madscientist
/
SNFMulti
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

cleaned up namespace and dropped inline snfLOGmgr

master
Pete McNeil 4 years ago
parent
bb37eb00c3
commit
323b757ceb
3 changed files with 270 additions and 158 deletions
Split View Show Diff Stats
  1. 7
    7
      snfGBUdbmgr.hpp
  2. 161
    43
      snfLOGmgr.cpp
  3. 102
    108
      snfLOGmgr.hpp

+ 7
- 7
snfGBUdbmgr.hpp View File

@@ -1,5 +1,5 @@
// snfGBUdbmgr.hpp
// Copyright (C) 2006 - 2009 ARM Research Labs, LLC.
// Copyright (C) 2006 - 2020 ARM Research Labs, LLC.
// See www.armresearch.com for the copyright terms.
//
// This module manages the GBUdb(s) that are used in the SNF scanner engine.
@@ -19,9 +19,9 @@ using namespace std;

class snfLOGmgr;

class snfGBUdbmgr : public Thread {
class snfGBUdbmgr : public cd::Thread {
private:
Mutex MyMutex;
cd::Mutex MyMutex;
GBUdb* MyGBUdb;
snfLOGmgr* MyLOGmgr;
bool Configured;
@@ -29,9 +29,9 @@ class snfGBUdbmgr : public Thread {

// Condensation parts

Timeout CondenseGuardTime;
cd::Timeout CondenseGuardTime;
bool TimeTriggerOnOff;
Timeout TimeTrigger;
cd::Timeout TimeTrigger;
bool PostsTriggerOnOff;
int PostsTriggerValue;
bool RecordsTriggerOnOff;
@@ -42,7 +42,7 @@ class snfGBUdbmgr : public Thread {
// Checkpoint parts

bool CheckpointOnOff;
Timeout CheckpointTrigger;
cd::Timeout CheckpointTrigger;

// Utility functions

@@ -61,7 +61,7 @@ class snfGBUdbmgr : public Thread {
void GetAlertsForSync(list<GBUdbAlert>& AlertList); // Fill AlertList w/ outgoing alerts.
void ProcessReflections(list<GBUdbAlert>& Reflections); // Integrate returning reflections.

const static ThreadType Type; // The thread's type.
const static cd::ThreadType Type; // The thread's type.

};


+ 161
- 43
snfLOGmgr.cpp View File

@@ -1,6 +1,6 @@
// snfLOGmgr.cpp
//
// (C) Copyright 2006 - 2009 ARM Research Labs, LLC.
// (C) Copyright 2006 - 2020 ARM Research Labs, LLC.
// See www.armresearch.com for the copyright terms.
//
// Log Manager implementations see snfLOGmgr.hpp for details.
@@ -14,14 +14,132 @@

namespace cd = codedweller;

//// snfScanData ///////////////////////////////////////////////////////////////

int snfScanData::IPScanCount() { // Return the number of IPs.
return MyIPCount;
}

IPScanRecord& snfScanData::newIPScanRecord() { // Get the next free IP scan record.
if(MaxIPsPerMessage <= MyIPCount) { // Check that we have more records.
throw NoFreeIPScanRecords(); // If we do not then throw!
} // If we do have more records then
IPScanRecord& NewRecord = MyIPScanData[MyIPCount]; // Pick the next available one,
NewRecord.Ordinal = MyIPCount; // set the ordinal value,
++MyIPCount; // increase our count, and
return NewRecord; // return the one we picked.
}

IPScanRecord& snfScanData::IPScanData(int i) { // Return the IP scan record i.
if(MyIPCount <= i || 0 > i) { // First check that i is in bounds.
throw OutOfBounds(); // if it is not then throw!
} // If the record for [i] is available
return MyIPScanData[i]; // return it.
}

void snfScanData::drillPastOrdinal(int O) { // Sets Drill Down flag for IP record O.
if(0 <= O && O < MaxIPsPerMessage) { // If O is a useable Received ordinal
DrillDownFlags[O] = true; // then set the Drill Down Flag for O.
}
}

bool snfScanData::isDrillDownSource(IPScanRecord& X) { // True if we drill through this source.
if(
(0UL != myCallerForcedSourceIP) || // If the source IP has been forced by
(0UL != myHeaderDirectiveSourceIP) // the caller or by a header directive
) return false; // then drilldowns are disabled.
// Otherwise check for a drilldown flag.
return DrillDownFlags[X.Ordinal]; // Presuming X is valid, return the flag.
} // If X is not valid we may blow up!

IPScanRecord& snfScanData::SourceIPRecord(IPScanRecord& X) { // Sets the source IP record.
SourceIPOrdinal = X.Ordinal; // Here's the ordinal.
SourceIPFoundFlag = true; // Here's the truth flag.
return X; // Return what was set.
}

IPScanRecord& snfScanData::SourceIPRecord() { // Gets the source IP record.
return IPScanData(SourceIPOrdinal); // Return the IP record, or throw
} // OutOfBounds.

bool snfScanData::FoundSourceIP() { // True if the source IP record was set.
return SourceIPFoundFlag; // Return what the flag says.
}

snfIPRange snfScanData::SourceIPRange(snfIPRange R) { // Establish the IP range.
return (SourceIPRangeFlag = R); // set and return the value w/ R.
}

snfIPRange snfScanData::SourceIPRange() { // Gets the source IP detection range.
return SourceIPRangeFlag; // Return what the flag says.
}

cd::IP4Address snfScanData::HeaderDirectiveSourceIP(cd::IP4Address A) { // set Header directive source IP.
if(0UL == myHeaderDirectiveSourceIP) myHeaderDirectiveSourceIP = A; // If this value is not set, set it.
return myHeaderDirectiveSourceIP; // Return the value.
}

cd::IP4Address snfScanData::HeaderDirectiveSourceIP() { // get Header directive source IP.
return myHeaderDirectiveSourceIP; // Return the current value.
}

cd::IP4Address snfScanData::CallerForcedSourceIP(cd::IP4Address A) { // set Caller forced source IP.
if(0UL == myCallerForcedSourceIP) myCallerForcedSourceIP = A; // If this value is not set, set it.
return myCallerForcedSourceIP; // Return the value.
}

cd::IP4Address snfScanData::CallerForcedSourceIP() { // get Caller forced source IP.
return myCallerForcedSourceIP; // Return the current value.
}

//// snfLOGmgr /////////////////////////////////////////////////////////////////

void snfLOGmgr::updateActiveUTC(std::string ActiveUTC) { // Update Active Rulebase UTC.
cd::ScopeMutex Freeze(MyMutex); // Protect the strings.
ActiveRulebaseUTC = ActiveUTC; // Update the active timestamp.
NewerRulebaseIsAvailable = false; // Update availability is now unknown.
}

void snfLOGmgr::updateAvailableUTC(std::string& AvailableRulebaseTimestamp) { // Changes update avialability stamp.
cd::ScopeMutex Freeze(MyMutex); // Protect the strings.
AvailableRulebaseUTC = AvailableRulebaseTimestamp; // Store the new timestamp.
if(0 < AvailableRulebaseUTC.compare(ActiveRulebaseUTC)) { // If the available timestamp is newer
NewerRulebaseIsAvailable = true; // than the active then set the flag.
} else { // If it is not newer then
NewerRulebaseIsAvailable = false; // reset the flag.
}
}

std::string snfLOGmgr::ActiveRulebaseTimestamp() { // Get active rulebase timestamp.
cd::ScopeMutex Freeze(MyMutex); // Protect the string.
return ActiveRulebaseUTC; // Return it.
}

std::string snfLOGmgr::AvailableRulebaseTimestamp() { // Get available rulebase timestamp.
cd::ScopeMutex Freeze(MyMutex); // Protect the strings.
return AvailableRulebaseUTC; // Return the available timestamp.
}

bool snfLOGmgr::isUpdateAvailable() { // True if update is available.
return NewerRulebaseIsAvailable; // Return the flag's value.
}

int snfLOGmgr::LatestRuleID() { // Query the latest rule id.
return Status.LatestRuleID; // This simple value is atomic
} // so we can read it without the mutex.

int snfLOGmgr::RunningTime() { // Get the time we've been alive.
return (int) difftime(Timestamp(), StartupTime);
}

//// DiscLogger ////////////////////////////////////////////////////////////////

const ThreadType DiscLogger::Type("DiscLogger"); // The thread's type.
const cd::ThreadType DiscLogger::Type("DiscLogger"); // The thread's type.

const ThreadState DiscLogger::DiscLogger_Flush("Flushing"); // Flushing state.
const ThreadState DiscLogger::DiscLogger_Wait("Waiting"); // Waiting state.
const cd::ThreadState DiscLogger::DiscLogger_Flush("Flushing"); // Flushing state.
const cd::ThreadState DiscLogger::DiscLogger_Wait("Waiting"); // Waiting state.

DiscLogger::DiscLogger(string N) : // When it is time to start...
DiscLogger::DiscLogger(std::string N) : // When it is time to start...
Thread(DiscLogger::Type, N), // DiscLogger Type and Name.
UseANotB(true), // Set all of the flags to their
isDirty(false), // appropriate initial state
@@ -38,11 +156,11 @@ DiscLogger::~DiscLogger() {
join(); // Wait for the thread to stop.
}

void DiscLogger::post(const string Input, const string NewPath) { // Post Input to log.
void DiscLogger::post(const std::string Input, const std::string NewPath) { // Post Input to log.
if(!isEnabled) return; // If we're not enabled, eat it.
ScopeMutex PostingNewDataNobodyMove(BufferControlMutex); // Keep things static while posting.
cd::ScopeMutex PostingNewDataNobodyMove(BufferControlMutex); // Keep things static while posting.
if(0 < NewPath.length()) { myPath = NewPath; } // Reset the path if provided.
string& Buffer = PostingBuffer(); // Grab the posting buffer.
std::string& Buffer = PostingBuffer(); // Grab the posting buffer.
if(!inAppendMode) Buffer.clear(); // If overwriting, clear the old.
Buffer.append(Input); // Add the new data.
isDirty = true; // We're dirty now.
@@ -53,8 +171,8 @@ void DiscLogger::post(const string Input, const string NewPath) {
// of data to build up in the buffers and that would be bad.

void DiscLogger::flush() { // Flush right now!
string FilePath; // Local copy of the path.
ScopeMutex FlushingNow(FlushMutex); // We're flushing.
std::string FilePath; // Local copy of the path.
cd::ScopeMutex FlushingNow(FlushMutex); // We're flushing.
if(isDirty) { // Nothing to do if not dirty.
BufferControlMutex.lock(); // Lock the buffer controls.
FlushingBuffer().clear(); // Clear the old flushing buffer.
@@ -81,7 +199,7 @@ void DiscLogger::flush() {
}

void DiscLogger::myTask() { // Main thread task
Sleeper WaitASecond(1000); // How to wait for 1 second.
cd::Sleeper WaitASecond(1000); // How to wait for 1 second.
while(!isTimeToStop) { // Until it is time to stop:
CurrentThreadState(DiscLogger_Wait); // post our waiting and
WaitASecond(); // we wait a second, then
@@ -200,31 +318,31 @@ void snfCounterPack::reset() {

//// IntervalTimer /////////////////////////////////////////////////////////////

Timer& IntervalTimer::Active() { // Return the active timer.
cd::Timer& IntervalTimer::Active() { // Return the active timer.
return ((ANotB)?A:B); // If A is active, return A
} // otherwise return B.

Timer& IntervalTimer::Inactive() { // Return the inactive timer.
cd::Timer& IntervalTimer::Inactive() { // Return the inactive timer.
return ((ANotB)?B:A); // If A is active, return B
} // otherwise return A.

msclock IntervalTimer::hack() { // Chop off a new interval & return it.
cd::msclock IntervalTimer::hack() { // Chop off a new interval & return it.
Inactive().start(Active().stop()); // Stop the active clock and reference
ANotB = !ANotB; // it to start the new Active clock.
return Interval(); // Flip the bit and return the Interval.
}

msclock IntervalTimer::Interval() { // Return the last interval.
cd::msclock IntervalTimer::Interval() { // Return the last interval.
return Inactive().getElapsedTime(); // Return the Inactive elapsed time.
}

msclock IntervalTimer::Elapsed() { // Return the time since last hack.
cd::msclock IntervalTimer::Elapsed() { // Return the time since last hack.
return Active().getElapsedTime(); // Return the Active elapsed time.
}

//// snfLOGmgr /////////////////////////////////////////////////////////////////

const ThreadType snfLOGmgr::Type("snfLOGmgr"); // The thread's type.
const cd::ThreadType snfLOGmgr::Type("snfLOGmgr"); // The thread's type.

snfLOGmgr::snfLOGmgr() : // Constructor for the LOG manager
Thread(snfLOGmgr::Type, "Log Manager"), // snfLOGmgr Type and Name.
@@ -333,19 +451,19 @@ void AppendRatesElement(
const char* Name, // The name of the element (usually 1 char).
snf_SMHDMY_Counter& D, // Data counter
snf_SMHDMY_Counter& T, // Time counter
ostringstream& S) { // Where to append the formatted output.
std::ostringstream& S) { // Where to append the formatted output.
S << "\t\t<" << Name << " "
<< "s=\'" << snf_AveragePerSecond(D, T) << "\' "
<< "m=\'" << snf_AveragePerMinute(D, T) << "\' "
<< "h=\'" << snf_AveragePerHour(D, T) << "\' "
<< "d=\'" << snf_AveragePerDay(D, T) << "\'/>"
<< endl;
<< std::endl;
}

void AppendHistogramElements(Histogram& H, ostringstream& S) { // Format & output a histogram.
void AppendHistogramElements(cd::Histogram& H, std::ostringstream& S) { // Format & output a histogram.
if(0 < H.size()) { // Don't output empty histograms.
S << "\t\t<histogram hits=\'" << H.Hits() << "\'>" << endl; // Open tag w/ hits count.
set<HistogramRecord>::iterator iH; // Use an iterator to
std::set<cd::HistogramRecord>::iterator iH; // Use an iterator to
for(iH = H.begin(); iH != H.end(); iH++) { // loop through all of the groups.
S << "\t\t\t<g k=\'" // For each group in the histogram
<< (*iH).Key << "\' c=\'" // output the key value and
@@ -535,7 +653,7 @@ bool snfLOGmgr::do_SecondReport() {

// Just before we go we save our stat for others to see.

ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
cd::ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
SecondReportText = Report.str(); // to post our status and return

// Finally we return the test - Do we have a complete cycle in Seconds?
@@ -704,7 +822,7 @@ bool snfLOGmgr::do_MinuteReport() {

// Just before we go we save our stat for others to see.

ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
cd::ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
MinuteReportText = Report.str(); // to post our status and return

return(TimeCounter.Cycled60Minutes()); // True at a full cycle of minutes.
@@ -869,21 +987,21 @@ bool snfLOGmgr::do_HourReport() {

// Just before we go we save our stat for others to see.

ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
cd::ScopeMutex HoldForStatusUpdate(StatusReportMutex); // Hold the mutex just long enough
HourReportText = Report.str(); // to post our status and return

return(TimeCounter.Cycled24Hours()); // True at a full cycle of hours.
}

void snfLOGmgr::do_StatusReports() { // Do the status reports.
ScopeMutex PauseWhileITotalThis(MyMutex); // Everybody stop for a bit. Each report
cd::ScopeMutex PauseWhileITotalThis(MyMutex); // Everybody stop for a bit. Each report
if(do_SecondReport()) // returns true if it has cycled so
if(do_MinuteReport()) // that the next report can be checked
do_HourReport(); // to see if it has cycled.
}

void snfLOGmgr::myTask() { // Thread: Live stats & reports.
Sleeper WaitATic(MillisecondsInASecond); // One second sleeper.
cd::Sleeper WaitATic(MillisecondsInASecond); // One second sleeper.
while(!TimeToDie) { // Do this until it's time to die.
if(Configured) { // If we are configured do our work.
do_StatusReports(); // Make our status reports (chained).
@@ -900,7 +1018,7 @@ void snfLOGmgr::myTask() {
// is a new persistent state.

void snfLOGmgr::configure(snfCFGData& CFGData) { // Update the configuration.
ScopeMutex HoldOnWhileITweakThisThing(ConfigMutex);
cd::ScopeMutex HoldOnWhileITweakThisThing(ConfigMutex);
PersistentFileName = CFGData.paths_workspace_path + ".state"; // Build the persistent state path.
Status.restore(PersistentFileName); // Load our persistent state.
NodeId = CFGData.node_licenseid; // Grab the node id for reports.
@@ -984,10 +1102,10 @@ void snfLOGmgr::doXHDRs(snfCFGData& CFGData, snfScanData& ScanData) {
O << "Unknown" // then we emit "Unknown".
<< SMTPENDL;
} else { // If the source was identified
O << ScanData.SourceIPRecord().Ordinal << ", " // then we emit the ordial,
<< (string) IP4Address(ScanData.SourceIPRecord().IP) << ", " // the IP, and then
<< ScanData.SourceIPEvaluation // the IP evaluation that was
<< SMTPENDL; // sent to the scanner.
O << ScanData.SourceIPRecord().Ordinal << ", " // then we emit the ordial,
<< (std::string) cd::IP4Address(ScanData.SourceIPRecord().IP) << ", " // the IP, and then
<< ScanData.SourceIPEvaluation // the IP evaluation that was
<< SMTPENDL; // sent to the scanner.
}
}

@@ -1158,7 +1276,7 @@ void snfLOGmgr::doXMLLogs(snfCFGData& CFGData, snfScanData& ScanData) {
if(CFGData.Scan_XML_GBUdb && ScanData.FoundSourceIP()) { // Post gbudb data if needed & ready.
O << "\t<g "
<< "o=\'" << ScanData.SourceIPRecord().Ordinal << "\' "
<< "i=\'" << (string) IP4Address(ScanData.SourceIPRecord().IP) << "\' "
<< "i=\'" << (std::string) cd::IP4Address(ScanData.SourceIPRecord().IP) << "\' "
<< "t=\'" <<
((Ugly == ScanData.SourceIPRecord().GBUdbData.Flag())? "u" :
((Good == ScanData.SourceIPRecord().GBUdbData.Flag())? "g" :
@@ -1295,7 +1413,7 @@ void snfLOGmgr::doClassicLogs(snfCFGData& CFGData, snfScanData& ScanData) {
//// performLTSLogging() -- Mutex NOT locked, second section

void snfLOGmgr::captureLTSMetrics(snfCFGData& CFGData, snfScanData& ScanData) { // LogThisScan section 1
ScopeMutex FreezeRightThereWhileITakeThisPicture(MyMutex); // Lock the object for this update.
cd::ScopeMutex FreezeRightThereWhileITakeThisPicture(MyMutex); // Lock the object for this update.

if(Status.LatestRuleID < ScanData.PatternID) { // If we have a new latest rule id
Status.LatestRuleID = ScanData.PatternID; // then capture it.
@@ -1560,7 +1678,7 @@ void snfLOGmgr::logThisIPTest(IPTestRecord& I, string Action) {

void snfLOGmgr::logThisError(string ContextName, int Code, string Text) { // Log an error message.
if(!Configured) return; // Do nothing if not configured.
ScopeMutex LockCFG(MyMutex); // Don't change CFG. I'm using it!
cd::ScopeMutex LockCFG(MyMutex); // Don't change CFG. I'm using it!
if(LogOutputMode_File == XML_Log_Mode) { // If XML logs are turned on:
stringstream O; // Stringstream to format the entry.
string tmp; // String for use getting timestamp.
@@ -1625,7 +1743,7 @@ void snfLOGmgr::logThisError(string ContextName, int Code, string Text) {

void snfLOGmgr::logThisInfo(string ContextName, int Code, string Text) { // Log an informational message.
if(!Configured) return; // Do nothing if not configured.
ScopeMutex LockCFG(MyMutex); // Don't change CFG. I'm using it!
cd::ScopeMutex LockCFG(MyMutex); // Don't change CFG. I'm using it!
if(LogOutputMode_File == XML_Log_Mode) { // If XML logs are turned on:
stringstream O; // Stringstream to format the entry.
string tmp; // String for use getting timestamp.
@@ -1687,13 +1805,13 @@ void snfLOGmgr::logThisInfo(string ContextName, int Code, string Text) {
}

string snfLOGmgr::PlatformVersion(string NewPlatformVersion) { // Set platform version info.
ScopeMutex FreezeForNewData(MyMutex); // Get the ball and
cd::ScopeMutex FreezeForNewData(MyMutex); // Get the ball and
myPlatformVersion = NewPlatformVersion; // set the data.
return myPlatformVersion; // return the new data.
}

string snfLOGmgr::PlatformVersion() { // Get platform version info.
ScopeMutex DontChangeOnMe(MyMutex); // Get the ball and
cd::ScopeMutex DontChangeOnMe(MyMutex); // Get the ball and
return myPlatformVersion; // get the data.
}

@@ -1713,7 +1831,7 @@ snfCounterPack* snfLOGmgr::getSnapshot() {
}

bool snfLOGmgr::OkToPeek(int PeekOneInX) { // Test to see if it's ok to peek.
ScopeMutex JustMe(PeekMutex); // Protect the peek enable counter.
cd::ScopeMutex JustMe(PeekMutex); // Protect the peek enable counter.
++PeekEnableCounter; // Bump the counter by one.
if(PeekEnableCounter >= PeekOneInX) { // If we've made the threshold then
PeekEnableCounter = 0; // reset the counter and
@@ -1723,7 +1841,7 @@ bool snfLOGmgr::OkToPeek(int PeekOneInX) {
}

bool snfLOGmgr::OkToSample(int SampleOneInX) { // Test to see if it's ok to sample.
ScopeMutex JustMe(SampleMutex); // Protect the sample enable counter.
cd::ScopeMutex JustMe(SampleMutex); // Protect the sample enable counter.
++SampleEnableCounter; // Bump the counter by one.
if(SampleEnableCounter >= SampleOneInX) { // If we've made the threshold then
SampleEnableCounter = 0; // reset the counter and
@@ -1795,7 +1913,7 @@ string& snfLOGmgr::LocalTimestamp(string& s) {
}

unsigned int snfLOGmgr::SerialNumber() { // Returns the next serial number.
ScopeMutex AtomicOperation(SerialNumberMutex); // Lock the serial number mutex.
cd::ScopeMutex AtomicOperation(SerialNumberMutex); // Lock the serial number mutex.
++Status.SerialNumberCounter; // Increment the serial number.
unsigned int result = Status.SerialNumberCounter; // Capture the new value.
return result; // Return the unique result.
@@ -1960,21 +2078,21 @@ double snfLOGmgr::SamplePerMinute() {

const string EmptyStatusSecondReport = "<stats class=\'second\'/>"; // Empty Status.Second looks like this.
string snfLOGmgr::getStatusSecondReport() { // Get latest status.second report.
ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
cd::ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
if(0 < SecondReportText.length()) return SecondReportText; // If it's posted then send it. If not
return EmptyStatusSecondReport; // then send the empty version.
}

const string EmptyStatusMinuteReport = "<stats class=\'minute\'/>"; // Empty Status.Minute looks like this.
string snfLOGmgr::getStatusMinuteReport() { // Get latest status.minute report.
ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
cd::ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
if(0 < MinuteReportText.length()) return MinuteReportText; // If it's posted then send it. If not
return EmptyStatusMinuteReport; // then send the empty version.
}

const string EmptyStatusHourReport = "<stats class=\'hour\'/>"; // Empty Status.Hour looks like this.
string snfLOGmgr::getStatusHourReport() { // Get latest status.hour report.
ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
cd::ScopeMutex FlashBulb(StatusReportMutex); // Take a safe snapshot of the report.
if(0 < HourReportText.length()) return HourReportText; // If it's posted then send it. If not
return EmptyStatusHourReport; // then send the empty version.
}

+ 102
- 108
snfLOGmgr.hpp View File

@@ -1,6 +1,6 @@
// snfLOGmgr.hpp
//
// (C) Copyright 2006 - 2009 ARM Research Labs, LLC.
// (C) Copyright 2006 - 2020 ARM Research Labs, LLC.
// See www.armresearch.com for the copyright terms.
//
// SNF Logging and Statistics engine.
@@ -8,8 +8,7 @@
////////////////////////////////////////////////////////////////////////////////
//// Begin snfLOGmgr include only once

#ifndef snfLOGmgr_included
#define snfLOGmgr_included
#pragma once

#include <list>
#include <set>
@@ -29,22 +28,21 @@
#include "snfNETmgr.hpp"
#include "GBUdb.hpp"

namespace cd = codedweller;

class snfNETmgr; // Declare snfNETmgr
extern const char* SNF_ENGINE_VERSION; // Declare the Engine Version Data

using namespace std;

//// DiscLogger ////////////////////////////////////////////////////////////////
// Writes log files back to Disc and double buffers data to minimize contention
// and delays. So - if it takes a few milliseconds to post the log to disc, the
// application that post()s to the log does not have to wait. Write back happens
// about once per second when enabled. Files can be appended or overwritten.

class DiscLogger : private Thread { // Double buffered lazy writer.
class DiscLogger : private cd::Thread { // Double buffered lazy writer.
private:
Mutex BufferControlMutex; // Protects buffers while swapping.
Mutex FlushMutex; // Protects flush operations.
cd::Mutex BufferControlMutex; // Protects buffers while swapping.
cd::Mutex FlushMutex; // Protects flush operations.
string myPath; // Where the file should be written.
string BufferA; // Log data buffer A.
string BufferB; // Log data buffer B.
@@ -63,12 +61,12 @@ class DiscLogger : private Thread {
~DiscLogger(); // Flushes and stops the thread.

string Path(const string PathName) { // Sets the file path.
ScopeMutex NewSettings(BufferControlMutex);
cd::ScopeMutex NewSettings(BufferControlMutex);
myPath = PathName;
return myPath;
}
string Path() { // Returns the file path.
ScopeMutex DontMove(BufferControlMutex);
cd::ScopeMutex DontMove(BufferControlMutex);
return myPath;
}

@@ -90,10 +88,10 @@ class DiscLogger : private Thread {
bool Enabled(const bool MakeEnabled) { return (isEnabled = MakeEnabled); } // Enables writing if true.
bool Enabled() { return (isEnabled); } // True if enabled.

const static ThreadType Type; // The thread's type.
const static cd::ThreadType Type; // The thread's type.

const static ThreadState DiscLogger_Flush; // Flushing state.
const static ThreadState DiscLogger_Wait; // Waiting state.
const static cd::ThreadState DiscLogger_Flush; // Flushing state.
const static cd::ThreadState DiscLogger_Wait; // Waiting state.

};

@@ -105,11 +103,11 @@ class DiscLogger : private Thread {

class IPTestRecord { // IP Analysis Record.
public:
IP4Address IP; // The IP to be tested.
cd::IP4Address IP; // The IP to be tested.
GBUdbRecord G; // The GBUdb Record for the IP.
snfIPRange R; // The GBUdb classification (range).
int Code; // Code associated with Range.
IPTestRecord(IP4Address testIP) : IP(testIP), Code(0) {} // Construct with an IP.
IPTestRecord(cd::IP4Address testIP) : IP(testIP), Code(0) {} // Construct with an IP.
};

//// snfScanData ///////////////////////////////////////////////////////////////
@@ -138,8 +136,8 @@ class snfScanData {
bool SourceIPFoundFlag; // True if source IP is set.
snfIPRange SourceIPRangeFlag; // GBUdb detection range for source IP.

IP4Address myCallerForcedSourceIP; // Caller forced source IP if not 0UL.
IP4Address myHeaderDirectiveSourceIP; // Header forced source IP if not 0UL.
cd::IP4Address myCallerForcedSourceIP; // Caller forced source IP if not 0UL.
cd::IP4Address myHeaderDirectiveSourceIP; // Header forced source IP if not 0UL.

public:

@@ -179,10 +177,10 @@ class snfScanData {
void drillPastOrdinal(int O); // Sets Drill Down flag for IP record O.
bool isDrillDownSource(IPScanRecord& X); // True if we drill through this source.

IP4Address HeaderDirectiveSourceIP(IP4Address A); // set Header directive source IP.
IP4Address HeaderDirectiveSourceIP(); // get Header directive source IP.
IP4Address CallerForcedSourceIP(IP4Address A); // set Caller forced source IP.
IP4Address CallerForcedSourceIP(); // get Caller forced source IP.
cd::IP4Address HeaderDirectiveSourceIP(cd::IP4Address A); // set Header directive source IP.
cd::IP4Address HeaderDirectiveSourceIP(); // get Header directive source IP.
cd::IP4Address CallerForcedSourceIP(cd::IP4Address A); // set Caller forced source IP.
cd::IP4Address CallerForcedSourceIP(); // get Caller forced source IP.

IPScanRecord& SourceIPRecord(IPScanRecord& X); // Sets the source IP record.
IPScanRecord& SourceIPRecord(); // Gets the source IP record.
@@ -192,19 +190,19 @@ class snfScanData {

// Direct access data...

string SourceIPEvaluation; // GBUdb Source IP evaluation.
std::string SourceIPEvaluation; // GBUdb Source IP evaluation.

// LogControl and General Message Flags

time_t StartOfJobUTC; // Timestamp at start of job.
int SetupTime; // Time in ms spent setting up to scan.
string ScanName; // Identifying name or message file name.
Timer ScanTime; // Scan time in ms.
std::string ScanName; // Identifying name or message file name.
cd::Timer ScanTime; // Scan time in ms.
int ScanDepth; // Scan Depth in evaluators.

string ClassicLogText; // Classic log entry text if any.
string XMLLogText; // XML log entry text if any.
string XHDRsText; // XHeaders text if any.
std::string ClassicLogText; // Classic log entry text if any.
std::string XMLLogText; // XML log entry text if any.
std::string XHDRsText; // XHeaders text if any.
bool XHeaderInjectOn; // True if injecting headers is on.
bool XHeaderFileOn; // True if creating .xhdr file is on.

@@ -236,19 +234,19 @@ class snfScanData {

// Rule panics

set<int> RulePanics; // A list of rule IDs panicked this scan.
std::set<int> RulePanics; // A list of rule IDs panicked this scan.

// Pattern Engine Scan Result Data

vector<unsigned char> FilteredData; // Message data after filter chain.
std::vector<unsigned char> FilteredData; // Message data after filter chain.
unsigned long int HeaderDirectiveFlags; // Flags set by header directives.

bool PatternWasFound; // True if the pattern engine matched.
int PatternID; // The winning rule ID.
int PatternSymbol; // The associated symbol.

list<snf_match> MatchRecords; // List of match records.
list<snf_match>::iterator MatchRecordsCursor; // Localized iterator for match records.
std::list<snf_match> MatchRecords; // List of match records.
std::list<snf_match>::iterator MatchRecordsCursor; // Localized iterator for match records.
int MatchRecordsDelivered; // Match records seen so far.

int CompositeFinalResult; // What the scan function returned.
@@ -378,7 +376,7 @@ class snfCounterPack {
snfCounterPack(); // Construct new CounterPacks clean.
void reset(); // How to reset a counter pack.

Timer ActiveTime; // Measures Active (swapped in) Time.
cd::Timer ActiveTime; // Measures Active (swapped in) Time.

struct {

@@ -421,18 +419,18 @@ class IntervalTimer {

private:

Timer A; // Here is one timer.
Timer B; // Here is the other timer.
cd::Timer A; // Here is one timer.
cd::Timer B; // Here is the other timer.
bool ANotB; // True if A is the active timer.

Timer& Active(); // Selects the active timer.
Timer& Inactive(); // Selects the inactive timer.
cd::Timer& Active(); // Selects the active timer.
cd::Timer& Inactive(); // Selects the inactive timer.

public:

msclock hack(); // Chop off a new interval & return it.
msclock Interval(); // Return the last interval.
msclock Elapsed(); // Return the time since last hack.
cd::msclock hack(); // Chop off a new interval & return it.
cd::msclock Interval(); // Return the last interval.
cd::msclock Elapsed(); // Return the time since last hack.
};

//// PersistentState stores the counters we keep between runs.
@@ -440,12 +438,12 @@ class IntervalTimer {
class snfLOGPersistentState {
public:

snfLOGPersistentState() :
Ready(0),
LastSyncTime(0),
LastSaveTime(0),
LastCondenseTime(0),
LatestRuleID(0),
snfLOGPersistentState() :
Ready(0),
LastSyncTime(0),
LastSaveTime(0),
LastCondenseTime(0),
LatestRuleID(0),
SerialNumberCounter(0) {}

bool Ready; // True if we're ready to use.
@@ -461,16 +459,16 @@ class snfLOGPersistentState {
int SerialNumberCounter; // Remembers the serial number.
};

class snfLOGmgr : private Thread {
class snfLOGmgr : private cd::Thread {

private:

Mutex MyMutex; // Mutex to serialize updates & queries.
Mutex ConfigMutex; // Mutex to protect config changes.
Mutex SerialNumberMutex; // Protects the serial number.
Mutex PeekMutex; // Protects Peek Loop Counter.
Mutex SampleMutex; // Protects Sample Loop Counter.
Mutex StatusReportMutex; // Protects status report post & get.
cd::Mutex MyMutex; // Mutex to serialize updates & queries.
cd::Mutex ConfigMutex; // Mutex to protect config changes.
cd::Mutex SerialNumberMutex; // Protects the serial number.
cd::Mutex PeekMutex; // Protects Peek Loop Counter.
cd::Mutex SampleMutex; // Protects Sample Loop Counter.
cd::Mutex StatusReportMutex; // Protects status report post & get.

snfCounterPack CounterPackA, CounterPackB; // Swapable counter packs.

@@ -482,30 +480,30 @@ class snfLOGmgr : private Thread {
volatile bool Configured; // True if we're properly configured.
volatile bool TimeToDie; // True when the thread should stop.

volatile int PeekEnableCounter; // How many peek attempts recently?
volatile int SampleEnableCounter; // How many sample attempts recently?
volatile int PeekEnableCounter; // How many peek attempts recently?
volatile int SampleEnableCounter; // How many sample attempts recently?
void myTask(); // Thread task.

time_t StartupTime; // Time since engine started.

snfLOGPersistentState Status; // Persistent State Data.
string PersistentFileName; // File name for the State Data.
std::string PersistentFileName; // File name for the State Data.

snfNETmgr* myNETmgr; // Net manager link.
GBUdb* myGBUdb; // GBUdb link.

// Configuration

string ActiveRulebaseUTC; // UTC of last successful load.
string AvailableRulebaseUTC; // UTC of rulebase available for update.
std::string ActiveRulebaseUTC; // UTC of last successful load.
std::string AvailableRulebaseUTC; // UTC of rulebase available for update.
bool NewerRulebaseIsAvailable; // True if a newer rulebase is available.

string myPlatformVersion; // Version info for platform.
std::string myPlatformVersion; // Version info for platform.

bool Rotate_LocalTime; // Rotate logs using localtime.

string LogsPath; // Path to logs directory.
std::string LogsPath; // Path to logs directory.
bool ClassicLogRotate; // True = Rotate Classic Log.
bool XMLLogRotate; // True = Rotate XML Log.

@@ -525,19 +523,19 @@ class snfLOGmgr : private Thread {

// Histograms

Histogram ResultsSecond;
Histogram ResultsMinute;
Histogram ResultsHour;
Histogram RulesSecond;
Histogram RulesMinute;
Histogram RulesHour;
Histogram PanicsSecond;
Histogram PanicsMinute;
Histogram PanicsHour;
cd::Histogram ResultsSecond;
cd::Histogram ResultsMinute;
cd::Histogram ResultsHour;
cd::Histogram RulesSecond;
cd::Histogram RulesMinute;
cd::Histogram RulesHour;
cd::Histogram PanicsSecond;
cd::Histogram PanicsMinute;
cd::Histogram PanicsHour;

// Reporting

string NodeId; // We need this for our status msgs.
std::string NodeId; // We need this for our status msgs.
void do_StatusReports(); // Update & sequence status reports.

int XML_Log_Mode; // What is the XML log mode.
@@ -547,33 +545,33 @@ class snfLOGmgr : private Thread {

bool SecondReport_Log_OnOff;
bool SecondReport_Append_OnOff;
string SecondReport_Log_Filename;
string SecondReportText;
string SecondReportTimestamp;
std::string SecondReport_Log_Filename;
std::string SecondReportText;
std::string SecondReportTimestamp;
bool do_SecondReport(); // Send our 1 second status report.

// Every minute we get hard data and event logs. (for sync)

bool MinuteReport_Log_OnOff;
bool MinuteReport_Append_OnOff;
string MinuteReport_Log_Filename;
string MinuteReportText;
string MinuteReportTimestamp;
Histogram PatternRulesHistogram;
std::string MinuteReport_Log_Filename;
std::string MinuteReportText;
std::string MinuteReportTimestamp;
cd::Histogram PatternRulesHistogram;
bool do_MinuteReport(); // Send our 1 minute status report.

// Every hour we get a summary.

bool HourReport_Log_OnOff;
bool HourReport_Append_OnOff;
string HourReport_Log_Filename;
string HourReportText;
string HourReportTimestamp;
std::string HourReport_Log_Filename;
std::string HourReportText;
std::string HourReportTimestamp;
bool do_HourReport(); // Send our 1 hour status report.

void postStatusLog( // Post a Status log if required.
const string& LogData, // Here's the log entry's data.
const string& LogFileName, // Here is where it should go.
const std::string& LogData, // Here's the log entry's data.
const std::string& LogFileName, // Here is where it should go.
const bool LogEnabled, // This is true if we should write it.
const bool AppendNotOverwrite, // True=Append, False=Overwrite.
DiscLogger& Logger // Lazy Log Writer to use.
@@ -604,28 +602,28 @@ class snfLOGmgr : private Thread {

void configure(snfCFGData& CFGData); // Update the configuration.

void updateActiveUTC(string ActiveUTC); // Set active rulebase UTC.
void updateActiveUTC(std::string ActiveUTC); // Set active rulebase UTC.

void logThisIPTest(IPTestRecord& I, string Action); // Capthre the data from an IP test.
void logThisIPTest(IPTestRecord& I, std::string Action); // Capthre the data from an IP test.

void logThisScan(snfCFGData& CFGData, snfScanData& ScanData); // Capture the data from this scan.

void logThisError(snfScanData& ScanData, const string ContextName, // Inject an error log entry for this
const int Code, const string Text // scan using this number & message.
void logThisError(snfScanData& ScanData, const std::string ContextName, // Inject an error log entry for this
const int Code, const std::string Text // scan using this number & message.
);

void logThisError(string ContextName, int Code, string Text); // Log an error message.
void logThisError(std::string ContextName, int Code, std::string Text); // Log an error message.

void logThisInfo(string ContextName, int Code, string text); // Log an informational message.
void logThisInfo(std::string ContextName, int Code, std::string text); // Log an informational message.

string PlatformVersion(string NewPlatformVersion); // Set platform version info.
string PlatformVersion(); // Get platform version info.
std::string PlatformVersion(std::string NewPlatformVersion); // Set platform version info.
std::string PlatformVersion(); // Get platform version info.

string EngineVersion(); // Get engine version info.
std::string EngineVersion(); // Get engine version info.

void updateAvailableUTC(string& AvailableRulebaseTimestamp); // Stores Available, true==update ready.
string ActiveRulebaseTimestamp(); // Get active rulebase timestamp.
string AvailableRulebaseTimestamp(); // Get available rulebase timestamp.
void updateAvailableUTC(std::string& AvailableRulebaseTimestamp); // Stores Available, true==update ready.
std::string ActiveRulebaseTimestamp(); // Get active rulebase timestamp.
std::string AvailableRulebaseTimestamp(); // Get available rulebase timestamp.
bool isUpdateAvailable(); // True if update is available.


@@ -633,14 +631,14 @@ class snfLOGmgr : private Thread {
bool OkToSample(int SampleOneInX); // Check to see if it's ok to sample.

time_t Timestamp(); // Get an ordinary timestamp.
string Timestamp(time_t t); // Convert time_t to a timestamp s.
string& Timestamp(string& s); // Appends a current timestamp in s.
string LocalTimestamp(time_t t); // Convert time_t to a local timestamp s.
string& LocalTimestamp(string& s); // Appends a current local timestamp in s.
std::string Timestamp(time_t t); // Convert time_t to a timestamp s.
std::string& Timestamp(std::string& s); // Appends a current timestamp in s.
std::string LocalTimestamp(time_t t); // Convert time_t to a local timestamp s.
std::string& LocalTimestamp(std::string& s); // Appends a current local timestamp in s.
unsigned int SerialNumber(); // Returns the next serial number.
string& SerialNumber(string& s); // Appends the next serial number.
std::string& SerialNumber(std::string& s); // Appends the next serial number.

int SecsSinceStartup(); // Gets seconds since starup.
int SecsSinceStartup(); // Gets seconds since starup.
void RecordSyncEvent(); // Sets timestamp of latest Sync.
int SecsSinceLastSync(); // Gets seconds since latest Sync.
void RecordSaveEvent(); // Sets timestamp of latest Save.
@@ -662,17 +660,13 @@ class snfLOGmgr : private Thread {

int RunningTime(); // Seconds running since startup.

string getStatusSecondReport(); // Get latest status.second report.
string getStatusMinuteReport(); // Get latest status.minute report.
string getStatusHourReport(); // Get latest status.hour report.
std::string getStatusSecondReport(); // Get latest status.second report.
std::string getStatusMinuteReport(); // Get latest status.minute report.
std::string getStatusHourReport(); // Get latest status.hour report.

const static ThreadType Type; // The thread's type.
const static cd::ThreadType Type; // The thread's type.

};

#include "snfLOGmgr.inline.hpp"

#endif

//// End snfLOGmgr include only once
////////////////////////////////////////////////////////////////////////////////

Write Preview
Loading…
Cancel
Save