?? analyze.c
字號:
fseek(fptr,-SumDataSize,SEEK_CUR);
/*再寫入*/
fwrite(dataPtr,SumDataSize,1,fptr);
/*2.修改月總數數據*/
/*移動文件指針到相應位置*/
fseek(fptr,(CurrentMonth-1)*32*SumDataSize,SEEK_SET);
/*讀取文件中的數據*/
fread(dataPtr,SumDataSize,1,fptr);
/*修改數據*/
for (i = 0; i < TIME_STAGE_NUM; i++)
for (j = 0; j < NET_PART_NUM; j++)
{
data.inPackets[i][j] += user->data.inPackets[i][j];
data.inPacketsBytes[i][j] += user->data.inPacketsBytes[i][j];
data.outPackets[i][j] += user->data.outPackets[i][j];
data.outPacketsBytes[i][j] += user->data.outPacketsBytes[i][j];
}
/*重新定位*/
fseek(fptr,-SumDataSize,SEEK_CUR);
/*再寫入*/
fwrite(dataPtr,SumDataSize,1,fptr);
fclose(fptr);
/*將數據清0*/
memset(&user->data,0,SumDataSize);
}
user = user->nextInList;
}
}
/*
改變當前的日期或時間段
字符串格式:1|month|day
2|time stage
若第一個域為1,則表明是日期
若第一個域為2,則表明是時間段
flag==0,保存進入數據
flag== 1,保存外出數據
*/
void ChangeTimeStageOrDate(char* str)
{
char result[20],*startField;
int flag;
int month,day,timeStage;
static int state = 0;
/*得到標識*/
startField = GetOneField(str,result);
flag = atoi(result);
switch (flag)
{
case 1:/*日期發生了變化*/
startField = GetOneField(startField,result);
month = atoi(result);
startField = GetOneField(startField,result);
day = atoi(result);
if (state == 0)
{/*若是第一次調用本函數,則不保存數據,因為數據文件的第一行一定是日期行*/
state = 1;
CurrentMonth = month;
CurrentDay = day;
return;
}
if ((CurrentMonth != month) || (CurrentDay != day))
{
/*時間發生變化,將數據保存*/
SaveOneDayData();
CurrentMonth = month;
CurrentDay = day;
}
break;
case 2:/*時間段發生了變化*/
startField = GetOneField(startField,result);
timeStage = atoi(result);
if ((timeStage >= TIME_STAGE_1) && (timeStage < TIME_STAGE_NUM))
CurrentTimeStage = timeStage;
break;
}
}
/*
分析IP流量細節文件
IP流量細節文件格式:0 or 1|userID|source Ip|destination Ip|length
0表示進入,1表示外出
*/
void AnalyzeIpDataFile()
{
FILE* fptr;
char oneStr[200];
char result[30];
char* startField;
int netPartNo;
struct in_addr srcIp,dstIp;
struct in_addr *srcIpPtr = &srcIp,*dstIpPtr = &dstIp;
int inOut,userID;
long length;
UserType* user;
if ((fptr = fopen(IpDataFile,"r")) == NULL)
{/*正常傳入的IP包數據細節文件指針*/
PrintError("Don't open file:%s.\n",IpDataFile);
return;
}
while (!feof(fptr))
{
fgets(oneStr,200,fptr);
if (feof(fptr))
break;
if (oneStr[0] == '*')
{/*表明這一行為日期或時間段控制信息*/
ChangeTimeStageOrDate(&oneStr[1]);
continue;
}
/*得到方向0---傳入,1---傳出*/
startField = GetOneField(oneStr,result);
inOut = atoi(result);
/*得到用戶ID*/
startField = GetOneField(startField,result);
userID = atoi(result);
/*得到源IP地址*/
startField = GetOneField(startField,result);
TransIpAddress(0,result,srcIpPtr);
/*得到目的IP地址*/
startField = GetOneField(startField,result);
TransIpAddress(0,result,dstIpPtr);
/*得到長度*/
startField = GetOneField(startField,result);
length = atol(startField);
/*修改內存中的數據*/
user = FindUserByID(userID);
if (user != NULL)
{
netPartNo = GetNetPartNo(srcIp);
if (inOut == 0)
{/*進入包*/
#ifdef ZOOM-OP
length *= ZoomRatio[0];
#endif
user->data.inPackets[CurrentTimeStage][netPartNo]++;
user->data.inPacketsBytes[CurrentTimeStage][netPartNo] += length;
}
else
{/*外出包*/
#ifdef ZOOM-OP
length *= ZoomRatio[1];
#endif
user->data.outPackets[CurrentTimeStage][netPartNo]++;
user->data.outPacketsBytes[CurrentTimeStage][netPartNo] += length;
}
user->change = 1;/*數據發生變化*/
}
}
}
/*
分析用戶登陸細節文件
*/
void AnalyzeLoginDataFile()
{
FILE* fptr,*userFptr,*sumFptr;
int i;
char oneStr[200],*logtime;
char userIDStr[20];
char groupIDStr[20];
int userID;
long inPackets,inPacketsBytes;
long outPackets,outPacketsBytes;
long loginTime,logoutTime;
char str1[50],*str2,*dataPtr;
char fileName[150];
char logoutTimeStr[30];
struct tm * now,*now1;
int month,day;
SumDataType sumData,*sumDataPtr = &sumData;
UserType* user;
/*1.處理傳入傳出總體數據文件*/
strcat(IpSumDataFile,".tmp");
if ((fptr = fopen(IpSumDataFile,"r")) == NULL)
{/*正常傳入的IP包數據總體文件指針*/
PrintError("Don't open file:%s.\n",IpSumDataFile);
exit(-1);
}
while (!feof(fptr))
{
fgets(oneStr,200,fptr);
/*
printf("\nstr = %s",oneStr);
*/
if (feof(fptr))
break;
/*1.得到上述各個數據inPackets|inPacketsBytes|outPackets|outPacketsBytes|logout Time*/
str2 = GetOneField(oneStr,str1);/*timeID*/
str2 = GetOneField(str2,userIDStr);/*user id*/
userID = atoi(userIDStr);
user = FindUserByID(userID);
if (!user)
continue;
else sprintf(groupIDStr,"%d",user->groupID);
dataPtr = GetOneField(str2,str1);/*ip address*/
str2 = GetOneField(dataPtr,str1);/*inPackets*/
inPackets = atol(str1);
str2 = GetOneField(str2,str1);/*inpackets bytes*/
inPacketsBytes = atol(str1);
str2 = GetOneField(str2,str1);/*outPackets*/
outPackets = atol(str1);
logtime = GetOneField(str2,str1);/*outpackets bytes*/
outPacketsBytes = atol(str1);
#ifdef ZOOM-OP
inPackets *= ZoomRatio[0];
inPacketsBytes *= ZoomRatio[0];
outPackets *= ZoomRatio[1];
outPacketsBytes *= ZoomRatio[1];
#endif
str2 = GetOneField(logtime,str1);/*login time*/
loginTime = atol(str1);
str2 = GetOneField(str2,str1);/*logout time*/
logoutTime = atol(str1);
sprintf(fileName,"%s/%s%s",groupIDStr,userIDStr,SumSuffix);
if ((sumFptr = fopen(fileName,"rb+")) == NULL)
{/*該文件一定存在,因為在增加用戶時創建了該文件*/
continue;
}
/*存入到用戶細節文件中*/
sprintf(fileName,"%s/%s",groupIDStr,userIDStr);
if ((userFptr = fopen(fileName,"a+")) == NULL)
{
PrintError("Open File Error:%s.in MaintainSumDataFile().\n",userIDStr);
continue;
}
/*處理用戶統計文件*/
/*1。得到月份*/
now = localtime(&logoutTime);
sprintf(logoutTimeStr,"%d.%d.%d %d:%d:%d",
now->tm_year,now->tm_mon+1,now->tm_mday,now->tm_hour,now->tm_min,now->tm_sec);
month = now->tm_mon;
day = now->tm_mday;
now1 = localtime(&loginTime);
/*給logtime賦值實際上就是修改oneStr中的后兩個域值*/
#ifdef ZOOM-OP
sprintf(dataPtr,"%ld|%ld|%ld|%ld|%d.%d.%d %d:%d:%d|%s\n",
inPackets,inPacketsBytes,outPackets,outPacketsBytes,
now1->tm_year,now1->tm_mon+1,now1->tm_mday,now1->tm_hour,now1->tm_min,now1->tm_sec,logoutTimeStr);
#else
sprintf(logtime,"%d.%d.%d %d:%d:%d|%s\n",
now1->tm_year,now1->tm_mon+1,now1->tm_mday,now1->tm_hour,now1->tm_min,now1->tm_sec,logoutTimeStr);
#endif
