dns-oarc/packetq
1
0
Fork 0
Code Issues Activity

Adding upstream version 1.7.3+dfsg.

Browse source 
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
Daniel Baumann 2025-02-10 05:34:23 +01:00
parent c602fa6d8a
commit 842cb2c6bd
Signed by: daniel
GPG key ID: FBB4F0E80A80222F
79 changed files with 31786 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

273
CHANGES Normal file
View file

@ -0,0 +1,273 @@
2024-09-04 Jerry Lundström
Release 1.7.3
This patch release fixes memory alignment issues and the handling of
TCP segments. Many thanks to Ray Bellis (ISC) for reporting this and
helping greatly with fixing it!
d8a06a3 C++11
8c99466 Memory align, TCP assemble
2024-08-29 Jerry Lundström
Release 1.7.2
This patch release fixes various issues reported by CI/code analysis
tools.
Fixes:
- `RefCountString`: Use anonymous array for `data`
- `sql`: Fix heap overflow [[sonarcloud](https://sonarcloud.io/project/issues?open=AZF-b0jIXv-Y5-GmvUlN&id=dns-oarc%3APacketQ)]
- Fix CodeQL issues:
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/35
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/37
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/38
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/39
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/40
- https://github.com/DNS-OARC/PacketQ/security/code-scanning/5
68b5385 Cleanup
1dfd47b CodeQL, code format
6224234 CodeQL fixes
6771f3a Copyright
3283c43 Heap overflow
1ff69df Badges
d4e93ec Workflow
75283cc Doc
25adefa Add CodeQL workflow for GitHub code scanning
bb7be53 Fix COPR
2022-06-02 Jerry Lundström
Release 1.7.1
This patch release fixes a bug in the domain name parsing that cuts
off very long names.
4ec95e7 FQDN parsing
2022-04-13 Jerry Lundström
Release 1.7.0
This release adds two new columns for the number of labels in the
query and in the first answer, and two new functions for looking up
country code and autonomous system number (ASN) of addresses using
MaxMind databases (see `FUNCTIONS.md` on how to specify database
to use).
- New column `qlabels`, number of labels in `qname`
- New column `alabels`, number of labels in `aname`
- New function `CC(address)`, the 2-letter ISO country code associated with the address
- New function `ASN(address)`, the ASN associated with the address
64d1d72 Couting labels
b3b970d Adding field qlabel_count as the count of the number of labels in the query
0866f45 auto
53c27ca SonarCloud, LGTM, packages
1e5f986 MaxMind DB
3967c31 Adding country-code and ASN lookup from MaxMind DB as functions on address strings
2022-03-10 Jerry Lundström
Release 1.6.0
This release adds a new SQL function for masking addresses and adds
support for Pcap's LINUX_SLL link layer.
The new `netmask()` function (added by Ken Renard @kdrenard) is used
as follows: `NETMASK(address [, v4_mask_length [, v6_mask_length]])`
Other fixes:
- `packet_handler`: Clean up header parsing, size checks etc
- Remove own defines of ether/proto types and don't overlap `struct in6_addr`
ae211e6 LINUX_SLL, netmask(), ether types
d847c97 Adding Netmask description to FUNCTIONS.md
4be804d Adding Netmask function. Usage "netmask (<address_field>[, <IPv4-mask-length>[, <IPv6-mask-length>]])"
2021-11-05 Jerry Lundström
Release 1.5.0
This release fixes issues with CSV and JSON w.r.t. quoted strings. CSV
output now conforms to RFC4180 and JSON output conforms to RFC8259.
Also added a new option (`--rfc1035`) to output and quote domain names
as described in RFC1035.
Other changes:
- Update debian control files
- Fix typo in `--help` text
- Fix OpenBSD clang++ compiler warnings
- `Output::add_int()`: Fix potential memory overwrite
8206e0f OpenBSD clang warnings
6c1247f Code format
d6c82d4 New option to escape DNS names
2bf6f26 Fix typo in --help around --xml parameter
9c95d15 Conform to CSV/JSON RFCs
feb0596 debhelper
be37ad0 Bye Travis
2020-10-23 Jerry Lundström
Release 1.4.3
This release updates the DNS resource record types list with the new
types SVCB and HTTPS. It also fixes a lot of issues reported by code
analysis and adds code coverage tests.
0ddbc42 Info, Travis, configure
37a8136 Add SVCB, HTTPS rrtypes
6188935 m4
c159904 Coverage
7907eb4 Documentation, sonar
2fe937a Badges
90a5e55 LGTM
fae992a COPR
2020-03-02 Jerry Lundström
Release 1.4.2
Updated list of DNS resource types and work on CI and packaging.
Commits:
4bdb9e3 Add missing rr types
7c529ed README
d610061 COPR, spec
96763d8 Package
5aa5984 Funding
377be2d spec
a0b5fb7 Travis-CI
2017-11-09 Jerry Lundström
Release 1.4.1
Fixed an issue with the in-memory representation of DNS records which
was not initialized correctly and could cause the reuse of old data,
especially if the record was incomplete (such as FormErr).
Commits:
6a790e6 Fix #61: Make sure variables are initialized
ed37b88 Update Murmur location
5afb576 Update code format and move Murmur into it's own dir
2017-07-11 Jerry Lundström
Release 1.4.0
This release adds new fields for IP version and EDNS0 Client Subnet along
with documentation updates, new usage (`--help`) and a buffer overflow
check. Rework of the way OPT records are parsed has been done to make it
easier to add support for other EDNS options in the future.
New fields:
- `ip_version`: The IP version as an int (4/6)
- `edns0_ecs`: A bool that is true if Client Subnet (RFC7871) was found
- `edns0_ecs_family`: An int with the address family
- `edns0_ecs_source`: An int with the source prefix length
- `edns0_ecs_scope`: An int with the scope prefix length
- `edns0_ecs_address`: A textual representation of the address
Bugfix:
- `get_ushort()` in DNS parsing was not checking length of buffer before
accessing it.
Commits:
0e7c34a Rewrote usage, add option descriptions, tables and fields
3943dda Update documentation and tests
f4b9464 Add IP_Version
0b309e6 ECS addresses and OPT RR parsing
875fd60 Correct type in documentation also
b5a91b7 Damn the common keyboard sequences...
358b9af Buf overflow check, move OPT RR parsing, rework EDNS0 ECS
d38fffc Add EDNS option codes and EDNS Client Subnet (ECS) support
2017-06-02 Jerry Lundström
Release 1.3.1
This release add packaging files for DEB and RPM distributions and
fixes a couple of bugs:
- ICMP code to fill the tables was wrong and created segfault using
normal select, aggregation or group functions. The code has been
rewritten to work as the DNS code does and ICMP tests have been
added.
- Historically PacketQ parses all resource records but only saves
the first and last record, this would overwrite EDNS information
if it was not the first or last record. This has been fixed by
saving the EDNS information as it is found.
Thanks to Anand Buddhdev (RIPE NCC) and Daniel Stirnimann (SWITCH)
for providing PCAPs to help resolve the bugs.
Commits:
9c2627f Fix CID 1439421
5423c1d Fix #17: Save EDNS information when it's found
ecb166e Fix #48: ICMP parsing and a little better memory handling
0052024 Fix #45: Add packaging files
2017-05-23 Jerry Lundström
Release 1.3.0
First release under DNS-OARC management with license changed to GPL v3.0,
minor version jump to not conflict with forked repositories that
increased the version themselves.
Software now using Travis-CI and Jenkins to compile and test under Debian,
Ubuntu, CentOS, FreeBSD and OpenBSD. Coverity Scan used for code analysis
and 30 defects have been solved.
Bug fixes / enhancements:
- Big endian supported correctly
- Check data length when processing TCP/UDP packets
- Support VLAN-tagged packets
- Support for older compilers (CentOS 6)
- Prevent "time of check, time of use"
- Use `snprintf()` instead of `sprinf()`
Commits:
6782f1f libpcap is not needed
23a1ca0 Add more 'order by' in tests to ahve concurrent results
f14ab5d Run tests in Travis also
1a0c98a Add test for bigendian PCAP
64ee5a8 - fixed reading of big-endian pcap files (including gzipped pcap)
- added sample-bigendian.pcap.gz
dd6ab57 Add test based on the extended regression tests
27518c5 More regression tests
d889228 Updated regression-test.sh to make the ordering of test query
results more consistent, to avoid false positives.
d157fef Expanded the regression tests.
b3df6c2 Added checks for bad TCP and UDP packet lengths (which could
cause malloc requests for humongous amounts of memory...)
2e46729 Added support for VLAN-tagged ethertypes.
10ae2d6 Fix #20: Support CentOS 6 compiler (and hopefully RHEL6 also)
e7a8163 Format code using `clang-format`
a9ae0fe Change namespace to `packetq` and uniform header defines
6ab0fde Add Coverity badge
63b480b Use `open()`, `fstat()` and `fdopen()` to prevent "time of check,
time of use" problem
446a5bf Fix CIDs
01be348 Fix CIDs
d11a61f Use `snprintf()`
0bc8e57 Add regression test (from example) for all output formats
09b9037 Move wiki documentation into the repository
5e41dbb Update README.md
6b2263f Add dependencies
9cd6e5a Add Travis-CI badge
cf582f8 Add Travis-CI
d7eaa55 Cleanup and license change
2014-04-23 Roger Murray
Release 1.1.11
This release and prior releases was not documented here, see repository
for more information.

674
COPYING Normal file
View file

@ -0,0 +1,674 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.

283
FAQ.md Normal file
View file

@ -0,0 +1,283 @@
# FAQ and Examples
## What output-options are there?
You can get XML, CSV, JSON or TABLE (CSV with spaces).
## Does PacketQ conform to the SQL standard ?
The short answer is no.
Packet implements an SQL like select function with some notable omissions like:
* No 3 value logic i.e. theres no special NULL value
* No supports for joins or subqueries
* No support for the distinct keyword
* No support for like in where statements
Refer to the file [grammar](src/grammar) for supported statements.
## How do I return full packetdata for the first 3 dns packets?
Use this SQL-statement.
```shell
$ packetq -s "select * from dns limit 3" packets.pcap
```
## How do I check which qname is queried the most?
```shell
$ packetq -s "select qname,count(*) as count from dns group by qname order by count desc limit 1 " packets.pcap
```
```javascript
[
{ "table_name": "result",
"head": [
{ "name": "qname","type": "text" },
{ "name": "count","type": "int" }
],
"data": [ ["se.",2747] ]
}
]
```
## How do I check which server that makes the most queries?
```shell
$ packetq -s "select src_addr,count(*) as count from dns group by src_addr order by count desc limit 1" packets.pcap
```
```javascript
[
{
"table_name": "result",
"head": [
{ "name": "src_addr","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["::127.0.0.1",1849]
]
}
]
```
## I have 90000000 packets in a file, how can I speed up the query?
By using the sample-keyword before the actual query, it selects only every Xth
packet and speeds up the query substantially. The amount of time saved by this
command will be different on different systems, at some point the time it takes
to read the file from disk will be longer than the time spent on processing.
In other words, the full file will have to be read from disk regardless.
This command also saved RAM.
```shell
$ ./packetq -s "sample 1000; select count(*) from dns" ~/pcap/*
```
```javascript
[ {
"table_name": "result",
"head": [ { "name": "count(1)","type": "int" }],
"data": [ [90000]] }]
```
## How do I extract parts of the qname and group using this, like the domain-name?
Using the rsplit-function you can split values based on chars (like the dot).
This query extract the two lowest levels (the domain for the .se-zone) and
makes a top-10 list.
```shell
$ packetq -s "select count(*) as Count, lower(rsplit(qname,2)||'.'||rsplit(qname,1)) as Domain from dns group by domain order by count desc limit 10" peak/07/G.ns.se-20110408-074500-em0.gz
```
```javascript
[
{
"table_name": "result",
"head": [
{ "name": "Count","type": "int" },
{ "name": "Domain","type": "text" }
],
"data": [
[5130,"pp.se"],
[1686,"netnod.se"],
[1448,".se"],
[1318,"domainnetwork.se"],
[936,"ballou.se"],
[867,"loopia.se"],
[784,"ns.se"],
[736,"sonera.se"],
[694,"digidns.se"],
[639,"prq.se"]
]
}
]
```
## How do I make a top-list of client-IPs?
PacketQ supports looking at packets to and from the nameserver/resolver.
But since the client-IP changes from src_addr to dst_addr if the packet is
an reply, we have to use the if-function to extract the client-IP.
```shell
$ packetq -s "select count(*) as Count, if(qr=1,dst_addr,src_addr) as Source from dns group by source order by count desc limit 15" peak/07/G.ns.se-20110408-070000-em0.gz
```
```javascript
[
{
"table_name": "result",
"head": [
{ "name": "Count","type": "int" },
{ "name": "Source","type": "text" }
],
"data": [
[1021,"202.67.195.41"],
[929,"91.191.143.34"],
[638,"195.84.206.2"],
[582,"202.101.173.146"],
[490,"2a02:aa0:0:10:214:4fff:fef2:61a0"],
[438,"80.251.201.177"],
[436,"192.89.123.231"],
[426,"81.228.8.143"],
[409,"81.228.8.69"],
[402,"65.54.237.136"],
[368,"81.228.8.144"],
[352,"213.50.29.170"],
[342,"217.28.204.2"],
[318,"2001:6f0:0:1::2:3"],
[297,"81.228.9.132"]
]
}
]
```
## Does PacketQ support IPv6?
Yes, it does. See the above result.
## Can I make a query that lists all resolvers that are broken?
If by broken you mean resolvers that are repeating the same query over and
over again, then yes.
```shell
$ packetq -s "select count(*) as Count,qname,if(qr=1,dst_addr,src_addr) as Source,qtype from dns group by qname,source,qtype order by count desc limit 10" peak/07/G.ns.se-20110408-070000-em0.gz
```
```javascript
[
{
"table_name": "result",
"head": [
{ "name": "Count","type": "int" },
{ "name": "qname","type": "text" },
{ "name": "Source","type": "text" },
{ "name": "qtype","type": "int" }
],
"data": [
[607,"se.","195.84.206.2",48],
[375,"ns.digidns.se.","202.67.195.41",1],
[330,"sas.sas.se.","202.67.195.41",1],
[316,"NS.DIGIDNS.SE.","202.67.195.41",1],
[147,"se.","62.80.200.144",48],
[42,"se.","94.232.104.58",48],
[40,"_ldap._tcp.pdc._msdcs.telemgmt.se.","213.115.146.180",33],
[40,"se.","83.12.96.122",48],
[34,"www.membran.se.","217.73.15.38",1],
[28,"fc.edu.upplandsvasby.se.","193.12.6.247",1]
]
}
]
```
## Can I get a list of what qtypes are used the most?
Yes, and PacketQ can even translate the headers into text for you by using
the NAME-function.
```shell
$ packetq -s "SELECT NAME( 'qtype' , qtype ) AS qt, COUNT(*) AS antal FROM dns GROUP BY qtype ORDER BY Antal DESC" peak/07/G.ns.se-20110408-070000-em0.gz
```
```javascript
[
{
"table_name": "result",
"head": [
{ "name": "qt","type": "text" },
{ "name": "antal","type": "int" }
],
"data": [
["A",59908],
["AAAA",13076],
["MX",10527],
["DS",7545],
["NS",1666],
["DNSKEY",1077],
["TXT",969],
["A6",563],
["*",556],
["SRV",197],
["SPF",145],
["SOA",126],
["PTR",60],
["CNAME",47],
["NAPTR",3]
]
}
]
```
## OK, give me a more advanced query to chew on?
Absolutely! This query uses the TRUNCATE-keyword to split the stats into
different timeperiods. In this case 10-second periods. This is great for
line-graphs that you can make using Excel or similar tools.
We then get the stats by using conditions like ((rcode=0) and (an_count=0))
to identify packets that resulted in referrals and (rcode=3) to see which
packets got an nxdomain back and so on. By using the SUM-function they are
all counted and since we want q/sec as our output, divided by 10.
Try to import the result below into Excel!
```shell
$ packetq --table -s "select s as timestamp, count(*)/10 as total, sum((rcode=0) and (an_count=0))/10 as referral, sum(rcode=3)/10 as nxdomain, sum((rcode=0) and (an_count>0))/10 as success, sum(rd)/10 as recursion, sum(ether_type=34525)/10 as IPV6, sum(protocol=6)/10 as TCP from dns group by truncate(s/10) " peak/07/G.ns.se-20110408-071000-em0.gz
"timestamp","total","referral","nxdomain","success","recursion","IPV6","TCP"
1302246609 ,822.5 ,304.3 ,515.5 ,2 ,527 ,15.3 ,0
1302246619 ,1135.9 ,330.8 ,797.8 ,6 ,817.2 ,16.7 ,0
1302246629 ,1475.2 ,317.8 ,1152.1 ,4.4 ,1170 ,17.9 ,0
1302246639 ,1774.7 ,344.9 ,1424.8 ,3.8 ,1461.4 ,14.2 ,0
1302246649 ,2014.4 ,350.6 ,1658.5 ,4.4 ,1712.4 ,15.9 ,0
1302246659 ,2136.4 ,346.7 ,1786.2 ,2.5 ,1834.9 ,15.4 ,0
1302246669 ,2212.1 ,336 ,1872 ,3 ,1918.3 ,16.1 ,0.1
1302246679 ,2292.4 ,336.7 ,1952.6 ,2.1 ,1999.7 ,16.4 ,0
1302246689 ,2337 ,324.2 ,2004.6 ,6.8 ,2052.6 ,13.8 ,0
1302246699 ,2410.8 ,315.9 ,2084.7 ,9.1 ,2121.7 ,12.3 ,0
1302246709 ,2437.5 ,311.9 ,2113 ,12 ,2151.3 ,14.2 ,0
1302246719 ,2488.1 ,302.8 ,2178.5 ,5.7 ,2214.8 ,13.8 ,0
1302246729 ,2496 ,327.4 ,2163.6 ,3.8 ,2202.5 ,15 ,0
1302246739 ,2546.7 ,333.3 ,2200.2 ,11.6 ,2234.9 ,16.7 ,0
1302246749 ,2473.3 ,314.1 ,2150.4 ,7.9 ,2180.8 ,15.6 ,0
1302246759 ,2476.2 ,313.4 ,2146.8 ,14.5 ,2175.3 ,12 ,0
1302246769 ,2472 ,324.9 ,2133.2 ,12.8 ,2159.4 ,14.3 ,0
1302246779 ,2464.8 ,337.6 ,2120.4 ,5.7 ,2156.7 ,14.6 ,0
1302246789 ,2443.9 ,332.4 ,2107.8 ,2.9 ,2141.5 ,14.4 ,0
1302246799 ,2447.6 ,323.6 ,2119.8 ,2.8 ,2161.9 ,14.9 ,0
1302246809 ,2477.9 ,324 ,2150.7 ,1.7 ,2184.2 ,15.1 ,0
1302246819 ,2440.2 ,321.9 ,2114.1 ,3.1 ,2148 ,14.9 ,0.1
1302246829 ,2478 ,312.6 ,2162.4 ,2.4 ,2199.5 ,15 ,0
1302246839 ,2537.3 ,319.1 ,2214.6 ,2.3 ,2260.3 ,16.3 ,0
1302246849 ,2654.5 ,304.2 ,2348.1 ,1.3 ,2382.5 ,15.6 ,0
1302246859 ,2669.8 ,318.6 ,2347.8 ,2.9 ,2381.8 ,15.7 ,0
1302246869 ,2707.6 ,328.2 ,2375.8 ,2.8 ,2414.9 ,15.1 ,0
1302246879 ,2792.7 ,309.3 ,2480.5 ,1.8 ,2501.3 ,16.7 ,0
1302246889 ,2841.3 ,299.7 ,2532.7 ,7.8 ,2559.4 ,16.3 ,0
1302246899 ,2857.9 ,312.8 ,2531.7 ,12.5 ,2564.4 ,16.4 ,0
```

58
FIELDS.md Normal file
View file

@ -0,0 +1,58 @@
# Fields
These are the current available fields you can do queries from on
the dns table, presented as JSON identifiers.
```javascript
[
{
{ "name": "id","type": "int" },
{ "name": "s","type": "int" },
{ "name": "us","type": "int" },
{ "name": "ether_type","type": "int" },
{ "name": "src_port","type": "int" },
{ "name": "dst_port","type": "int" },
{ "name": "src_addr","type": "text" },
{ "name": "dst_addr","type": "text" },
{ "name": "protocol","type": "int" },
{ "name": "ip_ttl","type": "int" },
{ "name": "ip_version","type": "int" },
{ "name": "fragments","type": "int" },
{ "name": "qname","type": "text" },
{ "name": "aname","type": "text" },
{ "name": "msg_id","type": "int" },
{ "name": "msg_size","type": "int" },
{ "name": "opcode","type": "int" },
{ "name": "rcode","type": "int" },
{ "name": "extended_rcode","type": "int" },
{ "name": "edns_version","type": "int" },
{ "name": "z","type": "int" },
{ "name": "udp_size","type": "int" },
{ "name": "qd_count","type": "int" },
{ "name": "an_count","type": "int" },
{ "name": "ns_count","type": "int" },
{ "name": "ar_count","type": "int" },
{ "name": "qtype","type": "int" },
{ "name": "qclass","type": "int" },
{ "name": "qlabels","type": "int" },
{ "name": "atype","type": "int" },
{ "name": "aclass","type": "int" },
{ "name": "attl","type": "int" },
{ "name": "alabels","type": "int" },
{ "name": "aa","type": "bool" },
{ "name": "tc","type": "bool" },
{ "name": "rd","type": "bool" },
{ "name": "cd","type": "bool" },
{ "name": "ra","type": "bool" },
{ "name": "ad","type": "bool" },
{ "name": "do","type": "bool" },
{ "name": "edns0","type": "bool" },
{ "name": "qr","type": "bool" },
{ "name": "edns0_ecs","type": "bool" },
{ "name": "edns0_ecs_family","type": "int" },
{ "name": "edns0_ecs_source","type": "int" },
{ "name": "edns0_ecs_scope","type": "int" },
{ "name": "edns0_ecs_address","type": "text" }
}
]
```

100
FUNCTIONS.md Normal file
View file

@ -0,0 +1,100 @@
# PacketQ SQL functions
## Grouping functions
Grouping function either groups the whole result or the result specified
by `group by`.
### COUNT(wildcard)
Counts occurrences within a group.
### AVG(num)
Calculates the average of all `num` within a group.
### SUM(num)
Calculates the sum of all `num` within a group.
### MIN(num)
Calculates the minimum of all `num` within a group.
### MAX(num)
Calculates the maximum of all `num` within a group.
### STDEV(num)
Calculates the standard deviation of all `num` within a group.
## Integer functions
### TRUNCATE(num)
Converts double precision number to integer.
## Logical functions
### IF(condition, true_op, false_op)
Evaluates `condition` and executes `false_op` if the result is 0 (false)
otherwise `true_op` is executed.
### NETMASK(address [, v4_mask_length [, v6_mask_length]])
Masks the specified address using the v4 and v6 mask lengths specified
in number of bits.
Defaults to 24 for IPv4 and 48 for IPv6 (/24 and /48 respectively)
### CC(address)
Returns the 2-letter ISO country code associated with the address from
a MaxMind database (see MaxMind Database below on selecting database).
Returns an empty string on lookup failures or if this feature was not
built in.
### ASN(address)
Returns the autonomous system number associated with the address from
a MaxMind database (see MaxMind Database below on selecting database).
Returns -1 on lookup failures or if this feature was not built in.
## String operations
### RSPLIT(string, n [, char])
Splits a string on character `char` (default `.`) and selects the N'th split
from the right, i.e: `RSPLIT('192.168.0.1',2)` returns 168.
### NAME(table, num)
Translate numbers into names table can be `rcode` or `qtype`, i.e:
`name('rcode',rcode)` returns `NXDomain`.
### TRIM(string, trim)
Trims of any occurrences of the string `trim` from both end of the string,
i.e: `trim('se.domains.se', 'se')` returns `.domains.`.
### LOWER(string)
Turns `string` into lowercase.
# MaxMind Database
PacketQ will try to open MaxMind databases that resides in common path on
major distributions, but you can also specify paths and database files
using environment variables.
`PACKETQ_MAXMIND_PATH` sets the path to look for the databases in addition
to the common paths, it will try `GeoLite2-Country.mmdb` for `CC()` and
`GeoLite2-ASN.mmdb` for `ASN()`.
You can also specify the full path to the database file you wish to use
for each function with `PACKETQ_MAXMIND_CC_DB` and `PACKETQ_MAXMIND_ASN_DB`,
these settings will override path settings.

31
Makefile.am Normal file
View file

@ -0,0 +1,31 @@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
ACLOCAL_AMFLAGS = -I m4
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in $(srcdir)/src/config.h.in~ \
$(srcdir)/configure
SUBDIRS = src
dist_doc_DATA = CHANGES COPYING README.md FAQ.md FIELDS.md FUNCTIONS.md
EXTRA_DIST = collector_sample html html_NG pcap m4
test: check

868
Makefile.in Normal file
View file

@ -0,0 +1,868 @@
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
VPATH = @srcdir@
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
*) echo "am__make_running_with_option: internal error: invalid" \
"target option '$${target_option-}' specified" >&2; \
exit 1;; \
esac; \
has_opt=no; \
sane_makeflags=$$MAKEFLAGS; \
if $(am__is_gnu_make); then \
sane_makeflags=$$MFLAGS; \
else \
case $$MAKEFLAGS in \
*\\[\ \ ]*) \
bs=\\; \
sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
| sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
esac; \
fi; \
skip_next=no; \
strip_trailopt () \
{ \
flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
}; \
for flg in $$sane_makeflags; do \
test $$skip_next = yes && { skip_next=no; continue; }; \
case $$flg in \
*=*|--*) continue;; \
-*I) strip_trailopt 'I'; skip_next=yes;; \
-*I?*) strip_trailopt 'I';; \
-*O) strip_trailopt 'O'; skip_next=yes;; \
-*O?*) strip_trailopt 'O';; \
-*l) strip_trailopt 'l'; skip_next=yes;; \
-*l?*) strip_trailopt 'l';; \
-[dEDm]) skip_next=yes;; \
-[JT]) skip_next=yes;; \
esac; \
case $$flg in \
*$$target_option*) has_opt=yes; break;; \
esac; \
done; \
test $$has_opt = yes
am__make_dryrun = (target_option=n; $(am__make_running_with_option))
am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkglibexecdir = $(libexecdir)/@PACKAGE@
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = .
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_compiler_vendor.m4 \
$(top_srcdir)/m4/ax_prepend_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \
$(am__configure_deps) $(dist_doc_DATA) $(am__DIST_COMMON)
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
configure.lineno config.status.lineno
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/src/config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
am__v_P_1 = :
AM_V_GEN = $(am__v_GEN_@AM_V@)
am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
am__v_GEN_0 = @echo " GEN " $@;
am__v_GEN_1 =
AM_V_at = $(am__v_at_@AM_V@)
am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
am__v_at_0 = @
am__v_at_1 =
SOURCES =
DIST_SOURCES =
RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
ctags-recursive dvi-recursive html-recursive info-recursive \
install-data-recursive install-dvi-recursive \
install-exec-recursive install-html-recursive \
install-info-recursive install-pdf-recursive \
install-ps-recursive install-recursive installcheck-recursive \
installdirs-recursive pdf-recursive ps-recursive \
tags-recursive uninstall-recursive
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
*) f=$$p;; \
esac;
am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
am__install_max = 40
am__nobase_strip_setup = \
srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
am__nobase_strip = \
for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
am__nobase_list = $(am__nobase_strip_setup); \
for p in $$list; do echo "$$p $$p"; done | \
sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
$(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
if (++n[$$2] == $(am__install_max)) \
{ print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
END { for (dir in files) print dir, files[dir] }'
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__uninstall_files_from_dir = { \
test -z "$$files" \
|| { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
|| { echo " ( cd '$$dir' && rm -f" $$files ")"; \
$(am__cd) "$$dir" && rm -f $$files; }; \
}
am__installdirs = "$(DESTDIR)$(docdir)"
DATA = $(dist_doc_DATA)
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
am__recursive_targets = \
$(RECURSIVE_TARGETS) \
$(RECURSIVE_CLEAN_TARGETS) \
$(am__extra_recursive_targets)
AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
cscope distdir distdir-am dist dist-all distcheck
am__extra_recursive_targets = gcov-recursive
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
# Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is
# *not* preserved.
am__uniquify_input = $(AWK) '\
BEGIN { nonempty = 0; } \
{ items[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in items) print i; }; } \
'
# Make sure the list of sources is unique. This is necessary because,
# e.g., the same source file might be shared among _SOURCES variables
# for different programs/libraries.
am__define_uniq_tagged_files = \
list='$(am__tagged_files)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in COPYING README.md compile \
config.guess config.sub install-sh missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
am__remove_distdir = \
if test -d "$(distdir)"; then \
find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
&& rm -rf "$(distdir)" \
|| { sleep 5 && rm -rf "$(distdir)"; }; \
else :; fi
am__post_remove_distdir = $(am__remove_distdir)
am__relativize = \
dir0=`pwd`; \
sed_first='s,^\([^/]*\)/.*$$,\1,'; \
sed_rest='s,^[^/]*/*,,'; \
sed_last='s,^.*/\([^/]*\)$$,\1,'; \
sed_butlast='s,/*[^/]*$$,,'; \
while test -n "$$dir1"; do \
first=`echo "$$dir1" | sed -e "$$sed_first"`; \
if test "$$first" != "."; then \
if test "$$first" = ".."; then \
dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
else \
first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
if test "$$first2" = "$$first"; then \
dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
else \
dir2="../$$dir2"; \
fi; \
dir0="$$dir0"/"$$first"; \
fi; \
fi; \
dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
done; \
reldir="$$dir2"
DIST_ARCHIVES = $(distdir).tar.gz
GZIP_ENV = --best
DIST_TARGETS = dist-gzip
# Exists only to be overridden by the user if desired.
AM_DISTCHECK_DVI_TARGET = dvi
distuninstallcheck_listfiles = find . -type f -print
am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
| sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
distcleancheck_listfiles = find . -type f -print
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CXX = @CXX@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
GREP = @GREP@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
builddir = @builddir@
datadir = @datadir@
datarootdir = @datarootdir@
docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
libmaxminddb_CFLAGS = @libmaxminddb_CFLAGS@
libmaxminddb_LIBS = @libmaxminddb_LIBS@
localedir = @localedir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
ACLOCAL_AMFLAGS = -I m4
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in $(srcdir)/src/config.h.in~ \
$(srcdir)/configure
SUBDIRS = src
dist_doc_DATA = CHANGES COPYING README.md FAQ.md FIELDS.md FUNCTIONS.md
EXTRA_DIST = collector_sample html html_NG pcap m4
all: all-recursive
.SUFFIXES:
am--refresh: Makefile
@:
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \
$(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --foreign Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
echo ' $(SHELL) ./config.status'; \
$(SHELL) ./config.status;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
$(SHELL) ./config.status --recheck
$(top_srcdir)/configure: $(am__configure_deps)
$(am__cd) $(srcdir) && $(AUTOCONF)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
$(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
$(am__aclocal_m4_deps):
install-dist_docDATA: $(dist_doc_DATA)
@$(NORMAL_INSTALL)
@list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \
if test -n "$$list"; then \
echo " $(MKDIR_P) '$(DESTDIR)$(docdir)'"; \
$(MKDIR_P) "$(DESTDIR)$(docdir)" || exit 1; \
fi; \
for p in $$list; do \
if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
echo "$$d$$p"; \
done | $(am__base_list) | \
while read files; do \
echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(docdir)'"; \
$(INSTALL_DATA) $$files "$(DESTDIR)$(docdir)" || exit $$?; \
done
uninstall-dist_docDATA:
@$(NORMAL_UNINSTALL)
@list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \
files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
dir='$(DESTDIR)$(docdir)'; $(am__uninstall_files_from_dir)
# This directory's subdirectories are mostly independent; you can cd
# into them and run 'make' without going through this Makefile.
# To change the values of 'make' variables: instead of editing Makefiles,
# (1) if the variable is set in 'config.status', edit 'config.status'
# (which will cause the Makefiles to be regenerated when you run 'make');
# (2) otherwise, pass the desired values on the 'make' command line.
$(am__recursive_targets):
@fail=; \
if $(am__make_keepgoing); then \
failcom='fail=yes'; \
else \
failcom='exit 1'; \
fi; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
case "$@" in \
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
*) list='$(SUBDIRS)' ;; \
esac; \
for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
gcov-local:
ID: $(am__tagged_files)
$(am__define_uniq_tagged_files); mkid -fID $$unique
tags: tags-recursive
TAGS: tags
tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
include_option=--etags-include; \
empty_fix=.; \
else \
include_option=--include; \
empty_fix=; \
fi; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test ! -f $$subdir/TAGS || \
set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
$(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
if test $$# -gt 0; then \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
"$$@" $$unique; \
else \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$unique; \
fi; \
fi
ctags: ctags-recursive
CTAGS: ctags
ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
$(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
cscope: cscope.files
test ! -s cscope.files \
|| $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS)
clean-cscope:
-rm -f cscope.files
cscope.files: clean-cscope cscopelist
cscopelist: cscopelist-recursive
cscopelist-am: $(am__tagged_files)
list='$(am__tagged_files)'; \
case "$(srcdir)" in \
[\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
*) sdir=$(subdir)/$(srcdir) ;; \
esac; \
for i in $$list; do \
if test -f "$$i"; then \
echo "$(subdir)/$$i"; \
else \
echo "$$sdir/$$i"; \
fi; \
done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-rm -f cscope.out cscope.in.out cscope.po.out cscope.files
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
$(am__remove_distdir)
test -d "$(distdir)" || mkdir "$(distdir)"
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
dist_files=`for file in $$list; do echo $$file; done | \
sed -e "s|^$$srcdirstrip/||;t" \
-e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
case $$dist_files in \
*/*) $(MKDIR_P) `echo "$$dist_files" | \
sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
sort -u` ;; \
esac; \
for file in $$dist_files; do \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
if test -d $$d/$$file; then \
dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
if test -d "$(distdir)/$$file"; then \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
else \
test -f "$(distdir)/$$file" \
|| cp -p $$d/$$file "$(distdir)/$$file" \
|| exit 1; \
fi; \
done
@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
$(am__make_dryrun) \
|| test -d "$(distdir)/$$subdir" \
|| $(MKDIR_P) "$(distdir)/$$subdir" \
|| exit 1; \
dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
$(am__relativize); \
new_distdir=$$reldir; \
dir1=$$subdir; dir2="$(top_distdir)"; \
$(am__relativize); \
new_top_distdir=$$reldir; \
echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
($(am__cd) $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$$new_top_distdir" \
distdir="$$new_distdir" \
am__remove_distdir=: \
am__skip_length_check=: \
am__skip_mode_fix=: \
distdir) \
|| exit 1; \
fi; \
done
-test -n "$(am__skip_mode_fix)" \
|| find "$(distdir)" -type d ! -perm -755 \
-exec chmod u+rwx,go+rx {} \; -o \
! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
! -type d ! -perm -400 -exec chmod a+r {} \; -o \
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r "$(distdir)"
dist-gzip: distdir
tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
$(am__post_remove_distdir)
dist-bzip2: distdir
tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
$(am__post_remove_distdir)
dist-lzip: distdir
tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
$(am__post_remove_distdir)
dist-xz: distdir
tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
$(am__post_remove_distdir)
dist-zstd: distdir
tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst
$(am__post_remove_distdir)
dist-tarZ: distdir
@echo WARNING: "Support for distribution archives compressed with" \
"legacy program 'compress' is deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
$(am__post_remove_distdir)
dist-shar: distdir
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
$(am__post_remove_distdir)
dist-zip: distdir
-rm -f $(distdir).zip
zip -rq $(distdir).zip $(distdir)
$(am__post_remove_distdir)
dist dist-all:
$(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:'
$(am__post_remove_distdir)
# This target untars the dist file and tries a VPATH configuration. Then
# it guarantees that the distribution is self-contained by making another
# tarfile.
distcheck: dist
case '$(DIST_ARCHIVES)' in \
*.tar.gz*) \
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lz*) \
lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
*.tar.xz*) \
xz -dc $(distdir).tar.xz | $(am__untar) ;;\
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
*.tar.zst*) \
zstd -dc $(distdir).tar.zst | $(am__untar) ;;\
esac
chmod -R a-w $(distdir)
chmod u+w $(distdir)
mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst
chmod a-w $(distdir)
test -d $(distdir)/_build || exit 0; \
dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
&& dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
&& am__cwd=`pwd` \
&& $(am__cd) $(distdir)/_build/sub \
&& ../../configure \
$(AM_DISTCHECK_CONFIGURE_FLAGS) \
$(DISTCHECK_CONFIGURE_FLAGS) \
--srcdir=../.. --prefix="$$dc_install_base" \
&& $(MAKE) $(AM_MAKEFLAGS) \
&& $(MAKE) $(AM_MAKEFLAGS) $(AM_DISTCHECK_DVI_TARGET) \
&& $(MAKE) $(AM_MAKEFLAGS) check \
&& $(MAKE) $(AM_MAKEFLAGS) install \
&& $(MAKE) $(AM_MAKEFLAGS) installcheck \
&& $(MAKE) $(AM_MAKEFLAGS) uninstall \
&& $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \
distuninstallcheck \
&& chmod -R a-w "$$dc_install_base" \
&& ({ \
(cd ../.. && umask 077 && mkdir "$$dc_destdir") \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
} || { rm -rf "$$dc_destdir"; exit 1; }) \
&& rm -rf "$$dc_destdir" \
&& $(MAKE) $(AM_MAKEFLAGS) dist \
&& rm -rf $(DIST_ARCHIVES) \
&& $(MAKE) $(AM_MAKEFLAGS) distcleancheck \
&& cd "$$am__cwd" \
|| exit 1
$(am__post_remove_distdir)
@(echo "$(distdir) archives ready for distribution: "; \
list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
distuninstallcheck:
@test -n '$(distuninstallcheck_dir)' || { \
echo 'ERROR: trying to run $@ with an empty' \
'$$(distuninstallcheck_dir)' >&2; \
exit 1; \
}; \
$(am__cd) '$(distuninstallcheck_dir)' || { \
echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
exit 1; \
}; \
test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
|| { echo "ERROR: files left after uninstall:" ; \
if test -n "$(DESTDIR)"; then \
echo " (check DESTDIR support)"; \
fi ; \
$(distuninstallcheck_listfiles) ; \
exit 1; } >&2
distcleancheck: distclean
@if test '$(srcdir)' = . ; then \
echo "ERROR: distcleancheck can only run from a VPATH build" ; \
exit 1 ; \
fi
@test `$(distcleancheck_listfiles) | wc -l` -eq 0 \
|| { echo "ERROR: files left in build directory after distclean:" ; \
$(distcleancheck_listfiles) ; \
exit 1; } >&2
check-am: all-am
check: check-recursive
all-am: Makefile $(DATA)
installdirs: installdirs-recursive
installdirs-am:
for dir in "$(DESTDIR)$(docdir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-recursive
install-exec: install-exec-recursive
install-data: install-data-recursive
uninstall: uninstall-recursive
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-recursive
install-strip:
if test -z '$(STRIP)'; then \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
clean: clean-recursive
clean-am: clean-generic mostlyclean-am
distclean: distclean-recursive
-rm -f $(am__CONFIG_DISTCLEAN_FILES)
-rm -f Makefile
distclean-am: clean-am distclean-generic distclean-tags
dvi: dvi-recursive
dvi-am:
gcov: gcov-recursive
gcov-am: gcov-local
html: html-recursive
html-am:
info: info-recursive
info-am:
install-data-am: install-dist_docDATA
install-dvi: install-dvi-recursive
install-dvi-am:
install-exec-am:
install-html: install-html-recursive
install-html-am:
install-info: install-info-recursive
install-info-am:
install-man:
install-pdf: install-pdf-recursive
install-pdf-am:
install-ps: install-ps-recursive
install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-recursive
-rm -f $(am__CONFIG_DISTCLEAN_FILES)
-rm -rf $(top_srcdir)/autom4te.cache
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-recursive
mostlyclean-am: mostlyclean-generic
pdf: pdf-recursive
pdf-am:
ps: ps-recursive
ps-am:
uninstall-am: uninstall-dist_docDATA
.MAKE: $(am__recursive_targets) install-am install-strip
.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
am--refresh check check-am clean clean-cscope clean-generic \
cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \
dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \
dist-zstd distcheck distclean distclean-generic distclean-tags \
distcleancheck distdir distuninstallcheck dvi dvi-am gcov-am \
gcov-local html html-am info info-am install install-am \
install-data install-data-am install-dist_docDATA install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am install-man \
install-pdf install-pdf-am install-ps install-ps-am \
install-strip installcheck installcheck-am installdirs \
installdirs-am maintainer-clean maintainer-clean-generic \
mostlyclean mostlyclean-generic pdf pdf-am ps ps-am tags \
tags-am uninstall uninstall-am uninstall-dist_docDATA
.PRECIOUS: Makefile
test: check
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

