C-Api uses similiar flow key hash calculation as Python-Api.

 * Make use of flow id / alias / source which is required for future use cases where multiple nDPId instances (same / different machines) feed one nDPIsrvd.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

3 files changed, 78 insertions, 28 deletions

diff --git a/.gitignore b/.gitignore
index 83d073eb9..9df1ac1cf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,13 @@
+# c executables
+/nDPId
+/nDPIsrvd
+/examples/c-captured/c-captured
+/examples/c-json-stdout/c-json-stdout
+
 # python related
 *.pyc
 __pycache__
 
 # go related
 *.sum
+/examples/go-dashboard/go-dashboard
diff --git a/dependencies/nDPIsrvd.h b/dependencies/nDPIsrvd.h
index ba75d3e9e..d02c46499 100644
--- a/dependencies/nDPIsrvd.h
+++ b/dependencies/nDPIsrvd.h
@@ -18,7 +18,8 @@
 #include "uthash.h"
 
 #define nDPIsrvd_MAX_JSON_TOKENS 128
-#define nDPIsrvd_FLOW_ID_STRLEN 24
+#define nDPIsrvd_FLOW_KEY_TOKENS 3
+#define nDPIsrvd_FLOW_KEY_STRLEN 24
 #define nDPIsrvd_JSON_KEY_STRLEN 32
 
 #define nDPIsrvd_STRLEN_SZ(s) (sizeof(s)/sizeof(s[0]) - sizeof(s[0]))
@@ -81,9 +82,14 @@ enum nDPIsrvd_conversion_return
 typedef unsigned long long int nDPIsrvd_ull;
 typedef nDPIsrvd_ull * nDPIsrvd_ull_ptr;
 
+struct nDPIsrvd_flow_key
+{
+    char key[nDPIsrvd_FLOW_KEY_STRLEN];
+};
+
 struct nDPIsrvd_flow
 {
-    char id[nDPIsrvd_FLOW_ID_STRLEN]; // TODO: use alias and source for flow key as well
+    struct nDPIsrvd_flow_key flow_key;
     nDPIsrvd_ull id_as_ull;
     UT_hash_handle hh;
     uint8_t flow_user_data[0];
@@ -91,7 +97,7 @@ struct nDPIsrvd_flow
 
 struct nDPIsrvd_json_token
 {
-    char key[nDPIsrvd_FLOW_ID_STRLEN];
+    char key[nDPIsrvd_JSON_KEY_STRLEN];
     int key_length;
     UT_hash_handle hh;
     char const * value;
@@ -505,36 +511,56 @@ token_value_to_ull(struct nDPIsrvd_json_token const * const token, nDPIsrvd_ull_
     return CONVERSION_OK;
 }
 
+static inline int nDPIsrvd_build_flow_key(struct nDPIsrvd_flow_key * const key,
+                                          struct nDPIsrvd_json_token const * const tokens[nDPIsrvd_FLOW_KEY_TOKENS])
+{
+    if (tokens[0]->value == NULL || tokens[0]->value_length == 0 ||
+        tokens[1]->value == NULL || tokens[1]->value_length == 0 ||
+        tokens[2]->value == NULL || tokens[2]->value_length == 0)
+    {
+        return 1;
+    }
+
+    if (snprintf(key->key, nDPIsrvd_FLOW_KEY_STRLEN, "%.*s-%.*s-%.*s",
+                 tokens[0]->value_length, tokens[0]->value,
+                 tokens[1]->value_length, tokens[1]->value,
+                 tokens[2]->value_length, tokens[2]->value) <= 0)
+    {
+        return 1;
+    }
+
+    return 0;
+}
+
 static inline struct nDPIsrvd_flow * nDPIsrvd_get_flow(struct nDPIsrvd_socket * const sock)
 {
-    struct nDPIsrvd_json_token const * const flow_id = TOKEN_GET_SZ(sock, "flow_id");
+    struct nDPIsrvd_json_token const * const tokens[nDPIsrvd_FLOW_KEY_TOKENS] = {
+        TOKEN_GET_SZ(sock, "flow_id"), TOKEN_GET_SZ(sock, "alias"), TOKEN_GET_SZ(sock, "source"),
+    };
+    struct nDPIsrvd_flow_key key = {};
 
-    if (flow_id != NULL)
+    if (nDPIsrvd_build_flow_key(&key, tokens) != 0)
     {
-        if (flow_id->value_length > nDPIsrvd_FLOW_ID_STRLEN) {
-            return NULL;
-        }
+        return NULL;
+    }
 
-        struct nDPIsrvd_flow * flow = NULL;
-        HASH_FIND(hh, sock->flow_table, flow_id->value, (size_t)flow_id->value_length, flow);
+    struct nDPIsrvd_flow * flow = NULL;
+    HASH_FIND(hh, sock->flow_table, &key, sizeof(key), flow);
 
+    if (flow == NULL)
+    {
+        flow = (struct nDPIsrvd_flow *)calloc(1, sizeof(*flow) + sock->flow_user_data_size);
         if (flow == NULL)
         {
-            flow = (struct nDPIsrvd_flow *)calloc(1, sizeof(*flow) + sock->flow_user_data_size);
-            if (flow == NULL)
-            {
-                return NULL;
-            }
-
-            TOKEN_VALUE_TO_ULL(flow_id, &flow->id_as_ull);
-            snprintf(flow->id, nDPIsrvd_FLOW_ID_STRLEN, "%.*s", flow_id->value_length, flow_id->value);
-            HASH_ADD(hh, sock->flow_table, id, flow_id->value_length, flow);
+            return NULL;
         }
 
-        return flow;
+        TOKEN_VALUE_TO_ULL(tokens[0], &flow->id_as_ull);
+        memcpy(flow->flow_key.key, key.key, nDPIsrvd_FLOW_KEY_STRLEN);
+        HASH_ADD(hh, sock->flow_table, flow_key, sizeof(flow->flow_key), flow);
     }
 
-    return NULL;
+    return flow;
 }
 
 static inline int nDPIsrvd_check_flow_end(struct nDPIsrvd_socket * const sock, struct nDPIsrvd_flow * const current_flow)
diff --git a/examples/c-captured/c-captured.c b/examples/c-captured/c-captured.c
index a192acb31..36695e131 100644
--- a/examples/c-captured/c-captured.c
+++ b/examples/c-captured/c-captured.c
@@ -41,6 +41,7 @@ struct flow_user_data
     UT_array * packets;
 };
 
+static int daemonize = 0;
 struct nDPIsrvd_socket * sock = NULL;
 static int main_thread_shutdown = 0;
 static char const serv_listen_path[] = DISTRIBUTOR_UNIX_SOCKET;
@@ -109,7 +110,7 @@ static char * generate_pcap_filename(struct nDPIsrvd_flow const * const flow,
     } else
 #endif
     {
-        if (snprintf(appendix, sizeof(appendix), "%s", flow->id) <= 0)
+        if (snprintf(appendix, sizeof(appendix), "%llu", flow->id_as_ull) <= 0)
         {
             return NULL;
         }
@@ -348,7 +349,7 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock
 
         if (flow_user->packets == NULL || flow_user->flow_max_packets == 0 || utarray_len(flow_user->packets) == 0)
         {
-            printf("flow %s: No packets captured.\n", flow->id);
+            printf("flow %llu: No packets captured.\n", flow->id_as_ull);
 
             return CALLBACK_OK;
         }
@@ -364,7 +365,7 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock
                     fprintf(stderr, "%s\n", "Internal error, exit ..");
                     return CALLBACK_ERROR;
                 }
-                printf("flow %s: save to %s\n", flow->id, pcap_filename);
+                printf("flow %llu: save to %s\n", flow->id_as_ull, pcap_filename);
                 if (packet_write_pcap_file(flow_user->packets, flow_user->flow_datalink, pcap_filename) != 0)
                 {
                     return CALLBACK_ERROR;
@@ -401,18 +402,35 @@ static void captured_flow_end_callback(struct nDPIsrvd_socket * const sock, stru
     }
 }
 
-// TODO: argv parsing
-#if 0
 static int parse_options(int argc, char ** argv)
 {
     int opt;
 
     static char const usage[] =
         "Usage: %s "
-        "[-d] [-s host] [-R rotate-every-n-seconds] [-g] [-u]\n";
+        "[-d] [-s host] [-S host] [-R rotate-every-n-seconds] [-g] [-u]\n";
 
     while ((opt = getopt(argc, argv, "hds:R:gu")) != -1)
     {
+        switch (opt)
+        {
+            case 'd':
+                daemonize = 1;
+                break;
+            case 's':
+                break;
+            case 'S':
+                break;
+            case 'R':
+                break;
+            case 'g':
+                break;
+            case 'u':
+                break;
+            default:
+                fprintf(stderr, usage, argv[0]);
+                return 1;
+        }
     }
 
     if (optind < argc)
@@ -424,7 +442,6 @@ static int parse_options(int argc, char ** argv)
 
     return 0;
 }
-#endif
 
 int main(int argc, char ** argv)
 {