vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 09:03:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Implements use of post-nat src/dst addresses and ports

Browse source 
Implements https://github.com/ntop/ntopng/issues/1398
This commit is contained in:
Simone Mainardi 2017-09-07 16:24:53 +02:00
parent 3f051b4335
commit 906aff3e20
10 changed files with 59 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

24
src/ParserInterface.cpp
View file

@ -684,7 +684,7 @@ u_int8_t ParserInterface::parseFlow(char *payload, int payload_size, u_int8_t so
flow.src_ip.set((char*)value);
} else {
ip_aux.set((char*)value);
if(!ip_aux.isEmpty())
if(!ip_aux.isEmpty() && !ntop->getPrefs()->do_override_src_with_post_nat_src())
/* tried to overwrite a non-empty IP with another non-empty IP */
ntop->getTrace()->traceEvent(TRACE_WARNING,
"Attempt to set source ip multiple times. "
@ -697,17 +697,17 @@ u_int8_t ParserInterface::parseFlow(char *payload, int payload_size, u_int8_t so
flow.dst_ip.set((char*)value);
} else {
ip_aux.set((char*)value);
if(!ip_aux.isEmpty())
if(!ip_aux.isEmpty() && !ntop->getPrefs()->do_override_dst_with_post_nat_dst())
ntop->getTrace()->traceEvent(TRACE_WARNING,
"Attempt to set destination ip multiple times. "
"Check exported fields in %s", payload);
}
break;
case L4_SRC_PORT:
flow.src_port = htons(atoi(value));
if(!flow.src_port) flow.src_port = htons(atoi(value));
break;
case L4_DST_PORT:
flow.dst_port = htons(atoi(value));
if(!flow.dst_port) flow.dst_port = htons(atoi(value));
break;
case SRC_VLAN:
case DST_VLAN:
@ -800,6 +800,18 @@ u_int8_t ParserInterface::parseFlow(char *payload, int payload_size, u_int8_t so
flow.outIndex = atoi(value);
add_to_additional_fields = true;
break;
case POST_NAT_SRC_IPV4_ADDR:
if(ntop->getPrefs()->do_override_src_with_post_nat_src()) flow.src_ip.set((char*)value);
break;
case POST_NAT_DST_IPV4_ADDR:
if(ntop->getPrefs()->do_override_dst_with_post_nat_dst()) flow.dst_ip.set((char*)value);
break;
case POST_NAPT_SRC_TRANSPORT_PORT:
if(ntop->getPrefs()->do_override_src_with_post_nat_src()) flow.src_port = htons(atoi(value));
break;
case POST_NAPT_DST_TRANSPORT_PORT:
if(ntop->getPrefs()->do_override_dst_with_post_nat_dst()) flow.dst_port = htons(atoi(value));
break;
case SRC_PROC_PID:
iface->enable_sprobe(); /* We're collecting system flows */
flow.src_process.pid = atoi(value);
@ -879,20 +891,16 @@ u_int8_t ParserInterface::parseFlow(char *payload, int payload_size, u_int8_t so
case BITTORRENT_HASH:
flow.bittorrent_hash = strdup(value);
break;
case IPV4_NEXT_HOP:
if(strcmp(value, "0.0.0.0")) add_to_additional_fields = true;
break;
case IPV4_SRC_MASK:
case IPV4_DST_MASK:
if(strcmp(value, "0")) add_to_additional_fields = true;
break;
case INGRESS_VRFID:
flow.vrfId = atoi(value);
break;
default:
ntop->getTrace()->traceEvent(TRACE_DEBUG, "Not handled ZMQ field %u/%s", key_id, key);
add_to_additional_fields = true;