wanderer/ fastnetmon-rewritten
1
0
Fork 0
mirror of https://github.com/pavel-odintsov/fastnetmon synced 2024-06-15 06:06:17 +02:00
Code Issues Releases Activity

Reworked total traffic counters to use unified class total_speed_counters_t

This commit is contained in:
Pavel Odintsov 2022-10-04 20:08:13 +02:00
parent bf9a378f5d
commit f7b7e2c876
4 changed files with 61 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/fast_library.hpp
View File

@ -144,3 +144,13 @@ bool get_cpu_flags(std::vector<std::string>& flags);
bool get_linux_distro_name(std::string& distro_name);
bool get_linux_distro_version(std::string& distro_name);
bool get_kernel_version(std::string& kernel_version);
bool execute_web_request(const std::string& address_param,
const std::string& request_type,
const std::string& post_data,
uint32_t& response_code,
std::string& response_body,
const std::map<std::string, std::string>& headers,
std::string& error_text);
unsigned int get_total_memory();
std::string get_cpu_model();

23
src/fastnetmon.cpp
View File

@ -307,15 +307,8 @@ log4cpp::Category& logger = log4cpp::Category::getRoot();
/* Configuration block ends */
// We count total number of incoming/outgoing/internal and other traffic type packets/bytes
// And initilize by 0 all fields
total_counter_element_t total_counters[4];
total_counter_element_t total_speed_counters[4];
total_counter_element_t total_speed_average_counters[4];
// IPv6 versions of total counters
total_counter_element_t total_counters_ipv6[4];
total_counter_element_t total_speed_counters_ipv6[4];
total_counter_element_t total_speed_average_counters_ipv6[4];
total_speed_counters_t total_counters_ipv4;
total_speed_counters_t total_counters_ipv6;
// Total amount of non parsed packets
uint64_t total_unparsed_packets = 0;
@ -1567,18 +1560,6 @@ int main(int argc, char** argv) {
lookup_tree_ipv6 = New_Patricia(128);
whitelist_tree_ipv6 = New_Patricia(128);
// nullify total counters
for (int index = 0; index < 4; index++) {
total_counters[index].bytes = 0;
total_counters[index].packets = 0;
total_speed_counters[index].bytes = 0;
total_speed_counters[index].packets = 0;
total_speed_average_counters[index].bytes = 0;
total_speed_average_counters[index].packets = 0;
}
/* Create folder for attack details */
if (!folder_exists(fastnetmon_platform_configuration.attack_details_folder)) {
logger << log4cpp::Priority::ERROR

