Merge pull request #115 from lcywoodlucy/master

add flie
Netis · Sep 16, 2021 · 909a83e · 909a83e
2 parents 4638e95 + 058da54
commit 909a83e
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 15 deletions.
diff --git a/src/pcaphandler.cpp b/src/pcaphandler.cpp
@@ -13,12 +13,21 @@
 #include "agent_status.h"
 #include "vlan.h"
 
-PcapHandler::PcapHandler() {
+PcapHandler::PcapHandler(std::string dumpDir, int16_t dumpInterval):
+    _dumpDir(dumpDir),
+    _dumpInterval(dumpInterval) {
     _gre_count = 0;
     _gre_drop_count = 0;
     _pcap_handle = NULL;
     _pcap_dumpter = NULL;
-    _need_update_status = 0;
+
+    if (dumpInterval != -1) {
+        _dumpDir = dumpDir + "/";
+        _timeStamp = std::chrono::system_clock::to_time_t(std::chrono::system_clock::now());
+        if(!boost::filesystem::is_directory(_dumpDir))
+            boost::filesystem::create_directories(_dumpDir);
+    }
+
     std::memset(_errbuf, 0, sizeof(_errbuf));
 }
 
@@ -29,7 +38,18 @@ PcapHandler::~PcapHandler() {
 
 int PcapHandler::openPcapDumper(pcap_t* pcap_handle) {
     closePcapDumper();
-    std::string filepath = "pktminer_dump.pcap";
+    char date[60] = {0};
+    std::string filepath;
+    if (_dumpInterval >0) {
+        struct tm* ptm = localtime(&_timeStamp);
+        sprintf(date, "%d%02d%02d%02d%02d%02d",
+                (int)ptm->tm_year + 1900,(int)ptm->tm_mon + 1,(int)ptm->tm_mday,
+                (int)ptm->tm_hour, (int)ptm->tm_min, (int)ptm->tm_sec);
+        filepath = _dumpDir + "pktminerg_dump_"+std::string(date) + ".pcap";
+    }
+    else {
+        filepath = _dumpDir + "pktminerg_dump.pcap";
+    }
     if (boost::filesystem::exists(filepath)) {
         boost::filesystem::remove(filepath);
     }
@@ -106,6 +126,15 @@ void PcapHandler::packetHandler(const struct pcap_pkthdr* header, const uint8_t*
                       }
                   });
     if (_pcap_dumpter) {
+        auto tt = std::chrono::system_clock::to_time_t(std::chrono::system_clock::now());
+        if( _dumpInterval > 0 && tt-_timeStamp > _dumpInterval ) {
+            _timeStamp = tt;
+
+            if (openPcapDumper(_pcap_handle) != 0) {
+                std::cerr << StatisLogContext::getTimeString() << "Call openPcapDumper failed." << std::endl;
+            }
+        }
+
         pcap_dump(reinterpret_cast<u_char*>(_pcap_dumpter), header, pkt_data);
     }
     if (_statislog == nullptr) {

diff --git a/src/pcaphandler.h b/src/pcaphandler.h
@@ -4,8 +4,12 @@
 #include <string>
 #include <vector>
 #include <memory>
+
+#include <chrono>
+
 #include <netinet/in.h>
 
+
 #include "pcapexport.h"
 #include "statislog.h"
 
@@ -26,19 +30,25 @@ class PcapHandler {
     std::shared_ptr<GreSendStatisLog> _statislog;
     uint64_t _gre_count;
     uint64_t _gre_drop_count;
+
+    std::string _dumpDir;
+    std::int16_t _dumpInterval;
+    std::time_t _timeStamp;
+
     int _need_update_status;
 
     std::vector<in_addr> _ipv4s;
     std::vector<in6_addr> _ipv6s;
 
+
 protected:
     int openPcapDumper(pcap_t *pcap_handle);
     void closePcapDumper();
 
     int checkPktDirectionV4(const in_addr* sip, const in_addr* dip);
     int checkPktDirectionV6(const in6_addr* sip, const in6_addr* dip);
 public:
-    PcapHandler();
+    PcapHandler(std::string dumpDir, int16_t dumpInterval);
     virtual ~PcapHandler();
     void packetHandler(const struct pcap_pkthdr *header, const uint8_t *pkt_data);
     void addExport(std::shared_ptr<PcapExportBase> pcapExport);
@@ -51,12 +61,16 @@ class PcapHandler {
 
 class PcapOfflineHandler : public PcapHandler {
 public:
+    PcapOfflineHandler(std::string dumpDir, int16_t dumpInterval):
+            PcapHandler(dumpDir, dumpInterval) {};
     int openPcap(const std::string &dev, const pcap_init_t &param, const std::string &expression,
                  bool dumpfile=false);
 };
 
