Statistics
| Branch: | Revision:

nfa / plugins / ia_sniffer / ia_sniffer_plugin.h @ 7faa68e1

History | View | Annotate | Download (1.18 KB)

1
#pragma once
2

    
3
#include "plugin.h"
4
#include "settings.h"
5

    
6
#include <pqxx/pqxx>
7
#include <boost/thread.hpp>
8

    
9
#include <vector>
10
#include <map>
11
#include <memory>
12

    
13
#include <ctime>
14
#include <cstdint>
15

    
16
namespace NFA
17
{
18

    
19
using ConnectionPtr = std::shared_ptr<pqxx::connection>;
20
using FlowRec = std::pair<NF_DATA, uint32_t>;
21
using Flows = std::vector<FlowRec>;
22

    
23
class IASniffer : public Plugin
24
{
25
    public:
26
        explicit IASniffer(const SettingsGroup& s);
27
        ~IASniffer() override;
28

    
29
        void analyze(const NF_DATA& flow, uint32_t timeCorrection) override;
30
        std::string name() const override { return "ia_sniffer"; }
31
        std::string version() const override { return "1.3"; }
32

    
33
    private:
34
        uint16_t _port;
35
        unsigned _timeout;
36
        std::vector<uint32_t> _servers;
37
        Flows _flows;
38
        ConnectionPtr _connPtr;
39
        bool _running;
40
        boost::mutex _mutex;
41
        boost::thread _flushThread;
42

    
43
        void _configureDB();
44
        void _checkDBStructure();
45
        void _configurePort();
46
        void _configureServers();
47
        void _flusher();
48
        void _flush(const Flows & flows);
49
};
50

    
51
}
52

    
53
extern "C" NFA::Plugin* getPlugin(const NFA::SettingsGroup& s);