├── .gitignore
├── LICENSE
├── Makefile
├── README.md
├── VisualFirewall.properties
├── config
├── iptables
├── rules.map
└── snortalarm.dat
├── iptables.saved
└── src
└── edu
└── gatech
└── csc
└── visualfirewall
├── VisualFirewall.java
├── VisualFirewall.properties
├── data
├── AbstractPacket.java
├── ICMPPacket.java
├── IDSAlarmViewDataSeries.java
├── IDSAlarmViewDatasource.java
├── IPPacket.java
├── IPTableResult.java
├── SnortAlarm.java
├── TCPPacket.java
├── UDPPacket.java
└── listener
│ ├── AbstractPacketListener.java
│ ├── IPTableResultListener.java
│ └── SnortAlarmListener.java
├── datasource
├── AbstractDataSource.java
├── FirewallLog.java
├── IPFWLog.java
├── IPTablesLog.java
├── PcapFile.java
├── SnortAlarmDatabase.java
└── SnortLog.java
└── view
├── AbstractView.java
├── Dot.java
├── DotComparator.java
├── IDSAlarmView.java
├── Line.java
├── LineComparator.java
├── PongBall.java
├── PongView.java
├── StatisticsView.java
├── VFW_MouseListener.java
├── VFW_WindowListener.java
├── VisualSignatureView.java
└── VitalSigns2.java
/.gitignore:
--------------------------------------------------------------------------------
1 | *.class
2 |
3 | # Mobile Tools for Java (J2ME)
4 | .mtj.tmp/
5 |
6 | # Package Files #
7 | *.jar
8 | *.war
9 | *.ear
10 |
11 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
12 | hs_err_pid*
13 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | The MIT License (MIT)
2 |
3 | Copyright (c) 2005 Chris Lee
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
23 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | default:
2 | javac -d class/ `find src/ -name '*.java'`
3 |
4 | run:
5 | java -cp class/ edu.gatech.csc.visualfirewall.VisualFirewall
6 |
7 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # VisualFirewall
2 |
3 | 
4 |
5 | VisualFirewall/IDS is a research-grade Firewall and IDS visualization tool that aims to provide a highly-informative interface of network activities that relate to system security. The program is designed with novice system security administrators in mind who need easy to learn representations of security information, but also need the power of forensic analysis on past attacks.
6 |
7 | ## Related
8 | I just found out about Logstalgia on October 5, 2014, and it has been around since at least 2010. But WOW! they've put in some beautiful graphics to essentially the same concept. Logstalgia operates on webserver logs.
9 |
10 | ### Dependencies
11 | - JNetStream
12 | - JOGL
13 | - JFreeChart
14 | - JCommon
15 |
16 | ## Citation
17 | Christopher P. Lee, Jason Trost, Nicholas Gibbs, Raheem Beyah, John A. Copeland, "VisualFirewall: A Firewall Visualization Tool for Network Management and Security Analysis", VizSEC 2005, October 2005.
18 |
19 | ## Screenshots ##
20 |
21 | 
49 |
50 |
--------------------------------------------------------------------------------
/VisualFirewall.properties:
--------------------------------------------------------------------------------
1 | # This is a properties file for Visual Firewall Personal Edition
2 | VisualFirewall.snortlog = logs/snort.txt
3 | VisualFirewall.iptableslog = /var/log/iptpipe
4 | VisualFirewall.ipfw = false
5 | VisualFirewall.bgcolor = [0.1f, 0.1f, 0.1f]
6 | VisualFirewall.fgcolor = [0.9f, 0.9f, 0.9f]
7 | VisualFirewall.primaryview = Pong
8 | VisualFirewall.fakeip = false
9 | VisualFirewall.fakeipaddr = 199.77.146.119
10 | VisualFirewall.networkinterface = eth0
11 |
--------------------------------------------------------------------------------
/config/iptables:
--------------------------------------------------------------------------------
1 | *filter
2 | :INPUT ACCEPT [0:0]
3 | :FORWARD ACCEPT [0:0]
4 | :LOGDROP - [0:0]
5 | -A LOGDROP -j LOG --log-prefix "DROP " --log-level debug --log-tcp-options --log-ip-options
6 | -A LOGDROP -j DROP
7 | :LOGACCEPT - [0:0]
8 | -A LOGACCEPT -j LOG --log-prefix "ACCEPT " --log-level debug --log-tcp-options --log-ip-options
9 | -A LOGACCEPT -j ACCEPT
10 | :LOGOUT - [0:0]
11 | -A LOGOUT -j LOG --log-prefix "ACCEPT " --log-level debug --log-tcp-options --log-ip-options
12 | -A LOGOUT -j ACCEPT
13 | :OUTPUT - [0:0]
14 | -A OUTPUT -j LOGOUT
15 | :RH-Firewall-1-INPUT - [0:0]
16 | -A INPUT -j RH-Firewall-1-INPUT
17 | -A FORWARD -j RH-Firewall-1-INPUT
18 | -A RH-Firewall-1-INPUT -d 127.0.0.0/255.0.0.0 -i ! lo -p tcp -j DROP
19 | -A RH-Firewall-1-INPUT -d 255.255.255.255 -j DROP
20 |
21 | -A RH-Firewall-1-INPUT -i lo -j ACCEPT
22 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 0 -j LOGACCEPT
23 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 3 -j LOGACCEPT
24 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 11 -j LOGACCEPT
25 | -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 137:139 -j DROP
26 | -A RH-Firewall-1-INPUT -p udp -m udp --dport 137:139 -j DROP
27 | -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
28 | -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
29 | -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
30 | -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j LOGACCEPT
31 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport ssh -j LOGACCEPT
32 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport http -j LOGACCEPT
33 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport https -j LOGACCEPT
34 | -A RH-Firewall-1-INPUT -j LOGDROP
35 | COMMIT
36 |
--------------------------------------------------------------------------------
/config/rules.map:
--------------------------------------------------------------------------------
1 | 103,backdoor
2 | 104,backdoor
3 | 105,backdoor
4 | 106,backdoor
5 | 107,backdoor
6 | 108,backdoor
7 | 109,backdoor
8 | 110,backdoor
9 | 111,deleted
10 | 112,deleted
11 | 113,deleted
12 | 114,deleted
13 | 115,backdoor
14 | 116,deleted
15 | 117,backdoor
16 | 118,backdoor
17 | 119,backdoor
18 | 120,backdoor
19 | 121,backdoor
20 | 122,deleted
21 | 124,deleted
22 | 125,deleted
23 | 126,deleted
24 | 127,deleted
25 | 128,deleted
26 | 129,deleted
27 | 130,deleted
28 | 131,deleted
29 | 132,deleted
30 | 133,deleted
31 | 134,deleted
32 | 135,deleted
33 | 136,deleted
34 | 137,deleted
35 | 138,deleted
36 | 140,deleted
37 | 141,backdoor
38 | 142,deleted
39 | 143,deleted
40 | 144,ftp
41 | 145,backdoor
42 | 146,backdoor
43 | 147,backdoor
44 | 148,deleted
45 | 149,deleted
46 | 150,deleted
47 | 151,deleted
48 | 152,backdoor
49 | 153,backdoor
50 | 154,deleted
51 | 155,backdoor
52 | 156,deleted
53 | 157,backdoor
54 | 158,backdoor
55 | 159,backdoor
56 | 160,backdoor
57 | 161,backdoor
58 | 162,backdoor
59 | 163,backdoor
60 | 164,deleted
61 | 165,deleted
62 | 166,deleted
63 | 167,deleted
64 | 168,deleted
65 | 169,deleted
66 | 170,deleted
67 | 171,deleted
68 | 172,deleted
69 | 173,deleted
70 | 174,deleted
71 | 175,deleted
72 | 176,deleted
73 | 177,deleted
74 | 179,deleted
75 | 180,deleted
76 | 181,deleted
77 | 182,deleted
78 | 183,backdoor
79 | 184,backdoor
80 | 185,backdoor
81 | 186,deleted
82 | 187,deleted
83 | 188,deleted
84 | 189,deleted
85 | 190,deleted
86 | 191,deleted
87 | 192,deleted
88 | 193,deleted
89 | 194,deleted
90 | 195,backdoor
91 | 196,deleted
92 | 197,deleted
93 | 198,deleted
94 | 199,deleted
95 | 200,deleted
96 | 201,deleted
97 | 202,deleted
98 | 203,deleted
99 | 204,deleted
100 | 205,deleted
101 | 206,deleted
102 | 207,deleted
103 | 208,backdoor
104 | 209,backdoor
105 | 210,backdoor
106 | 211,backdoor
107 | 212,backdoor
108 | 213,backdoor
109 | 214,backdoor
110 | 215,backdoor
111 | 216,backdoor
112 | 217,backdoor
113 | 218,backdoor
114 | 219,backdoor
115 | 220,backdoor
116 | 221,ddos
117 | 222,ddos
118 | 223,ddos
119 | 224,ddos
120 | 225,ddos
121 | 226,ddos
122 | 227,ddos
123 | 228,ddos
124 | 229,ddos
125 | 230,ddos
126 | 231,ddos
127 | 232,ddos
128 | 233,ddos
129 | 234,ddos
130 | 235,ddos
131 | 236,ddos
132 | 237,ddos
133 | 238,ddos
134 | 239,ddos
135 | 240,ddos
136 | 241,ddos
137 | 243,ddos
138 | 244,ddos
139 | 245,ddos
140 | 246,ddos
141 | 247,ddos
142 | 248,ddos
143 | 249,ddos
144 | 250,ddos
145 | 251,ddos
146 | 252,deleted
147 | 253,dns
148 | 254,dns
149 | 255,dns
150 | 256,dns
151 | 257,dns
152 | 258,dns
153 | 259,dns
154 | 260,dns
155 | 261,dns
156 | 262,dns
157 | 264,dns
158 | 265,dns
159 | 266,dns
160 | 267,dns
161 | 268,dos
162 | 269,deleted
163 | 270,dos
164 | 271,dos
165 | 272,dos
166 | 273,dos
167 | 274,dos
168 | 275,dos
169 | 276,dos
170 | 277,dos
171 | 278,dos
172 | 279,dos
173 | 281,dos
174 | 282,dos
175 | 283,exploit
176 | 284,pop2
177 | 285,pop2
178 | 286,pop3
179 | 287,pop3
180 | 288,pop3
181 | 289,pop3
182 | 290,pop3
183 | 291,deleted
184 | 292,exploit
185 | 293,deleted
186 | 295,deleted
187 | 296,deleted
188 | 297,deleted
189 | 298,deleted
190 | 299,deleted
191 | 300,exploit
192 | 301,exploit
193 | 302,exploit
194 | 303,dns
195 | 304,exploit
196 | 305,exploit
197 | 306,exploit
198 | 307,exploit
199 | 308,exploit
200 | 309,exploit
201 | 310,exploit
202 | 311,exploit
203 | 312,exploit
204 | 313,exploit
205 | 314,dns
206 | 315,exploit
207 | 316,exploit
208 | 317,exploit
209 | 318,deleted
210 | 319,deleted
211 | 320,finger
212 | 321,finger
213 | 322,finger
214 | 323,finger
215 | 324,finger
216 | 325,deleted
217 | 326,finger
218 | 327,finger
219 | 328,finger
220 | 329,deleted
221 | 330,finger
222 | 331,finger
223 | 332,finger
224 | 333,finger
225 | 334,ftp
226 | 335,ftp
227 | 336,ftp
228 | 337,ftp
229 | 338,deleted
230 | 339,deleted
231 | 340,deleted
232 | 341,deleted
233 | 342,deleted
234 | 343,deleted
235 | 344,deleted
236 | 345,deleted
237 | 346,deleted
238 | 348,deleted
239 | 349,deleted
240 | 350,deleted
241 | 351,deleted
242 | 352,deleted
243 | 353,ftp
244 | 354,ftp
245 | 355,ftp
246 | 356,ftp
247 | 357,ftp
248 | 358,ftp
249 | 359,ftp
250 | 360,ftp
251 | 361,ftp
252 | 362,ftp
253 | 363,icmp-info
254 | 364,icmp-info
255 | 365,icmp-info
256 | 366,icmp-info
257 | 368,icmp-info
258 | 369,icmp-info
259 | 370,icmp-info
260 | 371,icmp-info
261 | 372,icmp-info
262 | 373,icmp-info
263 | 374,icmp-info
264 | 375,icmp-info
265 | 376,icmp-info
266 | 377,icmp-info
267 | 378,icmp-info
268 | 379,icmp-info
269 | 380,icmp-info
270 | 381,icmp-info
271 | 382,icmp-info
272 | 384,icmp-info
273 | 385,icmp-info
274 | 386,icmp-info
275 | 387,icmp-info
276 | 388,icmp-info
277 | 389,icmp-info
278 | 390,icmp-info
279 | 391,icmp-info
280 | 392,icmp-info
281 | 393,icmp-info
282 | 394,icmp-info
283 | 395,icmp-info
284 | 396,icmp-info
285 | 397,icmp-info
286 | 398,icmp-info
287 | 399,icmp-info
288 | 400,icmp-info
289 | 401,icmp-info
290 | 402,icmp-info
291 | 403,icmp-info
292 | 404,icmp-info
293 | 405,icmp-info
294 | 406,icmp-info
295 | 407,icmp-info
296 | 408,icmp-info
297 | 409,icmp-info
298 | 410,icmp-info
299 | 411,icmp-info
300 | 412,icmp-info
301 | 413,icmp-info
302 | 414,icmp-info
303 | 415,icmp-info
304 | 416,icmp-info
305 | 417,icmp-info
306 | 418,icmp-info
307 | 419,icmp-info
308 | 420,icmp-info
309 | 421,icmp-info
310 | 422,icmp-info
311 | 423,icmp-info
312 | 424,icmp-info
313 | 425,icmp-info
314 | 426,icmp-info
315 | 427,icmp-info
316 | 428,icmp-info
317 | 429,icmp-info
318 | 430,icmp-info
319 | 431,icmp-info
320 | 432,icmp-info
321 | 433,icmp-info
322 | 436,icmp-info
323 | 437,icmp-info
324 | 438,icmp-info
325 | 439,icmp-info
326 | 440,icmp-info
327 | 441,icmp-info
328 | 443,icmp-info
329 | 445,icmp-info
330 | 446,icmp-info
331 | 448,icmp-info
332 | 449,icmp-info
333 | 450,icmp-info
334 | 451,icmp-info
335 | 452,icmp-info
336 | 453,icmp-info
337 | 454,icmp-info
338 | 455,deleted
339 | 456,icmp-info
340 | 457,icmp-info
341 | 458,icmp-info
342 | 459,icmp-info
343 | 460,icmp-info
344 | 461,icmp-info
345 | 462,icmp-info
346 | 463,icmp-info
347 | 465,icmp
348 | 466,icmp
349 | 467,icmp
350 | 469,icmp
351 | 471,icmp
352 | 472,icmp
353 | 473,icmp
354 | 474,icmp
355 | 475,icmp
356 | 476,icmp
357 | 477,icmp
358 | 478,icmp
359 | 480,icmp
360 | 481,icmp
361 | 482,icmp
362 | 483,icmp
363 | 484,icmp
364 | 485,icmp
365 | 486,icmp
366 | 487,icmp
367 | 488,info
368 | 489,info
369 | 490,info
370 | 491,info
371 | 492,info
372 | 493,info
373 | 494,attack-responses
374 | 495,attack-responses
375 | 496,deleted
376 | 497,attack-responses
377 | 498,attack-responses
378 | 499,icmp
379 | 500,misc
380 | 501,misc
381 | 502,misc
382 | 503,misc
383 | 504,misc
384 | 505,misc
385 | 506,deleted
386 | 507,misc
387 | 508,misc
388 | 509,web-misc
389 | 510,policy
390 | 511,deleted
391 | 512,misc
392 | 513,deleted
393 | 514,misc
394 | 516,misc
395 | 517,misc
396 | 518,tftp
397 | 519,tftp
398 | 520,tftp
399 | 521,misc
400 | 522,misc
401 | 523,bad-traffic
402 | 524,bad-traffic
403 | 525,bad-traffic
404 | 526,bad-traffic
405 | 527,deleted
406 | 528,bad-traffic
407 | 529,netbios
408 | 530,netbios
409 | 532,netbios
410 | 533,netbios
411 | 534,netbios
412 | 535,netbios
413 | 536,netbios
414 | 537,netbios
415 | 538,netbios
416 | 539,netbios
417 | 540,chat
418 | 541,chat
419 | 542,chat
420 | 543,policy
421 | 544,policy
422 | 545,policy
423 | 546,policy
424 | 547,policy
425 | 548,policy
426 | 549,p2p
427 | 550,p2p
428 | 551,p2p
429 | 552,p2p
430 | 553,policy
431 | 554,policy
432 | 555,policy
433 | 556,p2p
434 | 557,p2p
435 | 558,deleted
436 | 559,deleted
437 | 560,policy
438 | 561,p2p
439 | 562,p2p
440 | 563,p2p
441 | 564,p2p
442 | 565,p2p
443 | 566,policy
444 | 567,policy
445 | 568,policy
446 | 569,rpc
447 | 570,deleted
448 | 571,deleted
449 | 572,rpc
450 | 573,deleted
451 | 574,rpc
452 | 575,rpc
453 | 576,rpc
454 | 577,rpc
455 | 578,rpc
456 | 579,rpc
457 | 580,rpc
458 | 581,rpc
459 | 582,rpc
460 | 583,rpc
461 | 584,rpc
462 | 585,rpc
463 | 586,rpc
464 | 587,rpc
465 | 588,rpc
466 | 589,rpc
467 | 590,rpc
468 | 591,rpc
469 | 592,deleted
470 | 593,rpc
471 | 595,rpc
472 | 596,deleted
473 | 597,deleted
474 | 598,rpc
475 | 599,rpc
476 | 600,deleted
477 | 601,rservices
478 | 602,rservices
479 | 603,rservices
480 | 604,rservices
481 | 605,rservices
482 | 606,rservices
483 | 607,rservices
484 | 608,rservices
485 | 609,rservices
486 | 610,rservices
487 | 611,rservices
488 | 612,rpc
489 | 613,scan
490 | 614,backdoor
491 | 615,deleted
492 | 616,scan
493 | 617,deleted
494 | 618,deleted
495 | 619,scan
496 | 620,deleted
497 | 621,scan
498 | 622,scan
499 | 623,scan
500 | 624,scan
501 | 625,scan
502 | 626,scan
503 | 627,scan
504 | 628,deleted
505 | 629,deleted
506 | 630,scan
507 | 631,smtp
508 | 632,smtp
509 | 634,scan
510 | 635,scan
511 | 636,scan
512 | 637,scan
513 | 638,shellcode
514 | 639,shellcode
515 | 640,shellcode
516 | 641,shellcode
517 | 642,shellcode
518 | 643,shellcode
519 | 644,shellcode
520 | 645,shellcode
521 | 646,shellcode
522 | 647,shellcode
523 | 648,shellcode
524 | 649,shellcode
525 | 650,shellcode
526 | 651,shellcode
527 | 652,shellcode
528 | 653,shellcode
529 | 654,smtp
530 | 655,smtp
531 | 656,deleted
532 | 657,smtp
533 | 658,smtp
534 | 659,smtp
535 | 660,smtp
536 | 661,smtp
537 | 662,smtp
538 | 663,smtp
539 | 664,smtp
540 | 665,smtp
541 | 666,deleted
542 | 667,smtp
543 | 668,smtp
544 | 669,smtp
545 | 670,smtp
546 | 671,smtp
547 | 672,smtp
548 | 673,sql
549 | 674,sql
550 | 675,sql
551 | 676,sql
552 | 677,sql
553 | 678,sql
554 | 679,sql
555 | 680,sql
556 | 681,sql
557 | 682,sql
558 | 683,sql
559 | 684,sql
560 | 685,sql
561 | 686,sql
562 | 687,sql
563 | 688,sql
564 | 689,sql
565 | 690,sql
566 | 691,sql
567 | 692,sql
568 | 693,sql
569 | 694,sql
570 | 695,sql
571 | 696,sql
572 | 697,sql
573 | 698,sql
574 | 699,sql
575 | 700,sql
576 | 701,sql
577 | 702,sql
578 | 703,sql
579 | 704,sql
580 | 705,sql
581 | 706,sql
582 | 707,sql
583 | 708,sql
584 | 709,telnet
585 | 710,telnet
586 | 711,telnet
587 | 712,telnet
588 | 713,telnet
589 | 714,telnet
590 | 715,telnet
591 | 716,info
592 | 717,telnet
593 | 718,info
594 | 719,telnet
595 | 720,deleted
596 | 721,virus
597 | 722,deleted
598 | 723,deleted
599 | 724,deleted
600 | 725,deleted
601 | 726,deleted
602 | 727,deleted
603 | 728,deleted
604 | 729,deleted
605 | 730,deleted
606 | 731,deleted
607 | 732,deleted
608 | 733,deleted
609 | 734,deleted
610 | 735,deleted
611 | 736,deleted
612 | 737,deleted
613 | 738,deleted
614 | 739,deleted
615 | 740,deleted
616 | 741,deleted
617 | 742,deleted
618 | 743,deleted
619 | 744,deleted
620 | 745,deleted
621 | 746,deleted
622 | 747,deleted
623 | 748,deleted
624 | 749,deleted
625 | 751,deleted
626 | 752,deleted
627 | 753,deleted
628 | 754,deleted
629 | 755,deleted
630 | 756,deleted
631 | 757,deleted
632 | 758,deleted
633 | 759,deleted
634 | 760,deleted
635 | 761,deleted
636 | 762,deleted
637 | 763,deleted
638 | 764,deleted
639 | 765,deleted
640 | 766,deleted
641 | 767,deleted
642 | 768,deleted
643 | 769,deleted
644 | 770,deleted
645 | 771,deleted
646 | 772,deleted
647 | 773,deleted
648 | 774,deleted
649 | 775,deleted
650 | 776,deleted
651 | 777,deleted
652 | 778,deleted
653 | 779,deleted
654 | 780,deleted
655 | 781,deleted
656 | 782,deleted
657 | 783,deleted
658 | 784,deleted
659 | 785,deleted
660 | 786,deleted
661 | 787,deleted
662 | 788,deleted
663 | 789,deleted
664 | 790,deleted
665 | 791,deleted
666 | 792,deleted
667 | 793,deleted
668 | 794,deleted
669 | 795,deleted
670 | 796,deleted
671 | 797,deleted
672 | 798,deleted
673 | 799,deleted
674 | 800,deleted
675 | 801,deleted
676 | 802,deleted
677 | 803,web-cgi
678 | 804,web-cgi
679 | 805,web-cgi
680 | 806,web-cgi
681 | 807,web-cgi
682 | 808,web-cgi
683 | 809,web-cgi
684 | 810,web-cgi
685 | 811,web-cgi
686 | 812,web-cgi
687 | 813,web-cgi
688 | 815,web-cgi
689 | 817,web-cgi
690 | 818,web-cgi
691 | 819,web-cgi
692 | 820,web-cgi
693 | 821,web-cgi
694 | 823,web-cgi
695 | 824,web-cgi
696 | 825,web-cgi
697 | 826,web-cgi
698 | 827,web-cgi
699 | 828,web-cgi
700 | 829,web-cgi
701 | 830,web-cgi
702 | 832,web-cgi
703 | 833,web-cgi
704 | 834,web-cgi
705 | 835,web-cgi
706 | 836,web-cgi
707 | 837,web-cgi
708 | 838,web-cgi
709 | 839,web-cgi
710 | 840,web-cgi
711 | 841,web-cgi
712 | 842,web-cgi
713 | 843,web-cgi
714 | 844,web-cgi
715 | 845,web-cgi
716 | 846,web-cgi
717 | 847,web-cgi
718 | 848,web-cgi
719 | 849,web-cgi
720 | 850,web-cgi
721 | 851,web-cgi
722 | 852,web-cgi
723 | 853,web-cgi
724 | 854,web-cgi
725 | 855,deleted
726 | 856,web-cgi
727 | 857,web-cgi
728 | 858,web-cgi
729 | 859,web-cgi
730 | 860,web-cgi
731 | 861,web-cgi
732 | 862,web-cgi
733 | 863,web-cgi
734 | 864,web-cgi
735 | 865,web-cgi
736 | 866,web-cgi
737 | 867,web-cgi
738 | 868,web-cgi
739 | 869,web-cgi
740 | 870,web-cgi
741 | 871,web-cgi
742 | 872,web-cgi
743 | 873,web-cgi
744 | 874,deleted
745 | 875,web-cgi
746 | 877,web-cgi
747 | 878,web-cgi
748 | 879,web-cgi
749 | 880,web-cgi
750 | 881,web-cgi
751 | 882,web-cgi
752 | 883,web-cgi
753 | 884,web-cgi
754 | 885,web-cgi
755 | 886,web-cgi
756 | 887,web-cgi
757 | 888,web-cgi
758 | 889,web-cgi
759 | 890,web-cgi
760 | 891,web-cgi
761 | 892,web-cgi
762 | 893,web-cgi
763 | 894,web-cgi
764 | 895,web-cgi
765 | 896,web-cgi
766 | 897,web-cgi
767 | 898,web-cgi
768 | 899,web-cgi
769 | 900,web-cgi
770 | 901,web-cgi
771 | 902,web-cgi
772 | 903,web-coldfusion
773 | 904,web-coldfusion
774 | 905,web-coldfusion
775 | 906,web-coldfusion
776 | 907,web-coldfusion
777 | 908,web-coldfusion
778 | 909,web-coldfusion
779 | 910,web-coldfusion
780 | 911,web-coldfusion
781 | 912,web-coldfusion
782 | 913,web-coldfusion
783 | 914,web-coldfusion
784 | 915,web-coldfusion
785 | 916,web-coldfusion
786 | 917,web-coldfusion
787 | 918,web-coldfusion
788 | 919,web-coldfusion
789 | 920,web-coldfusion
790 | 921,web-coldfusion
791 | 922,web-coldfusion
792 | 923,web-coldfusion
793 | 924,web-coldfusion
794 | 925,web-coldfusion
795 | 926,web-coldfusion
796 | 927,web-coldfusion
797 | 928,web-coldfusion
798 | 929,web-coldfusion
799 | 930,web-coldfusion
800 | 931,web-coldfusion
801 | 932,web-coldfusion
802 | 933,web-coldfusion
803 | 935,web-coldfusion
804 | 936,web-coldfusion
805 | 937,web-frontpage
806 | 939,web-frontpage
807 | 940,web-frontpage
808 | 941,web-frontpage
809 | 942,web-frontpage
810 | 943,web-frontpage
811 | 944,web-frontpage
812 | 945,web-frontpage
813 | 946,web-frontpage
814 | 947,web-frontpage
815 | 948,web-frontpage
816 | 949,web-frontpage
817 | 950,web-frontpage
818 | 951,web-frontpage
819 | 952,web-frontpage
820 | 953,web-frontpage
821 | 954,web-frontpage
822 | 955,web-frontpage
823 | 956,web-frontpage
824 | 957,web-frontpage
825 | 958,web-frontpage
826 | 959,web-frontpage
827 | 960,web-frontpage
828 | 961,web-frontpage
829 | 962,web-frontpage
830 | 963,web-frontpage
831 | 964,web-frontpage
832 | 965,web-frontpage
833 | 966,web-frontpage
834 | 967,web-frontpage
835 | 968,web-frontpage
836 | 969,web-iis
837 | 970,deleted
838 | 971,web-iis
839 | 972,web-iis
840 | 973,web-iis
841 | 974,web-iis
842 | 975,web-iis
843 | 976,web-iis
844 | 977,web-iis
845 | 978,web-iis
846 | 979,web-iis
847 | 980,web-iis
848 | 981,deleted
849 | 982,deleted
850 | 983,deleted
851 | 984,web-iis
852 | 985,web-iis
853 | 986,web-iis
854 | 987,web-iis
855 | 988,web-iis
856 | 989,backdoor
857 | 990,web-frontpage
858 | 991,web-iis
859 | 992,web-iis
860 | 993,web-iis
861 | 994,web-iis
862 | 995,web-iis
863 | 996,web-iis
864 | 997,web-iis
865 | 998,web-iis
866 | 999,web-iis
867 | 1000,web-iis
868 | 1001,web-misc
869 | 1002,web-iis
870 | 1003,web-iis
871 | 1004,web-iis
872 | 1005,web-iis
873 | 1007,web-iis
874 | 1008,web-iis
875 | 1009,web-iis
876 | 1010,web-iis
877 | 1011,web-iis
878 | 1012,web-iis
879 | 1013,web-iis
880 | 1015,web-iis
881 | 1016,web-iis
882 | 1017,web-iis
883 | 1018,web-iis
884 | 1019,web-iis
885 | 1020,web-iis
886 | 1021,web-iis
887 | 1022,web-iis
888 | 1023,web-iis
889 | 1024,web-iis
890 | 1025,web-iis
891 | 1026,web-iis
892 | 1027,web-iis
893 | 1028,web-iis
894 | 1029,web-iis
895 | 1030,web-iis
896 | 1031,web-iis
897 | 1032,web-iis
898 | 1033,web-iis
899 | 1034,web-iis
900 | 1035,web-iis
901 | 1036,web-iis
902 | 1037,web-iis
903 | 1038,web-iis
904 | 1039,web-iis
905 | 1040,web-iis
906 | 1041,web-iis
907 | 1042,web-iis
908 | 1043,web-iis
909 | 1044,web-iis
910 | 1045,web-iis
911 | 1046,web-iis
912 | 1047,web-misc
913 | 1048,web-misc
914 | 1049,deleted
915 | 1050,web-misc
916 | 1051,web-cgi
917 | 1052,web-cgi
918 | 1053,web-cgi
919 | 1054,web-misc
920 | 1055,deleted
921 | 1056,web-misc
922 | 1057,web-misc
923 | 1058,web-misc
924 | 1059,web-misc
925 | 1060,web-misc
926 | 1061,web-misc
927 | 1062,web-misc
928 | 1064,web-misc
929 | 1065,web-misc
930 | 1066,web-misc
931 | 1067,web-misc
932 | 1068,web-misc
933 | 1069,web-misc
934 | 1070,web-misc
935 | 1071,web-misc
936 | 1072,web-misc
937 | 1073,web-misc
938 | 1075,web-iis
939 | 1076,web-iis
940 | 1077,web-misc
941 | 1078,web-misc
942 | 1079,web-misc
943 | 1080,web-misc
944 | 1081,web-misc
945 | 1082,web-misc
946 | 1083,web-misc
947 | 1084,web-misc
948 | 1085,web-php
949 | 1086,web-php
950 | 1087,web-misc
951 | 1088,web-cgi
952 | 1089,web-cgi
953 | 1090,web-cgi
954 | 1091,web-misc
955 | 1092,web-cgi
956 | 1093,web-cgi
957 | 1094,deleted
958 | 1095,web-misc
959 | 1096,web-misc
960 | 1097,web-cgi
961 | 1098,web-misc
962 | 1099,web-misc
963 | 1100,web-misc
964 | 1101,web-misc
965 | 1102,web-misc
966 | 1103,web-misc
967 | 1104,web-misc
968 | 1105,web-misc
969 | 1106,web-cgi
970 | 1107,web-misc
971 | 1108,web-misc
972 | 1109,web-misc
973 | 1110,web-misc
974 | 1111,web-misc
975 | 1112,web-misc
976 | 1113,web-misc
977 | 1114,deleted
978 | 1115,web-misc
979 | 1116,web-misc
980 | 1117,web-misc
981 | 1118,web-misc
982 | 1119,web-misc
983 | 1120,web-misc
984 | 1121,deleted
985 | 1122,web-misc
986 | 1123,web-misc
987 | 1124,web-misc
988 | 1125,web-misc
989 | 1126,web-misc
990 | 1127,web-misc
991 | 1128,web-misc
992 | 1129,web-misc
993 | 1130,web-misc
994 | 1131,web-misc
995 | 1132,web-misc
996 | 1133,scan
997 | 1134,web-php
998 | 1136,web-misc
999 | 1137,web-php
1000 | 1138,deleted
1001 | 1139,web-misc
1002 | 1140,web-misc
1003 | 1141,web-misc
1004 | 1142,web-misc
1005 | 1143,web-misc
1006 | 1144,web-misc
1007 | 1145,web-misc
1008 | 1146,web-misc
1009 | 1147,web-misc
1010 | 1148,web-misc
1011 | 1149,web-cgi
1012 | 1150,web-misc
1013 | 1151,web-misc
1014 | 1152,web-misc
1015 | 1153,web-misc
1016 | 1154,web-misc
1017 | 1155,web-misc
1018 | 1156,web-misc
1019 | 1157,web-misc
1020 | 1158,web-misc
1021 | 1159,web-misc
1022 | 1160,web-misc
1023 | 1161,web-php
1024 | 1162,web-misc
1025 | 1163,web-cgi
1026 | 1164,web-misc
1027 | 1165,web-misc
1028 | 1166,web-misc
1029 | 1167,web-misc
1030 | 1168,web-misc
1031 | 1171,web-misc
1032 | 1172,web-cgi
1033 | 1173,web-misc
1034 | 1174,web-cgi
1035 | 1175,web-misc
1036 | 1176,deleted
1037 | 1177,web-misc
1038 | 1178,web-php
1039 | 1179,web-php
1040 | 1180,web-misc
1041 | 1181,web-misc
1042 | 1182,web-misc
1043 | 1183,web-misc
1044 | 1184,web-misc
1045 | 1185,web-cgi
1046 | 1186,web-misc
1047 | 1187,web-misc
1048 | 1188,web-misc
1049 | 1189,web-misc
1050 | 1190,web-misc
1051 | 1191,web-misc
1052 | 1192,web-misc
1053 | 1193,web-misc
1054 | 1194,web-cgi
1055 | 1195,web-cgi
1056 | 1196,web-cgi
1057 | 1197,web-php
1058 | 1198,web-misc
1059 | 1199,web-misc
1060 | 1200,attack-responses
1061 | 1201,attack-responses
1062 | 1202,web-misc
1063 | 1204,web-cgi
1064 | 1205,web-cgi
1065 | 1206,web-cgi
1066 | 1207,web-misc
1067 | 1208,web-cgi
1068 | 1209,web-misc
1069 | 1211,web-cgi
1070 | 1212,web-misc
1071 | 1213,web-misc
1072 | 1214,web-misc
1073 | 1215,web-cgi
1074 | 1216,web-misc
1075 | 1217,web-misc
1076 | 1218,web-misc
1077 | 1219,web-cgi
1078 | 1220,web-misc
1079 | 1221,web-misc
1080 | 1222,web-cgi
1081 | 1224,web-misc
1082 | 1225,x11
1083 | 1226,x11
1084 | 1227,deleted
1085 | 1228,scan
1086 | 1229,ftp
1087 | 1230,web-misc
1088 | 1231,web-misc
1089 | 1232,web-misc
1090 | 1233,web-client
1091 | 1234,web-misc
1092 | 1235,web-misc
1093 | 1236,deleted
1094 | 1237,deleted
1095 | 1238,deleted
1096 | 1239,netbios
1097 | 1240,exploit
1098 | 1241,web-misc
1099 | 1242,web-iis
1100 | 1243,web-iis
1101 | 1244,web-iis
1102 | 1245,web-iis
1103 | 1246,deleted
1104 | 1247,deleted
1105 | 1248,web-frontpage
1106 | 1249,web-frontpage
1107 | 1250,web-misc
1108 | 1251,info
1109 | 1252,telnet
1110 | 1253,telnet
1111 | 1254,web-php
1112 | 1255,web-php
1113 | 1256,web-iis
1114 | 1257,dos
1115 | 1258,web-misc
1116 | 1259,web-misc
1117 | 1260,web-misc
1118 | 1261,exploit
1119 | 1262,rpc
1120 | 1263,rpc
1121 | 1264,rpc
1122 | 1265,rpc
1123 | 1266,rpc
1124 | 1267,rpc
1125 | 1268,rpc
1126 | 1269,rpc
1127 | 1270,rpc
1128 | 1271,rpc
1129 | 1272,rpc
1130 | 1273,rpc
1131 | 1274,rpc
1132 | 1275,rpc
1133 | 1276,rpc
1134 | 1277,rpc
1135 | 1278,deleted
1136 | 1279,rpc
1137 | 1280,rpc
1138 | 1281,rpc
1139 | 1282,deleted
1140 | 1283,web-iis
1141 | 1284,web-client
1142 | 1285,web-iis
1143 | 1286,web-iis
1144 | 1287,web-iis
1145 | 1288,web-frontpage
1146 | 1289,tftp
1147 | 1290,web-client
1148 | 1291,web-misc
1149 | 1292,attack-responses
1150 | 1293,netbios
1151 | 1294,netbios
1152 | 1295,netbios
1153 | 1296,deleted
1154 | 1297,deleted
1155 | 1298,deleted
1156 | 1299,deleted
1157 | 1300,web-php
1158 | 1301,web-php
1159 | 1302,web-misc
1160 | 1303,web-misc
1161 | 1304,web-cgi
1162 | 1305,web-cgi
1163 | 1306,web-cgi
1164 | 1307,web-cgi
1165 | 1308,web-cgi
1166 | 1309,web-cgi
1167 | 1310,porn
1168 | 1311,porn
1169 | 1312,porn
1170 | 1313,porn
1171 | 1314,porn
1172 | 1315,porn
1173 | 1316,porn
1174 | 1317,porn
1175 | 1318,porn
1176 | 1319,porn
1177 | 1320,porn
1178 | 1321,bad-traffic
1179 | 1322,bad-traffic
1180 | 1323,exploit
1181 | 1324,exploit
1182 | 1325,exploit
1183 | 1326,exploit
1184 | 1327,exploit
1185 | 1328,web-attacks
1186 | 1329,web-attacks
1187 | 1330,web-attacks
1188 | 1331,web-attacks
1189 | 1332,web-attacks
1190 | 1333,web-attacks
1191 | 1334,web-attacks
1192 | 1335,web-attacks
1193 | 1336,web-attacks
1194 | 1337,web-attacks
1195 | 1338,web-attacks
1196 | 1339,web-attacks
1197 | 1340,web-attacks
1198 | 1341,web-attacks
1199 | 1342,web-attacks
1200 | 1343,web-attacks
1201 | 1344,web-attacks
1202 | 1345,web-attacks
1203 | 1346,web-attacks
1204 | 1347,web-attacks
1205 | 1348,web-attacks
1206 | 1349,web-attacks
1207 | 1350,web-attacks
1208 | 1351,web-attacks
1209 | 1352,web-attacks
1210 | 1353,web-attacks
1211 | 1354,web-attacks
1212 | 1355,web-attacks
1213 | 1356,web-attacks
1214 | 1357,web-attacks
1215 | 1358,web-attacks
1216 | 1359,web-attacks
1217 | 1360,web-attacks
1218 | 1361,web-attacks
1219 | 1362,web-attacks
1220 | 1363,web-attacks
1221 | 1364,web-attacks
1222 | 1365,web-attacks
1223 | 1366,web-attacks
1224 | 1367,web-attacks
1225 | 1368,web-attacks
1226 | 1369,web-attacks
1227 | 1370,web-attacks
1228 | 1371,web-attacks
1229 | 1372,web-attacks
1230 | 1373,web-attacks
1231 | 1374,web-misc
1232 | 1375,web-misc
1233 | 1376,web-misc
1234 | 1377,ftp
1235 | 1378,ftp
1236 | 1379,ftp
1237 | 1380,web-iis
1238 | 1381,web-misc
1239 | 1382,exploit
1240 | 1383,p2p
1241 | 1384,misc
1242 | 1385,web-misc
1243 | 1386,sql
1244 | 1387,sql
1245 | 1388,misc
1246 | 1389,web-misc
1247 | 1390,shellcode
1248 | 1391,web-misc
1249 | 1392,web-cgi
1250 | 1393,misc
1251 | 1394,shellcode
1252 | 1395,web-cgi
1253 | 1396,web-cgi
1254 | 1397,web-cgi
1255 | 1398,exploit
1256 | 1399,web-php
1257 | 1400,web-iis
1258 | 1401,web-iis
1259 | 1402,web-iis
1260 | 1403,web-misc
1261 | 1404,web-misc
1262 | 1405,web-cgi
1263 | 1406,web-cgi
1264 | 1407,web-php
1265 | 1408,dos
1266 | 1409,snmp
1267 | 1410,web-cgi
1268 | 1411,snmp
1269 | 1412,snmp
1270 | 1413,snmp
1271 | 1414,snmp
1272 | 1415,snmp
1273 | 1416,snmp
1274 | 1417,snmp
1275 | 1418,snmp
1276 | 1419,snmp
1277 | 1420,snmp
1278 | 1421,snmp
1279 | 1422,snmp
1280 | 1423,web-php
1281 | 1424,shellcode
1282 | 1425,web-php
1283 | 1426,snmp
1284 | 1427,snmp
1285 | 1428,multimedia
1286 | 1429,policy
1287 | 1430,telnet
1288 | 1431,bad-traffic
1289 | 1432,p2p
1290 | 1433,web-misc
1291 | 1434,web-misc
1292 | 1435,dns
1293 | 1436,multimedia
1294 | 1437,multimedia
1295 | 1438,deleted
1296 | 1439,multimedia
1297 | 1440,multimedia
1298 | 1441,tftp
1299 | 1442,tftp
1300 | 1443,tftp
1301 | 1444,tftp
1302 | 1445,policy
1303 | 1446,smtp
1304 | 1447,misc
1305 | 1448,misc
1306 | 1449,deleted
1307 | 1450,smtp
1308 | 1451,web-cgi
1309 | 1452,web-cgi
1310 | 1453,web-cgi
1311 | 1454,web-cgi
1312 | 1455,web-cgi
1313 | 1456,web-cgi
1314 | 1457,web-cgi
1315 | 1458,web-cgi
1316 | 1459,web-cgi
1317 | 1460,web-cgi
1318 | 1461,web-cgi
1319 | 1462,web-cgi
1320 | 1463,chat
1321 | 1464,attack-responses
1322 | 1465,web-cgi
1323 | 1466,web-cgi
1324 | 1467,web-cgi
1325 | 1468,web-cgi
1326 | 1469,web-cgi
1327 | 1470,web-cgi
1328 | 1471,web-cgi
1329 | 1472,web-cgi
1330 | 1473,web-cgi
1331 | 1474,web-cgi
1332 | 1475,web-cgi
1333 | 1476,web-cgi
1334 | 1477,deleted
1335 | 1478,web-cgi
1336 | 1479,web-cgi
1337 | 1480,web-cgi
1338 | 1481,web-cgi
1339 | 1482,web-cgi
1340 | 1483,web-cgi
1341 | 1484,web-iis
1342 | 1485,web-iis
1343 | 1486,web-iis
1344 | 1487,web-iis
1345 | 1488,web-cgi
1346 | 1489,web-misc
1347 | 1490,web-php
1348 | 1491,web-php
1349 | 1492,web-misc
1350 | 1493,web-misc
1351 | 1494,web-cgi
1352 | 1495,web-cgi
1353 | 1496,web-cgi
1354 | 1497,web-misc
1355 | 1498,web-misc
1356 | 1499,web-misc
1357 | 1500,web-misc
1358 | 1501,web-cgi
1359 | 1502,web-cgi
1360 | 1503,web-cgi
1361 | 1504,misc
1362 | 1505,web-cgi
1363 | 1506,web-cgi
1364 | 1507,web-cgi
1365 | 1508,web-cgi
1366 | 1509,web-cgi
1367 | 1510,web-cgi
1368 | 1511,web-cgi
1369 | 1512,web-cgi
1370 | 1513,web-cgi
1371 | 1514,web-cgi
1372 | 1515,web-cgi
1373 | 1516,web-cgi
1374 | 1517,web-cgi
1375 | 1518,web-misc
1376 | 1519,web-misc
1377 | 1520,web-misc
1378 | 1521,web-misc
1379 | 1522,web-misc
1380 | 1523,web-misc
1381 | 1524,web-misc
1382 | 1525,web-misc
1383 | 1526,web-misc
1384 | 1527,web-misc
1385 | 1528,web-misc
1386 | 1529,ftp
1387 | 1530,deleted
1388 | 1531,web-cgi
1389 | 1532,web-cgi
1390 | 1533,web-cgi
1391 | 1534,web-cgi
1392 | 1535,web-cgi
1393 | 1536,web-cgi
1394 | 1537,web-cgi
1395 | 1538,nntp
1396 | 1539,web-cgi
1397 | 1540,web-coldfusion
1398 | 1541,finger
1399 | 1542,web-cgi
1400 | 1543,web-cgi
1401 | 1544,web-misc
1402 | 1545,dos
1403 | 1546,web-misc
1404 | 1547,web-cgi
1405 | 1548,web-cgi
1406 | 1549,smtp
1407 | 1550,smtp
1408 | 1551,web-misc
1409 | 1552,web-misc
1410 | 1553,web-cgi
1411 | 1554,web-cgi
1412 | 1555,web-cgi
1413 | 1556,web-cgi
1414 | 1557,web-cgi
1415 | 1558,web-misc
1416 | 1559,web-misc
1417 | 1560,web-misc
1418 | 1561,deleted
1419 | 1562,ftp
1420 | 1563,web-misc
1421 | 1564,web-misc
1422 | 1565,web-cgi
1423 | 1566,web-cgi
1424 | 1567,web-iis
1425 | 1568,web-iis
1426 | 1569,web-cgi
1427 | 1570,web-cgi
1428 | 1571,web-cgi
1429 | 1572,web-cgi
1430 | 1573,web-cgi
1431 | 1574,web-cgi
1432 | 1575,web-misc
1433 | 1576,web-misc
1434 | 1577,web-misc
1435 | 1578,web-misc
1436 | 1579,web-misc
1437 | 1580,web-misc
1438 | 1581,web-misc
1439 | 1582,web-misc
1440 | 1583,web-misc
1441 | 1584,web-misc
1442 | 1585,web-misc
1443 | 1586,web-misc
1444 | 1587,web-misc
1445 | 1588,web-misc
1446 | 1589,web-misc
1447 | 1590,web-cgi
1448 | 1591,web-cgi
1449 | 1592,web-cgi
1450 | 1593,web-cgi
1451 | 1594,web-cgi
1452 | 1595,web-iis
1453 | 1597,web-cgi
1454 | 1598,web-cgi
1455 | 1599,web-cgi
1456 | 1600,web-cgi
1457 | 1601,web-cgi
1458 | 1602,web-cgi
1459 | 1603,web-misc
1460 | 1604,web-misc
1461 | 1605,dos
1462 | 1606,web-cgi
1463 | 1607,web-cgi
1464 | 1608,web-cgi
1465 | 1609,deleted
1466 | 1610,web-cgi
1467 | 1611,web-cgi
1468 | 1612,web-misc
1469 | 1613,web-misc
1470 | 1614,web-misc
1471 | 1615,web-misc
1472 | 1616,dns
1473 | 1617,web-cgi
1474 | 1618,web-iis
1475 | 1619,deleted
1476 | 1620,deleted
1477 | 1621,ftp
1478 | 1622,ftp
1479 | 1623,ftp
1480 | 1624,ftp
1481 | 1625,ftp
1482 | 1626,web-iis
1483 | 1627,bad-traffic
1484 | 1628,web-cgi
1485 | 1629,other-ids
1486 | 1631,chat
1487 | 1632,chat
1488 | 1633,chat
1489 | 1634,pop3
1490 | 1635,pop3
1491 | 1636,misc
1492 | 1637,web-cgi
1493 | 1638,scan
1494 | 1639,chat
1495 | 1640,chat
1496 | 1641,dos
1497 | 1642,web-cgi
1498 | 1643,web-cgi
1499 | 1644,web-cgi
1500 | 1645,web-cgi
1501 | 1646,web-cgi
1502 | 1647,deleted
1503 | 1648,web-cgi
1504 | 1649,web-cgi
1505 | 1650,web-cgi
1506 | 1651,web-cgi
1507 | 1652,web-cgi
1508 | 1653,web-cgi
1509 | 1654,web-cgi
1510 | 1655,web-cgi
1511 | 1656,web-cgi
1512 | 1657,web-cgi
1513 | 1658,web-cgi
1514 | 1659,web-coldfusion
1515 | 1660,web-iis
1516 | 1661,web-iis
1517 | 1662,web-misc
1518 | 1663,web-misc
1519 | 1664,web-misc
1520 | 1665,deleted
1521 | 1666,attack-responses
1522 | 1667,web-misc
1523 | 1668,web-cgi
1524 | 1669,web-cgi
1525 | 1670,web-misc
1526 | 1671,web-misc
1527 | 1672,ftp
1528 | 1673,oracle
1529 | 1674,oracle
1530 | 1675,oracle
1531 | 1676,oracle
1532 | 1677,oracle
1533 | 1678,oracle
1534 | 1679,oracle
1535 | 1680,oracle
1536 | 1681,oracle
1537 | 1682,oracle
1538 | 1683,oracle
1539 | 1684,oracle
1540 | 1685,oracle
1541 | 1686,oracle
1542 | 1687,oracle
1543 | 1688,oracle
1544 | 1689,oracle
1545 | 1690,oracle
1546 | 1691,oracle
1547 | 1692,oracle
1548 | 1693,oracle
1549 | 1694,oracle
1550 | 1695,oracle
1551 | 1696,oracle
1552 | 1697,oracle
1553 | 1698,deleted
1554 | 1699,p2p
1555 | 1700,web-cgi
1556 | 1701,web-cgi
1557 | 1702,web-cgi
1558 | 1703,web-cgi
1559 | 1704,web-cgi
1560 | 1705,web-cgi
1561 | 1706,web-cgi
1562 | 1707,web-cgi
1563 | 1708,web-cgi
1564 | 1709,web-cgi
1565 | 1710,web-cgi
1566 | 1711,web-cgi
1567 | 1712,web-cgi
1568 | 1713,web-cgi
1569 | 1714,web-cgi
1570 | 1715,web-cgi
1571 | 1716,web-cgi
1572 | 1717,web-cgi
1573 | 1718,web-cgi
1574 | 1719,web-cgi
1575 | 1720,web-cgi
1576 | 1721,web-cgi
1577 | 1722,web-cgi
1578 | 1723,web-cgi
1579 | 1724,web-cgi
1580 | 1725,web-iis
1581 | 1726,web-iis
1582 | 1727,web-cgi
1583 | 1728,deleted
1584 | 1729,chat
1585 | 1730,web-cgi
1586 | 1731,web-cgi
1587 | 1732,rpc
1588 | 1733,rpc
1589 | 1734,ftp
1590 | 1735,web-client
1591 | 1736,web-php
1592 | 1737,web-php
1593 | 1738,web-misc
1594 | 1739,web-php
1595 | 1740,web-php
1596 | 1741,web-php
1597 | 1742,web-php
1598 | 1743,web-php
1599 | 1744,web-misc
1600 | 1745,web-php
1601 | 1746,rpc
1602 | 1747,rpc
1603 | 1748,ftp
1604 | 1749,deleted
1605 | 1750,web-iis
1606 | 1751,exploit
1607 | 1752,misc
1608 | 1753,web-iis
1609 | 1754,web-iis
1610 | 1755,imap
1611 | 1756,web-iis
1612 | 1757,web-misc
1613 | 1758,deleted
1614 | 1759,sql
1615 | 1760,other-ids
1616 | 1761,other-ids
1617 | 1762,web-cgi
1618 | 1763,web-cgi
1619 | 1764,web-cgi
1620 | 1765,web-cgi
1621 | 1766,web-misc
1622 | 1767,web-misc
1623 | 1768,deleted
1624 | 1769,web-misc
1625 | 1770,web-misc
1626 | 1771,policy
1627 | 1772,web-iis
1628 | 1773,web-php
1629 | 1774,web-php
1630 | 1775,mysql
1631 | 1776,mysql
1632 | 1777,ftp
1633 | 1778,ftp
1634 | 1779,deleted
1635 | 1780,deleted
1636 | 1781,porn
1637 | 1782,porn
1638 | 1783,porn
1639 | 1784,porn
1640 | 1785,porn
1641 | 1786,porn
1642 | 1787,web-cgi
1643 | 1788,web-cgi
1644 | 1789,chat
1645 | 1790,chat
1646 | 1791,backdoor
1647 | 1792,nntp
1648 | 1793,porn
1649 | 1794,porn
1650 | 1795,porn
1651 | 1796,porn
1652 | 1797,porn
1653 | 1798,porn
1654 | 1799,porn
1655 | 1800,deleted
1656 | 1801,web-iis
1657 | 1802,web-iis
1658 | 1803,web-iis
1659 | 1804,web-iis
1660 | 1805,web-cgi
1661 | 1806,web-iis
1662 | 1807,web-misc
1663 | 1808,web-misc
1664 | 1809,web-misc
1665 | 1810,attack-responses
1666 | 1811,attack-responses
1667 | 1812,exploit
1668 | 1813,icmp
1669 | 1814,web-misc
1670 | 1815,web-php
1671 | 1816,web-php
1672 | 1817,web-iis
1673 | 1818,web-iis
1674 | 1819,misc
1675 | 1820,web-misc
1676 | 1821,exploit
1677 | 1822,web-cgi
1678 | 1823,web-cgi
1679 | 1824,web-cgi
1680 | 1825,web-cgi
1681 | 1826,web-misc
1682 | 1827,web-misc
1683 | 1828,web-misc
1684 | 1829,web-misc
1685 | 1830,web-misc
1686 | 1831,web-misc
1687 | 1832,chat
1688 | 1833,porn
1689 | 1834,web-php
1690 | 1835,web-misc
1691 | 1836,porn
1692 | 1837,porn
1693 | 1838,exploit
1694 | 1839,web-misc
1695 | 1840,web-client
1696 | 1841,web-client
1697 | 1842,imap
1698 | 1843,backdoor
1699 | 1844,imap
1700 | 1845,imap
1701 | 1846,policy
1702 | 1847,web-misc
1703 | 1848,web-misc
1704 | 1849,web-misc
1705 | 1850,web-cgi
1706 | 1851,web-misc
1707 | 1852,web-misc
1708 | 1853,backdoor
1709 | 1854,ddos
1710 | 1855,ddos
1711 | 1856,ddos
1712 | 1857,web-misc
1713 | 1858,web-misc
1714 | 1859,web-misc
1715 | 1860,web-misc
1716 | 1861,web-misc
1717 | 1862,web-cgi
1718 | 1864,ftp
1719 | 1865,web-cgi
1720 | 1866,pop3
1721 | 1867,misc
1722 | 1868,web-cgi
1723 | 1869,web-cgi
1724 | 1870,web-cgi
1725 | 1871,web-misc
1726 | 1872,web-misc
1727 | 1873,web-misc
1728 | 1874,web-misc
1729 | 1875,web-cgi
1730 | 1876,web-cgi
1731 | 1877,web-cgi
1732 | 1878,web-cgi
1733 | 1879,web-cgi
1734 | 1880,web-misc
1735 | 1881,web-misc
1736 | 1882,attack-responses
1737 | 1883,deleted
1738 | 1884,deleted
1739 | 1885,deleted
1740 | 1886,deleted
1741 | 1887,misc
1742 | 1888,ftp
1743 | 1889,misc
1744 | 1890,rpc
1745 | 1891,rpc
1746 | 1892,snmp
1747 | 1893,snmp
1748 | 1894,exploit
1749 | 1895,exploit
1750 | 1896,exploit
1751 | 1897,exploit
1752 | 1898,exploit
1753 | 1899,exploit
1754 | 1900,attack-responses
1755 | 1901,attack-responses
1756 | 1902,imap
1757 | 1903,imap
1758 | 1904,imap
1759 | 1905,rpc
1760 | 1906,rpc
1761 | 1907,rpc
1762 | 1908,rpc
1763 | 1909,rpc
1764 | 1910,rpc
1765 | 1911,rpc
1766 | 1912,rpc
1767 | 1913,rpc
1768 | 1914,rpc
1769 | 1915,rpc
1770 | 1916,rpc
1771 | 1917,scan
1772 | 1918,scan
1773 | 1919,ftp
1774 | 1920,ftp
1775 | 1921,ftp
1776 | 1922,rpc
1777 | 1923,rpc
1778 | 1924,rpc
1779 | 1925,rpc
1780 | 1926,rpc
1781 | 1927,ftp
1782 | 1928,ftp
1783 | 1929,backdoor
1784 | 1930,imap
1785 | 1931,web-cgi
1786 | 1932,web-cgi
1787 | 1933,web-cgi
1788 | 1934,pop2
1789 | 1935,pop2
1790 | 1936,pop3
1791 | 1937,pop3
1792 | 1938,pop3
1793 | 1939,misc
1794 | 1940,misc
1795 | 1941,tftp
1796 | 1942,ftp
1797 | 1943,web-misc
1798 | 1944,web-misc
1799 | 1945,deleted
1800 | 1946,web-misc
1801 | 1947,web-misc
1802 | 1948,dns
1803 | 1949,rpc
1804 | 1950,rpc
1805 | 1951,rpc
1806 | 1952,rpc
1807 | 1953,rpc
1808 | 1954,rpc
1809 | 1955,rpc
1810 | 1956,rpc
1811 | 1957,rpc
1812 | 1958,rpc
1813 | 1959,rpc
1814 | 1960,rpc
1815 | 1961,rpc
1816 | 1962,rpc
1817 | 1963,rpc
1818 | 1964,rpc
1819 | 1965,rpc
1820 | 1966,misc
1821 | 1967,web-php
1822 | 1968,web-php
1823 | 1969,web-misc
1824 | 1970,web-iis
1825 | 1971,ftp
1826 | 1972,ftp
1827 | 1973,ftp
1828 | 1974,ftp
1829 | 1975,ftp
1830 | 1976,ftp
1831 | 1977,web-misc
1832 | 1978,web-misc
1833 | 1979,web-misc
1834 | 1980,backdoor
1835 | 1981,backdoor
1836 | 1982,backdoor
1837 | 1983,backdoor
1838 | 1984,backdoor
1839 | 1985,backdoor
1840 | 1986,chat
1841 | 1987,misc
1842 | 1988,chat
1843 | 1989,chat
1844 | 1990,chat
1845 | 1991,chat
1846 | 1992,ftp
1847 | 1993,imap
1848 | 1994,web-cgi
1849 | 1995,web-cgi
1850 | 1996,web-cgi
1851 | 1997,web-php
1852 | 1998,web-php
1853 | 1999,web-php
1854 | 2000,web-php
1855 | 2001,web-cgi
1856 | 2002,web-php
1857 | 2003,sql
1858 | 2004,sql
1859 | 2005,rpc
1860 | 2006,rpc
1861 | 2007,rpc
1862 | 2008,misc
1863 | 2009,misc
1864 | 2010,misc
1865 | 2011,misc
1866 | 2012,misc
1867 | 2013,misc
1868 | 2014,rpc
1869 | 2015,rpc
1870 | 2016,rpc
1871 | 2017,rpc
1872 | 2018,rpc
1873 | 2019,rpc
1874 | 2020,rpc
1875 | 2021,rpc
1876 | 2022,rpc
1877 | 2023,rpc
1878 | 2024,rpc
1879 | 2025,rpc
1880 | 2026,rpc
1881 | 2027,rpc
1882 | 2028,rpc
1883 | 2029,rpc
1884 | 2030,rpc
1885 | 2031,rpc
1886 | 2032,rpc
1887 | 2033,rpc
1888 | 2034,rpc
1889 | 2035,rpc
1890 | 2036,rpc
1891 | 2037,rpc
1892 | 2038,rpc
1893 | 2039,misc
1894 | 2040,policy
1895 | 2041,misc
1896 | 2042,policy
1897 | 2043,misc
1898 | 2044,policy
1899 | 2045,rpc
1900 | 2046,imap
1901 | 2047,misc
1902 | 2048,misc
1903 | 2049,sql
1904 | 2050,sql
1905 | 2051,web-cgi
1906 | 2052,web-cgi
1907 | 2053,web-cgi
1908 | 2054,web-cgi
1909 | 2055,web-cgi
1910 | 2056,web-misc
1911 | 2057,web-misc
1912 | 2058,web-misc
1913 | 2059,web-misc
1914 | 2060,web-misc
1915 | 2061,web-misc
1916 | 2062,web-misc
1917 | 2063,web-misc
1918 | 2064,web-misc
1919 | 2065,web-misc
1920 | 2066,web-misc
1921 | 2067,web-misc
1922 | 2068,web-misc
1923 | 2069,web-misc
1924 | 2070,web-misc
1925 | 2071,web-misc
1926 | 2072,web-misc
1927 | 2073,web-misc
1928 | 2074,web-php
1929 | 2075,web-php
1930 | 2076,web-php
1931 | 2077,web-php
1932 | 2078,web-php
1933 | 2079,rpc
1934 | 2080,rpc
1935 | 2081,rpc
1936 | 2082,rpc
1937 | 2083,rpc
1938 | 2084,rpc
1939 | 2085,web-cgi
1940 | 2086,web-cgi
1941 | 2087,smtp
1942 | 2088,rpc
1943 | 2089,rpc
1944 | 2090,web-iis
1945 | 2091,web-iis
1946 | 2092,rpc
1947 | 2093,rpc
1948 | 2094,rpc
1949 | 2095,rpc
1950 | 2100,backdoor
1951 | 2101,netbios
1952 | 2102,deleted
1953 | 2103,netbios
1954 | 2104,attack-responses
1955 | 2105,imap
1956 | 2106,imap
1957 | 2107,imap
1958 | 2108,pop3
1959 | 2109,pop3
1960 | 2110,pop3
1961 | 2111,pop3
1962 | 2112,pop3
1963 | 2113,rservices
1964 | 2114,rservices
1965 | 2115,web-cgi
1966 | 2116,web-cgi
1967 | 2117,web-iis
1968 | 2118,imap
1969 | 2119,imap
1970 | 2120,imap
1971 | 2121,pop3
1972 | 2122,pop3
1973 | 2123,attack-responses
1974 | 2124,backdoor
1975 | 2125,ftp
1976 | 2126,misc
1977 | 2127,web-cgi
1978 | 2128,web-cgi
1979 | 2129,web-iis
1980 | 2130,web-iis
1981 | 2131,web-iis
1982 | 2132,web-iis
1983 | 2133,web-iis
1984 | 2134,web-iis
1985 | 2135,web-misc
1986 | 2136,web-misc
1987 | 2137,web-misc
1988 | 2138,web-misc
1989 | 2139,web-misc
1990 | 2140,web-php
1991 | 2141,web-php
1992 | 2142,web-php
1993 | 2143,web-php
1994 | 2144,web-php
1995 | 2145,web-php
1996 | 2146,web-php
1997 | 2147,web-php
1998 | 2148,web-php
1999 | 2149,web-php
2000 | 2150,web-php
2001 | 2151,web-php
2002 | 2152,web-php
2003 | 2153,web-php
2004 | 2154,web-php
2005 | 2155,web-php
2006 | 2156,web-misc
2007 | 2157,web-iis
2008 | 2158,misc
2009 | 2159,misc
2010 | 2160,deleted
2011 | 2161,deleted
2012 | 2162,deleted
2013 | 2163,deleted
2014 | 2164,deleted
2015 | 2165,deleted
2016 | 2166,deleted
2017 | 2167,deleted
2018 | 2168,deleted
2019 | 2169,deleted
2020 | 2170,deleted
2021 | 2171,deleted
2022 | 2172,deleted
2023 | 2173,deleted
2024 | 2174,netbios
2025 | 2175,netbios
2026 | 2176,netbios
2027 | 2177,netbios
2028 | 2178,ftp
2029 | 2179,ftp
2030 | 2180,p2p
2031 | 2181,p2p
2032 | 2182,backdoor
2033 | 2183,smtp
2034 | 2184,rpc
2035 | 2185,rpc
2036 | 2186,bad-traffic
2037 | 2187,bad-traffic
2038 | 2188,bad-traffic
2039 | 2189,bad-traffic
2040 | 2190,netbios
2041 | 2191,netbios
2042 | 2192,netbios
2043 | 2193,netbios
2044 | 2194,web-cgi
2045 | 2195,web-cgi
2046 | 2196,web-cgi
2047 | 2197,web-cgi
2048 | 2198,web-cgi
2049 | 2199,web-cgi
2050 | 2200,web-cgi
2051 | 2201,web-cgi
2052 | 2202,web-cgi
2053 | 2203,web-cgi
2054 | 2204,web-cgi
2055 | 2205,web-cgi
2056 | 2206,web-cgi
2057 | 2207,web-cgi
2058 | 2208,web-cgi
2059 | 2209,web-cgi
2060 | 2210,web-cgi
2061 | 2211,web-cgi
2062 | 2212,web-cgi
2063 | 2213,web-cgi
2064 | 2214,web-cgi
2065 | 2215,web-cgi
2066 | 2216,web-cgi
2067 | 2217,web-cgi
2068 | 2218,web-cgi
2069 | 2219,web-cgi
2070 | 2220,web-cgi
2071 | 2221,web-cgi
2072 | 2222,web-cgi
2073 | 2223,web-cgi
2074 | 2224,web-cgi
2075 | 2225,web-cgi
2076 | 2226,web-php
2077 | 2227,web-php
2078 | 2228,web-php
2079 | 2229,web-php
2080 | 2230,web-misc
2081 | 2231,web-misc
2082 | 2232,web-misc
2083 | 2233,web-misc
2084 | 2234,web-misc
2085 | 2235,web-misc
2086 | 2236,web-misc
2087 | 2237,web-misc
2088 | 2238,web-misc
2089 | 2239,web-misc
2090 | 2240,web-misc
2091 | 2241,web-misc
2092 | 2242,web-misc
2093 | 2243,web-misc
2094 | 2244,web-misc
2095 | 2245,web-misc
2096 | 2246,web-misc
2097 | 2247,web-iis
2098 | 2248,web-iis
2099 | 2249,web-iis
2100 | 2250,pop3
2101 | 2251,netbios
2102 | 2252,netbios
2103 | 2253,smtp
2104 | 2254,deleted
2105 | 2255,rpc
2106 | 2256,rpc
2107 | 2257,netbios
2108 | 2258,netbios
2109 | 2259,smtp
2110 | 2260,smtp
2111 | 2261,smtp
2112 | 2262,smtp
2113 | 2263,smtp
2114 | 2264,smtp
2115 | 2265,smtp
2116 | 2266,smtp
2117 | 2267,smtp
2118 | 2268,smtp
2119 | 2269,smtp
2120 | 2270,smtp
2121 | 2271,backdoor
2122 | 2272,ftp
2123 | 2273,imap
2124 | 2274,pop3
2125 | 2275,smtp
2126 | 2276,web-misc
2127 | 2277,web-misc
2128 | 2278,web-misc
2129 | 2279,web-php
2130 | 2280,web-php
2131 | 2281,web-php
2132 | 2282,web-php
2133 | 2283,web-php
2134 | 2284,web-php
2135 | 2285,web-php
2136 | 2286,web-php
2137 | 2287,web-php
2138 | 2288,web-php
2139 | 2289,web-php
2140 | 2290,web-php
2141 | 2291,web-php
2142 | 2292,web-php
2143 | 2293,web-php
2144 | 2294,web-php
2145 | 2295,web-php
2146 | 2296,web-php
2147 | 2297,web-php
2148 | 2298,web-php
2149 | 2299,web-php
2150 | 2300,web-php
2151 | 2301,web-php
2152 | 2302,web-php
2153 | 2303,web-php
2154 | 2304,web-php
2155 | 2305,web-php
2156 | 2306,web-php
2157 | 2307,web-php
2158 | 2308,netbios
2159 | 2309,netbios
2160 | 2310,netbios
2161 | 2311,netbios
2162 | 2312,shellcode
2163 | 2313,shellcode
2164 | 2314,deleted
2165 | 2315,netbios
2166 | 2316,netbios
2167 | 2317,misc
2168 | 2318,misc
2169 | 2319,exploit
2170 | 2320,exploit
2171 | 2321,web-iis
2172 | 2322,web-iis
2173 | 2323,web-cgi
2174 | 2324,web-iis
2175 | 2325,web-iis
2176 | 2326,web-iis
2177 | 2327,web-misc
2178 | 2328,web-php
2179 | 2329,sql
2180 | 2330,imap
2181 | 2331,web-php
2182 | 2332,ftp
2183 | 2333,ftp
2184 | 2334,ftp
2185 | 2335,ftp
2186 | 2336,deleted
2187 | 2337,tftp
2188 | 2338,ftp
2189 | 2339,tftp
2190 | 2340,ftp
2191 | 2341,web-php
2192 | 2342,web-php
2193 | 2343,ftp
2194 | 2344,ftp
2195 | 2345,web-php
2196 | 2346,web-php
2197 | 2347,web-php
2198 | 2348,netbios
2199 | 2349,netbios
2200 | 2350,netbios
2201 | 2351,netbios
2202 | 2352,netbios
2203 | 2353,web-php
2204 | 2354,web-php
2205 | 2355,web-php
2206 | 2356,web-php
2207 | 2357,web-php
2208 | 2358,web-php
2209 | 2359,web-php
2210 | 2360,web-php
2211 | 2361,web-php
2212 | 2362,web-php
2213 | 2363,web-php
2214 | 2364,web-php
2215 | 2365,web-php
2216 | 2366,web-php
2217 | 2367,web-php
2218 | 2368,web-php
2219 | 2369,web-misc
2220 | 2370,web-misc
2221 | 2371,web-misc
2222 | 2372,web-php
2223 | 2373,ftp
2224 | 2374,ftp
2225 | 2375,backdoor
2226 | 2376,exploit
2227 | 2377,exploit
2228 | 2378,exploit
2229 | 2379,exploit
2230 | 2380,exploit
2231 | 2381,web-misc
2232 | 2382,netbios
2233 | 2383,netbios
2234 | 2384,deleted
2235 | 2385,deleted
2236 | 2386,web-iis
2237 | 2387,web-cgi
2238 | 2388,web-cgi
2239 | 2389,ftp
2240 | 2390,ftp
2241 | 2391,ftp
2242 | 2392,ftp
2243 | 2393,web-php
2244 | 2394,web-misc
2245 | 2395,web-misc
2246 | 2396,web-cgi
2247 | 2397,web-cgi
2248 | 2398,web-php
2249 | 2399,web-php
2250 | 2400,web-misc
2251 | 2401,netbios
2252 | 2402,netbios
2253 | 2403,netbios
2254 | 2404,netbios
2255 | 2405,web-php
2256 | 2406,telnet
2257 | 2407,web-misc
2258 | 2408,web-misc
2259 | 2409,pop3
2260 | 2410,web-php
2261 | 2411,web-misc
2262 | 2412,attack-responses
2263 | 2413,exploit
2264 | 2414,exploit
2265 | 2415,exploit
2266 | 2416,ftp
2267 | 2417,ftp
2268 | 2418,misc
2269 | 2419,multimedia
2270 | 2420,multimedia
2271 | 2421,multimedia
2272 | 2422,multimedia
2273 | 2423,multimedia
2274 | 2424,nntp
2275 | 2425,nntp
2276 | 2426,nntp
2277 | 2427,nntp
2278 | 2428,nntp
2279 | 2429,nntp
2280 | 2430,nntp
2281 | 2431,nntp
2282 | 2432,nntp
2283 | 2433,web-cgi
2284 | 2434,web-cgi
2285 | 2435,web-client
2286 | 2436,web-client
2287 | 2437,web-client
2288 | 2438,web-client
2289 | 2439,web-client
2290 | 2440,web-client
2291 | 2441,web-misc
2292 | 2442,web-misc
2293 | 2443,exploit
2294 | 2444,exploit
2295 | 2445,exploit
2296 | 2446,exploit
2297 | 2447,web-misc
2298 | 2448,web-misc
2299 | 2449,ftp
2300 | 2450,chat
2301 | 2451,chat
2302 | 2452,chat
2303 | 2453,chat
2304 | 2454,chat
2305 | 2455,chat
2306 | 2456,chat
2307 | 2457,chat
2308 | 2458,chat
2309 | 2459,chat
2310 | 2460,chat
2311 | 2461,chat
2312 | 2462,exploit
2313 | 2463,exploit
2314 | 2464,exploit
2315 | 2465,netbios
2316 | 2466,netbios
2317 | 2467,netbios
2318 | 2468,netbios
2319 | 2469,netbios
2320 | 2470,netbios
2321 | 2471,netbios
2322 | 2472,netbios
2323 | 2473,netbios
2324 | 2474,netbios
2325 | 2475,netbios
2326 | 2476,netbios
2327 | 2477,netbios
2328 | 2478,netbios
2329 | 2479,netbios
2330 | 2480,netbios
2331 | 2481,netbios
2332 | 2482,netbios
2333 | 2483,netbios
2334 | 2484,web-misc
2335 | 2485,web-client
2336 | 2486,dos
2337 | 2487,smtp
2338 | 2488,smtp
2339 | 2489,exploit
2340 | 2490,exploit
2341 | 2491,netbios
2342 | 2492,netbios
2343 | 2493,netbios
2344 | 2494,netbios
2345 | 2495,netbios
2346 | 2496,netbios
2347 | 2497,imap
2348 | 2498,deleted
2349 | 2499,deleted
2350 | 2500,misc
2351 | 2501,pop3
2352 | 2502,pop3
2353 | 2503,deleted
2354 | 2504,smtp
2355 | 2505,web-misc
2356 | 2506,deleted
2357 | 2507,netbios
2358 | 2508,netbios
2359 | 2509,netbios
2360 | 2510,netbios
2361 | 2511,netbios
2362 | 2512,netbios
2363 | 2513,netbios
2364 | 2514,netbios
2365 | 2515,web-misc
2366 | 2516,misc
2367 | 2517,imap
2368 | 2518,pop3
2369 | 2519,smtp
2370 | 2520,web-misc
2371 | 2521,web-misc
2372 | 2522,web-misc
2373 | 2523,dos
2374 | 2524,netbios
2375 | 2525,netbios
2376 | 2526,netbios
2377 | 2527,smtp
2378 | 2528,smtp
2379 | 2529,imap
2380 | 2530,imap
2381 | 2531,imap
2382 | 2532,misc
2383 | 2533,misc
2384 | 2534,misc
2385 | 2535,pop3
2386 | 2536,pop3
2387 | 2537,pop3
2388 | 2538,smtp
2389 | 2539,smtp
2390 | 2540,smtp
2391 | 2541,smtp
2392 | 2542,smtp
2393 | 2543,smtp
2394 | 2544,smtp
2395 | 2545,exploit
2396 | 2546,ftp
2397 | 2547,misc
2398 | 2548,misc
2399 | 2549,misc
2400 | 2550,exploit
2401 | 2551,exploit
2402 | 2552,exploit
2403 | 2553,exploit
2404 | 2554,exploit
2405 | 2555,exploit
2406 | 2556,exploit
2407 | 2557,exploit
2408 | 2558,exploit
2409 | 2559,exploit
2410 | 2560,exploit
2411 | 2561,misc
2412 | 2562,web-misc
2413 | 2563,netbios
2414 | 2564,netbios
2415 | 2565,web-php
2416 | 2566,web-php
2417 | 2567,web-cgi
2418 | 2568,web-cgi
2419 | 2569,web-misc
2420 | 2570,web-misc
2421 | 2571,web-iis
2422 | 2572,web-iis
2423 | 2573,web-iis
2424 | 2574,ftp
2425 | 2575,web-php
2426 | 2576,oracle
2427 | 2577,web-client
2428 | 2578,exploit
2429 | 2579,exploit
2430 | 2580,web-misc
2431 | 2581,web-misc
2432 | 2582,web-misc
2433 | 2583,misc
2434 | 2584,exploit
2435 | 2585,web-misc
2436 | 2586,p2p
2437 | 2587,p2p
2438 | 2588,web-php
2439 | 2589,web-client
2440 | 2590,smtp
2441 | 2591,smtp
2442 | 2592,smtp
2443 | 2593,smtp
2444 | 2594,smtp
2445 | 2595,smtp
2446 | 2596,smtp
2447 | 2597,web-misc
2448 | 2598,web-misc
2449 | 2599,oracle
2450 | 2600,oracle
2451 | 2601,oracle
2452 | 2602,oracle
2453 | 2603,oracle
2454 | 2604,oracle
2455 | 2605,oracle
2456 | 2606,oracle
2457 | 2607,oracle
2458 | 2608,oracle
2459 | 2609,oracle
2460 | 2610,oracle
2461 | 2611,oracle
2462 | 2612,oracle
2463 | 2613,oracle
2464 | 2614,oracle
2465 | 2615,oracle
2466 | 2616,oracle
2467 | 2617,oracle
2468 | 2618,oracle
2469 | 2619,oracle
2470 | 2620,oracle
2471 | 2621,oracle
2472 | 2622,oracle
2473 | 2623,oracle
2474 | 2624,oracle
2475 | 2625,oracle
2476 | 2626,oracle
2477 | 2627,oracle
2478 | 2628,oracle
2479 | 2629,oracle
2480 | 2630,oracle
2481 | 2631,oracle
2482 | 2632,oracle
2483 | 2633,oracle
2484 | 2634,oracle
2485 | 2635,oracle
2486 | 2636,oracle
2487 | 2637,oracle
2488 | 2638,oracle
2489 | 2639,oracle
2490 | 2640,oracle
2491 | 2641,oracle
2492 | 2642,oracle
2493 | 2643,oracle
2494 | 2644,oracle
2495 | 2645,oracle
2496 | 2646,oracle
2497 | 2647,oracle
2498 | 2648,oracle
2499 | 2649,oracle
2500 | 2650,oracle
2501 | 2651,oracle
2502 | 2652,oracle
2503 | 2653,oracle
2504 | 2654,web-php
2505 | 2655,misc
2506 | 2656,exploit
2507 | 2657,exploit
2508 | 2658,web-misc
2509 | 2659,web-misc
2510 | 2660,web-misc
2511 | 2661,web-misc
2512 | 2662,web-misc
2513 | 2663,web-cgi
2514 | 2664,imap
2515 | 2665,imap
2516 | 2666,pop3
2517 | 2667,web-iis
2518 | 2668,web-cgi
2519 | 2669,web-cgi
2520 | 2670,web-cgi
2521 | 2671,web-client
2522 | 2672,web-misc
2523 | 2673,web-client
2524 | 2674,oracle
2525 | 2675,oracle
2526 | 2676,oracle
2527 | 2677,oracle
2528 | 2678,oracle
2529 | 2679,oracle
2530 | 2680,oracle
2531 | 2681,oracle
2532 | 2682,oracle
2533 | 2683,oracle
2534 | 2684,oracle
2535 | 2685,oracle
2536 | 2686,oracle
2537 | 2687,oracle
2538 | 2688,oracle
2539 | 2689,oracle
2540 | 2690,oracle
2541 | 2691,oracle
2542 | 2692,oracle
2543 | 2693,oracle
2544 | 2694,oracle
2545 | 2695,oracle
2546 | 2696,oracle
2547 | 2697,oracle
2548 | 2698,oracle
2549 | 2699,oracle
2550 | 2700,oracle
2551 | 2701,web-misc
2552 | 2702,web-misc
2553 | 2703,web-misc
2554 | 2704,web-misc
2555 | 2705,web-client
2556 | 2706,web-client
2557 | 2707,web-client
2558 | 2708,oracle
2559 | 2709,oracle
2560 | 2710,oracle
2561 | 2711,oracle
2562 | 2712,oracle
2563 | 2713,oracle
2564 | 2714,oracle
2565 | 2715,oracle
2566 | 2716,oracle
2567 | 2717,oracle
2568 | 2718,oracle
2569 | 2719,oracle
2570 | 2720,oracle
2571 | 2721,oracle
2572 | 2722,oracle
2573 | 2723,oracle
2574 | 2724,oracle
2575 | 2725,oracle
2576 | 2726,oracle
2577 | 2727,oracle
2578 | 2728,oracle
2579 | 2729,oracle
2580 | 2730,oracle
2581 | 2731,oracle
2582 | 2732,oracle
2583 | 2733,oracle
2584 | 2734,oracle
2585 | 2735,oracle
2586 | 2736,oracle
2587 | 2737,oracle
2588 | 2738,oracle
2589 | 2739,oracle
2590 | 2740,oracle
2591 | 2741,oracle
2592 | 2742,oracle
2593 | 2743,oracle
2594 | 2744,oracle
2595 | 2745,oracle
2596 | 2746,oracle
2597 | 2747,oracle
2598 | 2748,oracle
2599 | 2749,oracle
2600 | 2750,oracle
2601 | 2751,oracle
2602 | 2752,oracle
2603 | 2753,oracle
2604 | 2754,oracle
2605 | 2755,oracle
2606 | 2756,oracle
2607 | 2757,oracle
2608 | 2758,oracle
2609 | 2759,oracle
2610 | 2760,oracle
2611 | 2761,oracle
2612 | 2762,oracle
2613 | 2763,oracle
2614 | 2764,oracle
2615 | 2765,oracle
2616 | 2766,oracle
2617 | 2767,oracle
2618 | 2768,oracle
2619 | 2769,oracle
2620 | 2770,oracle
2621 | 2771,oracle
2622 | 2772,oracle
2623 | 2773,oracle
2624 | 2774,oracle
2625 | 2775,oracle
2626 | 2776,oracle
2627 | 2777,oracle
2628 | 2778,oracle
2629 | 2779,oracle
2630 | 2780,oracle
2631 | 2781,oracle
2632 | 2782,oracle
2633 | 2783,oracle
2634 | 2784,oracle
2635 | 2785,oracle
2636 | 2786,oracle
2637 | 2787,oracle
2638 | 2788,oracle
2639 | 2789,oracle
2640 | 2790,oracle
2641 | 2791,oracle
2642 | 2792,oracle
2643 | 2793,oracle
2644 | 2794,oracle
2645 | 2795,oracle
2646 | 2796,oracle
2647 | 2797,oracle
2648 | 2798,oracle
2649 | 2799,oracle
2650 | 2800,oracle
2651 | 2801,oracle
2652 | 2802,oracle
2653 | 2803,oracle
2654 | 2804,oracle
2655 | 2805,oracle
2656 | 2806,oracle
2657 | 2807,oracle
2658 | 2808,oracle
2659 | 2809,oracle
2660 | 2810,oracle
2661 | 2811,oracle
2662 | 2812,oracle
2663 | 2813,oracle
2664 | 2814,oracle
2665 | 2815,oracle
2666 | 2816,oracle
2667 | 2817,oracle
2668 | 2818,oracle
2669 | 2819,oracle
2670 | 2820,oracle
2671 | 2821,oracle
2672 | 2822,oracle
2673 | 2823,oracle
2674 | 2824,oracle
2675 | 2825,oracle
2676 | 2826,oracle
2677 | 2827,oracle
2678 | 2828,oracle
2679 | 2829,oracle
2680 | 2830,oracle
2681 | 2831,oracle
2682 | 2832,oracle
2683 | 2833,oracle
2684 | 2834,oracle
2685 | 2835,oracle
2686 | 2836,oracle
2687 | 2837,oracle
2688 | 2838,oracle
2689 | 2839,oracle
2690 | 2840,oracle
2691 | 2841,oracle
2692 | 2842,oracle
2693 | 2843,oracle
2694 | 2844,oracle
2695 | 2845,oracle
2696 | 2846,oracle
2697 | 2847,oracle
2698 | 2848,oracle
2699 | 2849,oracle
2700 | 2850,oracle
2701 | 2851,oracle
2702 | 2852,oracle
2703 | 2853,oracle
2704 | 2854,oracle
2705 | 2855,oracle
2706 | 2856,oracle
2707 | 2857,oracle
2708 | 2858,oracle
2709 | 2859,oracle
2710 | 2860,oracle
2711 | 2861,oracle
2712 | 2862,oracle
2713 | 2863,oracle
2714 | 2864,oracle
2715 | 2865,oracle
2716 | 2866,oracle
2717 | 2867,oracle
2718 | 2868,oracle
2719 | 2869,oracle
2720 | 2870,oracle
2721 | 2871,oracle
2722 | 2872,oracle
2723 | 2873,oracle
2724 | 2874,oracle
2725 | 2875,oracle
2726 | 2876,oracle
2727 | 2877,oracle
2728 | 2878,oracle
2729 | 2879,oracle
2730 | 2880,oracle
2731 | 2881,oracle
2732 | 2882,oracle
2733 | 2883,oracle
2734 | 2884,oracle
2735 | 2885,oracle
2736 | 2886,oracle
2737 | 2887,oracle
2738 | 2888,oracle
2739 | 2889,oracle
2740 | 2890,oracle
2741 | 2891,oracle
2742 | 2892,oracle
2743 | 2893,oracle
2744 | 2894,oracle
2745 | 2895,oracle
2746 | 2896,oracle
2747 | 2897,oracle
2748 | 2898,oracle
2749 | 2899,oracle
2750 | 2900,oracle
2751 | 2901,oracle
2752 | 2902,oracle
2753 | 2903,oracle
2754 | 2904,oracle
2755 | 2905,oracle
2756 | 2906,oracle
2757 | 2907,oracle
2758 | 2908,oracle
2759 | 2909,oracle
2760 | 2910,oracle
2761 | 2911,oracle
2762 | 2912,oracle
2763 | 2913,oracle
2764 | 2914,oracle
2765 | 2915,oracle
2766 | 2916,oracle
2767 | 2917,oracle
2768 | 2918,oracle
2769 | 2919,oracle
2770 | 2921,dns
2771 | 2922,dns
2772 | 2923,netbios
2773 | 2924,netbios
2774 | 2925,info
2775 | 2926,web-php
2776 | 2927,nntp
2777 | 2928,netbios
2778 | 2929,netbios
2779 | 2930,netbios
2780 | 2931,netbios
2781 | 2932,netbios
2782 | 2933,netbios
2783 | 2934,netbios
2784 | 2935,netbios
2785 | 2936,netbios
2786 | 2937,netbios
2787 | 2938,netbios
2788 | 2939,netbios
2789 | 2940,netbios
2790 | 2941,netbios
2791 | 2942,netbios
2792 | 2943,netbios
2793 | 2944,netbios
2794 | 2945,netbios
2795 | 2946,netbios
2796 | 2947,netbios
2797 | 2948,netbios
2798 | 2949,netbios
2799 | 2950,netbios
2800 | 2951,netbios
2801 | 2952,netbios
2802 | 2953,netbios
2803 | 2954,netbios
2804 | 2955,netbios
2805 | 2956,netbios
2806 | 2957,netbios
2807 | 2958,netbios
2808 | 2959,netbios
2809 | 2960,netbios
2810 | 2961,netbios
2811 | 2962,netbios
2812 | 2963,netbios
2813 | 2964,netbios
2814 | 2965,netbios
2815 | 2966,netbios
2816 | 2967,netbios
2817 | 2968,netbios
2818 | 2969,netbios
2819 | 2970,netbios
2820 | 2971,netbios
2821 | 2972,netbios
2822 | 2973,netbios
2823 | 2974,netbios
2824 | 2975,netbios
2825 | 2976,netbios
2826 | 2977,netbios
2827 | 2978,netbios
2828 | 2979,netbios
2829 | 2980,netbios
2830 | 2981,netbios
2831 | 2982,netbios
2832 | 2983,netbios
2833 | 2984,netbios
2834 | 2985,netbios
2835 | 2986,netbios
2836 | 2987,netbios
2837 | 2988,netbios
2838 | 2989,netbios
2839 | 2990,netbios
2840 | 2991,netbios
2841 | 2992,netbios
2842 | 2993,netbios
2843 | 2994,netbios
2844 | 2995,netbios
2845 | 2996,netbios
2846 | 2997,netbios
2847 | 2998,netbios
2848 | 2999,netbios
2849 | 3000,netbios
2850 | 3001,netbios
2851 | 3002,netbios
2852 | 3003,netbios
2853 | 3004,netbios
2854 | 3005,netbios
2855 | 3006,exploit
2856 | 3007,imap
2857 | 3008,imap
2858 | 3009,backdoor
2859 | 3010,backdoor
2860 | 3011,backdoor
2861 | 3012,backdoor
2862 | 3013,backdoor
2863 | 3014,backdoor
2864 | 3015,backdoor
2865 | 3016,backdoor
2866 | 3017,exploit
2867 | 3018,netbios
2868 | 3019,netbios
2869 | 3020,netbios
2870 | 3021,netbios
2871 | 3022,netbios
2872 | 3023,netbios
2873 | 3024,netbios
2874 | 3025,netbios
2875 | 3026,netbios
2876 | 3027,netbios
2877 | 3028,netbios
2878 | 3029,netbios
2879 | 3030,netbios
2880 | 3031,netbios
2881 | 3032,netbios
2882 | 3033,netbios
2883 | 3034,netbios
2884 | 3035,netbios
2885 | 3036,netbios
2886 | 3037,netbios
2887 | 3038,netbios
2888 | 3039,netbios
2889 | 3040,netbios
2890 | 3041,netbios
2891 | 3042,netbios
2892 | 3043,netbios
2893 | 3044,netbios
2894 | 3045,netbios
2895 | 3046,netbios
2896 | 3047,netbios
2897 | 3048,netbios
2898 | 3049,netbios
2899 | 3050,netbios
2900 | 3051,netbios
2901 | 3052,netbios
2902 | 3053,netbios
2903 | 3054,netbios
2904 | 3055,netbios
2905 | 3056,netbios
2906 | 3057,netbios
2907 | 3058,imap
2908 | 3059,web-misc
2909 | 3060,web-misc
2910 | 3061,misc
2911 | 3062,web-cgi
2912 | 3063,backdoor
2913 | 3064,backdoor
2914 | 3065,imap
2915 | 3066,imap
2916 | 3067,imap
2917 | 3068,imap
2918 | 3069,imap
2919 | 3070,imap
2920 | 3071,imap
2921 | 3072,imap
2922 | 3073,imap
2923 | 3074,imap
2924 | 3075,imap
2925 | 3076,imap
2926 | 3077,ftp
2927 | 3078,nntp
2928 | 3079,web-client
2929 | 3080,misc
2930 | 3081,backdoor
2931 | 3082,backdoor
2932 | 3083,backdoor
2933 | 3084,exploit
2934 | 3085,exploit
2935 | 3086,web-misc
2936 | 3087,web-iis
2937 | 3088,web-client
2938 | 3089,dos
2939 | 3090,netbios
2940 | 3091,netbios
2941 | 3092,netbios
2942 | 3093,netbios
2943 | 3094,netbios
2944 | 3095,netbios
2945 | 3096,netbios
2946 | 3097,netbios
2947 | 3098,netbios
2948 | 3099,netbios
2949 | 3100,netbios
2950 | 3101,netbios
2951 | 3102,netbios
2952 | 3103,netbios
2953 | 3104,netbios
2954 | 3105,netbios
2955 | 3106,netbios
2956 | 3107,netbios
2957 | 3108,netbios
2958 | 3109,netbios
2959 | 3110,netbios
2960 | 3111,netbios
2961 | 3112,netbios
2962 | 3113,netbios
2963 | 3114,netbios
2964 | 3115,netbios
2965 | 3116,netbios
2966 | 3117,netbios
2967 | 3118,netbios
2968 | 3119,netbios
2969 | 3120,netbios
2970 | 3121,netbios
2971 | 3122,netbios
2972 | 3123,netbios
2973 | 3124,netbios
2974 | 3125,netbios
2975 | 3126,netbios
2976 | 3127,netbios
2977 | 3128,netbios
2978 | 3129,netbios
2979 | 3130,exploit
2980 | 3131,web-cgi
2981 | 3132,web-client
2982 | 3133,web-client
2983 | 3134,web-client
2984 | 3135,netbios
2985 | 3136,netbios
2986 | 3137,netbios
2987 | 3138,netbios
2988 | 3139,netbios
2989 | 3140,netbios
2990 | 3141,netbios
2991 | 3142,netbios
2992 | 3143,netbios
2993 | 3144,netbios
2994 | 3145,netbios
2995 | 3146,netbios
2996 | 3147,telnet
2997 | 3148,web-client
2998 | 3149,web-client
2999 | 3150,web-iis
3000 | 3151,finger
3001 | 3152,sql
3002 | 3153,dns
3003 | 3154,dns
3004 | 3155,backdoor
3005 | 3156,netbios
3006 | 3157,netbios
3007 | 3158,netbios
3008 | 3159,netbios
3009 | 3160,netbios
3010 | 3161,netbios
3011 | 3162,netbios
3012 | 3163,netbios
3013 | 3164,netbios
3014 | 3165,netbios
3015 | 3166,netbios
3016 | 3167,netbios
3017 | 3168,netbios
3018 | 3169,netbios
3019 | 3170,netbios
3020 | 3171,netbios
3021 | 3172,netbios
3022 | 3173,netbios
3023 | 3174,netbios
3024 | 3175,netbios
3025 | 3176,netbios
3026 | 3177,netbios
3027 | 3178,netbios
3028 | 3179,netbios
3029 | 3180,netbios
3030 | 3181,netbios
3031 | 3182,netbios
3032 | 3183,netbios
3033 | 3184,netbios
3034 | 3185,netbios
3035 | 3186,netbios
3036 | 3187,netbios
3037 | 3188,netbios
3038 | 3189,netbios
3039 | 3190,netbios
3040 | 3191,netbios
3041 | 3192,web-client
3042 | 3193,web-iis
3043 | 3194,web-iis
3044 | 3195,netbios
3045 | 3196,netbios
3046 | 3197,netbios
3047 | 3198,netbios
3048 | 3199,exploit
3049 | 3200,exploit
3050 | 3201,web-iis
3051 | 3202,netbios
3052 | 3203,netbios
3053 | 3204,netbios
3054 | 3205,netbios
3055 | 3206,netbios
3056 | 3207,netbios
3057 | 3208,netbios
3058 | 3209,netbios
3059 | 3210,netbios
3060 | 3211,netbios
3061 | 3212,netbios
3062 | 3213,netbios
3063 | 3214,netbios
3064 | 3215,netbios
3065 | 3216,netbios
3066 | 3217,netbios
3067 | 3218,netbios
3068 | 3219,netbios
3069 | 3220,netbios
3070 | 3221,netbios
3071 | 3222,netbios
3072 | 3223,netbios
3073 | 3224,netbios
3074 | 3225,netbios
3075 | 3226,netbios
3076 | 3227,netbios
3077 | 3228,netbios
3078 | 3229,netbios
3079 | 3230,netbios
3080 | 3231,netbios
3081 | 3232,netbios
3082 | 3233,netbios
3083 | 3234,netbios
3084 | 3235,netbios
3085 | 3236,netbios
3086 | 3237,netbios
3087 | 3238,netbios
3088 | 3239,netbios
3089 | 3240,netbios
3090 | 3241,netbios
3091 | 3242,netbios
3092 | 3243,netbios
3093 | 3244,netbios
3094 | 3245,netbios
3095 | 3246,netbios
3096 | 3247,netbios
3097 | 3248,netbios
3098 | 3249,netbios
3099 | 3250,netbios
3100 | 3251,netbios
3101 | 3252,netbios
3102 | 3253,netbios
3103 | 3254,netbios
3104 | 3255,netbios
3105 | 3256,netbios
3106 | 3257,netbios
3107 | 3258,netbios
3108 | 3259,netbios
3109 | 3260,netbios
3110 | 3261,netbios
3111 | 3262,netbios
3112 | 3263,netbios
3113 | 3264,netbios
3114 | 3265,netbios
3115 | 3266,netbios
3116 | 3267,netbios
3117 | 3268,netbios
3118 | 3269,netbios
3119 | 3270,netbios
3120 | 3271,netbios
3121 | 3272,backdoor
3122 | 3273,sql
3123 | 3274,telnet
3124 | 3275,netbios
3125 | 3276,netbios
3126 | 3377,netbios
3127 | 3378,netbios
3128 | 3379,netbios
3129 | 3380,netbios
3130 | 3381,netbios
3131 | 3382,netbios
3132 | 3383,netbios
3133 | 3384,netbios
3134 | 3385,netbios
3135 | 3386,netbios
3136 | 3387,netbios
3137 | 3388,netbios
3138 | 3389,netbios
3139 | 3390,netbios
3140 | 3391,netbios
3141 | 3392,netbios
3142 | 3393,netbios
3143 | 3394,netbios
3144 | 3395,netbios
3145 | 3396,netbios
3146 | 3397,netbios
3147 | 3398,netbios
3148 | 3399,netbios
3149 | 3400,netbios
3150 | 3401,netbios
3151 | 3402,netbios
3152 | 3403,netbios
3153 | 3404,netbios
3154 | 3405,netbios
3155 | 3406,netbios
3156 | 3407,netbios
3157 | 3408,netbios
3158 | 3409,netbios
3159 | 3410,netbios
3160 | 3411,netbios
3161 | 3412,netbios
3162 | 3413,netbios
3163 | 3414,netbios
3164 | 3415,netbios
3165 | 3416,netbios
3166 | 3417,netbios
3167 | 3418,netbios
3168 | 3419,netbios
3169 | 3420,netbios
3170 | 3421,netbios
3171 | 3422,netbios
3172 | 3423,netbios
3173 | 3424,netbios
3174 | 3425,netbios
3175 | 3426,netbios
3176 | 3427,netbios
3177 | 3428,netbios
3178 | 3429,netbios
3179 | 3430,netbios
3180 | 3431,netbios
3181 | 3432,netbios
3182 | 3433,netbios
3183 | 3434,netbios
3184 | 3435,netbios
3185 | 3436,netbios
3186 | 3437,netbios
3187 | 3438,netbios
3188 | 3439,netbios
3189 | 3440,netbios
3190 | 3442,dos
3191 | 3443,sql
3192 | 3444,sql
3193 | 3445,sql
3194 | 3446,sql
3195 | 3447,sql
3196 | 3448,sql
3197 | 3449,sql
3198 | 3450,sql
3199 | 3451,sql
3200 | 3452,sql
3201 | 3453,misc
3202 | 3454,misc
3203 | 3455,exploit
3204 | 3456,mysql
3205 | 3457,exploit
3206 | 3458,exploit
3207 |
--------------------------------------------------------------------------------
/config/snortalarm.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chrislee35/visualfirewall/eceb9fc296a80a78bc5e6c4bef542af6681b9a7d/config/snortalarm.dat
--------------------------------------------------------------------------------
/iptables.saved:
--------------------------------------------------------------------------------
1 | *filter
2 | :INPUT ACCEPT [0:0]
3 | :FORWARD ACCEPT [0:0]
4 | :LOGDROP - [0:0]
5 | -A LOGDROP -j LOG --log-prefix "DROP " --log-level debug --log-tcp-options --log-ip-options
6 | -A LOGDROP -j DROP
7 | :LOGACCEPT - [0:0]
8 | -A LOGACCEPT -j LOG --log-prefix "ACCEPT " --log-level debug --log-tcp-options --log-ip-options
9 | -A LOGACCEPT -j ACCEPT
10 | :LOGOUT - [0:0]
11 | -A LOGOUT -j LOG --log-prefix "ACCEPT " --log-level debug --log-tcp-options --log-ip-options
12 | -A LOGOUT -j ACCEPT
13 | :OUTPUT - [0:0]
14 | -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
15 | -A OUTPUT -j LOGOUT
16 | :RH-Firewall-1-INPUT - [0:0]
17 | -A INPUT -j RH-Firewall-1-INPUT
18 | -A FORWARD -j RH-Firewall-1-INPUT
19 | -A RH-Firewall-1-INPUT -d 127.0.0.0/255.0.0.0 -i ! lo -p tcp -j DROP
20 | -A RH-Firewall-1-INPUT -d 255.255.255.255 -j DROP
21 |
22 | -A RH-Firewall-1-INPUT -i lo -j ACCEPT
23 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 0 -j LOGACCEPT
24 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 3 -j LOGACCEPT
25 | -A RH-Firewall-1-INPUT -p icmp --icmp-type 11 -j LOGACCEPT
26 | -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 137:139 -j DROP
27 | -A RH-Firewall-1-INPUT -p udp -m udp --dport 137:139 -j DROP
28 | -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
29 | -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
30 | -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
31 | -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j LOGACCEPT
32 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport ssh -j LOGACCEPT
33 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport http -j LOGACCEPT
34 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport https -j LOGACCEPT
35 | -A RH-Firewall-1-INPUT -j LOGDROP
36 | COMMIT
37 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/VisualFirewall.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall;
8 |
9 | import edu.gatech.csc.visualfirewall.view.*;
10 |
11 | import java.awt.*;
12 | import java.awt.event.ActionEvent;
13 | import java.awt.event.ActionListener;
14 | import java.io.File;
15 | import java.net.InetAddress;
16 | import java.net.NetworkInterface;
17 | import java.util.Enumeration;
18 | import java.util.Properties;
19 | import java.util.Vector;
20 |
21 | import javax.swing.JFrame;
22 | import javax.swing.JPanel;
23 | import javax.swing.JSplitPane;
24 |
25 | import com.sun.opengl.util.Animator;
26 | import javax.media.opengl.GLAutoDrawable;
27 | import edu.gatech.csc.visualfirewall.datasource.*;
28 |
29 | /**
30 | * @author chris Mar 31, 2005 VisualFirewall
31 | */
32 | public class VisualFirewall extends JFrame implements ActionListener {
33 | public JSplitPane jSplitPane;
34 |
35 | public JPanel mainJPanel;
36 |
37 | public JPanel sideJPanel;
38 |
39 | public static final Rectangle INITIAL_VIEW_RECTANGLE = new Rectangle(0, 0,
40 | 3000, 3000);
41 |
42 | public static boolean needBounds = true;
43 |
44 | public static final int NUMVIEWS = 4;
45 |
46 | public static String localIPAddr;
47 | public static InetAddress localInetAddress = null;
48 |
49 | public AbstractView[] views = new AbstractView[NUMVIEWS];
50 |
51 | public int[] perm = new int[NUMVIEWS];
52 |
53 | public Component[] canvases = new Component[NUMVIEWS];
54 |
55 | public Rectangle[] bounds = new Rectangle[NUMVIEWS];
56 |
57 | public int mainviewindex = 0;
58 |
59 | public FirewallLog ipTablesLog;
60 | public SnortLog snortLog;
61 |
62 | private static final int PONG = 2;
63 | private static final int VISUAL_SIGNATURE = 1;
64 | private static final int STATISTICS = 3;
65 | private static final int IDS = 0;
66 |
67 | public Component visualSignature;
68 | public Component pong;
69 | public Component ids;
70 | public Component statistics;
71 |
72 | public static Color BG_COLOR = new Color(0.1f, 0.1f, 0.1f);
73 | public static Color FG_COLOR = new Color(0.9f, 0.9f, 0.9f);
74 |
75 | public static Properties props;
76 |
77 | public VisualFirewall() {
78 | super("Visual Firewall Alpha");
79 |
80 | setDefaultCloseOperation(javax.swing.WindowConstants.EXIT_ON_CLOSE);
81 |
82 | try
83 | {
84 | localIPAddr = getHostIP();
85 |
86 | if( props.getProperty("VisualFirewall.fakeip").equals("true"))
87 | localIPAddr = props.getProperty("VisualFirewall.fakeipaddr");
88 | localInetAddress = InetAddress.getByName(localIPAddr);
89 | }
90 | catch(Exception e)
91 | {
92 | if(localIPAddr == null)
93 | {
94 | e.printStackTrace();
95 | System.out.println("Error: Could not determine the host's IP. Exiting...");
96 | System.exit(1);
97 | }
98 | }
99 |
100 | System.out.println("Local IP = "+localIPAddr);
101 |
102 | mainJPanel = new JPanel();
103 | mainJPanel.setLayout(new BorderLayout());
104 |
105 | sideJPanel = new JPanel();
106 | sideJPanel.setLayout(new GridLayout(NUMVIEWS - 1, 1));
107 |
108 | jSplitPane = new JSplitPane();
109 | jSplitPane.setDividerLocation(607);
110 | jSplitPane.setLeftComponent(mainJPanel);
111 | jSplitPane.setRightComponent(sideJPanel);
112 | getContentPane().add(jSplitPane, BorderLayout.CENTER);
113 |
114 | int i = 0;
115 | views[PONG] = new PongView(INITIAL_VIEW_RECTANGLE);
116 | pong = views[PONG].getCanvas();
117 |
118 | views[VISUAL_SIGNATURE] = new VisualSignatureView(INITIAL_VIEW_RECTANGLE);
119 | visualSignature = views[VISUAL_SIGNATURE].getCanvas();
120 |
121 | views[STATISTICS] = new StatisticsView(INITIAL_VIEW_RECTANGLE);
122 | statistics = views[STATISTICS].getCanvas();
123 |
124 | views[IDS] = new IDSAlarmView(INITIAL_VIEW_RECTANGLE);
125 | ids = views[IDS].getCanvas();
126 |
127 | views[0].isMaximized = true;
128 |
129 | for (i = 0; i < NUMVIEWS; ++i) {
130 | perm[i] = i;
131 | canvases[i] = views[i].getCanvas();
132 | canvases[i].addMouseListener(new VFW_MouseListener(this));
133 |
134 | if (i == 0)
135 | mainJPanel.add(canvases[i], BorderLayout.CENTER);
136 | else
137 | sideJPanel.add(canvases[i]);
138 | }
139 |
140 |
141 | ((StatisticsView)views[STATISTICS]).addMouseListener(new VFW_MouseListener(this));
142 | //((IDSAlarmView)views[IDS]).addMouseListener(new VFW_MouseListener(this));
143 |
144 | pack();
145 |
146 | // set up the Data Gathering/Parsing agents
147 | //ipTablesLog = new IPTablesLog();
148 | if ( props.getProperty("VisualFirewall.ipfw").equals("true") )
149 | ipTablesLog = new IPFWLog(new File( props.getProperty("VisualFirewall.iptableslog" ) ) );
150 | else
151 | ipTablesLog = new IPTablesLog(new File( props.getProperty("VisualFirewall.iptableslog" ) ));
152 |
153 | ipTablesLog.addIPTableResultListener( views[STATISTICS]); //stats view
154 | ipTablesLog.addIPTableResultListener( views[VISUAL_SIGNATURE]); // VisSig view
155 | ipTablesLog.addIPTableResultListener( views[PONG]); // Pong view
156 |
157 | snortLog = new SnortLog(new File(props.getProperty("VisualFirewall.snortlog" )));
158 | //snortLog.addSnortAlarmListener( views[STATISTICS]); //stats view
159 | snortLog.addSnortAlarmListener( views[IDS]); // IDS Alarm view
160 |
161 | this.addWindowListener(new VFW_WindowListener(this));
162 |
163 | javax.swing.Timer timer = new javax.swing.Timer(1000, this);
164 | timer.start();
165 | }
166 |
167 | public void actionPerformed(ActionEvent e)
168 | {
169 | jSplitPane.setDividerLocation(jSplitPane.getDividerLocation());
170 | jSplitPane.updateUI();
171 | }
172 |
173 | public static String getHostIP() throws Exception
174 | {
175 | String ip = props.getProperty("VisualFirewall.ipaddress");
176 | if(ip != null)
177 | return ip;
178 |
179 | String netwInterface = props.getProperty("VisualFirewall.networkinterface");
180 |
181 | // This "try" block determines the IP address of localhost (not 127.0.0.1).
182 | try{
183 | //boolean found = false;
184 | Enumeration netInterfaces;
185 |
186 | if(netwInterface != null)
187 | {
188 | Vector v = new Vector();
189 | v.add(NetworkInterface.getByName(netwInterface));
190 | netInterfaces = v.elements();
191 | }
192 | else
193 | {
194 | netInterfaces = NetworkInterface.getNetworkInterfaces();
195 | }
196 |
197 | while(netInterfaces.hasMoreElements())
198 | {
199 | NetworkInterface ni = (NetworkInterface)netInterfaces.nextElement();
200 | Enumeration ipAddrs = ni.getInetAddresses();
201 |
202 | while(ipAddrs.hasMoreElements())
203 | {
204 | InetAddress i = (InetAddress) ipAddrs.nextElement();
205 | ip = i.getHostAddress();
206 |
207 | if(ip.matches("\\d+\\.\\d+\\.\\d+\\.\\d+") && !ip.equals("127.0.0.1"))
208 | {
209 | return ip;
210 | }
211 | }
212 | }
213 |
214 | }catch(Exception e)
215 | {
216 | throw e;
217 | }
218 |
219 | return ip;
220 | }
221 |
222 | public void centerWindow(Component frame) {
223 | Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
224 | Dimension frameSize = frame.getSize();
225 |
226 | if (frameSize.width > screenSize.width)
227 | frameSize.width = screenSize.width;
228 |
229 | if (frameSize.height > screenSize.height)
230 | frameSize.height = screenSize.height;
231 |
232 | //frame.setLocation((screenSize.width - frameSize.width) >> 1,
233 | // (screenSize.height - frameSize.height) >> 1);
234 |
235 | // This is just for Jason's Machine
236 | frame.setLocation((screenSize.width - frameSize.width) >> 1,
237 | ((screenSize.height - frameSize.height) >> 1) - 100);
238 | }
239 |
240 | public static void main(String[] args) {
241 |
242 |
243 | props = new java.util.Properties();
244 | try {
245 | java.io.File propfile = new java.io.File( "VisualFirewall.properties" );
246 | if ( propfile.exists() )
247 | props.load( new java.io.FileInputStream( propfile ) );
248 | else {
249 | System.err.println("Properties file not found.");
250 | System.exit(-1);
251 | }
252 |
253 | } catch ( Exception e ) {
254 | e.printStackTrace();
255 | System.exit( -1 );
256 | }
257 |
258 |
259 | VisualFirewall visFW = new VisualFirewall();
260 | visFW.setSize(850, 728);
261 | visFW.centerWindow(visFW);
262 | visFW.setResizable(false);
263 | visFW.setVisible(true);
264 |
265 | try
266 | {
267 | Thread.sleep(2000);
268 | }
269 | catch (InterruptedException ie) {}
270 |
271 |
272 | Animator animator1 = new Animator((GLAutoDrawable)visFW.views[VISUAL_SIGNATURE].getGLCanvas() );
273 | animator1.start();
274 |
275 | Animator animator2 = new Animator((GLAutoDrawable)visFW.views[PONG].getGLCanvas() );
276 | animator2.start();
277 |
278 | Animator animator3 = new Animator((GLAutoDrawable)visFW.views[IDS].getGLCanvas() );
279 | animator3.start();
280 |
281 | new Thread(visFW.snortLog).start();
282 | new Thread(visFW.ipTablesLog).start();
283 | }
284 | }
285 |
286 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/VisualFirewall.properties:
--------------------------------------------------------------------------------
1 | # This is a properties file for Visual Firewall Personal Edition
2 | VisualFirewall.snortlog = logs/snort.txt
3 | VisualFirewall.iptableslog = /var/log/iptpipe
4 | VisualFirewall.ipfw = false
5 | VisualFirewall.bgcolor = [0.1f, 0.1f, 0.1f]
6 | VisualFirewall.fgcolor = [0.9f, 0.9f, 0.9f]
7 | VisualFirewall.primaryview = Pong
8 | VisualFirewall.fakeip = false
9 | VisualFirewall.fakeipaddr = 199.77.146.119
10 | VisualFirewall.networkinterface = eth0
11 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/AbstractPacket.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | /**
10 | * @author chris
11 | * Mar 30, 2005
12 | * AbstractPayload
13 | */
14 | public abstract class AbstractPacket {
15 | public int length;
16 | public AbstractPacket pdu;
17 | }
18 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/ICMPPacket.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | /**
10 | * @author chris
11 | * Mar 30, 2005
12 | * ICMPPacket
13 | */
14 | public class ICMPPacket extends AbstractPacket {
15 | public short type;
16 | public short code;
17 | public ICMPPacket ( short type, short code, int length ) {
18 | this.type = type;
19 | this.code = code;
20 | this.length = length;
21 | }
22 | public String toString() {
23 | return( "ICMP [ TYPE="+type+" CODE="+code+" LEN="+length+" ] "+pdu );
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/IDSAlarmViewDataSeries.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 20, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | import java.util.ArrayList;
10 | import java.util.HashMap;
11 | import java.util.List;
12 |
13 | /**
14 | * @author trost
15 | *
16 | * TODO To change the template for this generated type comment go to
17 | * Window - Preferences - Java - Code Style - Code Templates
18 | */
19 | public class IDSAlarmViewDataSeries {
20 |
21 | public List xTime = new ArrayList();
22 | public List yAttackerIP = new ArrayList();
23 | public List zCount = new ArrayList();
24 | String name;
25 |
26 | HashMap attackersToAlarms = new HashMap();
27 |
28 | /**
29 | *
30 | */
31 | public IDSAlarmViewDataSeries() {
32 | super();
33 | // TODO Auto-generated constructor stub
34 | }
35 |
36 | public IDSAlarmViewDataSeries(String name) {
37 | super();
38 |
39 | this.name = name;
40 | }
41 |
42 | /**
43 | * @return Returns the name.
44 | */
45 | public String getName() {
46 | return name;
47 | }
48 | /**
49 | * @param name The name to set.
50 | */
51 | public void setName(String name) {
52 | this.name = name;
53 | }
54 |
55 | public void addItem(Number x, Number y, Number z)
56 | {
57 | xTime.add(x);
58 | yAttackerIP.add(y);
59 | zCount.add(z);
60 | }
61 |
62 | public Number getXItem(int item)
63 | {
64 | if(item < xTime.size())
65 | return (Number)xTime.get(item);
66 | else
67 | return null;
68 | }
69 |
70 | public Number getYItem(int item)
71 | {
72 | if(item < yAttackerIP.size())
73 | return (Number)yAttackerIP.get(item);
74 | else
75 | return null;
76 | }
77 |
78 | public Number getZItem(int item)
79 | {
80 | if(item < zCount.size())
81 | return (Number)zCount.get(item);
82 | else
83 | return null;
84 | }
85 | }
86 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/IDSAlarmViewDatasource.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 20, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | import java.util.ArrayList;
10 | import java.util.HashMap;
11 | import java.util.List;
12 |
13 | import org.jfree.data.xy.AbstractXYZDataset;
14 | import org.jfree.data.xy.XYZDataset;
15 |
16 | /**
17 | * @author trost
18 | *
19 | * TODO To change the template for this generated type comment go to
20 | * Window - Preferences - Java - Code Style - Code Templates
21 | */
22 | public class IDSAlarmViewDatasource extends AbstractXYZDataset implements XYZDataset
23 | {
24 | public static final int NUM_SERIES = 5;
25 |
26 | public IDSAlarmViewDataSeries[] series = new IDSAlarmViewDataSeries[NUM_SERIES];
27 |
28 | //////////////////////////////////////
29 | public final int NUM_PRIORITIES = 5;
30 | List seriesList = new ArrayList(NUM_PRIORITIES);
31 |
32 | HashMap attackerToDouble = new HashMap();
33 | HashMap doubleToAttacker = new HashMap();
34 | double currentAttackerIndex = 0.0;
35 |
36 | public final int NUM_HOURS = 24;
37 |
38 | //////////////////////////////////////
39 |
40 | /**
41 | *
42 | */
43 | public IDSAlarmViewDatasource() {
44 | super();
45 |
46 | for(int i = 0; i < 5; ++i)
47 | {
48 | series[i] = new IDSAlarmViewDataSeries();
49 | }
50 |
51 | for(int i = 0; i < NUM_PRIORITIES; ++i)
52 | {
53 | ArrayList hourList = new ArrayList(NUM_HOURS);
54 |
55 | for(int x = 0; x < NUM_HOURS; ++x)
56 | {
57 | HashMap attackersToAlerts = new HashMap();
58 | hourList.add(x, attackersToAlerts);
59 | }
60 |
61 | seriesList.add(i, hourList);
62 | }
63 | }
64 |
65 | /* (non-Javadoc)
66 | * @see org.jfree.data.general.SeriesDataset#getSeriesCount()
67 | */
68 | public int getSeriesCount() {
69 |
70 | //return series.length;
71 |
72 | return seriesList.size();
73 | }
74 |
75 | /* (non-Javadoc)
76 | * @see org.jfree.data.general.SeriesDataset#getSeriesName(int)
77 | */
78 |
79 | public String getSeriesName(int s)
80 | {
81 | /*
82 | if(s < this.series.length)
83 | return this.series[s].getName();
84 | else
85 | return null;
86 | */
87 |
88 | if(s < seriesList.size() )
89 | return "Priority "+s;
90 | else
91 | return null;
92 |
93 |
94 | }
95 |
96 | /* (non-Javadoc)
97 | * @see org.jfree.data.xy.XYZDataset#getZ(int, int)
98 | */
99 | public Number getZ(int s, int item) {
100 |
101 |
102 | if(s < series.length)
103 | {
104 | if(item < series[s].zCount.size() )
105 | return (Number)series[s].zCount.get(item);
106 | }
107 |
108 | return null;
109 | }
110 |
111 | /* (non-Javadoc)
112 | * @see org.jfree.data.xy.XYDataset#getItemCount(int)
113 | */
114 | public int getItemCount(int s) {
115 |
116 | if(s < series.length)
117 | {
118 | return series[s].zCount.size();
119 | }
120 |
121 | return 0;
122 | }
123 |
124 | /* (non-Javadoc)
125 | * @see org.jfree.data.xy.XYDataset#getX(int, int)
126 | */
127 | public Number getX(int s, int item)
128 | {
129 |
130 | if(s < series.length)
131 | {
132 | if(item < series[s].xTime.size() )
133 | return (Number)series[s].xTime.get(item);
134 | }
135 |
136 | return null;
137 | }
138 |
139 | /* (non-Javadoc)
140 | * @see org.jfree.data.xy.XYDataset#getY(int, int)
141 | */
142 | public Number getY(int s, int item)
143 | {
144 |
145 | if(s < series.length)
146 | {
147 | if(item < series[s].yAttackerIP.size() )
148 | return (Number)series[s].yAttackerIP.get(item);
149 | }
150 |
151 | return null;
152 | }
153 |
154 | public Comparable getSeriesKey(int s) throws IndexOutOfBoundsException
155 | {
156 | if(s < series.length)
157 | {
158 | return new Double(1.0);
159 | }
160 | throw new IndexOutOfBoundsException();
161 | }
162 |
163 | public void addSnortAlarm(SnortAlarm alarm)
164 | {
165 | ArrayList hourList = (ArrayList)seriesList.get(alarm.priority);
166 |
167 | int hour = alarm.timestamp.getHours() % 24;
168 | int minute = alarm.timestamp.getMinutes();
169 |
170 | double time = hour + ((double)minute)/60.0;
171 |
172 | HashMap attackerToAlarm = (HashMap) hourList.get(hour);
173 | Double attacker;
174 |
175 | if(null == attackerToAlarm.get(alarm.dstip))
176 | {
177 | if(!attackerToDouble.containsKey(alarm.dstip))
178 | {
179 | attackerToDouble.put(alarm.dstip, new Double(++currentAttackerIndex));
180 | }
181 | else
182 | {
183 | attacker = (Double)attackerToDouble.get(alarm.dstip);
184 |
185 | }
186 |
187 |
188 |
189 | HashMap snortAlarmToFrequency = new HashMap();
190 | String tmp = alarm.desc +":" + alarm.protocol;
191 | snortAlarmToFrequency.put(tmp, new Integer(1));
192 | attackerToAlarm.put(alarm.dstip, snortAlarmToFrequency);
193 | }
194 | else
195 | {
196 | HashMap snortAlarmToFrequency = (HashMap)attackerToAlarm.get(alarm.dstip);
197 | String tmp = alarm.desc +":" + alarm.protocol;
198 | Integer freq = (Integer) snortAlarmToFrequency.get(tmp);
199 |
200 | if(freq == null)
201 | {
202 | freq = new Integer(1);
203 | snortAlarmToFrequency.put(tmp, freq);
204 | }
205 | else
206 | {
207 | int freqInt = freq.intValue();
208 | freq = new Integer(++freqInt);
209 | snortAlarmToFrequency.put(tmp, freq);
210 | }
211 | }
212 |
213 | }
214 |
215 | }
216 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/IPPacket.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | import java.net.InetAddress;
10 |
11 | /**
12 | * @author chris
13 | * Mar 30, 2005
14 | * Packet
15 | */
16 | public class IPPacket extends AbstractPacket {
17 | public InetAddress srcip;
18 | public InetAddress dstip;
19 |
20 | public IPPacket( InetAddress srcip, InetAddress dstip, AbstractPacket pdu, int length ) {
21 | this.srcip = srcip;
22 | this.dstip = dstip;
23 | this.pdu = pdu;
24 | this.length = length;
25 | }
26 |
27 | public String toString() {
28 | return( "IP [ SRC="+srcip+" DST="+dstip+" LEN="+length+" ] "+pdu );
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/IPTableResult.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | import java.util.Date;
10 |
11 | /**
12 | * @author chris
13 | * Mar 30, 2005
14 | * IPTableResult
15 | */
16 | public class IPTableResult {
17 | public Date timestamp;
18 | public boolean accepted;
19 | public IPPacket packet;
20 |
21 | public IPTableResult( Date timestamp, boolean accepted, IPPacket packet ) {
22 | this.timestamp = timestamp;
23 | this.accepted = accepted;
24 | this.packet = packet;
25 | }
26 |
27 | public String toString() {
28 | return(timestamp+" "+((accepted)?"ACCEPT ":"DENY ") + packet );
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/SnortAlarm.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | import java.net.InetAddress;
10 | import java.util.Date;
11 |
12 | /**
13 | * @author chris
14 | * Mar 30, 2005
15 | * SnortAlarm
16 | */
17 | public class SnortAlarm {
18 | public Date timestamp;
19 | public short[] type;
20 | public String desc;
21 | public InetAddress srcip;
22 | public InetAddress dstip;
23 | public byte priority;
24 | public String protocol;
25 | public int spt;
26 | public int dpt;
27 |
28 | public SnortAlarm ( Date timestamp, short[] type, String desc, byte priority, InetAddress srcip, InetAddress dstip,
29 | String protocol, int spt, int dpt ) {
30 | this.timestamp = timestamp;
31 | this.type = type;
32 | this.desc = desc;
33 | this.srcip = srcip;
34 | this.dstip = dstip;
35 | this.priority = priority;
36 | this.protocol = protocol;
37 | this.spt = spt;
38 | this.dpt = dpt;
39 | }
40 |
41 | public String toString() {
42 | if ( spt < 0 )
43 | return( timestamp+" ["+type[0]+":"+type[1]+":"+type[2]+"] "+desc+" [Priority: "+priority+"] {"+protocol+"} "
44 | +srcip+" -> "+dstip );
45 | else
46 | return( timestamp+" ["+type[0]+":"+type[1]+":"+type[2]+"] "+desc+" [Priority: "+priority+"] {"+protocol+"} "
47 | +srcip+":"+spt+" -> "+dstip+":"+dpt );
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/TCPPacket.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | /**
10 | * @author chris
11 | * Mar 30, 2005
12 | * TCPPacket