137
README.md Normal file
View file

@ -0,0 +1,137 @@
# PacketQ
[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=bugs)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=dns-oarc%3APacketQ&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=dns-oarc%3APacketQ)
`packetq` is a command line tool to run SQL queries directly on PCAP files,
the results can be outputted as JSON (default), formatted/compact CSV and XML.
It also contain a very simplistic web-server in order to inspect PCAP files
remotely. PacketQ was previously known as DNS2db but was renamed in 2011 when
it was rebuilt and could handle protocols other than DNS among other things.
More information is provided in our [FAQ](FAQ.md), [functions](FUNCTIONS.md),
and [fields](FIELDS.md) documentation.
A short demo-video of PacketQ's capabilities is available on http://www.youtube.com/watch?v=70wJmWZE9tY
## Features
* Super-fast native decoding of PCAP-files (even gzipped) and dirt-quick in-memory sorting algorithms.
* A extensible protocol decoding design with build in support for ICMP and DNS from start.
* Support for grouping, sorting, counting and most other important SQL-functions.
* Only dependent on zlib, no other hard-to-find libs needed. Compiles on everything.
* Build-in web-server, JSON API and a simple JQuery-based GUI concept application with graphs.
* Can be designed to cache queries by pre-processing PCAPs into static JSON-files that can be used to make queries again.
* Built in DNS-resolver function (used by GUI).
* Support for sampling. Helps when making queries to large, uniform PCAP-files.
* Can convert flags in packet-headers to text on the fly.
* Can make multiple queries towards the same data in memory.
More information may be found here:
- https://www.dns-oarc.net/tools/packetq
Issues should be reported here:
- https://github.com/DNS-OARC/PacketQ/issues
General support and discussion:
- Mattermost: https://chat.dns-oarc.net/community/channels/oarc-software
## Dependencies
PacketQ requires a couple of libraries beside a normal C++ compiling
environment with autoconf, automake, libtool and pkgconfig.
PacketQ has an optional dependency on the MaxMindDB library (for the
`CC()` and `ASN()` functions).
To install the dependencies under Debian/Ubuntu:
```
apt-get install -y zlib1g-dev libmaxminddb-dev
```
To install the dependencies under CentOS (with EPEL/PowerTools enabled):
```
yum install -y zlib-devel libmaxminddb-devel
```
## Build from GitHub
```
git clone https://github.com/DNS-OARC/PacketQ.git
cd PacketQ
./autogen.sh
./configure [options]
make
make install
```
## Building from source tarball
The [source tarball from DNS-OARC](https://www.dns-oarc.net/tools/packetq)
comes prepared with `configure`:
```
tar zxvf packetq-version.tar.gz
cd packetq-version
./configure [options]
make
make install
```
## Usage example
Retrieves the 10 first packets containing DNS information from the file
`sample.pcap`:
```
packetq -s "select * from dns limit 10" sample.pcap
```
Starts a web-server on port 8080 (`-p8080`) as a daemon (`-d`) serving files
from the directory `html/` (`-w html/`) and PCAP files from the directory
`pcap/` (`-r pcap/`):
```
packetq -d -p8080 -w html/ -r pcap/
```
## Author(s)
- Per Granå [@Per-Grana](https://github.com/Per-Grana)
## Contributor(s)
- Ole Laursen [@OleLaursen](https://github.com/OleLaursen)
- Rickard Dahlstrand [@rickarddahlstrand](https://github.com/rickarddahlstrand)
- Jerry Lundström [@jelu](https://github.com/jelu)
- Magnus Lundén [@ripoff](https://github.com/ripoff)
- Roger Murray [@romu42](https://github.com/romu42)
- Henrik Levkowetz [@levkowetz](https://github.com/levkowetz)
- Petr Špaček [@pspacek](https://github.com/pspacek)
- Ken Renard [@kdrenard](https://github.com/kdrenard)
See also the [full list of contributors](https://github.com/DNS-OARC/PacketQ/graphs/contributors).
## Copyright
Copyright (c) 2017-2024 OARC, Inc.
Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
All rights reserved.
```
This file is part of PacketQ.
PacketQ is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
PacketQ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
```

1447
aclocal.m4 vendored Normal file
View file

File diff suppressed because it is too large Load diff

42
collector_sample/packetq.conf Normal file
View file

@ -0,0 +1,42 @@
## packetq pid file
pidfile=/var/run/packetq.pid
## Name of the DNS server. Parameter is used first in filename when creating
## tcpdump files.
server="my_server"
## Directory where pcap files are stored
# make sure path ends with trailing "/"
destdir=/tmp/
## Name of the network interface(s) to monitor
interface=eth0,eth1
## How often to rotate dump file, in seconds
interval=300
## zip compression for pcap data
compression_level=9
## BSD libtrace promiscous interface hack
# (uses a tcpdump session on port 100 to keep the interface in promisc mode)
#bsdpromischack=YES
bsdpromischack=NO
## path to the tcpdump binary (only needed for promisc hack above)
tcpdump=tcpdump
## path to the tracesplit binary
# tracesplit is distributed in the tools folder of the libtrace library
# which at the time of this writing could be obtained at:
# http://research.wand.net.nz/software/libtrace.php
# make sure it's built and installed.
tracesplit=/usr/local/bin/tracesplit
### choose a packet filter:
## collect TCP and UDP, requests and responses:
filter="port 53 and not host 192.168.1.3 and not host 192.168.1.8"
## run command after moving file
command="echo \"path:%P filename:%F server:%S interface:%I date:%Y %M %D time:%h %m %s\""

294
collector_sample/pq_tracesplit.pl Normal file
View file

@ -0,0 +1,294 @@
#!/usr/bin/perl
# usage:
# start daemon using /etc/packetq.conf:
# pq_tracesplit.pl
# stop daemon:
# pq_tracesplit.pl stop
# run in foreground with conf file
# pq_tracesplit.pl -f -c my.conf
# stop with custom conf file
# pq_tracesplit.pl -c my.conf stop
use POSIX;
use POSIX qw(setsid);
use Sys::Syslog qw(:DEFAULT setlogsock); # default set, plus setlogsock()
use File::Path;
use File::Copy;
use Getopt::Std;
use Data::Dumper;
use strict;
no strict "subs";
my $conffile = "/etc/packetq.conf";
my %opts;
getopts('fc:', \%opts);
if (defined $opts{c})
{
$conffile = $opts{c};
}
my $foreground = undef;
$foreground = 1 if (defined $opts{f});
openlog('pqcollector','pid,perror','LOG_USER');
######### read config file
my %config;
open(CONFIG,$conffile) or die "error reading config file $conffile exiting";
while (<CONFIG>)
{
chomp;
next if /^\s*\#/;
next unless /=/;
my ($key, $variable) = split(/=/,$_,2);
$variable =~ s/(\$(\w+))/$config{$2}/g;
$config{$key} = $variable;
}
close CONFIG;
my $pidfile = $config{'pidfile'};
my $logfile = "/dev/null";
##### start daemon
if (-e $pidfile)
{
open (PFILE, $pidfile);
my $pidfromfile = <PFILE>;
close PFILE;
if (($pidfromfile =~ /[0-9]+/) && kill( 0, $pidfromfile))
{
if ($ARGV[0] eq 'stop')
{
syslog 'info',"Stopping daemon pid: $pidfromfile\n";
while (kill( 0, $pidfromfile))
{
kill( - SIGQUIT, $pidfromfile);
sleep(1);
}
exit;
}
else
{
syslog LOG_INFO,"Pid file $pidfile exist and the program ($pidfromfile) is running ! exiting ...\n";
}
exit;
}
else
{
unlink($pidfile);
}
}
if ($ARGV[0] eq 'stop')
{
syslog 'info',"Cannot stop packetq.pl as it's not running\n";
exit;
}
&daemonize() unless defined $foreground;
open FILE, ">$pidfile" or die "unable to open pidfile : $pidfile $!";
print FILE $$."\n";
close FILE;
##### catch signals
my $keep_going = 1;
$SIG{HUP} = sub { print("Caught SIGHUP: exiting gracefully\n"); $keep_going = 0; };
$SIG{INT} = sub { print("Caught SIGINT: exiting gracefully\n"); $keep_going = 0; };
$SIG{QUIT} = sub { print("Caught SIGQUIT: exiting gracefully\n"); $keep_going = 0; };
$SIG{TERM} = sub { print("Caught SIGTERM: exiting gracefully\n"); $keep_going = 0; };
########## start collection
foreach my $k (keys %config)
{
print $k."=".$config{$k}."\n";
$config{$k} =~ s/^\"(.*)\"$/$1/;
}
my $interval = $config{'interval'};
my $interface = $config{'interface'};
my @interfaces = split(/,/,$interface);
my $filter = $config{'filter'};
my $server = $config{'server'};
my $destdir = $config{'destdir'};
my $stime = floor(time()/$interval) * $interval + $interval;
syslog LOG_INFO,"Starting packetq collector daemon (pid:".$$.") destdir: $config{'destdir'}\n";
my @tdpid;
my @tspid;
my $ifcnt = 0;
foreach my $if (@interfaces)
{
if ($config{'bsdpromischack'} eq "YES")
{
my $pid;
#my $tcpdumpcmd="$config{'tcpdump'} -i $if port 100 2>/dev/null";
my $tcpdumpcmd="$config{'tcpdump'} -i $if port 100";
$pid = spawn ($tcpdumpcmd);
print "tcp pid $pid";
if ($pid == 0)
{
syslog LOG_ERROR,"Cannot run $tcpdumpcmd exiting \n";
exit;
}
syslog LOG_INFO,"Keeping the interface ($if) in promisc mode by letting tcpdump ($pid) listen on port 100 \n";
@tdpid[$ifcnt] = $pid;
}
my $tracesplitcmd = $config{'tracesplit'}." pcapint:$if -s $stime -z $config{'compression_level'} -i $interval -f \"$filter\" pcapfile:$destdir/$server-$if";
my $tspid = spawn($tracesplitcmd);
print "ts pid $tspid";
if ($tspid == 0)
{
syslog LOG_ERROR,"Cannot run $tracesplitcmd exiting \n";
exit;
}
syslog LOG_INFO,"Starting tracesplit \"$tracesplitcmd\"(pid:$tspid)\n";
@tspid[$ifcnt] = $tspid;
$ifcnt++;
}
########## infinite loop
reaper();
while($keep_going == 1)
{
foreach my $if (@interfaces)
{
opendir(DIR, $destdir) or last;
my @files;
while (my $file = readdir(DIR))
{
# Use a regular expression to ignore files beginning with a period
next if ($file =~ m/^\./);
next unless ($file =~ m/^$server-$if.*/);
push(@files,$file);
}
@files= sort(@files);
if (@files>1)
{
pop @files;
#print "files: \n".join("\n",@files)."\n";
foreach my $f (@files)
{
if($f =~ /^$server-$if-(.*)\.gz/)
{
##my ($sec, $min, $hour, $day,$month,$year) = (localtime($1))[0,1,2,3,4,5,6];
my ($sec, $min, $hour, $day,$month,$year) = (gmtime($1))[0,1,2,3,4,5,6];
$year+=1900;
$month++;
$sec = "0".$sec if $sec <10;
$min = "0".$min if $min <10;
$hour = "0".$hour if $hour <10;
$day = "0".$day if $day <10;
$month = "0".$month if $month<10;
my $file = "$server-$year$month$day-$hour$min$sec-$if.pcap.gz";
my $dir = "$year/$month/$day/$hour";
my $cmd = $config{command};
$cmd =~ s/%F/$file/g;
$cmd =~ s/%S/$server/g;
$cmd =~ s/%I/$if/g;
$cmd =~ s/%P/$dir/g;
$cmd =~ s/%Y/$year/g;
$cmd =~ s/%M/$month/g;
$cmd =~ s/%D/$day/g;
$cmd =~ s/%h/$hour/g;
$cmd =~ s/%m/$min/g;
$cmd =~ s/%s/$sec/g;
#print "$cmd\n";
mkpath "$destdir/$dir";
move ("$destdir/$f","$destdir/$dir/$file");
spawn($cmd);
#print "hello $hour, $min, $sec,-- $day,$month,$year\n";
#print "mkdir $dir\n";
#print "mv $destdir/$f $destdir/$dir/$file\n";
}
}
}
closedir(DIR);
}
#printf("blipp\n");
sleep(5);
}
########## exit cleanup
syslog 'info',"Shutting down collector ...\n";
foreach my $pid (@tspid)
{
if ($pid ne 0)
{
print "Stopping tracesplit ($pid)\n";
syslog LOG_INFO,"Stopping tracesplit ($pid)\n";
kill( - SIGABRT, $pid);
}
}
foreach my $pid (@tdpid)
{
if ($pid ne 0)
{
syslog LOG_INFO,"Stopping tcpdump ($pid)\n";
kill( - SIGABRT, $pid);
}
}
syslog LOG_INFO,"removing pidfile\n";
unlink($pidfile);
syslog LOG_INFO,"bye bye\n";
closelog;
exit;
########## functions
sub spawn
{
my $cmd = shift;
defined(my $pid = fork) or die "Can't fork: $!";
if ($pid == 0)
{
exec $cmd;
syslog LOG_ERROR,"Couldn't run $cmd\n";
die "Couldn't run $cmd";
}
return $pid;
}
sub daemonize
{
chdir '/' or die "Can't chdir to /: $!";
defined(my $pid = fork) or die "Can't fork: $!";
exit if $pid;
setsid or die "Can't start a new session: $!";
umask 0;
open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
open STDOUT, ">>$logfile" or die "Can't write to $logfile: $!";
open STDERR, ">>$logfile" or die "Can't write to $logfile: $!";
}
sub reaper {
my $stiff;
while ( ($stiff = waitpid(-1, &WNOHANG) ) > 0 )
{
#print "child $stiff terminated -- status $?";
}
$SIG{CHLD} = \&reaper;
}

348
compile Executable file
View file

@ -0,0 +1,348 @@
#! /bin/sh
# Wrapper for compilers which do not understand '-c -o'.
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
nl='
'
# We need space, tab and new line, in precisely that order. Quoting is
# there to prevent tools from complaining about whitespace usage.
IFS=" "" $nl"
file_conv=
# func_file_conv build_file lazy
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts. If the determined conversion
# type is listed in (the comma separated) LAZY, no conversion will
# take place.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv/,$2, in
*,$file_conv,*)
;;
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/* | msys/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_cl_dashL linkdir
# Make cl look for libraries in LINKDIR
func_cl_dashL ()
{
func_file_conv "$1"
if test -z "$lib_path"; then
lib_path=$file
else
lib_path="$lib_path;$file"
fi
linker_opts="$linker_opts -LIBPATH:$file"
}
# func_cl_dashl library
# Do a library search-path lookup for cl
func_cl_dashl ()
{
lib=$1
found=no
save_IFS=$IFS
IFS=';'
for dir in $lib_path $LIB
do
IFS=$save_IFS
if $shared && test -f "$dir/$lib.dll.lib"; then
found=yes
lib=$dir/$lib.dll.lib
break
fi
if test -f "$dir/$lib.lib"; then
found=yes
lib=$dir/$lib.lib
break
fi
if test -f "$dir/lib$lib.a"; then
found=yes
lib=$dir/lib$lib.a
break
fi
done
IFS=$save_IFS
if test "$found" != yes; then
lib=$lib.lib
fi
}
# func_cl_wrapper cl arg...
# Adjust compile command to suit cl
func_cl_wrapper ()
{
# Assume a capable shell
lib_path=
shared=:
linker_opts=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
eat=1
case $2 in
*.o | *.[oO][bB][jJ])
func_file_conv "$2"
set x "$@" -Fo"$file"
shift
;;
*)
func_file_conv "$2"
set x "$@" -Fe"$file"
shift
;;
esac
;;
-I)
eat=1
func_file_conv "$2" mingw
set x "$@" -I"$file"
shift
;;
-I*)
func_file_conv "${1#-I}" mingw
set x "$@" -I"$file"
shift
;;
-l)
eat=1
func_cl_dashl "$2"
set x "$@" "$lib"
shift
;;
-l*)
func_cl_dashl "${1#-l}"
set x "$@" "$lib"
shift
;;
-L)
eat=1
func_cl_dashL "$2"
;;
-L*)
func_cl_dashL "${1#-L}"
;;
-static)
shared=false
;;
-Wl,*)
arg=${1#-Wl,}
save_ifs="$IFS"; IFS=','
for flag in $arg; do
IFS="$save_ifs"
linker_opts="$linker_opts $flag"
done
IFS="$save_ifs"
;;
-Xlinker)
eat=1
linker_opts="$linker_opts $2"
;;
-*)
set x "$@" "$1"
shift
;;
*.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
func_file_conv "$1"
set x "$@" -Tp"$file"
shift
;;
*.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
func_file_conv "$1" mingw
set x "$@" "$file"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -n "$linker_opts"; then
linker_opts="-link$linker_opts"
fi
exec "$@" $linker_opts
exit 1
}
eat=
case $1 in
'')
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: compile [--help] [--version] PROGRAM [ARGS]
Wrapper for compilers which do not understand '-c -o'.
Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
arguments, and rename the output as expected.
If you are trying to build a whole package this is not the
right script to run: please start by reading the file 'INSTALL'.
Report bugs to <bug-automake@gnu.org>.
EOF
exit $?
;;
-v | --v*)
echo "compile $scriptversion"
exit $?
;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
func_cl_wrapper "$@" # Doesn't return...
;;
esac
ofile=
cfile=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
# So we strip '-o arg' only if arg is an object.
eat=1
case $2 in
*.o | *.obj)
ofile=$2
;;
*)
set x "$@" -o "$2"
shift
;;
esac
;;
*.c)
cfile=$1
set x "$@" "$1"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -z "$ofile" || test -z "$cfile"; then
# If no '-o' option was seen then we might have been invoked from a
# pattern rule where we don't need one. That is ok -- this is a
# normal compilation that the losing compiler can handle. If no
# '.c' file was seen then we are probably linking. That is also
# ok.
exec "$@"
fi
# Name of file we expect compiler to create.
cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
# Create the lock directory.
# Note: use '[/\\:.-]' here to ensure that we don't use the same name
# that we are using for the .o file. Also, base the name on the expected
# object file name, since that is what matters with a parallel build.
lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
while true; do
if mkdir "$lockdir" >/dev/null 2>&1; then
break
fi
sleep 1
done
# FIXME: race condition here if user kills between mkdir and trap.
trap "rmdir '$lockdir'; exit 1" 1 2 15
# Run the compile.
"$@"
ret=$?
if test -f "$cofile"; then
test "$cofile" = "$ofile" || mv "$cofile" "$ofile"
elif test -f "${cofile}bj"; then
test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile"
fi
rmdir "$lockdir"
exit $ret
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

1754
config.guess vendored Executable file
View file

File diff suppressed because it is too large Load diff

1890
config.sub vendored Executable file
View file

File diff suppressed because it is too large Load diff

7905
configure vendored Executable file
View file

File diff suppressed because it is too large Load diff

93
configure.ac Normal file
View file

@ -0,0 +1,93 @@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
AC_PREREQ(2.61)
AC_INIT([packetq], [1.7.3], [admin@dns-oarc.net], [packetq], [https://github.com/DNS-OARC/packetq/issues])
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
AC_CONFIG_SRCDIR([src/packetq.cpp])
AC_CONFIG_HEADER([src/config.h])
# Checks for programs.
AC_PROG_CXX
AS_VAR_APPEND(CXXFLAGS, [" -std=c++11"])
# Check --enable-warn-all
AC_ARG_ENABLE([warn-all], [AS_HELP_STRING([--enable-warn-all], [Enable all compiler warnings])], [
AX_CXXFLAGS_WARN_ALL()
AS_VAR_APPEND(CXXFLAGS, [" -Wno-vla"])
])
# Check --with-extra-cxxflags
AC_ARG_WITH([extra-cxxflags], [AS_HELP_STRING([--with-extra-cxxflags=CXXFLAGS], [Add extra CXXFLAGS])], [
AC_MSG_NOTICE([appending extra CXXFLAGS... $withval])
AS_VAR_APPEND(CXXFLAGS, [" $withval"])
])
# Check --with-extra-ldflags
AC_ARG_WITH([extra-ldflags], [AS_HELP_STRING([--with-extra-ldflags=LDFLAGS], [Add extra LDFLAGS])], [
AC_MSG_NOTICE([appending extra LDFLAGS... $withval])
AS_VAR_APPEND(LDFLAGS, [" $withval"])
])
# Check --enable-gcov
AC_ARG_ENABLE([gcov], [AS_HELP_STRING([--enable-gcov], [Enable coverage testing])], [
coverage_cxxflags="--coverage -g -O0 -fno-inline -fno-inline-small-functions -fno-default-inline"
AC_MSG_NOTICE([enabling coverage testing... $coverage_cxxflags])
AS_VAR_APPEND(CXXFLAGS, [" $coverage_cxxflags"])
])
AM_CONDITIONAL([ENABLE_GCOV], [test "x$enable_gcov" != "xno"])
AM_EXTRA_RECURSIVE_TARGETS([gcov])
# Checks for libraries.
AC_CHECK_LIB([z], [deflate])
AC_CHECK_LIB([socket], socket)
AC_CHECK_LIB([nsl], inet_ntop)
PKG_CHECK_MODULES([libmaxminddb], [libmaxminddb], [AC_DEFINE([HAVE_LIBMAXMINDDB], [1], [Define to 1 if you have libmaxminddb.])], [:])
# Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS([arpa/inet.h limits.h netinet/in.h stdlib.h string.h strings.h sys/socket.h sys/time.h])
AC_CHECK_HEADER(net/ethernet.h, AC_DEFINE(HAVE_NET_ETHERNET_H,1,[has net/ethernet.h header]))
AC_CHECK_HEADER(net/ethertypes.h, AC_DEFINE(HAVE_NET_ETHERTYPES_H,1,[has net/ethertypes.h header]))
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_TYPE_SIZE_T
AC_HEADER_TIME
# Checks for library functions.
AC_FUNC_REALLOC
AC_FUNC_STRFTIME
AC_CHECK_FUNCS([bzero regcomp strtoul])
AC_CHECK_FUNCS([dup2])
AC_CHECK_FUNCS([mkdir])
AC_CHECK_FUNCS([strdup])
AC_CHECK_FUNCS([strerror])
AC_CHECK_HEADERS([fcntl.h])
AC_CHECK_HEADERS([syslog.h])
# Language used for further checks.
AC_LANG([C])
AC_CONFIG_FILES([
Makefile
src/Makefile
src/test/Makefile
])
AC_OUTPUT

791
depcomp Executable file
View file

@ -0,0 +1,791 @@
#! /bin/sh
# depcomp - compile a program generating dependencies as side-effects
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
case $1 in
'')
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: depcomp [--help] [--version] PROGRAM [ARGS]
Run PROGRAMS ARGS to compile a file, generating dependencies
as side-effects.
Environment variables:
depmode Dependency tracking mode.
source Source file read by 'PROGRAMS ARGS'.
object Object file output by 'PROGRAMS ARGS'.
DEPDIR directory where to store dependencies.
depfile Dependency file to output.
tmpdepfile Temporary file to use when outputting dependencies.
libtool Whether libtool is used (yes/no).
Report bugs to <bug-automake@gnu.org>.
EOF
exit $?
;;
-v | --v*)
echo "depcomp $scriptversion"
exit $?
;;
esac
# Get the directory component of the given path, and save it in the
# global variables '$dir'. Note that this directory component will
# be either empty or ending with a '/' character. This is deliberate.
set_dir_from ()
{
case $1 in
*/*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;;
*) dir=;;
esac
}
# Get the suffix-stripped basename of the given path, and save it the
# global variable '$base'.
set_base_from ()
{
base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'`
}
# If no dependency file was actually created by the compiler invocation,
# we still have to create a dummy depfile, to avoid errors with the
# Makefile "include basename.Plo" scheme.
make_dummy_depfile ()
{
echo "#dummy" > "$depfile"
}
# Factor out some common post-processing of the generated depfile.
# Requires the auxiliary global variable '$tmpdepfile' to be set.
aix_post_process_depfile ()
{
# If the compiler actually managed to produce a dependency file,
# post-process it.
if test -f "$tmpdepfile"; then
# Each line is of the form 'foo.o: dependency.h'.
# Do two passes, one to just change these to
# $object: dependency.h
# and one to simply output
# dependency.h:
# which is needed to avoid the deleted-header problem.
{ sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile"
sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile"
} > "$depfile"
rm -f "$tmpdepfile"
else
make_dummy_depfile
fi
}
# A tabulation character.
tab=' '
# A newline character.
nl='
'
# Character ranges might be problematic outside the C locale.
# These definitions help.
upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ
lower=abcdefghijklmnopqrstuvwxyz
digits=0123456789
alpha=${upper}${lower}
if test -z "$depmode" || test -z "$source" || test -z "$object"; then
echo "depcomp: Variables source, object and depmode must be set" 1>&2
exit 1
fi
# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
depfile=${depfile-`echo "$object" |
sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
rm -f "$tmpdepfile"
# Avoid interferences from the environment.
gccflag= dashmflag=
# Some modes work just like other modes, but use different flags. We
# parameterize here, but still list the modes in the big case below,
# to make depend.m4 easier to write. Note that we *cannot* use a case
# here, because this file can only contain one case statement.
if test "$depmode" = hp; then
# HP compiler uses -M and no extra arg.
gccflag=-M
depmode=gcc
fi
if test "$depmode" = dashXmstdout; then
# This is just like dashmstdout with a different argument.
dashmflag=-xM
depmode=dashmstdout
fi
cygpath_u="cygpath -u -f -"
if test "$depmode" = msvcmsys; then
# This is just like msvisualcpp but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u='sed s,\\\\,/,g'
depmode=msvisualcpp
fi
if test "$depmode" = msvc7msys; then
# This is just like msvc7 but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u='sed s,\\\\,/,g'
depmode=msvc7
fi
if test "$depmode" = xlc; then
# IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information.
gccflag=-qmakedep=gcc,-MF
depmode=gcc
fi
case "$depmode" in
gcc3)
## gcc 3 implements dependency tracking that does exactly what
## we want. Yay! Note: for some reason libtool 1.4 doesn't like
## it if -MD -MP comes after the -MF stuff. Hmm.
## Unfortunately, FreeBSD c89 acceptance of flags depends upon
## the command line argument order; so add the flags where they
## appear in depend2.am. Note that the slowdown incurred here
## affects only configure: in makefiles, %FASTDEP% shortcuts this.
for arg
do
case $arg in
-c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
*) set fnord "$@" "$arg" ;;
esac
shift # fnord
shift # $arg
done
"$@"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
mv "$tmpdepfile" "$depfile"
;;
gcc)
## Note that this doesn't just cater to obsosete pre-3.x GCC compilers.
## but also to in-use compilers like IMB xlc/xlC and the HP C compiler.
## (see the conditional assignment to $gccflag above).
## There are various ways to get dependency output from gcc. Here's
## why we pick this rather obscure method:
## - Don't want to use -MD because we'd like the dependencies to end
## up in a subdir. Having to rename by hand is ugly.
## (We might end up doing this anyway to support other compilers.)
## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
## -MM, not -M (despite what the docs say). Also, it might not be
## supported by the other compilers which use the 'gcc' depmode.
## - Using -M directly means running the compiler twice (even worse
## than renaming).
if test -z "$gccflag"; then
gccflag=-MD,
fi
"$@" -Wp,"$gccflag$tmpdepfile"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
echo "$object : \\" > "$depfile"
# The second -e expression handles DOS-style file names with drive
# letters.
sed -e 's/^[^:]*: / /' \
-e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
## This next piece of magic avoids the "deleted header file" problem.
## The problem is that when a header file which appears in a .P file
## is deleted, the dependency causes make to die (because there is
## typically no way to rebuild the header). We avoid this by adding
## dummy dependencies for each header file. Too bad gcc doesn't do
## this for us directly.
## Some versions of gcc put a space before the ':'. On the theory
## that the space means something, we add a space to the output as
## well. hp depmode also adds that space, but also prefixes the VPATH
## to the object. Take care to not repeat it in the output.
## Some versions of the HPUX 10.20 sed can't process this invocation
## correctly. Breaking it into two sed invocations is a workaround.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
hp)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
sgi)
if test "$libtool" = yes; then
"$@" "-Wp,-MDupdate,$tmpdepfile"
else
"$@" -MDupdate "$tmpdepfile"
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files
echo "$object : \\" > "$depfile"
# Clip off the initial element (the dependent). Don't try to be
# clever and replace this with sed code, as IRIX sed won't handle
# lines with more than a fixed number of characters (4096 in
# IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines;
# the IRIX cc adds comments like '#:fec' to the end of the
# dependency line.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \
| tr "$nl" ' ' >> "$depfile"
echo >> "$depfile"
# The second pass generates a dummy entry for each header file.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
>> "$depfile"
else
make_dummy_depfile
fi
rm -f "$tmpdepfile"
;;
xlc)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
aix)
# The C for AIX Compiler uses -M and outputs the dependencies
# in a .u file. In older versions, this file always lives in the
# current directory. Also, the AIX compiler puts '$object:' at the
# start of each line; $object doesn't have directory information.
# Version 6 uses the directory in both cases.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
tmpdepfile1=$dir$base.u
tmpdepfile2=$base.u
tmpdepfile3=$dir.libs/$base.u
"$@" -Wc,-M
else
tmpdepfile1=$dir$base.u
tmpdepfile2=$dir$base.u
tmpdepfile3=$dir$base.u
"$@" -M
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
do
test -f "$tmpdepfile" && break
done
aix_post_process_depfile
;;
tcc)
# tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26
# FIXME: That version still under development at the moment of writing.
# Make that this statement remains true also for stable, released
# versions.
# It will wrap lines (doesn't matter whether long or short) with a
# trailing '\', as in:
#
# foo.o : \
# foo.c \
# foo.h \
#
# It will put a trailing '\' even on the last line, and will use leading
# spaces rather than leading tabs (at least since its commit 0394caf7
# "Emit spaces for -MD").
"$@" -MD -MF "$tmpdepfile"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
# Each non-empty line is of the form 'foo.o : \' or ' dep.h \'.
# We have to change lines of the first kind to '$object: \'.
sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile"
# And for each line of the second kind, we have to emit a 'dep.h:'
# dummy dependency, to avoid the deleted-header problem.
sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile"
rm -f "$tmpdepfile"
;;
## The order of this option in the case statement is important, since the
## shell code in configure will try each of these formats in the order
## listed in this file. A plain '-MD' option would be understood by many
## compilers, so we must ensure this comes after the gcc and icc options.
pgcc)
# Portland's C compiler understands '-MD'.
# Will always output deps to 'file.d' where file is the root name of the
# source file under compilation, even if file resides in a subdirectory.
# The object file name does not affect the name of the '.d' file.
# pgcc 10.2 will output
# foo.o: sub/foo.c sub/foo.h
# and will wrap long lines using '\' :
# foo.o: sub/foo.c ... \
# sub/foo.h ... \
# ...
set_dir_from "$object"
# Use the source, not the object, to determine the base name, since
# that's sadly what pgcc will do too.
set_base_from "$source"
tmpdepfile=$base.d
# For projects that build the same source file twice into different object
# files, the pgcc approach of using the *source* file root name can cause
# problems in parallel builds. Use a locking strategy to avoid stomping on
# the same $tmpdepfile.
lockdir=$base.d-lock
trap "
echo '$0: caught signal, cleaning up...' >&2
rmdir '$lockdir'
exit 1
" 1 2 13 15
numtries=100
i=$numtries
while test $i -gt 0; do
# mkdir is a portable test-and-set.
if mkdir "$lockdir" 2>/dev/null; then
# This process acquired the lock.
"$@" -MD
stat=$?
# Release the lock.
rmdir "$lockdir"
break
else
# If the lock is being held by a different process, wait
# until the winning process is done or we timeout.
while test -d "$lockdir" && test $i -gt 0; do
sleep 1
i=`expr $i - 1`
done
fi
i=`expr $i - 1`
done
trap - 1 2 13 15
if test $i -le 0; then
echo "$0: failed to acquire lock after $numtries attempts" >&2
echo "$0: check lockdir '$lockdir'" >&2
exit 1
fi
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
# Each line is of the form `foo.o: dependent.h',
# or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
# Do two passes, one to just change these to
# `$object: dependent.h' and one to simply `dependent.h:'.
sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process this invocation
# correctly. Breaking it into two sed invocations is a workaround.
sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
hp2)
# The "hp" stanza above does not work with aCC (C++) and HP's ia64
# compilers, which have integrated preprocessors. The correct option
# to use with these is +Maked; it writes dependencies to a file named
# 'foo.d', which lands next to the object file, wherever that
# happens to be.
# Much of this is similar to the tru64 case; see comments there.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir.libs/$base.d
"$@" -Wc,+Maked
else
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir$base.d
"$@" +Maked
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
do
test -f "$tmpdepfile" && break
done
if test -f "$tmpdepfile"; then
sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile"
# Add 'dependent.h:' lines.
sed -ne '2,${
s/^ *//
s/ \\*$//
s/$/:/
p
}' "$tmpdepfile" >> "$depfile"
else
make_dummy_depfile
fi
rm -f "$tmpdepfile" "$tmpdepfile2"
;;
tru64)
# The Tru64 compiler uses -MD to generate dependencies as a side
# effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'.
# At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
# dependencies in 'foo.d' instead, so we check for that too.
# Subdirectories are respected.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
# Libtool generates 2 separate objects for the 2 libraries. These
# two compilations output dependencies in $dir.libs/$base.o.d and
# in $dir$base.o.d. We have to check for both files, because
# one of the two compilations can be disabled. We should prefer
# $dir$base.o.d over $dir.libs/$base.o.d because the latter is
# automatically cleaned when .libs/ is deleted, while ignoring
# the former would cause a distcleancheck panic.
tmpdepfile1=$dir$base.o.d # libtool 1.5
tmpdepfile2=$dir.libs/$base.o.d # Likewise.
tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504
"$@" -Wc,-MD
else
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir$base.d
tmpdepfile3=$dir$base.d
"$@" -MD
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
do
test -f "$tmpdepfile" && break
done
# Same post-processing that is required for AIX mode.
aix_post_process_depfile
;;
msvc7)
if test "$libtool" = yes; then
showIncludes=-Wc,-showIncludes
else
showIncludes=-showIncludes
fi
"$@" $showIncludes > "$tmpdepfile"
stat=$?
grep -v '^Note: including file: ' "$tmpdepfile"
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
echo "$object : \\" > "$depfile"
# The first sed program below extracts the file names and escapes
# backslashes for cygpath. The second sed program outputs the file
# name when reading, but also accumulates all include files in the
# hold buffer in order to output them again at the end. This only
# works with sed implementations that can handle large buffers.
sed < "$tmpdepfile" -n '
/^Note: including file: *\(.*\)/ {
s//\1/
s/\\/\\\\/g
p
}' | $cygpath_u | sort -u | sed -n '
s/ /\\ /g
s/\(.*\)/'"$tab"'\1 \\/p
s/.\(.*\) \\/\1:/
H
$ {
s/.*/'"$tab"'/
G
p
}' >> "$depfile"
echo >> "$depfile" # make sure the fragment doesn't end with a backslash
rm -f "$tmpdepfile"
;;
msvc7msys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
#nosideeffect)
# This comment above is used by automake to tell side-effect
# dependency tracking mechanisms from slower ones.
dashmstdout)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout, regardless of -o.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# Remove '-o $object'.
IFS=" "
for arg
do
case $arg in
-o)
shift
;;
$object)
shift
;;
*)
set fnord "$@" "$arg"
shift # fnord
shift # $arg
;;
esac
done
test -z "$dashmflag" && dashmflag=-M
# Require at least two characters before searching for ':'
# in the target name. This is to cope with DOS-style filenames:
# a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise.
"$@" $dashmflag |
sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile"
rm -f "$depfile"
cat < "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process this sed invocation
# correctly. Breaking it into two sed invocations is a workaround.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
dashXmstdout)
# This case only exists to satisfy depend.m4. It is never actually
# run, as this mode is specially recognized in the preamble.
exit 1
;;
makedepend)
"$@" || exit $?
# Remove any Libtool call
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# X makedepend
shift
cleared=no eat=no
for arg
do
case $cleared in
no)
set ""; shift
cleared=yes ;;
esac
if test $eat = yes; then
eat=no
continue
fi
case "$arg" in
-D*|-I*)
set fnord "$@" "$arg"; shift ;;
# Strip any option that makedepend may not understand. Remove
# the object too, otherwise makedepend will parse it as a source file.
-arch)
eat=yes ;;
-*|$object)
;;
*)
set fnord "$@" "$arg"; shift ;;
esac
done
obj_suffix=`echo "$object" | sed 's/^.*\././'`
touch "$tmpdepfile"
${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
rm -f "$depfile"
# makedepend may prepend the VPATH from the source file name to the object.
# No need to regex-escape $object, excess matching of '.' is harmless.
sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process the last invocation
# correctly. Breaking it into two sed invocations is a workaround.
sed '1,2d' "$tmpdepfile" \
| tr ' ' "$nl" \
| sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile" "$tmpdepfile".bak
;;
cpp)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# Remove '-o $object'.
IFS=" "
for arg
do
case $arg in
-o)
shift
;;
$object)
shift
;;
*)
set fnord "$@" "$arg"
shift # fnord
shift # $arg
;;
esac
done
"$@" -E \
| sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
-e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
| sed '$ s: \\$::' > "$tmpdepfile"
rm -f "$depfile"
echo "$object : \\" > "$depfile"
cat < "$tmpdepfile" >> "$depfile"
sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvisualcpp)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
IFS=" "
for arg
do
case "$arg" in
-o)
shift
;;
$object)
shift
;;
"-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
set fnord "$@"
shift
shift
;;
*)
set fnord "$@" "$arg"
shift
shift
;;
esac
done
"$@" -E 2>/dev/null |
sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
rm -f "$depfile"
echo "$object : \\" > "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile"
echo "$tab" >> "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvcmsys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
none)
exec "$@"
;;
*)
echo "Unknown depmode $depmode" 1>&2
exit 1
;;
esac
exit 0
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

