24 |
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
25 |
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
26 |
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
27 |
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
28 |
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
29 |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
30 |
*/ |
*/ |
31 |
|
|
32 |
#include <errno.h> |
#include <errno.h> |
33 |
#include <stdio.h> |
#include <stdio.h> |
34 |
#include <stdlib.h> |
#include <stdlib.h> |
35 |
#include <string.h> |
#include <string.h> |
36 |
#include <time.h> |
#include <time.h> |
37 |
#include <unistd.h> |
#include <unistd.h> |
38 |
|
|
39 |
const char * progname = NULL; |
const char *progname = NULL; |
40 |
const char * filename = NULL; |
const char *filename = NULL; |
41 |
FILE *file = NULL; |
FILE *file = NULL; |
42 |
|
|
43 |
int main(int argc, char **argv) |
int main(int argc, char **argv) |
44 |
{ |
{ |
45 |
void show_usage(int exitcode); |
void show_usage(int exitcode); |
46 |
void show_version(void); |
void show_version(void); |
47 |
void decode_file(void); |
void decode_file(void); |
48 |
|
|
49 |
int i; |
int i; |
50 |
|
|
51 |
progname = argv[0]; |
progname = argv[0]; |
52 |
|
|
53 |
opterr = 0; |
opterr = 0; |
54 |
while ( (i = getopt(argc, argv, "hv")) != -1) { |
while ( (i = getopt(argc, argv, "hv")) != -1) { |
55 |
switch (i) { |
switch (i) { |
152 |
void decode_file(void) |
void decode_file(void) |
153 |
{ |
{ |
154 |
void decode_host_db_v1(void); |
void decode_host_db_v1(void); |
155 |
void decode_graph_db_v1(void); |
void decode_graph_db_v1(void); |
156 |
|
|
157 |
unsigned int fileheader; |
unsigned int fileheader; |
158 |
unsigned int sectionheader; |
unsigned int sectionheader; |
159 |
|
|
160 |
unsigned int i; |
unsigned int i; |
161 |
|
|
162 |
if ( (file = fopen(filename, "rb")) == NULL) { |
if ( (file = fopen(filename, "rb")) == NULL) { |
163 |
fprintf(stderr, "%s: fopen(\"%s\") = %s (%d)\n", progname, filename, strerror(errno), errno); |
fprintf(stderr, "%s: fopen(\"%s\") = %s (%d)\n", progname, filename, strerror(errno), errno); |
164 |
exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
165 |
} // if |
} // if |
166 |
|
|
167 |
if ( (fileheader = read32u()) != 0xDA314159U) { // not darkstat export format |
#define FILE_HEADER_V1 0xDA314159U |
168 |
fprintf(stderr, "%s:%s: file header = 0x%x, not 0x%x\n", progname, filename, fileheader, 0xDA314159U); |
|
169 |
|
if ( (fileheader = read32u()) != FILE_HEADER_V1) { // not darkstat export format |
170 |
|
fprintf(stderr, "%s:%s: file header = 0x%x, not 0x%x\n", progname, filename, fileheader, FILE_HEADER_V1); |
171 |
exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
172 |
} // if |
} // if |
173 |
|
|
174 |
printf("File header 0x%x\n", fileheader); |
printf("File header 0x%x\n", fileheader); |
175 |
|
|
176 |
// Possible section header for host_db v1 and later graph_db v1. |
// Possible section header for host_db v1 and later graph_db v1. |
177 |
indent(); |
indent(); |
178 |
|
|
179 |
|
#define HOST_DB_V1 0xDA485301U |
180 |
|
#define GRAPH_DB_V1 0xDA475201U |
181 |
|
|
182 |
for (i = 0; i < 2; i++) { |
for (i = 0; i < 2; i++) { |
183 |
if ( (sectionheader = read32u()) == 0xDA485301U) { |
if ( (sectionheader = read32u()) == HOST_DB_V1) { |
