/*
 * COMM_AUDIT.h
 *
 *  Created on: 2017-8-14
 *  Last Modified: 2017-11-23
 *  Author: zhangxi
 */

#ifndef _COMM_AUDIT_H_
#define _COMM_AUDIT_H_

#include <sys/types.h>
#include <time.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <string.h>
#include <dirent.h>
#include <assert.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>

#include <MESA/stream.h>
#include <MESA/MESA_handle_logger.h>
#include <MESA/MESA_htable.h>
#include <MESA/MESA_prof_load.h>


#ifdef __cplusplus
extern "C" {
#endif

#define IPLEN (16)
#define MACLEN (60)
#define MB (1024 * 1024)
#define MAX_LEN (1024)

#define STREAM_TYPE(num)\
({\
	string type;\
	switch(num)\
	{\
		case 0:\
			type="NON";\
			break;\
		case 1:\
			type="TCP";\
			break;\
		case 2:\
			type="UDP";\
			break;\
		case 3:\
			type="VLAN";\
			break;\
		case 4:\
			type="SOCKS4";\
			break;\
		case 5:\
			type="SOCKS5";\
			break;\
		case 6:\
			type="HTTP_PROXY";\
			break;\
		case 7:\
			type="PPPOE";\
			break;\
		case 8:\
			type="L2TP";\
			break;\
		case 9:\
			type="OPENVPN";\
			break;\
		case 10:\
			type="PPTP";\
			break;\
		case 11:\
			type="ISAKMP";\
			break;\
	}\
	(type);\
})


#define APP_TYPE(num)\
({\
	string type;\
	switch(num)\
	{\
		case 227:\
			type="HTTP";\
			break;\
		case 256:\
			type="DNS";\
			break;\
		case 314:\
			type="SSL";\
			break;\
		case 229:\
			type="FTP";\
			break;\
		case 243:\
			type="SMTP";\
			break;\
		case 242:\
			type="POP3";\
			break;\
		case 244:\
			type="IMAP";\
			break;\
		case 1:\
			type="BT";\
			break;\
		case 145:\
			type="RTSP";\
			break;\
		case 1054:\
			type="SSH";\
			break;\
		case 1058:\
			type="telnet";\
			break;\
		case 312:\
			type="socks4";\
			break;\
		case 313:\
			type="socks5";\
			break;\
		case 15:\
			type="fasttrack";\
			break;\
		case 17:\
			type="filetopia";\
			break;\
		case 18:\
			type="flashget";\
			break;\
		case 954:\
			type="oracle";\
			break;\
		case 1002:\
			type="skinny";\
			break;\
		case 1023:\
			type="yyvoice";\
			break;\
		case 28:\
			type="imesh";\
			break;\
		case 975:\
			type="iax";\
			break;\
		case 986:\
			type="mgcp";\
			break;\
		case 997:\
			type="rtcp";\
			break;\
		case 998:\
			type="rtp";\
			break;\
		case 1042:\
			type="citrix";\
			break;\
		case 1043:\
			type="corba";\
			break;\
		case 1044:\
			type="dameware";\
			break;\
		case 1050:\
			type="pcanywhere";\
			break;\
		case 1051:\
			type="qq_rdp";\
			break;\
		case 1056:\
			type="teamview";\
			break;\
		case 1060:\
			type="vnc";\
			break;\
		case 1063:\
			type="xdmcp";\
			break;\
		case 1068:\
			type="rdp";\
			break;\
		case 4:\
			type="aimini";\
			break;\
		case 41:\
			type="poco";\
			break;\
		case 46:\
			type="qqdownload";\
			break;\
		case 5:\
			type="applejuice";\
			break;\
		case 55:\
			type="stealthnet";\
			break;\
		case 59:\
			type="winmx";\
			break;\
		case 66:\
			type="emule";\
			break;\
		case 72:\
			type="kuwo";\
			break;\
		case 80:\
			type="thunder";\
			break;\
		case 138:\
			type="qvod";\
			break;\
		case 953:\
			type="mysql";\
			break;\
		case 101:\
			type="icecast";\
			break;\
		case 113:\
			type="mms";\
			break;\
		case 127:\
			type="pplive";\
			break;\
		case 129:\
			type="ppstream";\
			break;\
		case 151:\
			type="sopcast";\
			break;\
		case 153:\
			type="steam";\
			break;\
		case 157:\
			type="tvants";\
			break;\
		case 199:\
			type="iqiyi";\
			break;\
		case 208:\
			type="sohutv";\
			break;\
		case 223:\
			type="iku";\
			break;\
		case 228:\
			type="cvs";\
			break;\
		case 232:\
			type="ipp";\
			break;\
		case 235:\
			type="nfs";\
			break;\
		case 236:\
			type="rsync";\
			break;\
		case 237:\
			type="smb";\
			break;\
		case 239:\
			type="tftp";\
			break;\
		case 247:\
			type="lotus_notes";\
			break;\
		case 251:\
			type="bgp";\
			break;\
		case 254:\
			type="dhcp";\
			break;\
		case 259:\
			type="finger";\
			break;\
		case 264:\
			type="kerberos";\
			break;\
		case 265:\
			type="ldap";\
			break;\
		case 266:\
			type="mdns";\
			break;\
		case 268:\
			type="nntp";\
			break;\
		case 276:\
			type="snmp";\
			break;\
		case 277:\
			type="ssdp";\
			break;\
		case 278:\
			type="syslog";\
			break;\
		case 281:\
			type="whois";\
			break;\
		case 288:\
			type="radius";\
			break;\
		case 1150:\
			type="quic";\
			break;\
		case 295:\
			type="ikev1";\
			break;\
		case 296:\
			type="ikev2";\
			break;\
		case 304:\
			type="l2tp";\
			break;\
		case 307:\
			type="openvpn";\
			break;\
		case 309:\
			type="pptp";\
			break;\
		case 315:\
			type="stun";\
			break;\
		case 317:\
			type="teredo";\
			break;\
		case 318:\
			type="tor";\
			break;\
		case 328:\
			type="xunyou_speedup";\
			break;\
		case 360:\
			type="msn";\
			break;\
		case 368:\
			type="popo";\
			break;\
		case 404:\
			type="qq";\
			break;\
		case 410:\
			type="sinauc";\
			break;\
		case 467:\
			type="qqbattle";\
			break;\
		case 484:\
			type="quake";\
			break;\
		case 507:\
			type="xbox";\
			break;\
		case 690:\
			type="wow";\
			break;\
		case 1074:\
			type="gtp";\
			break;\
		default:\
			type="unknown";\
			break;\
	}\
	(type);\
})

#define TCP_FLAG(num)\
({\
	string flag;\
	int n = num;\
	if(n >= 32)\
	{\
		flag += "U";\
		n -= 32;\
	}\
	if(n >= 16)\
	{\
		flag += "A";\
		n -= 16;\
	}\
	if(n >= 8)\
	{\
		flag += "P";\
		n -= 8;\
	}\
	if(n >= 4)\
	{\
		flag += "R";\
		n -= 4;\
	}\
	if(n >= 2)\
	{\
		flag += "S";\
		n -= 2;\
	}\
	if(n >= 1)\
	{\
		flag += "F";\
		n -= 1;\
	}\
	(flag);\
})


typedef struct _htable_data_t
{

	unsigned int inner_ip;
	unsigned int ext_ip;
	unsigned short inner_port;
	unsigned short ext_port;
	char inner_mac[MACLEN];
	char ext_mac[MACLEN];
	unsigned char protocol;
	unsigned short app;

	unsigned short tcp_flag;
	unsigned long long in_bytes;
	unsigned long long out_bytes;
	unsigned long long in_pkts;
	unsigned long long out_pkts;
	long long start_time;
	long long end_time;
	
}htable_data_t;


typedef struct htable_search_arg
{
    struct streaminfo * stream;
    void * packet;
    int is_end;
}htable_search_arg;


typedef struct comm_prog_configure_t
{
	int 				htable_size;
	int 				sleep;
	int 				read_interval;
	int 				write_interval;
	int 				write_max_num;
    int                 flag; //0:use mmd filter;1:no filter;2:no have any data
	// char * 				log_path;
	char * 				tmp_log_path;
	char * 				upload_pz_path;
    char *              mmdb_path;
}comm_prog_configure_t;

typedef struct comm_prog_runtime_parameter_t
{	
	int 				project_id_pro;
	int 				thread_num;
	void*				log_handle;
	long long 			last_send_time;
	pthread_mutex_t 	mutex;
	MESA_htable_handle	**htable_handle;
	// MESA_htable_handle	htable_handle1;
	// MESA_htable_handle	htable_handle2;
	// MESA_htable_handle	wtable;
	// MESA_htable_handle	rtable;

}comm_prog_runtime_parameter_t;

typedef struct del_para_t
{
	char *	writetime;
	int 	thread_seq;
}del_para_t;

int COMM_AUDIT_INIT();
char COMM_AUDIT_ENTRY(struct streaminfo *, void **, int , void *);
void COMM_AUDIT_DESTROY();

#ifdef __cplusplus
}
#endif

#endif