-#!/usr/bin/php
+#!/usr/bin/php -e
<?PHP
/**********************************************************************************
** (c) Copyright 2002, Brenno J.S.A.A.F. de Winter, De Winter Information Solutions
ini_set('include_path', '.:./classes:../phpclasses');
ini_set('html_errors', 'false');
-define("BATCHSIZE", 50000);
+define("BATCHSIZE", 20000);
require_once "gnucomo_config.php";
require_once "db.class.php";
exit();
}
+$lockfilename = "/var/lock/gcm_daemon"; // The default lock file
+
+$config_lockfilename = $class_settings->find_parameter("gcm_daemon", "lockfile");
+if ($config_lockfilename != "")
+{
+ $lockfilename = $config_lockfilename;
+}
+
+$lockfile = fopen($lockfilename, "w");
+
+if (!flock($lockfile, LOCK_EX | LOCK_NB))
+{
+ echo "Unable to obtain lock for $lockfilename.\n";
+ exit(-1);
+}
+
openlog("gnucomo", LOG_PID, LOG_DAEMON);
syslog(LOG_INFO, "gcm_daemon started");
//Tell the log that we're ending our efforts in a nice way
+flock($lockfile, LOCK_UN); // release the lock
+fclose($lockfile);
+
syslog (LOG_INFO, "gcm_daemon ended nicely");
function process_log ()
global $dbms_working;
global $class_settings;
+ $start_time = time();
+
$last_log = 0;
// Find records in log that still have to be processed.
}
}
+ $end_time = time();
+ //echo "Processing logs took " . ($end_time - $start_time) . " seconds.\n";
}
/*
UpdateStatistic($objectid, 'logs', $cnt->count);
}
+class profiler
+{
+ var $time_spent;
+ var $nr_occurs;
+
+ var $start_time;
+
+ function profiler()
+ {
+ $this->time_spent = 0;
+ $this->nr_occurs = 0;
+
+ $this->start_time = 0;
+ }
+
+ function start()
+ {
+ $this->start_time = microtime(true);
+ }
+
+ function stop()
+ {
+ $stop_time = microtime(true);
+ $this->time_spent += $stop_time - $this->start_time;
+ $this->nr_occurs++;
+ }
+}
+
function match_log_patterns($logstart)
{
global $dbms;
+ $start_time = microtime(true);
+ $notify_perf = new profiler();
+ $abuse_perf = new profiler();
+ $record_perf = new profiler();
+
$notifications = array();
$log_limit = $logstart + BATCHSIZE;
//echo " Checking with pattern " . $srv_pat->pattern . "\n";
if (ereg($srv_pat->pattern, $logentry->rawdata, $matches))
{
+ $match_found = true;
+
// Scan the argument for '$n' expressions and expand
$srv_pat->argument = expand_arguments($srv_pat->argument, $matches);
- //echo " " . $srv_pat->pattern . " matches.\n";
- //echo " Matched string: " . $matches[0] . "\n";
- //echo " Action = " . $srv_pat->action . "(" . $srv_pat->argument . ")\n\n";
- $match_found = true;
switch ($srv_pat->action)
{
break;
case "notify":
+ $notify_perf->start();
$notif = $srv_pat->argument;
if (!isset($notifications[$logentry->objectid][$notif]))
{
$insertion .= $logentry->logid . "')";
$dbms->query($insertion);
}
+ $notify_perf->stop();
break;
case "abuse":
+ $abuse_perf->start();
//echo "Recording abuse for address ", $srv_pat->argument, "\n Log entry:\n ";
//echo $logentry->rawdata, "\n Pattern:\n ", $srv_pat->pattern, "\n\n";
+ $record_perf->start();
$nr_abuses = record_abuse($logentry->logid, $logentry->objectid, $srv_pat->argument, 1);
+ $record_perf->stop();
+
if ($nr_abuses < 0)
{
echo "ERROR in recording abuse for address ", $srv_pat->argument, "\n Log entry:\n ";
}
if ($nr_abuses >= 32)
{
- $source_ip = gethostbyname($srv_pat->argument);
+ if (preg_match("/[0-9.]+/", $srv_pat->argument))
+ {
+ $source_ip = $srv_pat->argument;
+ }
+ else
+ {
+ $source_ip = gethostbyname($srv_pat->argument);
+ }
+
$notif = 'abuses exceeded';
if (!isset($notifications[$logentry->objectid][$notif][$source_ip]))
{
$dbms->query($insertion);
}
}
+ $abuse_perf->stop();
break;
+
case "forgive":
record_abuse($logentry->logid, $logentry->objectid, $srv_pat->argument, -4);
break;
}
}
+ $stop_time = microtime(true);
+ $elapsed_time = $stop_time - $start_time;
+
+ /* Performance report is disabled
+
+ echo $row . " log entries processed in " . $elapsed_time . " seconds.\n";
+ echo "Abuse: " . $abuse_perf->nr_occurs . " in " . $abuse_perf->time_spent . " seconds.\n";
+ if ($abuse_perf->time_spent > 0)
+ {
+ echo "Handled " . $abuse_perf->nr_occurs / $abuse_perf->time_spent . " abuses per second.\n";
+ }
+ echo "Record Abuse: " . $record_perf->nr_occurs . " in " . $record_perf->time_spent . " seconds.\n";
+ if ($record_perf->time_spent > 0)
+ {
+ echo "Handled " . $record_perf->nr_occurs / $record_perf->time_spent . " recording abuses per second.\n";
+ }
+ echo "Notify: " . $notify_perf->nr_occurs . " in " . $notify_perf->time_spent . " seconds.\n";
+ if ($notify_perf->time_spent > 0)
+ {
+ echo "Handled " . $notify_perf->nr_occurs / $notify_perf->time_spent . " notifies per second.\n";
+ }
+ */
}
/*