541
install-sh Executable file
View file

@ -0,0 +1,541 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2020-11-14.01; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# following copyright and license.
#
# Copyright (C) 1994 X Consortium
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Except as contained in this notice, the name of the X Consortium shall not
# be used in advertising or otherwise to promote the sale, use or other deal-
# ings in this Software without prior written authorization from the X Consor-
# tium.
#
#
# FSF changes to this file are in the public domain.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# 'make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch.
tab=' '
nl='
'
IFS=" $tab$nl"
# Set DOITPROG to "echo" to test this script.
doit=${DOITPROG-}
doit_exec=${doit:-exec}
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
chgrpprog=${CHGRPPROG-chgrp}
chmodprog=${CHMODPROG-chmod}
chownprog=${CHOWNPROG-chown}
cmpprog=${CMPPROG-cmp}
cpprog=${CPPROG-cp}
mkdirprog=${MKDIRPROG-mkdir}
mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_mkdir=
# Desired mode of installed file.
mode=0755
# Create dirs (including intermediate dirs) using mode 755.
# This is like GNU 'install' as of coreutils 8.32 (2020).
mkdir_umask=22
backupsuffix=
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
mvcmd=$mvprog
rmcmd="$rmprog -f"
stripcmd=
src=
dst=
dir_arg=
dst_arg=
copy_on_change=false
is_target_a_directory=possibly
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 1st form, copy SRCFILE to DSTFILE.
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
In the 4th, create DIRECTORIES.
Options:
--help display this help and exit.
--version display version info and exit.
-c (ignored)
-C install only if different (preserve data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-p pass -p to $cpprog.
-s $stripprog installed files.
-S SUFFIX attempt to back up existing files, with suffix SUFFIX.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
By default, rm is invoked with -f; when overridden with RMPROG,
it's up to you to specify -f if you want it.
If -S is not specified, no backups are attempted.
Email bug reports to bug-automake@gnu.org.
Automake home page: https://www.gnu.org/software/automake/
"
while test $# -ne 0; do
case $1 in
-c) ;;
-C) copy_on_change=true;;
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
-p) cpprog="$cpprog -p";;
-s) stripcmd=$stripprog;;
-S) backupsuffix="$2"
shift;;
-t)
is_target_a_directory=always
dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) is_target_a_directory=never;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
# We allow the use of options -d and -T together, by making -d
# take the precedence; this is for compatibility with GNU install.
if test -n "$dir_arg"; then
if test -n "$dst_arg"; then
echo "$0: target directory not allowed when installing a directory." >&2
exit 1
fi
fi
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
dst_arg=$arg
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done
fi
if test $# -eq 0; then
if test -z "$dir_arg"; then
echo "$0: no input file specified." >&2
exit 1
fi
# It's OK to call 'install-sh -d' without argument.
# This can happen when creating conditional directories.
exit 0
fi
if test -z "$dir_arg"; then
if test $# -gt 1 || test "$is_target_a_directory" = always; then
if test ! -d "$dst_arg"; then
echo "$0: $dst_arg: Is not a directory." >&2
exit 1
fi
fi
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps.
case $mode in
# Optimize common cases.
*644) cp_umask=133;;
*755) cp_umask=22;;
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
fi
for src
do
# Protect names problematic for 'test' and other utilities.
case $src in
-* | [=\(\)!]) src=./$src;;
esac
if test -n "$dir_arg"; then
dst=$src
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
# Don't chown directories that already exist.
if test $dstdir_status = 0; then
chowncmd=""
fi
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if test ! -f "$src" && test ! -d "$src"; then
echo "$0: $src does not exist." >&2
exit 1
fi
if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
dst=$dst_arg
# If destination is a directory, append the input filename.
if test -d "$dst"; then
if test "$is_target_a_directory" = never; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dstbase=`basename "$src"`
case $dst in
*/) dst=$dst$dstbase;;
*) dst=$dst/$dstbase;;
esac
dstdir_status=0
else
dstdir=`dirname "$dst"`
test -d "$dstdir"
dstdir_status=$?
fi
fi
case $dstdir in
*/) dstdirslash=$dstdir;;
*) dstdirslash=$dstdir/;;
esac
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
# The $RANDOM variable is not portable (e.g., dash). Use it
# here however when possible just to lower collision chance.
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap '
ret=$?
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null
exit $ret
' 0
# Because "mkdir -p" follows existing symlinks and we likely work
# directly in world-writeable /tmp, make sure that the '$tmpdir'
# directory is successfully created first before we actually test
# 'mkdir -p'.
if (umask $mkdir_umask &&
$mkdirprog $mkdir_mode "$tmpdir" &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
test_tmpdir="$tmpdir/a"
ls_ld_tmpdir=`ls -ld "$test_tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$test_tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null
fi
trap '' 0;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
# mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
oIFS=$IFS
IFS=/
set -f
set fnord $dstdir
shift
set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
if test -n "$dir_arg"; then
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
else
# Make a couple of temp file names in the proper directory.
dsttmp=${dstdirslash}_inst.$$_
rmtmp=${dstdirslash}_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask &&
{ test -z "$stripcmd" || {
# Create $dsttmp read-write so that cp doesn't create it read-only,
# which would cause strip to fail.
if test -z "$doit"; then
: >"$dsttmp" # No need to fork-exec 'touch'.
else
$doit touch "$dsttmp"
fi
}
} &&
$doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
rm -f "$dsttmp"
else
# If $backupsuffix is set, and the file being installed
# already exists, attempt a backup. Don't worry if it fails,
# e.g., if mv doesn't support -f.
if test -n "$backupsuffix" && test -f "$dst"; then
$doit $mvcmd -f "$dst" "$dst$backupsuffix" 2>/dev/null
fi
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
# The rename failed, perhaps because mv can't rename something else
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
trap '' 0
fi
done
# Local variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

50
m4/ax_append_flag.m4 Normal file
View file

@ -0,0 +1,50 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_append_flag.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_APPEND_FLAG(FLAG, [FLAGS-VARIABLE])
#
# DESCRIPTION
#
# FLAG is appended to the FLAGS-VARIABLE shell variable, with a space
# added in between.
#
# If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
# CFLAGS) is used. FLAGS-VARIABLE is not changed if it already contains
# FLAG. If FLAGS-VARIABLE is unset in the shell, it is set to exactly
# FLAG.
#
# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 8
AC_DEFUN([AX_APPEND_FLAG],
[dnl
AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_SET_IF
AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])
AS_VAR_SET_IF(FLAGS,[
AS_CASE([" AS_VAR_GET(FLAGS) "],
[*" $1 "*], [AC_RUN_LOG([: FLAGS already contains $1])],
[
AS_VAR_APPEND(FLAGS,[" $1"])
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
],
[
AS_VAR_SET(FLAGS,[$1])
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
AS_VAR_POPDEF([FLAGS])dnl
])dnl AX_APPEND_FLAG

158
m4/ax_cflags_warn_all.m4 Normal file
View file

@ -0,0 +1,158 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_cflags_warn_all.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_CFLAGS_WARN_ALL [(shellvar[, default[, action-if-found[, action-if-not-found]]])]
# AX_CXXFLAGS_WARN_ALL [(shellvar[, default[, action-if-found[, action-if-not-found]]])]
# AX_FCFLAGS_WARN_ALL [(shellvar[, default[, action-if-found[, action-if-not-found]]])]
#
# DESCRIPTION
#
# Specify compiler options that enable most reasonable warnings. For the
# GNU Compiler Collection (GCC), for example, it will be "-Wall". The
# result is added to shellvar, one of CFLAGS, CXXFLAGS or FCFLAGS if the
# first parameter is not specified.
#
# Each of these macros accepts the following optional arguments:
#
# - $1 - shellvar
# shell variable to use (CFLAGS, CXXFLAGS or FCFLAGS if not
# specified, depending on macro)
#
# - $2 - default
# value to use for flags if compiler vendor cannot be determined (by
# default, "")
#
# - $3 - action-if-found
# action to take if the compiler vendor has been successfully
# determined (by default, add the appropriate compiler flags to
# shellvar)
#
# - $4 - action-if-not-found
# action to take if the compiler vendor has not been determined or
# is unknown (by default, add the default flags, or "" if not
# specified, to shellvar)
#
# These macros use AX_COMPILER_VENDOR to determine which flags should be
# returned for a given compiler. Not all compilers currently have flags
# defined for them; patches are welcome. If need be, compiler flags may
# be made language-dependent: use a construct like the following:
#
# [vendor_name], [m4_if(_AC_LANG_PREFIX,[C], VAR="--relevant-c-flags",dnl
# m4_if(_AC_LANG_PREFIX,[CXX], VAR="--relevant-c++-flags",dnl
# m4_if(_AC_LANG_PREFIX,[FC], VAR="--relevant-fortran-flags",dnl
# VAR="$2"; FOUND="no")))],
#
# Note: These macros also depend on AX_PREPEND_FLAG.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2010 Rhys Ulerich <rhys.ulerich@gmail.com>
# Copyright (c) 2018 John Zaitseff <J.Zaitseff@zap.org.au>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <https://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 25
AC_DEFUN([AX_FLAGS_WARN_ALL], [
AX_REQUIRE_DEFINED([AX_PREPEND_FLAG])dnl
AC_REQUIRE([AX_COMPILER_VENDOR])dnl
AS_VAR_PUSHDEF([FLAGS], [m4_default($1,_AC_LANG_PREFIX[]FLAGS)])dnl
AS_VAR_PUSHDEF([VAR], [ac_cv_[]_AC_LANG_ABBREV[]flags_warn_all])dnl
AS_VAR_PUSHDEF([FOUND], [ac_save_[]_AC_LANG_ABBREV[]flags_warn_all_found])dnl
AC_CACHE_CHECK([FLAGS for most reasonable warnings], VAR, [
VAR=""
FOUND="yes"
dnl Cases are listed in the order found in ax_compiler_vendor.m4
AS_CASE("$ax_cv_[]_AC_LANG_ABBREV[]_compiler_vendor",
[intel], [VAR="-w2"],
[ibm], [VAR="-qsrcmsg -qinfo=all:noppt:noppc:noobs:nocnd"],
[pathscale], [],
[clang], [VAR="-Wall"],
[cray], [VAR="-h msglevel 2"],
[fujitsu], [],
[sdcc], [],
[sx], [VAR="-pvctl[,]fullmsg"],
[portland], [],
[gnu], [VAR="-Wall"],
[sun], [VAR="-v"],
[hp], [VAR="+w1"],
[dec], [VAR="-verbose -w0 -warnprotos"],
[borland], [],
[comeau], [],
[kai], [],
[lcc], [],
[sgi], [VAR="-fullwarn"],
[microsoft], [],
[metrowerks], [],
[watcom], [],
[tcc], [],
[unknown], [
VAR="$2"
FOUND="no"
],
[
AC_MSG_WARN([Unknown compiler vendor returned by [AX_COMPILER_VENDOR]])
VAR="$2"
FOUND="no"
]
)
AS_IF([test "x$FOUND" = "xyes"], [dnl
m4_default($3, [AS_IF([test "x$VAR" != "x"], [AX_PREPEND_FLAG([$VAR], [FLAGS])])])
], [dnl
m4_default($4, [m4_ifval($2, [AX_PREPEND_FLAG([$VAR], [FLAGS])], [true])])
])dnl
])dnl
AS_VAR_POPDEF([FOUND])dnl
AS_VAR_POPDEF([VAR])dnl
AS_VAR_POPDEF([FLAGS])dnl
])dnl AX_FLAGS_WARN_ALL
AC_DEFUN([AX_CFLAGS_WARN_ALL], [dnl
AC_LANG_PUSH([C])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C])
])dnl
AC_DEFUN([AX_CXXFLAGS_WARN_ALL], [dnl
AC_LANG_PUSH([C++])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C++])
])dnl
AC_DEFUN([AX_FCFLAGS_WARN_ALL], [dnl
AC_LANG_PUSH([Fortran])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([Fortran])
])dnl

117
m4/ax_compiler_vendor.m4 Normal file
View file

@ -0,0 +1,117 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_compiler_vendor.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_COMPILER_VENDOR
#
# DESCRIPTION
#
# Determine the vendor of the C, C++ or Fortran compiler. The vendor is
# returned in the cache variable $ax_cv_c_compiler_vendor for C,
# $ax_cv_cxx_compiler_vendor for C++ or $ax_cv_fc_compiler_vendor for
# (modern) Fortran. The value is one of "intel", "ibm", "pathscale",
# "clang" (LLVM), "cray", "fujitsu", "sdcc", "sx", "portland" (PGI), "gnu"
# (GCC), "sun" (Oracle Developer Studio), "hp", "dec", "borland",
# "comeau", "kai", "lcc", "sgi", "microsoft", "metrowerks", "watcom",
# "tcc" (Tiny CC) or "unknown" (if the compiler cannot be determined).
#
# To check for a Fortran compiler, you must first call AC_FC_PP_SRCEXT
# with an appropriate preprocessor-enabled extension. For example:
#
# AC_LANG_PUSH([Fortran])
# AC_PROG_FC
# AC_FC_PP_SRCEXT([F])
# AX_COMPILER_VENDOR
# AC_LANG_POP([Fortran])
#
# LICENSE
#
# Copyright (c) 2008 Steven G. Johnson <stevenj@alum.mit.edu>
# Copyright (c) 2008 Matteo Frigo
# Copyright (c) 2018-19 John Zaitseff <J.Zaitseff@zap.org.au>
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <https://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 30
AC_DEFUN([AX_COMPILER_VENDOR], [dnl
AC_CACHE_CHECK([for _AC_LANG compiler vendor], ax_cv_[]_AC_LANG_ABBREV[]_compiler_vendor, [dnl
dnl If you modify this list of vendors, please add similar support
dnl to ax_compiler_version.m4 if at all possible.
dnl
dnl Note: Do NOT check for GCC first since some other compilers
dnl define __GNUC__ to remain compatible with it. Compilers that
dnl are very slow to start (such as Intel) are listed first.
vendors="
intel: __ICC,__ECC,__INTEL_COMPILER
ibm: __xlc__,__xlC__,__IBMC__,__IBMCPP__,__ibmxl__
pathscale: __PATHCC__,__PATHSCALE__
clang: __clang__
cray: _CRAYC
fujitsu: __FUJITSU
sdcc: SDCC,__SDCC
sx: _SX
portland: __PGI
gnu: __GNUC__
sun: __SUNPRO_C,__SUNPRO_CC,__SUNPRO_F90,__SUNPRO_F95
hp: __HP_cc,__HP_aCC
dec: __DECC,__DECCXX,__DECC_VER,__DECCXX_VER
borland: __BORLANDC__,__CODEGEARC__,__TURBOC__
comeau: __COMO__
kai: __KCC
lcc: __LCC__
sgi: __sgi,sgi
microsoft: _MSC_VER
metrowerks: __MWERKS__
watcom: __WATCOMC__
tcc: __TINYC__
unknown: UNKNOWN
"
for ventest in $vendors; do
case $ventest in
*:)
vendor=$ventest
continue
;;
*)
vencpp="defined("`echo $ventest | sed 's/,/) || defined(/g'`")"
;;
esac
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
#if !($vencpp)
thisisanerror;
#endif
]])], [break])
done
ax_cv_[]_AC_LANG_ABBREV[]_compiler_vendor=`echo $vendor | cut -d: -f1`
])
])dnl

51
m4/ax_prepend_flag.m4 Normal file
View file

@ -0,0 +1,51 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_prepend_flag.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_PREPEND_FLAG(FLAG, [FLAGS-VARIABLE])
#
# DESCRIPTION
#
# FLAG is added to the front of the FLAGS-VARIABLE shell variable, with a
# space added in between.
#
# If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
# CFLAGS) is used. FLAGS-VARIABLE is not changed if it already contains
# FLAG. If FLAGS-VARIABLE is unset in the shell, it is set to exactly
# FLAG.
#
# NOTE: Implementation based on AX_APPEND_FLAG.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
# Copyright (c) 2018 John Zaitseff <J.Zaitseff@zap.org.au>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 2
AC_DEFUN([AX_PREPEND_FLAG],
[dnl
AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_SET_IF
AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])
AS_VAR_SET_IF(FLAGS,[
AS_CASE([" AS_VAR_GET(FLAGS) "],
[*" $1 "*], [AC_RUN_LOG([: FLAGS already contains $1])],
[
FLAGS="$1 $FLAGS"
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
],
[
AS_VAR_SET(FLAGS,[$1])
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
AS_VAR_POPDEF([FLAGS])dnl
])dnl AX_PREPEND_FLAG

37
m4/ax_require_defined.m4 Normal file
View file

@ -0,0 +1,37 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_require_defined.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_REQUIRE_DEFINED(MACRO)
#
# DESCRIPTION
#
# AX_REQUIRE_DEFINED is a simple helper for making sure other macros have
# been defined and thus are available for use. This avoids random issues
# where a macro isn't expanded. Instead the configure script emits a
# non-fatal:
#
# ./configure: line 1673: AX_CFLAGS_WARN_ALL: command not found
#
# It's like AC_REQUIRE except it doesn't expand the required macro.
#
# Here's an example:
#
# AX_REQUIRE_DEFINED([AX_CHECK_LINK_FLAG])
#
# LICENSE
#
# Copyright (c) 2014 Mike Frysinger <vapier@gentoo.org>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 2
AC_DEFUN([AX_REQUIRE_DEFINED], [dnl
m4_ifndef([$1], [m4_fatal([macro ]$1[ is not defined; is a m4 file missing?])])
])dnl AX_REQUIRE_DEFINED

9
m4/dl.sh Executable file
View file

@ -0,0 +1,9 @@
#!/bin/sh -e
m4_files="ax_prepend_flag.m4 ax_append_flag.m4 ax_cflags_warn_all.m4
ax_require_defined.m4 ax_compiler_vendor.m4"
for ax in $m4_files; do
rm -f "$ax"
wget -O "$ax" "http://git.savannah.gnu.org/gitweb/?p=autoconf-archive.git;a=blob_plain;f=m4/$ax"
done

215
missing Executable file
View file

@ -0,0 +1,215 @@
#! /bin/sh
# Common wrapper for a few potentially missing GNU programs.
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
if test $# -eq 0; then
echo 1>&2 "Try '$0 --help' for more information"
exit 1
fi
case $1 in
--is-lightweight)
# Used by our autoconf macros to check whether the available missing
# script is modern enough.
exit 0
;;
--run)
# Back-compat with the calling convention used by older automake.
shift
;;
-h|--h|--he|--hel|--help)
echo "\
$0 [OPTION]... PROGRAM [ARGUMENT]...
Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due
to PROGRAM being missing or too old.
Options:
-h, --help display this help and exit
-v, --version output version information and exit
Supported PROGRAM values:
aclocal autoconf autoheader autom4te automake makeinfo
bison yacc flex lex help2man
Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and
'g' are ignored when checking the name.
Send bug reports to <bug-automake@gnu.org>."
exit $?
;;
-v|--v|--ve|--ver|--vers|--versi|--versio|--version)
echo "missing $scriptversion (GNU Automake)"
exit $?
;;
-*)
echo 1>&2 "$0: unknown '$1' option"
echo 1>&2 "Try '$0 --help' for more information"
exit 1
;;
esac
# Run the given program, remember its exit status.
"$@"; st=$?
# If it succeeded, we are done.
test $st -eq 0 && exit 0
# Also exit now if we it failed (or wasn't found), and '--version' was
# passed; such an option is passed most likely to detect whether the
# program is present and works.
case $2 in --version|--help) exit $st;; esac
# Exit code 63 means version mismatch. This often happens when the user
# tries to use an ancient version of a tool on a file that requires a
# minimum version.
if test $st -eq 63; then
msg="probably too old"
elif test $st -eq 127; then
# Program was missing.
msg="missing on your system"
else
# Program was found and executed, but failed. Give up.
exit $st
fi
perl_URL=https://www.perl.org/
flex_URL=https://github.com/westes/flex
gnu_software_URL=https://www.gnu.org/software
program_details ()
{
case $1 in
aclocal|automake)
echo "The '$1' program is part of the GNU Automake package:"
echo "<$gnu_software_URL/automake>"
echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:"
echo "<$gnu_software_URL/autoconf>"
echo "<$gnu_software_URL/m4/>"
echo "<$perl_URL>"
;;
autoconf|autom4te|autoheader)
echo "The '$1' program is part of the GNU Autoconf package:"
echo "<$gnu_software_URL/autoconf/>"
echo "It also requires GNU m4 and Perl in order to run:"
echo "<$gnu_software_URL/m4/>"
echo "<$perl_URL>"
;;
esac
}
give_advice ()
{
# Normalize program name to check for.
normalized_program=`echo "$1" | sed '
s/^gnu-//; t
s/^gnu//; t
s/^g//; t'`
printf '%s\n' "'$1' is $msg."
configure_deps="'configure.ac' or m4 files included by 'configure.ac'"
case $normalized_program in
autoconf*)
echo "You should only need it if you modified 'configure.ac',"
echo "or m4 files included by it."
program_details 'autoconf'
;;
autoheader*)
echo "You should only need it if you modified 'acconfig.h' or"
echo "$configure_deps."
program_details 'autoheader'
;;
automake*)
echo "You should only need it if you modified 'Makefile.am' or"
echo "$configure_deps."
program_details 'automake'
;;
aclocal*)
echo "You should only need it if you modified 'acinclude.m4' or"
echo "$configure_deps."
program_details 'aclocal'
;;
autom4te*)
echo "You might have modified some maintainer files that require"
echo "the 'autom4te' program to be rebuilt."
program_details 'autom4te'
;;
bison*|yacc*)
echo "You should only need it if you modified a '.y' file."
echo "You may want to install the GNU Bison package:"
echo "<$gnu_software_URL/bison/>"
;;
lex*|flex*)
echo "You should only need it if you modified a '.l' file."
echo "You may want to install the Fast Lexical Analyzer package:"
echo "<$flex_URL>"
;;
help2man*)
echo "You should only need it if you modified a dependency" \
"of a man page."
echo "You may want to install the GNU Help2man package:"
echo "<$gnu_software_URL/help2man/>"
;;
makeinfo*)
echo "You should only need it if you modified a '.texi' file, or"
echo "any other file indirectly affecting the aspect of the manual."
echo "You might want to install the Texinfo package:"
echo "<$gnu_software_URL/texinfo/>"
echo "The spurious makeinfo call might also be the consequence of"
echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might"
echo "want to install GNU make:"
echo "<$gnu_software_URL/make/>"
;;
*)
echo "You might have modified some files without having the proper"
echo "tools for further handling them. Check the 'README' file, it"
echo "often tells you about the needed prerequisites for installing"
echo "this package. You may also peek at any GNU archive site, in"
echo "case some other package contains this missing '$1' program."
;;
esac
}
give_advice "$1" | sed -e '1s/^/WARNING: /' \
-e '2,$s/^/ /' >&2
# Propagate the correct exit status (expected to be 127 for a program
# not found, 63 for a program that failed due to version mismatch).
exit $st
# Local variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

BIN
pcap/icmp.pcap.gz Normal file
View file

Binary file not shown.

BIN
pcap/sample-bigendian.pcap.gz Normal file
View file

Binary file not shown.

BIN
pcap/sample-rfc1035escape.pcap.gz Normal file
View file

Binary file not shown.

BIN
pcap/sample.pcap.gz Normal file
View file

Binary file not shown.

47
src/Makefile.am Normal file
View file

@ -0,0 +1,47 @@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
SUBDIRS = test
AM_CXXFLAGS = -I$(srcdir) \
-I$(srcdir)/Murmur \
-I$(top_srcdir) \
$(libmaxminddb_CFLAGS)
bin_PROGRAMS = packetq
packetq_SOURCES = dns.cpp dns.h icmp.cpp icmp.h output.h packet_handler.cpp \
packet_handler.h packetq.cpp packetq.h pcap.cpp pcap.h reader.cpp \
reader.h refcountstring.h segzip.h server.cpp server.h sql.cpp sql.h \
tcp.cpp tcp.h variant.h
packetq_LDADD = $(libmaxminddb_LIBS)
dist_packetq_SOURCES = Murmur/MurmurHash3.cpp Murmur/MurmurHash3.h
EXTRA_DIST = regression-test.sh
if ENABLE_GCOV
gcov-local:
for src in $(packetq_SOURCES) $(dist_packetq_SOURCES); do \
gcov -l -r -s "$(srcdir)" "$$src"; \
done
endif

837
src/Makefile.in Normal file
View file

@ -0,0 +1,837 @@
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
VPATH = @srcdir@
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
*) echo "am__make_running_with_option: internal error: invalid" \
"target option '$${target_option-}' specified" >&2; \
exit 1;; \
esac; \
has_opt=no; \
sane_makeflags=$$MAKEFLAGS; \
if $(am__is_gnu_make); then \
sane_makeflags=$$MFLAGS; \
else \
case $$MAKEFLAGS in \
*\\[\ \ ]*) \
bs=\\; \
sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
| sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
esac; \
fi; \
skip_next=no; \
strip_trailopt () \
{ \
flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
}; \
for flg in $$sane_makeflags; do \
test $$skip_next = yes && { skip_next=no; continue; }; \
case $$flg in \
*=*|--*) continue;; \
-*I) strip_trailopt 'I'; skip_next=yes;; \
-*I?*) strip_trailopt 'I';; \
-*O) strip_trailopt 'O'; skip_next=yes;; \
-*O?*) strip_trailopt 'O';; \
-*l) strip_trailopt 'l'; skip_next=yes;; \
-*l?*) strip_trailopt 'l';; \
-[dEDm]) skip_next=yes;; \
-[JT]) skip_next=yes;; \
esac; \
case $$flg in \
*$$target_option*) has_opt=yes; break;; \
esac; \
done; \
test $$has_opt = yes
am__make_dryrun = (target_option=n; $(am__make_running_with_option))
am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkglibexecdir = $(libexecdir)/@PACKAGE@
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
bin_PROGRAMS = packetq$(EXEEXT)
subdir = src
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_compiler_vendor.m4 \
$(top_srcdir)/m4/ax_prepend_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
am__installdirs = "$(DESTDIR)$(bindir)"
PROGRAMS = $(bin_PROGRAMS)
am_packetq_OBJECTS = dns.$(OBJEXT) icmp.$(OBJEXT) \
packet_handler.$(OBJEXT) packetq.$(OBJEXT) pcap.$(OBJEXT) \
reader.$(OBJEXT) server.$(OBJEXT) sql.$(OBJEXT) tcp.$(OBJEXT)
am__dirstamp = $(am__leading_dot)dirstamp
dist_packetq_OBJECTS = Murmur/MurmurHash3.$(OBJEXT)
packetq_OBJECTS = $(am_packetq_OBJECTS) $(dist_packetq_OBJECTS)
am__DEPENDENCIES_1 =
packetq_DEPENDENCIES = $(am__DEPENDENCIES_1)
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
am__v_P_1 = :
AM_V_GEN = $(am__v_GEN_@AM_V@)
am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
am__v_GEN_0 = @echo " GEN " $@;
am__v_GEN_1 =
AM_V_at = $(am__v_at_@AM_V@)
am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
am__v_at_0 = @
am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/dns.Po ./$(DEPDIR)/icmp.Po \
./$(DEPDIR)/packet_handler.Po ./$(DEPDIR)/packetq.Po \
./$(DEPDIR)/pcap.Po ./$(DEPDIR)/reader.Po \
./$(DEPDIR)/server.Po ./$(DEPDIR)/sql.Po ./$(DEPDIR)/tcp.Po \
Murmur/$(DEPDIR)/MurmurHash3.Po
am__mv = mv -f
CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS)
AM_V_CXX = $(am__v_CXX_@AM_V@)
am__v_CXX_ = $(am__v_CXX_@AM_DEFAULT_V@)
am__v_CXX_0 = @echo " CXX " $@;
am__v_CXX_1 =
CXXLD = $(CXX)
CXXLINK = $(CXXLD) $(AM_CXXFLAGS) $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) \
-o $@
AM_V_CXXLD = $(am__v_CXXLD_@AM_V@)
am__v_CXXLD_ = $(am__v_CXXLD_@AM_DEFAULT_V@)
am__v_CXXLD_0 = @echo " CXXLD " $@;
am__v_CXXLD_1 =
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
AM_V_CC = $(am__v_CC_@AM_V@)
am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
am__v_CC_0 = @echo " CC " $@;
am__v_CC_1 =
CCLD = $(CC)
LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_CCLD_1 =
SOURCES = $(packetq_SOURCES) $(dist_packetq_SOURCES)
DIST_SOURCES = $(packetq_SOURCES) $(dist_packetq_SOURCES)
RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
ctags-recursive dvi-recursive html-recursive info-recursive \
install-data-recursive install-dvi-recursive \
install-exec-recursive install-html-recursive \
install-info-recursive install-pdf-recursive \
install-ps-recursive install-recursive installcheck-recursive \
installdirs-recursive pdf-recursive ps-recursive \
tags-recursive uninstall-recursive
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
*) (install-info --version) >/dev/null 2>&1;; \
esac
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
am__recursive_targets = \
$(RECURSIVE_TARGETS) \
$(RECURSIVE_CLEAN_TARGETS) \
$(am__extra_recursive_targets)
AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
distdir distdir-am
am__extra_recursive_targets = gcov-recursive
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
config.h.in
# Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is
# *not* preserved.
am__uniquify_input = $(AWK) '\
BEGIN { nonempty = 0; } \
{ items[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in items) print i; }; } \
'
# Make sure the list of sources is unique. This is necessary because,
# e.g., the same source file might be shared among _SOURCES variables
# for different programs/libraries.
am__define_uniq_tagged_files = \
list='$(am__tagged_files)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | $(am__uniquify_input)`
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
$(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
sed_first='s,^\([^/]*\)/.*$$,\1,'; \
sed_rest='s,^[^/]*/*,,'; \
sed_last='s,^.*/\([^/]*\)$$,\1,'; \
sed_butlast='s,/*[^/]*$$,,'; \
while test -n "$$dir1"; do \
first=`echo "$$dir1" | sed -e "$$sed_first"`; \
if test "$$first" != "."; then \
if test "$$first" = ".."; then \
dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
else \
first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
if test "$$first2" = "$$first"; then \
dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
else \
dir2="../$$dir2"; \
fi; \
dir0="$$dir0"/"$$first"; \
fi; \
fi; \
dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
done; \
reldir="$$dir2"
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CXX = @CXX@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
GREP = @GREP@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
builddir = @builddir@
datadir = @datadir@
datarootdir = @datarootdir@
docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
libmaxminddb_CFLAGS = @libmaxminddb_CFLAGS@
libmaxminddb_LIBS = @libmaxminddb_LIBS@
localedir = @localedir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = *.gcda *.gcno *.gcov
SUBDIRS = test
AM_CXXFLAGS = -I$(srcdir) \
-I$(srcdir)/Murmur \
-I$(top_srcdir) \
$(libmaxminddb_CFLAGS)
packetq_SOURCES = dns.cpp dns.h icmp.cpp icmp.h output.h packet_handler.cpp \
packet_handler.h packetq.cpp packetq.h pcap.cpp pcap.h reader.cpp \
reader.h refcountstring.h segzip.h server.cpp server.h sql.cpp sql.h \
tcp.cpp tcp.h variant.h
packetq_LDADD = $(libmaxminddb_LIBS)
dist_packetq_SOURCES = Murmur/MurmurHash3.cpp Murmur/MurmurHash3.h
EXTRA_DIST = regression-test.sh
all: config.h
$(MAKE) $(AM_MAKEFLAGS) all-recursive
.SUFFIXES:
.SUFFIXES: .cpp .o .obj
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
&& { if test -f $@; then exit 0; else break; fi; }; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --foreign src/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
config.h: stamp-h1
@test -f $@ || rm -f stamp-h1
@test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
@rm -f stamp-h1
cd $(top_builddir) && $(SHELL) ./config.status src/config.h
$(srcdir)/config.h.in: $(am__configure_deps)
($(am__cd) $(top_srcdir) && $(AUTOHEADER))
rm -f stamp-h1
touch $@
distclean-hdr:
-rm -f config.h stamp-h1
install-binPROGRAMS: $(bin_PROGRAMS)
@$(NORMAL_INSTALL)
@list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
if test -n "$$list"; then \
echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \
$(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \
fi; \
for p in $$list; do echo "$$p $$p"; done | \
sed 's/$(EXEEXT)$$//' | \
while read p p1; do if test -f $$p \
; then echo "$$p"; echo "$$p"; else :; fi; \
done | \
sed -e 'p;s,.*/,,;n;h' \
-e 's|.*|.|' \
-e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
sed 'N;N;N;s,\n, ,g' | \
$(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
{ d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
if ($$2 == $$4) files[d] = files[d] " " $$1; \
else { print "f", $$3 "/" $$4, $$1; } } \
END { for (d in files) print "f", d, files[d] }' | \
while read type dir files; do \
if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
test -z "$$files" || { \
echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \
$(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
} \
; done
uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
files=`for p in $$list; do echo "$$p"; done | \
sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
-e 's/$$/$(EXEEXT)/' \
`; \
test -n "$$list" || exit 0; \
echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(bindir)" && rm -f $$files
clean-binPROGRAMS:
-test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
Murmur/$(am__dirstamp):
@$(MKDIR_P) Murmur
@: > Murmur/$(am__dirstamp)
Murmur/$(DEPDIR)/$(am__dirstamp):
@$(MKDIR_P) Murmur/$(DEPDIR)
@: > Murmur/$(DEPDIR)/$(am__dirstamp)
Murmur/MurmurHash3.$(OBJEXT): Murmur/$(am__dirstamp) \
Murmur/$(DEPDIR)/$(am__dirstamp)
packetq$(EXEEXT): $(packetq_OBJECTS) $(packetq_DEPENDENCIES) $(EXTRA_packetq_DEPENDENCIES)
@rm -f packetq$(EXEEXT)
$(AM_V_CXXLD)$(CXXLINK) $(packetq_OBJECTS) $(packetq_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
-rm -f Murmur/*.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icmp.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet_handler.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packetq.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pcap.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/reader.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sql.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcp.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@Murmur/$(DEPDIR)/MurmurHash3.Po@am__quote@ # am--include-marker
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@echo '# dummy' >$@-t && $(am__mv) $@-t $@
am--depfiles: $(am__depfiles_remade)
.cpp.o:
@am__fastdepCXX_TRUE@ $(AM_V_CXX)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@am__fastdepCXX_TRUE@ $(CXXCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
@am__fastdepCXX_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ $<
.cpp.obj:
@am__fastdepCXX_TRUE@ $(AM_V_CXX)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
@am__fastdepCXX_TRUE@ $(CXXCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
@am__fastdepCXX_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ $(AM_V_CXX)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCXX_FALSE@ DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCXX_FALSE@ $(AM_V_CXX@am__nodep@)$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
# This directory's subdirectories are mostly independent; you can cd
# into them and run 'make' without going through this Makefile.
# To change the values of 'make' variables: instead of editing Makefiles,
# (1) if the variable is set in 'config.status', edit 'config.status'
# (which will cause the Makefiles to be regenerated when you run 'make');
# (2) otherwise, pass the desired values on the 'make' command line.
$(am__recursive_targets):
@fail=; \
if $(am__make_keepgoing); then \
failcom='fail=yes'; \
else \
failcom='exit 1'; \
fi; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
case "$@" in \
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
*) list='$(SUBDIRS)' ;; \
esac; \
for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
gcov-local:
ID: $(am__tagged_files)
$(am__define_uniq_tagged_files); mkid -fID $$unique
tags: tags-recursive
TAGS: tags
tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
set x; \
here=`pwd`; \
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
include_option=--etags-include; \
empty_fix=.; \
else \
include_option=--include; \
empty_fix=; \
fi; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test ! -f $$subdir/TAGS || \
set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
$(am__define_uniq_tagged_files); \
shift; \
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
if test $$# -gt 0; then \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
"$$@" $$unique; \
else \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$unique; \
fi; \
fi
ctags: ctags-recursive
CTAGS: ctags
ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
$(am__define_uniq_tagged_files); \
test -z "$(CTAGS_ARGS)$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& $(am__cd) $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) "$$here"
cscopelist: cscopelist-recursive
cscopelist-am: $(am__tagged_files)
list='$(am__tagged_files)'; \
case "$(srcdir)" in \
[\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
*) sdir=$(subdir)/$(srcdir) ;; \
esac; \
for i in $$list; do \
if test -f "$$i"; then \
echo "$(subdir)/$$i"; \
else \
echo "$$sdir/$$i"; \
fi; \
done >> $(top_builddir)/cscope.files
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
dist_files=`for file in $$list; do echo $$file; done | \
sed -e "s|^$$srcdirstrip/||;t" \
-e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
case $$dist_files in \
*/*) $(MKDIR_P) `echo "$$dist_files" | \
sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
sort -u` ;; \
esac; \
for file in $$dist_files; do \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
if test -d $$d/$$file; then \
dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
if test -d "$(distdir)/$$file"; then \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
else \
test -f "$(distdir)/$$file" \
|| cp -p $$d/$$file "$(distdir)/$$file" \
|| exit 1; \
fi; \
done
@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
$(am__make_dryrun) \
|| test -d "$(distdir)/$$subdir" \
|| $(MKDIR_P) "$(distdir)/$$subdir" \
|| exit 1; \
dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
$(am__relativize); \
new_distdir=$$reldir; \
dir1=$$subdir; dir2="$(top_distdir)"; \
$(am__relativize); \
new_top_distdir=$$reldir; \
echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
($(am__cd) $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$$new_top_distdir" \
distdir="$$new_distdir" \
am__remove_distdir=: \
am__skip_length_check=: \
am__skip_mode_fix=: \
distdir) \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-recursive
all-am: Makefile $(PROGRAMS) config.h
installdirs: installdirs-recursive
installdirs-am:
for dir in "$(DESTDIR)$(bindir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-recursive
install-exec: install-exec-recursive
install-data: install-data-recursive
uninstall: uninstall-recursive
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-recursive
install-strip:
if test -z '$(STRIP)'; then \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic:
clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
-rm -f Murmur/$(DEPDIR)/$(am__dirstamp)
-rm -f Murmur/$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
@ENABLE_GCOV_FALSE@gcov-local:
clean: clean-recursive
clean-am: clean-binPROGRAMS clean-generic mostlyclean-am
distclean: distclean-recursive
-rm -f ./$(DEPDIR)/dns.Po
-rm -f ./$(DEPDIR)/icmp.Po
-rm -f ./$(DEPDIR)/packet_handler.Po
-rm -f ./$(DEPDIR)/packetq.Po
-rm -f ./$(DEPDIR)/pcap.Po
-rm -f ./$(DEPDIR)/reader.Po
-rm -f ./$(DEPDIR)/server.Po
-rm -f ./$(DEPDIR)/sql.Po
-rm -f ./$(DEPDIR)/tcp.Po
-rm -f Murmur/$(DEPDIR)/MurmurHash3.Po
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-hdr distclean-tags
dvi: dvi-recursive
dvi-am:
gcov: gcov-recursive
gcov-am: gcov-local
html: html-recursive
html-am:
info: info-recursive
info-am:
install-data-am:
install-dvi: install-dvi-recursive
install-dvi-am:
install-exec-am: install-binPROGRAMS
install-html: install-html-recursive
install-html-am:
install-info: install-info-recursive
install-info-am:
install-man:
install-pdf: install-pdf-recursive
install-pdf-am:
install-ps: install-ps-recursive
install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-recursive
-rm -f ./$(DEPDIR)/dns.Po
-rm -f ./$(DEPDIR)/icmp.Po
-rm -f ./$(DEPDIR)/packet_handler.Po
-rm -f ./$(DEPDIR)/packetq.Po
-rm -f ./$(DEPDIR)/pcap.Po
-rm -f ./$(DEPDIR)/reader.Po
-rm -f ./$(DEPDIR)/server.Po
-rm -f ./$(DEPDIR)/sql.Po
-rm -f ./$(DEPDIR)/tcp.Po
-rm -f Murmur/$(DEPDIR)/MurmurHash3.Po
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-recursive
mostlyclean-am: mostlyclean-compile mostlyclean-generic
pdf: pdf-recursive
pdf-am:
ps: ps-recursive
ps-am:
uninstall-am: uninstall-binPROGRAMS
.MAKE: $(am__recursive_targets) all install-am install-strip
.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
am--depfiles check check-am clean clean-binPROGRAMS \
clean-generic cscopelist-am ctags ctags-am distclean \
distclean-compile distclean-generic distclean-hdr \
distclean-tags distdir dvi dvi-am gcov-am gcov-local html \
html-am info info-am install install-am install-binPROGRAMS \
install-data install-data-am install-dvi install-dvi-am \
install-exec install-exec-am install-html install-html-am \
install-info install-info-am install-man install-pdf \
install-pdf-am install-ps install-ps-am install-strip \
installcheck installcheck-am installdirs installdirs-am \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-binPROGRAMS
.PRECIOUS: Makefile
@ENABLE_GCOV_TRUE@gcov-local:
@ENABLE_GCOV_TRUE@ for src in $(packetq_SOURCES) $(dist_packetq_SOURCES); do \
@ENABLE_GCOV_TRUE@ gcov -l -r -s "$(srcdir)" "$$src"; \
@ENABLE_GCOV_TRUE@ done
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

335
src/Murmur/MurmurHash3.cpp Normal file
View file

@ -0,0 +1,335 @@
//-----------------------------------------------------------------------------
// MurmurHash3 was written by Austin Appleby, and is placed in the public
// domain. The author hereby disclaims copyright to this source code.
// Note - The x86 and x64 versions do _not_ produce the same results, as the
// algorithms are optimized for their respective platforms. You can still
// compile and run any of them on any platform, but your performance with the
// non-native version will be less than optimal.
#include "MurmurHash3.h"
//-----------------------------------------------------------------------------
// Platform-specific functions and macros
// Microsoft Visual Studio
#if defined(_MSC_VER)
#define FORCE_INLINE __forceinline
#include <stdlib.h>
#define ROTL32(x,y) _rotl(x,y)
#define ROTL64(x,y) _rotl64(x,y)
#define BIG_CONSTANT(x) (x)
// Other compilers
#else // defined(_MSC_VER)
#define FORCE_INLINE inline __attribute__((always_inline))
inline uint32_t rotl32 ( uint32_t x, int8_t r )
{
return (x << r) | (x >> (32 - r));
}
inline uint64_t rotl64 ( uint64_t x, int8_t r )
{
return (x << r) | (x >> (64 - r));
}
#define ROTL32(x,y) rotl32(x,y)
#define ROTL64(x,y) rotl64(x,y)
#define BIG_CONSTANT(x) (x##LLU)
#endif // !defined(_MSC_VER)
//-----------------------------------------------------------------------------
// Block read - if your platform needs to do endian-swapping or can only
// handle aligned reads, do the conversion here
FORCE_INLINE uint32_t getblock32 ( const uint32_t * p, int i )
{
return p[i];
}
FORCE_INLINE uint64_t getblock64 ( const uint64_t * p, int i )
{
return p[i];
}
//-----------------------------------------------------------------------------
// Finalization mix - force all bits of a hash block to avalanche
FORCE_INLINE uint32_t fmix32 ( uint32_t h )
{
h ^= h >> 16;
h *= 0x85ebca6b;
h ^= h >> 13;
h *= 0xc2b2ae35;
h ^= h >> 16;
return h;
}
//----------
FORCE_INLINE uint64_t fmix64 ( uint64_t k )
{
k ^= k >> 33;
k *= BIG_CONSTANT(0xff51afd7ed558ccd);
k ^= k >> 33;
k *= BIG_CONSTANT(0xc4ceb9fe1a85ec53);
k ^= k >> 33;
return k;
}
//-----------------------------------------------------------------------------
void MurmurHash3_x86_32 ( const void * key, int len,
uint32_t seed, void * out )
{
const uint8_t * data = (const uint8_t*)key;
const int nblocks = len / 4;
uint32_t h1 = seed;
const uint32_t c1 = 0xcc9e2d51;
const uint32_t c2 = 0x1b873593;
//----------
// body
const uint32_t * blocks = (const uint32_t *)(data + nblocks*4);
for(int i = -nblocks; i; i++)
{
uint32_t k1 = getblock32(blocks,i);
k1 *= c1;
k1 = ROTL32(k1,15);
k1 *= c2;
h1 ^= k1;
h1 = ROTL32(h1,13);
h1 = h1*5+0xe6546b64;
}
//----------
// tail
const uint8_t * tail = (const uint8_t*)(data + nblocks*4);
uint32_t k1 = 0;
switch(len & 3)
{
case 3: k1 ^= tail[2] << 16;
case 2: k1 ^= tail[1] << 8;
case 1: k1 ^= tail[0];
k1 *= c1; k1 = ROTL32(k1,15); k1 *= c2; h1 ^= k1;
};
//----------
// finalization
h1 ^= len;
h1 = fmix32(h1);
*(uint32_t*)out = h1;
}
//-----------------------------------------------------------------------------
void MurmurHash3_x86_128 ( const void * key, const int len,
uint32_t seed, void * out )
{
const uint8_t * data = (const uint8_t*)key;
const int nblocks = len / 16;
uint32_t h1 = seed;
uint32_t h2 = seed;
uint32_t h3 = seed;
uint32_t h4 = seed;
const uint32_t c1 = 0x239b961b;
const uint32_t c2 = 0xab0e9789;
const uint32_t c3 = 0x38b34ae5;
const uint32_t c4 = 0xa1e38b93;
//----------
// body
const uint32_t * blocks = (const uint32_t *)(data + nblocks*16);
for(int i = -nblocks; i; i++)
{
uint32_t k1 = getblock32(blocks,i*4+0);
uint32_t k2 = getblock32(blocks,i*4+1);
uint32_t k3 = getblock32(blocks,i*4+2);
uint32_t k4 = getblock32(blocks,i*4+3);
k1 *= c1; k1 = ROTL32(k1,15); k1 *= c2; h1 ^= k1;
h1 = ROTL32(h1,19); h1 += h2; h1 = h1*5+0x561ccd1b;
k2 *= c2; k2 = ROTL32(k2,16); k2 *= c3; h2 ^= k2;
h2 = ROTL32(h2,17); h2 += h3; h2 = h2*5+0x0bcaa747;
k3 *= c3; k3 = ROTL32(k3,17); k3 *= c4; h3 ^= k3;
h3 = ROTL32(h3,15); h3 += h4; h3 = h3*5+0x96cd1c35;
k4 *= c4; k4 = ROTL32(k4,18); k4 *= c1; h4 ^= k4;
h4 = ROTL32(h4,13); h4 += h1; h4 = h4*5+0x32ac3b17;
}
//----------
// tail
const uint8_t * tail = (const uint8_t*)(data + nblocks*16);
uint32_t k1 = 0;
uint32_t k2 = 0;
uint32_t k3 = 0;
uint32_t k4 = 0;
switch(len & 15)
{
case 15: k4 ^= tail[14] << 16;
case 14: k4 ^= tail[13] << 8;
case 13: k4 ^= tail[12] << 0;
k4 *= c4; k4 = ROTL32(k4,18); k4 *= c1; h4 ^= k4;
case 12: k3 ^= tail[11] << 24;
case 11: k3 ^= tail[10] << 16;
case 10: k3 ^= tail[ 9] << 8;
case 9: k3 ^= tail[ 8] << 0;
k3 *= c3; k3 = ROTL32(k3,17); k3 *= c4; h3 ^= k3;
case 8: k2 ^= tail[ 7] << 24;
case 7: k2 ^= tail[ 6] << 16;
case 6: k2 ^= tail[ 5] << 8;
case 5: k2 ^= tail[ 4] << 0;
k2 *= c2; k2 = ROTL32(k2,16); k2 *= c3; h2 ^= k2;
case 4: k1 ^= tail[ 3] << 24;
case 3: k1 ^= tail[ 2] << 16;
case 2: k1 ^= tail[ 1] << 8;
case 1: k1 ^= tail[ 0] << 0;
k1 *= c1; k1 = ROTL32(k1,15); k1 *= c2; h1 ^= k1;
};
//----------
// finalization
h1 ^= len; h2 ^= len; h3 ^= len; h4 ^= len;
h1 += h2; h1 += h3; h1 += h4;
h2 += h1; h3 += h1; h4 += h1;
h1 = fmix32(h1);
h2 = fmix32(h2);
h3 = fmix32(h3);
h4 = fmix32(h4);
h1 += h2; h1 += h3; h1 += h4;
h2 += h1; h3 += h1; h4 += h1;
((uint32_t*)out)[0] = h1;
((uint32_t*)out)[1] = h2;
((uint32_t*)out)[2] = h3;
((uint32_t*)out)[3] = h4;
}
//-----------------------------------------------------------------------------
void MurmurHash3_x64_128 ( const void * key, const int len,
const uint32_t seed, void * out )
{
const uint8_t * data = (const uint8_t*)key;
const int nblocks = len / 16;
uint64_t h1 = seed;
uint64_t h2 = seed;
const uint64_t c1 = BIG_CONSTANT(0x87c37b91114253d5);
const uint64_t c2 = BIG_CONSTANT(0x4cf5ad432745937f);
//----------
// body
const uint64_t * blocks = (const uint64_t *)(data);
for(int i = 0; i < nblocks; i++)
{
uint64_t k1 = getblock64(blocks,i*2+0);
uint64_t k2 = getblock64(blocks,i*2+1);
k1 *= c1; k1 = ROTL64(k1,31); k1 *= c2; h1 ^= k1;
h1 = ROTL64(h1,27); h1 += h2; h1 = h1*5+0x52dce729;
k2 *= c2; k2 = ROTL64(k2,33); k2 *= c1; h2 ^= k2;
h2 = ROTL64(h2,31); h2 += h1; h2 = h2*5+0x38495ab5;
}
//----------
// tail
const uint8_t * tail = (const uint8_t*)(data + nblocks*16);
uint64_t k1 = 0;
uint64_t k2 = 0;
switch(len & 15)
{
case 15: k2 ^= ((uint64_t)tail[14]) << 48;
case 14: k2 ^= ((uint64_t)tail[13]) << 40;
case 13: k2 ^= ((uint64_t)tail[12]) << 32;
case 12: k2 ^= ((uint64_t)tail[11]) << 24;
case 11: k2 ^= ((uint64_t)tail[10]) << 16;
case 10: k2 ^= ((uint64_t)tail[ 9]) << 8;
case 9: k2 ^= ((uint64_t)tail[ 8]) << 0;
k2 *= c2; k2 = ROTL64(k2,33); k2 *= c1; h2 ^= k2;
case 8: k1 ^= ((uint64_t)tail[ 7]) << 56;
case 7: k1 ^= ((uint64_t)tail[ 6]) << 48;
case 6: k1 ^= ((uint64_t)tail[ 5]) << 40;
case 5: k1 ^= ((uint64_t)tail[ 4]) << 32;
case 4: k1 ^= ((uint64_t)tail[ 3]) << 24;
case 3: k1 ^= ((uint64_t)tail[ 2]) << 16;
case 2: k1 ^= ((uint64_t)tail[ 1]) << 8;
case 1: k1 ^= ((uint64_t)tail[ 0]) << 0;
k1 *= c1; k1 = ROTL64(k1,31); k1 *= c2; h1 ^= k1;
};
//----------
// finalization
h1 ^= len; h2 ^= len;
h1 += h2;
h2 += h1;
h1 = fmix64(h1);
h2 = fmix64(h2);
h1 += h2;
h2 += h1;
((uint64_t*)out)[0] = h1;
((uint64_t*)out)[1] = h2;
}
//-----------------------------------------------------------------------------

37
src/Murmur/MurmurHash3.h Normal file
View file

@ -0,0 +1,37 @@
//-----------------------------------------------------------------------------
// MurmurHash3 was written by Austin Appleby, and is placed in the public
// domain. The author hereby disclaims copyright to this source code.
#ifndef _MURMURHASH3_H_
#define _MURMURHASH3_H_
//-----------------------------------------------------------------------------
// Platform-specific functions and macros
// Microsoft Visual Studio
#if defined(_MSC_VER)
typedef unsigned char uint8_t;
typedef unsigned long uint32_t;
typedef unsigned __int64 uint64_t;
// Other compilers
#else // defined(_MSC_VER)
#include <stdint.h>
#endif // !defined(_MSC_VER)
//-----------------------------------------------------------------------------
void MurmurHash3_x86_32 ( const void * key, int len, uint32_t seed, void * out );
void MurmurHash3_x86_128 ( const void * key, int len, uint32_t seed, void * out );
void MurmurHash3_x64_128 ( const void * key, int len, uint32_t seed, void * out );
//-----------------------------------------------------------------------------
#endif // _MURMURHASH3_H_

137
src/config.h.in Normal file
View file

@ -0,0 +1,137 @@
/* src/config.h.in. Generated from configure.ac by autoheader. */
/* Define to 1 if you have the <arpa/inet.h> header file. */
#undef HAVE_ARPA_INET_H
/* Define to 1 if you have the `bzero' function. */
#undef HAVE_BZERO
/* Define to 1 if you have the `dup2' function. */
#undef HAVE_DUP2
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have libmaxminddb. */
#undef HAVE_LIBMAXMINDDB
/* Define to 1 if you have the `nsl' library (-lnsl). */
#undef HAVE_LIBNSL
/* Define to 1 if you have the `socket' library (-lsocket). */
#undef HAVE_LIBSOCKET
/* Define to 1 if you have the `z' library (-lz). */
#undef HAVE_LIBZ
/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
/* Define to 1 if you have the `mkdir' function. */
#undef HAVE_MKDIR
/* Define to 1 if you have the <netinet/in.h> header file. */
#undef HAVE_NETINET_IN_H
/* has net/ethernet.h header */
#undef HAVE_NET_ETHERNET_H
/* has net/ethertypes.h header */
#undef HAVE_NET_ETHERTYPES_H
/* Define to 1 if your system has a GNU libc compatible `realloc' function,
and to 0 otherwise. */
#undef HAVE_REALLOC
/* Define to 1 if you have the `regcomp' function. */
#undef HAVE_REGCOMP
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdio.h> header file. */
#undef HAVE_STDIO_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
/* Define to 1 if you have the `strdup' function. */
#undef HAVE_STRDUP
/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
/* Define to 1 if you have the `strftime' function. */
#undef HAVE_STRFTIME
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if you have the `strtoul' function. */
#undef HAVE_STRTOUL
/* Define to 1 if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
/* Define to 1 if you have the <sys/socket.h> header file. */
#undef HAVE_SYS_SOCKET_H
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/time.h> header file. */
#undef HAVE_SYS_TIME_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* Name of package */
#undef PACKAGE
/* Define to the address where bug reports for this package should be sent. */
#undef PACKAGE_BUGREPORT
/* Define to the full name of this package. */
#undef PACKAGE_NAME
/* Define to the full name and version of this package. */
#undef PACKAGE_STRING
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the home page for this package. */
#undef PACKAGE_URL
/* Define to the version of this package. */
#undef PACKAGE_VERSION
/* Define to 1 if all of the C90 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. This
macro is obsolete. */
#undef TIME_WITH_SYS_TIME
/* Version number of package */
#undef VERSION
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to rpl_realloc if the replacement function should be used. */
#undef realloc
/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t

456
src/dns.cpp Normal file
View file

@ -0,0 +1,456 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "dns.h"
#include "output.h"
#include "packet_handler.h"
#include "packetq.h"
#include "tcp.h"
#include <cctype>
#include <stdio.h>
#include <stdlib.h>
namespace packetq {
char visible_char_map[256];
void fill_in_visible_char_map()
{
for (int i = 0; i < 256; ++i) {
visible_char_map[i] = isgraph(i) ? i : '$';
}
}
void fill_in_visible_char_map_rfc1035()
{
for (int i = 0; i < 256; ++i) {
if ((i >= 'a' && i <= 'z')
|| (i >= 'A' && i <= 'Z')
|| (i >= '0' && i <= '9')
|| (i == '-' || i == '_')) {
visible_char_map[i] = i;
} else { // espaping needed
visible_char_map[i] = 0;
}
}
}
Parse_dns::Parse_dns(bool escape_dnsnames)
{
if (escape_dnsnames) {
fill_in_visible_char_map_rfc1035();
} else {
fill_in_visible_char_map();
}
table_name = "dns";
add_packet_columns();
add_lookup_tables();
}
void Parse_dns::add_packet_columns()
{
m_ip_helper.add_packet_columns(*this);
add_packet_column("qname", "", Coltype::_text, COLUMN_QNAME);
add_packet_column("aname", "", Coltype::_text, COLUMN_ANAME);
add_packet_column("msg_id", "", Coltype::_int, COLUMN_MSG_ID);
add_packet_column("msg_size", "", Coltype::_int, COLUMN_MSG_SIZE);
add_packet_column("opcode", "", Coltype::_int, COLUMN_OPCODE);
add_packet_column("rcode", "", Coltype::_int, COLUMN_RCODE);
add_packet_column("extended_rcode", "", Coltype::_int, COLUMN_EXTENDED_RCODE);
add_packet_column("edns_version", "", Coltype::_int, COLUMN_EDNS_VERSION);
add_packet_column("z", "", Coltype::_int, COLUMN_Z);
add_packet_column("udp_size", "", Coltype::_int, COLUMN_UDP_SIZE);
add_packet_column("qd_count", "", Coltype::_int, COLUMN_QD_COUNT);
add_packet_column("an_count", "", Coltype::_int, COLUMN_AN_COUNT);
add_packet_column("ns_count", "", Coltype::_int, COLUMN_NS_COUNT);
add_packet_column("ar_count", "", Coltype::_int, COLUMN_AR_COUNT);
add_packet_column("qtype", "", Coltype::_int, COLUMN_QTYPE);
add_packet_column("qclass", "", Coltype::_int, COLUMN_QCLASS);
add_packet_column("qlabels", "", Coltype::_int, COLUMN_QLABELS);
add_packet_column("atype", "", Coltype::_int, COLUMN_ATYPE);
add_packet_column("aclass", "", Coltype::_int, COLUMN_ACLASS);
add_packet_column("attl", "", Coltype::_int, COLUMN_ATTL);
add_packet_column("alabels", "", Coltype::_int, COLUMN_ALABELS);
add_packet_column("aa", "", Coltype::_bool, COLUMN_AA);
add_packet_column("tc", "", Coltype::_bool, COLUMN_TC);
add_packet_column("rd", "", Coltype::_bool, COLUMN_RD);
add_packet_column("cd", "", Coltype::_bool, COLUMN_CD);
add_packet_column("ra", "", Coltype::_bool, COLUMN_RA);
add_packet_column("ad", "", Coltype::_bool, COLUMN_AD);
add_packet_column("do", "", Coltype::_bool, COLUMN_DO);
add_packet_column("edns0", "", Coltype::_bool, COLUMN_EDNS0);
add_packet_column("qr", "", Coltype::_bool, COLUMN_QR);
add_packet_column("edns0_ecs", "", Coltype::_bool, COLUMN_EDNS0_ECS);
add_packet_column("edns0_ecs_family", "", Coltype::_int, COLUMN_EDNS0_ECS_FAMILY);
add_packet_column("edns0_ecs_source", "", Coltype::_int, COLUMN_EDNS0_ECS_SOURCE);
add_packet_column("edns0_ecs_scope", "", Coltype::_int, COLUMN_EDNS0_ECS_SCOPE);
add_packet_column("edns0_ecs_address", "", Coltype::_text, COLUMN_EDNS0_ECS_ADDRESS);
}
void Parse_dns::add_lookup_tables()
{
g_db.add_lut("qtype", 1, "A");
g_db.add_lut("qtype", 2, "NS");
g_db.add_lut("qtype", 3, "MD");
g_db.add_lut("qtype", 4, "MF");
g_db.add_lut("qtype", 5, "CNAME");
g_db.add_lut("qtype", 6, "SOA");
g_db.add_lut("qtype", 7, "MB");
g_db.add_lut("qtype", 8, "MG");
g_db.add_lut("qtype", 9, "MR");
g_db.add_lut("qtype", 10, "NULL");
g_db.add_lut("qtype", 11, "WKS");
g_db.add_lut("qtype", 12, "PTR");
g_db.add_lut("qtype", 13, "HINFO");
g_db.add_lut("qtype", 14, "MINFO");
g_db.add_lut("qtype", 15, "MX");
g_db.add_lut("qtype", 16, "TXT");
g_db.add_lut("qtype", 17, "RP");
g_db.add_lut("qtype", 18, "AFSDB");
g_db.add_lut("qtype", 19, "X25");
g_db.add_lut("qtype", 20, "ISDN");
g_db.add_lut("qtype", 21, "RT");
g_db.add_lut("qtype", 22, "NSAP");
g_db.add_lut("qtype", 23, "NSAP-PTR");
g_db.add_lut("qtype", 24, "SIG");
g_db.add_lut("qtype", 25, "KEY");
g_db.add_lut("qtype", 26, "PX");
g_db.add_lut("qtype", 27, "GPOS");
g_db.add_lut("qtype", 28, "AAAA");
g_db.add_lut("qtype", 29, "LOC");
g_db.add_lut("qtype", 30, "NXT");
g_db.add_lut("qtype", 31, "EID");
g_db.add_lut("qtype", 32, "NIMLOC");
g_db.add_lut("qtype", 33, "SRV");
g_db.add_lut("qtype", 34, "ATMA");
g_db.add_lut("qtype", 35, "NAPTR");
g_db.add_lut("qtype", 36, "KX");
g_db.add_lut("qtype", 37, "CERT");
g_db.add_lut("qtype", 38, "A6");
g_db.add_lut("qtype", 39, "DNAME");
g_db.add_lut("qtype", 40, "SINK");
g_db.add_lut("qtype", 41, "OPT");
g_db.add_lut("qtype", 42, "APL");
g_db.add_lut("qtype", 43, "DS");
g_db.add_lut("qtype", 44, "SSHFP");
g_db.add_lut("qtype", 45, "IPSECKEY");
g_db.add_lut("qtype", 46, "RRSIG");
g_db.add_lut("qtype", 47, "NSEC");
g_db.add_lut("qtype", 48, "DNSKEY");
g_db.add_lut("qtype", 49, "DHCID");
g_db.add_lut("qtype", 50, "NSEC3");
g_db.add_lut("qtype", 51, "NSEC3PARAM");
g_db.add_lut("qtype", 52, "TLSA");
g_db.add_lut("qtype", 53, "SMIMEA");
g_db.add_lut("qtype", 55, "HIP");
g_db.add_lut("qtype", 56, "NINFO");
g_db.add_lut("qtype", 57, "RKEY");
g_db.add_lut("qtype", 58, "TALINK");
g_db.add_lut("qtype", 59, "CDS");
g_db.add_lut("qtype", 60, "CDNSKEY");
g_db.add_lut("qtype", 61, "OPENPGPKEY");
g_db.add_lut("qtype", 62, "CSYNC");
g_db.add_lut("qtype", 63, "ZONEMD");
g_db.add_lut("qtype", 64, "SVCB");
g_db.add_lut("qtype", 65, "HTTPS");
g_db.add_lut("qtype", 99, "SPF");
g_db.add_lut("qtype", 100, "UINFO");
g_db.add_lut("qtype", 101, "UID");
g_db.add_lut("qtype", 102, "GID");
g_db.add_lut("qtype", 103, "UNSPEC");
g_db.add_lut("qtype", 104, "NID");
g_db.add_lut("qtype", 105, "L32");
g_db.add_lut("qtype", 106, "L64");
g_db.add_lut("qtype", 107, "LP");
g_db.add_lut("qtype", 108, "EUI48");
g_db.add_lut("qtype", 109, "EUI64");
g_db.add_lut("qtype", 249, "TKEY");
g_db.add_lut("qtype", 250, "TSIG");
g_db.add_lut("qtype", 251, "IXFR");
g_db.add_lut("qtype", 252, "AXFR");
g_db.add_lut("qtype", 253, "MAILB");
g_db.add_lut("qtype", 254, "MAILA");
g_db.add_lut("qtype", 255, "*");
g_db.add_lut("qtype", 256, "URI");
g_db.add_lut("qtype", 257, "CAA");
g_db.add_lut("qtype", 258, "AVC");
g_db.add_lut("qtype", 259, "DOA");
g_db.add_lut("qtype", 260, "AMTRELAY");
g_db.add_lut("qtype", 32768, "TA");
g_db.add_lut("qtype", 32769, "DLV");
g_db.add_lut("rcode", 0, "NoError");
g_db.add_lut("rcode", 1, "FormErr");
g_db.add_lut("rcode", 2, "ServFail");
g_db.add_lut("rcode", 3, "NXDomain");
g_db.add_lut("rcode", 4, "NotImp");
g_db.add_lut("rcode", 5, "Refused");
g_db.add_lut("rcode", 6, "YXDomain");
g_db.add_lut("rcode", 7, "YXRRSet");
g_db.add_lut("rcode", 8, "NXRRSet");
g_db.add_lut("rcode", 9, "NotAuth");
g_db.add_lut("rcode", 10, "NotZone");
g_db.add_lut("rcode", 16, "BADVERS");
g_db.add_lut("rcode", 16, "BADSIG");
g_db.add_lut("rcode", 17, "BADKEY");
g_db.add_lut("rcode", 18, "BADTIME");
g_db.add_lut("rcode", 19, "BADMODE");
g_db.add_lut("rcode", 20, "BADNAME");
g_db.add_lut("rcode", 21, "BADALG");
g_db.add_lut("rcode", 22, "BADTRUNC");
}
void Parse_dns::on_table_created(Table* table, const std::vector<int>& columns)
{
m_ip_helper.on_table_created(table, columns);
acc_msg_id = table->get_accessor<int_column>("msg_id");
acc_msg_size = table->get_accessor<int_column>("msg_size");
acc_opcode = table->get_accessor<int_column>("opcode");
acc_rcode = table->get_accessor<int_column>("rcode");
acc_extended_rcode = table->get_accessor<int_column>("extended_rcode");
acc_edns_version = table->get_accessor<int_column>("edns_version");
acc_z = table->get_accessor<int_column>("z");
acc_udp_size = table->get_accessor<int_column>("udp_size");
acc_qd_count = table->get_accessor<int_column>("qd_count");
acc_an_count = table->get_accessor<int_column>("an_count");
acc_ns_count = table->get_accessor<int_column>("ns_count");
acc_ar_count = table->get_accessor<int_column>("ar_count");
acc_qtype = table->get_accessor<int_column>("qtype");
acc_qclass = table->get_accessor<int_column>("qclass");
acc_qlabels = table->get_accessor<int_column>("qlabels");
acc_atype = table->get_accessor<int_column>("atype");
acc_aclass = table->get_accessor<int_column>("aclass");
acc_attl = table->get_accessor<int_column>("attl");
acc_alabels = table->get_accessor<int_column>("alabels");
acc_qr = table->get_accessor<bool_column>("qr");
acc_aa = table->get_accessor<bool_column>("aa");
acc_tc = table->get_accessor<bool_column>("tc");
acc_rd = table->get_accessor<bool_column>("rd");
acc_cd = table->get_accessor<bool_column>("cd");
acc_ra = table->get_accessor<bool_column>("ra");
acc_ad = table->get_accessor<bool_column>("ad");
acc_do = table->get_accessor<bool_column>("do");
acc_edns0 = table->get_accessor<bool_column>("edns0");
acc_qname = table->get_accessor<text_column>("qname");
acc_aname = table->get_accessor<text_column>("aname");
acc_edns0_ecs = table->get_accessor<bool_column>("edns0_ecs");
acc_edns0_ecs_family = table->get_accessor<int_column>("edns0_ecs_family");
acc_edns0_ecs_source = table->get_accessor<int_column>("edns0_ecs_source");
acc_edns0_ecs_scope = table->get_accessor<int_column>("edns0_ecs_scope");
acc_edns0_ecs_address = table->get_accessor<text_column>("edns0_ecs_address");
}
Packet::ParseResult Parse_dns::parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample)
{
if (not(packet.m_len >= 12 && (packet.m_ip_header.proto == IPPROTO_UDP || packet.m_ip_header.proto == IPPROTO_TCP)))
return Packet::ERROR;
if (!sample)
return Packet::NOT_SAMPLED;
unsigned char* ddata = packet.m_data;
int dlength = packet.m_len;
if (packet.m_ip_header.proto == IPPROTO_TCP) {
int dns_size = (int(ddata[0]) << 8) | ddata[1];
ddata += 2;
dlength -= 2;
if (dns_size != dlength)
return Packet::ERROR;
}
DNSMessage message(ddata, dlength, packet.m_ip_header);
DNSMessage::Header& header = message.m_header;
IP_header& ip_header = message.m_ip_header;
if (message.m_error != 0)
return Packet::ERROR;
if (!header.qr and header.qdcount == 0)
return Packet::ERROR;
Row* r = &destination_row;
m_ip_helper.assign(r, &ip_header, columns);
for (auto i = columns.begin(), end = columns.end(); i != end; ++i) {
switch (*i) {
case COLUMN_MSG_ID:
acc_msg_id.value(r) = header.id;
break;
case COLUMN_MSG_SIZE:
acc_msg_size.value(r) = message.m_length;
break;
case COLUMN_QR:
acc_qr.value(r) = header.qr;
break;
case COLUMN_AA:
acc_aa.value(r) = header.aa;
break;
case COLUMN_TC:
acc_tc.value(r) = header.tc;
break;
case COLUMN_RD:
acc_rd.value(r) = header.rd;
break;
case COLUMN_CD:
acc_cd.value(r) = header.cd;
break;
case COLUMN_RA:
acc_ra.value(r) = header.ra;
break;
case COLUMN_AD:
acc_ad.value(r) = header.ad;
break;
case COLUMN_OPCODE:
acc_opcode.value(r) = header.opcode;
break;
case COLUMN_RCODE:
acc_rcode.value(r) = header.rcode;
break;
case COLUMN_QD_COUNT:
acc_qd_count.value(r) = header.qdcount;
break;
case COLUMN_AN_COUNT:
acc_an_count.value(r) = header.ancount;
break;
case COLUMN_NS_COUNT:
acc_ns_count.value(r) = header.nscount;
break;
case COLUMN_AR_COUNT:
acc_ar_count.value(r) = header.arcount;
break;
case COLUMN_QTYPE:
acc_qtype.value(r) = message.m_questions[0].qtype;
break;
case COLUMN_QCLASS:
acc_qclass.value(r) = message.m_questions[0].qclass;
break;
case COLUMN_QLABELS:
acc_qlabels.value(r) = message.m_questions[0].qname.labels;
break;
case COLUMN_QNAME:
acc_qname.value(r) = RefCountString::construct(message.m_questions[0].qname.fqdn);
break;
case COLUMN_EDNS0:
acc_edns0.value(r) = message.m_edns0 ? 1 : 0;
break;
case COLUMN_DO:
acc_do.value(r) = message.m_edns0 ? message.m_do : 0;
break;
case COLUMN_EXTENDED_RCODE:
acc_extended_rcode.value(r) = message.m_edns0 ? message.m_extended_rcode : 0;
break;
case COLUMN_EDNS_VERSION:
acc_edns_version.value(r) = message.m_edns0 ? message.m_edns_version : 0;
break;
case COLUMN_Z:
acc_z.value(r) = message.m_edns0 ? message.m_z : 0;
break;
case COLUMN_UDP_SIZE:
acc_udp_size.value(r) = message.m_edns0 ? message.m_udp_size : 0;
break;
case COLUMN_ANAME:
acc_aname.value(r) = header.ancount ? RefCountString::construct(message.m_answer[0].name.fqdn) : RefCountString::construct("");
break;
case COLUMN_ATYPE:
acc_atype.value(r) = header.ancount ? message.m_answer[0].type : 0;
break;
case COLUMN_ACLASS:
acc_aclass.value(r) = header.ancount ? message.m_answer[0].rr_class : 0;
break;
case COLUMN_ATTL:
acc_attl.value(r) = header.ancount ? message.m_answer[0].ttl : 0;
break;
case COLUMN_ALABELS:
acc_alabels.value(r) = header.ancount ? message.m_answer[0].name.labels : 0;
break;
case COLUMN_EDNS0_ECS:
acc_edns0_ecs.value(r) = message.m_edns0_ecs ? 1 : 0;
break;
case COLUMN_EDNS0_ECS_FAMILY:
acc_edns0_ecs_family.value(r) = message.m_edns0_ecs_family;
break;
case COLUMN_EDNS0_ECS_SOURCE:
acc_edns0_ecs_source.value(r) = message.m_edns0_ecs_source;
break;
case COLUMN_EDNS0_ECS_SCOPE:
acc_edns0_ecs_scope.value(r) = message.m_edns0_ecs_scope;
break;
case COLUMN_EDNS0_ECS_ADDRESS:
if (message.m_edns0_ecs_addr_set && message.m_edns0_ecs_family == 1)
acc_edns0_ecs_address.value(r) = v4_addr2str(message.m_edns0_ecs_addr);
else if (message.m_edns0_ecs_addr_set && message.m_edns0_ecs_family == 2)
acc_edns0_ecs_address.value(r) = v6_addr2str(message.m_edns0_ecs_addr);
else
acc_edns0_ecs_address.value(r) = RefCountString::construct("");
break;
}
}
return Packet::OK;
}
} // namespace packetq

541
src/dns.h Normal file
View file

@ -0,0 +1,541 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_dns_h
#define __packetq_dns_h
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "output.h"
#include "packet_handler.h"
#include "tcp.h"
namespace packetq {
extern char visible_char_map[256];
class DNSMessage {
public:
class Header {
public:
int id;
int z;
bool qr;
int opcode;
bool aa;
bool tc;
bool rd;
bool ra;
bool ad;
bool cd;
int rcode;
int qdcount;
int ancount;
int nscount;
int arcount;
Header()
: z(0)
{
id = 0;
qr = 0;
opcode = 0;
aa = 0;
tc = 0;
rd = 0;
ra = 0;
ad = 0;
cd = 0;
rcode = 0;
qdcount = 0;
ancount = 0;
nscount = 0;
arcount = 0;
}
void parse(DNSMessage& p)
{
/*
From rfc 2929
1 1 1 1 1 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ID |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|QR| Opcode |AA|TC|RD|RA| Z|AD|CD| RCODE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| QDCOUNT/ZOCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ANCOUNT/PRCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| NSCOUNT/UPCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ARCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
*/
id = p.get_ushort(0);
qr = p.get_bit(2, 0);
opcode = p.get_bits(2, 1, 4);
aa = p.get_bit(2, 5);
tc = p.get_bit(2, 6);
rd = p.get_bit(2, 7);
ra = p.get_bit(2, 8);
ad = p.get_bit(2, 10);
cd = p.get_bit(2, 11);
rcode = p.get_bits(2, 12, 4);
qdcount = p.get_ushort(4);
ancount = p.get_ushort(6);
nscount = p.get_ushort(8);
arcount = p.get_ushort(10);
}
};
class Name {
public:
char fqdn[2048]; // escaping needs *4 the space
int labels;
Name()
: fqdn { 0 }
, labels(0)
{
}
void reset(void)
{
fqdn[0] = 0;
labels = 0;
}
};
class Question {
public:
Name qname;
int qtype;
int qclass;
Question()
{
qtype = 0;
qclass = 0;
}
int parse(DNSMessage& m, int offs)
{
offs = m.parse_dname(qname, offs);
qtype = m.get_ushort(offs);
offs += 2;
qclass = m.get_ushort(offs);
offs += 2;
return offs;
}
};
class RR {
public:
Name name;
int type;
int rr_class;
unsigned int ttl;
int rdlength;
int doffs;
RR()
{
type = 0;
rr_class = 0;
ttl = 0;
rdlength = 0;
doffs = 0;
}
int parse(DNSMessage& m, int offs)
{
offs = m.parse_dname(name, offs);
type = m.get_ushort(offs);
if (type == 41) {
m.m_opt_rr = this;
m.m_new_opt_rr = true;
}
offs += 2;
rr_class = m.get_ushort(offs);
offs += 2;
ttl = m.get_ushort(offs) << 16;
ttl |= m.get_ushort(offs + 2);
offs += 4;
rdlength = m.get_ushort(offs);
offs += 2;
doffs = offs;
offs += rdlength;
return offs;
}
};
IP_header& m_ip_header;
unsigned char* m_data;
int m_length;
Header m_header;
Question m_questions[2];
RR m_answer[2];
RR m_authority[2];
RR m_additional[2];
RR* m_opt_rr;
bool m_new_opt_rr;
int m_error;
bool m_edns0;
bool m_do;
int m_extended_rcode;
int m_edns_version;
int m_z;
int m_udp_size;
bool m_edns0_ecs;
int m_edns0_ecs_family;
int m_edns0_ecs_source;
int m_edns0_ecs_scope;
in6addr_t m_edns0_ecs_addr;
bool m_edns0_ecs_addr_set;
DNSMessage(unsigned char* data, int len, IP_header& head)
: m_ip_header(head)
{
m_opt_rr = 0;
m_new_opt_rr = false;
m_error = 0;
m_data = data;
m_length = len;
m_edns0 = false;
m_do = false;
m_extended_rcode = 0;
m_edns_version = 0;
m_z = 0;
m_udp_size = 0;
m_edns0_ecs = false;
m_edns0_ecs_family = 0;
m_edns0_ecs_source = 0;
m_edns0_ecs_scope = 0;
m_edns0_ecs_addr_set = false;
parse();
}
int parse_dname(Name& name, int offs)
{
int p = 0;
int savedoffs = 0;
int n = get_ubyte(offs++);
char* out = &name.fqdn[0];
if (n == 0)
out[p++] = '.';
while (n > 0) {
name.labels++;
while (n >= 192) {
if (savedoffs) {
out[p++] = 0;
return savedoffs;
}
savedoffs = offs + 1;
int n2 = get_ubyte(offs++);
int ptr = (n & 63) * 0x100 + n2;
offs = ptr;
n = get_ubyte(offs++);
}
// if the string is too long restart and mess it up
// check if we can fit a fully escaped label + . and reserve for zeroing it later
if (p + (n * 4) + 1 > sizeof(name.fqdn) - 1)
p = 0;
while (n-- > 0) {
const unsigned int byte = get_ubyte(offs++);
if (visible_char_map[byte]) {
out[p++] = visible_char_map[byte];
} else {
out[p++] = '\\';
out[p++] = '0' + byte / 100;
out[p++] = '0' + byte / 10 % 10;
out[p++] = '0' + byte % 10;
}
}
out[p++] = '.';
n = get_ubyte(offs++);
}
if (savedoffs)
offs = savedoffs;
out[p++] = 0;
return offs;
}
void parse_opt_rr()
{
if (m_opt_rr) {
if (!m_edns0) {
m_edns0 = true;
unsigned long ttl = m_opt_rr->ttl;
m_do = (ttl >> 15) & 1;
m_extended_rcode = ttl >> 24;
m_edns_version = (ttl >> 16) & 0xff;
m_z = ttl & 0x7fff;
m_udp_size = m_opt_rr->rr_class;
}
if (((m_opt_rr->ttl >> 16) & 0xff) == 0 && m_opt_rr->rdlength > 0) {
// Parse this OPT RR that is EDNS0
int rdlen = m_opt_rr->rdlength,
offs = m_opt_rr->doffs,
opcode = 0,
oplen = 0;
while (rdlen > 3) {
// Minimum op code and length
opcode = get_ushort(offs);
oplen = get_ushort(offs + 2);
offs += 4;
rdlen -= 4;
if (rdlen < oplen)
break;
if (opcode == 8 && !m_edns0_ecs && oplen > 3) {
// ECS - Client Subnet - RFC7871
m_edns0_ecs = true;
m_edns0_ecs_family = get_ushort(offs);
m_edns0_ecs_source = get_ubyte(offs + 2);
m_edns0_ecs_scope = get_ubyte(offs + 3);
int addrlen = (m_edns0_ecs_source / 8) + (m_edns0_ecs_source % 8 ? 1 : 0);
int fill = 0;
if (addrlen <= (oplen - 4)) {
switch (m_edns0_ecs_family) {
case 1:
fill = 4;
m_edns0_ecs_addr_set = true;
break;
case 2:
fill = 16;
m_edns0_ecs_addr_set = true;
break;
}
int a = 0, b;
for (b = 15; fill && b > -1; fill--, b--) {
if (a < addrlen) {
m_edns0_ecs_addr.__in6_u.__u6_addr8[b] = get_ubyte(offs + 4 + a);
a++;
} else {
m_edns0_ecs_addr.__in6_u.__u6_addr8[b] = 0;
}
}
}
}
rdlen -= oplen;
offs += oplen;
}
}
}
}
void parse()
{
m_header.parse(*this);
int offs = 12;
int q = 0;
int cnt = m_header.qdcount;
while (cnt-- > 0) {
offs = m_questions[q].parse(*this, offs);
if (offs > m_length) {
m_questions[q].qname.reset();
m_error = offs;
return;
}
q = 1; // not ++ ignore further Q's
}
q = 0;
cnt = m_header.ancount;
while (cnt-- > 0) {
offs = m_answer[q].parse(*this, offs);
q = 1; // not ++ ignore further Q's
if (offs > m_length) {
m_error = offs;
return;
}
}
q = 0;
cnt = m_header.nscount;
while (cnt-- > 0) {
offs = m_authority[q].parse(*this, offs);
q = 1; // not ++ ignore further Q's
if (offs > m_length) {
m_error = offs;
return;
}
}
q = 0;
cnt = m_header.arcount;
while (cnt-- > 0) {
offs = m_additional[q].parse(*this, offs);
q = 1; // not ++ ignore further Q's
if (offs > m_length) {
m_error = offs;
return;
}
if (m_new_opt_rr) {
parse_opt_rr();
m_new_opt_rr = false;
}
}
if (offs > m_length)
m_error = offs;
}
unsigned int get_ubyte(int offs)
{
if (offs >= m_length)
return 0;
return int(m_data[offs]);
}
// returns 16 bit number at byte offset offs
unsigned int get_ushort(int offs)
{
if ((offs + 1) >= m_length)
return 0;
return (int(m_data[offs]) << 8) | int(m_data[offs + 1]);
}
uint32_t get_uint32(int offs)
{
if ((offs + 3) >= m_length)
return 0;
return (uint32_t(m_data[offs]) << 24) | (uint32_t(m_data[offs + 1]) << 16) | (uint32_t(m_data[offs + 2]) << 8) | uint32_t(m_data[offs + 3]);
}
bool get_bit(int offs, int bit)
{
if (offs >= m_length)
return 0;
return ((get_ushort(offs) << bit) & 0x8000) == 0x8000;
}
unsigned int get_bits(int offs, int bit, int bits)
{
if (offs >= m_length)
return 0;
return ((get_ushort(offs) << bit) & 0xffff) >> (16 - bits);
}
};
class Parse_dns : public Packet_handler {
public:
enum {
COLUMN_QNAME = IP_header_to_table::COLUMN_FRAGMENTS + 1,
COLUMN_ANAME,
COLUMN_MSG_ID,
COLUMN_MSG_SIZE,
COLUMN_OPCODE,
COLUMN_RCODE,
COLUMN_EXTENDED_RCODE,
COLUMN_EDNS_VERSION,
COLUMN_Z,
COLUMN_UDP_SIZE,
COLUMN_QD_COUNT,
COLUMN_AN_COUNT,
COLUMN_NS_COUNT,
COLUMN_AR_COUNT,
COLUMN_QTYPE,
COLUMN_QCLASS,
COLUMN_QLABELS,
COLUMN_ATYPE,
COLUMN_ACLASS,
COLUMN_ALABELS,
COLUMN_ATTL,
COLUMN_AA,
COLUMN_TC,
COLUMN_RD,
COLUMN_CD,
COLUMN_RA,
COLUMN_AD,
COLUMN_DO,
COLUMN_EDNS0,
COLUMN_QR,
COLUMN_EDNS0_ECS,
COLUMN_EDNS0_ECS_FAMILY,
COLUMN_EDNS0_ECS_SOURCE,
COLUMN_EDNS0_ECS_SCOPE,
COLUMN_EDNS0_ECS_ADDRESS,
};
Parse_dns(bool escape_dnsnames);
virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample);
void add_packet_columns();
void add_lookup_tables();
private:
Str_conv converter;
IP_header_to_table m_ip_helper;
Int_accessor acc_s;
Int_accessor acc_us;
Int_accessor acc_ether_type;
Int_accessor acc_protocol;
Int_accessor acc_src_port;
Int_accessor acc_msg_id;
Int_accessor acc_msg_size;
Int_accessor acc_opcode;
Int_accessor acc_rcode;
Int_accessor acc_extended_rcode;
Int_accessor acc_edns_version;
Int_accessor acc_z;
Int_accessor acc_udp_size;
Int_accessor acc_qd_count;
Int_accessor acc_an_count;
Int_accessor acc_ns_count;
Int_accessor acc_ar_count;
Int_accessor acc_qtype;
Int_accessor acc_qclass;
Int_accessor acc_qlabels;
Int_accessor acc_atype;
Int_accessor acc_aclass;
Int_accessor acc_attl;
Int_accessor acc_alabels;
Int_accessor acc_edns0_ecs_family;
Int_accessor acc_edns0_ecs_source;
Int_accessor acc_edns0_ecs_scope;
Bool_accessor acc_qr;
Bool_accessor acc_aa;
Bool_accessor acc_tc;
Bool_accessor acc_rd;
Bool_accessor acc_cd;
Bool_accessor acc_ra;
Bool_accessor acc_ad;
Bool_accessor acc_do;
Bool_accessor acc_edns0;
Bool_accessor acc_edns0_ecs;
Text_accessor acc_qname;
Text_accessor acc_aname;
Text_accessor acc_src_addr;
Text_accessor acc_dst_addr;
Text_accessor acc_edns0_ecs_address;
};
} // namespace packetq
#endif // __packetq_dns_h

238
src/icmp.cpp Normal file
View file

@ -0,0 +1,238 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "icmp.h"
#include "output.h"
#include "packet_handler.h"
#include "packetq.h"
#include "tcp.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
namespace packetq {
Parse_icmp::Parse_icmp()
{
table_name = "icmp";
add_packet_columns();
add_lookup_tables();
}
void Parse_icmp::add_packet_columns()
{
m_ip_helper.add_packet_columns(*this);
add_packet_column("type", "", Coltype::_int, COLUMN_TYPE);
add_packet_column("code", "", Coltype::_int, COLUMN_CODE);
add_packet_column("echo_identifier", "", Coltype::_int, COLUMN_ECHO_IDENTIFIER);
add_packet_column("echo_sequence", "", Coltype::_int, COLUMN_ECHO_SEQUENCE);
add_packet_column("du_protocol", "", Coltype::_int, COLUMN_DU_PROTOCOL);
add_packet_column("du_src_addr", "", Coltype::_text, COLUMN_DU_SRC_ADDR);
add_packet_column("du_dst_addr", "", Coltype::_text, COLUMN_DU_DST_ADDR);
add_packet_column("desc", "", Coltype::_text, COLUMN_DESC);
}
void Parse_icmp::add_lookup_tables()
{
}
Packet::ParseResult Parse_icmp::parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample)
{
if (packet.m_ip_header.proto != IPPROTO_ICMP)
return Packet::ERROR;
if (packet.m_ip_header.ethertype != 2048) // we dont support ICMPv6 yet
return Packet::ERROR;
if (!sample)
return Packet::NOT_SAMPLED;
if (packet.m_len < 2)
return Packet::ERROR;
Row* r = &destination_row;
m_ip_helper.assign(r, &packet.m_ip_header, columns);
unsigned char* raw = packet.m_data;
int type = raw[0];
int code = raw[1];
int identifier = 0, sequence = 0, protocol = 0;
RefCountString *src_addr = 0, *dst_addr = 0;
bool src_addr_used = false, dst_addr_used = false;
switch (type) {
case 0:
if (packet.m_len < 8)
return Packet::ERROR;
identifier = get_short(&raw[4]);
sequence = get_short(&raw[6]);
break;
case 3: {
IP_header head;
if (packet.m_len < 8 + 20)
return Packet::ERROR;
head.decode(&raw[8], packet.m_ip_header.ethertype, 0);
protocol = head.proto;
src_addr = v4_addr2str(head.src_ip);
dst_addr = v4_addr2str(head.dst_ip);
} break;
case 8:
if (packet.m_len < 8)
return Packet::ERROR;
identifier = get_short(&raw[4]);
sequence = get_short(&raw[6]);
break;
}
for (auto i = columns.begin(), end = columns.end(); i != end; ++i) {
switch (*i) {
case COLUMN_TYPE:
acc_type.value(r) = type;
break;
case COLUMN_CODE:
acc_code.value(r) = code;
break;
case COLUMN_ECHO_IDENTIFIER:
acc_echo_identifier.value(r) = identifier;
break;
case COLUMN_ECHO_SEQUENCE:
acc_echo_sequence.value(r) = sequence;
break;
case COLUMN_DU_PROTOCOL:
acc_du_protocol.value(r) = protocol;
break;
case COLUMN_DU_SRC_ADDR:
acc_du_src_addr.value(r) = src_addr ? src_addr : RefCountString::construct("");
src_addr_used = true;
break;
case COLUMN_DU_DST_ADDR:
acc_du_dst_addr.value(r) = dst_addr ? dst_addr : RefCountString::construct("");
dst_addr_used = true;
break;
case COLUMN_DESC:
switch (type) {
case 0:
acc_desc.value(r) = RefCountString::construct("Echo Reply");
break;
case 3:
switch (code) {
case 0:
acc_desc.value(r) = RefCountString::construct("Destination network unreachable");
break;
case 1:
acc_desc.value(r) = RefCountString::construct("Destination host unreachable");
break;
case 2:
acc_desc.value(r) = RefCountString::construct("Destination protocol unreachable");
break;
case 3:
acc_desc.value(r) = RefCountString::construct("Destination port unreachable");
break;
default:
acc_desc.value(r) = RefCountString::construct("Destination unreachable");
break;
}
break;
case 4:
acc_desc.value(r) = RefCountString::construct("Source quench");
break;
case 5:
acc_desc.value(r) = RefCountString::construct("Redirect Message");
break;
case 6:
acc_desc.value(r) = RefCountString::construct("Alternate Host Address");
break;
case 8:
acc_desc.value(r) = RefCountString::construct("Echo Request");
break;
case 9:
acc_desc.value(r) = RefCountString::construct("Router Advertisement");
break;
case 10:
acc_desc.value(r) = RefCountString::construct("Router Solicitation");
break;
case 11:
acc_desc.value(r) = RefCountString::construct("Time Exceeded");
break;
case 12:
acc_desc.value(r) = RefCountString::construct("Bad IP header");
break;
case 13:
acc_desc.value(r) = RefCountString::construct("Timestamp");
break;
case 14:
acc_desc.value(r) = RefCountString::construct("Timestamp Reply");
break;
case 15:
acc_desc.value(r) = RefCountString::construct("Information Request");
break;
case 16:
acc_desc.value(r) = RefCountString::construct("Information Reply");
break;
case 17:
acc_desc.value(r) = RefCountString::construct("Address Mask Request");
break;
case 18:
acc_desc.value(r) = RefCountString::construct("Address Mask Reply");
break;
case 30:
acc_desc.value(r) = RefCountString::construct("Traceroute");
break;
default:
acc_desc.value(r) = RefCountString::construct("UNKNOWN TYPE");
}
break;
}
}
if (src_addr && !src_addr_used)
src_addr->dec_refcount();
if (dst_addr && !dst_addr_used)
dst_addr->dec_refcount();
return Packet::OK;
}
void Parse_icmp::on_table_created(Table* table, const std::vector<int>& columns)
{
m_ip_helper.on_table_created(table, columns);
acc_type = table->get_accessor<int_column>("type");
acc_code = table->get_accessor<int_column>("code");
acc_echo_identifier = table->get_accessor<int_column>("echo_identifier");
acc_echo_sequence = table->get_accessor<int_column>("echo_sequence");
acc_du_protocol = table->get_accessor<int_column>("du_protocol");
acc_du_src_addr = table->get_accessor<text_column>("du_src_addr");
acc_du_dst_addr = table->get_accessor<text_column>("du_dst_addr");
acc_desc = table->get_accessor<text_column>("desc");
}
} // namespace packetq

76
src/icmp.h Normal file
View file

@ -0,0 +1,76 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_icmp_h
#define __packetq_icmp_h
#include <assert.h>
#include <cctype>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "output.h"
#include "packet_handler.h"
#include "sql.h"
#include "tcp.h"
namespace packetq {
class Parse_icmp : public Packet_handler {
public:
enum {
COLUMN_TYPE = IP_header_to_table::COLUMN_FRAGMENTS + 1,
COLUMN_CODE,
COLUMN_ECHO_IDENTIFIER,
COLUMN_ECHO_SEQUENCE,
COLUMN_DU_PROTOCOL,
COLUMN_DU_SRC_ADDR,
COLUMN_DU_DST_ADDR,
COLUMN_DESC
};
Parse_icmp();
virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample);
void add_packet_columns();
void add_lookup_tables();
private:
Str_conv converter;
IP_header_to_table m_ip_helper;
Int_accessor acc_type;
Int_accessor acc_code;
Int_accessor acc_echo_identifier;
Int_accessor acc_echo_sequence;
Int_accessor acc_du_protocol;
Text_accessor acc_du_src_addr;
Text_accessor acc_du_dst_addr;
Text_accessor acc_desc;
};
} // namespace packetq
#endif // __packetq_icmp_h

415
src/output.h Normal file
View file

@ -0,0 +1,415 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_output_h
#define __packetq_output_h
#include <stdio.h>
#include <stdlib.h>
namespace packetq {
class Output {
char m_buffer[0x10000];
char m_diglut[0x100][4];
int m_len;
int m_tot;
public:
Output()
{
for (int i = 0; i < 256; i++)
snprintf(m_diglut[i], 4, "%d", i);
m_len = 0;
m_tot = 0;
}
~Output()
{
// print();
}
void reset() { m_len = 0; }
void print()
{
if (!m_len)
return;
fwrite(m_buffer, m_len, 1, stdout);
m_tot += m_len;
m_len = 0;
}
void flush()
{
print();
fflush(stdout);
}
inline void add_q_string(const char* p)
{
m_buffer[m_len++] = '"';
add_string_esc_json(p);
m_buffer[m_len++] = '"';
}
inline void add_string_esc_json(const char* p)
{
static const char lut[] = "0123456789ABCDEF";
if (m_len > sizeof(m_buffer) / 2)
print();
char c;
while ((c = *p++)) {
if (c == '\\') {
m_buffer[m_len++] = '\\';
c = '\\';
} else if (c == '"') {
m_buffer[m_len++] = '\\';
} else if (c < 0x20) {
m_buffer[m_len++] = '\\';
m_buffer[m_len++] = 'u';
m_buffer[m_len++] = '0';
m_buffer[m_len++] = '0';
m_buffer[m_len++] = lut[(c >> 4) & 0xf];
m_buffer[m_len++] = lut[c & 0xf];
continue;
}
m_buffer[m_len++] = c;
}
}
inline void add_string_esc_xml(const char* p)
{
if (m_len > sizeof(m_buffer) / 2)
print();
char c;
while ((c = *p++) > 'A') {
m_buffer[m_len++] = c;
}
if (c == 0)
return;
p--;
while ((c = *p++)) {
if (c == '>') {
m_buffer[m_len++] = '&';
add_string("gt");
c = ';';
}
if (c == '<') {
m_buffer[m_len++] = '&';
add_string("lt");
c = ';';
}
if (c == '\'') {
m_buffer[m_len++] = '&';
add_string("apos");
c = ';';
}
if (c == '"') {
m_buffer[m_len++] = '&';
add_string("quot");
c = ';';
}
m_buffer[m_len++] = c;
if (c == '&') {
add_string("amp;");
}
}
}
inline void check()
{
if (m_len > sizeof(m_buffer) / 2)
print();
}
inline void add_string(const char* p)
{
check();
char c;
while ((c = *p++)) {
m_buffer[m_len++] = c;
}
}
inline void add_hex_ushort(unsigned short v)
{
static const char lut[] = "0123456789abcdef";
if (v & 0xf000) {
m_buffer[m_len++] = lut[v >> 12];
m_buffer[m_len++] = lut[(v >> 8) & 0xf];
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
if (v & 0xf00) {
m_buffer[m_len++] = lut[(v >> 8) & 0xf];
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
if (v & 0xf0) {
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
m_buffer[m_len++] = lut[v & 0xf];
}
inline void add_attr_ipv6(const char* name, unsigned char* addr)
{
check();
add_string_q(name);
m_buffer[m_len++] = '=';
m_buffer[m_len++] = '"';
unsigned short digs[8];
unsigned char* p = addr;
int longest_run = 0;
int longest_p = 9;
int cur_run = 0;
for (int i = 0; i < 8; i++) {
digs[i] = ((unsigned short)(p[0]) << 8) | (unsigned short)(p[1]);
if (digs[i] == 0) {
cur_run++;
if ((cur_run > 1) && (cur_run > longest_run)) {
longest_run = cur_run;
longest_p = i + 1 - cur_run;
}
} else
cur_run = 0;
p += 2;
}
for (int i = 0; i < 8; i++) {
if (i >= longest_p && i < longest_p + longest_run) {
if (i == longest_p) {
if (i == 0)
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
}
} else {
add_hex_ushort(digs[i]);
if (i != 7)
m_buffer[m_len++] = ':';
}
}
m_buffer[m_len++] = '"';
m_buffer[m_len++] = ' ';
}
inline void add_attr_ipv4(const char* p, unsigned int i)
{
check();
add_string_q(p);
m_buffer[m_len++] = '=';
m_buffer[m_len++] = '"';
add_string_q(m_diglut[i & 255]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 8) & 255]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 16) & 255]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 24)]);
m_buffer[m_len++] = '"';
m_buffer[m_len++] = ' ';
}
inline void add_attr_bool(const char* p, bool i)
{
if (!i)
return;
check();
add_string_q(p);
m_buffer[m_len++] = '=';
m_buffer[m_len++] = '"';
m_buffer[m_len++] = i ? '1' : '0';
m_buffer[m_len++] = '"';
m_buffer[m_len++] = ' ';
}
inline void add_int(unsigned int i)
{
check();
if (i < 256) {
add_string_q(m_diglut[i & 255]);
} else {
unsigned char d[64];
unsigned char* cd = d;
while (i > 0 && cd < (&d[0] + sizeof(d))) {
unsigned int n = i;
i = i / 100;
n = n - (i * 100);
*cd++ = n;
}
if (cd != d) {
unsigned char t = *--cd;
add_string_q(m_diglut[t]);
}
while (cd != d) {
unsigned char t = *--cd;
if (t >= 10)
add_string_q(m_diglut[t]);
else {
m_buffer[m_len++] = '0';
m_buffer[m_len++] = '0' + t;
}
}
}
}
inline void add_attr_int(const char* p, unsigned int i)
{
check();
if (i == 0)
return;
add_string_q(p);
m_buffer[m_len++] = '=';
m_buffer[m_len++] = '"';
add_int(i);
m_buffer[m_len++] = '"';
m_buffer[m_len++] = ' ';
}
inline void add_attr_str(const char* p, const char* t)
{
add_string(p);
m_buffer[m_len++] = '=';
m_buffer[m_len++] = '"';
add_string_esc_json(t);
m_buffer[m_len++] = '"';
m_buffer[m_len++] = ' ';
}
private:
inline void add_string_q(const char* p)
{
char c;
while ((c = *p++)) {
m_buffer[m_len++] = c;
}
}
};
class Str_conv {
char m_buffer[0x10000];
char m_diglut[0x100][4];
int m_len;
int m_tot;
public:
Str_conv()
{
for (int i = 0; i < 256; i++)
snprintf(m_diglut[i], 4, "%d", i);
m_len = 0;
m_tot = 0;
}
~Str_conv()
{
// print();
}
const char* get()
{
m_buffer[m_len] = 0;
return m_buffer;
}
int get_len() { return m_len; }
void reset() { m_len = 0; }
inline void add_attr_ipv6(unsigned char* addr)
{
unsigned short digs[8];
unsigned char* p = &addr[14];
int longest_run = 0;
int longest_p = 9;
int cur_run = 0;
for (int i = 0; i < 8; i++) {
digs[i] = ((unsigned short)(p[1]) << 8) | (unsigned short)(p[0]);
if (digs[i] == 0) {
cur_run++;
if ((cur_run > 1) && (cur_run > longest_run)) {
longest_run = cur_run;
longest_p = i + 1 - cur_run;
}
} else
cur_run = 0;
p -= 2;
}
for (int i = 0; i < 8; i++) {
if (i >= longest_p && i < longest_p + longest_run) {
if (i == longest_p) {
if (i == 0)
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
}
} else {
add_hex_ushort(digs[i]);
if (i != 7)
m_buffer[m_len++] = ':';
}
}
}
inline void add_string_q(const char* p)
{
char c;
while ((c = *p++)) {
m_buffer[m_len++] = c;
}
}
inline void add_attr_ipv4(unsigned int i)
{
add_string_q(m_diglut[(i >> 24)]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 16) & 255]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 8) & 255]);
m_buffer[m_len++] = '.';
add_string_q(m_diglut[(i >> 0) & 255]);
}
inline void add_hex_ushort(unsigned short v)
{
static const char lut[] = "0123456789abcdef";
if (v & 0xf000) {
m_buffer[m_len++] = lut[v >> 12];
m_buffer[m_len++] = lut[(v >> 8) & 0xf];
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
if (v & 0xf00) {
m_buffer[m_len++] = lut[(v >> 8) & 0xf];
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
if (v & 0xf0) {
m_buffer[m_len++] = lut[(v >> 4) & 0xf];
m_buffer[m_len++] = lut[v & 0xf];
return;
}
m_buffer[m_len++] = lut[v & 0xf];
}
};
extern Output g_output;
} // namespace packetq
#endif // __packetq_output_h

566
src/packet_handler.cpp Normal file
View file

@ -0,0 +1,566 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "packet_handler.h"
#include "dns.h"
#include "icmp.h"
#include "output.h"
#include "packetq.h"
#include "sql.h"
#include "tcp.h"
#include <stdio.h>
#include <stdlib.h>
namespace packetq {
Payload g_payload;
Output g_output;
Str_conv converter;
class Fragments {
private:
Fragments& operator=(const Fragments& other);
Fragments(Fragments&& other) noexcept;
Fragments const& operator=(Fragments&& other);
public:
class Range {
public:
bool operator<(const Range& r) const
{
if (begin < r.begin)
return true;
return false;
}
Range(int s, int e1)
{
begin = s;
endp1 = e1;
}
int begin;
int endp1;
};
Fragments(const Fragments& f)
{
// printf( "copy Fragments\n" );
m_first = f.m_first;
m_complete = f.m_complete;
m_frags = f.m_frags;
}
Fragments()
{
m_complete = 0;
m_frags = 0;
}
~Fragments()
{
// printf( "delete Fragments\n", m_first.offset );
}
bool add(IP_header& head, unsigned char* data, int len)
{
if (head.offset == 0)
m_first = head;
if (head.offset + len > 0x10000 || len < 0)
return false;
m_frags++;
if (head.fragments == 0)
m_complete = head.offset + len;
bool complete = add_range(head.offset, head.offset + len);
memcpy((void*)&m_buffer[head.offset], data, len);
if (complete) {
m_complete = head.offset + len;
m_first.fragments = m_frags;
return true;
}
return false;
}
bool add_range(int start, int end)
{
m_ranges.push_back(Range(start, end));
m_ranges.sort();
bool merged = true;
// this is algorithmically horrid (hope there wont be tonnes of fragments)
while (merged) {
merged = false;
auto it = m_ranges.begin();
auto last = it;
if (last == m_ranges.end())
break;
it++;
for (; it != m_ranges.end(); it++) {
if (last->endp1 == it->begin) {
merged = true;
last->endp1 = it->endp1;
m_ranges.erase(it);
break;
}
}
}
if (m_ranges.size() == 1 && m_ranges.begin()->endp1 == m_complete && m_ranges.begin()->begin == 0)
return true;
return false;
}
std::list<Range> m_ranges;
int m_complete;
int m_frags;
IP_header m_first;
unsigned char m_buffer[0x10000];
};
class Ident {
public:
bool operator<(const Ident& rhs) const
{
if (m_ident < rhs.m_ident)
return true;
if (m_ident > rhs.m_ident)
return false;
for (int i = 0; i < 4; i++) {
if (m_src_ip.__in6_u.__u6_addr32[i] < rhs.m_src_ip.__in6_u.__u6_addr32[i])
return true;
if (m_src_ip.__in6_u.__u6_addr32[i] > rhs.m_src_ip.__in6_u.__u6_addr32[i])
return false;
}
if (m_protocol < rhs.m_protocol)
return true;
if (m_protocol > rhs.m_protocol)
return false;
for (int i = 0; i < 4; i++) {
if (m_dst_ip.__in6_u.__u6_addr32[i] < rhs.m_dst_ip.__in6_u.__u6_addr32[i])
return true;
if (m_dst_ip.__in6_u.__u6_addr32[i] > rhs.m_dst_ip.__in6_u.__u6_addr32[i])
return false;
}
return false;
}
in6addr_t m_dst_ip;
in6addr_t m_src_ip;
int m_ident;
int m_protocol;
};
class FragmentHandler {
public:
void add_fragment(IP_header& head, unsigned char* data, int len, Packet& p)
{
Ident i;
i.m_src_ip = head.src_ip;
i.m_dst_ip = head.dst_ip;
i.m_protocol = head.proto;
i.m_ident = head.ident;
Fragments& frag = m_fragments[i];
if (frag.add(head, data, len)) {
p.m_ip_header = frag.m_first;
p.parse_transport(frag.m_buffer, frag.m_complete);
m_fragments.erase(i);
}
}
std::map<Ident, Fragments> m_fragments;
};
FragmentHandler m_fraghandler;
void IP_header::reset()
{
memset(&src_ip, 0, sizeof(in6addr_t));
memset(&dst_ip, 0, sizeof(in6addr_t));
fragments = 0;
offset = 0;
ident = 0;
s = 0;
us = 0;
ethertype = 0;
src_port = 0;
dst_port = 0;
proto = 0;
ip_ttl = 0;
ip_version = 0;
id = 0;
length = 0;
}
int IP_header::decode(unsigned char* data, int itype, int i_id)
{
reset();
ethertype = itype;
id = i_id;
int len = 0;
// ether frame done (ignored mac's)
// ip
ip_version = data[0] >> 4;
proto = 0;
if (ip_version == 4) {
if (ethertype == 0)
ethertype = 0x800;
int header_len = (data[0] & 0xf) * 4;
proto = data[9];
ip_ttl = data[8];
src_ip.__in6_u.__u6_addr32[3] = get_int(&data[12]);
dst_ip.__in6_u.__u6_addr32[3] = get_int(&data[16]);
int totallen = get_short(&data[2]);
length = totallen - header_len;
int flags = get_short(&data[6]);
offset = (flags & 0x1fff) << 3;
flags >>= 13;
if (flags & 1)
fragments = 1;
data += header_len;
len += header_len;
} else if (ip_version == 6) {
if (ethertype == 0)
ethertype = 0x86DD;
proto = data[6];
ip_ttl = data[7];
src_ip.__in6_u.__u6_addr32[3] = get_int(&data[8]);
src_ip.__in6_u.__u6_addr32[2] = get_int(&data[12]);
src_ip.__in6_u.__u6_addr32[1] = get_int(&data[16]);
src_ip.__in6_u.__u6_addr32[0] = get_int(&data[20]);
dst_ip.__in6_u.__u6_addr32[3] = get_int(&data[24]);
dst_ip.__in6_u.__u6_addr32[2] = get_int(&data[28]);
dst_ip.__in6_u.__u6_addr32[1] = get_int(&data[32]);
dst_ip.__in6_u.__u6_addr32[0] = get_int(&data[36]);
data += 40;
len += 40;
// process next headers - NOTE: there are 6 not 4
while (proto == 0 || proto == 43 || proto == 44 || proto == 60) {
if (proto == 44) {
offset = get_short(&data[2]) & 0xfff8;
fragments = get_short(&data[2]) & 1;
}
proto = data[0];
int hdr_len = data[1] + 8;
data += hdr_len;
len += hdr_len;
}
} else {
return 0;
}
return len;
}
std::vector<Packet_handler*> packet_handlers;
Packet::ParseResult Packet::parse(Packet_handler* handler, const std::vector<int>& columns, Row& destination_row, bool sample)
{
bool base_layers_parsed;
if (m_link_layer_type == 1)
base_layers_parsed = parse_ethernet();
else if (m_link_layer_type == 113)
base_layers_parsed = parse_sll();
else
base_layers_parsed = parse_ip(m_data, m_len, 0);
if (!base_layers_parsed)
return ERROR;
// do the application layer
return handler->parse(*this, columns, destination_row, sample);
}
bool Packet::parse_ethernet()
{
unsigned char* data = m_data;
int len = m_len;
if (len < 14)
return false; // check for etherframe size
int ethertype = data[13] | (data[12] << 8);
if (ethertype == 0x8100) {
if (len < 18)
return false; // check for etherframe size + VLAN tag
ethertype = data[17] | (data[16] << 8);
data += 18;
len -= 18;
} else {
data += 14;
len -= 14;
}
return parse_ip(data, len, ethertype);
}
bool Packet::parse_sll()
{
unsigned char* data = m_data;
int len = m_len;
if (len < 16)
return false; // check for LINUX_SLL size
int ethertype = data[15] | (data[14] << 8);
if (ethertype == 0x8100) {
if (len < 20)
return false; // check for etherframe size + VLAN tag
ethertype = data[19] | (data[18] << 8);
data += 20;
len -= 20;
} else {
data += 16;
len -= 16;
}
return parse_ip(data, len, ethertype);
}
bool Packet::parse_ip(unsigned char* data, int len, int ethertype)
{
if (len < 5 * 4)
return false; // check for etherframe size + ipv4 header
int consumed = m_ip_header.decode(data, ethertype, m_id);
m_ip_header.s = m_s;
m_ip_header.us = m_us;
data += consumed;
len -= consumed;
if (m_ip_header.fragments > 0 || m_ip_header.offset > 0) {
m_fraghandler.add_fragment(m_ip_header, data, len, *this);
return false;
}
return parse_transport(data, len);
}
bool Packet::parse_transport(unsigned char* data, int len)
{
// tcp/udp
if (m_ip_header.proto == IPPROTO_TCP) {
if (len < 14)
return false;
m_ip_header.src_port = get_short(data);
m_ip_header.dst_port = get_short(&data[2]);
int seq = get_int(&data[4]);
int ack = get_int(&data[8]);
int dataoffs = 4 * (data[12] >> 4);
unsigned char bits = data[13];
char syn = (bits >> 1) & 1;
char fin = (bits >> 0) & 1;
char rst = (bits >> 2) & 1;
// get the assembled TCP packet and remove the individual segments.
data += dataoffs;
len -= dataoffs;
if (len < 0) {
fprintf(stderr, "Warning: Found TCP packet with bad length\n");
return false;
}
unsigned int rest = len;
data = assemble_tcp(g_payload, &m_ip_header.src_ip, &m_ip_header.dst_ip, m_ip_header.src_port, m_ip_header.dst_port, &rest, seq, data, rest, syn, fin, rst, ack);
len = rest;
} else if (m_ip_header.proto == IPPROTO_UDP) {
if (len < 4)
return false;
m_ip_header.src_port = get_short(data);
m_ip_header.dst_port = get_short(&data[2]);
data += 8;
len -= 8;
if (len < 0) {
fprintf(stderr, "Warning: Found UDP packet with bad length\n");
return false;
}
}
if (data) {
m_data = data;
m_len = len;
return true;
}
return false;
}
Table* Packet_handler::create_table(const std::vector<int>& columns)
{
Table* table = g_db.create_table(table_name);
for (auto i = packet_columns.begin(); i != packet_columns.end(); ++i)
if (std::find(columns.begin(), columns.end(), i->id) != columns.end())
table->add_column(i->name, i->type, i->id);
on_table_created(table, columns);
return table;
}
void Packet_handler::add_packet_column(const char* name, const char* description, Coltype::Type type, int id)
{
Packet_column c;
c.name = name;
c.description = description;
c.id = id;
c.type = type;
packet_columns.push_back(c);
}
void init_packet_handlers(bool escape_dnsnames)
{
packet_handlers.push_back(new Parse_dns(escape_dnsnames));
packet_handlers.push_back(new Parse_icmp());
}
void destroy_packet_handlers()
{
for (auto i = packet_handlers.begin(); i != packet_handlers.end(); ++i)
delete *i;
packet_handlers.clear();
}
Packet_handler* get_packet_handler(std::string table_name)
{
for (auto i = packet_handlers.begin(); i != packet_handlers.end(); ++i) {
if (table_name == (*i)->table_name)
return *i;
}
return 0;
}
void IP_header_to_table::add_packet_columns(Packet_handler& packet_handler)
{
packet_handler.add_packet_column("id", "ID", Coltype::_int, COLUMN_ID);
packet_handler.add_packet_column("s", "Seconds", Coltype::_int, COLUMN_S);
packet_handler.add_packet_column("us", "Milliseconds", Coltype::_int, COLUMN_US);
packet_handler.add_packet_column("ether_type", "", Coltype::_int, COLUMN_ETHER_TYPE);
packet_handler.add_packet_column("src_port", "", Coltype::_int, COLUMN_SRC_PORT); // this is really tcp/udp but accidents do happen
packet_handler.add_packet_column("dst_port", "", Coltype::_int, COLUMN_DST_PORT);
packet_handler.add_packet_column("src_addr", "", Coltype::_text, COLUMN_SRC_ADDR);
packet_handler.add_packet_column("dst_addr", "", Coltype::_text, COLUMN_DST_ADDR);
packet_handler.add_packet_column("protocol", "", Coltype::_int, COLUMN_PROTOCOL);
packet_handler.add_packet_column("ip_ttl", "", Coltype::_int, COLUMN_IP_TTL);
packet_handler.add_packet_column("ip_version", "", Coltype::_int, COLUMN_IP_VERSION);
packet_handler.add_packet_column("fragments", "", Coltype::_int, COLUMN_FRAGMENTS);
}
void IP_header_to_table::on_table_created(Table* table, const std::vector<int>& columns)
{
acc_src_addr = table->get_accessor<text_column>("src_addr");
acc_dst_addr = table->get_accessor<text_column>("dst_addr");
acc_ether_type = table->get_accessor<int_column>("ether_type");
acc_protocol = table->get_accessor<int_column>("protocol");
acc_ip_ttl = table->get_accessor<int_column>("ip_ttl");
acc_ip_version = table->get_accessor<int_column>("ip_version");
acc_src_port = table->get_accessor<int_column>("src_port");
acc_dst_port = table->get_accessor<int_column>("dst_port");
acc_s = table->get_accessor<int_column>("s");
acc_us = table->get_accessor<int_column>("us");
acc_id = table->get_accessor<int_column>("id");
acc_fragments = table->get_accessor<int_column>("fragments");
}
void IP_header_to_table::assign(Row* row, IP_header* head, const std::vector<int>& columns)
{
if (!head)
return;
for (auto i = columns.begin(), end = columns.end(); i != end; ++i) {
switch (*i) {
case COLUMN_ID:
acc_id.value(row) = head->id;
break;
case COLUMN_S:
acc_s.value(row) = head->s;
break;
case COLUMN_US:
acc_us.value(row) = head->us;
break;
case COLUMN_ETHER_TYPE:
acc_ether_type.value(row) = head->ethertype;
break;
case COLUMN_PROTOCOL:
acc_protocol.value(row) = head->proto;
break;
case COLUMN_IP_TTL:
acc_ip_ttl.value(row) = head->ip_ttl;
break;
case COLUMN_IP_VERSION:
acc_ip_version.value(row) = head->ip_version;
break;
case COLUMN_SRC_PORT:
acc_src_port.value(row) = head->src_port;
break;
case COLUMN_DST_PORT:
acc_dst_port.value(row) = head->dst_port;
break;
case COLUMN_FRAGMENTS:
acc_fragments.value(row) = head->fragments;
break;
case COLUMN_SRC_ADDR:
if (head->ethertype == 2048)
acc_src_addr.value(row) = v4_addr2str(head->src_ip);
else
acc_src_addr.value(row) = v6_addr2str(head->src_ip);
break;
case COLUMN_DST_ADDR:
if (head->ethertype == 2048)
acc_dst_addr.value(row) = v4_addr2str(head->dst_ip);
else
acc_dst_addr.value(row) = v6_addr2str(head->dst_ip);
break;
}
}
}
RefCountString* v4_addr2str(in6addr_t& addr)
{
converter.reset();
converter.add_attr_ipv4(addr.__in6_u.__u6_addr32[3]);
return RefCountString::construct(converter.get());
}
RefCountString* v6_addr2str(in6addr_t& addr)
{
converter.reset();
converter.add_attr_ipv6(&addr.__in6_u.__u6_addr8[0]);
return RefCountString::construct(converter.get());
}
} // namespace packetq

226
src/packet_handler.h Normal file
View file

@ -0,0 +1,226 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_packet_handler_h
#define __packetq_packet_handler_h
#include <assert.h>
#include <cctype>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <string>
#include <vector>
#include "sql.h"
#include "tcp.h"
namespace packetq {
class Table;
class Row;
inline int get_int_h(unsigned char* data)
{
return data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24);
}
inline int get_short_h(unsigned char* data)
{
return data[0] | (data[1] << 8);
}
inline int get_int(unsigned char* data)
{
return data[3] | (data[2] << 8) | (data[1] << 16) | (data[0] << 24);
}
inline int get_short(unsigned char* data)
{
return data[1] | (data[0] << 8);
}
RefCountString* v4_addr2str(in6addr_t& addr);
RefCountString* v6_addr2str(in6addr_t& addr);
class Payload {
public:
char m_p[0x10000];
int m_size;
Payload()
{
m_size = sizeof(m_p);
}
inline char* alloc(int size)
{
if (size > m_size)
return 0;
return m_p;
}
};
class IP_header {
public:
IP_header()
: s(0)
, us(0)
, ethertype(0)
, src_port(0)
, dst_port(0)
, proto(0)
, ip_ttl(0)
, ip_version(0)
, id(0)
, length(0)
, fragments(0)
, ident(0)
, offset(0)
{
memset(&src_ip, 0, sizeof(src_ip));
memset(&dst_ip, 0, sizeof(dst_ip));
}
void reset();
int decode(unsigned char* data, int ether_type, int id);
unsigned int s;
unsigned int us;
unsigned short ethertype;
in6addr_t src_ip;
in6addr_t dst_ip;
unsigned short src_port;
unsigned short dst_port;
unsigned short proto;
unsigned short ip_ttl;
unsigned short ip_version;
unsigned int id;
unsigned int length;
unsigned int fragments;
unsigned int ident;
unsigned int offset;
};
class Packet_handler;
class IP_header_to_table {
public:
enum {
COLUMN_ID,
COLUMN_S,
COLUMN_US,
COLUMN_ETHER_TYPE,
COLUMN_PROTOCOL,
COLUMN_IP_TTL,
COLUMN_IP_VERSION,
COLUMN_SRC_PORT,
COLUMN_DST_PORT,
COLUMN_SRC_ADDR,
COLUMN_DST_ADDR,
COLUMN_FRAGMENTS
};
void add_packet_columns(Packet_handler& packet_handler);
void on_table_created(Table* table, const std::vector<int>& columns);
void assign(Row* row, IP_header* head, const std::vector<int>& columns);
private:
Int_accessor acc_id;
Int_accessor acc_s;
Int_accessor acc_us;
Int_accessor acc_ether_type;
Int_accessor acc_protocol;
Int_accessor acc_ip_ttl;
Int_accessor acc_ip_version;
Int_accessor acc_src_port;
Int_accessor acc_dst_port;
Int_accessor acc_fragments;
Text_accessor acc_src_addr;
Text_accessor acc_dst_addr;
};
class Packet {
public:
enum ParseResult {
ERROR,
OK,
NOT_SAMPLED
};
Packet(unsigned char* data, int len, int s, int us, int id, int link_layer_type)
{
m_s = s;
m_us = us;
m_data = data;
m_len = len;
m_id = id;
m_link_layer_type = link_layer_type;
}
ParseResult parse(Packet_handler* handler, const std::vector<int>& columns, Row& destination_row, bool sample);
bool parse_ethernet();
bool parse_sll();
bool parse_ip(unsigned char* data, int len, int ether_type);
bool parse_transport(unsigned char* data, int len);
IP_header m_ip_header;
unsigned char* m_data;
int m_len;
int m_s;
int m_us;
int m_id;
int m_link_layer_type;
};
struct Packet_column {
const char* name;
const char* description;
int id;
Coltype::Type type;
};
class Packet_handler {
public:
Packet_handler()
: table_name(0)
{
}
virtual ~Packet_handler()
{
}
Table* create_table(const std::vector<int>& columns);
// for actual packet handlers to fill in
virtual void on_table_created(Table* table, const std::vector<int>& columns) = 0;
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample) = 0;
const char* table_name;
std::vector<Packet_column> packet_columns;
void add_packet_column(const char* name, const char* description, Coltype::Type type, int id);
};
void init_packet_handlers(bool escape_dnsnames);
void destroy_packet_handlers();
Packet_handler* get_packet_handler(std::string table_name);
} // namespace packetq
#endif // __packetq_packet_handler_h

346
src/packetq.cpp Normal file
View file

@ -0,0 +1,346 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "config.h"
#include "packet_handler.h"
#include "packetq.h"
#include "pcap.h"
#include "reader.h"
#include "server.h"
#include "sql.h"
#include <algorithm>
#include <list>
#include <stack>
#include <stdexcept>
#include <stdio.h>
#include <stdlib.h>
#include <string>
#ifndef WIN32
#include <getopt.h>
#include <signal.h>
#endif
#define NUM_QUERIES 32
namespace packetq {
static void usage(char* argv0, bool longversion)
{
if (!longversion) {
fprintf(stdout,
"usage: %s [-vhjctxd] [-s stmt] [-l pkts] [-p port] [-w dir] [-r dir] [-m num] <pcapfile ...>\n",
argv0);
return;
}
fprintf(stdout,
"usage: %s [options] pcapfile(s)...\n"
/* -o description .*/
" --select statements |\n"
" -s statement Set the SQL statement, can be given multiple times.\n"
" --limit packets |\n"
" -l packets Set maximum number of packets to process, from all\n"
" files and not per file.\n"
" --version | -v Display version and exit.\n"
" --help | -h Display this help.\n"
"\n"
"Output:\n"
" --json | -j JSON (default)\n"
" --csv | -c CSV\n"
" --table | -t Text table\n"
" --xml | -x XML\n"
" --rfc1035 Output DNS names escaped using RFC1035 format:\n"
" All characters outsize [a-zA-Z0-9_-] are escaped\n"
" like \\012. (Octet value in decimal.)\n"
"\n"
"Web Server:\n"
" --daemon | -d Run web server in daemon mode.\n"
" --port number |\n"
" -p number Set the port number to listen on.\n"
" --webroot dir |\n"
" -w dir Set the root directory for the web content.\n"
" --pcaproot dir |\n"
" -r dir Set the root for the PCAP files to make available.\n"
" --maxconn number |\n"
" -m number Set the maximum number of concurrent connections.\n"
"\n"
"example> packetq --csv -s \"select count(*) as mycount, protocol from dns group by protocol;\" myfile.pcap\n"
"\n"
"Packet fields (available in all tables):\n"
" id, s, us, ether_type, src_addr, src_port, dst_addr, dst_port, protocol,\n"
" ip_ttl, ip_version, fragments\n"
"\"dns\" table fields:\n"
" qname, aname, msg_id, msg_size, opcode, rcode, extended_rcode,\n"
" edns_version, z, udp_size, qd_count, an_count, ns_count, ar_count,\n"
" qtype, qclass, atype, aclass, attl, aa, tc, rd, cd, ra, ad, do, edns0, qr,\n"
" edns0_ecs, edns0_ecs_family, edns0_ecs_source, edns0_ecs_scope,\n"
" edns0_ecs_address\n"
"\"icmp\" table fields:\n"
" type, code, echo_identifier, echo_sequence, du_protocol, du_src_addr,\n"
" du_dst_addr, desc\n",
argv0);
}
#ifdef WIN32
// windows support is merely for development purposes atm
#define PACKAGE_STRING "packetq"
struct option {
char* s;
int args;
int b;
char c;
};
char* optarg = 0;
int optind = 1;
int getopt_long(int argc, char* argv[], const char* str, option* opt, int* option_index)
{
while (optind < argc) {
if (argv[optind][0] != '-')
return -1;
if (argv[optind][1] != '-') {
int i = 0;
while (opt[i].s != NULL) {
if (opt[i].c == argv[optind][1]) {
optarg = argv[optind + opt[i].args];
optind += 1 + opt[i].args;
return opt[i].c;
}
i++;
}
}
optind++;
}
return -1;
}
#endif
void sigproc(int sig)
{
// ignore sig pipe
signal(SIGPIPE, sigproc);
}
PacketQ* g_app = new PacketQ();
} // namespace packetq
using namespace packetq;
// The main funtion
int main(int argc, char* argv[])
{
signal(SIGPIPE, sigproc);
int port = 0;
int limit = 0;
int max_conn = 7;
bool daemon = false;
std::string webroot = "", pcaproot = "";
std::string queries[NUM_QUERIES] = {
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
};
int qcount = 0;
while (1) {
int option_index;
struct option long_options[] = {
{ "select", 1, 0, 's' },
{ "limit", 1, 0, 'l' },
{ "maxconn", 1, 0, 'm' },
{ "webroot", 1, 0, 'w' },
{ "pcaproot", 1, 0, 'r' },
{ "port", 1, 0, 'p' },
{ "daemon", 0, 0, 'd' },
{ "csv", 0, 0, 'c' },
{ "json", 0, 0, 'j' },
{ "table", 0, 0, 't' },
{ "xml", 0, 0, 'x' },
{ "rfc1035", 0, 0, 10000 },
{ "help", 0, 0, 'h' },
{ "version", 0, 0, 'v' },
{ NULL, 0, 0, 0 }
};
int c = getopt_long(argc, argv, "w:r:s:l:p:hHdvcxtjm:", long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 'v':
fprintf(stdout, "%s\n", PACKAGE_STRING);
exit(0);
case 's':
if (qcount < NUM_QUERIES) {
queries[qcount++] = optarg;
} else {
fprintf(stderr, "Warning: can't handle more than %d separate query strings; discarding '%s'\n", NUM_QUERIES, optarg);
}
break;
case 'c':
g_app->set_output(PacketQ::csv);
break;
case 't':
g_app->set_output(PacketQ::csv_format);
break;
case 'x':
g_app->set_output(PacketQ::xml);
break;
case 'j':
g_app->set_output(PacketQ::json);
break;
case 'd':
daemon = true;
break;
case 'w':
webroot = optarg;
break;
case 'r':
pcaproot = optarg;
break;
case 'm':
max_conn = atoi(optarg) + 1;
if (max_conn < 2)
max_conn = 2;
break;
case 'l':
limit = atoi(optarg);
break;
case 'p':
port = atoi(optarg);
break;
case 10000: // rfc1035
g_app->set_escape(true);
break;
default:
fprintf(stderr, "Unknown option: %c\n", c);
usage(argv[0], false);
return 1;
case 'h':
usage(argv[0], true);
return 1;
}
}
init_packet_handlers(g_app->get_escape()); // set up tables
g_app->set_limit(limit);
if (port > 0) {
start_server(port, daemon, pcaproot, webroot, max_conn);
}
if (optind >= argc) {
fprintf(stderr, "Missing input uri\n");
usage(argv[0], false);
return 1;
}
std::vector<std::string> in_files;
while (optind < argc) {
in_files.push_back(argv[optind]);
optind++;
}
Reader reader(in_files, g_app->get_limit());
if (g_app->get_output() == PacketQ::json) {
printf("[\n");
}
for (int i = 0; i < qcount; i++) {
char tablename[32];
snprintf(tablename, 32, "result-%d", i);
try {
Query query(tablename, queries[i].c_str());
query.parse();
query.execute(reader);
Table* result = query.m_result;
switch (g_app->get_output()) {
case (PacketQ::csv_format):
if (result)
result->csv(true);
break;
case (PacketQ::csv):
if (result)
result->csv();
break;
case (PacketQ::xml):
if (result)
result->xml();
break;
case (PacketQ::json):
if (result)
result->json(i < (qcount - 1));
break;
}
} catch (Error& e) {
printf("Error: %s\n", e.m_err.c_str());
fflush(stdout);
exit(1);
} catch (...) {
printf("Error: an unknown error has occured !\n");
fflush(stdout);
}
}
if (g_app->get_output() == PacketQ::json) {
printf("]\n");
}
delete g_app;
destroy_packet_handlers();
return 0;
}

70
src/packetq.h Normal file
View file

@ -0,0 +1,70 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_packetq_h
#define __packetq_packetq_h
#include "sql.h"
namespace packetq {
// App class
class PacketQ {
public:
enum OutputOpts {
json,
csv,
csv_format,
xml
};
PacketQ()
{
m_escape = false;
m_limit = 0;
m_output = json;
}
void set_escape(bool escape)
{
m_escape = escape;
}
void set_limit(int limit)
{
m_limit = limit;
}
void set_output(OutputOpts opt)
{
m_output = opt;
}
int get_escape() { return m_escape; }
OutputOpts get_output() { return m_output; }
int get_limit() { return m_limit; }
private:
bool m_escape;
int m_limit;
OutputOpts m_output;
};
extern PacketQ* g_app;
} // namespace packetq
#endif // __packetq_packetq_h

91
src/pcap.cpp Normal file
View file

@ -0,0 +1,91 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "pcap.h"
#include <stdio.h>
#include <stdlib.h>
namespace packetq {
bool Pcap_file::get_header()
{
// establish: byte order and file format
int res = get_int32();
if (res != 0xa1b2c3d4) {
res = flip32(res);
if (res != 0xa1b2c3d4) {
if (!m_gzipped) {
set_gzipped();
return get_header();
}
return false;
}
m_reverse_order = true;
}
// establish version
int major_version = get_int16();
int minor_version = get_int16();
if (major_version != 2 || minor_version != 4) {
printf("maj:%d min:%d\n", major_version, minor_version);
return false;
}
// check for 0 timezone offset and accuracy
if (!(get_int32() == 0)) {
printf("timezone offset != 0");
return false;
}
if (!(get_int32() == 0)) {
printf("timezone offset != 0");
return false;
}
m_snapshot_length = get_int32();
// check for ethernet packets
m_link_layer_type = get_int32();
if (m_link_layer_type != 1 && m_link_layer_type != 101 && m_link_layer_type != 113) {
fprintf(stderr, "PCAP file unsupported linklayer (%d)\n", m_link_layer_type);
return false;
}
return true;
}
unsigned char* Pcap_file::get_packet(int& len, int& s, int& us)
{
s = 0;
us = 0;
len = 0;
s = get_int32();
us = get_int32();
len = get_int32();
// skip past reallen
get_int32();
if (get_eof() || len < 0)
return 0;
unsigned char* buf = get_bytes(len);
return buf;
}
} // namespace packetq

209
src/pcap.h Normal file
View file

@ -0,0 +1,209 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_pcap_h
#define __packetq_pcap_h
#include <stdio.h>
#include <stdlib.h>
#include <zlib.h>
#include "segzip.h"
#include "sql.h"
namespace packetq {
class Pcap_file {
private:
Pcap_file& operator=(const Pcap_file& other);
Pcap_file(Pcap_file&& other) noexcept;
Pcap_file const& operator=(Pcap_file&& other);
public:
static const bool TAKE_OVER_FP = true;
Pcap_file(FILE* fp, bool take_over_fp = false)
{
m_fp_owned = take_over_fp;
m_fp = fp;
m_reverse_order = false;
m_packetbuffer = 0;
m_packetbuffer_len = 0;
m_eof = false;
m_snapshot_length = 0;
m_link_layer_type = 0;
m_gzipped = false;
}
~Pcap_file()
{
if (m_packetbuffer)
delete[] m_packetbuffer;
if (m_fp_owned)
fclose(m_fp);
}
bool get_header();
unsigned char* get_packet(int& len, int& s, int& us);
int get_int32()
{
int res = 0;
get_bytes((unsigned char*)&res, 4);
if (m_reverse_order) {
return flip32(res);
}
return res;
}
int get_int16()
{
short res = 0;
get_bytes((unsigned char*)&res, 2);
if (m_reverse_order) {
return flip16(res);
}
return res;
}
unsigned char* get_bytes(int count)
{
Buffer& buf = m_gzipped ? m_zipbuffer : m_filebuffer;
if (count < buf.m_buffer_len - buf.m_buffer_pos) {
unsigned char* ptr = &buf.m_buffer[buf.m_buffer_pos];
buf.m_buffer_pos += count;
return ptr;
}
unsigned char* bufp = get_pbuffer(count + 400);
int r = get_bytes(bufp, count);
if (r == count)
return bufp;
return 0;
}
int get_bytes(unsigned char* dst, int count)
{
Buffer& buf = m_gzipped ? m_zipbuffer : m_filebuffer;
if (count == 0)
return 0;
int bytes = 0;
while (count > 0) {
if (buf.m_buffer_len == buf.m_buffer_pos) {
buffread();
if (buf.m_buffer_len == 0) {
m_eof = true;
return bytes;
}
}
int n = (buf.m_buffer_len - buf.m_buffer_pos) > count ? count : buf.m_buffer_len - buf.m_buffer_pos;
for (int i = 0; i < n; i++) {
*dst++ = buf.m_buffer[buf.m_buffer_pos++];
}
bytes += n;
count -= n;
}
return bytes;
}
void buffread()
{
if (!m_fp)
throw Error("No file");
Buffer& buf = m_filebuffer;
if (buf.m_buffer_len == buf.m_buffer_pos) {
buf.m_buffer_len = (int)fread(buf.m_buffer, 1, buf.m_nextread, m_fp);
buf.m_buffer_pos = 0;
buf.m_nextread = sizeof(buf.m_buffer);
}
if (m_gzipped) {
if (m_zip.m_error || buf.m_buffer_len == buf.m_buffer_pos) {
m_zipbuffer.m_buffer_pos = m_zipbuffer.m_buffer_len = 0;
return;
}
if (m_zipbuffer.m_buffer_len == m_zipbuffer.m_buffer_pos)
m_zip.inflate(m_filebuffer, m_zipbuffer);
}
}
void set_gzipped()
{
m_gzipped = true;
m_filebuffer.m_buffer_pos = 0;
}
int flip16(unsigned short i)
{
unsigned int r = i & 0xff;
r <<= 8;
i >>= 8;
r |= i & 0xff;
return int(r);
}
int flip32(unsigned int i)
{
unsigned int r = i & 0xff;
r <<= 8;
i >>= 8;
r |= i & 0xff;
r <<= 8;
i >>= 8;
r |= i & 0xff;
r <<= 8;
i >>= 8;
r |= i & 0xff;
return int(r);
}
unsigned char* get_pbuffer(int len)
{
if (!m_packetbuffer || len >= m_packetbuffer_len) {
if (m_packetbuffer) {
delete[] m_packetbuffer;
m_packetbuffer = 0;
}
m_packetbuffer_len = len + 4096;
m_packetbuffer = new (std::nothrow) unsigned char[m_packetbuffer_len];
if (!m_packetbuffer)
m_packetbuffer_len = 0;
}
return m_packetbuffer;
}
bool get_eof() { return m_eof; }
int get_link_layer_type() { return m_link_layer_type; }
private:
int m_snapshot_length;
int m_link_layer_type;
bool m_reverse_order;
bool m_eof;
bool m_gzipped;
FILE* m_fp;
bool m_fp_owned;
unsigned char* m_packetbuffer;
int m_packetbuffer_len;
Buffer m_filebuffer;
Buffer m_zipbuffer;
Zip m_zip;
};
} // namespace packetq
#endif // __packetq_pcap_h

84
src/reader.cpp Normal file
View file

@ -0,0 +1,84 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "reader.h"
#include "packet_handler.h"
namespace packetq {
void Reader::seek_to_start()
{
currently_reading = filenames.begin();
pcap.reset();
packets_read = 0;
}
bool Reader::done()
{
return (!pcap && currently_reading == filenames.end()) || (max_packets > 0 && packets_read >= max_packets);
}
bool Reader::read_next(Packet_handler* handler, const std::vector<int>& columns, Row& destination_row, int skip_packets)
{
bool filled_in_row = false;
while (!filled_in_row and !done()) {
// try opening pcap file
if (!pcap && currently_reading != filenames.end()) {
FILE* fp = fopen(currently_reading->c_str(), "rb");
if (fp) {
pcap.reset(new Pcap_file(fp, Pcap_file::TAKE_OVER_FP));
if (!pcap->get_header())
pcap.reset();
}
if (!pcap)
++currently_reading;
}
// try reading a row
if (pcap) {
int len, s, us;
unsigned char* data = pcap->get_packet(len, s, us);
bool read_success = len && data;
++packets_read; // we count all packets
if (read_success) {
Packet packet(data, len, s, us, packets_read, pcap->get_link_layer_type());
Packet::ParseResult res = packet.parse(handler, columns, destination_row, skip_packets == 0);
if (res == Packet::NOT_SAMPLED)
--skip_packets;
filled_in_row = res == Packet::OK;
} else {
// last row in file
pcap.reset();
if (currently_reading != filenames.end())
++currently_reading;
}
}
}
return filled_in_row;
}
} // namespace packetq

62
src/reader.h Normal file
View file

@ -0,0 +1,62 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_reader_h
#define __packetq_reader_h
#include <memory>
#include <stdio.h>
#include <vector>
#include "pcap.h"
#include "sql.h"
namespace packetq {
class Packet_handler;
// reading packet rows out of a list of files
class Reader {
public:
Reader(std::vector<std::string> filenames, int max_packets)
: packets_read(0)
{
this->filenames = filenames;
this->currently_reading = filenames.end();
this->max_packets = max_packets;
}
void seek_to_start();
bool done();
bool read_next(Packet_handler* handler, const std::vector<int>& columns, Row& destination_row, int skip_packets);
private:
std::vector<std::string>::iterator currently_reading;
std::vector<std::string> filenames;
int max_packets, packets_read;
std::unique_ptr<Pcap_file> pcap;
};
} // namespace packetq
#endif // __packetq_reader_h

122
src/refcountstring.h Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_refcountstring_h
#define __packetq_refcountstring_h
#include <cstdlib>
#include <cstring>
// A simple reference-counted C string, intended to be used through a pointer
// as RefCountString * with manual management of the reference count in order
// to stay a POD (for use in unions). For the same reason, constructors are
// static. The wrapper RefCountStringHandle can be used where automatic
// reference handling is possible.
struct RefCountString {
// data
int count;
char data[];
// implementation
void inc_refcount()
{
count += 1;
}
void dec_refcount()
{
count -= 1;
if (count == 0)
std::free(this);
}
static RefCountString* allocate(int data_length)
{
void* chunk = std::calloc(1, sizeof(RefCountString) + data_length);
if (!chunk)
throw std::bad_alloc();
RefCountString* new_str = static_cast<RefCountString*>(chunk);
new_str->count = 1;
return new_str;
}
static RefCountString* construct(const char* c_string)
{
std::size_t length = std::strlen(c_string);
RefCountString* str = RefCountString::allocate(length + 1);
std::memcpy(str->data, c_string, length + 1);
return str;
}
static RefCountString* construct(const char* data, int from, int to)
{
int length = to - from;
if (length < 0)
length = 0;
RefCountString* str = RefCountString::allocate(length + 1);
std::memcpy(str->data, data + from, length);
str->data[length - 1 + 1] = '\0';
return str;
}
};
class RefCountStringHandle {
private:
RefCountStringHandle& operator=(const RefCountStringHandle& other);
RefCountStringHandle(RefCountStringHandle&& other) noexcept;
RefCountStringHandle const& operator=(RefCountStringHandle&& other);
public:
RefCountStringHandle()
{
value = 0;
}
RefCountStringHandle(RefCountString* str)
{
value = str;
}
~RefCountStringHandle()
{
if (value)
value->dec_refcount();
}
RefCountString* operator*()
{
return value;
}
void set(RefCountString* str)
{
if (value != str) {
if (value)
value->dec_refcount();
value = str;
}
}
RefCountString* value;
};
#endif // __packetq_refcountstring_h

92
src/regression-test.sh Executable file
View file

@ -0,0 +1,92 @@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
set -e
# Simple regression-testing tool that exercises all operators of the
# SQL evaluator and outputs the results.
#
# Usage: regression-test.sh pcap-dump-file
#
# If the script finds a binary called packetq-before, it will execute
# the query on that too and compare the results with diff. So copy the
# packetq binary to packetq-before before you make a change to see the
# effect on the output.
#set -e
DIR=/tmp/test/packetq
mkdir -p $DIR
typeset -i test
test=0
cd $(dirname $0)
for SQL in \
"select qname as CertainQnames, qtype as Qtype, count(1) as count from dns where (qname='localhost' or qname like '%.root-servers.net') and qr==0 group by CertainQnames,Qtype order by count desc ;" \
'select qtype as Qtype, qname as Qname, count(1) as count from dns where qclass==3 and qr==0 group by Qtype,Qname order by count desc ;' \
'select rcode as Rcode, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==1 group by Rcode,ClientAddr order by count desc limit 50;' \
"select 'ALL' as All, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by All,ClientSubnet order by count,ClientSubnet desc limit 200;;" \
"select 'ALL' as All, subnet(src_addr,24,96) as ClientSubnet, count(1) as count from dns where qr==0 group by All,ClientSubnet order by count desc,ClientSubnet limit 200;;" \
"select if(rsplit(qname,1)='de','ok','non-auth-tld') as Class, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by Class,ClientSubnet order by count,ClientSubnet,Class desc limit 200;;" \
"select if(qr==1,'sent','recv') as Direction, if(protocol==6,'tcp',if(protocol==17,'udp',if(protocol==1,'icmp',if(protocol==58,'ipv6-icmp',protocol)))) as IPProto, count(1) as count from dns group by Direction,IPProto order by count,Direction desc ;" \
"select if(ether_type==34525,'IPv6','IPv4') as IPVersion, qtype as Qtype, count(1) as count from dns where qr==0 group by IPVersion,Qtype order by count desc ;" \
"select 'ALL' as All, do, edns0, edns_version, extended_rcode, z, if(do==1,'set','clr') as D0, count(1) as count from dns where qr==0 group by All,do,D0,edns0,edns_version,extended_rcode,z order by count desc ;" \
"select 'ALL' as All, if(edns0,edns_version,'none') as EDNSVersion, count(1) as count from dns where qr==0 group by All,EDNSVersion order by count desc ;" \
"select 'ALL' as All, if(qname like 'xn--%','idn','normal') as IDNQname, count(1) as count from dns where qr==0 group by All,IDNQname order by count desc ;" \
"select 'ALL' as All, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qname like 'xn--%') group by All,TLD order by count,TLD desc ;" \
"select 'ALL' as All, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==0 and (qtype=28 or qtype=38) and (qname like '%.root-servers.net') group by All,ClientAddr order by count desc limit 50;;" \
"select 'ALL' as All, opcode as Opcode, count(1) as count from dns where qr==0 group by All,Opcode order by count desc ;" \
"select 'ALL' as All, qtype as Qtype, count(1) as count from dns where qr==0 group by All,Qtype order by count desc ;" \
'select qtype as Qtype, len(qname) as QnameLen, count(1) as count from dns where qr==0 group by Qtype,QnameLen order by count,QnameLen,Qtype desc ;' \
'select qtype as Qtype, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qtype=1 or qtype=2 or qtype=5 or qtype=6 or qtype=12 or qtype=15 or qtype=28 or qtype=38 or qtype=255) group by Qtype,TLD order by count,TLD,Qtype desc limit 200;;' \
"select 'ALL' as All, rcode as Rcode, count(1) as count from dns where qr==1 group by All,Rcode order by count desc ;" \
'select rcode as Rcode, msg_size as ReplyLen, count(1) as count from dns where qr==1 group by Rcode,ReplyLen order by count desc ;' \
"select 'ALL' as All, rd as RD, count(1) as count from dns where qr==0 group by All,RD order by count desc ;" \
"select if(protocol==6,'tcp',if(protocol==17,'udp',protocol)) as Transport, qtype as Qtype, count(1) as count from dns where qr==0 group by Transport,Qtype order by Transport,Qtype,count desc ;" \
"select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, dst_addr, lower_src, integer, float" \
"select name( 'qtype' , qtype ) as qt, count(*) as count from dns group by qtype order by count desc;"\
"select count(*) as count, lower(rsplit(qname,1)) as tld, istld(tld) as flag from dns group by tld order by count desc limit 50;" \
;
do
test=$test+1
new=$(./packetq --version | tr " " "_")
echo ""
if [ ${#SQL} -gt 200 ]; then ellipsis="..."; else ellipsis=""; fi
echo "Test $test: '${SQL:0:200}$ellipsis'"
t_new=$(/usr/bin/time -f "%e" ./packetq --tlds /usr/share/packetq/tlds -s "$SQL" $1 2>&1 > $DIR/$new.test$test.result)
e_new=$?
echo " Comparing $new against available binaries:"
for prev in $(ls ../../packetq*/src/packetq); do
old=$($prev --version | cut -d " " -f 2)
ver=$(printf "%-20s" $old)
bin=$(printf "%-48s" $prev)
t_old=$(/usr/bin/time -f "%e" $prev -s "$SQL" $1 2>&1 > $DIR/$old.test$test.result)
e_old=$?
if [ $e_new = 0 -a $e_old = 0 -a "$t_old" != "0.00" ]; then
echo -e " $bin $ver: $t_old --> $t_new ($(python -c "print '%5.2f %d%%' % ($t_new - $t_old, ($t_new-$t_old)*100/$t_old)"))"
else
echo -e " $bin $ver: $t_old --> $t_new ($ver Failed)"
fi
diff -u $DIR/$old.test$test.result $DIR/$new.test$test.result > $DIR/$new.test$test.diff
if [ $? = 0 ]; then
#echo "Test $test: No changes in output"
true
else
head -n 20 $DIR/$new.test$test.diff
fi
done
done

121
src/segzip.h Normal file
View file

@ -0,0 +1,121 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_segzip_h
#define __packetq_segzip_h
#include <stdio.h>
#include <stdlib.h>
#include <zlib.h>
namespace packetq {
class Buffer {
public:
Buffer()
{
m_buffer_len = 0;
m_buffer_pos = 0;
m_nextread = 1024;
}
int size() { return sizeof(m_buffer); }
unsigned char m_buffer[0x40000];
int m_nextread;
int m_buffer_len;
int m_buffer_pos;
};
class Zip {
private:
Zip& operator=(const Zip& other);
Zip(Zip&& other) noexcept;
Zip const& operator=(Zip&& other);
public:
Zip()
: m_stream()
{
m_init = true;
m_error = false;
m_run_end = false;
m_stream.next_out = 0;
m_stream.avail_out = 0;
}
~Zip()
{
if (m_run_end)
::inflateEnd(&m_stream);
}
bool inflate(Buffer& in, Buffer& out)
{
if (m_error) {
in.m_buffer_pos = in.m_buffer_len;
out.m_buffer_len = 0;
return false;
}
out.m_buffer_pos = 0;
out.m_buffer_len = sizeof(out.m_buffer);
m_stream.next_out = &out.m_buffer[out.m_buffer_pos];
m_stream.avail_out = out.m_buffer_len - out.m_buffer_pos;
if (m_init) {
m_stream.next_in = 0;
m_stream.avail_in = 0;
m_stream.zalloc = 0;
m_stream.zfree = 0;
m_stream.opaque = 0;
m_init = false;
if (inflateInit2(&m_stream, 15 + 32) != Z_OK) {
m_error = true;
out.m_buffer_len = 0;
in.m_buffer_pos = in.m_buffer_len;
return false;
}
}
m_stream.next_in = &in.m_buffer[in.m_buffer_pos];
m_stream.avail_in = in.m_buffer_len - in.m_buffer_pos;
int ret = ::inflate(&m_stream, Z_NO_FLUSH);
if (ret != Z_OK)
::inflateEnd(&m_stream);
else
m_run_end = true;
if (ret != Z_OK && ret != Z_STREAM_END) {
m_error = true;
out.m_buffer_len = 0;
in.m_buffer_pos = in.m_buffer_len = 0;
return false;
}
in.m_buffer_pos = in.m_buffer_len - m_stream.avail_in;
out.m_buffer_len = sizeof(out.m_buffer) - m_stream.avail_out;
out.m_buffer_pos = 0;
return true;
}
bool m_init;
bool m_run_end;
bool m_error;
z_stream m_stream;
};
} // namespace packetq
#endif // __packetq_segzip_h

1183
src/server.cpp Normal file
View file

File diff suppressed because it is too large Load diff

31
src/server.h Normal file
View file

@ -0,0 +1,31 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_server_h
#define __packetq_server_h
namespace packetq {
void start_server(int port, bool fork, const std::string& pcaproot, const std::string& webroot, int max_conn);
} // namespace packetq
#endif // __packetq_server_h

2696
src/sql.cpp Normal file
View file

File diff suppressed because it is too large Load diff

1938
src/sql.h Normal file
View file

File diff suppressed because it is too large Load diff

268
src/tcp.cpp Normal file
View file

@ -0,0 +1,268 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#include "tcp.h"
#include "packet_handler.h"
#include <cstring>
#include <list>
#include <map>
#include <stdlib.h>
namespace packetq {
/// TCP Stream id class - serves as the key in the streams map
class Stream_id {
public:
/// constructor
Stream_id(in6addr_t& src_ip,
in6addr_t& dst_ip,
unsigned short src_port,
unsigned short dst_port)
{
m_src_ip = src_ip;
m_dst_ip = dst_ip;
m_src_port = src_port;
m_dst_port = dst_port;
}
/// < comparison operator for the std::map
bool operator<(const Stream_id& rhs) const
{
return memcmp(this, &rhs, sizeof(*this)) < 0;
}
private:
in6addr_t m_src_ip, m_dst_ip;
unsigned short m_src_port, m_dst_port;
};
/// TCP data segment container
/** Data_segment contains the data found in a single tcp packet
* Data_segment are inerted into a list in the Stream class
*/
class Data_segment {
private:
Data_segment& operator=(const Data_segment& other);
Data_segment(Data_segment&& other) noexcept;
Data_segment const& operator=(Data_segment&& other);
public:
/// Constructor taking a memory block with packet content
Data_segment(unsigned char* data, unsigned int len)
{
m_datasize = len;
m_data = new unsigned char[m_datasize];
for (unsigned int i = 0; i < m_datasize; i++) {
m_data[i] = data[i];
}
}
Data_segment(const Data_segment& other)
{
m_datasize = other.m_datasize;
m_data = new unsigned char[m_datasize];
for (unsigned int i = 0; i < m_datasize; i++) {
m_data[i] = other.m_data[i];
}
}
/// Destructor
~Data_segment()
{
delete[] m_data;
}
/// size of the data
unsigned int m_datasize;
/// pointer to the data
unsigned char* m_data;
};
int g_count = 0;
/// TCP Stream class
/** The Stream class has an Stream_id and a list of Data_segemnts that make up
* a tcp data stream.
* The Streams are organized into a global map ( g_tcp_streams ) indexed by a Stream_id
*/
class Stream {
public:
/// Constructor
Stream()
{
m_ser = g_count++;
m_content = false;
m_nseq = false;
m_seq = 0;
}
~Stream()
{
m_segments.clear();
}
/// add a datasegment to the stream
/** If the segment has the expected sequence number
* the segment will be added to the list
*/
void add(bool syn, unsigned int seq, Data_segment& s)
{
m_content = true;
if (!m_segments.size() || syn)
m_seq = seq;
if (m_seq == seq) {
m_content = true;
if ((s.m_datasize > 0 && s.m_datasize <= 65535)) {
m_segments.push_back(s);
m_seq = seq + s.m_datasize;
}
}
}
/// checka if there's any content in the stream
bool has_content()
{
return m_content;
}
/// Erase (and free) all segments and reset state
void erase()
{
m_content = false;
m_nseq = false;
m_segments.clear();
}
/// return the streams data size
int get_size()
{
int size = 0;
for (auto it = m_segments.begin();
it != m_segments.end(); it++) {
size += it->m_datasize;
}
return size;
}
/// debug functionality to dump a streams content
void dump()
{
int start = 2;
for (auto it = m_segments.begin();
it != m_segments.end(); it++) {
for (unsigned int i = start; i < it->m_datasize; i++) {
printf("%02x", it->m_data[i]);
}
start = 0;
}
printf("\n");
}
/// returns the data in the stream
/** The returned data is located in a static buffer shared by all streams
* the data is valid until the next call to get_buffer()
*/
unsigned char* get_buffer()
{
int p = 0;
for (auto it = m_segments.begin();
it != m_segments.end(); it++) {
for (unsigned int i = 0; i < it->m_datasize; i++) {
m_buffer[p++] = it->m_data[i];
if (p >= 0xffff)
return m_buffer;
}
}
return m_buffer;
}
private:
unsigned int m_seq;
int m_ser;
bool m_content;
bool m_nseq;
std::list<Data_segment> m_segments;
static unsigned char m_buffer[0x10000];
};
unsigned char Stream::m_buffer[0x10000];
std::map<Stream_id, Stream> g_tcp_streams;
/// assemble_tcp builds datastreams out of tcp packets
/** TCP packets are inserted into streams. When the streams are closed
* the contained data is returned as a pointer the data
* it is up to the caller to free() the memory returned.
*/
unsigned char*
assemble_tcp(
Payload& payload,
in6addr_t* src_ip,
in6addr_t* dst_ip,
unsigned short src_port,
unsigned short dst_port,
unsigned int* rest,
unsigned int seq,
unsigned char* data,
int len,
char syn,
char fin,
char rst,
char ack)
{
Stream_id id(*src_ip, *dst_ip, src_port, dst_port);
Stream& str = g_tcp_streams[id];
bool data_avail = false;
if (!str.has_content()) {
Data_segment seg(data, len);
str.add(syn, seq, seg);
} else {
if (rst == 1) {
str.erase();
} else if (syn == 1) {
str.erase();
Data_segment seg(data, len);
str.add(syn, seq, seg);
} else {
Data_segment seg(data, len);
str.add(syn, seq, seg);
}
}
data = 0;
if (str.has_content()) {
int size = str.get_size();
if (size < 2) {
// need at least dnslen
return 0;
}
unsigned char* buffer = str.get_buffer();
int dns_size = (int(buffer[0]) << 8) | buffer[1];
data_avail = (fin == 1) && (rst == 0);
if (data_avail || dns_size + 2 == size) {
*rest = size;
if (*rest > 0xffff)
*rest = 0xffff;
data = (unsigned char*)payload.alloc(*rest);
memcpy(data, buffer, *rest);
str.erase();
g_tcp_streams.erase(id);
}
}
return data;
}
} // namespace packetq

62
src/tcp.h Normal file
View file

@ -0,0 +1,62 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_tcp_h
#define __packetq_tcp_h
#include <stdio.h>
#include <stdint.h>
namespace packetq {
struct _in6_addr {
union {
uint8_t __u6_addr8[16];
uint16_t __u6_addr16[8];
uint32_t __u6_addr32[4];
} __in6_u; /* 128-bit IP6 address */
};
typedef struct _in6_addr in6addr_t;
class Payload;
/** Assembles tcp packets into streams and returns data
when 'fin' has been recieved
*/
unsigned char* assemble_tcp(
Payload& payload,
in6addr_t* src_ip,
in6addr_t* dst_ip,
unsigned short src_port,
unsigned short dst_port,
unsigned int* rest,
unsigned int seq,
unsigned char* data,
int len,
char syn,
char fin,
char rst,
char ack);
} // namespace packetq
#endif // __packetq_tcp_h

32
src/test/Makefile.am Normal file
View file

@ -0,0 +1,32 @@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = test*.log test*.trs \
test1.out test2.out test3.out test4.out test5.out test6.out test7.out \
test8.out
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh test6.sh test7.sh \
test8.sh
EXTRA_DIST = $(TESTS) \
test1.gold test2.gold test3.gold test4.gold test5.gold test6.gold \
test7.gold sql.txt test8.gold \
dns.pcap dns6.pcap

885
src/test/Makefile.in Normal file
View file

@ -0,0 +1,885 @@
# Makefile.in generated by automake 1.16.5 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
VPATH = @srcdir@
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
*) echo "am__make_running_with_option: internal error: invalid" \
"target option '$${target_option-}' specified" >&2; \
exit 1;; \
esac; \
has_opt=no; \
sane_makeflags=$$MAKEFLAGS; \
if $(am__is_gnu_make); then \
sane_makeflags=$$MFLAGS; \
else \
case $$MAKEFLAGS in \
*\\[\ \ ]*) \
bs=\\; \
sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
| sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
esac; \
fi; \
skip_next=no; \
strip_trailopt () \
{ \
flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
}; \
for flg in $$sane_makeflags; do \
test $$skip_next = yes && { skip_next=no; continue; }; \
case $$flg in \
*=*|--*) continue;; \
-*I) strip_trailopt 'I'; skip_next=yes;; \
-*I?*) strip_trailopt 'I';; \
-*O) strip_trailopt 'O'; skip_next=yes;; \
-*O?*) strip_trailopt 'O';; \
-*l) strip_trailopt 'l'; skip_next=yes;; \
-*l?*) strip_trailopt 'l';; \
-[dEDm]) skip_next=yes;; \
-[JT]) skip_next=yes;; \
esac; \
case $$flg in \
*$$target_option*) has_opt=yes; break;; \
esac; \
done; \
test $$has_opt = yes
am__make_dryrun = (target_option=n; $(am__make_running_with_option))
am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
pkgdatadir = $(datadir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkglibexecdir = $(libexecdir)/@PACKAGE@
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = src/test
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_compiler_vendor.m4 \
$(top_srcdir)/m4/ax_prepend_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/src/config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
am__v_P_1 = :
AM_V_GEN = $(am__v_GEN_@AM_V@)
am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
am__v_GEN_0 = @echo " GEN " $@;
am__v_GEN_1 =
AM_V_at = $(am__v_at_@AM_V@)
am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
am__v_at_0 = @
am__v_at_1 =
SOURCES =
DIST_SOURCES =
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
*) (install-info --version) >/dev/null 2>&1;; \
esac
am__extra_recursive_targets = gcov-recursive
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
am__tty_colors_dummy = \
mgn= red= grn= lgn= blu= brg= std=; \
am__color_tests=no
am__tty_colors = { \
$(am__tty_colors_dummy); \
if test "X$(AM_COLOR_TESTS)" = Xno; then \
am__color_tests=no; \
elif test "X$(AM_COLOR_TESTS)" = Xalways; then \
am__color_tests=yes; \
elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \
am__color_tests=yes; \
fi; \
if test $$am__color_tests = yes; then \
red=''; \
grn=''; \
lgn=''; \
blu=''; \
mgn=''; \
brg=''; \
std=''; \
fi; \
}
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
*) f=$$p;; \
esac;
am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
am__install_max = 40
am__nobase_strip_setup = \
srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
am__nobase_strip = \
for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
am__nobase_list = $(am__nobase_strip_setup); \
for p in $$list; do echo "$$p $$p"; done | \
sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
$(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
if (++n[$$2] == $(am__install_max)) \
{ print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
END { for (dir in files) print dir, files[dir] }'
am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__uninstall_files_from_dir = { \
test -z "$$files" \
|| { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
|| { echo " ( cd '$$dir' && rm -f" $$files ")"; \
$(am__cd) "$$dir" && rm -f $$files; }; \
}
am__recheck_rx = ^[ ]*:recheck:[ ]*
am__global_test_result_rx = ^[ ]*:global-test-result:[ ]*
am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]*
# A command that, given a newline-separated list of test names on the
# standard input, print the name of the tests that are to be re-run
# upon "make recheck".
am__list_recheck_tests = $(AWK) '{ \
recheck = 1; \
while ((rc = (getline line < ($$0 ".trs"))) != 0) \
{ \
if (rc < 0) \
{ \
if ((getline line2 < ($$0 ".log")) < 0) \
recheck = 0; \
break; \
} \
else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \
{ \
recheck = 0; \
break; \
} \
else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \
{ \
break; \
} \
}; \
if (recheck) \
print $$0; \
close ($$0 ".trs"); \
close ($$0 ".log"); \
}'
# A command that, given a newline-separated list of test names on the
# standard input, create the global log from their .trs and .log files.
am__create_global_log = $(AWK) ' \
function fatal(msg) \
{ \
print "fatal: making $@: " msg | "cat >&2"; \
exit 1; \
} \
function rst_section(header) \
{ \
print header; \
len = length(header); \
for (i = 1; i <= len; i = i + 1) \
printf "="; \
printf "\n\n"; \
} \
{ \
copy_in_global_log = 1; \
global_test_result = "RUN"; \
while ((rc = (getline line < ($$0 ".trs"))) != 0) \
{ \
if (rc < 0) \
fatal("failed to read from " $$0 ".trs"); \
if (line ~ /$(am__global_test_result_rx)/) \
{ \
sub("$(am__global_test_result_rx)", "", line); \
sub("[ ]*$$", "", line); \
global_test_result = line; \
} \
else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \
copy_in_global_log = 0; \
}; \
if (copy_in_global_log) \
{ \
rst_section(global_test_result ": " $$0); \
while ((rc = (getline line < ($$0 ".log"))) != 0) \
{ \
if (rc < 0) \
fatal("failed to read from " $$0 ".log"); \
print line; \
}; \
printf "\n"; \
}; \
close ($$0 ".trs"); \
close ($$0 ".log"); \
}'
# Restructured Text title.
am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; }
# Solaris 10 'make', and several other traditional 'make' implementations,
# pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it
# by disabling -e (using the XSI extension "set +e") if it's set.
am__sh_e_setup = case $$- in *e*) set +e;; esac
# Default flags passed to test drivers.
am__common_driver_flags = \
--color-tests "$$am__color_tests" \
--enable-hard-errors "$$am__enable_hard_errors" \
--expect-failure "$$am__expect_failure"
# To be inserted before the command running the test. Creates the
# directory for the log if needed. Stores in $dir the directory
# containing $f, in $tst the test, in $log the log. Executes the
# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and
# passes TESTS_ENVIRONMENT. Set up options for the wrapper that
# will run the test scripts (or their associated LOG_COMPILER, if
# thy have one).
am__check_pre = \
$(am__sh_e_setup); \
$(am__vpath_adj_setup) $(am__vpath_adj) \
$(am__tty_colors); \
srcdir=$(srcdir); export srcdir; \
case "$@" in \
*/*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \
*) am__odir=.;; \
esac; \
test "x$$am__odir" = x"." || test -d "$$am__odir" \
|| $(MKDIR_P) "$$am__odir" || exit $$?; \
if test -f "./$$f"; then dir=./; \
elif test -f "$$f"; then dir=; \
else dir="$(srcdir)/"; fi; \
tst=$$dir$$f; log='$@'; \
if test -n '$(DISABLE_HARD_ERRORS)'; then \
am__enable_hard_errors=no; \
else \
am__enable_hard_errors=yes; \
fi; \
case " $(XFAIL_TESTS) " in \
*[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \
am__expect_failure=yes;; \
*) \
am__expect_failure=no;; \
esac; \
$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT)
# A shell command to get the names of the tests scripts with any registered
# extension removed (i.e., equivalently, the names of the test logs, with
# the '.log' extension removed). The result is saved in the shell variable
# '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly,
# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)",
# since that might cause problem with VPATH rewrites for suffix-less tests.
# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'.
am__set_TESTS_bases = \
bases='$(TEST_LOGS)'; \
bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
bases=`echo $$bases`
AM_TESTSUITE_SUMMARY_HEADER = ' for $(PACKAGE_STRING)'
RECHECK_LOGS = $(TEST_LOGS)
AM_RECURSIVE_TARGETS = check recheck
TEST_SUITE_LOG = test-suite.log
TEST_EXTENSIONS = @EXEEXT@ .test
LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS)
am__set_b = \
case '$@' in \
*/*) \
case '$*' in \
*/*) b='$*';; \
*) b=`echo '$@' | sed 's/\.log$$//'`; \
esac;; \
*) \
b='$*';; \
esac
am__test_logs1 = $(TESTS:=.log)
am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log)
TEST_LOGS = $(am__test_logs2:.test.log=.log)
TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
$(TEST_LOG_FLAGS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/test-driver
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPPFLAGS = @CPPFLAGS@
CSCOPE = @CSCOPE@
CTAGS = @CTAGS@
CXX = @CXX@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
ETAGS = @ETAGS@
EXEEXT = @EXEEXT@
GREP = @GREP@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
abs_top_srcdir = @abs_top_srcdir@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
builddir = @builddir@
datadir = @datadir@
datarootdir = @datarootdir@
docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
libmaxminddb_CFLAGS = @libmaxminddb_CFLAGS@
libmaxminddb_LIBS = @libmaxminddb_LIBS@
localedir = @localedir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
MAINTAINERCLEANFILES = $(srcdir)/Makefile.in
CLEANFILES = test*.log test*.trs \
test1.out test2.out test3.out test4.out test5.out test6.out test7.out \
test8.out
TESTS = test1.sh test2.sh test3.sh test4.sh test5.sh test6.sh test7.sh \
test8.sh
EXTRA_DIST = $(TESTS) \
test1.gold test2.gold test3.gold test4.gold test5.gold test6.gold \
test7.gold sql.txt test8.gold \
dns.pcap dns6.pcap
all: all-am
.SUFFIXES:
.SUFFIXES: .log .test .test$(EXEEXT) .trs
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
&& { if test -f $@; then exit 0; else break; fi; }; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/test/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --foreign src/test/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
gcov-local:
tags TAGS:
ctags CTAGS:
cscope cscopelist:
# Recover from deleted '.trs' file; this should ensure that
# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create
# both 'foo.log' and 'foo.trs'. Break the recipe in two subshells
# to avoid problems with "make -n".
.log.trs:
rm -f $< $@
$(MAKE) $(AM_MAKEFLAGS) $<
# Leading 'am--fnord' is there to ensure the list of targets does not
# expand to empty, as could happen e.g. with make check TESTS=''.
am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck)
am--force-recheck:
@:
$(TEST_SUITE_LOG): $(TEST_LOGS)
@$(am__set_TESTS_bases); \
am__f_ok () { test -f "$$1" && test -r "$$1"; }; \
redo_bases=`for i in $$bases; do \
am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \
done`; \
if test -n "$$redo_bases"; then \
redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \
redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \
if $(am__make_dryrun); then :; else \
rm -f $$redo_logs && rm -f $$redo_results || exit 1; \
fi; \
fi; \
if test -n "$$am__remaking_logs"; then \
echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \
"recursion detected" >&2; \
elif test -n "$$redo_logs"; then \
am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \
fi; \
if $(am__make_dryrun); then :; else \
st=0; \
errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \
for i in $$redo_bases; do \
test -f $$i.trs && test -r $$i.trs \
|| { echo "$$errmsg $$i.trs" >&2; st=1; }; \
test -f $$i.log && test -r $$i.log \
|| { echo "$$errmsg $$i.log" >&2; st=1; }; \
done; \
test $$st -eq 0 || exit 1; \
fi
@$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \
ws='[ ]'; \
results=`for b in $$bases; do echo $$b.trs; done`; \
test -n "$$results" || results=/dev/null; \
all=` grep "^$$ws*:test-result:" $$results | wc -l`; \
pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \
fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \
skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \
xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \
xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \
error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \
if test `expr $$fail + $$xpass + $$error` -eq 0; then \
success=true; \
else \
success=false; \
fi; \
br='==================='; br=$$br$$br$$br$$br; \
result_count () \
{ \
if test x"$$1" = x"--maybe-color"; then \
maybe_colorize=yes; \
elif test x"$$1" = x"--no-color"; then \
maybe_colorize=no; \
else \
echo "$@: invalid 'result_count' usage" >&2; exit 4; \
fi; \
shift; \
desc=$$1 count=$$2; \
if test $$maybe_colorize = yes && test $$count -gt 0; then \
color_start=$$3 color_end=$$std; \
else \
color_start= color_end=; \
fi; \
echo "$${color_start}# $$desc $$count$${color_end}"; \
}; \
create_testsuite_report () \
{ \
result_count $$1 "TOTAL:" $$all "$$brg"; \
result_count $$1 "PASS: " $$pass "$$grn"; \
result_count $$1 "SKIP: " $$skip "$$blu"; \
result_count $$1 "XFAIL:" $$xfail "$$lgn"; \
result_count $$1 "FAIL: " $$fail "$$red"; \
result_count $$1 "XPASS:" $$xpass "$$red"; \
result_count $$1 "ERROR:" $$error "$$mgn"; \
}; \
{ \
echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \
$(am__rst_title); \
create_testsuite_report --no-color; \
echo; \
echo ".. contents:: :depth: 2"; \
echo; \
for b in $$bases; do echo $$b; done \
| $(am__create_global_log); \
} >$(TEST_SUITE_LOG).tmp || exit 1; \
mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \
if $$success; then \
col="$$grn"; \
else \
col="$$red"; \
test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
fi; \
echo "$${col}$$br$${std}"; \
echo "$${col}Testsuite summary"$(AM_TESTSUITE_SUMMARY_HEADER)"$${std}"; \
echo "$${col}$$br$${std}"; \
create_testsuite_report --maybe-color; \
echo "$$col$$br$$std"; \
if $$success; then :; else \
echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \
if test -n "$(PACKAGE_BUGREPORT)"; then \
echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \
fi; \
echo "$$col$$br$$std"; \
fi; \
$$success || exit 1
check-TESTS:
@list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list
@list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@set +e; $(am__set_TESTS_bases); \
log_list=`for i in $$bases; do echo $$i.log; done`; \
trs_list=`for i in $$bases; do echo $$i.trs; done`; \
log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \
$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \
exit $$?;
recheck: all
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@set +e; $(am__set_TESTS_bases); \
bases=`for i in $$bases; do echo $$i; done \
| $(am__list_recheck_tests)` || exit 1; \
log_list=`for i in $$bases; do echo $$i.log; done`; \
log_list=`echo $$log_list`; \
$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \
am__force_recheck=am--force-recheck \
TEST_LOGS="$$log_list"; \
exit $$?
test1.sh.log: test1.sh
@p='test1.sh'; \
b='test1.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test2.sh.log: test2.sh
@p='test2.sh'; \
b='test2.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test3.sh.log: test3.sh
@p='test3.sh'; \
b='test3.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test4.sh.log: test4.sh
@p='test4.sh'; \
b='test4.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test5.sh.log: test5.sh
@p='test5.sh'; \
b='test5.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test6.sh.log: test6.sh
@p='test6.sh'; \
b='test6.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test7.sh.log: test7.sh
@p='test7.sh'; \
b='test7.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
test8.sh.log: test8.sh
@p='test8.sh'; \
b='test8.sh'; \
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
.test.log:
@p='$<'; \
$(am__set_b); \
$(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
@am__EXEEXT_TRUE@.test$(EXEEXT).log:
@am__EXEEXT_TRUE@ @p='$<'; \
@am__EXEEXT_TRUE@ $(am__set_b); \
@am__EXEEXT_TRUE@ $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
dist_files=`for file in $$list; do echo $$file; done | \
sed -e "s|^$$srcdirstrip/||;t" \
-e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
case $$dist_files in \
*/*) $(MKDIR_P) `echo "$$dist_files" | \
sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
sort -u` ;; \
esac; \
for file in $$dist_files; do \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
if test -d $$d/$$file; then \
dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
if test -d "$(distdir)/$$file"; then \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
fi; \
cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
else \
test -f "$(distdir)/$$file" \
|| cp -p $$d/$$file "$(distdir)/$$file" \
|| exit 1; \
fi; \
done
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
all-am: Makefile
installdirs:
install: install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-am
install-strip:
if test -z '$(STRIP)'; then \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic:
-test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS)
-test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs)
-test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
clean: clean-am
clean-am: clean-generic mostlyclean-am
distclean: distclean-am
-rm -f Makefile
distclean-am: clean-am distclean-generic
dvi: dvi-am
dvi-am:
gcov: gcov-am
gcov-am: gcov-local
html: html-am
html-am:
info: info-am
info-am:
install-data-am:
install-dvi: install-dvi-am
install-dvi-am:
install-exec-am:
install-html: install-html-am
install-html-am:
install-info: install-info-am
install-info-am:
install-man:
install-pdf: install-pdf-am
install-pdf-am:
install-ps: install-ps-am
install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-am
mostlyclean-am: mostlyclean-generic
pdf: pdf-am
pdf-am:
ps: ps-am
ps-am:
uninstall-am:
.MAKE: check-am install-am install-strip
.PHONY: all all-am check check-TESTS check-am clean clean-generic \
cscopelist-am ctags-am distclean distclean-generic distdir dvi \
dvi-am gcov-am gcov-local html html-am info info-am install \
install-am install-data install-data-am install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am install-man \
install-pdf install-pdf-am install-ps install-ps-am \
install-strip installcheck installcheck-am installdirs \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-generic pdf pdf-am ps ps-am recheck tags-am \
uninstall uninstall-am
.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

BIN
src/test/dns.pcap Normal file
View file

Binary file not shown.

BIN
src/test/dns6.pcap Normal file
View file

Binary file not shown.

26
src/test/sql.txt Normal file
View file

@ -0,0 +1,26 @@
select qname as CertainQnames, qtype as Qtype, count(1) as count from dns where (qname='localhost' or qname like '%.root-servers.net') and qr==0 group by CertainQnames,Qtype order by count desc;
select qtype as Qtype, qname as Qname, count(1) as count from dns where qclass==3 and qr==0 group by Qtype,Qname order by count desc;
select rcode as Rcode, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==1 group by Rcode,ClientAddr order by count,Rcode,ClientAddr desc limit 50;
select 'ALL' as All, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by All,ClientSubnet order by count,ClientSubnet desc limit 200;
#select 'ALL' as All, subnet(src_addr,24,96) as ClientSubnet, count(1) as count from dns where qr==0 group by All,ClientSubnet order by count desc,ClientSubnet limit 200;
select if(rsplit(qname,1)='de','ok','non-auth-tld') as Class, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by Class,ClientSubnet order by count,ClientSubnet,Class desc limit 200;
select if(qr==1,'sent','recv') as Direction, if(protocol==6,'tcp',if(protocol==17,'udp',if(protocol==1,'icmp',if(protocol==58,'ipv6-icmp',protocol)))) as IPProto, count(1) as count from dns group by Direction,IPProto order by count,Direction,IPProto desc;
select if(ether_type==34525,'IPv6','IPv4') as IPVersion, qtype as Qtype, count(1) as count from dns where qr==0 group by IPVersion,Qtype order by count,IPVersion,Qtype desc;
select 'ALL' as All, do, edns0, edns_version, extended_rcode, z, if(do==1,'set','clr') as D0, count(1) as count from dns where qr==0 group by All,do,D0,edns0,edns_version,extended_rcode,z order by count desc;
select 'ALL' as All, if(edns0,edns_version,'none') as EDNSVersion, count(1) as count from dns where qr==0 group by All,EDNSVersion order by count desc;
select 'ALL' as All, if(qname like 'xn--%','idn','normal') as IDNQname, count(1) as count from dns where qr==0 group by All,IDNQname order by count desc;
select 'ALL' as All, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qname like 'xn--%') group by All,TLD order by count,TLD desc;
select 'ALL' as All, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==0 and (qtype=28 or qtype=38) and (qname like '%.root-servers.net') group by All,ClientAddr order by count desc limit 50;
select 'ALL' as All, opcode as Opcode, count(1) as count from dns where qr==0 group by All,Opcode order by count,Opcode desc;
select 'ALL' as All, qtype as Qtype, count(1) as count from dns where qr==0 group by All,Qtype order by count,Qtype desc;
select qtype as Qtype, len(qname) as QnameLen, count(1) as count from dns where qr==0 group by Qtype,QnameLen order by count,QnameLen,Qtype desc;
select qtype as Qtype, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qtype=1 or qtype=2 or qtype=5 or qtype=6 or qtype=12 or qtype=15 or qtype=28 or qtype=38 or qtype=255) group by Qtype,TLD order by count,TLD,Qtype desc limit 200;
select 'ALL' as All, rcode as Rcode, count(1) as count from dns where qr==1 group by All,Rcode order by count,Rcode desc;
select rcode as Rcode, msg_size as ReplyLen, count(1) as count from dns where qr==1 group by Rcode,ReplyLen order by count,Rcode,ReplyLen desc;
select 'ALL' as All, rd as RD, count(1) as count from dns where qr==0 group by All,RD order by count desc;
select if(protocol==6,'tcp',if(protocol==17,'udp',protocol)) as Transport, qtype as Qtype, count(1) as count from dns where qr==0 group by Transport,Qtype order by Transport,Qtype,count desc;
select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, dst_addr, lower_src, integer, float;
select name( 'qtype' , qtype ) as qt, count(*) as count from dns group by qtype order by count, qt desc;
#select count(*) as count, lower(rsplit(qname,1)) as tld, istld(tld) as flag from dns group by tld order by count desc limit 50;
select * from icmp;
select count(*) from icmp;

145
src/test/test1.gold Normal file
View file

@ -0,0 +1,145 @@
[
{
"table_name": "result-0",
"query": "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, lower_src, integer, float",
"head": [
{ "name": "s","type": "int" },
{ "name": "Dst_addr","type": "text" },
{ "name": "questiontype","type": "int" },
{ "name": "lower_src","type": "text" },
{ "name": "if((1and((((s<1)or(s<=1))or(s>1))or(s>=1))),t,f)","type": "text" },
{ "name": "trim(trim(((foofoo||rsplit(src_addr,1))||foofoo),foo),bar)","type": "text" },
{ "name": "count(1)","type": "int" },
{ "name": "len(src_addr)","type": "int" },
{ "name": "(sum((msg_size+-((((((1-(2%4))<<3)>>2)|3)&~(4)))))+1)","type": "int" },
{ "name": "min(msg_size)","type": "int" },
{ "name": "max(msg_size)","type": "int" },
{ "name": "integer","type": "int" },
{ "name": "float","type": "float" },
{ "name": "(sum(((src_port+1.0)-((2.0/1.5)*-(2.5))))+1.0)","type": "float" },
{ "name": "max((src_port+1.0))","type": "float" },
{ "name": "min((src_port+1.0))","type": "float" },
{ "name": "avg(src_port)","type": "float" },
{ "name": "stdev(src_port)","type": "float" },
{ "name": "name(rcode,0)","type": "text" }
],
"data": [
[1297433016,"212.247.204.2",12,"172.18.24.52","t","24",1,12,48,42,42,1,1.1,52271.3,52267,52267,52266,0,"NoError"],
[1297433016,"172.18.24.52",12,"212.247.204.2","t","204",1,13,125,119,119,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433026,"212.247.204.2",1,"172.18.24.52","t","24",1,12,36,30,30,1,1.1,54066.3,54062,54062,54061,0,"NoError"],
[1297433027,"172.18.24.52",1,"212.247.204.2","t","204",1,13,84,78,78,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433030,"212.247.204.2",1,"172.18.24.52","t","24",1,12,30,24,24,1,1.1,59489.3,59485,59485,59484,0,"NoError"],
[1297433030,"172.18.24.52",1,"212.247.204.2","t","204",1,13,46,40,40,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433038,"212.247.204.2",12,"172.18.24.52","t","24",1,12,50,44,44,1,1.1,49372.3,49368,49368,49367,0,"NoError"],
[1297433039,"172.18.24.52",12,"212.247.204.2","t","204",1,13,102,96,96,1,1.1,58.3333,54,54,53,0,"NoError"]
]
}
]
[
{
"table_name": "result-0",
"query": "select netmask(src_addr), netmask(dst_addr, 8, 16) from dns",
"head": [
{ "name": "netmask(src_addr)","type": "text" },
{ "name": "netmask(dst_addr,8,16)","type": "text" }
],
"data": [
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"],
["172.17.0.0","8.0.0.0"],
["8.8.8.0","172.0.0.0"]
]
}
]
[
{
"table_name": "result-0",
"query": "select netmask(src_addr), netmask(dst_addr, 8, 16) from dns",
"head": [
{ "name": "netmask(src_addr)","type": "text" },
{ "name": "netmask(dst_addr,8,16)","type": "text" }
],
"data": [
["2a01:3f0::","2001::"],
["2001:4860:4860::","2a01::"]
]
}
]

27
src/test/test1.sh Executable file
View file

@ -0,0 +1,27 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -j -s "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, lower_src, integer, float" "$srcdir/../../pcap/sample.pcap.gz" > test1.out
../packetq -j -s "select netmask(src_addr), netmask(dst_addr, 8, 16) from dns" "$srcdir/dns.pcap" >>test1.out
../packetq -j -s "select netmask(src_addr), netmask(dst_addr, 8, 16) from dns" "$srcdir/dns6.pcap" >>test1.out
diff -uw "$srcdir/test1.gold" test1.out

9
src/test/test2.gold Normal file
View file

@ -0,0 +1,9 @@
"s","Dst_addr","questiontype","lower_src","if((1and((((s<1)or(s<=1))or(s>1))or(s>=1))),t,f)","trim(trim(((foofoo||rsplit(src_addr,1))||foofoo),foo),bar)","count(1)","len(src_addr)","(sum((msg_size+-((((((1-(2%4))<<3)>>2)|3)&~(4)))))+1)","min(msg_size)","max(msg_size)","integer","float","(sum(((src_port+1.0)-((2.0/1.5)*-(2.5))))+1.0)","max((src_port+1.0))","min((src_port+1.0))","avg(src_port)","stdev(src_port)","name(rcode,0)"
1297433016,"212.247.204.2",12,"172.18.24.52","t","24",1,12,48,42,42,1,1.1,52271.3,52267,52267,52266,0,"NoError"
1297433016,"172.18.24.52",12,"212.247.204.2","t","204",1,13,125,119,119,1,1.1,58.3333,54,54,53,0,"NoError"
1297433026,"212.247.204.2",1,"172.18.24.52","t","24",1,12,36,30,30,1,1.1,54066.3,54062,54062,54061,0,"NoError"
1297433027,"172.18.24.52",1,"212.247.204.2","t","204",1,13,84,78,78,1,1.1,58.3333,54,54,53,0,"NoError"
1297433030,"212.247.204.2",1,"172.18.24.52","t","24",1,12,30,24,24,1,1.1,59489.3,59485,59485,59484,0,"NoError"
1297433030,"172.18.24.52",1,"212.247.204.2","t","204",1,13,46,40,40,1,1.1,58.3333,54,54,53,0,"NoError"
1297433038,"212.247.204.2",12,"172.18.24.52","t","24",1,12,50,44,44,1,1.1,49372.3,49368,49368,49367,0,"NoError"
1297433039,"172.18.24.52",12,"212.247.204.2","t","204",1,13,102,96,96,1,1.1,58.3333,54,54,53,0,"NoError"

23
src/test/test2.sh Executable file
View file

@ -0,0 +1,23 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -c -s "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, lower_src, integer, float" "$srcdir/../../pcap/sample.pcap.gz" > test2.out
diff -uw "$srcdir/test2.gold" test2.out