71
src/fastnetmon_logic.cpp
View File

@ -89,12 +89,8 @@ extern bool enable_netflow_collection;
extern bool enable_pcap_collection;
extern uint64_t incoming_total_flows_speed;
extern uint64_t outgoing_total_flows_speed;
extern total_counter_element_t total_counters[4];
extern total_counter_element_t total_speed_counters[4];
extern total_counter_element_t total_speed_average_counters[4];
extern total_counter_element_t total_counters_ipv6[4];
extern total_counter_element_t total_speed_counters_ipv6[4];
extern total_counter_element_t total_speed_average_counters_ipv6[4];
extern total_speed_counters_t total_counters_ipv4;
extern total_speed_counters_t total_counters_ipv6;
extern host_group_ban_settings_map_t host_group_ban_settings_map;
extern bool exabgp_announce_whole_subnet;
extern subnet_to_host_group_map_t subnet_to_host_groups;
@ -1733,8 +1729,8 @@ void store_data_in_mongo(std::string key_name, std::string attack_details_json)
// pretty print channel speed in pps and MBit
std::string print_channel_speed(std::string traffic_type, direction_t packet_direction) {
uint64_t speed_in_pps = total_speed_average_counters[packet_direction].packets;
uint64_t speed_in_bps = total_speed_average_counters[packet_direction].bytes;
uint64_t speed_in_pps = total_counters_ipv4.total_speed_average_counters[packet_direction].packets;
uint64_t speed_in_bps = total_counters_ipv4.total_speed_average_counters[packet_direction].bytes;
unsigned int number_of_tabs = 1;
// We need this for correct alignment of blocks
@ -2303,45 +2299,46 @@ void recalculate_speed() {
total_unparsed_packets_speed = uint64_t((double)total_unparsed_packets / (double)speed_calc_period);
total_unparsed_packets = 0;
// Calculate IPv4 total traffic speed
for (unsigned int index = 0; index < 4; index++) {
total_speed_counters[index].bytes = uint64_t((double)total_counters[index].bytes / (double)speed_calc_period);
total_counters_ipv4.total_speed_counters[index].bytes = uint64_t((double)total_counters_ipv4.total_counters[index].bytes / (double)speed_calc_period);
total_speed_counters[index].packets = uint64_t((double)total_counters[index].packets / (double)speed_calc_period);
total_counters_ipv4.total_speed_counters[index].packets = uint64_t((double)total_counters_ipv4.total_counters[index].packets / (double)speed_calc_period);
double exp_power = -speed_calc_period / average_calculation_amount;
double exp_value = exp(exp_power);
total_speed_average_counters[index].bytes =
uint64_t(total_speed_counters[index].bytes + exp_value * ((double)total_speed_average_counters[index].bytes -
(double)total_speed_counters[index].bytes));
total_counters_ipv4.total_speed_average_counters[index].bytes =
uint64_t(total_counters_ipv4.total_speed_counters[index].bytes + exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].bytes -
(double)total_counters_ipv4.total_speed_counters[index].bytes));
total_speed_average_counters[index].packets =
uint64_t(total_speed_counters[index].packets + exp_value * ((double)total_speed_average_counters[index].packets -
(double)total_speed_counters[index].packets));
total_counters_ipv4.total_speed_average_counters[index].packets =
uint64_t(total_counters_ipv4.total_speed_counters[index].packets + exp_value * ((double)total_counters_ipv4.total_speed_average_counters[index].packets -
(double)total_counters_ipv4.total_speed_counters[index].packets));
// nullify data counters after speed calculation
total_counters[index].bytes = 0;
total_counters[index].packets = 0;
total_counters_ipv4.total_counters[index].bytes = 0;
total_counters_ipv4.total_counters[index].packets = 0;
}
// Do same for IPv6
for (unsigned int index = 0; index < 4; index++) {
total_speed_counters_ipv6[index].bytes = uint64_t((double)total_counters_ipv6[index].bytes / (double)speed_calc_period);
total_speed_counters_ipv6[index].packets = uint64_t((double)total_counters_ipv6[index].packets / (double)speed_calc_period);
total_counters_ipv6.total_speed_counters[index].bytes = uint64_t((double)total_counters_ipv6.total_counters[index].bytes / (double)speed_calc_period);
total_counters_ipv6.total_speed_counters[index].packets = uint64_t((double)total_counters_ipv6.total_counters[index].packets / (double)speed_calc_period);
double exp_power = -speed_calc_period / average_calculation_amount;
double exp_value = exp(exp_power);
total_speed_average_counters_ipv6[index].bytes = uint64_t(
total_speed_counters_ipv6[index].bytes + exp_value * ((double)total_speed_average_counters_ipv6[index].bytes -
(double)total_speed_counters_ipv6[index].bytes));
