Beispiel #1
0
def repstate():
	log.report("status: total lifetime connections: %d" % (totconnects,))
	pids = conntrack.getpids()
	if len(pids) == 0:
		log.report("status: no active connections.")
	else:
		log.report("status: %d active connections:" % len(pids))
		pids.sort()
		# Now, this is only a snapshot, so take care here. A kid could
		# have died before we get around to pulling it.
		for pid in pids:
			try:
				pi = str(conntrack.getpid(pid))
			except KeyError:
				continue
			log.report("status: " + pi)
	# This is put at the bottom to bookend the active connection info.
	log.report("status: per IP first/last connection times entries: %d" % \
		   (hinfo.iptimessize()))
	if threadcount or threadhigh > 1:
		log.report("status: %d active rules evaluation threads (%d highwater)." % \
			   (threadcount, threadhigh))

	# totruleTime is already a float, because time.time() returns them.
	if totrules and totruleTime:
		log.report("status: average rule evaluation time over %d evals: %0.4f seconds" % (totrules, totruleTime / totrules))

	if totloops:
		log.report("status: %d loops, %d conns, %0.1f conns average" %
			   (totloops, totconns, (totconns*1.0)/totloops))
Beispiel #2
0
	# configuration file supplies a bad string that cannot be formatted.
	action = None
	try:
		action = aroot.genaction(hi, rmatch)
	except actions.BadAction, e:
		log.error("error preparing action for %s: %s" %\
			  (conninfo(hi, rmnames), str(e)))
	if not action:
		log.debug(2, "No actions for %s" % (conninfo(hi, rmnames),))
		proc.closesock(newsock)
		return
	
	# Actions have two components: messages to log, and something to
	# do. Either can be blank (hopefully both are not blank, but).
	for le in action.logmsgs:
		log.report(le)

	# Activate the action's work function (if any) in a separate
	# process and track it if necessary. We do not track the message
	# processes, since they are expected to die fast and we can do
	# without the churning of data structures in the parent.
	if action.what:
		func = whatToFunc[action.what]
		try:
			pid = proc.forkaction(newsock, func, action)
		except proc.Kaboom, e:
			log.error("Cannot start action for %s: %s" %\
				  (conninfo(hi, rmnames), str(e)))
			proc.closesock(newsock)
			return
		log.debug(2, "started PID %d for %s: %s %s" %\