From d6bb41bedcc1ad01c7f8903f42908ee5d3061b85 Mon Sep 17 00:00:00 2001
From: Pavel Odintsov <pavel.odintsov@gmail.com>
Date: Wed, 28 Jan 2015 10:49:12 +0300
Subject: [PATCH] Provide ability to skip outgoing or incoming traffic
 precessing competely. Closes: #63

---
 fastnetmon.conf |  2 ++
 fastnetmon.cpp  | 16 ++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/fastnetmon.conf b/fastnetmon.conf
index 4caaf03..f94db6d 100644
--- a/fastnetmon.conf
+++ b/fastnetmon.conf
@@ -22,3 +22,5 @@ pcap = off
 average_calculation_time = 5
 enable_connection_tracking = off
 enable_pf_ring_zc_mode = off
+process_incoming_traffic = off
+process_outgoing_traffic = on
diff --git a/fastnetmon.cpp b/fastnetmon.cpp
index 00ec7c0..0152a6e 100644
--- a/fastnetmon.cpp
+++ b/fastnetmon.cpp
@@ -390,6 +390,9 @@ std::vector<subnet> whitelist_networks;
 // Ban enable/disable flag
 bool we_do_real_ban = true;
 
+bool process_incoming_traffic = true;
+bool process_outgoing_traffic = true;
+
 // Prototypes
 #ifdef HWFILTER_LOCKING
 void block_all_traffic_with_82599_hardware_filtering(std::string client_ip_as_string);
@@ -825,6 +828,14 @@ bool load_configuration_file() {
         }
     }
 
+    if (configuration_map.count("process_incoming_traffic") != 0) {
+        process_incoming_traffic = configuration_map[ "process_incoming_traffic" ] == "on" ? true : false;
+    }
+
+    if (configuration_map.count("process_outgoing_traffic") != 0) {
+        process_outgoing_traffic = configuration_map[ "process_outgoing_traffic" ] == "on" ? true : false;
+    }
+
     if (configuration_map.count("mirror") != 0) { 
         if (configuration_map["mirror"] == "on") {
             enable_data_collection_from_mirror = true;
@@ -1255,6 +1266,11 @@ void process_packet(simple_packet& current_packet) {
     unsigned long subnet = 0;
     direction packet_direction = get_packet_direction(current_packet.src_ip, current_packet.dst_ip, subnet);
 
+    // Skip processing of specific traffic direction
+    if ( (packet_direction == INCOMING && !process_incoming_traffic) or (packet_direction == OUTGOING && !process_outgoing_traffic) ) {
+        return;
+    }
+
     uint32_t subnet_in_host_byte_order = 0;
     // We operate in host bytes order and need to convert subnet
     if (subnet != 0) {