total_counters_ipv6.total_speed_average_counters[index].bytes = uint64_t(
total_counters_ipv6.total_speed_counters[index].bytes + exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].bytes -
(double)total_counters_ipv6.total_speed_counters[index].bytes));
total_speed_average_counters_ipv6[index].packets = uint64_t(
total_speed_counters_ipv6[index].packets + exp_value * ((double)total_speed_average_counters_ipv6[index].packets -
(double)total_speed_counters_ipv6[index].packets));
total_counters_ipv6.total_speed_average_counters[index].packets = uint64_t(
total_counters_ipv6.total_speed_counters[index].packets + exp_value * ((double)total_counters_ipv6.total_speed_average_counters[index].packets -
(double)total_counters_ipv6.total_speed_counters[index].packets));
// nullify data counters after speed calculation
total_counters_ipv6[index].zeroify();
total_counters_ipv6.total_counters[index].zeroify();
}
// Set time of previous startup
@ -2630,13 +2627,13 @@ void process_packet(simple_packet_t& current_packet) {
get_packet_direction_ipv6(lookup_tree_ipv6, current_packet.src_ipv6, current_packet.dst_ipv6, ipv6_cidr_subnet);
#ifdef USE_NEW_ATOMIC_BUILTINS
__atomic_add_fetch(&total_counters_ipv6[current_packet.packet_direction].packets, sampled_number_of_packets, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters_ipv6[current_packet.packet_direction].bytes, sampled_number_of_bytes, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters_ipv6.total_counters[current_packet.packet_direction].packets, sampled_number_of_packets, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters_ipv6.total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_ipv6_packets, 1, __ATOMIC_RELAXED);
#else
__sync_fetch_and_add(&total_counters_ipv6[current_packet.packet_direction].packets, sampled_number_of_packets);
__sync_fetch_and_add(&total_counters_ipv6[current_packet.packet_direction].bytes, sampled_number_of_bytes);
__sync_fetch_and_add(&total_counters_ipv6.total_counters[current_packet.packet_direction].packets, sampled_number_of_packets);
__sync_fetch_and_add(&total_counters_ipv6.total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes);
__sync_fetch_and_add(&total_ipv6_packets, 1);
#endif
@ -2749,11 +2746,11 @@ void process_packet(simple_packet_t& current_packet) {
*/
#ifdef USE_NEW_ATOMIC_BUILTINS
__atomic_add_fetch(&total_counters[current_packet.packet_direction].packets, sampled_number_of_packets, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters_ipv4.total_counters[current_packet.packet_direction].packets, sampled_number_of_packets, __ATOMIC_RELAXED);
__atomic_add_fetch(&total_counters_ipv4.total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes, __ATOMIC_RELAXED);
#else
__sync_fetch_and_add(&total_counters[current_packet.packet_direction].packets, sampled_number_of_packets);
__sync_fetch_and_add(&total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes);
__sync_fetch_and_add(&total_counters_ipv4.total_counters[current_packet.packet_direction].packets, sampled_number_of_packets);
__sync_fetch_and_add(&total_counters_ipv4.total_counters[current_packet.packet_direction].bytes, sampled_number_of_bytes);
#endif
// Try to find map key for this subnet
@ -3134,8 +3131,8 @@ void increment_outgoing_flow_counters(map_of_vector_counters_for_flow_t& SubnetV
// pretty print channel speed in pps and MBit
std::string print_channel_speed_ipv6(std::string traffic_type, direction_t packet_direction) {
uint64_t speed_in_pps = total_speed_average_counters_ipv6[packet_direction].packets;
uint64_t speed_in_bps = total_speed_average_counters_ipv6[packet_direction].bytes;
uint64_t speed_in_pps = total_counters_ipv6.total_speed_average_counters[packet_direction].packets;
uint64_t speed_in_bps = total_counters_ipv6.total_speed_average_counters[packet_direction].bytes;
unsigned int number_of_tabs = 3;

15
src/fastnetmon_types.hpp
View File

@ -178,6 +178,21 @@ class total_counter_element_t {
}
};
// Set of structures for calculating total traffic counters
class total_speed_counters_t {
public:
total_counter_element_t total_counters[4];
total_counter_element_t total_speed_counters[4];
total_counter_element_t total_speed_average_counters[4];
template <class Archive> void serialize(Archive& ar, [[maybe_unused]] const unsigned int version) {
ar& BOOST_SERIALIZATION_NVP(total_counters);
ar& BOOST_SERIALIZATION_NVP(total_speed_counters);
ar& BOOST_SERIALIZATION_NVP(total_speed_average_counters);
}
};
// structure with attack details
class attack_details_t : public subnet_counter_t {
public: