--- tcp_slice_dump.pl.orig 2004-12-20 20:17:16.000000000 -0500 +++ tcp_slice_dump.pl 2005-02-24 15:06:33.835728280 -0500 @@ -29,6 +29,7 @@ # END INSTALLER SCRIPT SECTION ############################################## ############################## Get Configuration information ################# + my $idabenchconf = "$IDABENCH_PATH/etc/idabench.conf"; do $idabenchconf || die("Unable to open configuration file $idabenchconf.\n"); @@ -39,6 +40,15 @@ warn "Unable to determine any plugin paths. No analysis will be done.\n" unless defined $return; } +# In case we don't find a $MERGER in the plugins.ph, try to find one ourselves +unless ($MERGER){ + $ENV{PATH} = '/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin'; + chomp($MERGER = `which mergecap` || `which tcpslice`); +} + +die ("

You need tcpslice or mergecap to use this capability

\n") + if !( -x $MERGER ); + foreach (keys %IDABENCH::) { next if (!/.*_(PLGBIN|CMD)$/); @@ -61,7 +71,6 @@ $close_sub = sub { return(close(ZIP_DO)) }; $end_of_file = sub { return $file_all_read; }; -######################################################################### # # Unzip the file and pipe it to the search command, which will write # its output to $output_file_name @@ -96,7 +105,6 @@ } -######################################################################### # # Given a range of dates, a site name, a temporary directory, and the search # command passed into this program, create_query_files finds all the raw @@ -179,9 +187,8 @@ print "\n"; } -######################################################################### # -# We need to know if the file contains 0, 1, or more packets. +# When using tcpslice, we need to know if the file contains 0, 1, or more packets. # Return 0, 1, or 2, respectively. # sub noneOneManyPackets { @@ -209,7 +216,6 @@ } -######################################################################### # # tcpslice cannot handle a file containing only a single packet, so if we # have a single packet file, read that packet and append it, so that @@ -229,7 +235,6 @@ close OUTFILE; } -######################################################################### # # Create a temporary directory based on a hash of the time. # Run each file through tcpdump, using the search criteria and the required @@ -247,7 +252,7 @@ &create_query_files($beg_date, $end_date, $site, $tempDir, $search_cmd); my $finalDumpFile = "$timeHash.bin"; - my @cmdLine = ("tcpslice", "-w", "$IDABENCH_WEB_SPOOL_LOCAL/$finalDumpFile"); + my @cmdLine = ("$MERGER", "-w", "$IDABENCH_WEB_SPOOL_LOCAL/$finalDumpFile"); opendir(DIR, $tempDir); @tempFiles = grep (/\d/,readdir(DIR)); @@ -255,15 +260,17 @@ foreach my $file (@tempFiles) { - my $numPackets = noneOneManyPackets("$tempDir/$file"); - - fixSinglePacketFile("$tempDir/$file") if($numPackets == 1); - - push @cmdLine, "$tempDir/$file" if($numPackets > 0); + if ($MERGER =~ m/tcpslice/) + { + my $numPackets = noneOneManyPackets("$tempDir/$file"); + fixSinglePacketFile("$tempDir/$file") if($numPackets == 1); + next if($numPackets > 0); + } # Ignore the file if it contains no valid packets #print "pushed $file on cmdLine -- $numPackets\n"; + push @cmdLine, "$tempDir/$file"; } #print "cmdLine: @cmdLine\n"; @@ -277,7 +284,6 @@ } -######################################################################### # # Remove all files in the specified directory older than the specified days. #