/src/ntopng/include/Ntop.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * |
3 | | * (C) 2013-24 - ntop.org |
4 | | * |
5 | | * |
6 | | * This program is free software; you can redistribute it and/or modify |
7 | | * it under the terms of the GNU General Public License as published by |
8 | | * the Free Software Foundation; either version 3 of the License, or |
9 | | * (at your option) any later version. |
10 | | * |
11 | | * This program is distributed in the hope that it will be useful, |
12 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | | * GNU General Public License for more details. |
15 | | * |
16 | | * You should have received a copy of the GNU General Public License |
17 | | * along with this program; if not, write to the Free Software Foundation, |
18 | | * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
19 | | * |
20 | | */ |
21 | | |
22 | | #ifndef _NTOP_CLASS_H_ |
23 | | #define _NTOP_CLASS_H_ |
24 | | |
25 | | #include "ntop_includes.h" |
26 | | |
27 | | /** @defgroup Ntop Ntop |
28 | | * Main ntopng group. |
29 | | */ |
30 | | |
31 | | class NtopPro; |
32 | | |
33 | | /** @class Ntop |
34 | | * @brief Main class of ntopng. |
35 | | * |
36 | | * @ingroup Ntop |
37 | | * |
38 | | */ |
39 | | class Ntop { |
40 | | private: |
41 | | #ifndef WIN32 |
42 | | int startupLockFile; |
43 | | #endif |
44 | | bool flowChecksReloadInProgress, hostChecksReloadInProgress; |
45 | | bool hostPoolsReloadInProgress; |
46 | | bool interfacesShuttedDown; |
47 | | bool offline, forced_offline; |
48 | | Bloom *resolvedHostsBloom; /* Used by all redis class instances */ |
49 | | JobQueue jobsQueue; |
50 | | AddressTree local_interface_addresses; |
51 | | char epoch_buf[11], *zoneinfo, *myTZname; |
52 | | char working_dir[MAX_PATH]; /**< Working directory. */ |
53 | | char install_dir[MAX_PATH]; /**< Install directory. */ |
54 | | char startup_dir[MAX_PATH]; /**< Startup directory. */ |
55 | | char scripts_dir[MAX_PATH + 16]; |
56 | | char *custom_ndpi_protos; /**< Pointer of a custom protocol for nDPI. */ |
57 | | NetworkInterface **iface; /**< Array of network interfaces. */ |
58 | | NetworkInterface *system_interface; /** The system interface */ |
59 | | NetworkInterface *old_iface_to_purge; |
60 | | u_int8_t num_defined_interfaces; /**< Number of defined interfaces. */ |
61 | | u_int8_t num_dump_interfaces; |
62 | | std::atomic<u_int16_t> num_active_lua_vms; |
63 | | HTTPserver *httpd; /**< Pointer of httpd server. */ |
64 | | NtopGlobals *globals; /**< Pointer of Ntop globals info and variables. */ |
65 | | u_int num_cpus; /**< Number of physical CPU cores. */ |
66 | | Redis *redis; /**< Pointer to the Redis server. */ |
67 | | Mutex m, users_m, speedtest_m, pools_lock; |
68 | | std::map<std::string, bool> cachedCustomLists; /* Cache of lists filenames */ |
69 | | u_int32_t current_time; /* Upated by current_time */ |
70 | | #ifndef HAVE_NEDGE |
71 | | ElasticSearch *elastic_search; /**< Pointer of Elastic Search. */ |
72 | | #ifdef HAVE_ZMQ |
73 | | ZMQPublisher *zmqPublisher; |
74 | | #endif |
75 | | #if !defined(WIN32) && !defined(__APPLE__) |
76 | | SyslogDump *syslog; /**< Pointer of Logstash. */ |
77 | | #endif |
78 | | |
79 | | #ifdef HAVE_ZMQ |
80 | | ExportInterface *export_interface; |
81 | | #endif |
82 | | #endif |
83 | | |
84 | | #ifdef HAVE_RADIUS |
85 | | Radius *radiusAcc; |
86 | | #endif |
87 | | |
88 | | TimelineExtract *extract; |
89 | | PeriodicActivities *pa; /**< Instance of periodical activities. */ |
90 | | AddressResolution *address; |
91 | | Prefs *prefs; |
92 | | BlacklistStats blStats; |
93 | | Geolocation *geo; |
94 | | MacManufacturers *mac_manufacturers; |
95 | | void *trackers_automa; |
96 | | long time_offset; |
97 | | time_t start_time; /**< Time when start() was called */ |
98 | | time_t last_stats_reset; |
99 | | u_int32_t last_modified_static_file_epoch; |
100 | | int udp_socket; |
101 | | NtopPro *pro; |
102 | | DeviceProtocolBitmask deviceProtocolPresets[device_max_type]; |
103 | | cpu_load_stats cpu_stats; |
104 | | float cpu_load; |
105 | | bool can_send_icmp, privileges_dropped; |
106 | | #ifndef HAVE_NEDGE |
107 | | bool refresh_ips_rules; |
108 | | #endif |
109 | | FifoSerializerQueue *internal_alerts_queue; |
110 | | Recipients recipients; /* Handle notification recipients */ |
111 | | #ifdef NTOPNG_PRO |
