Skip to Content
The Cooperative Association for Internet Data Analysis
DONATE
CONTACT US
HOME
RESEARCH
DATA
TOOLS
PUBLICATIONS
WORKSHOPS
PROJECTS
FUNDING
www.caida.org
>
tools
:
measurement
:
corsaro
: docs
corsaro_dos.h
1
/*
2
* corsaro
3
*
4
* Alistair King, CAIDA, UC San Diego
5
* corsaro-info@caida.org
6
*
7
* Copyright (C) 2012 The Regents of the University of California.
8
*
9
* This file is part of corsaro.
10
*
11
* corsaro is free software: you can redistribute it and/or modify
12
* it under the terms of the GNU General Public License as published by
13
* the Free Software Foundation, either version 3 of the License, or
14
* (at your option) any later version.
15
*
16
* corsaro is distributed in the hope that it will be useful,
17
* but WITHOUT ANY WARRANTY; without even the implied warranty of
18
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19
* GNU General Public License for more details.
20
*
21
* You should have received a copy of the GNU General Public License
22
* along with corsaro. If not, see <http://www.gnu.org/licenses/>.
23
*
24
*/
25
26
#ifndef __CORSARO_DOS_H
27
#define __CORSARO_DOS_H
28
29
#include "
corsaro_plugin.h
"
30
31
CORSARO_PLUGIN_GENERATE_PROTOS
(corsaro_dos)
32
33
43
typedef struct
corsaro_dos_global_header
44
{
50
uint32_t
mismatched_pkt_cnt
;
51
53
uint32_t
attack_vector_cnt
;
54
58
uint32_t
non_attack_vector_cnt
;
59
} PACKED
corsaro_dos_global_header_t
;
60
65
typedef
struct
corsaro_dos_header
66
{
68
uint32_t
attack_vector_cnt
;
69
} PACKED
corsaro_dos_header_t
;
70
79
typedef
struct
corsaro_dos_attack_vector_in
80
{
82
uint32_t
target_ip
;
83
85
uint32_t
attacker_ip_cnt
;
86
89
uint32_t
interval_attacker_ip_cnt
;
90
92
uint32_t
attack_port_cnt
;
93
95
uint32_t
target_port_cnt
;
96
98
uint64_t
packet_cnt
;
99
101
uint32_t
interval_packet_cnt
;
102
104
uint64_t
byte_cnt
;
105
107
uint32_t
interval_byte_cnt
;
108
110
uint64_t
max_ppm
;
111
113
uint32_t
start_time_sec
;
114
116
uint32_t
start_time_usec
;
117
119
uint32_t
latest_time_sec
;
120
122
uint32_t
latest_time_usec
;
123
124
uint32_t initial_packet_len;
125
134
uint8_t *
initial_packet
;
135
} PACKED
corsaro_dos_attack_vector_in_t
;
136
149
void
corsaro_dos_attack_vector_get_packet(
150
corsaro_dos_attack_vector_in_t
*attack_vector,
151
libtrace_packet_t *packet);
152
160
off_t
corsaro_dos_global_header_fprint
(
corsaro_t
*
corsaro
,
161
corsaro_file_t
*file,
162
corsaro_dos_global_header_t
*header);
163
168
void
corsaro_dos_global_header_print
(
corsaro_dos_global_header_t
*header);
169
177
off_t
corsaro_dos_attack_vector_fprint
(
corsaro_t
*
corsaro
,
178
corsaro_file_t
*file,
179
corsaro_dos_attack_vector_in_t
*av);
180
185
void
corsaro_dos_attack_vector_print
(
corsaro_dos_attack_vector_in_t
*av);
186
194
off_t
corsaro_dos_header_fprint
(
corsaro_t
*
corsaro
,
195
corsaro_file_t
*file,
196
corsaro_dos_header_t
*header);
197
202
void
corsaro_dos_header_print
(
corsaro_dos_header_t
*header);
203
213
off_t
corsaro_dos_record_fprint
(
corsaro_t
*
corsaro
,
214
corsaro_file_t
*file,
215
corsaro_in_record_type_t
record_type,
216
corsaro_in_record_t
*record);
217
224
int
corsaro_dos_record_print
(
corsaro_in_record_type_t
record_type,
225
corsaro_in_record_t
*record);
226
229
#endif
/* __CORSARO_DOS_H */
![[CAIDA - Cooperative Association for Internet Data Analysis logo]](http://www.caida.org/images/caida_globe_faded.png)
![[CAIDA]](http://www.caida.org/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}