fastnetmon-rewritten/src/map_element.hpp

#include <stdint.h>
#include <boost/serialization/nvp.hpp>

// main data structure for storing traffic and speed data for all our IPs
class map_element_t {
    public:
    map_element_t()
    : in_bytes(0), out_bytes(0), in_packets(0), out_packets(0), tcp_in_packets(0), tcp_out_packets(0),
      tcp_in_bytes(0), tcp_out_bytes(0), tcp_syn_in_packets(0), tcp_syn_out_packets(0),
      tcp_syn_in_bytes(0), tcp_syn_out_bytes(0), udp_in_packets(0), udp_out_packets(0),
      udp_in_bytes(0), udp_out_bytes(0), in_flows(0), out_flows(0), fragmented_in_packets(0),
      fragmented_out_packets(0), fragmented_in_bytes(0), fragmented_out_bytes(0),
      icmp_in_packets(0), icmp_out_packets(0), icmp_in_bytes(0), icmp_out_bytes(0) {
    }   
    uint64_t in_bytes;
    uint64_t out_bytes;
    uint64_t in_packets;
    uint64_t out_packets;

    // Fragmented traffic is so recently used for attacks
    uint64_t fragmented_in_packets;
    uint64_t fragmented_out_packets;
    uint64_t fragmented_in_bytes;
    uint64_t fragmented_out_bytes;

    // Additional data for correct attack protocol detection
    uint64_t tcp_in_packets;
    uint64_t tcp_out_packets;
    uint64_t tcp_in_bytes;
    uint64_t tcp_out_bytes;

    // Additional details about one of most popular atatck type
    uint64_t tcp_syn_in_packets;
    uint64_t tcp_syn_out_packets;
    uint64_t tcp_syn_in_bytes;
    uint64_t tcp_syn_out_bytes;

    uint64_t udp_in_packets;
    uint64_t udp_out_packets;
    uint64_t udp_in_bytes;
    uint64_t udp_out_bytes;

    uint64_t icmp_in_packets;
    uint64_t icmp_out_packets;
    uint64_t icmp_in_bytes;
    uint64_t icmp_out_bytes;

    uint64_t in_flows;
    uint64_t out_flows;

    // Is total counters fields are zero? We are not handling per protocol counters here because we assume they should
    // be counted twice
    // Once: in total counter (in_bytes) and secondly in per protocol counter (for example: udp_in_bytes)
    bool is_zero() const {
        return in_bytes == 0 && out_bytes == 0 && in_packets == 0 && out_packets == 0 && in_flows == 0 && out_flows == 0;
    }

    // Fill all counters by zeros
    void zeroify() {
        in_bytes    = 0;
        out_bytes   = 0;
        in_packets  = 0;
        out_packets = 0;

        fragmented_in_packets  = 0;
        fragmented_out_packets = 0;
        fragmented_in_bytes    = 0;
        fragmented_out_bytes   = 0;

        tcp_in_packets  = 0;
        tcp_out_packets = 0;
        tcp_in_bytes    = 0;
        tcp_out_bytes   = 0;

        tcp_syn_in_packets  = 0;
        tcp_syn_out_packets = 0;
        tcp_syn_in_bytes    = 0;
        tcp_syn_out_bytes   = 0;

        udp_in_packets  = 0;
        udp_out_packets = 0;
        udp_in_bytes    = 0;
        udp_out_bytes   = 0;

        icmp_in_packets  = 0;
        icmp_out_packets = 0;
        icmp_in_bytes    = 0;
        icmp_out_bytes   = 0;

        in_flows  = 0;
        out_flows = 0;
    }
};
Added logic to track total number of IPv6 packets 2022-03-13 23:09:35 +01:00			`#include <stdint.h>`
			`#include <boost/serialization/nvp.hpp>`

			`// main data structure for storing traffic and speed data for all our IPs`
			`class map_element_t {`
			`public:`
			`map_element_t()`
			`: in_bytes(0), out_bytes(0), in_packets(0), out_packets(0), tcp_in_packets(0), tcp_out_packets(0),`
			`tcp_in_bytes(0), tcp_out_bytes(0), tcp_syn_in_packets(0), tcp_syn_out_packets(0),`
			`tcp_syn_in_bytes(0), tcp_syn_out_bytes(0), udp_in_packets(0), udp_out_packets(0),`
			`udp_in_bytes(0), udp_out_bytes(0), in_flows(0), out_flows(0), fragmented_in_packets(0),`
			`fragmented_out_packets(0), fragmented_in_bytes(0), fragmented_out_bytes(0),`
			`icmp_in_packets(0), icmp_out_packets(0), icmp_in_bytes(0), icmp_out_bytes(0) {`
			`}`
			`uint64_t in_bytes;`
			`uint64_t out_bytes;`
			`uint64_t in_packets;`
			`uint64_t out_packets;`

			`// Fragmented traffic is so recently used for attacks`
			`uint64_t fragmented_in_packets;`
			`uint64_t fragmented_out_packets;`
			`uint64_t fragmented_in_bytes;`
			`uint64_t fragmented_out_bytes;`

			`// Additional data for correct attack protocol detection`
			`uint64_t tcp_in_packets;`
			`uint64_t tcp_out_packets;`
			`uint64_t tcp_in_bytes;`
			`uint64_t tcp_out_bytes;`

			`// Additional details about one of most popular atatck type`
			`uint64_t tcp_syn_in_packets;`
			`uint64_t tcp_syn_out_packets;`
			`uint64_t tcp_syn_in_bytes;`
			`uint64_t tcp_syn_out_bytes;`

			`uint64_t udp_in_packets;`
			`uint64_t udp_out_packets;`
			`uint64_t udp_in_bytes;`
			`uint64_t udp_out_bytes;`

			`uint64_t icmp_in_packets;`
			`uint64_t icmp_out_packets;`
			`uint64_t icmp_in_bytes;`
			`uint64_t icmp_out_bytes;`

			`uint64_t in_flows;`
			`uint64_t out_flows;`

			`// Is total counters fields are zero? We are not handling per protocol counters here because we assume they should`
			`// be counted twice`
			`// Once: in total counter (in_bytes) and secondly in per protocol counter (for example: udp_in_bytes)`
			`bool is_zero() const {`
			`return in_bytes == 0 && out_bytes == 0 && in_packets == 0 && out_packets == 0 && in_flows == 0 && out_flows == 0;`
			`}`

			`// Fill all counters by zeros`
			`void zeroify() {`
			`in_bytes = 0;`
			`out_bytes = 0;`
			`in_packets = 0;`
			`out_packets = 0;`

			`fragmented_in_packets = 0;`
			`fragmented_out_packets = 0;`
			`fragmented_in_bytes = 0;`
			`fragmented_out_bytes = 0;`

			`tcp_in_packets = 0;`
			`tcp_out_packets = 0;`
			`tcp_in_bytes = 0;`
			`tcp_out_bytes = 0;`

			`tcp_syn_in_packets = 0;`
			`tcp_syn_out_packets = 0;`
			`tcp_syn_in_bytes = 0;`
			`tcp_syn_out_bytes = 0;`

			`udp_in_packets = 0;`
			`udp_out_packets = 0;`
			`udp_in_bytes = 0;`
			`udp_out_bytes = 0;`

			`icmp_in_packets = 0;`
			`icmp_out_packets = 0;`
			`icmp_in_bytes = 0;`
			`icmp_out_bytes = 0;`

			`in_flows = 0;`
			`out_flows = 0;`
			`}`
			`};`