112 | | AssetManagement am; |
113 | | #ifdef HAVE_KAFKA |
114 | | KafkaClient kafkaClient; |
115 | | #endif |
116 | | MessageBroker *message_broker; |
117 | | #endif |
118 | | #ifdef HAVE_NEDGE |
119 | | std::vector<PacketForwarder*> multicastForwarders; |
120 | | #endif |
121 | | |
122 | | /* Local network address list */ |
123 | | char *local_network_names[CONST_MAX_NUM_NETWORKS]; |
124 | | char *local_network_aliases[CONST_MAX_NUM_NETWORKS]; |
125 | | AddressTree local_network_tree, cloud_local_network_tree; |
126 | | |
127 | | /* Alerts */ |
128 | | FlowAlertsLoader flow_alerts_loader; |
129 | | |
130 | | /* Checks */ |
131 | | FlowChecksLoader *flow_checks_loader; |
132 | | HostChecksLoader *host_checks_loader; |
133 | | |
134 | | /* Hosts Control (e.g., disabled alerts) */ |
135 | | #ifdef NTOPNG_PRO |
136 | | bool alertExclusionsReloadInProgress; |
137 | | AlertExclusions *alert_exclusions, *alert_exclusions_shadow; |
138 | | #endif |
139 | | #if defined(NTOPNG_PRO) && defined(HAVE_CLICKHOUSE) && defined(HAVE_MYSQL) |
140 | | ClickHouseImport *clickhouseImport; |
141 | | #endif |
142 | | |
143 | | bool assignUserId(u_int8_t *new_user_id); |
144 | | |
145 | | #ifndef WIN32 |
146 | | ContinuousPing *cping; |
147 | | Ping *default_ping; |
148 | | std::map<std::string /* ifname */, Ping *> ping; |
149 | | #endif |
150 | | |
151 | | /* For local network */ |
152 | | inline int16_t localNetworkLookup(int family, void *addr, |
153 | | u_int8_t *network_mask_bits = NULL); |
154 | | inline int16_t cloudNetworkLookup(int family, void *addr, |
155 | | u_int8_t *network_mask_bits = NULL); |
156 | | bool addLocalNetwork(char *_net); |
157 | | |
158 | | void loadLocalInterfaceAddress(); |
159 | | void initAllowedProtocolPresets(); |
160 | | |
161 | | bool getUserPasswordHashLocal(const char *user, char *password_hash, |
162 | | u_int password_hash_len) const; |
163 | | bool checkUserPasswordLocal(const char *user, const char *password, |
164 | | char *group) const; |
165 | | bool checkUserPassword(const char *user, const char *password, char *group, |
166 | | bool *localuser) const; |
167 | | void checkReloadFlowChecks(); |
168 | | void checkReloadHostChecks(); |
169 | | void checkReloadAlertExclusions(); |
170 | | void checkReloadHostPools(); |
171 | | void setZoneInfo(); |
172 | | char *getPersistentCustomListName(char *name); |
173 | | #ifdef NTOPNG_PRO |
174 | | void connectMessageBroker(); |
175 | | void reloadMessageBroker(); |
176 | | #endif |
177 | | |
178 | | public: |
179 | | /** |
180 | | * @brief A Constructor |
181 | | * @details Creating a new Ntop. |
182 | | * |
183 | | * @param appName Describe the application name. |
184 | | * @return A new instance of Ntop. |
185 | | */ |
186 | | Ntop(const char *appName); |
187 | | /** |
188 | | * @brief A Destructor. |
189 | | * |
190 | | */ |
191 | | ~Ntop(); |
192 | | /** |
193 | | * @brief Register the ntopng preferences. |
194 | | * @details Setting the ntopng preferences defined in a Prefs instance. |
195 | | * |
196 | | * @param _prefs Prefs instance containing the ntopng preferences. |
197 | | * @param quick_registration Set it to true to do a limited initialization |
198 | | */ |
199 | | void registerPrefs(Prefs *_prefs, bool quick_registration); |
200 | | |
201 | | /** |
202 | | * @brief Register an ntopng log file |
203 | | * @details Log file is used under windows and in daemon mode |
204 | | * |
205 | | * @param logFile A valid path to a log file |
206 | | */ |
207 | 0 | inline void registerLogFile(const char *logFile) { |
208 | 0 | getTrace()->set_log_file(logFile); |
209 | 0 | }; |
210 | 0 | inline void rotateLogs(bool mode) { getTrace()->rotate_logs(mode); }; |
211 | | |
212 | | /** |
213 | | * @brief Set the path of custom nDPI protocols file. |
214 | | * @details Set the path of protos.txt containing the defined custom |
215 | | * protocols. For more information please read the nDPI quick start (cd ntopng |
216 | | * source code directory/nDPI/doc/). |
217 | | * |
218 | | * @param path Path of protos.file. |
219 | | */ |
220 | | void setCustomnDPIProtos(char *path); |
221 | | /** |
222 | | * @brief Get the custom nDPI protocols. |
223 | | * @details Inline function. |
224 | | * |
225 | | * @return The path of custom nDPI protocols file. |
226 | | */ |
227 | 4 | inline char *getCustomnDPIProtos() { return (custom_ndpi_protos); }; |
228 | | /** |
229 | | * @brief Get the offset time. |
230 | | * @details .... |
231 | | * |
232 | | * @return The timezone offset. |
233 | | */ |
234 | 0 | inline long get_time_offset() { return (time_offset); }; |
235 | | /** |
236 | | * @brief Initialize the Timezone. |
237 | | * @details Use the localtime function to initialize the variable @ref |
238 | | * time_offset. |
239 | | * |
240 | | */ |
241 | | void initTimezone(); |
242 | | /** |
243 | | * @brief Get a valid path. |
244 | | * @details Processes the input path and return a valid path. |
245 | | * |
246 | | * @param path String path to validate. |
247 | | * @return A valid path. |
248 | | */ |
249 | | char *getValidPath(char *path); |
250 | | /** |
251 | | * @brief Load the @ref Geolocation module. |
252 | | * @details Initialize the variable @ref geo with the input directory. |
253 | | */ |
254 | | void loadGeolocation(); |
255 | | /** |
256 | | * @brief Load the @ref MacManufacturers module. |
257 | | * @details Initialize the variable @ref dir with the input directory. |
258 | | * |
259 | | * @param dir Path to database home directory. |
260 | | */ |
261 | | void loadMacManufacturers(char *dir); |
262 | | |
263 | 0 | inline void getMacManufacturer(const char *mac, lua_State *vm) { |
264 | 0 | u_int8_t mac_bytes[6]; |
265 | 0 | Utils::parseMac(mac_bytes, mac); |
266 | 0 | if (mac_manufacturers) |
267 | 0 | mac_manufacturers->getMacManufacturer(mac_bytes, vm); |
268 | 0 | else |
269 | 0 | lua_pushnil(vm); |
270 | 0 | } |
271 | | |
272 | | /** |
273 | | * @brief Set the local networks. |
274 | | * @details Set the local networks to @ref AddressResolution instance. |
275 | | * |
276 | | * @param nets String that defined the local network with this Format: |
277 | | * 131.114.21.0/24,10.0.0.0/255.0.0.0 . |
278 | | */ |
279 | | void setLocalNetworks(char *nets); |
280 | | /** |
281 | | * @brief Check if the ingress parameter is in the local networks. |
282 | | * @details Inline method. |
283 | | * |
284 | | * @param family Internetwork: UDP, TCP, etc. |
285 | | * @param addr Internet Address. |
286 | | * @param network_id It returns the networkId to which the host belongs to |
287 | | * @param network_mask_bits It returns the number of bits of the network mask |
288 | | * @return True if the address is in the local networks, false otherwise. |
289 | | */ |
290 | | bool isLocalAddress(int family, void *addr, int16_t *network_id, |
291 | | u_int8_t *network_mask_bits = NULL); |
292 | | |
293 | | /** |
294 | | * @brief Start ntopng packet processing. |
295 | | */ |
296 | | void start(); |
297 | | /** |
298 | | * @brief Resolve the host name. |
299 | | * @details Use the redis database to resolve the IP address and get the host |
300 | | * name. |
301 | | * |
302 | | * @param numeric_ip Address IP. |
303 | | * @param symbolic Symbolic name. |
304 | | * @param symbolic_len Length of symbolic name. |
305 | | */ |
306 | | inline void resolveHostName(const char *numeric_ip, char *symbolic, |
307 | 0 | u_int symbolic_len) { |
308 | 0 | address->resolveHostName(numeric_ip, symbolic, symbolic_len); |
309 | 0 | } |
310 | | |
311 | 0 | inline bool resolveHost(const char *host, char *rsp, u_int rsp_len, bool v4) { |
312 | 0 | return address->resolveHost(host, rsp, rsp_len, v4); |
313 | 0 | } |
314 | | |
315 | | /** |
316 | | * @brief Get the geolocation instance. |
317 | | * |
318 | | * @return Current geolocation instance. |
319 | | */ |
320 | 91.1k | inline Geolocation *getGeolocation() { return (geo); }; |
321 | | /** |
322 | | * @brief Get the mac manufacturers instance. |
323 | | * |
324 | | * @return Current mac manufacturers instance. |
325 | | */ |
326 | 16.6k | inline MacManufacturers *getMacManufacturers() { |
327 | 16.6k | return (mac_manufacturers); |
328 | 16.6k | }; |
329 | | /** |
330 | | * @brief Get the ifName. |
331 | | * @details Find the ifName by id parameter. |
332 | | * |
333 | | * @param id Index of ifName. |
334 | | * @return .... |
335 | | */ |
336 | 0 | inline char *get_if_name(int id) { return (prefs->get_if_name(id)); }; |
337 | 0 | inline const char *get_if_descr(int id) { return (prefs->get_if_descr(id)); }; |
338 | 0 | inline char *get_data_dir() { return (prefs->get_data_dir()); }; |
339 | 0 | inline const char *get_callbacks_dir() { |
340 | 0 | return (prefs->get_callbacks_dir()); |
341 | 0 | }; |
342 | | #ifdef NTOPNG_PRO |
343 | | inline const char *get_pro_callbacks_dir() { |
344 | | return (prefs->get_pro_callbacks_dir()); |
345 | | }; |
346 | | #endif |
347 | | /** |
348 | | * @brief Get the current httpdocs directory. |
349 | | * |
350 | | * @return The absolute path of the httpdocs directory. |
351 | | */ |
352 | 4 | inline const char *get_docs_dir() { return (prefs->get_docs_dir()); }; |
353 | | |
354 | | /** |
355 | | * @brief Register the network interface. |
356 | | * @details Check for duplicated interface and add the network interface in to |
357 | | * @ref iface. |
358 | | * |
359 | | * @param i Network interface. |
360 | | * @return true on success, false otherwise |
361 | | */ |
362 | | bool registerInterface(NetworkInterface *i); |
363 | | |
364 | | /** |
365 | | * @brief Finalize the network interface initialization. |
366 | | * |
367 | | * @param i Network interface. |
368 | | */ |
369 | | void initInterface(NetworkInterface *i); |
370 | | |
371 | | /** |
372 | | * @brief Get the number of defined network interfaces. |
373 | | * |
374 | | * @return Number of defined network interfaces. |
375 | | */ |
376 | 0 | inline u_int8_t get_num_interfaces() { return (num_defined_interfaces); } |
377 | | |
378 | | /** |
379 | | * @brief Get the Id of network interface. |
380 | | * @details This method accepts both interface names or Ids. |
381 | | * |
382 | | * @param name Name of network interface. |
383 | | * @return The network interface Id if exists, -1 otherwise. |
384 | | */ |
385 | | int getInterfaceIdByName(lua_State *vm, const char *name); |
386 | | |
387 | | /** |
388 | | * @brief Get the network interface with the specified Id |
389 | | * |
390 | | * @param if_id Id of network interface. |
391 | | * @return Pointer to the network interface, NULL otherwise. |
392 | | */ |
393 | | NetworkInterface *getInterfaceById(int if_id); |
394 | | |
395 | | /** |
396 | | * @brief Get the network interface at the specified position |
397 | | * |
398 | | * @param id Position of network interface. |
399 | | * @return Pointer to the network interface, NULL otherwise. |
400 | | */ |
401 | 0 | inline NetworkInterface *getInterfaceAtId(u_int8_t id) { |
402 | 0 | return ((id < num_defined_interfaces) ? iface[id] : NULL); |
403 | 0 | } |
404 | | |
405 | | /** |
406 | | * @brief Register the HTTP server. |
407 | | * |
408 | | * @param h HTTP server instance. |
409 | | */ |
410 | 0 | inline void registerHTTPserver(HTTPserver *h) { httpd = h; }; |
411 | | |
412 | | /** |
413 | | * @brief Get the network interface identified by name or Id. |
414 | | * @details This method accepts both interface names or Ids. |
415 | | * This method shall be called from Lua-mapped methods |
416 | | * especially where constraints on user allowed interfaces |
417 | | * must be enforced. |
418 | | * @param name Names or Id of network interface. |
419 | | * @return The network interface instance if exists, NULL otherwise. |
420 | | */ |
421 | | NetworkInterface *getNetworkInterface(const char *name, lua_State *vm = NULL); |
422 | 0 | inline NetworkInterface *getNetworkInterface(lua_State *vm, int ifid) { |
423 | 0 | char ifname[MAX_INTERFACE_NAME_LEN]; |
424 | 0 | snprintf(ifname, sizeof(ifname), "%d", ifid); |
425 | 0 | return getNetworkInterface( |
426 | 0 | ifname, vm /* enforce the check on the allowed interface */); |
427 | 0 | }; |
428 | | |
429 | | /** |
430 | | * @brief Get the current HTTPserver instance. |
431 | | * |
432 | | * @return The current instance of HTTP server. |
433 | | */ |
434 | 0 | inline HTTPserver *get_HTTPserver() { return (httpd); }; |
435 | | |
436 | 0 | inline const char *get_bin_dir() { return (CONST_BIN_DIR); }; |
437 | | |
438 | | /** |
439 | | * @brief Get the current working directory. |
440 | | * |
441 | | * @return The absolute path of working directory. |
442 | | */ |
443 | 16 | inline char *get_working_dir() { return (working_dir); }; |
444 | | |
445 | | /** |
446 | | * @brief Get the installation path of ntopng. |
447 | | * |
448 | | * @return The path of installed directory. |
449 | | */ |
450 | 2 | inline char *get_install_dir() { return (install_dir); }; |
451 | 2 | inline void set_install_dir(char *id) { |
452 | 2 | snprintf(install_dir, MAX_PATH, "%s", id); |
453 | 2 | }; |
454 | | |
455 | 0 | inline char *get_scripts_dir() { return (scripts_dir); }; |
456 | 8.66k | inline Bloom *getResolutionBloom() { return (resolvedHostsBloom); }; |
457 | 403k | inline NtopGlobals *getGlobals() { return (globals); }; |
458 | 19.6k | inline Trace *getTrace() { |
459 | 19.6k | return ((globals != NULL) ? globals->getTrace() : NULL); |
460 | 19.6k | }; |
461 | 70.0k | inline Redis *getRedis() { return (redis); }; |
462 | 0 | inline TimelineExtract *getTimelineExtract() { return (extract); }; |
463 | | |
464 | | #ifdef HAVE_ZMQ |
465 | | #ifndef HAVE_NEDGE |
466 | 5.02k | inline ExportInterface *get_export_interface() { return (export_interface); }; |
467 | | #endif |
468 | | #endif |
469 | | |
470 | 1.69M | inline Prefs *getPrefs() { return (prefs); }; |
471 | | void initPing(); |
472 | | #ifndef WIN32 |
473 | | void lockNtopInstance(); |
474 | | #endif |
475 | | #ifdef NTOPNG_PRO |
476 | | #ifdef WIN32 |
477 | | char *getIfName(int if_id, char *name, u_int name_len); |
478 | | #endif |
479 | | #endif |
480 | | void setScriptsDir(); |
481 | | void lua_periodic_activities_stats(NetworkInterface *iface, lua_State *vm); |
482 | | void getUsers(lua_State *vm); |
483 | | bool getLocalNetworkAlias(lua_State *vm, u_int16_t network_id); |
484 | | bool isUserAdministrator(lua_State *vm); |
485 | | void getAllowedInterface(lua_State *vm); |
486 | | void getAllowedNetworks(lua_State *vm); |
487 | | bool getInterfaceAllowed(lua_State *vm, char *ifname) const; |
488 | | bool isInterfaceAllowed(lua_State *vm, const char *ifname) const; |
489 | | bool isInterfaceAllowed(lua_State *vm, int ifid) const; |
490 | | bool isPcapDownloadAllowed(lua_State *vm, const char *ifname); |
491 | | char *preparePcapDownloadFilter(lua_State *vm, char *filter); |
492 | | bool isLocalAuthEnabled() const; |
493 | | bool isLocalUser(lua_State *vm); |
494 | | bool checkCaptiveUserPassword(const char *user, const char *password, |
495 | | char *group) const; |
496 | | bool checkGuiUserPassword(struct mg_connection *conn, const char *user, |
497 | | const char *password, char *group, |
498 | | bool *localuser) const; |
499 | | bool isBlacklistedLogin(struct mg_connection *conn) const; |
500 | | bool checkUserInterfaces(const char *user) const; |
501 | | bool resetUserPassword(char *username, char *old_password, |
502 | | char *new_password); |
503 | | bool mustChangePassword(const char *user); |
504 | | bool changeUserFullName(const char *username, const char *full_name) const; |
505 | | bool changeUserRole(char *username, char *user_role) const; |
506 | | bool changeAllowedNets(char *username, char *allowed_nets) const; |
507 | | bool changeAllowedIfname(char *username, char *allowed_ifname) const; |
508 | | bool changeUserHostPool(const char *username, const char *host_pool_id) const; |
509 | | bool changeUserLanguage(const char *username, const char *language) const; |
510 | | bool changeUserPcapDownloadPermission(const char *username, |
511 | | bool allow_pcap_download, |
512 | | u_int32_t ttl = 0 /* Forever */) const; |
513 | | bool changeUserHistoricalFlowPermission( |
514 | | const char *username, bool allow_historical_flows, |
515 | | u_int32_t ttl = 0 /* Forever */) const; |
516 | | bool changeUserAlertsPermission(const char *username, bool allow_alerts, |
517 | | u_int32_t ttl = 0 /* Forever */) const; |
518 | | bool hasCapability(lua_State *vm, UserCapabilities capability); |
519 | | bool getUserCapabilities(const char *username, bool *allow_pcap_download, |
520 | | bool *allow_historical_flows, |
521 | | bool *allow_alerts) const; |
522 | | bool existsUser(const char *username) const; |
523 | | bool addUser(char *username, char *full_name, char *password, char *host_role, |
524 | | char *allowed_networks, char *allowed_ifname, char *host_pool_id, |
525 | | char *language, bool allow_pcap_download, |
526 | | bool allow_historical_flows, bool allow_alerts); |
527 | | bool addUserAPIToken(const char *username, const char *api_token); |
528 | | bool isCaptivePortalUser(const char *username); |
529 | | bool deleteUser(char *username); |
530 | | bool getUserHostPool(char *username, u_int16_t *host_pool_id); |
531 | | bool getUserAllowedIfname(const char *username, char *buf, |
532 | | size_t buflen) const; |
533 | | bool getUserAPIToken(const char *username, char *buf, size_t buflen) const; |
534 | | void setWorkingDir(char *dir); |
535 | | void fixPath(char *str, bool replaceDots = true); |
536 | | void removeTrailingSlash(char *str); |
537 | | void daemonize(); |
538 | | void shutdownPeriodicActivities(); |
539 | | void shutdownInterfaces(); |
540 | | void shutdownAll(); |
541 | | void runHousekeepingTasks(); |
542 | | void runShutdownTasks(); |
543 | | void checkShutdownWhenDone(); |
544 | 20.0k | bool isLocalInterfaceAddress(int family, void *addr) { |
545 | 20.0k | return (local_interface_addresses.findAddress(family, addr) == -1 ? false |
546 | 20.0k | : true); |
547 | 20.0k | }; |
548 | | void getLocalNetworkIp(int16_t local_network_id, IpAddress **network_ip, |
549 | | u_int8_t *network_prefix); |
550 | | void addLocalNetworkList(const char *network); |
551 | | void createExportInterface(); |
552 | | void resetNetworkInterfaces(); |
553 | | void initElasticSearch(); |
554 | | |
555 | 0 | inline u_int32_t getStartTime() { return ((u_int32_t)start_time); } |
556 | 0 | inline char *getStartTimeString() { return (epoch_buf); } |
557 | 0 | inline u_int32_t getLastModifiedStaticFileEpoch() { |
558 | 0 | return (last_modified_static_file_epoch); |
559 | 0 | } |
560 | 0 | inline void setLastModifiedStaticFileEpoch(u_int32_t t) { |
561 | 0 | if (t > last_modified_static_file_epoch) |
562 | 0 | last_modified_static_file_epoch = t; |
563 | 0 | } |
564 | 0 | inline u_int32_t getUptime() { |
565 | 0 | return ((u_int32_t)((start_time > 0) ? (time(NULL) - start_time) : 0)); |
566 | 0 | } |
567 | 0 | inline int getUdpSock() { return (udp_socket); } |
568 | | #ifdef NTOPNG_PRO |
569 | | inline AlertExclusions *getAlertExclusions() { return alert_exclusions; } |
570 | | #endif |
571 | | |
572 | 0 | inline u_int getNumCPUs() { return (num_cpus); } |
573 | 0 | inline void setNumCPUs(u_int num) { num_cpus = num; } |
574 | 0 | inline bool canSendICMP() { return (can_send_icmp); } |
575 | 0 | inline bool canSelectNetworkIfaceICMP() { |
576 | 0 | #ifdef __linux__ |
577 | 0 | return (can_send_icmp); |
578 | | #else |
579 | | return (false); |
580 | | #endif |
581 | 0 | } |
582 | | |
583 | 0 | inline NtopPro *getPro() { return ((NtopPro *)pro); }; |
584 | | |
585 | | void loadTrackers(); |
586 | | bool isATrackerHost(char *host); |
587 | | bool isExistingInterface(const char *name) const; |
588 | 0 | inline NetworkInterface *getFirstInterface() const { |
589 | 0 | return (iface ? iface[0] : NULL); |
590 | 0 | } |
591 | 0 | inline NetworkInterface *getInterface(int i) const { |
592 | 0 | return (((i < num_defined_interfaces) && iface[i]) ? iface[i] : NULL); |
593 | 0 | } |
594 | 3.07k | inline NetworkInterface *getSystemInterface() const { |
595 | 3.07k | return (system_interface); |
596 | 3.07k | } |
597 | | #ifdef HAVE_NEDGE |
598 | | void addToNotifiedInformativeCaptivePortal(u_int32_t client_ip); |
599 | | bool addIPToLRUMatches(u_int32_t client_ip, u_int16_t user_pool_id, |
600 | | char *label, char *ifname); |
601 | | #endif /* NTOPNG_PRO */ |
602 | | |
603 | 26 | DeviceProtocolBitmask *getDeviceAllowedProtocols(DeviceType t) { |
604 | 26 | return (&deviceProtocolPresets[t]); |
605 | 26 | } |
606 | | void refreshAllowedProtocolPresets(DeviceType t, bool client, lua_State *L, |
607 | | int index); |
608 | | DeviceProtoStatus getDeviceAllowedProtocolStatus(DeviceType dev_type, |
609 | | ndpi_protocol proto, |
610 | | u_int16_t pool_id, |
611 | | bool as_client); |
612 | | void refreshCPULoad(); |
613 | | bool getCPULoad(float *out); |
614 | 0 | inline FifoSerializerQueue *getInternalAlertsQueue() { |
615 | 0 | return (internal_alerts_queue); |
616 | 0 | } |
617 | | void lua_alert_queues_stats(lua_State *vm); |
618 | | bool recipients_are_empty(); |
619 | | bool recipients_enqueue(AlertFifoItem *notification, |
620 | | AlertEntity alert_entity); |
621 | | AlertLevel get_default_recipient_minimum_severity(); |
622 | | bool recipient_enqueue(u_int16_t recipient_id, |
623 | | const AlertFifoItem *const notification); |
624 | | AlertFifoItem *recipient_dequeue(u_int16_t recipient_id); |
625 | | void recipient_stats(u_int16_t recipient_id, lua_State *vm); |
626 | | time_t recipient_last_use(u_int16_t recipient_id); |
627 | | void recipient_delete(u_int16_t recipient_id); |
628 | | void recipient_register(u_int16_t recipient_id, AlertLevel minimum_severity, |
629 | | Bitmap128 enabled_categories, |
630 | | Bitmap128 enabled_host_pools, |
631 | | Bitmap128 enabled_entities, |
632 | | Bitmap128 enabled_flow_checks, |
633 | | Bitmap128 enabled_host_checks, |
634 | | bool skip_alerts); |
635 | | |
636 | | void sendNetworkInterfacesTermination(); |
637 | 78.7k | inline time_t getLastStatsReset() { return (last_stats_reset); } |
638 | | void resetStats(); |
639 | | |
640 | | bool isMaliciousJA3Hash(std::string md5_hash); |
641 | | struct ndpi_detection_module_struct *initnDPIStruct(); |
642 | | |
643 | | void checkReloadHostsBroadcastDomain(); |
644 | | |
645 | 0 | inline void reloadFlowChecks() { flowChecksReloadInProgress = true; }; |
646 | 0 | inline void reloadHostChecks() { hostChecksReloadInProgress = true; }; |
647 | 0 | inline void reloadAlertExclusions() { |
648 | | #ifdef NTOPNG_PRO |
649 | | alertExclusionsReloadInProgress = true; |
650 | | #endif |
651 | 0 | }; |
652 | 0 | inline void reloadHostPools() { hostPoolsReloadInProgress = true; }; |
653 | | |
654 | | void addToPool(char *host_or_mac, u_int16_t user_pool_id); |
655 | | |
656 | | char *getAlertJSON(FlowAlertType fat, Flow *f) const; |
657 | | ndpi_serializer *getAlertSerializer(FlowAlertType fat, Flow *f) const; |
658 | | |
659 | | #ifndef WIN32 |
660 | 0 | inline ContinuousPing *getContinuousPing() { return (cping); } |
661 | | Ping *getPing(char *ifname); |
662 | | #endif |
663 | | |
664 | | #ifdef HAVE_RADIUS |
665 | | inline void updateRadiusLoginInfo() { radiusAcc->updateLoginInfo(); }; |
666 | | inline bool radiusAuthenticate(const char *username, const char *password, |
667 | | bool *has_unprivileged_capabilities, |
668 | | bool *is_admin) { |
669 | | return radiusAcc->authenticate(username, password, has_unprivileged_capabilities, is_admin); |
670 | | }; |
671 | | inline bool radiusAccountingStart(RadiusTraffic *info) { |
672 | | return radiusAcc->startSession(info); |
673 | | }; |
674 | | inline bool radiusAccountingUpdate(RadiusTraffic *info) { |
675 | | return radiusAcc->updateSession(info); |
676 | | }; |
677 | | inline bool radiusAccountingStop(RadiusTraffic *info) { |
678 | | return radiusAcc->stopSession(info); |
679 | | }; |
680 | | #endif |
681 | | |
682 | 0 | inline bool hasDroppedPrivileges() { return (privileges_dropped); } |
683 | 0 | inline void setDroppedPrivileges() { privileges_dropped = true; } |
684 | | |
685 | | void getUserGroupLocal(const char *user, char *group) const; |
686 | 0 | bool existsUserLocal(const char *user) { |
687 | 0 | char val[64]; |
688 | 0 | return getUserPasswordHashLocal(user, val, sizeof(val)); |
689 | 0 | } |
690 | | |
691 | | /* Local network address list methods */ |
692 | 62.6k | inline u_int16_t getNumLocalNetworks() { |
693 | 62.6k | return local_network_tree.getNumAddresses(); |
694 | 62.6k | }; |
695 | 4 | inline const char *getLocalNetworkName(int16_t local_network_id) { |
696 | 4 | return (((u_int16_t)local_network_id < local_network_tree.getNumAddresses()) |
697 | 4 | ? local_network_names[(u_int16_t)local_network_id] |
698 | 4 | : NULL); |
699 | 4 | }; |
700 | | |
701 | | u_int16_t getLocalNetworkId(const char *network_name); |
702 | | |
703 | 0 | void addLocalCloudAddress(char *str) { cloud_local_network_tree.addAddress(str); } |
704 | | |
705 | | // void getLocalAddresses(lua_State* vm) { |
706 | | // return(local_network_tree.getAddresses(vm)); }; |
707 | | |
708 | 0 | inline FlowChecksLoader *getFlowChecksLoader() { |
709 | 0 | return (flow_checks_loader); |
710 | 0 | } |
711 | 0 | inline HostChecksLoader *getHostChecksLoader() { |
712 | 0 | return (host_checks_loader); |
713 | 0 | } |
714 | 0 | inline u_int8_t getFlowAlertScore(FlowAlertTypeEnum alert_id) const { |
715 | 0 | return flow_alerts_loader.getAlertScore(alert_id); |
716 | 0 | }; |
717 | 0 | inline ndpi_risk_enum getFlowAlertRisk(FlowAlertTypeEnum alert_id) const { |
718 | 0 | return flow_alerts_loader.getAlertRisk(alert_id); |
719 | 0 | }; |
720 | 0 | inline const char *getRiskStr(ndpi_risk_enum risk_id) { |
721 | 0 | return (ndpi_risk2str(risk_id)); |
722 | 0 | }; |
723 | | bool luaFlowCheckInfo(lua_State *vm, std::string check_name) const; |
724 | | bool luaHostCheckInfo(lua_State *vm, std::string check_name) const; |
725 | 0 | inline ndpi_risk getUnhandledRisks() const { |
726 | 0 | return flow_checks_loader ? flow_checks_loader->getUnhandledRisks() : 0; |
727 | 0 | }; |
728 | | #ifndef HAVE_NEDGE |
729 | | bool initPublisher(); |
730 | | bool broadcastControlMessage(char *msg); |
731 | | bool broadcastIPSMessage(char *msg); |
732 | 0 | inline void askToRefreshIPSRules() { refresh_ips_rules = true; } |
733 | 0 | inline bool timeToRefreshIPSRules() { |
734 | 0 | bool rc = refresh_ips_rules; |
735 | 0 | refresh_ips_rules = false; |
736 | 0 | return (rc); |
737 | 0 | } |
738 | | #endif |
739 | | |
740 | | /* This offline mode is forced by the --offline option */ |
741 | 0 | inline bool isForcedOffline() { return forced_offline; } |
742 | 0 | inline void toggleForcedOffline(bool off) { forced_offline = off; } |
743 | | |
744 | | /* Used instead to check if ntopng is offline but without the --offline option |
745 | | */ |
746 | 0 | inline bool isOffline() { return offline; } |
747 | 0 | inline void toggleOffline(bool off) { offline = off; } |
748 | | |
749 | | void cleanShadownDPI(); |
750 | | bool initnDPIReload(); |
751 | | void finalizenDPIReload(); |
752 | | bool isnDPIReloadInProgress(); |
753 | | ndpi_protocol_category_t get_ndpi_proto_category(ndpi_protocol proto); |
754 | | ndpi_protocol_category_t get_ndpi_proto_category(u_int protoid); |
755 | | void setnDPIProtocolCategory(u_int16_t protoId, |
756 | | ndpi_protocol_category_t protoCategory); |
757 | | bool nDPILoadIPCategory(char *what, ndpi_protocol_category_t id, |
758 | | char *list_name); |
759 | | bool nDPILoadHostnameCategory(char *what, ndpi_protocol_category_t id, |
760 | | char *list_name); |
761 | | int nDPILoadMaliciousJA3Signatures(const char *file_path); |
762 | | int nDPISetDomainMask(const char *domain, u_int64_t domain_mask); |
763 | | void setLastInterfacenDPIReload(time_t now); |
764 | | bool needsnDPICleanup(); |
765 | | void setnDPICleanupNeeded(bool needed); |
766 | | u_int16_t getnDPIProtoByName(const char *name); |
767 | | bool isDbCreated(); |
768 | | void collectResponses(lua_State *vm); |
769 | | void collectContinuousResponses(lua_State *vm); |
770 | 0 | inline char *getZoneInfo() { return (zoneinfo); } |
771 | | |
772 | | void luaClickHouseStats(lua_State *vm) const; |
773 | | void speedtest(lua_State *vm); |
774 | | #if defined(NTOPNG_PRO) |
775 | | MessageBroker* getMessageBroker() { return(message_broker); }; |
776 | | #endif |
777 | | #if defined(NTOPNG_PRO) && defined(HAVE_CLICKHOUSE) && defined(HAVE_MYSQL) |
778 | | inline u_int importClickHouseDumps(bool silence_warnings) { |
779 | | return (clickhouseImport ? clickhouseImport->importDumps(silence_warnings) |
780 | | : 0); |
781 | | } |
782 | | u_int64_t getNextFlowId() { |
783 | | return (clickhouseImport ? clickhouseImport->getNextFlowId() : 0); |
784 | | } |
785 | | inline ClickHouseImport *getClickHouseImport() { return (clickhouseImport); } |
786 | | #endif |
787 | 0 | inline char *getTZname() { return (myTZname); } |
788 | | #ifdef NTOPNG_PRO |
789 | | inline AssetManagement *get_am() { return (&am); } |
790 | | #endif |
791 | 0 | inline Mutex *get_pools_lock() { return (&pools_lock); }; |
792 | 0 | inline u_int32_t get_current_time() { return(current_time); }; |
793 | | bool createPcapInterface(const char *path, int *iface_id); |
794 | | void incBlacklisHits(std::string listname); |
795 | | #if defined(NTOPNG_PRO) && defined(HAVE_KAFKA) |
796 | | inline bool sendKafkaMessage(char *kafka_broker_info, char *msg, |
797 | | u_int msg_len) { |
798 | | return (kafkaClient.sendMessage(kafka_broker_info, msg, msg_len)); |
799 | | } |
800 | | #endif |
801 | | u_int64_t getNumActiveProbes() const; |
802 | 0 | inline BlacklistStats* getBlacklistStats() { return(&blStats); } |
803 | 0 | inline void resetBlacklistStats() { blStats.reset(); } |
804 | 0 | inline JobQueue* getJobsQueue() { return(&jobsQueue); } |
805 | 0 | inline PeriodicActivities* getPeriodicActivities() { return(pa); } |
806 | | |
807 | 0 | void incNumLuaVMs() { num_active_lua_vms++; } |
808 | 0 | void decNumLuaVMs() { num_active_lua_vms--; } |
809 | 0 | inline u_int16_t getNumActiveLuaVMs() { return(num_active_lua_vms); } |
810 | | }; |
811 | | |
812 | | extern Ntop *ntop; |
813 | | |
814 | | #ifdef NTOPNG_PRO |
815 | | #include "ntoppro_defines.h" |
816 | | #endif |
817 | | |
818 | | #endif /* _NTOP_CLASS_H_ */ |