 class PcapLiveHandler : public PcapHandler {
 public:
+    PcapLiveHandler(std::string dumpDir, int16_t dumpInterval):
+            PcapHandler(dumpDir, dumpInterval) {};
     int openPcap(const std::string &dev, const pcap_init_t &param, const std::string &expression,
                  bool dumpfile=false);
 };

diff --git a/src/pktminerg.cpp b/src/pktminerg.cpp
@@ -53,9 +53,12 @@ int main(int argc, const char* argv[]) {
             ("cpu", boost::program_options::value<int>()->value_name("ID"), "set cpu affinity ID")
             ("expression", boost::program_options::value<std::vector<std::string>>()->value_name("FILTER"),
              R"(filter packets with FILTER; FILTER as same as tcpdump BPF expression syntax)")
-            ("dump", "specify dump file, mostly for integrated test")
-            ("control", boost::program_options::value<int>()->value_name("CONTROL_PORT"),
-             "set zmq listen port for agent daemon control. Control server won't be up if this option is not set")
+
+            ("dump", boost::program_options::value<std::string>()->default_value("./")->value_name("DUMP"),
+             "specify pcap dump file dump dir")
+            ("interval", boost::program_options::value<int>()->default_value(-1)->value_name("INTERVAL"),
+             "specify the interval for dump file creation")
+
             ("nofilter",
              "force no filter; In online mode, only use when GRE interface "
                  "is set via CLI, AND you confirm that the snoop interface is "
@@ -132,15 +135,18 @@ int main(int argc, const char* argv[]) {
 #endif // WIN32
 
 
-    if (!vm.count("remoteip")) {
-        std::cerr << StatisLogContext::getTimeString() << "Please set gre remote ip with --remoteip or -r."
+    if (!vm.count("remoteip")  && !vm.count("dump")) {
+        std::cerr << StatisLogContext::getTimeString()
+                  << "Please set gre remote ip with --remoteip (or -r)  or get dump directory with --Dump."
                   << std::endl;
         return 1;
     }
 
-    std::string remoteip = vm["remoteip"].as<std::string>();
     std::vector<std::string> remoteips;
-    boost::algorithm::split(remoteips, remoteip, boost::algorithm::is_any_of(","));
+    if (vm.count("remoteip")) {
+        std::string remoteip = vm["remoteip"].as<std::string>();
+        boost::algorithm::split(remoteips, remoteip, boost::algorithm::is_any_of(","));
+    }
 
     int zmq_port = vm["zmq_port"].as<int>();
     int zmq_hwm = vm["zmq_hwm"].as<int>();
@@ -187,9 +193,10 @@ int main(int argc, const char* argv[]) {
         }
     }
 
+    // dump option
     // dump option
     bool dumpfile = false;
-    if (vm.count("dump")) {
+    if (vm["interval"].as<int>() >= 0) {
         dumpfile = true;
     }
 
@@ -226,15 +233,15 @@ int main(int argc, const char* argv[]) {
     if (vm.count("pcapfile")) {
         // offline
         std::string path = vm["pcapfile"].as<std::string>();
-        handler = std::make_shared<PcapOfflineHandler>();
+        handler = std::make_shared<PcapOfflineHandler>(vm["dump"].as<std::string>(),vm["interval"].as<int>());
         if (handler->openPcap(path, param, "", dumpfile) != 0) {
             std::cerr << StatisLogContext::getTimeString() << "Call PcapOfflineHandler openPcap failed." << std::endl;
             return 1;
         }
     } else if (vm.count("interface")) {
         // online
         std::string dev = vm["interface"].as<std::string>();
-        handler = std::make_shared<PcapLiveHandler>();
+        handler = std::make_shared<PcapLiveHandler>(vm["dump"].as<std::string>(), vm["interval"].as<int>());
         if (handler->openPcap(dev, param, filter, dumpfile) != 0) {
             std::cerr << StatisLogContext::getTimeString() << "Call PcapLiveHandler openPcap failed." << std::endl;
             return 1;

diff --git a/test/unit_test.cpp b/test/unit_test.cpp
@@ -26,7 +26,7 @@ namespace {
     };
 
     TEST(PcapHandlerTest, test) {
-        PcapOfflineHandler handler;
+        PcapOfflineHandler handler("./", 60);
         pcap_init_t param;
         handler.addExport(std::make_shared<PcapExportTest>());
         EXPECT_EQ(0, handler.openPcap("sample.pcap", param, "", false));