Back to index

natlog  0.91.0
addout.cc
Go to the documentation of this file.
00001 #include "pcaprecord.ih"
00002 
00003 // See ../tcpdump.nat: a SYN/ACK packet was received from the destination, so
00004 //  the record's source is the remote (at the OUT interface) destination
00005 //  address and record's destination is the natted address (i.e., the `via'
00006 //  address, which is the IP address of the firewalling host):
00007 // OUT.source = record.dest  and OUT.dest = record.via
00008 
00009 void PcapRecord::addOut(PcapPacket const &packet)
00010 {
00011             // the record has already been seen at the OUT interface?
00012             // the record has already been seen at the OUT interface?
00013     size_t idx = find(packet.sequenceNr());
00014 
00015     if (idx != numeric_limits<size_t>::max())
00016     {
00017         Record *record = d_connections[idx];
00018 
00019                             // then assign the record's `via' IP/port:
00020         record->via = {packet.destAddr(), packet.destPort()};
00021         record->status = ESTABLISHED;
00022         imsg << "Add OUT #" << idx << endl;
00023         display(imsg, record) << FBB::endl;
00024     }
00025     else                    // else store a new record.
00026         store(
00027                 new Record
00028                 {
00029                     INCOMPLETE,
00030                     packet.timeval(), 
00031                     {{0}, 0},
00032                     {packet.destAddr(), packet.destPort()},
00033                     {packet.sourceAddr(), packet.sourcePort()},
00034                     packet.sequenceNr()
00035                 }
00036         );
00037 }
00038 
00039 
00040 
00041