ChipMaster
/
Poor-Mans-IDS
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
The Poor Man's (or Woman's) Intrusion Detection System
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
133 KiB
 
 
 
 
Tree: 6a514559fa
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6a514559fa'
${ noResults }
Poor-Mans-IDS/data.h

69 lines
2.3 KiB
Raw Blame History 

  1. //////////////////////////////////////////////////////////////////////

  2. // IP traffic analyzer - data objects

  3. // Written by Jonathan A. Foster <ChipMaster@YeOlPiShack.net>

  4. // Started April 23rd, 2021

  5. // Copyright JF Possibilities, Inc. All rights reserved.

  6. //

  7. // This is useful for breaking a text file line into fields.

  8. //

  9. // 2021-05-14 <ChipMaster@YeOlPiShack.net>

  10. //   Restructure: broke out of monolithic iptraffic.cpp and made its

  11. //   own module.

  12. //////////////////////////////////////////////////////////////////////

  13. #ifndef __JFP_IPTRAFFIC_DATA_H__

  14. #define __JFP_IPTRAFFIC_DATA_H__

  15. #include <string>

  16. #include <ostream>

  17. #include <vector>

  18. #include "strutil.h"

  19. 

  20. 

  21. 

  22. //////////////////////////////////////////////////////////////////////

  23. // Network connection between "us" and "them"

  24. //////////////////////////////////////////////////////////////////////

  25. typedef unsigned short word;

  26. struct Conn {

  27.   std::string us;        // address on our side

  28.   word        us_port;   // the port on our side

  29.   std::string them;      // address on their side

  30.   word        them_port; // the port on their side

  31.   std::string name;      // name of the address

  32.   std::string protocol;  // protocol used to communicate

  33.   bool        in;        // whether this was an inward bound connection.

  34. 

  35.   Conn(): us_port(0), them_port(0), in(false) {}

  36.   // clear data

  37.   void clear();

  38.   // swap polarity of record

  39.   void swap();

  40.   // scan & copy data from log record in

  41.   Conn &operator=(const Splits &sp);

  42.   // compare to another Conn

  43.   int cmp(const Conn &gtr) const;

  44.   inline bool  operator<(const Conn &gtr) const { return cmp(gtr) <0; }

  45.   inline bool operator<=(const Conn &gtr) const { return cmp(gtr)<=0; }

  46.   inline bool  operator>(const Conn &gtr) const { return cmp(gtr) >0; }

  47.   inline bool operator>=(const Conn &gtr) const { return cmp(gtr)>=0; }

  48.   inline bool operator==(const Conn &gtr) const { return cmp(gtr)==0; }

  49.   inline bool operator!=(const Conn &gtr) const { return cmp(gtr)!=0; }

  50. };

  51. // A text output of Conn

  52. std::ostream &operator<<(std::ostream &out, const Conn &c);

  53. // Copy data from Splits into Conn

  54. const Splits &operator>>(const Splits &tsv, Conn &conn);

  55. 

  56. 

  57. 

  58. //////////////////////////////////////////////////////////////////////

  59. // List of connections

  60. //////////////////////////////////////////////////////////////////////

  61. 

  62. struct ConnList: public std::vector<Conn> {

  63.   int find(Conn &needle);

  64. };

  65. 

  66. 

  67. 

  68. #endif