9
src/test/test3.gold Normal file
View file

@ -0,0 +1,9 @@
"s" ,"Dst_addr" ,"questiontype","lower_src" ,"if((1and((((s<1)or(s<=1))or(s>1))or(s>=1))),t,f)","trim(trim(((foofoo||rsplit(src_addr,1))||foofoo),foo),bar)","count(1)","len(src_addr)","(sum((msg_size+-((((((1-(2%4))<<3)>>2)|3)&~(4)))))+1)","min(msg_size)","max(msg_size)","integer","float","(sum(((src_port+1.0)-((2.0/1.5)*-(2.5))))+1.0)","max((src_port+1.0))","min((src_port+1.0))","avg(src_port)","stdev(src_port)","name(rcode,0)"
1297433016,"212.247.204.2",12 ,"172.18.24.52" ,"t" ,"24" ,1 ,12 ,48 ,42 ,42 ,1 ,1.1 ,52271.3 ,52267 ,52267 ,52266 ,0 ,"NoError"
1297433016,"172.18.24.52" ,12 ,"212.247.204.2","t" ,"204" ,1 ,13 ,125 ,119 ,119 ,1 ,1.1 ,58.3333 ,54 ,54 ,53 ,0 ,"NoError"
1297433026,"212.247.204.2",1 ,"172.18.24.52" ,"t" ,"24" ,1 ,12 ,36 ,30 ,30 ,1 ,1.1 ,54066.3 ,54062 ,54062 ,54061 ,0 ,"NoError"
1297433027,"172.18.24.52" ,1 ,"212.247.204.2","t" ,"204" ,1 ,13 ,84 ,78 ,78 ,1 ,1.1 ,58.3333 ,54 ,54 ,53 ,0 ,"NoError"
1297433030,"212.247.204.2",1 ,"172.18.24.52" ,"t" ,"24" ,1 ,12 ,30 ,24 ,24 ,1 ,1.1 ,59489.3 ,59485 ,59485 ,59484 ,0 ,"NoError"
1297433030,"172.18.24.52" ,1 ,"212.247.204.2","t" ,"204" ,1 ,13 ,46 ,40 ,40 ,1 ,1.1 ,58.3333 ,54 ,54 ,53 ,0 ,"NoError"
1297433038,"212.247.204.2",12 ,"172.18.24.52" ,"t" ,"24" ,1 ,12 ,50 ,44 ,44 ,1 ,1.1 ,49372.3 ,49368 ,49368 ,49367 ,0 ,"NoError"
1297433039,"172.18.24.52" ,12 ,"212.247.204.2","t" ,"204" ,1 ,13 ,102 ,96 ,96 ,1 ,1.1 ,58.3333 ,54 ,54 ,53 ,0 ,"NoError"

23
src/test/test3.sh Executable file
View file

@ -0,0 +1,23 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -t -s "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, lower_src, integer, float" "$srcdir/../../pcap/sample.pcap.gz" > test3.out
diff -uw "$srcdir/test3.gold" test3.out

26
src/test/test4.gold Normal file
View file

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>result-0</title>
<style type="text/css">
th.int { color: #0F0C00; }
th.float { color: #0F0900; }
th.text { color: #0F0600; }
th.bool { color: #0C0900; }
</style>
</head>
<body>
<table>
<tr><th class="int">s</th><th class="text">Dst_addr</th><th class="int">questiontype</th><th class="text">lower_src</th><th class="text">if((1and((((s<1)or(s<=1))or(s>1))or(s>=1))),t,f)</th><th class="text">trim(trim(((foofoo||rsplit(src_addr,1))||foofoo),foo),bar)</th><th class="int">count(1)</th><th class="int">len(src_addr)</th><th class="int">(sum((msg_size+-((((((1-(2%4))<<3)>>2)|3)&~(4)))))+1)</th><th class="int">min(msg_size)</th><th class="int">max(msg_size)</th><th class="int">integer</th><th class="float">float</th><th class="float">(sum(((src_port+1.0)-((2.0/1.5)*-(2.5))))+1.0)</th><th class="float">max((src_port+1.0))</th><th class="float">min((src_port+1.0))</th><th class="float">avg(src_port)</th><th class="float">stdev(src_port)</th><th class="text">name(rcode,0)</th></tr>
<tr><td>1297433016</td> <td>212.247.204.2</td> <td>12</td> <td>172.18.24.52</td> <td>t</td> <td>24</td> <td>1</td> <td>12</td> <td>48</td> <td>42</td> <td>42</td> <td>1</td> <td>1.1</td> <td>52271.3</td> <td>52267</td> <td>52267</td> <td>52266</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433016</td> <td>172.18.24.52</td> <td>12</td> <td>212.247.204.2</td> <td>t</td> <td>204</td> <td>1</td> <td>13</td> <td>125</td> <td>119</td> <td>119</td> <td>1</td> <td>1.1</td> <td>58.3333</td> <td>54</td> <td>54</td> <td>53</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433026</td> <td>212.247.204.2</td> <td>1</td> <td>172.18.24.52</td> <td>t</td> <td>24</td> <td>1</td> <td>12</td> <td>36</td> <td>30</td> <td>30</td> <td>1</td> <td>1.1</td> <td>54066.3</td> <td>54062</td> <td>54062</td> <td>54061</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433027</td> <td>172.18.24.52</td> <td>1</td> <td>212.247.204.2</td> <td>t</td> <td>204</td> <td>1</td> <td>13</td> <td>84</td> <td>78</td> <td>78</td> <td>1</td> <td>1.1</td> <td>58.3333</td> <td>54</td> <td>54</td> <td>53</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433030</td> <td>212.247.204.2</td> <td>1</td> <td>172.18.24.52</td> <td>t</td> <td>24</td> <td>1</td> <td>12</td> <td>30</td> <td>24</td> <td>24</td> <td>1</td> <td>1.1</td> <td>59489.3</td> <td>59485</td> <td>59485</td> <td>59484</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433030</td> <td>172.18.24.52</td> <td>1</td> <td>212.247.204.2</td> <td>t</td> <td>204</td> <td>1</td> <td>13</td> <td>46</td> <td>40</td> <td>40</td> <td>1</td> <td>1.1</td> <td>58.3333</td> <td>54</td> <td>54</td> <td>53</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433038</td> <td>212.247.204.2</td> <td>12</td> <td>172.18.24.52</td> <td>t</td> <td>24</td> <td>1</td> <td>12</td> <td>50</td> <td>44</td> <td>44</td> <td>1</td> <td>1.1</td> <td>49372.3</td> <td>49368</td> <td>49368</td> <td>49367</td> <td>0</td> <td>NoError</td> </tr>
<tr><td>1297433039</td> <td>172.18.24.52</td> <td>12</td> <td>212.247.204.2</td> <td>t</td> <td>204</td> <td>1</td> <td>13</td> <td>102</td> <td>96</td> <td>96</td> <td>1</td> <td>1.1</td> <td>58.3333</td> <td>54</td> <td>54</td> <td>53</td> <td>0</td> <td>NoError</td> </tr>
</table>
</body>
</html>

23
src/test/test4.sh Executable file
View file

@ -0,0 +1,23 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -x -s "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, lower_src, integer, float" "$srcdir/../../pcap/sample.pcap.gz" > test4.out
diff -uw "$srcdir/test4.gold" test4.out

387
src/test/test5.gold Normal file
View file

@ -0,0 +1,387 @@
[
{
"table_name": "result-0",
"query": "select qname as CertainQnames, qtype as Qtype, count(1) as count from dns where (qname='localhost' or qname like '%.root-servers.net') and qr==0 group by CertainQnames,Qtype order by count desc;",
"head": [
{ "name": "CertainQnames","type": "text" },
{ "name": "Qtype","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
]
}
]
[
{
"table_name": "result-0",
"query": "select qtype as Qtype, qname as Qname, count(1) as count from dns where qclass==3 and qr==0 group by Qtype,Qname order by count desc;",
"head": [
{ "name": "Qtype","type": "int" },
{ "name": "Qname","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
]
}
]
[
{
"table_name": "result-0",
"query": "select rcode as Rcode, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==1 group by Rcode,ClientAddr order by count,Rcode,ClientAddr desc limit 50;",
"head": [
{ "name": "Rcode","type": "int" },
{ "name": "ClientAddr","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
[3,"172.18.24.52",1],
[0,"172.18.24.52",3]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by All,ClientSubnet order by count,ClientSubnet desc limit 200;",
"head": [
{ "name": "All","type": "text" },
{ "name": "ClientSubnet","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["ALL","172.18.24.0",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select if(rsplit(qname,1)='de','ok','non-auth-tld') as Class, if(ether_type==34525,rsplit(src_addr,7,':')||':'||rsplit(src_addr,6,':')||':'||rsplit(src_addr,5,':')||':'||rsplit(src_addr,4,':')||':'||rsplit(src_addr,3,':')||'::',rsplit(src_addr,3)||'.'||rsplit(src_addr,2)||'.'||rsplit(src_addr,1)||'.0') as ClientSubnet, count(1) as count from dns where qr==0 group by Class,ClientSubnet order by count,ClientSubnet,Class desc limit 200;",
"head": [
{ "name": "Class","type": "text" },
{ "name": "ClientSubnet","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["non-auth-tld","172.18.24.0",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select if(qr==1,'sent','recv') as Direction, if(protocol==6,'tcp',if(protocol==17,'udp',if(protocol==1,'icmp',if(protocol==58,'ipv6-icmp',protocol)))) as IPProto, count(1) as count from dns group by Direction,IPProto order by count,Direction,IPProto desc;",
"head": [
{ "name": "Direction","type": "text" },
{ "name": "IPProto","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["recv","udp",4],
["sent","udp",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select if(ether_type==34525,'IPv6','IPv4') as IPVersion, qtype as Qtype, count(1) as count from dns where qr==0 group by IPVersion,Qtype order by count,IPVersion,Qtype desc;",
"head": [
{ "name": "IPVersion","type": "text" },
{ "name": "Qtype","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
["IPv4",12,2],
["IPv4",1,2]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, do, edns0, edns_version, extended_rcode, z, if(do==1,'set','clr') as D0, count(1) as count from dns where qr==0 group by All,do,D0,edns0,edns_version,extended_rcode,z order by count desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "do","type": "bool" },
{ "name": "edns0","type": "bool" },
{ "name": "edns_version","type": "int" },
{ "name": "extended_rcode","type": "int" },
{ "name": "z","type": "int" },
{ "name": "D0","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["ALL",0,0,0,0,0,"clr",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, if(edns0,edns_version,'none') as EDNSVersion, count(1) as count from dns where qr==0 group by All,EDNSVersion order by count desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "EDNSVersion","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["ALL","none",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, if(qname like 'xn--%','idn','normal') as IDNQname, count(1) as count from dns where qr==0 group by All,IDNQname order by count desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "IDNQname","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["ALL","normal",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qname like 'xn--%') group by All,TLD order by count,TLD desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "TLD","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, if(qr==1,dst_addr,src_addr) as ClientAddr, count(1) as count from dns where qr==0 and (qtype=28 or qtype=38) and (qname like '%.root-servers.net') group by All,ClientAddr order by count desc limit 50;",
"head": [
{ "name": "All","type": "text" },
{ "name": "ClientAddr","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, opcode as Opcode, count(1) as count from dns where qr==0 group by All,Opcode order by count,Opcode desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "Opcode","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
["ALL",0,4]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, qtype as Qtype, count(1) as count from dns where qr==0 group by All,Qtype order by count,Qtype desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "Qtype","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
["ALL",12,2],
["ALL",1,2]
]
}
]
[
{
"table_name": "result-0",
"query": "select qtype as Qtype, len(qname) as QnameLen, count(1) as count from dns where qr==0 group by Qtype,QnameLen order by count,QnameLen,Qtype desc;",
"head": [
{ "name": "Qtype","type": "int" },
{ "name": "QnameLen","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
[1,7,1],
[1,13,1],
[12,25,1],
[12,27,1]
]
}
]
[
{
"table_name": "result-0",
"query": "select qtype as Qtype, lower(rsplit(qname,1)) as TLD, count(1) as count from dns where qr==0 and (qtype=1 or qtype=2 or qtype=5 or qtype=6 or qtype=12 or qtype=15 or qtype=28 or qtype=38 or qtype=255) group by Qtype,TLD order by count,TLD,Qtype desc limit 200;",
"head": [
{ "name": "Qtype","type": "int" },
{ "name": "TLD","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
[1,"org",1],
[1,"se",1],
[12,"arpa",2]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, rcode as Rcode, count(1) as count from dns where qr==1 group by All,Rcode order by count,Rcode desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "Rcode","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
["ALL",3,1],
["ALL",0,3]
]
}
]
[
{
"table_name": "result-0",
"query": "select rcode as Rcode, msg_size as ReplyLen, count(1) as count from dns where qr==1 group by Rcode,ReplyLen order by count,Rcode,ReplyLen desc;",
"head": [
{ "name": "Rcode","type": "int" },
{ "name": "ReplyLen","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
[0,96,1],
[0,78,1],
[0,40,1],
[3,119,1]
]
}
]
[
{
"table_name": "result-0",
"query": "select 'ALL' as All, rd as RD, count(1) as count from dns where qr==0 group by All,RD order by count desc;",
"head": [
{ "name": "All","type": "text" },
{ "name": "RD","type": "bool" },
{ "name": "count","type": "int" }
],
"data": [
["ALL",1,4]
]
}
]
[
{
"table_name": "result-0",
"query": "select if(protocol==6,'tcp',if(protocol==17,'udp',protocol)) as Transport, qtype as Qtype, count(1) as count from dns where qr==0 group by Transport,Qtype order by Transport,Qtype,count desc;",
"head": [
{ "name": "Transport","type": "text" },
{ "name": "Qtype","type": "int" },
{ "name": "count","type": "int" }
],
"data": [
["udp",1,2],
["udp",12,2]
]
}
]
[
{
"table_name": "result-0",
"query": "select s, dst_addr as Dst_addr, qtype as questiontype, lower(src_addr) as lower_src, if(1 and s < 1 or s <= 1 or s > 1 or s >= 1, 't', 'f'), trim(trim('foofoo' || rsplit(src_addr, 1) || 'foofoo', 'foo'), 'bar'), count(*), len(src_addr), sum(msg_size + -1 - 2 % 4 << 3 >> 2 | 3 & ~4) + 1, min(msg_size), max(msg_size), truncate(1.1) as integer, 1.1 as float, sum(src_port + 1.0 - 2.0 / 1.5 * -2.5) + 1.0, max(src_port + 1.0), min(src_port + 1.0), avg(src_port), stdev(src_port), name('rcode', 0) from dns where src_addr like '%' and (qr or not qr) group by src_addr, s having s >= 0 order by s, dst_addr, lower_src, integer, float;",
"head": [
{ "name": "s","type": "int" },
{ "name": "Dst_addr","type": "text" },
{ "name": "questiontype","type": "int" },
{ "name": "lower_src","type": "text" },
{ "name": "if((1and((((s<1)or(s<=1))or(s>1))or(s>=1))),t,f)","type": "text" },
{ "name": "trim(trim(((foofoo||rsplit(src_addr,1))||foofoo),foo),bar)","type": "text" },
{ "name": "count(1)","type": "int" },
{ "name": "len(src_addr)","type": "int" },
{ "name": "(sum((msg_size+-((((((1-(2%4))<<3)>>2)|3)&~(4)))))+1)","type": "int" },
{ "name": "min(msg_size)","type": "int" },
{ "name": "max(msg_size)","type": "int" },
{ "name": "integer","type": "int" },
{ "name": "float","type": "float" },
{ "name": "(sum(((src_port+1.0)-((2.0/1.5)*-(2.5))))+1.0)","type": "float" },
{ "name": "max((src_port+1.0))","type": "float" },
{ "name": "min((src_port+1.0))","type": "float" },
{ "name": "avg(src_port)","type": "float" },
{ "name": "stdev(src_port)","type": "float" },
{ "name": "name(rcode,0)","type": "text" }
],
"data": [
[1297433016,"172.18.24.52",12,"212.247.204.2","t","204",1,13,125,119,119,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433016,"212.247.204.2",12,"172.18.24.52","t","24",1,12,48,42,42,1,1.1,52271.3,52267,52267,52266,0,"NoError"],
[1297433026,"212.247.204.2",1,"172.18.24.52","t","24",1,12,36,30,30,1,1.1,54066.3,54062,54062,54061,0,"NoError"],
[1297433027,"172.18.24.52",1,"212.247.204.2","t","204",1,13,84,78,78,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433030,"172.18.24.52",1,"212.247.204.2","t","204",1,13,46,40,40,1,1.1,58.3333,54,54,53,0,"NoError"],
[1297433030,"212.247.204.2",1,"172.18.24.52","t","24",1,12,30,24,24,1,1.1,59489.3,59485,59485,59484,0,"NoError"],
[1297433038,"212.247.204.2",12,"172.18.24.52","t","24",1,12,50,44,44,1,1.1,49372.3,49368,49368,49367,0,"NoError"],
[1297433039,"172.18.24.52",12,"212.247.204.2","t","204",1,13,102,96,96,1,1.1,58.3333,54,54,53,0,"NoError"]
]
}
]
[
{
"table_name": "result-0",
"query": "select name( 'qtype' , qtype ) as qt, count(*) as count from dns group by qtype order by count, qt desc;",
"head": [
{ "name": "qt","type": "text" },
{ "name": "count","type": "int" }
],
"data": [
["PTR",4],
["A",4]
]
}
]
[
{
"table_name": "result-0",
"query": "select * from icmp;",
"head": [
{ "name": "id","type": "int" },
{ "name": "s","type": "int" },
{ "name": "us","type": "int" },
{ "name": "ether_type","type": "int" },
{ "name": "src_port","type": "int" },
{ "name": "dst_port","type": "int" },
{ "name": "src_addr","type": "text" },
{ "name": "dst_addr","type": "text" },
{ "name": "protocol","type": "int" },
{ "name": "ip_ttl","type": "int" },
{ "name": "ip_version","type": "int" },
{ "name": "fragments","type": "int" },
{ "name": "type","type": "int" },
{ "name": "code","type": "int" },
{ "name": "echo_identifier","type": "int" },
{ "name": "echo_sequence","type": "int" },
{ "name": "du_protocol","type": "int" },
{ "name": "du_src_addr","type": "text" },
{ "name": "du_dst_addr","type": "text" },
{ "name": "desc","type": "text" }
],
"data": [
]
}
]
[
{
"table_name": "result-0",
"query": "select count(*) from icmp;",
"head": [
{ "name": "count(1)","type": "int" }
],
"data": [
]
}
]

27
src/test/test5.sh Executable file
View file

@ -0,0 +1,27 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
rm -f test5.out
cat "$srcdir/sql.txt" | grep -v '^#' | while read sql; do
../packetq -s "$sql" "$srcdir/../../pcap/sample.pcap.gz" >> test5.out
done
diff -uw "$srcdir/test5.gold" test5.out

12
src/test/test6.gold Normal file
View file

@ -0,0 +1,12 @@
[
{
"table_name": "result-0",
"query": "select count(*) from dns",
"head": [
{ "name": "count(1)","type": "int" }
],
"data": [
[2]
]
}
]

23
src/test/test6.sh Executable file
View file

@ -0,0 +1,23 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -s "select count(*) from dns" "$srcdir/../../pcap/sample-bigendian.pcap.gz" > test6.out
diff -uw "$srcdir/test6.gold" test6.out

71
src/test/test7.gold Normal file
View file

@ -0,0 +1,71 @@
[
{
"table_name": "result-0",
"query": "select * from icmp",
"head": [
{ "name": "id","type": "int" },
{ "name": "s","type": "int" },
{ "name": "us","type": "int" },
{ "name": "ether_type","type": "int" },
{ "name": "src_port","type": "int" },
{ "name": "dst_port","type": "int" },
{ "name": "src_addr","type": "text" },
{ "name": "dst_addr","type": "text" },
{ "name": "protocol","type": "int" },
{ "name": "ip_ttl","type": "int" },
{ "name": "ip_version","type": "int" },
{ "name": "fragments","type": "int" },
{ "name": "type","type": "int" },
{ "name": "code","type": "int" },
{ "name": "echo_identifier","type": "int" },
{ "name": "echo_sequence","type": "int" },
{ "name": "du_protocol","type": "int" },
{ "name": "du_src_addr","type": "text" },
{ "name": "du_dst_addr","type": "text" },
{ "name": "desc","type": "text" }
],
"data": [
[1,1297781718,401023,2048,0,0,"172.18.24.52","172.18.201.234",1,64,4,0,8,0,17563,0,0,"","","Echo Request"],
[2,1297781719,401120,2048,0,0,"172.18.24.52","172.18.201.234",1,64,4,0,8,0,17563,1,0,"","","Echo Request"],
[3,1297781720,401368,2048,0,0,"172.18.24.52","172.18.201.234",1,64,4,0,8,0,17563,2,0,"","","Echo Request"],
[4,1297781729,36800,2048,0,0,"172.18.24.52","172.18.24.1",1,64,4,0,8,0,17819,0,0,"","","Echo Request"],
[5,1297781729,37210,2048,0,0,"172.18.24.1","172.18.24.52",1,64,4,0,0,0,17819,0,0,"","","Echo Reply"],
[6,1297781730,37013,2048,0,0,"172.18.24.52","172.18.24.1",1,64,4,0,8,0,17819,1,0,"","","Echo Request"],
[7,1297781730,37634,2048,0,0,"172.18.24.1","172.18.24.52",1,64,4,0,0,0,17819,1,0,"","","Echo Reply"],
[8,1297781731,37342,2048,0,0,"172.18.24.52","172.18.24.1",1,64,4,0,8,0,17819,2,0,"","","Echo Request"],
[9,1297781731,37864,2048,0,0,"172.18.24.1","172.18.24.52",1,64,4,0,0,0,17819,2,0,"","","Echo Reply"],
[10,1297781733,388527,2048,0,0,"172.18.24.52","172.18.24.12",1,64,4,0,8,0,18075,0,0,"","","Echo Request"],
[11,1297781733,389073,2048,0,0,"172.18.24.12","172.18.24.52",1,128,4,0,0,0,18075,0,0,"","","Echo Reply"],
[12,1297781734,388627,2048,0,0,"172.18.24.52","172.18.24.12",1,64,4,0,8,0,18075,1,0,"","","Echo Request"],
[13,1297781734,388912,2048,0,0,"172.18.24.12","172.18.24.52",1,128,4,0,0,0,18075,1,0,"","","Echo Reply"],
[14,1297781735,388779,2048,0,0,"172.18.24.52","172.18.24.12",1,64,4,0,8,0,18075,2,0,"","","Echo Request"],
[15,1297781735,389060,2048,0,0,"172.18.24.12","172.18.24.52",1,128,4,0,0,0,18075,2,0,"","","Echo Reply"],
[16,1297781739,517764,2048,0,0,"172.18.24.52","172.18.23.12",1,64,4,0,8,0,18331,0,0,"","","Echo Request"],
[17,1297781740,518089,2048,0,0,"172.18.24.52","172.18.23.12",1,64,4,0,8,0,18331,1,0,"","","Echo Request"],
[18,1297781741,518404,2048,0,0,"172.18.24.52","172.18.23.12",1,64,4,0,8,0,18331,2,0,"","","Echo Request"],
[19,1297781745,4951,2048,0,0,"172.18.24.52","173.18.23.12",1,64,4,0,8,0,19355,0,0,"","","Echo Request"],
[20,1297781746,5090,2048,0,0,"172.18.24.52","173.18.23.12",1,64,4,0,8,0,19355,1,0,"","","Echo Request"],
[21,1297781747,5403,2048,0,0,"172.18.24.52","173.18.23.12",1,64,4,0,8,0,19355,2,0,"","","Echo Request"],
[22,1297781749,725341,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,0,0,"","","Echo Request"],
[23,1297781750,725507,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,1,0,"","","Echo Request"],
[24,1297781750,900759,2048,0,0,"75.160.241.10","172.18.24.52",1,234,4,0,3,1,0,0,1,"172.18.24.52","174.18.23.12","Destination host unreachable"],
[25,1297781751,725837,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,2,0,"","","Echo Request"],
[26,1297781752,726162,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,3,0,"","","Echo Request"],
[27,1297781753,726487,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,4,0,"","","Echo Request"],
[28,1297781754,726804,2048,0,0,"172.18.24.52","174.18.23.12",1,64,4,0,8,0,19611,5,0,"","","Echo Request"],
[29,1297781754,903407,2048,0,0,"75.160.241.10","172.18.24.52",1,234,4,0,3,1,0,0,1,"172.18.24.52","174.18.23.12","Destination host unreachable"]
]
}
]
[
{
"table_name": "result-0",
"query": "select count(*) from icmp",
"head": [
{ "name": "count(1)","type": "int" }
],
"data": [
[29]
]
}
]

24
src/test/test7.sh Executable file
View file

@ -0,0 +1,24 @@
#!/bin/sh -e
# Copyright (c) 2017-2024 OARC, Inc.
# Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
../packetq -s "select * from icmp" "$srcdir/../../pcap/icmp.pcap.gz" > test7.out
../packetq -s "select count(*) from icmp" "$srcdir/../../pcap/icmp.pcap.gz" >> test7.out
diff -uw "$srcdir/test7.gold" test7.out

60
src/test/test8.gold Normal file
View file

@ -0,0 +1,60 @@
[
{
"table_name": "result-0",
"query": "select qname from dns",
"head": [
{ "name": "qname","type": "text" }
],
"data": [
["test."],
["'."],
["\"."],
["$."],
["\\."],
["$."],
["$."],
["_test.all.54.non-escaped.characters.abcdefghijklmnopqrstuvwxyz.ABCDEFGHIJKLMNOPQRSTUVWXYZ.0123456789.test."],
["dot.embeded.in.a.label.test."]
]
}
]
[
{
"table_name": "result-0",
"query": "select qname from dns",
"head": [
{ "name": "qname","type": "text" }
],
"data": [
["test."],
["\\039."],
["\\034."],
["\\036."],
["\\092."],
["\\000."],
["\\255."],
["_test.all.54.non-escaped.characters.abcdefghijklmnopqrstuvwxyz.ABCDEFGHIJKLMNOPQRSTUVWXYZ.0123456789.test."],
["dot\\046embeded.in.a.label.test."]
]
}
]
"qname"
"test."
"'."
"""."
"$."
"\."
"$."
"$."
"_test.all.54.non-escaped.characters.abcdefghijklmnopqrstuvwxyz.ABCDEFGHIJKLMNOPQRSTUVWXYZ.0123456789.test."
"dot.embeded.in.a.label.test."
"qname"
"test."
"\039."
"\034."
"\036."
"\092."
"\000."
"\255."
"_test.all.54.non-escaped.characters.abcdefghijklmnopqrstuvwxyz.ABCDEFGHIJKLMNOPQRSTUVWXYZ.0123456789.test."
"dot\046embeded.in.a.label.test."

26
src/test/test8.sh Executable file
View file

@ -0,0 +1,26 @@
#!/bin/sh -e
# Copyright (c) 2021, Internet Systems Consortium, Inc.
# All rights reserved.
#
# This file is part of PacketQ.
#
# PacketQ is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PacketQ is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
TESTPCAP="$srcdir/../../pcap/sample-rfc1035escape.pcap.gz"
../packetq -s "select qname from dns" --json "$TESTPCAP" > test8.out
../packetq -s "select qname from dns" --json --rfc1035 "$TESTPCAP" >> test8.out
../packetq -s "select qname from dns" --csv "$TESTPCAP" >> test8.out
../packetq -s "select qname from dns" --csv --rfc1035 "$TESTPCAP" >> test8.out
diff -uw "$srcdir/test8.gold" test8.out

323
src/variant.h Normal file
View file

@ -0,0 +1,323 @@
/*
* Copyright (c) 2017-2024 OARC, Inc.
* Copyright (c) 2011-2017, IIS - The Internet Foundation in Sweden
* All rights reserved.
*
* This file is part of PacketQ.
*
* PacketQ is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PacketQ is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PacketQ. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __packetq_variant_h
#define __packetq_variant_h
#include <cstdlib>
#include "MurmurHash3.h"
#include "refcountstring.h"
namespace packetq {
inline std::size_t hash_bytes(const char* bytes, int len)
{
uint32_t result = 0;
MurmurHash3_x86_32(bytes, len, 0, &result);
return result;
}
// must be defined in this order - see the "if" statement
#define COLTYPE_MAX 4
namespace Coltype {
enum Type {
_bool = 0,
_int = 1,
_float = 2,
_text = 3,
};
};
typedef bool bool_column;
static const int bool_size = sizeof(bool_column);
static const int bool_align = ((sizeof(bool_column) / sizeof(void*)) + 1) * sizeof(void*);
typedef int int_column;
static const int int_size = sizeof(int_column);
static const int int_align = ((sizeof(int_column) / sizeof(void*)) + 1) * sizeof(void*);
typedef double float_column;
static const int float_size = sizeof(float_column);
static const int float_align = ((sizeof(float_column) / sizeof(void*)) + 1) * sizeof(void*);
typedef RefCountString* text_column;
static const int text_size = sizeof(text_column);
static const int text_align = ((sizeof(text_column) / sizeof(void*)) + 1) * sizeof(void*);
inline bool_column convert_column_to_bool(float_column v) { return v; }
inline bool_column convert_column_to_bool(int_column v) { return v; }
inline bool_column convert_column_to_bool(bool_column v) { return v; }
inline bool_column convert_column_to_bool(text_column v)
{
return std::atoi(v->data);
}
inline int_column convert_column_to_int(float_column v) { return int(v); }
inline int_column convert_column_to_int(int_column v) { return v; }
inline int_column convert_column_to_int(bool_column v) { return v; }
inline int_column convert_column_to_int(text_column v)
{
return v->data[0] != '\0';
}
inline float_column convert_column_to_float(float_column v) { return v; }
inline float_column convert_column_to_float(int_column v) { return v; }
inline float_column convert_column_to_float(bool_column v) { return v; }
inline float_column convert_column_to_float(text_column v)
{
return std::atof(v->data);
}
inline text_column convert_column_to_text(float_column v)
{
const int bufsize = 50;
RefCountString* str = RefCountString::allocate(bufsize);
snprintf(str->data, bufsize, "%g", v); // lgtm[cpp/badly-bounded-write]
return str;
}
inline text_column convert_column_to_text(int_column v)
{
const int bufsize = (sizeof(int_column) * 8 + 1) / 3 + 1;
RefCountString* str = RefCountString::allocate(bufsize);
snprintf(str->data, bufsize, "%d", v); // lgtm[cpp/badly-bounded-write]
return str;
}
inline text_column convert_column_to_text(bool_column v)
{
const int bufsize = 1 + 1;
RefCountString* str = RefCountString::allocate(bufsize);
if (v)
str->data[0] = '1';
else
str->data[1] = '0';
str->data[1] = '\0';
return str;
}
inline text_column convert_column_to_text(text_column v)
{
// to stay symmetric with above functions that allocate a new string,
// increment reference count
v->inc_refcount();
return v;
}
// Variant represents a value that can be either one of the column types,
// plus a type field to figure out which kind it represents
class Variant {
public:
Variant()
{
m_type = Coltype::_int;
m_val.m_int = 0;
}
Variant(bool_column val)
{
m_type = Coltype::_bool;
m_val.m_bool = val;
}
Variant(int_column val)
{
m_type = Coltype::_int;
m_val.m_int = val;
}
Variant(float_column val)
{
m_type = Coltype::_float;
m_val.m_float = val;
}
Variant(text_column val)
{
m_type = Coltype::_text;
m_val.m_text = val;
m_val.m_text->inc_refcount();
}
Variant(const Variant& other)
{
m_type = other.m_type;
m_val = other.m_val;
if (m_type == Coltype::_text)
m_val.m_text->inc_refcount();
}
// move constructor
Variant(Variant&& other)
{
// would be cleaner to use default constructor, but alas
// constructor delegation requires GCC >= 4.7
m_type = Coltype::_int;
m_val.m_int = 0;
swap(*this, other);
}
~Variant()
{
if (m_type == Coltype::_text)
m_val.m_text->dec_refcount();
}
Variant& operator=(Variant other)
{
// copy and swap idiom
swap(*this, other);
return *this;
}
inline friend void swap(Variant& first, Variant& second)
{
using std::swap;
swap(first.m_type, second.m_type);
swap(first.m_val, second.m_val);
}
bool_column get_bool() const
{
switch (m_type) {
case Coltype::_float:
return convert_column_to_bool(m_val.m_float);
case Coltype::_int:
return convert_column_to_bool(m_val.m_int);
case Coltype::_bool:
return convert_column_to_bool(m_val.m_bool);
case Coltype::_text:
return convert_column_to_bool(m_val.m_text);
}
return false;
}
int_column get_int() const
{
switch (m_type) {
case Coltype::_float:
return convert_column_to_int(m_val.m_float);
case Coltype::_int:
return convert_column_to_int(m_val.m_int);
case Coltype::_bool:
return convert_column_to_int(m_val.m_bool);
case Coltype::_text:
return convert_column_to_int(m_val.m_text);
}
return 0;
}
float_column get_float() const
{
switch (m_type) {
case Coltype::_float:
return convert_column_to_float(m_val.m_float);
case Coltype::_int:
return convert_column_to_float(m_val.m_int);
case Coltype::_bool:
return convert_column_to_float(m_val.m_bool);
case Coltype::_text:
return convert_column_to_float(m_val.m_text);
}
return 0.0;
}
// this returns a RefCountString with the ref-count incremented so
// caller is responsible for decrementing after use
text_column get_text() const
{
switch (m_type) {
case Coltype::_float:
return convert_column_to_text(m_val.m_float);
case Coltype::_int:
return convert_column_to_text(m_val.m_int);
case Coltype::_bool:
return convert_column_to_text(m_val.m_bool);
case Coltype::_text:
return convert_column_to_text(m_val.m_text);
}
return RefCountString::construct("");
}
int cmp(const Variant& rhs) const
{
switch (m_type) {
case (Coltype::_bool):
return m_val.m_bool - rhs.get_bool();
case (Coltype::_int):
return m_val.m_int - rhs.get_int();
case (Coltype::_float): {
float_column r = rhs.get_float();
if (m_val.m_float < r)
return -1;
if (m_val.m_float > r)
return 1;
return 0;
}
case (Coltype::_text): {
RefCountString* s = rhs.get_text();
auto res = strcmp(m_val.m_text->data, s->data);
s->dec_refcount();
return res;
}
}
return 0;
}
bool operator<(const Variant& rhs) const
{
return cmp(rhs) < 0;
}
bool operator==(const Variant& rhs) const
{
return cmp(rhs) == 0;
}
std::size_t hash() const
{
switch (m_type) {
case (Coltype::_bool):
return std::hash<bool>()(m_val.m_bool);
case (Coltype::_int):
return std::hash<int>()(m_val.m_int);
case (Coltype::_float):
return std::hash<float>()(m_val.m_float);
case (Coltype::_text):
return hash_bytes(m_val.m_text->data, strlen(m_val.m_text->data));
}
return 0;
}
Coltype::Type m_type;
private:
union VariantUnion {
bool_column m_bool;
int_column m_int;
float_column m_float;
text_column m_text;
};
VariantUnion m_val;
};
} // namespace packetq
#endif // __packetq_variant_h

153
test-driver Executable file
View file

@ -0,0 +1,153 @@
#! /bin/sh
# test-driver - basic testsuite driver script.
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 2011-2021 Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
# Make unconditional expansion of undefined variables an error. This
# helps a lot in preventing typo-related bugs.
set -u
usage_error ()
{
echo "$0: $*" >&2
print_usage >&2
exit 2
}
print_usage ()
{
cat <<END
Usage:
test-driver --test-name NAME --log-file PATH --trs-file PATH
[--expect-failure {yes|no}] [--color-tests {yes|no}]
[--enable-hard-errors {yes|no}] [--]
TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS]
The '--test-name', '--log-file' and '--trs-file' options are mandatory.
See the GNU Automake documentation for information.
END
}
test_name= # Used for reporting.
log_file= # Where to save the output of the test script.
trs_file= # Where to save the metadata of the test run.
expect_failure=no
color_tests=no
enable_hard_errors=yes
while test $# -gt 0; do
case $1 in
--help) print_usage; exit $?;;
--version) echo "test-driver $scriptversion"; exit $?;;
--test-name) test_name=$2; shift;;
--log-file) log_file=$2; shift;;
--trs-file) trs_file=$2; shift;;
--color-tests) color_tests=$2; shift;;
--expect-failure) expect_failure=$2; shift;;
--enable-hard-errors) enable_hard_errors=$2; shift;;
--) shift; break;;
-*) usage_error "invalid option: '$1'";;
*) break;;
esac
shift
done
missing_opts=
test x"$test_name" = x && missing_opts="$missing_opts --test-name"
test x"$log_file" = x && missing_opts="$missing_opts --log-file"
test x"$trs_file" = x && missing_opts="$missing_opts --trs-file"
if test x"$missing_opts" != x; then
usage_error "the following mandatory options are missing:$missing_opts"
fi
if test $# -eq 0; then
usage_error "missing argument"
fi
if test $color_tests = yes; then
# Keep this in sync with 'lib/am/check.am:$(am__tty_colors)'.
red='' # Red.
grn='' # Green.
lgn='' # Light green.
blu='' # Blue.
mgn='' # Magenta.
std='' # No color.
else
red= grn= lgn= blu= mgn= std=
fi
do_exit='rm -f $log_file $trs_file; (exit $st); exit $st'
trap "st=129; $do_exit" 1
trap "st=130; $do_exit" 2
trap "st=141; $do_exit" 13
trap "st=143; $do_exit" 15
# Test script is run here. We create the file first, then append to it,
# to ameliorate tests themselves also writing to the log file. Our tests
# don't, but others can (automake bug#35762).
: >"$log_file"
"$@" >>"$log_file" 2>&1
estatus=$?
if test $enable_hard_errors = no && test $estatus -eq 99; then
tweaked_estatus=1
else
tweaked_estatus=$estatus
fi
case $tweaked_estatus:$expect_failure in
0:yes) col=$red res=XPASS recheck=yes gcopy=yes;;
0:*) col=$grn res=PASS recheck=no gcopy=no;;
77:*) col=$blu res=SKIP recheck=no gcopy=yes;;
99:*) col=$mgn res=ERROR recheck=yes gcopy=yes;;
*:yes) col=$lgn res=XFAIL recheck=no gcopy=yes;;
*:*) col=$red res=FAIL recheck=yes gcopy=yes;;
esac
# Report the test outcome and exit status in the logs, so that one can
# know whether the test passed or failed simply by looking at the '.log'
# file, without the need of also peaking into the corresponding '.trs'
# file (automake bug#11814).
echo "$res $test_name (exit status: $estatus)" >>"$log_file"
# Report outcome to console.
echo "${col}${res}${std}: $test_name"
# Register the test result, and other relevant metadata.
echo ":test-result: $res" > $trs_file
echo ":global-test-result: $res" >> $trs_file
echo ":recheck: $recheck" >> $trs_file
echo ":copy-in-global-log: $gcopy" >> $trs_file
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End: