Ye Ol' π Shack
Empowering makers everywhere!
Ye Ol' π Shack
Empowering makers everywhere!
* Simplified Makefile. * Rebased trafficmon's app class config on iptraffic's config so all the trafficmon bits have access to the same data+MySQL login. * Added ignore logic to badtrafficrpt * Changed trafficctrl's Makefile to force C++11, since C++CMS needs it. * Version bump in DPAKmaster
| @@ -1,5 +1,6 @@ | |||
| # cm-20220225 testing controlpanel messages with symbols left in | |||
| #O=-s | |||
| CXXFLAGS=-s | |||
| LDFLAGS=-lcppdb | |||
| ### Program Targets ### | |||
| @@ -10,50 +11,28 @@ all: iptraffic trafficmon/badtrafficrpt trafficmon/dnsblacklist trafficmon/dombl | |||
| controlpanel/trafficctrl: | |||
| cd controlpanel && make trafficctrl | |||
| iptraffic: iptraffic.cpp strutil.o data.o config.o cli.o miniini.o | |||
| g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o | |||
| trafficmon/badtrafficrpt: trafficmon/badtrafficrpt.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||
| g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||
| trafficmon/dnsblacklist: trafficmon/dnsblacklist.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||
| g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||
| trafficmon/domblacklist: trafficmon/domblacklist.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||
| g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||
| trafficmon/impblack: trafficmon/impblack.cpp strutil.o cli.o miniini.o trafficmon/appbase.o | |||
| g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||
| trafficmon/trafficmon: trafficmon/trafficmon.cpp strutil.o data.o config.o cli.o miniini.o trafficmon/appbase.o | |||
| g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||
| iptraffic: iptraffic.cpp strutil.o data.o config.o cli.o miniini.o | |||
| trafficmon/badtrafficrpt: trafficmon/badtrafficrpt.cpp config.o cli.o data.o miniini.o strutil.o trafficmon/appbase.o | |||
| trafficmon/dnsblacklist: trafficmon/dnsblacklist.cpp config.o cli.o data.o miniini.o strutil.o trafficmon/appbase.o | |||
| trafficmon/domblacklist: trafficmon/domblacklist.cpp config.o cli.o data.o miniini.o strutil.o trafficmon/appbase.o | |||
| trafficmon/impblack: trafficmon/impblack.cpp strutil.o config.o cli.o data.o miniini.o trafficmon/appbase.o | |||
| trafficmon/trafficmon: trafficmon/trafficmon.cpp strutil.o data.o config.o cli.o miniini.o trafficmon/appbase.o | |||
| ### Libs ### | |||
| cli.o: cli.cpp cli.h | |||
| g++ $O -c -o $@ cli.cpp | |||
| config.o: config.cpp config.h strutil.o data.o miniini.o | |||
| g++ $O -c -o $@ config.cpp | |||
| data.o: data.cpp data.h strutil.o | |||
| g++ $O -c -o $@ data.cpp | |||
| miniini.o: miniini.cpp miniini.h strutil.o | |||
| g++ $O -c -o $@ miniini.cpp | |||
| strutil.o: strutil.cpp strutil.h | |||
| g++ $O -c -o $@ strutil.cpp | |||
| trafficmon/appbase.o: trafficmon/appbase.cpp trafficmon/appbase.h cli.o miniini.o | |||
| g++ $O -c -o $@ trafficmon/appbase.cpp | |||
| cli.o: cli.cpp cli.h | |||
| config.o: config.cpp config.h strutil.h data.h miniini.h | |||
| data.o: data.cpp data.h strutil.h | |||
| miniini.o: miniini.cpp miniini.h strutil.h | |||
| strutil.o: strutil.cpp strutil.h | |||
| trafficmon/appbase.o: trafficmon/appbase.cpp trafficmon/appbase.h config.h cli.h data.h miniini.h strutil.h | |||
| ### Source Maintenance ### | |||
| .PHONY: clean distclean | |||
| .PHONY: clean distclean docs | |||
| clean: | |||
| rm *.o */*.o || true | |||
| distclean: clean | |||
| @@ -61,3 +40,5 @@ distclean: clean | |||
| rm trafficmon/dnsblacklist trafficmon/domblacklist trafficmon/impblack || true | |||
| rm *.deb || true | |||
| cd controlpanel && make distclean | |||
| docs: | |||
| doxygen Doxyfile | |||
| @@ -1,3 +1,11 @@ | |||
| TODO | |||
| ==== | |||
| - trafficctl: wild-card whitelisting. Either just remember "accepts" or use the "*" notation. | |||
| - trafficctl: "whole domain" should only change those entries in the group being reported. What about "*". | |||
| - should probably convert to use static-linked MySQL client. C++DB has trouble with longterm connections. | |||
| - trafficctl: comment field? | |||
| BUGS | |||
| ==== | |||
| @@ -1,12 +1,8 @@ | |||
| # Optional compiler flags | |||
| #O=-std=c++11 | |||
| # Optional compiler flags - C++CMS templates need C++11 | |||
| O=-std=c++11 | |||
| trafficctrl: trafficctrl.cpp data.h ../strutil.o mainskin.o | |||
| g++ $O -o $@ $@.cpp mainskin.o ../strutil.o -lcppcms -lcppdb -lbooster | |||
| ../strutil.o: ../strutil.cpp ../strutil.h | |||
| cd .. && make strutil.o | |||
| mainskin.cxx: mainskin.tmpl | |||
| cppcms_tmpl_cc -o $@ mainskin.tmpl | |||
| mainskin.o: mainskin.cxx data.h | |||
