26 #ifndef __CORSARO_DOS_H
27 #define __CORSARO_DOS_H
152 libtrace_packet_t *
packet);
uint32_t start_time_usec
The time of the initial packet (usec)
Header file dealing with the corsaro plugin manager.
off_t corsaro_dos_header_fprint(corsaro_t *corsaro, corsaro_file_t *file, corsaro_dos_header_t *header)
Print a header record to stdout in ASCII format.
An opaque structure defining an corsaro output file.
uint64_t packet_cnt
The number of packets that comprise this vector.
A reusable opaque structure for corsaro to read an input record into.
void corsaro_dos_attack_vector_get_packet(corsaro_dos_attack_vector_in_t *attack_vector, libtrace_packet_t *packet)
Extract the initial packet from an attack vector record.
int corsaro_dos_record_print(corsaro_in_record_type_t record_type, corsaro_in_record_t *record)
Print any DoS record to a file in ASCII format.
static libtrace_packet_t * packet
A pointer to a libtrace packet.
uint32_t initial_packet_len
The length of the initial packet (bytes)
static corsaro_in_record_t * record
A pointer to a corsaro record.
off_t corsaro_dos_attack_vector_fprint(corsaro_t *corsaro, corsaro_file_t *file, corsaro_dos_attack_vector_in_t *av)
Print an attack vector record to stdout in ASCII format.
uint32_t latest_time_sec
The time of the last packet (seconds)
uint32_t interval_attacker_ip_cnt
Number of IP addresses the alleged attack has originated from in the current interval.
off_t corsaro_dos_record_fprint(corsaro_t *corsaro, corsaro_file_t *file, corsaro_in_record_type_t record_type, corsaro_in_record_t *record)
Print any DoS record to stdout in ASCII format.
Structure to hold a dos attack vector.
off_t corsaro_dos_global_header_fprint(corsaro_t *corsaro, corsaro_file_t *file, corsaro_dos_global_header_t *header)
Print a global header record to stdout in ASCII format.
void corsaro_dos_global_header_print(corsaro_dos_global_header_t *header)
Print a global header record to a file in ASCII format.
uint32_t interval_packet_cnt
The number of packets added to this vector in the current interval.
uint8_t * initial_packet
A copy of the packet that caused the vector to be created.
void corsaro_dos_header_print(corsaro_dos_header_t *header)
Print a header record to a file in ASCII format.
uint32_t latest_time_usec
The time of the last packet (usec)
uint64_t byte_cnt
The number of bytes that comprise this vector.
uint32_t attacker_ip_cnt
Number of IP addresses the alleged attack has originated from.
uint32_t attack_port_cnt
Number of ports that alleged attack packets have originated from.
uint32_t target_port_cnt
Number of ports that alleged attack packets were directed to.
void corsaro_dos_attack_vector_print(corsaro_dos_attack_vector_in_t *av)
Print an attack vector record to a file in ASCII format.
uint32_t start_time_sec
The time of the initial packet (seconds)
uint32_t target_ip
The IP address of the alleged target of the attack.
uint64_t max_ppm
The maximum packet rate observed thus far.
enum corsaro_in_record_type corsaro_in_record_type_t
Corsaro input record types.
uint32_t interval_byte_cnt
The number of bytes added to this vector in the current interval.
#define CORSARO_PLUGIN_GENERATE_PROTOS(plugin)
Convenience macro that defines all the function prototypes for the corsaro plugin API...
![[CAIDA - Center for Applied Internet Data Analysis logo]](https://www.caida.org/images/caida_globe_faded.png)
![[CAIDA]](https://www.caida.org/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}