From 1935c45aa12e38f5304dd7be6dfeba1e4649a4e0 Mon Sep 17 00:00:00 2001
From: "robbie.tu" <root@localhost.localdomain>
Date: Thu, 16 Sep 2021 09:42:50 +0800
Subject: [PATCH] add flie

---
 src/pcaphandler.cpp | 32 ++++++++++++++++++++++++++++++--
 src/pcaphandler.h   | 10 +++++++++-
 src/pktminerg.cpp   | 23 +++++++++++++++--------
 test/unit_test.cpp  |  2 +-
 4 files changed, 55 insertions(+), 12 deletions(-)

diff --git a/src/pcaphandler.cpp b/src/pcaphandler.cpp
index 898f56672..317e4912a 100644
--- a/src/pcaphandler.cpp
+++ b/src/pcaphandler.cpp
@@ -4,11 +4,19 @@
 #include <boost/filesystem.hpp>
 #include "scopeguard.h"
 
-PcapHandler::PcapHandler() {
+PcapHandler::PcapHandler(std::string dumpDir, int16_t dumpInterval):
+    _dumpDir(dumpDir),
+    _dumpInterval(dumpInterval) {
     _gre_count = 0;
     _gre_drop_count = 0;
     _pcap_handle = NULL;
     _pcap_dumpter = NULL;
+    if (dumpInterval != -1) {
+        _dumpDir = dumpDir + "/";
+        _timeStamp = std::chrono::system_clock::to_time_t(std::chrono::system_clock::now());
+        if(!boost::filesystem::is_directory(_dumpDir))
+            boost::filesystem::create_directories(_dumpDir);
+    }
     std::memset(_errbuf, 0, sizeof(_errbuf));
 }
 
@@ -19,7 +27,18 @@ PcapHandler::~PcapHandler() {
 
 int PcapHandler::openPcapDumper(pcap_t* pcap_handle) {
     closePcapDumper();
-    std::string filepath = "pktminer_dump.pcap";
+    char date[60] = {0};
+    std::string filepath;
+    if (_dumpInterval >0) {
+        struct tm* ptm = localtime(&_timeStamp);
+        sprintf(date, "%d%02d%02d%02d%02d%02d",
+                (int)ptm->tm_year + 1900,(int)ptm->tm_mon + 1,(int)ptm->tm_mday,
+                (int)ptm->tm_hour, (int)ptm->tm_min, (int)ptm->tm_sec);
+        filepath = _dumpDir + "pktminerg_dump_"+std::string(date) + ".pcap";
+    }
+    else {
+        filepath = _dumpDir + "pktminerg_dump.pcap";
+    }
     if (boost::filesystem::exists(filepath)) {
         boost::filesystem::remove(filepath);
     }
@@ -62,6 +81,15 @@ void PcapHandler::packetHandler(const struct pcap_pkthdr* header, const uint8_t*
                       }
                   });
     if (_pcap_dumpter) {
+        auto tt = std::chrono::system_clock::to_time_t(std::chrono::system_clock::now());
+        if( _dumpInterval > 0 && tt-_timeStamp > _dumpInterval ) {
+            _timeStamp = tt;
+
+            if (openPcapDumper(_pcap_handle) != 0) {
+                std::cerr << StatisLogContext::getTimeString() << "Call openPcapDumper failed." << std::endl;
+            }
+        }
+
         pcap_dump(reinterpret_cast<u_char*>(_pcap_dumpter), header, pkt_data);
     }
     if (_statislog == nullptr) {
diff --git a/src/pcaphandler.h b/src/pcaphandler.h
index f283dca02..96f3479e0 100644
--- a/src/pcaphandler.h
+++ b/src/pcaphandler.h
@@ -4,6 +4,7 @@
 #include <string>
 #include <vector>
 #include <memory>
+#include <chrono>
 #include "pcapexport.h"
 #include "statislog.h"
 
@@ -23,11 +24,14 @@ class PcapHandler {
     std::shared_ptr<GreSendStatisLog> _statislog;
     uint64_t _gre_count;
     uint64_t _gre_drop_count;
+    std::string _dumpDir;
+    std::int16_t _dumpInterval;
+    std::time_t _timeStamp;
 protected:
     int openPcapDumper(pcap_t *pcap_handle);
     void closePcapDumper();
 public:
-    PcapHandler();
+    PcapHandler(std::string dumpDir, int16_t dumpInterval);
     virtual ~PcapHandler();
     void packetHandler(const struct pcap_pkthdr *header, const uint8_t *pkt_data);
     void addExport(std::shared_ptr<PcapExportBase> pcapExport);
@@ -40,12 +44,16 @@ class PcapHandler {
 
 class PcapOfflineHandler : public PcapHandler {
 public:
+    PcapOfflineHandler(std::string dumpDir, int16_t dumpInterval):
+            PcapHandler(dumpDir, dumpInterval) {};
     int openPcap(const std::string &dev, const pcap_init_t &param, const std::string &expression,
                  bool dumpfile=false);
 };
 
 class PcapLiveHandler : public PcapHandler {
 public:
+    PcapLiveHandler(std::string dumpDir, int16_t dumpInterval):
+            PcapHandler(dumpDir, dumpInterval) {};
     int openPcap(const std::string &dev, const pcap_init_t &param, const std::string &expression,
                  bool dumpfile=false);
 };
diff --git a/src/pktminerg.cpp b/src/pktminerg.cpp
index e84a07867..3b09386dc 100644
--- a/src/pktminerg.cpp
+++ b/src/pktminerg.cpp
@@ -41,7 +41,10 @@ int main(int argc, const char* argv[]) {
             ("cpu", boost::program_options::value<int>()->value_name("ID"), "set cpu affinity ID")
             ("expression", boost::program_options::value<std::vector<std::string>>()->value_name("FILTER"),
              R"(filter packets with FILTER; FILTER as same as tcpdump BPF expression syntax)")
-            ("dump", "specify dump file, mostly for integrated test")
+            ("dump", boost::program_options::value<std::string>()->default_value("./")->value_name("DUMP"),
+             "specify pcap dump file dump dir")
+            ("interval", boost::program_options::value<int>()->default_value(-1)->value_name("INTERVAL"),
+             "specify the interval for dump file creation")
             ("nofilter",
              "force no filter; only use when you confirm that the snoop interface is different from the gre interface");
 
@@ -103,15 +106,18 @@ int main(int argc, const char* argv[]) {
         }
     }
 
-    if (!vm.count("remoteip")) {
-        std::cerr << StatisLogContext::getTimeString() << "Please set gre remote ip with --remoteip or -r."
+    if (!vm.count("remoteip")  && !vm.count("dump")) {
+        std::cerr << StatisLogContext::getTimeString()
+                  << "Please set gre remote ip with --remoteip (or -r)  or get dump directory with --Dump."
                   << std::endl;
         return 1;
     }
 
-    std::string remoteip = vm["remoteip"].as<std::string>();
     std::vector<std::string> remoteips;
-    boost::algorithm::split(remoteips, remoteip, boost::algorithm::is_any_of(","));
+    if (vm.count("remoteip")) {
+        std::string remoteip = vm["remoteip"].as<std::string>();
+        boost::algorithm::split(remoteips, remoteip, boost::algorithm::is_any_of(","));
+    }
 
     int keybit = vm["keybit"].as<int>();
 
@@ -140,9 +146,10 @@ int main(int argc, const char* argv[]) {
         }
     }
 
+    // dump option
     // dump option
     bool dumpfile = false;
-    if (vm.count("dump")) {
+    if (vm["interval"].as<int>() >= 0) {
         dumpfile = true;
     }
 
@@ -178,7 +185,7 @@ int main(int argc, const char* argv[]) {
     if (vm.count("pcapfile")) {
         // offline
         std::string path = vm["pcapfile"].as<std::string>();
-        handler = std::make_shared<PcapOfflineHandler>();
+        handler = std::make_shared<PcapOfflineHandler>(vm["dump"].as<std::string>(),vm["interval"].as<int>());
         if (handler->openPcap(path, param, "", dumpfile) != 0) {
             std::cerr << StatisLogContext::getTimeString() << "Call PcapOfflineHandler openPcap failed." << std::endl;
             return 1;
@@ -186,7 +193,7 @@ int main(int argc, const char* argv[]) {
     } else if (vm.count("interface")) {
         // online
         std::string dev = vm["interface"].as<std::string>();
-        handler = std::make_shared<PcapLiveHandler>();
+        handler = std::make_shared<PcapLiveHandler>(vm["dump"].as<std::string>(), vm["interval"].as<int>());
         if (handler->openPcap(dev, param, filter, dumpfile) != 0) {
             std::cerr << StatisLogContext::getTimeString() << "Call PcapLiveHandler openPcap failed." << std::endl;
             return 1;
diff --git a/test/unit_test.cpp b/test/unit_test.cpp
index e7a1e1f67..4b3b21ce6 100644
--- a/test/unit_test.cpp
+++ b/test/unit_test.cpp
@@ -24,7 +24,7 @@ namespace {
     };
 
     TEST(PcapHandlerTest, test) {
-        PcapOfflineHandler handler;
+        PcapOfflineHandler handler("./", 60);
         pcap_init_t param;
         handler.addExport(std::make_shared<PcapExportTest>());
         EXPECT_EQ(0, handler.openPcap("sample.pcap", param, "", false));