Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
The Center for Applied Internet Data Analysis
Macros | Functions | Variables
corsaro_main.c File Reference

Code which uses libcorsaro to process a trace file and generate output. More...

Go to the source code of this file.

Macros

#define LEGACY_INTERVAL_CNT   60
 The number of intervals in CAIDA's legacy flowtuple files. More...
 
#define HARD_SHUTDOWN   3
 The number of SIGINTs to catch before aborting. More...
 

Functions

static void catch_sigint (int sig)
 Handles SIGINT gracefully and shuts down. More...
 
static void clean ()
 Clean up all state before exit. More...
 
static int init_trace (char *tracefile)
 Prepare a new trace file for reading. More...
 
static void close_trace ()
 Close a trace file. More...
 
static int process_trace (char *traceuri)
 Process a trace file. More...
 
static int init_flowtuple (const char *tuplefile)
 Prepare for processing a FlowTuple file. More...
 
static void close_flowtuple ()
 Close a flowtuple input file. More...
 
static int process_corsaro (const char *corsuri)
 Process a FlowTuple input file. More...
 
static void usage (const char *name)
 Print usage information to stderr. More...
 
int main (int argc, char *argv[])
 Entry point for the Corsaro tool. More...
 

Variables

volatile sig_atomic_t corsaro_shutdown = 0
 Indicates that Corsaro is waiting to shutdown. More...
 
static libtrace_t * trace = NULL
 A pointer to a libtrace object. More...
 
static libtrace_packet_t * packet = NULL
 A pointer to a libtrace packet. More...
 
static libtrace_filter_t * filter = NULL
 A pointer to a libtrace BPF filter. More...
 
static corsaro_in_tcorsaro_in = NULL
 A pointer to a corsaro_in object for use when reading flowtuple files. More...
 
static corsaro_in_record_trecord = NULL
 A pointer to a corsaro record. More...
 
static corsaro_tcorsaro = NULL
 A pointer to the instance of corsaro that we will drive. More...
 
static int promisc = 0
 Should a live interface be set to promiscuous mode? More...
 
static int legacy_intervals = 0
 The number of legacy intervals we have processed. More...
 

Detailed Description

Code which uses libcorsaro to process a trace file and generate output.

Author
Alistair King

Definition in file corsaro_main.c.

Macro Definition Documentation

#define HARD_SHUTDOWN   3

The number of SIGINTs to catch before aborting.

Definition at line 61 of file corsaro_main.c.

Referenced by catch_sigint().

#define LEGACY_INTERVAL_CNT   60

The number of intervals in CAIDA's legacy flowtuple files.

Definition at line 55 of file corsaro_main.c.

Referenced by process_corsaro().

Function Documentation

static void catch_sigint ( int  sig)
static

Handles SIGINT gracefully and shuts down.

Definition at line 87 of file corsaro_main.c.

References corsaro_shutdown, HARD_SHUTDOWN, and trace.

Referenced by main().

static void clean ( )
static

Clean up all state before exit.

Definition at line 110 of file corsaro_main.c.

References corsaro_finalize_output(), corsaro_in_free_record(), and packet.

Referenced by main().

static void close_flowtuple ( )
static

Close a flowtuple input file.

Definition at line 252 of file corsaro_main.c.

References corsaro_finalize_input(), and corsaro_in_free_record().

Referenced by process_corsaro().

static void close_trace ( )
static

Close a trace file.

Definition at line 174 of file corsaro_main.c.

References trace.

Referenced by main().

static int init_flowtuple ( const char *  tuplefile)
static

Prepare for processing a FlowTuple file.

Definition at line 223 of file corsaro_main.c.

References corsaro_alloc_input(), corsaro_in_alloc_record(), corsaro_log(), and corsaro_start_input().

Referenced by process_corsaro().

static int init_trace ( char *  tracefile)
static

Prepare a new trace file for reading.

Definition at line 133 of file corsaro_main.c.

References corsaro_log(), legacy_intervals, packet, promisc, and trace.

Referenced by process_trace().

int main ( int  argc,
char *  argv[] 
)

Entry point for the Corsaro tool.

Definition at line 371 of file corsaro_main.c.

References catch_sigint(), clean(), close_trace(), corsaro_alloc_output(), corsaro_disable_globalfile(), corsaro_disable_logfile(), corsaro_enable_plugin(), CORSARO_FILE_MODE_ASCII, CORSARO_FILE_MODE_BINARY, corsaro_finalize_output(), corsaro_flowtuple_probe_file(), corsaro_log(), CORSARO_PLUGIN_ID_MAX, corsaro_set_interval(), corsaro_set_interval_alignment(), corsaro_set_meta_output_rotation(), corsaro_set_monitorname(), corsaro_set_output_rotation(), corsaro_set_traceuri(), corsaro_shutdown, corsaro_start_output(), filter, legacy_intervals, process_corsaro(), process_trace(), promisc, trace, and usage().

static int process_corsaro ( const char *  corsuri)
static

Process a FlowTuple input file.

Definition at line 268 of file corsaro_main.c.

References close_flowtuple(), corsaro_in_get_record_data(), corsaro_in_read_record(), CORSARO_IN_RECORD_TYPE_IO_INTERVAL_END, CORSARO_IN_RECORD_TYPE_NULL, corsaro_log(), corsaro_per_record(), corsaro_shutdown, init_flowtuple(), LEGACY_INTERVAL_CNT, legacy_intervals, corsaro_interval::number, and corsaro_interval::time.

Referenced by main().

static int process_trace ( char *  traceuri)
static

Process a trace file.

Definition at line 184 of file corsaro_main.c.

References corsaro_log(), corsaro_per_packet(), corsaro_set_trace(), corsaro_shutdown, filter, init_trace(), packet, and trace.

Referenced by main().

static void usage ( const char *  name)
static

Print usage information to stderr.

Definition at line 321 of file corsaro_main.c.

References corsaro_free_plugin_names(), corsaro_get_plugin_names(), CORSARO_INTERVAL_DEFAULT, and STR.

Referenced by main().

Variable Documentation

corsaro_t* corsaro = NULL
static

A pointer to the instance of corsaro that we will drive.

Definition at line 80 of file corsaro_main.c.

Referenced by corsaro_alloc_input(), corsaro_alloc_output(), corsaro_in_alloc_record(), corsaro_io_write_interval_end(), corsaro_io_write_plugin_end(), and corsaro_io_write_plugin_start().

corsaro_in_t* corsaro_in = NULL
static

A pointer to a corsaro_in object for use when reading flowtuple files.

Definition at line 74 of file corsaro_main.c.

volatile sig_atomic_t corsaro_shutdown = 0

Indicates that Corsaro is waiting to shutdown.

Definition at line 58 of file corsaro_main.c.

Referenced by catch_sigint(), main(), process_corsaro(), and process_trace().

libtrace_filter_t* filter = NULL
static

A pointer to a libtrace BPF filter.

Definition at line 69 of file corsaro_main.c.

Referenced by main(), and process_trace().

int legacy_intervals = 0
static

The number of legacy intervals we have processed.

Definition at line 84 of file corsaro_main.c.

Referenced by init_trace(), main(), and process_corsaro().

libtrace_packet_t* packet = NULL
static

A pointer to a libtrace packet.

Definition at line 67 of file corsaro_main.c.

Referenced by clean(), corsaro_dos_attack_vector_print(), init_trace(), and process_trace().

int promisc = 0
static

Should a live interface be set to promiscuous mode?

Definition at line 82 of file corsaro_main.c.

Referenced by init_trace(), and main().

corsaro_in_record_t* record = NULL
static

A pointer to a corsaro record.

Definition at line 76 of file corsaro_main.c.

Referenced by cache_add(), cache_get(), corsaro_geo_init_record(), corsaro_geo_provider_add_record(), corsaro_in_alloc_record(), corsaro_pfx2as_close_output(), corsaro_pfx2as_init_output(), parse_maxmind_location_row(), parse_netacq_edge_location_row(), process_generic(), and read_routeviews().

libtrace_t* trace = NULL
static

A pointer to a libtrace object.

Definition at line 65 of file corsaro_main.c.

Referenced by catch_sigint(), close_trace(), corsaro_set_trace(), init_trace(), main(), and process_trace().