| @@ -13,6 +13,14 @@ Copyright: . | |||
| Origin: JFP | |||
| Packaged-For: JF Possibilities, Inc. | |||
| changelog: | |||
| (0.8-1j) unstable; urgency=low | |||
| . | |||
| ** This is an alpha release ** | |||
| . | |||
| * Add [ignores] handling to badtrafficfrpt | |||
| . | |||
| -- Jon Foster <jon@jfpossibilities.com> Tue, 19 Mar 2024 12:34:33 -0700 | |||
| . | |||
| (0.7-1j) unstable; urgency=low | |||
| . | |||
| ** This is an alpha release ** | |||
| @@ -12,7 +12,7 @@ | |||
| #define __IDS_MONITOR_BASE_APP_H__ | |||
| #include <cppdb/frontend.h> | |||
| #include "../cli.h" | |||
| #include "../miniini.h" | |||
| #include "../config.h" | |||
| @@ -23,7 +23,7 @@ | |||
| // ignore the parts they aren't interested in. | |||
| ////////////////////////////////////////////////////////////////////// | |||
| struct MonitorBaseConf: public MiniINI { | |||
| struct MonitorBaseConf: public Config { | |||
| MiniINIvars traffic_mon; // This app's config variables | |||
| MonitorBaseConf() { groups["Traffic Mon"] = &traffic_mon; } | |||
| @@ -14,6 +14,15 @@ | |||
| // 1. domain name or address if a domain is not known. | |||
| // 2. list of ports that were connected to. | |||
| // 3. count of total connections | |||
| // | |||
| // 20240319 <jon@jfpossibilities.com> | |||
| // Implemented "ignores" in the report. These use the ignore section | |||
| // used by trafficrpt. But there are some oddities (so far). All | |||
| // report entries are considered to be TCP connections originating | |||
| // from 0.0.0.0 and outbound. This is a cheat to prevent | |||
| // complication in the query process. Its tempting to implement this | |||
| // in trafficmon... but that is a permanent loss of data... still | |||
| // debating. | |||
| ////////////////////////////////////////////////////////////////////// | |||
| #include <string> | |||
| #include <map> | |||
| @@ -119,14 +128,9 @@ struct ReportData: map<string,ReportLine> { | |||
| inline ostream &operator<<(ostream &out, const ReportData &r){ | |||
| return out << r.ascii(); | |||
| } | |||
| // NOTE: implementation at bottom. | |||
| namespace cppdb { | |||
| result &operator>>(result &qry, ::ReportData &rpt) { | |||
| string name, addr, port; | |||
| int ct; | |||
| qry >> name >> addr >> port >> ct; | |||
| if(name=="") name=addr; | |||
| rpt.add(name, port, ct); | |||
| } | |||
| result &operator>>(result &qry, ::ReportData &rpt); | |||
| } | |||
| @@ -207,3 +211,22 @@ struct appConnectionReport: TrafficMonBaseApp { | |||
| ////////////////////////////////////////////////////////////////////// | |||
| MAIN(appConnectionReport) | |||
| // NOTE: This needs to be down here so it knows of "app", defined by MAIN. | |||
| namespace cppdb { | |||
| result &operator>>(result &qry, ::ReportData &rpt) { | |||
| Conn rec; | |||
| int ct; | |||
| rec.us="0.0.0.0"; | |||
| rec.protocol="TCP"; | |||
| rec.in=0; | |||
| qry >> rec.name >> rec.them >> rec.them_port >> ct; | |||
| // NOTE: ignores can only work from remote addresses. | |||
| if(app.config->ignores.vals.find(rec)<0) { | |||
| if(rec.name=="") rec.name=rec.them; | |||
| rpt.add(rec.name, str(rec.them_port), ct); | |||
| } | |||
| else cerr << "ignored" << endl; | |||
| } | |||
| } | |||
| @@ -23,27 +23,12 @@ | |||
| #include <vector> | |||
| #include <map> | |||
| #include "../cli.h" | |||
| #include "../data.h" | |||
| #include "../config.h" | |||
| #include "appbase.h" | |||
| using namespace std; | |||
| ////////////////////////////////////////////////////////////////////// | |||
| // Monitor Config | |||
| ////////////////////////////////////////////////////////////////////// | |||
| struct MonitorConf: public MonitorBaseConf { | |||
| INIusList us; | |||
| MonitorConf() { groups["us"] = &us; } | |||
| }; | |||
| ////////////////////////////////////////////////////////////////////// | |||
| // Application class to store data passed in through a pipe or | |||
| // file(s). | |||
| ////////////////////////////////////////////////////////////////////// | |||
| @@ -72,8 +57,8 @@ struct TrafficMon: public TrafficMonBaseApp { | |||
| running( false), | |||
| line_no( 0) | |||
| { | |||
| config = new MonitorConf; | |||
| analyze.us = &(((MonitorConf *)config)->us.vals); | |||
| config = new MonitorBaseConf; | |||
| analyze.us = &config->us.vals; | |||
| } | |||
| @@ -265,7 +250,7 @@ restart: | |||
| int x; | |||
| try { | |||
| if(x=TrafficMonBaseApp::main()) return x; | |||
| if(!((MonitorConf*)config)->us.vals.size()) throw CLIerror( | |||
| if(!config->us.vals.size()) throw CLIerror( | |||
| "The configuration files MUST contain an [us] section with " | |||
| "appropriate values" | |||
| ); | |||
