except:
            if_in = None

        try:
            if_out = self.ifs[flow.agent_addr][flow.if_ndx_out]['type']
        except:
            if_out = None

        try:
            rt = self.rts[flow.agent_addr]
        except:
            rt = None

        src_rnode = None
        dst_rnode = None

        if rt is not None:
            try:
                src_rnode = rt.search_best(flow.src_addr)
            except:
                src_rnode = None

            try:
                dst_rnode = rt.search_best(flow.dst_addr)
            except:
                dst_rnode = None

        if src_rnode is not None:
            try:
                src_as_array = src_rnode.data['aspath'].value[0]
            except:
                src_as_array = None
            try:
                src_as = int(src_as_array[-1])
            except:
                src_as = None
            src_aspath = ''
            last_asn = ''
            if src_as_array is not None:
                for asn in src_as_array:
                    if asn != last_asn:
                        if src_aspath != '':
                            src_aspath += ' '
                        src_aspath += str(asn)
                    last_asn = asn
        else:
            src_aspath = None
            src_as = None

        if dst_rnode is not None:
            try:
                dst_as_array = dst_rnode.data['aspath'].value[0]
            except:
                dst_as_array = None
            try:
                dst_as = int(dst_as_array[-1])
            except:
                dst_as = None
            dst_aspath = ''
            last_asn = ''
            if dst_as_array is not None:
                for asn in dst_as_array:
                    if asn != last_asn:
                        if dst_aspath != '':
                            dst_aspath += ' '
                        dst_aspath += str(asn)
                    last_asn = asn
        else:
            dst_aspath = None
            dst_as = None

        data = {
            'flow_start': flow_start_in_ms,
            'flow_finish': flow_finish_in_ms,
            'agent': flow.agent_addr,
            'protocol': flow.protocol,
            'src_ip': flow.src_addr,
            'dst_ip': flow.dst_addr,
            'src_port': flow.src_port,
            'dst_port': flow.dst_port,
            'packets': flow.packets,
            'octets': flow.octets,
            'src_as': src_as,
            'dst_as': dst_as,
            'src_aspath': src_aspath,
            'dst_aspath': dst_aspath,
            'peer_src_as': flow.src_as,
            'peer_dst_as': flow.dst_as,
            'ifindex_in': flow.if_ndx_in,
            'ifindex_out': flow.if_ndx_out,
            'if_in': if_in,
            'if_out': if_out,
            'sampling_interval': 8192
        }

        #        try:
        self.db_cur.execute(self.insert_query, data)
        self.process.db_conn.commit()
        #       except:
        #        print sys.exc_info()
        #         import time
        #          time.sleep(600)

        self.i = self.i + 1
        if self.i % 1000 == 0:
            self.i = 0
            self.db_cur.execute(self.del_query)
            self.process.db_conn.commit()