184 |
print_indentation(); |
print_indentation(); |
185 |
printf("Section header 0x%x\n", sectionheader); |
printf("Section header host_db v1 0x%x\n", sectionheader); |
186 |
decode_host_db_v1(); |
decode_host_db_v1(); |
187 |
} // if |
} // if |
188 |
else if (sectionheader == 0xDA475201U) { |
else if (sectionheader == GRAPH_DB_V1) { |
189 |
print_indentation(); |
print_indentation(); |
190 |
printf("Section header 0x%x\n", sectionheader); |
printf("Section header graph_db v1 0x%x\n", sectionheader); |
191 |
decode_graph_db_v1(); |
decode_graph_db_v1(); |
192 |
} // else if |
} // else if |
193 |
else { |
else { |
194 |
fprintf(stderr, "%s:%s: unknown section header = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, sectionheader, 0xDA485301U, 0xDA475201U); |
fprintf(stderr, "%s:%s: unknown section header = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, sectionheader, HOST_DB_V1, GRAPH_DB_V1); |
195 |
exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
196 |
} // else |
} // else |
197 |
} // for |
} // for |
198 |
|
|
199 |
exdent(); |
exdent(); |
200 |
} // decode_file() |
} // decode_file() |
201 |
|
|
202 |
void decode_host_db_v1(void) |
void decode_host_db_v1(void) |
203 |
{ |
{ |
204 |
void decode_host_header_v1(void); |
void decode_host_header_v1(void); |
205 |
void decode_host_header_v2(void); |
void decode_host_header_v2(void); |
206 |
void decode_host_header_v3(void); |
void decode_host_header_v3(void); |
207 |
|
|
208 |
unsigned int hostcount; |
unsigned int hostcount; |
209 |
unsigned int i; |
unsigned int i; |
211 |
indent(); |
indent(); |
212 |
|
|
213 |
hostcount = read32u(); |
hostcount = read32u(); |
214 |
|
|
215 |
print_indentation(); |
print_indentation(); |
216 |
printf("Host count %u\n", hostcount); |
printf("Host count %u\n", hostcount); |
217 |
|
|
218 |
for (i = 0; i < hostcount; i++) { |
for (i = 0; i < hostcount; i++) { |
219 |
unsigned int hostheader; |
unsigned int hostheader; |
220 |
|
|
221 |
print_indentation(); |
print_indentation(); |
222 |
printf("Host #%u of %u:\n", i + 1, hostcount); |
printf("Host #%u of %u:\n", i + 1, hostcount); |
223 |
|
|
224 |
indent(); |
indent(); |
225 |
|
|
226 |
if ( (hostheader = read32u()) == 0x48535403U) { // host header v3 |
#define HOST_HEADER_V3 0x48535403U |
227 |
|
#define HOST_HEADER_V2 0x48535402U |
228 |
|
#define HOST_HEADER_V1 0x48535401U |
229 |
|
|
230 |
|
if ( (hostheader = read32u()) == HOST_HEADER_V3) { // host header v3 |
231 |
print_indentation(); |
print_indentation(); |
232 |
printf("Host header v3 0x%x\n", hostheader); |
printf("Host header v3 0x%x\n", hostheader); |
233 |
decode_host_header_v3(); |
decode_host_header_v3(); |
234 |
} // if |
} // if |
235 |
else if (hostheader == 0x48535402U) { // host header v2 |
else if (hostheader == HOST_HEADER_V2) { // host header v2 |
236 |
print_indentation(); |
print_indentation(); |
237 |
printf("Host header v2 0x%x\n", hostheader); |
printf("Host header v2 0x%x\n", hostheader); |
238 |
decode_host_header_v2(); |
decode_host_header_v2(); |
239 |
} // else if |
} // else if |
240 |
else if (hostheader == 0x48535401U) { // host header v1 |
else if (hostheader == HOST_HEADER_V1) { // host header v1 |
241 |
print_indentation(); |
print_indentation(); |
242 |
printf("Host header v1 0x%x\n", hostheader); |
printf("Host header v1 0x%x\n", hostheader); |
243 |
decode_host_header_v1(); |
decode_host_header_v1(); |
244 |
} // else if |
} // else if |
245 |
else { // unknown host header version |
else { // unknown host header version |
246 |
fprintf(stderr, "%s:%s: unknown host header = 0x%x, neither 0x%x nor 0x%x nor 0x%x\n", progname, filename, hostheader, 0x48535403U, 0x48535402U, 0x48535401U); |
fprintf(stderr, "%s:%s: unknown host header = 0x%x, neither 0x%x nor 0x%x nor 0x%x\n", progname, filename, hostheader, HOST_HEADER_V3, HOST_HEADER_V2, HOST_HEADER_V1); |
247 |
exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
248 |
} // else |
} // else |
249 |
|
|
250 |
exdent(); |
exdent(); |
251 |
} // for |
} // for |
252 |
|
|
253 |
exdent(); |
exdent(); |
254 |
} // decode_host_db_v1() |
} // decode_host_db_v1() |
255 |
|
|
256 |
void decode_protos_data(void); |
void decode_protos_data(void); |
257 |
void decode_tcp_data(void); |
void decode_tcp_data(void); |
258 |
void decode_udp_data(void); |
void decode_udp_data(void); |
259 |
|
|
260 |
void decode_host_header_v1(void) |
void decode_host_header_v1(void) |
261 |
{ |
{ |
366 |
ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]); |
ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]); |
367 |
|
|
368 |
macaddress[0] = read8u(); |
macaddress[0] = read8u(); |
369 |
macaddress[1] = read8u(); |
macaddress[1] = read8u(); |
370 |
macaddress[2] = read8u(); |
macaddress[2] = read8u(); |
371 |
macaddress[3] = read8u(); |
macaddress[3] = read8u(); |
372 |
macaddress[4] = read8u(); |
macaddress[4] = read8u(); |
373 |
macaddress[5] = read8u(); |
macaddress[5] = read8u(); |
374 |
|
|
375 |
print_indentation(); |
print_indentation(); |
376 |
printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]); |
printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]); |
377 |
|
|
378 |
lastseen = read64s(); |
lastseen = read64s(); |
379 |
|
|
380 |
print_indentation(); |
print_indentation(); |
381 |
printf("Last seen %ld = ", lastseen); |
printf("Last seen 0x%lx = %ld = ", lastseen, lastseen); |
382 |
print_time_t(lastseen); |
print_time_t(lastseen); |
383 |
puts(""); |
puts(""); |
384 |
|
|
385 |
hostnamelen = read8u(); |
hostnamelen = read8u(); |
386 |
|
|
387 |
print_indentation(); |
print_indentation(); |
388 |
printf("Hostname length %d\n", hostnamelen); |
printf("Hostname length %d\n", hostnamelen); |
389 |
|
|
390 |
for (i = 0; i < hostnamelen; i++) { |
for (i = 0; i < hostnamelen; i++) { |
391 |
hostname[i] = read8u(); |
hostname[i] = read8u(); |
392 |
} // for |
} // for |
393 |
hostname[i] = '\0'; |
hostname[i] = '\0'; |
394 |
|
|
395 |
print_indentation(); |
print_indentation(); |
396 |
printf("Hostname %s\n", hostname); |
printf("Hostname %s\n", hostname); |
507 |
} // else |
} // else |
508 |
|
|
509 |
macaddress[0] = read8u(); |
macaddress[0] = read8u(); |
510 |
macaddress[1] = read8u(); |
macaddress[1] = read8u(); |
511 |
macaddress[2] = read8u(); |
macaddress[2] = read8u(); |
512 |
macaddress[3] = read8u(); |
macaddress[3] = read8u(); |
513 |
macaddress[4] = read8u(); |
macaddress[4] = read8u(); |
514 |
macaddress[5] = read8u(); |
macaddress[5] = read8u(); |
515 |
|
|
516 |
print_indentation(); |
print_indentation(); |
517 |
printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]); |
printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]); |
518 |
|
|
519 |
lastseen = read64s(); |
lastseen = read64s(); |
520 |
|
|
521 |
print_indentation(); |
print_indentation(); |
522 |
printf("Last seen %ld = ", lastseen); |
printf("Last seen 0x%lx = %ld = ", lastseen, lastseen); |
523 |
print_time_t(lastseen); |
print_time_t(lastseen); |
524 |
puts(""); |
puts(""); |
525 |
|
|
526 |
hostnamelen = read8u(); |
hostnamelen = read8u(); |
527 |
|
|
528 |
print_indentation(); |
print_indentation(); |
529 |
printf("Hostname length %d\n", hostnamelen); |
printf("Hostname length %d\n", hostnamelen); |
530 |
|
|
531 |
for (i = 0; i < hostnamelen; i++) { |
for (i = 0; i < hostnamelen; i++) { |
532 |
hostname[i] = read8u(); |
hostname[i] = read8u(); |
533 |
} // for |
} // for |
534 |
hostname[i] = '\0'; |
hostname[i] = '\0'; |
535 |
|
|
536 |
print_indentation(); |
print_indentation(); |
537 |
printf("Hostname %s\n", hostname); |
printf("Hostname %s\n", hostname); |
583 |
|
|
584 |
indent(); |
indent(); |
585 |
|
|
586 |
for (u = 0; u < ipprotocount; u++) { |
for (u = 0; u < ipprotocount; u++) { |
587 |
unsigned char proto; |
unsigned char proto; |
588 |
unsigned long in; |
unsigned long in; |
589 |
unsigned long out; |
unsigned long out; |
590 |
|
|
591 |
print_indentation(); |
print_indentation(); |
592 |
printf("Protocol #%u of %u:\n", u + 1, ipprotocount); |
printf("Protocol #%u of %u:\n", u + 1, ipprotocount); |
593 |
|
|
594 |
proto = read8u(); |
proto = read8u(); |
595 |
|
|
596 |
indent(); |
indent(); |
597 |
print_indentation(); |
print_indentation(); |
598 |
printf("Protocol 0x%x\n", proto); |
printf("Protocol 0x%02x\n", proto); |
599 |
|
|
600 |
in = read64u(); |
in = read64u(); |
601 |
|
|
602 |
print_indentation(); |
print_indentation(); |
603 |
printf("In %lu\n", in); |
printf("In %lu\n", in); |
604 |
|
|
605 |
out = read64u(); |
out = read64u(); |
606 |
|
|
607 |
print_indentation(); |
print_indentation(); |
608 |
printf("Out %lu\n", out); |
printf("Out %lu\n", out); |
609 |
|
|
610 |
exdent(); |
exdent(); |
611 |
} // for |
} // for |
612 |
|
|
613 |
exdent(); |
exdent(); |
697 |
} // for |
} // for |
698 |
|
|
699 |
exdent(); |
exdent(); |
700 |
} // decode_udp_data() |
} // decode_udp_data() |
701 |
|
|
702 |
void decode_graph_db_v1(void) |
void decode_graph_db_v1(void) |
703 |
{ |
{ |
704 |
signed long lasttime; |
signed long lasttime; |
705 |
|
|
706 |
unsigned int i; |
unsigned int i; |
707 |
|
|
708 |
lasttime = read64s(); |
lasttime = read64s(); |
709 |
|
|
710 |
indent(); |
indent(); |
711 |
print_indentation(); |
print_indentation(); |
712 |
printf("Last time %ld = ", lasttime); |
printf("Last time 0x%lx = %ld = ", lasttime, lasttime); |
713 |
print_time_t(lasttime); |
print_time_t(lasttime); |
714 |
puts(""); |
puts(""); |
715 |
|
|
716 |
for (i = 0; i < 4; i++) { |
for (i = 0; i < 4; i++) { |
717 |
unsigned char nbars; |
unsigned char nbars; |
718 |
unsigned char idxlastbar; |
unsigned char idxlastbar; |
719 |
|
|
720 |
unsigned int j; |
unsigned int j; |
721 |
|
|
722 |
print_indentation(); |
print_indentation(); |
723 |
printf("Graph #%d of 4:\n", i + 1); |
printf("Graph #%d of 4:\n", i + 1); |
724 |
|
|
725 |
nbars = read8u(); |
nbars = read8u(); |
726 |
|
|
727 |
indent(); |
indent(); |