1 /*
2  *  Copyright (c) 2009-2019, Peter Haag
3  *  Copyright (c) 2008, SWITCH - Teleinformatikdienste fuer Lehre und Forschung
4  *  All rights reserved.
5  *
6  *  Redistribution and use in source and binary forms, with or without
7  *  modification, are permitted provided that the following conditions are met:
8  *
9  *   * Redistributions of source code must retain the above copyright notice,
10  *     this list of conditions and the following disclaimer.
11  *   * Redistributions in binary form must reproduce the above copyright notice,
12  *     this list of conditions and the following disclaimer in the documentation
13  *     and/or other materials provided with the distribution.
14  *   * Neither the name of the author nor the names of its contributors may be
15  *     used to endorse or promote products derived from this software without
16  *     specific prior written permission.
17  *
18  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19  *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  *  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
22  *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  *  POSSIBILITY OF SUCH DAMAGE.
29  *
30  */
31 
32 #ifndef _COLLECTOR_H
33 #define _COLLECTOR_H 1
34 
35 #include "config.h"
36 
37 #include <sys/types.h>
38 #ifdef HAVE_STDINT_H
39 #include <stdint.h>
40 #endif
41 #include <sys/socket.h>
42 
43 #include "exporter.h"
44 #include "bookkeeper.h"
45 #include "nffile.h"
46 
47 #define FNAME_SIZE  256
48 
49 /* common minimum netflow header for all versions */
50 typedef struct common_flow_header {
51   uint16_t  version;
52   uint16_t  count;
53 } common_flow_header_t;
54 
55 typedef struct FlowSource_s {
56 	// link
57 	struct FlowSource_s *next;
58 
59 	// exporter identifiers
60 	char 				Ident[IDENTLEN];
61 	ip_addr_t			ip;
62 	uint32_t			sa_family;
63 
64 	int					any_source;
65 	bookkeeper_t 		*bookkeeper;
66 
67 	// all about data storage
68 	char				*datadir;		// where to store data for this source
69 	char				*current;		// current file name - typically nfcad.current.pid
70 	nffile_t			*nffile;		// the writing file handle
71 
72 	// statistical data per source
73 	uint32_t			bad_packets;
74 	uint64_t			first_seen;		// in msec
75 	uint64_t			last_seen;		// in msec
76 
77 	// Any exporter specific data
78 	exporter_t			*exporter_data;
79 	uint32_t			exporter_count;
80 	struct timeval		received;
81 
82 	// extension map list
83 	struct {
84 #define BLOCK_SIZE	16
85 		int	next_free;
86 		int	max_maps;
87 		int num_maps;
88 		extension_map_t	**maps;
89 	} extension_map_list;
90 
91 } FlowSource_t;
92 
93 /* input buffer size, to read data from the network */
94 #define NETWORK_INPUT_BUFF_SIZE 65535	// Maximum UDP message size
95 
96 // prototypes
97 int AddFlowSource(FlowSource_t **FlowSource, char *ident);
98 
99 int AddDefaultFlowSource(FlowSource_t **FlowSource, char *ident, char *path);
100 
101 int SetDynamicSourcesDir(FlowSource_t **FlowSource, char *dir);
102 
103 FlowSource_t *AddDynamicSource(FlowSource_t **FlowSource, struct sockaddr_storage *ss);
104 
105 int InitExtensionMapList(FlowSource_t *fs);
106 
107 int ReInitExtensionMapList(FlowSource_t *fs);
108 
109 int RemoveExtensionMap(FlowSource_t *fs, extension_map_t *map);
110 
111 int AddExtensionMap(FlowSource_t *fs, extension_map_t *map);
112 
113 void FlushStdRecords(FlowSource_t *fs);
114 
115 void FlushExporterStats(FlowSource_t *fs);
116 
117 int FlushInfoExporter(FlowSource_t *fs, exporter_info_record_t *exporter);
118 
119 int FlushInfoSampler(FlowSource_t *fs, sampler_info_record_t *sampler);
120 
121 /* Default time window in seconds to rotate files */
122 #define TIME_WINDOW	  	300
123 
124 /* overdue time:
125  * if nfcapd does not get any data, wake up the receive system call
126  * at least after OVERDUE_TIME seconds after the time window
127  */
128 #define OVERDUE_TIME	10
129 
130 // time nfcapd will wait for launcher to terminate
131 #define LAUNCHER_TIMEOUT 60
132 
133 #define SYSLOG_FACILITY "daemon"
134 
135 #endif //_COLLECTOR_H
136