1 /* 2 pmacct (Promiscuous mode IP Accounting package) 3 pmacct is Copyright (C) 2003-2020 by Paolo Lucente 4 */ 5 6 /* 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License as published by 9 the Free Software Foundation; either version 2 of the License, or 10 (at your option) any later version. 11 12 This program is distributed in the hope that it will be useful, 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 GNU General Public License for more details. 16 17 You should have received a copy of the GNU General Public License 18 along with this program; if not, write to the Free Software 19 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 20 */ 21 22 /* defines */ 23 #define ARGS_NFACCTD "n:dDhP:b:f:F:c:m:p:r:s:S:L:l:o:t:O:MuRVaAE:I:WZ:Y:" 24 #define ARGS_SFACCTD "n:dDhP:b:f:F:c:m:p:r:s:S:L:l:o:t:O:MuRVaAE:I:WZ:Y:" 25 #define ARGS_PMACCTD "n:NdDhP:b:f:F:c:i:I:m:p:r:s:S:o:t:O:MuwWZ:Y:L:RVazAE:" 26 #define ARGS_UACCTD "n:NdDhP:b:f:F:c:m:p:r:s:S:o:t:O:MuRg:L:VaAE:" 27 #define ARGS_PMTELEMETRYD "hVL:u:t:Z:f:dDS:F:o:O:i:" 28 #define ARGS_PMBGPD "hVL:l:f:dDS:F:o:O:i:gm:" 29 #define ARGS_PMBMPD "hVL:l:f:dDS:F:o:O:i:I:Z:Y:T:" 30 #define ARGS_PMACCT "hSsc:Cetm:p:P:M:arN:n:lT:O:E:uVUiI0" 31 #define N_PRIMITIVES 128 32 #define N_FUNCS 10 33 #define MAX_N_PLUGINS 32 34 #define PROTO_LEN 12 35 #define PROTO_NUM_STRLEN 4 36 #define MAX_MAP_ENTRIES 2048 /* allow maps */ 37 #define BGP_MD5_MAP_ENTRIES 8192 38 #define AGG_FILTER_ENTRIES 128 39 #define FOLLOW_BGP_NH_ENTRIES 32 40 #define MAX_PROTOCOL_LEN 32 41 #define DEFAULT_AVRO_SCHEMA_REFRESH_TIME 60 42 #define MAX_AVRO_SCHEMA 65535 43 #define DEFAULT_IMT_PLUGIN_POLL_TIMEOUT 5 44 #define DEFAULT_SLOTH_SLEEP_TIME 5 45 #define UINT32T_THRESHOLD 4290000000UL 46 #define UINT64T_THRESHOLD 18446744073709551360ULL 47 #define INT64T_THRESHOLD 9223372036854775807ULL 48 #define PM_VARIABLE_LENGTH 65535 49 #define PM_COUNTRY_T_STRLEN 4 50 #define PM_POCODE_T_STRLEN 12 51 #define PCAP_SAVEFILE_MAX_ERRORS 10 52 #define PCAP_MAX_INTERFACES 1000 53 #define PCAP_MAX_ATTEMPTS 3 54 #define PCAP_RETRY_PERIOD 5 55 #define PCAP_IFINDEX_NONE 0 56 #define PCAP_IFINDEX_SYS 1 57 #define PCAP_IFINDEX_HASH 2 58 #define PCAP_IFINDEX_MAP 3 59 #define PORT_STRLEN 6 60 #ifndef UINT8_MAX 61 #define UINT8_MAX (255U) 62 #endif 63 #ifndef UINT16_MAX 64 #define UINT16_MAX (65535U) 65 #endif 66 #ifndef UINT32_MAX 67 #define UINT32_MAX (4294967295U) 68 #endif 69 #ifndef UINT64_MAX 70 #define UINT64_MAX (18446744073709551615ULL) 71 #endif 72 #ifndef INT_MAX 73 #define INT_MAX (2147483647U) 74 #endif 75 #ifndef INT_MIN 76 #define INT_MIN (-2147483647 - 1) 77 #endif 78 79 #define LONGLONG_RETRY INT_MAX 80 81 #define DEFAULT_SNAPLEN 128 82 #define SNAPLEN_ISIS_MIN 512 83 #define SNAPLEN_ISIS_DEFAULT 1476 84 85 #define SUPERSHORTBUFLEN (16+MOREBUFSZ) 86 #define VERYSHORTBUFLEN (32+MOREBUFSZ) 87 #define SHORTSHORTBUFLEN (64+MOREBUFSZ) 88 #define SHORTBUFLEN (128+MOREBUFSZ) 89 #define SRVBUFLEN (256+MOREBUFSZ) 90 #define LONGSRVBUFLEN (384+MOREBUFSZ) 91 #define LONGLONGSRVBUFLEN (1024+MOREBUFSZ) 92 #define LARGEBUFLEN (8192+MOREBUFSZ) 93 #define OUTPUT_FILE_BUFSZ (100 * LARGEBUFLEN) 94 95 #define PRIMITIVE_LEN 32 96 #define PRIMITIVE_DESC_LEN 64 97 98 #define PMACCT_VERSION "1.7.5-git" 99 #define MANTAINER "Paolo Lucente <paolo@pmacct.net>" 100 #define GET_IN_TOUCH_MSG "If you see this message, please get in touch" 101 #define PMACCTD_USAGE_HEADER "Promiscuous Mode Accounting Daemon, pmacctd" 102 #define UACCTD_USAGE_HEADER "Linux NetFilter NFLOG Accounting Daemon, uacctd" 103 #define PMACCT_USAGE_HEADER "pmacct IMT plugin client, pmacct" 104 #define NFACCTD_USAGE_HEADER "NetFlow Accounting Daemon, nfacctd" 105 #define SFACCTD_USAGE_HEADER "sFlow Accounting Daemon, sfacctd" 106 #define PMTELEMETRYD_USAGE_HEADER "Streaming Network Telemetry Daemon, pmtelemetryd" 107 #define PMBGPD_USAGE_HEADER "pmacct BGP Collector Daemon, pmbgpd" 108 #define PMBMPD_USAGE_HEADER "pmacct BMP Collector Daemon, pmbmpd" 109 #define PMACCT_COMPILE_ARGS COMPILE_ARGS 110 #ifndef TRUE 111 #define TRUE 1 112 #endif 113 #ifndef FALSE 114 #define FALSE 0 115 #endif 116 #ifndef FALSE_NONZERO 117 #define FALSE_NONZERO INT_MIN 118 #endif 119 #ifndef ERR 120 #define ERR -1 121 #endif 122 #ifndef SUCCESS 123 #define SUCCESS 0 124 #endif 125 126 #define E_NOTFOUND 2 127 128 #ifndef MIN 129 #define MIN(x, y) (x <= y ? x : y) 130 #endif 131 132 #ifndef MAX 133 #define MAX(x, y) (x <= y ? y : x) 134 #endif 135 136 #ifndef PATH_MAX 137 #define PATH_MAX 4096 138 #endif 139 140 /* Daemon identificator */ 141 #define ACCT_UNKNOWN 0 /* Undefined / unknown daemon */ 142 #define ACCT_PM 1 /* promiscuous mode */ 143 #define ACCT_NF 2 /* NetFlow */ 144 #define ACCT_SF 3 /* sFlow */ 145 #define ACCT_UL 4 /* Linux NetFilter NFLOG */ 146 #define ACCT_FWPLANE_MAX 100 /* Max ID for forwarding-plane daemons */ 147 #define ACCT_PMBGP 101 /* standalone BGP daemon */ 148 #define ACCT_PMBMP 102 /* standalone BMP daemon */ 149 #define ACCT_CTLPLANE_MAX 200 /* Max ID for control-plane daemons */ 150 #define ACCT_PMTELE 201 /* Streaming Network Telemetry */ 151 #define ACCT_INFRA_MAX 300 /* Max ID for infrastructure daemons */ 152 153 /* map type */ 154 #define MAP_TAG 0 /* pre_tag_map */ 155 #define MAP_BGP_PEER_AS_SRC 100 /* bgp_peer_src_as_map */ 156 #define MAP_BGP_TO_XFLOW_AGENT 101 /* bgp_to_agent_map */ 157 #define MAP_BGP_SRC_LOCAL_PREF 102 /* bgp_src_local_pref_map */ 158 #define MAP_BGP_SRC_MED 103 /* bgp_src_med_map */ 159 #define MAP_FLOW_TO_RD 104 /* flow_to_rd_map */ 160 #define MAP_SAMPLING 105 /* sampling_map */ 161 #define MAP_TEE_RECVS 106 /* tee_receivers */ 162 #define MAP_IGP 107 /* igp_daemon_map */ 163 #define MAP_CUSTOM_PRIMITIVES 108 /* aggregate_primitives */ 164 #define MAP_BGP_XCS 109 /* bgp_xconnect_map */ 165 #define MAP_PCAP_INTERFACES 110 /* pcap_interfaces_map */ 166 167 /* PRIMITIVES DEFINITION: START */ 168 /* internal: first registry, ie. what_to_count, aggregation, etc. */ 169 #define COUNT_INT_SRC_HOST 0x0001000000000001ULL 170 #define COUNT_INT_DST_HOST 0x0001000000000002ULL 171 #define COUNT_INT_SUM_HOST 0x0001000000000004ULL 172 #define COUNT_INT_SRC_PORT 0x0001000000000008ULL 173 #define COUNT_INT_DST_PORT 0x0001000000000010ULL 174 #define COUNT_INT_IP_PROTO 0x0001000000000020ULL 175 #define COUNT_INT_SRC_MAC 0x0001000000000040ULL 176 #define COUNT_INT_DST_MAC 0x0001000000000080ULL 177 #define COUNT_INT_SRC_NET 0x0001000000000100ULL 178 #define COUNT_INT_DST_NET 0x0001000000000200ULL 179 #define COUNT_INT_TAG 0x0001000000000400ULL 180 #define COUNT_INT_VLAN 0x0001000000000800ULL 181 #define COUNT_INT_IP_TOS 0x0001000000001000ULL 182 #define COUNT_INT_NONE 0x0001000000002000ULL 183 #define COUNT_INT_SRC_AS 0x0001000000004000ULL 184 #define COUNT_INT_DST_AS 0x0001000000008000ULL 185 #define COUNT_INT_SUM_NET 0x0001000000010000ULL 186 #define COUNT_INT_SUM_AS 0x0001000000020000ULL 187 #define COUNT_INT_SUM_PORT 0x0001000000040000ULL 188 #define INT_TIMESTAMP 0x0001000000080000ULL /* USE_TIMESTAMPS */ 189 #define COUNT_INT_FLOWS 0x0001000000100000ULL 190 #define COUNT_INT_SUM_MAC 0x0001000000200000ULL 191 #define COUNT_INT_CLASS 0x0001000000400000ULL 192 #define COUNT_INT_COUNTERS 0x0001000000800000ULL 193 #define COUNT_INT_PAYLOAD 0x0001000001000000ULL 194 #define COUNT_INT_TCPFLAGS 0x0001000002000000ULL 195 #define COUNT_INT_STD_COMM 0x0001000004000000ULL 196 #define COUNT_INT_EXT_COMM 0x0001000008000000ULL 197 #define COUNT_INT_AS_PATH 0x0001000010000000ULL 198 #define COUNT_INT_LOCAL_PREF 0x0001000020000000ULL 199 #define COUNT_INT_MED 0x0001000040000000ULL 200 #define COUNT_INT_PEER_SRC_AS 0x0001000080000000ULL 201 #define COUNT_INT_PEER_DST_AS 0x0001000100000000ULL 202 #define COUNT_INT_PEER_SRC_IP 0x0001000200000000ULL 203 #define COUNT_INT_PEER_DST_IP 0x0001000400000000ULL 204 #define COUNT_INT_TAG2 0x0001000800000000ULL 205 #define COUNT_INT_SRC_AS_PATH 0x0001001000000000ULL 206 #define COUNT_INT_SRC_STD_COMM 0x0001002000000000ULL 207 #define COUNT_INT_SRC_EXT_COMM 0x0001004000000000ULL 208 #define COUNT_INT_SRC_LOCAL_PREF 0x0001008000000000ULL 209 #define COUNT_INT_SRC_MED 0x0001010000000000ULL 210 #define COUNT_INT_MPLS_VPN_RD 0x0001020000000000ULL 211 #define COUNT_INT_IN_IFACE 0x0001040000000000ULL 212 #define COUNT_INT_OUT_IFACE 0x0001080000000000ULL 213 #define COUNT_INT_SRC_NMASK 0x0001100000000000ULL 214 #define COUNT_INT_DST_NMASK 0x0001200000000000ULL 215 #define COUNT_INT_COS 0x0001400000000000ULL 216 #define COUNT_INT_ETHERTYPE 0x0001800000000000ULL 217 218 /* internal: second registry, ie. what_to_count_2, aggregation_2, etc. */ 219 #define COUNT_INT_SAMPLING_RATE 0x0002000000000001ULL 220 #define COUNT_INT_SRC_HOST_COUNTRY 0x0002000000000002ULL 221 #define COUNT_INT_DST_HOST_COUNTRY 0x0002000000000004ULL 222 #define COUNT_INT_EXPORT_PROTO_SYSID 0x0002000000000008ULL 223 #define COUNT_INT_POST_NAT_SRC_HOST 0x0002000000000010ULL 224 #define COUNT_INT_POST_NAT_DST_HOST 0x0002000000000020ULL 225 #define COUNT_INT_POST_NAT_SRC_PORT 0x0002000000000040ULL 226 #define COUNT_INT_POST_NAT_DST_PORT 0x0002000000000080ULL 227 #define COUNT_INT_NAT_EVENT 0x0002000000000100ULL 228 #define COUNT_INT_TIMESTAMP_START 0x0002000000000200ULL 229 #define COUNT_INT_TIMESTAMP_END 0x0002000000000400ULL 230 #define COUNT_INT_TIMESTAMP_ARRIVAL 0x0002000000000800ULL 231 #define COUNT_INT_MPLS_LABEL_TOP 0x0002000000001000ULL 232 #define COUNT_INT_MPLS_LABEL_BOTTOM 0x0002000000002000ULL 233 #define COUNT_INT_MPLS_STACK_DEPTH 0x0002000000004000ULL 234 #define COUNT_INT_LABEL 0x0002000000008000ULL 235 #define COUNT_INT_EXPORT_PROTO_SEQNO 0x0002000000010000ULL 236 #define COUNT_INT_EXPORT_PROTO_VERSION 0x0002000000020000ULL 237 #define COUNT_INT_LRG_COMM 0x0002000000040000ULL 238 #define COUNT_INT_SRC_LRG_COMM 0x0002000000080000ULL 239 #define COUNT_INT_SRC_HOST_POCODE 0x0002000000100000ULL 240 #define COUNT_INT_DST_HOST_POCODE 0x0002000000200000ULL 241 #define COUNT_INT_TUNNEL_SRC_HOST 0x0002000000400000ULL 242 #define COUNT_INT_TUNNEL_DST_HOST 0x0002000000800000ULL 243 #define COUNT_INT_TUNNEL_IP_PROTO 0x0002000001000000ULL 244 #define COUNT_INT_TUNNEL_IP_TOS 0x0002000002000000ULL 245 #define COUNT_INT_NDPI_CLASS 0x0002000004000000ULL 246 #define COUNT_INT_SRC_HOST_COORDS 0x0002000008000000ULL 247 #define COUNT_INT_DST_HOST_COORDS 0x0002000010000000ULL 248 #define COUNT_INT_SAMPLING_DIRECTION 0x0002000020000000ULL 249 #define COUNT_INT_MPLS_PW_ID 0x0002000040000000ULL 250 #define COUNT_INT_SRC_ROA 0x0002000080000000ULL 251 #define COUNT_INT_DST_ROA 0x0002000100000000ULL 252 #define COUNT_INT_VXLAN 0x0002000200000000ULL 253 #define COUNT_INT_TUNNEL_SRC_MAC 0x0002000400000000ULL 254 #define COUNT_INT_TUNNEL_DST_MAC 0x0002000800000000ULL 255 #define COUNT_INT_TUNNEL_SRC_PORT 0x0002001000000000ULL 256 #define COUNT_INT_TUNNEL_DST_PORT 0x0002002000000000ULL 257 #define COUNT_INT_CUSTOM_PRIMITIVES 0x0002800000000000ULL 258 259 #define COUNT_INDEX_MASK 0xFFFF 260 #define COUNT_INDEX_CP 0xFFFF000000000000ULL /* index 0xffff reserved to custom primitives */ 261 #define COUNT_REGISTRY_MASK 0x0000FFFFFFFFFFFFULL 262 #define COUNT_REGISTRY_BITS 48 263 264 /* external: first registry, ie. what_to_count, aggregation, etc. */ 265 #define COUNT_SRC_HOST (COUNT_INT_SRC_HOST & COUNT_REGISTRY_MASK) 266 #define COUNT_DST_HOST (COUNT_INT_DST_HOST & COUNT_REGISTRY_MASK) 267 #define COUNT_SUM_HOST (COUNT_INT_SUM_HOST & COUNT_REGISTRY_MASK) 268 #define COUNT_SRC_PORT (COUNT_INT_SRC_PORT & COUNT_REGISTRY_MASK) 269 #define COUNT_DST_PORT (COUNT_INT_DST_PORT & COUNT_REGISTRY_MASK) 270 #define COUNT_IP_PROTO (COUNT_INT_IP_PROTO & COUNT_REGISTRY_MASK) 271 #define COUNT_SRC_MAC (COUNT_INT_SRC_MAC & COUNT_REGISTRY_MASK) 272 #define COUNT_DST_MAC (COUNT_INT_DST_MAC & COUNT_REGISTRY_MASK) 273 #define COUNT_SRC_NET (COUNT_INT_SRC_NET & COUNT_REGISTRY_MASK) 274 #define COUNT_DST_NET (COUNT_INT_DST_NET & COUNT_REGISTRY_MASK) 275 #define COUNT_TAG (COUNT_INT_TAG & COUNT_REGISTRY_MASK) 276 #define COUNT_VLAN (COUNT_INT_VLAN & COUNT_REGISTRY_MASK) 277 #define COUNT_IP_TOS (COUNT_INT_IP_TOS & COUNT_REGISTRY_MASK) 278 #define COUNT_NONE (COUNT_INT_NONE & COUNT_REGISTRY_MASK) 279 #define COUNT_SRC_AS (COUNT_INT_SRC_AS & COUNT_REGISTRY_MASK) 280 #define COUNT_DST_AS (COUNT_INT_DST_AS & COUNT_REGISTRY_MASK) 281 #define COUNT_SUM_NET (COUNT_INT_SUM_NET & COUNT_REGISTRY_MASK) 282 #define COUNT_SUM_AS (COUNT_INT_SUM_AS & COUNT_REGISTRY_MASK) 283 #define COUNT_SUM_PORT (COUNT_INT_SUM_PORT & COUNT_REGISTRY_MASK) 284 #define TIMESTAMP (INT_TIMESTAMP & COUNT_REGISTRY_MASK) 285 #define COUNT_FLOWS (COUNT_INT_FLOWS & COUNT_REGISTRY_MASK) 286 #define COUNT_SUM_MAC (COUNT_INT_SUM_MAC & COUNT_REGISTRY_MASK) 287 #define COUNT_CLASS (COUNT_INT_CLASS & COUNT_REGISTRY_MASK) 288 #define COUNT_COUNTERS (COUNT_INT_COUNTERS & COUNT_REGISTRY_MASK) 289 #define COUNT_PAYLOAD (COUNT_INT_PAYLOAD & COUNT_REGISTRY_MASK) 290 #define COUNT_TCPFLAGS (COUNT_INT_TCPFLAGS & COUNT_REGISTRY_MASK) 291 #define COUNT_STD_COMM (COUNT_INT_STD_COMM & COUNT_REGISTRY_MASK) 292 #define COUNT_EXT_COMM (COUNT_INT_EXT_COMM & COUNT_REGISTRY_MASK) 293 #define COUNT_AS_PATH (COUNT_INT_AS_PATH & COUNT_REGISTRY_MASK) 294 #define COUNT_LOCAL_PREF (COUNT_INT_LOCAL_PREF & COUNT_REGISTRY_MASK) 295 #define COUNT_MED (COUNT_INT_MED & COUNT_REGISTRY_MASK) 296 #define COUNT_PEER_SRC_AS (COUNT_INT_PEER_SRC_AS & COUNT_REGISTRY_MASK) 297 #define COUNT_PEER_DST_AS (COUNT_INT_PEER_DST_AS & COUNT_REGISTRY_MASK) 298 #define COUNT_PEER_SRC_IP (COUNT_INT_PEER_SRC_IP & COUNT_REGISTRY_MASK) 299 #define COUNT_PEER_DST_IP (COUNT_INT_PEER_DST_IP & COUNT_REGISTRY_MASK) 300 #define COUNT_TAG2 (COUNT_INT_TAG2 & COUNT_REGISTRY_MASK) 301 #define COUNT_SRC_AS_PATH (COUNT_INT_SRC_AS_PATH & COUNT_REGISTRY_MASK) 302 #define COUNT_SRC_STD_COMM (COUNT_INT_SRC_STD_COMM & COUNT_REGISTRY_MASK) 303 #define COUNT_SRC_EXT_COMM (COUNT_INT_SRC_EXT_COMM & COUNT_REGISTRY_MASK) 304 #define COUNT_SRC_LOCAL_PREF (COUNT_INT_SRC_LOCAL_PREF & COUNT_REGISTRY_MASK) 305 #define COUNT_SRC_MED (COUNT_INT_SRC_MED & COUNT_REGISTRY_MASK) 306 #define COUNT_MPLS_VPN_RD (COUNT_INT_MPLS_VPN_RD & COUNT_REGISTRY_MASK) 307 #define COUNT_IN_IFACE (COUNT_INT_IN_IFACE & COUNT_REGISTRY_MASK) 308 #define COUNT_OUT_IFACE (COUNT_INT_OUT_IFACE & COUNT_REGISTRY_MASK) 309 #define COUNT_SRC_NMASK (COUNT_INT_SRC_NMASK & COUNT_REGISTRY_MASK) 310 #define COUNT_DST_NMASK (COUNT_INT_DST_NMASK & COUNT_REGISTRY_MASK) 311 #define COUNT_COS (COUNT_INT_COS & COUNT_REGISTRY_MASK) 312 #define COUNT_ETHERTYPE (COUNT_INT_ETHERTYPE & COUNT_REGISTRY_MASK) 313 314 /* external: second registry, ie. what_to_count_2, aggregation_2, etc. */ 315 #define COUNT_SAMPLING_RATE (COUNT_INT_SAMPLING_RATE & COUNT_REGISTRY_MASK) 316 #define COUNT_SRC_HOST_COUNTRY (COUNT_INT_SRC_HOST_COUNTRY & COUNT_REGISTRY_MASK) 317 #define COUNT_DST_HOST_COUNTRY (COUNT_INT_DST_HOST_COUNTRY & COUNT_REGISTRY_MASK) 318 #define COUNT_EXPORT_PROTO_SYSID (COUNT_INT_EXPORT_PROTO_SYSID & COUNT_REGISTRY_MASK) 319 #define COUNT_POST_NAT_SRC_HOST (COUNT_INT_POST_NAT_SRC_HOST & COUNT_REGISTRY_MASK) 320 #define COUNT_POST_NAT_DST_HOST (COUNT_INT_POST_NAT_DST_HOST & COUNT_REGISTRY_MASK) 321 #define COUNT_POST_NAT_SRC_PORT (COUNT_INT_POST_NAT_SRC_PORT & COUNT_REGISTRY_MASK) 322 #define COUNT_POST_NAT_DST_PORT (COUNT_INT_POST_NAT_DST_PORT & COUNT_REGISTRY_MASK) 323 #define COUNT_NAT_EVENT (COUNT_INT_NAT_EVENT & COUNT_REGISTRY_MASK) 324 #define COUNT_TIMESTAMP_START (COUNT_INT_TIMESTAMP_START & COUNT_REGISTRY_MASK) 325 #define COUNT_TIMESTAMP_END (COUNT_INT_TIMESTAMP_END & COUNT_REGISTRY_MASK) 326 #define COUNT_TIMESTAMP_ARRIVAL (COUNT_INT_TIMESTAMP_ARRIVAL & COUNT_REGISTRY_MASK) 327 #define COUNT_MPLS_LABEL_TOP (COUNT_INT_MPLS_LABEL_TOP & COUNT_REGISTRY_MASK) 328 #define COUNT_MPLS_LABEL_BOTTOM (COUNT_INT_MPLS_LABEL_BOTTOM & COUNT_REGISTRY_MASK) 329 #define COUNT_MPLS_STACK_DEPTH (COUNT_INT_MPLS_STACK_DEPTH & COUNT_REGISTRY_MASK) 330 #define COUNT_LABEL (COUNT_INT_LABEL & COUNT_REGISTRY_MASK) 331 #define COUNT_EXPORT_PROTO_SEQNO (COUNT_INT_EXPORT_PROTO_SEQNO & COUNT_REGISTRY_MASK) 332 #define COUNT_EXPORT_PROTO_VERSION (COUNT_INT_EXPORT_PROTO_VERSION & COUNT_REGISTRY_MASK) 333 #define COUNT_LRG_COMM (COUNT_INT_LRG_COMM & COUNT_REGISTRY_MASK) 334 #define COUNT_SRC_LRG_COMM (COUNT_INT_SRC_LRG_COMM & COUNT_REGISTRY_MASK) 335 #define COUNT_SRC_HOST_POCODE (COUNT_INT_SRC_HOST_POCODE & COUNT_REGISTRY_MASK) 336 #define COUNT_DST_HOST_POCODE (COUNT_INT_DST_HOST_POCODE & COUNT_REGISTRY_MASK) 337 #define COUNT_TUNNEL_SRC_HOST (COUNT_INT_TUNNEL_SRC_HOST & COUNT_REGISTRY_MASK) 338 #define COUNT_TUNNEL_DST_HOST (COUNT_INT_TUNNEL_DST_HOST & COUNT_REGISTRY_MASK) 339 #define COUNT_TUNNEL_IP_PROTO (COUNT_INT_TUNNEL_IP_PROTO & COUNT_REGISTRY_MASK) 340 #define COUNT_TUNNEL_IP_TOS (COUNT_INT_TUNNEL_IP_TOS & COUNT_REGISTRY_MASK) 341 #define COUNT_NDPI_CLASS (COUNT_INT_NDPI_CLASS & COUNT_REGISTRY_MASK) 342 #define COUNT_SRC_HOST_COORDS (COUNT_INT_SRC_HOST_COORDS & COUNT_REGISTRY_MASK) 343 #define COUNT_DST_HOST_COORDS (COUNT_INT_DST_HOST_COORDS & COUNT_REGISTRY_MASK) 344 #define COUNT_SAMPLING_DIRECTION (COUNT_INT_SAMPLING_DIRECTION & COUNT_REGISTRY_MASK) 345 #define COUNT_MPLS_PW_ID (COUNT_INT_MPLS_PW_ID & COUNT_REGISTRY_MASK) 346 #define COUNT_SRC_ROA (COUNT_INT_SRC_ROA & COUNT_REGISTRY_MASK) 347 #define COUNT_DST_ROA (COUNT_INT_DST_ROA & COUNT_REGISTRY_MASK) 348 #define COUNT_VXLAN (COUNT_INT_VXLAN & COUNT_REGISTRY_MASK) 349 #define COUNT_TUNNEL_SRC_MAC (COUNT_INT_TUNNEL_SRC_MAC & COUNT_REGISTRY_MASK) 350 #define COUNT_TUNNEL_DST_MAC (COUNT_INT_TUNNEL_DST_MAC & COUNT_REGISTRY_MASK) 351 #define COUNT_TUNNEL_SRC_PORT (COUNT_INT_TUNNEL_SRC_PORT & COUNT_REGISTRY_MASK) 352 #define COUNT_TUNNEL_DST_PORT (COUNT_INT_TUNNEL_DST_PORT & COUNT_REGISTRY_MASK) 353 #define COUNT_CUSTOM_PRIMITIVES (COUNT_INT_CUSTOM_PRIMITIVES & COUNT_REGISTRY_MASK) 354 /* PRIMITIVES DEFINITION: END */ 355 356 /* BYTES and PACKETS are used into templates; we let their values to 357 overlap with some values we will not need into templates */ 358 #define LT_BYTES COUNT_SRC_NET 359 #define LT_PACKETS COUNT_DST_NET 360 #define LT_FLOWS COUNT_SUM_HOST 361 #define LT_NO_L2 COUNT_SUM_NET 362 363 #define FAKE_SRC_MAC 0x00000001 364 #define FAKE_DST_MAC 0x00000002 365 #define FAKE_SRC_HOST 0x00000004 366 #define FAKE_DST_HOST 0x00000008 367 #define FAKE_SRC_AS 0x00000010 368 #define FAKE_DST_AS 0x00000020 369 #define FAKE_COMMS 0x00000040 370 #define FAKE_PEER_SRC_AS 0x00000080 371 #define FAKE_PEER_DST_AS 0x00000100 372 #define FAKE_PEER_SRC_IP 0x00000200 373 #define FAKE_PEER_DST_IP 0x00000400 374 #define FAKE_AS_PATH 0x00000800 375 376 #define COUNT_SECONDLY 0x00000001 377 #define COUNT_MINUTELY 0x00000002 378 #define COUNT_HOURLY 0x00000004 379 #define COUNT_DAILY 0x00000008 380 #define COUNT_WEEKLY 0x00000010 381 #define COUNT_MONTHLY 0x00000020 382 383 #define WANT_STATS 0x00000001 384 #define WANT_ERASE 0x00000002 385 #define WANT_STATUS 0x00000004 386 #define WANT_COUNTER 0x00000008 387 #define WANT_MATCH 0x00000010 388 #define WANT_RESET 0x00000020 389 #define WANT_CLASS_TABLE 0x00000040 390 /* #define XXX 0x00000080 */ 391 #define WANT_LOCK_OP 0x00000100 392 #define WANT_CUSTOM_PRIMITIVES_TABLE 0x00000200 393 #define WANT_ERASE_LAST_TSTAMP 0x00000400 394 395 #define PIPE_TYPE_METADATA 0x00000001 396 #define PIPE_TYPE_PAYLOAD 0x00000002 397 #define PIPE_TYPE_EXTRAS 0x00000004 398 #define PIPE_TYPE_BGP 0x00000008 399 #define PIPE_TYPE_MSG 0x00000010 400 #define PIPE_TYPE_NAT 0x00000020 401 #define PIPE_TYPE_MPLS 0x00000040 402 #define PIPE_TYPE_VLEN 0x00000080 403 #define PIPE_TYPE_LBGP 0x00000100 404 #define PIPE_TYPE_TUN 0x00000200 405 406 #define CHLD_WARNING 0x00000001 407 #define CHLD_ALERT 0x00000002 408 409 #define BGP_SRC_PRIMITIVES_UNK 0x00000000 410 #define BGP_SRC_PRIMITIVES_KEEP 0x00000001 411 #define BGP_SRC_PRIMITIVES_MAP 0x00000002 412 #define BGP_SRC_PRIMITIVES_BGP 0x00000004 413 414 #define BGP_ASPATH_HASH_PATHID 0x00000000 415 416 #define PRINT_OUTPUT_FORMATTED 0x00000001 417 #define PRINT_OUTPUT_CSV 0x00000002 418 #define PRINT_OUTPUT_JSON 0x00000004 419 #define PRINT_OUTPUT_EVENT 0x00000008 420 #define PRINT_OUTPUT_AVRO_BIN 0x00000010 421 #define PRINT_OUTPUT_AVRO_JSON 0x00000020 422 #define PRINT_OUTPUT_CUSTOM 0x00000040 423 424 #define DIRECTION_UNKNOWN 0x00000000 425 #define DIRECTION_IN 0x00000001 426 #define DIRECTION_OUT 0x00000002 427 #define DIRECTION_TAG 0x00000004 428 #define DIRECTION_TAG2 0x00000008 429 430 #define IFINDEX_STATIC 0x00000001 431 #define IFINDEX_TAG 0x00000002 432 #define IFINDEX_TAG2 0x00000004 433 434 #define CUSTOM_PRIMITIVE_TYPE_UNKNOWN 0 435 #define CUSTOM_PRIMITIVE_TYPE_UINT 1 436 #define CUSTOM_PRIMITIVE_TYPE_HEX 2 437 #define CUSTOM_PRIMITIVE_TYPE_STRING 3 438 #define CUSTOM_PRIMITIVE_TYPE_IP 4 439 #define CUSTOM_PRIMITIVE_TYPE_MAC 5 440 #define CUSTOM_PRIMITIVE_TYPE_RAW 6 441 442 #define FUNC_TYPE_NULL 0 443 #define FUNC_TYPE_BGP 1 444 #define FUNC_TYPE_BMP 2 445 #define FUNC_TYPE_RPKI 3 446 #define FUNC_TYPE_SFLOW_COUNTER 4 447 #define FUNC_TYPE_TELEMETRY 5 448 #define FUNC_TYPE_BGP_BLACKHOLE 6 449 #define FUNC_TYPE_MAX 7 450 451 #define PM_MSG_BIN_COPY 0 452 #define PM_MSG_STR_COPY 1 453 #define PM_MSG_STR_COPY_ZERO 2 454 455 #define DYN_STR_UNKNOWN 0 456 #define DYN_STR_KAFKA_TOPIC 1 457 #define DYN_STR_KAFKA_PART 2 458 #define DYN_STR_RABBITMQ_RK 3 459 #define DYN_STR_MONGODB_TABLE 4 460 #define DYN_STR_SQL_TABLE 5 461 #define DYN_STR_PRINT_FILE 6 462 463 typedef u_int32_t pm_class_t; 464 typedef u_int64_t pm_id_t; 465 typedef u_int64_t pm_cfgreg_t; 466 467 #if defined (WITH_NDPI) 468 typedef struct ndpi_proto pm_class2_t; 469 #endif 470 471 typedef struct { 472 union { 473 u_int32_t id; 474 char str[PM_COUNTRY_T_STRLEN]; 475 }; 476 } pm_country_t; 477 478 typedef struct { 479 char str[PM_POCODE_T_STRLEN]; 480 } pm_pocode_t; 481 482 typedef struct { 483 pm_cfgreg_t type; 484 u_int32_t len; 485 } __attribute__ ((packed)) pm_label_t; 486 487 /* one-off: pt_ structures should all be defined in pretag.h */ 488 typedef struct { 489 u_int32_t len; 490 char *val; 491 } pt_label_t; 492 493 typedef struct { 494 u_int8_t set; 495 int n; 496 } s_int_t; 497 498 typedef struct { 499 u_int8_t set; 500 u_int8_t n; 501 } s_uint8_t; 502 503 typedef struct { 504 u_int8_t set; 505 u_int16_t n; 506 } s_uint16_t; 507 508 typedef u_int64_t pm_counter_t; 509 510 /* Keep common NF_AS and NF_NET values aligned, ie. NF_[NET|AS]_KEEP == 0x00000001 */ 511 #define NF_AS_COMPAT 0x00000000 /* Unused */ 512 #define NF_AS_KEEP 0x00000001 /* Keep AS numbers in Sflow or NetFlow packets */ 513 #define NF_AS_NEW 0x00000002 /* ignore ASN from NetFlow and generate from network files */ 514 #define NF_AS_BGP 0x00000004 /* ignore ASN from NetFlow and generate from BGP peerings */ 515 #define NF_AS_FALLBACK 0x80000000 /* Fallback flag */ 516 517 #define NF_NET_COMPAT 0x00000000 /* Backward compatibility selection */ 518 #define NF_NET_KEEP 0x00000001 /* Determine IP network prefixes from sFlow or NetFlow data */ 519 #define NF_NET_NEW 0x00000002 /* Determine IP network prefixes from network files */ 520 #define NF_NET_BGP 0x00000004 /* Determine IP network prefixes from BGP peerings */ 521 #define NF_NET_STATIC 0x00000008 /* Determine IP network prefixes from static mask */ 522 #define NF_NET_IGP 0x00000010 /* Determine IP network prefixes from IGP */ 523 #define NF_NET_FALLBACK 0x80000000 /* Fallback flag */ 524 525 /* flow type */ 526 #define NF9_FTYPE_TRAFFIC 1 /* temporary: re-coding needed */ 527 #define NF9_FTYPE_TRAFFIC_IPV6 1 528 #define NF9_FTYPE_IPV4 1 529 #define NF9_FTYPE_IPV6 2 530 #define NF9_FTYPE_DLFS 3 531 #define NF9_FTYPE_VLAN 5 532 #define NF9_FTYPE_VLAN_IPV4 6 533 #define NF9_FTYPE_VLAN_IPV6 7 534 #define NF9_FTYPE_MPLS 10 535 #define NF9_FTYPE_MPLS_IPV4 11 536 #define NF9_FTYPE_MPLS_IPV6 12 537 #define NF9_FTYPE_VLAN_MPLS 15 538 #define NF9_FTYPE_VLAN_MPLS_IPV4 16 539 #define NF9_FTYPE_VLAN_MPLS_IPV6 17 540 #define NF9_FTYPE_TRAFFIC_MAX 99 /* temporary: re-coding needed */ 541 #define NF9_FTYPE_EVENT 100 /* temporary: re-coding needed */ 542 #define NF9_FTYPE_NAT_EVENT 100 543 #define NF9_FTYPE_OPTION 200 544 545 /* Packet pointers indexes */ 546 #define CUSTOM_PRIMITIVE_PACKET_PTR 0 547 #define CUSTOM_PRIMITIVE_MAC_PTR 1 548 #define CUSTOM_PRIMITIVE_VLAN_PTR 2 549 #define CUSTOM_PRIMITIVE_MPLS_PTR 3 550 #define CUSTOM_PRIMITIVE_L3_PTR 4 551 #define CUSTOM_PRIMITIVE_L4_PTR 5 552 #define CUSTOM_PRIMITIVE_PAYLOAD_PTR 6 553 #define CUSTOM_PRIMITIVE_MAX_PPTRS_IDX 7 554