fprintf(userFptr,oneStr);
fclose(userFptr);
/*
printf("userid = %s.\n",userIDStr);
printf("inPackets=%ld.\n",inPackets);
printf("logout time = %ld.\n",logoutTime);
printf("filename = %s.\n",fileName);
*/
/*2。讀取該用戶當月數據*/
/*將該用戶當月數據增加后,再存入*/
/*
printf("month = %d,day = %d.\n",month,day);
*/
fseek(sumFptr,SumDataSize*month*32,SEEK_SET);
fread(sumDataPtr,SumDataSize,1,sumFptr);
/*若按照IP包流量來分析,則關于流量部分不必在本部分處理,但連接時間則要處理*/
#ifndef ANALYZE_BY_IP
sumData.inPackets[0][0] += inPackets;
sumData.inPacketsBytes[0][0] += inPacketsBytes;
sumData.outPackets[0][0] += outPackets;
sumData.outPacketsBytes[0][0] += outPacketsBytes;
#endif
sumData.connectTime += (logoutTime - loginTime);
fseek(sumFptr,-SumDataSize,SEEK_CUR);
fwrite(sumDataPtr,SumDataSize,1,sumFptr);
/*將該用戶當日數據增加后,再存入*/
fseek(sumFptr,SumDataSize*(month*32 + day),SEEK_SET);
fread(sumDataPtr,SumDataSize,1,sumFptr);
/*若按照IP包流量來分析,則關于流量部分不必在本部分處理,但連接時間則要處理*/
#ifndef ANALYZE_BY_IP
sumData.inPackets[0][0] += inPackets;
sumData.inPacketsBytes[0][0] += inPacketsBytes;
sumData.outPackets[0][0] += outPackets;
sumData.outPacketsBytes[0][0] += outPacketsBytes;
#endif
sumData.connectTime += (logoutTime - loginTime);
fseek(sumFptr,-SumDataSize,SEEK_CUR);
fwrite(sumDataPtr,SumDataSize,1,sumFptr);
fclose (sumFptr);
/*生成月統計數據文件*/
}
fclose(fptr);
/*將該文件刪除*/
sprintf(str1,"rm -f %s ",IpSumDataFile);
system(str1);
}
/*
轉儲總體文件以外的文件
方法:將文件名加上當天的日期
*/
void MaintainDataFile()
{
char command[150];
char today[20];
struct tm *now;
time_t day;
/*得到當前日期*/
time(&day);
now = localtime(&day);
sprintf(today,"%d-%d",now->tm_mon+1,now->tm_mday);
/*將數據文件改為以當前日期為前綴的文件*/
/*正常IP包數據控制文件名稱*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",IpDataControlFile,today,IpDataControlFile);
system(command);
/*正常傳入傳出的IP包數據細節文件名稱*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",IpDataFile,today,IpDataFile);
/* system(command);*/ /*liu change 980703*/
/*領導IP包數據文件名稱*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",LeadIpDataFile,today,LeadIpDataFile);
system(command);
/*應被封鎖的IP包數據文件名稱,因為有可能仍有一些數據傳輸.*/
sprintf(command,"mv -f %s.tmp backup/%s-%s",BlockIpDataFile,today,BlockIpDataFile);
system(command);
}
main()
{
char command[150];
/*初始化*/
printf("\n\nnow analyze start\n");
printf("init system...\n");
InitVar();
printf("init system completed..\n");
/*將用戶帳戶文件保存備份*/
printf("save user account file...\n");
sprintf(command,"cp %s %s.bak",UserFile,UserFile);
system(command);
/*分析IP流量細節文件*/
#ifdef ANALYZE_BY_IP
printf("analyze ipdata.dat file...\n");
AnalyzeIpDataFile();
#endif
/*將數據文件轉儲*/
printf("mv data file...\n");
MaintainDataFile();
/*分析輸入和輸出的總體文件,然后將其刪除*/
printf("analyze ipsumdata.dat file..\n");
AnalyzeLoginDataFile();
printf("analyze ipsumdata.dat file completed..\n");
/*檢查系統中是否有僵尸CGI進程,有將其KILL掉*/
/*??????????*/
/*檢查系統中4個消息隊列中是否有不能響應的消息,有則將其刪除*/
/*????????????*/
/**/
printf("analyze finished\n\n\n");
}
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -