Merge pull request #46 from jvm3487/master

Provide ability to specify starting record number for ng offline mode.
certego · Aug 1, 2018 · f2c95d1 · f2c95d1
2 parents b038a4d + 06344a6
commit f2c95d1
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 11 deletions.
diff --git a/fw1-loggrabber.c b/fw1-loggrabber.c
@@ -38,6 +38,7 @@ int
 main (int argc, char *argv[])
 {
   int i;
+  int record_num = 0;
   stringlist *lstptr;
   char *foundstring;
   char *field;
@@ -128,6 +129,32 @@ main (int argc, char *argv[])
         {
           audit_log = 0;
         }
+      else if (strcmp (argv[i], "--loc") == 0)
+        {
+          i++;
+          if ( argv[i] == NULL || argv[i][0] == '-')
+            {
+              fprintf (stderr, "ERROR: 0 or positive value expected for argument %s\n",
+                       argv[i - 1]);
+              usage (argv[0]);
+              exit_loggrabber (1);
+            }
+
+          errno = 0;
+          long raw_record_num = strtol ( argv[i], NULL, 10 );
+          if ( errno == ERANGE || raw_record_num < 0 || raw_record_num > INT_MAX)
+            {
+              fprintf (stderr,
+                       "WARNING: %s expects an integer range value greater than or equal to 0\n"
+                       "         The provided value will be treated as if it were 0\n",
+                       argv[i-1] );
+              record_num = 0;
+            }
+          else
+            {
+              record_num = (int) raw_record_num;
+            }
+        }
       else if ((strcmp (argv[i], "-f") == 0)
                || (strcmp (argv[i], "--logfile") == 0))
         {
@@ -464,7 +491,7 @@ main (int argc, char *argv[])
               fprintf (stderr, "DEBUG: Processing Logfile: %s\n",
                        lstptr->data);
             }
-          read_fw1_logfile (&(lstptr->data));
+          read_fw1_logfile (&(lstptr->data), record_num);
           lstptr = lstptr->next;
         }
     }
@@ -486,7 +513,7 @@ main (int argc, char *argv[])
               fprintf (stderr, "DEBUG: Processing Logfile: %s\n",
                        cfgvalues.fw1_logfile);
             }
-          read_fw1_logfile (&(cfgvalues.fw1_logfile));
+          read_fw1_logfile (&(cfgvalues.fw1_logfile), record_num);
         }
       while (lstptr)
         {
@@ -495,7 +522,7 @@ main (int argc, char *argv[])
               fprintf (stderr, "DEBUG: Processing Logfile: %s\n",
                        foundstring);
             }
-          read_fw1_logfile (&foundstring);
+          read_fw1_logfile (&foundstring, record_num);
           lstptr =
             stringlist_search (&(lstptr->next), cfgvalues.fw1_logfile,
                                &foundstring);
@@ -513,7 +540,7 @@ main (int argc, char *argv[])
  * function read_fw1_logfile
  */
 int
-read_fw1_logfile (char **LogfileName)
+read_fw1_logfile (char **LogfileName, int record_num)
 {
   OpsecEntity *pClient = NULL;
   OpsecEntity *pServer = NULL;
@@ -769,15 +796,24 @@ read_fw1_logfile (char **LogfileName)
             }
           else
             {
-              pSession =
-                lea_new_suspended_session (pClient, pServer, LEA_OFFLINE,
-                                           LEA_UNIFIED_SINGLE, *LogfileName,
-                                           LEA_AT_START);
+              if ( record_num > 0 )
+                {
+                  pSession = lea_new_suspended_session (pClient, pServer, LEA_OFFLINE,
+                                                        LEA_UNIFIED_SINGLE, *LogfileName,
+                                                        LEA_AT_POS, record_num);
+                }
+              else
+                {
+                  pSession =
+                    lea_new_suspended_session (pClient, pServer, LEA_OFFLINE,
+                                               LEA_UNIFIED_SINGLE, *LogfileName,
+                                               LEA_AT_START);
+                }
             }
           if (!pSession)
             {
-              fprintf (stderr, "ERROR: failed to create session (%s)\n",
-                       opsec_errno_str (opsec_errno));
+              fprintf (stderr, "ERROR: failed to create session (%s), loc=%d\n",
+                       opsec_errno_str (opsec_errno), record_num);
               cleanup_fw1_environment (pEnv, pClient, pServer);
               exit_loggrabber (1);
             }
@@ -1989,6 +2025,8 @@ usage (char *szProgName)
            "  --auditlog|--normallog     : Get data of audit-logfile (fw.adtlog)(default: normallog)\n");
   fprintf (stderr,
            "  --debug-level <level>      : Specify Debuglevel (default: 0 - no debugging)\n");
+  fprintf (stderr,
+           "  --loc <record number>      : Starting record number (default: 0 - start at the beginning of the log, ng only)\n");
   fprintf (stderr,
            "  --help                     : Show usage information\n");
 }

diff --git a/fw1-loggrabber.h b/fw1-loggrabber.h
@@ -36,6 +36,8 @@
 #include <ctype.h>
 #include <time.h>
 #include <signal.h>
+#include <errno.h>
+#include <limits.h>
 
 #define  SLEEP(sec) sleep(sec)
 #include <netinet/in.h>
@@ -127,7 +129,7 @@ configvalues;
 /*
  * function to get the content of a given FW-1 Logfile
  */
-int read_fw1_logfile (char **);
+int read_fw1_logfile (char **,int);
 
 /*
  * event handler used by read_fw1_logfile to approve a rulebase