13 | */
14 | public class TCPPacket extends AbstractPacket {
15 | public int srcport;
16 | public int dstport;
17 | public int flags;
18 | public TCPPacket ( int srcport, int dstport, int flags, int length ) {
19 | this.srcport = srcport;
20 | this.dstport = dstport;
21 | this.flags = flags;
22 | this.length = length;
23 | }
24 | public String toString() {
25 | return( "TCP [ SPT="+srcport+" DPT="+dstport+" LEN="+length+" ] "+pdu );
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/UDPPacket.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data;
8 |
9 | /**
10 | * @author chris
11 | * Mar 30, 2005
12 | * UDPPacket
13 | */
14 | public class UDPPacket extends AbstractPacket {
15 | public int srcport;
16 | public int dstport;
17 | public UDPPacket ( int srcport, int dstport, int length ) {
18 | this.srcport = srcport;
19 | this.dstport = dstport;
20 | this.length = length;
21 | }
22 | public String toString() {
23 | return( "UDP [ SPT="+srcport+" DPT="+dstport+" LEN="+length+" ] "+pdu );
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/listener/AbstractPacketListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 1, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data.listener;
8 |
9 | import java.util.EventListener;
10 |
11 | import edu.gatech.csc.visualfirewall.data.AbstractPacket;
12 |
13 | /**
14 | * @author chris
15 | * Apr 1, 2005
16 | * AbstractPacketListener
17 | */
18 | public interface AbstractPacketListener extends EventListener {
19 | public void dispatchPacket( AbstractPacket packet );
20 | }
21 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/listener/IPTableResultListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 1, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data.listener;
8 |
9 | import java.util.EventListener;
10 |
11 | import edu.gatech.csc.visualfirewall.data.IPTableResult;
12 |
13 | /**
14 | * @author chris
15 | * Apr 1, 2005
16 | * IPTableResultListener
17 | */
18 | public interface IPTableResultListener extends EventListener {
19 | public void dispatchResult( IPTableResult result );
20 | }
21 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/data/listener/SnortAlarmListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 1, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.data.listener;
8 |
9 | import java.util.EventListener;
10 |
11 | import edu.gatech.csc.visualfirewall.data.SnortAlarm;
12 |
13 | /**
14 | * @author chris
15 | * Apr 1, 2005
16 | * SnortAlarmListener
17 | */
18 | public interface SnortAlarmListener extends EventListener {
19 | public void dispatchAlarm( SnortAlarm alarm );
20 | }
21 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/AbstractDataSource.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import java.io.File;
10 | /**
11 | * @author chris
12 | * Mar 30, 2005
13 | * AbstractDataSource
14 | */
15 | public abstract class AbstractDataSource implements Runnable {
16 | File input;
17 | public Class produces;
18 |
19 | }
20 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/FirewallLog.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 22, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import edu.gatech.csc.visualfirewall.data.listener.IPTableResultListener;
10 |
11 | /**
12 | * @author chris
13 | * Apr 22, 2005
14 | * FirewallLog
15 | */
16 | public abstract class FirewallLog extends AbstractDataSource {
17 | public abstract void addIPTableResultListener( IPTableResultListener listener );
18 | }
19 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/IPFWLog.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 22, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import java.io.BufferedReader;
10 | import java.io.File;
11 | import java.io.FileReader;
12 | import java.net.InetAddress;
13 | import java.text.SimpleDateFormat;
14 | import java.util.Date;
15 | import java.util.regex.Matcher;
16 | import java.util.regex.Pattern;
17 |
18 | import javax.swing.event.EventListenerList;
19 |
20 | import edu.gatech.csc.visualfirewall.data.ICMPPacket;
21 | import edu.gatech.csc.visualfirewall.data.IPPacket;
22 | import edu.gatech.csc.visualfirewall.data.IPTableResult;
23 | import edu.gatech.csc.visualfirewall.data.TCPPacket;
24 | import edu.gatech.csc.visualfirewall.data.UDPPacket;
25 | import edu.gatech.csc.visualfirewall.data.listener.IPTableResultListener;
26 |
27 | /**
28 | * @author chris
29 | * Apr 22, 2005
30 | * IPFWLog
31 | */
32 | public class IPFWLog extends FirewallLog {
33 | EventListenerList iptableResultListeners = new EventListenerList();
34 | static final boolean DEBUG = false;
35 |
36 | static Pattern protopattern = Pattern.compile( "(UDP|TCP|ICMP)" );
37 | static Pattern udppattern = Pattern.compile( "(\\w+ \\d+ [\\d:]+) .*?(Deny|Accept) UDP ([\\d\\.]+):(\\d+) ([\\d\\.]+):(\\d+)" );
38 | static Pattern tcppattern = Pattern.compile( "(\\w+ \\d+ [\\d:]+) .*?(Deny|Accept) TCP ([\\d\\.]+):(\\d+) ([\\d\\.]+):(\\d+)" );
39 | static Pattern icmppattern = Pattern.compile( "(\\w+ \\d+ [\\d:]+) .*?(Deny|Accept) ICMP:(\\d+)\\.(\\d+) ([\\d\\.]+) ([\\d\\.]+)" );
40 |
41 | SimpleDateFormat sdf = new SimpleDateFormat("MMM d H:mm:ss");
42 | int year = new Date().getYear();
43 |
44 | public IPFWLog ( File input ) {
45 | this.input = input;
46 | produces = IPTableResult.class;
47 | }
48 |
49 | IPTableResult parseData( byte[] data ) {
50 | String mystr = new String( data );
51 | Matcher matcher = protopattern.matcher( mystr );
52 | if ( ! matcher.find() )
53 | return null;
54 | String proto = matcher.group(1);
55 | try {
56 | int i = 1;
57 | if ( proto.equals("UDP") ) {
58 | matcher = udppattern.matcher( mystr );
59 | if ( ! matcher.find() )
60 | return null;
61 | Date timestamp = sdf.parse( matcher.group(i++) );
62 | timestamp.setYear(year);
63 | boolean accepted = ( matcher.group(i++) ).startsWith("Accept");
64 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
65 | int spt = Integer.parseInt( matcher.group(i++) );
66 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
67 | int dpt = Integer.parseInt( matcher.group(i++) );
68 | short len = 1200;
69 | short udplen = 1200;
70 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new UDPPacket( spt, dpt, udplen ), len ) ) );
71 | } else if ( proto.equals("TCP") ) {
72 | matcher = tcppattern.matcher( mystr );
73 | if ( ! matcher.find() )
74 | return null;
75 | Date timestamp = sdf.parse( matcher.group(i++) );
76 | timestamp.setYear(year);
77 | boolean accepted = ( matcher.group(i++) ).startsWith("Accept");
78 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
79 | int dpt = Integer.parseInt( matcher.group(i++) );
80 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
81 | int spt = 1200;
82 | short len = 1200;
83 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new TCPPacket( spt, dpt, 0, len ), len ) ) );
84 | } else if ( proto.equals("ICMP") ) {
85 | matcher = icmppattern.matcher( mystr );
86 | if ( ! matcher.find() )
87 | return null;
88 | Date timestamp = sdf.parse( matcher.group(i++) );
89 | timestamp.setYear(year);
90 | boolean accepted = ( matcher.group(i++) ).startsWith("Accept");
91 | short type = Short.parseShort( matcher.group(i++) );
92 | short code = Short.parseShort( matcher.group(i++) );
93 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
94 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
95 | short len = 120;
96 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new ICMPPacket( type, code, len ), len ) ) );
97 | }
98 | } catch (Exception e) {
99 | e.printStackTrace();
100 | }
101 | return null;
102 | }
103 |
104 | public void addIPTableResultListener( IPTableResultListener listener ) {
105 | iptableResultListeners.add( IPTableResultListener.class, listener );
106 | }
107 |
108 | public void removeIPTableResultListener( IPTableResultListener listener ) {
109 | iptableResultListeners.remove( IPTableResultListener.class, listener );
110 | }
111 |
112 | protected void fireIPTableResult( IPTableResult iptr ) {
113 | Object[] listeners = iptableResultListeners.getListenerList();
114 | int numListeners = listeners.length;
115 | if (DEBUG) System.out.println( iptr );
116 | for ( int i = 0; i < numListeners; i += 2 ) {
117 | if ( listeners[i] == IPTableResultListener.class )
118 | ((IPTableResultListener)listeners[i+1]).dispatchResult( iptr );
119 | }
120 | }
121 |
122 | public void run () {
123 | try {
124 | FileReader fr = new FileReader(input);
125 | BufferedReader br = new BufferedReader(fr);
126 | String line;
127 | while ( ( line = br.readLine() ) != null ) {
128 | if (DEBUG) System.out.println( "Received line." );
129 | IPTableResult itr = parseData( line.getBytes() );
130 | if ( itr != null )
131 | fireIPTableResult( itr );
132 | //Thread.sleep( (int)(Math.random()*100 ) );
133 | }
134 | } catch ( Exception e ) {
135 | e.printStackTrace();
136 | System.exit(-1);
137 | }
138 | }
139 | public static void main ( String[] args ) {
140 | IPFWLog ipfw = new IPFWLog( new File( "/var/log/iptpipe" ) );
141 | ipfw.run();
142 | }
143 |
144 | }
145 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/IPTablesLog.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import edu.gatech.csc.visualfirewall.data.*;
10 | import edu.gatech.csc.visualfirewall.data.listener.IPTableResultListener;
11 |
12 | import java.io.BufferedReader;
13 | import java.io.File;
14 | import java.io.FileReader;
15 | import java.net.InetAddress;
16 | import java.text.SimpleDateFormat;
17 | import java.util.Date;
18 | import java.util.regex.*;
19 |
20 | import javax.swing.event.EventListenerList;
21 |
22 | /**
23 | * @author chris
24 | * Mar 30, 2005
25 | * IPTablesLog
26 | */
27 | public class IPTablesLog extends FirewallLog {
28 | EventListenerList iptableResultListeners = new EventListenerList();
29 | static boolean DEBUG = false;
30 |
31 | static final Pattern protopattern = Pattern.compile( "PROTO=(\\w+)" );
32 | static final Pattern udppattern = Pattern.compile( "(\\w+\\s+\\d+\\s+[\\d\\d:]+)\\s+.*?(DROP|ACCEPT)\\s+.*?SRC=([\\d\\.]+)\\s+DST=([\\d\\.]+)\\s+"
33 | +"LEN=(\\d+).*?SPT=(\\d+)\\s+DPT=(\\d+)\\s+LEN=(\\d+)" );
34 | static final Pattern tcppattern = Pattern.compile( "(\\w+\\s+\\d+\\s+[\\d\\d:]+)\\s+.*?(DROP|ACCEPT)\\s+.*?SRC=([\\d\\.]+)\\s+DST=([\\d\\.]+)\\s+"
35 | +"LEN=(\\d+).*?SPT=(\\d+)\\s+DPT=(\\d+)" );
36 | static final Pattern icmppattern = Pattern.compile( "(\\w+\\s+\\d+\\s+[\\d\\d:]+)\\s+.*?(DROP|ACCEPT)\\s+.*?SRC=([\\d\\.]+)\\s+DST=([\\d\\.]+)\\s+"
37 | +"LEN=(\\d+).*?TYPE=(\\d+)\\s+CODE=(\\d+)" );
38 | SimpleDateFormat sdf = new SimpleDateFormat("MMM d H:mm:ss");
39 | int year = new Date().getYear();
40 |
41 | public IPTablesLog ( File input ) {
42 | this.input = input;
43 | produces = IPTableResult.class;
44 | }
45 |
46 | IPTableResult parseData( byte[] data ) {
47 | String mystr = new String( data );
48 | Matcher matcher = protopattern.matcher( mystr );
49 | if ( ! matcher.find() )
50 | return null;
51 | String proto = matcher.group(1);
52 | try {
53 | int i = 1;
54 | if ( proto.equals("UDP") ) {
55 | matcher = udppattern.matcher( mystr );
56 | if ( ! matcher.find() )
57 | return null;
58 | Date timestamp = sdf.parse( matcher.group(i++) );
59 | timestamp.setYear(year);
60 | boolean accepted = ( matcher.group(i++) ).startsWith("ACCEPT");
61 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
62 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
63 | short len = Short.parseShort( matcher.group(i++) );
64 | int spt = Integer.parseInt( matcher.group(i++) );
65 | int dpt = Integer.parseInt( matcher.group(i++) );
66 | short udplen = Short.parseShort( matcher.group(i++) );
67 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new UDPPacket( spt, dpt, udplen ), len ) ) );
68 | } else if ( proto.equals("TCP") ) {
69 | matcher = tcppattern.matcher( mystr );
70 | if ( ! matcher.find() )
71 | return null;
72 | Date timestamp = sdf.parse( matcher.group(i++) );
73 | timestamp.setYear(year);
74 | boolean accepted = ( matcher.group(i++) ).startsWith("ACCEPT");
75 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
76 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
77 | short len = Short.parseShort( matcher.group(i++) );
78 | int spt = Integer.parseInt( matcher.group(i++) );
79 | int dpt = Integer.parseInt( matcher.group(i++) );
80 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new TCPPacket( spt, dpt, 0, len ), len ) ) );
81 | } else if ( proto.equals("ICMP") ) {
82 | matcher = icmppattern.matcher( mystr );
83 | if ( ! matcher.find() )
84 | return null;
85 | Date timestamp = sdf.parse( matcher.group(i++) );
86 | timestamp.setYear(year);
87 | boolean accepted = ( matcher.group(i++) ).startsWith("ACCEPT");
88 | InetAddress src = java.net.InetAddress.getByName( matcher.group(i++) );
89 | InetAddress dst = java.net.InetAddress.getByName( matcher.group(i++) );
90 | short len = Short.parseShort( matcher.group(i++) );
91 | short type = Short.parseShort( matcher.group(i++) );
92 | short code = Short.parseShort( matcher.group(i++) );
93 | return( new IPTableResult( timestamp, accepted, new IPPacket( src, dst, new ICMPPacket( type, code, len ), len ) ) );
94 | }
95 | } catch (Exception e) {
96 | e.printStackTrace();
97 | }
98 | return null;
99 | }
100 |
101 | public void addIPTableResultListener( IPTableResultListener listener ) {
102 | iptableResultListeners.add( IPTableResultListener.class, listener );
103 | }
104 |
105 | public void removeIPTableResultListener( IPTableResultListener listener ) {
106 | iptableResultListeners.remove( IPTableResultListener.class, listener );
107 | }
108 |
109 | protected void fireIPTableResult( IPTableResult iptr ) {
110 | Object[] listeners = iptableResultListeners.getListenerList();
111 | int numListeners = listeners.length;
112 | if (DEBUG) System.out.println( iptr );
113 | for ( int i = 0; i < numListeners; i += 2 ) {
114 | if ( listeners[i] == IPTableResultListener.class )
115 | ((IPTableResultListener)listeners[i+1]).dispatchResult( iptr );
116 | }
117 | }
118 |
119 | public void run () {
120 | try {
121 | FileReader fr = new FileReader(input);
122 | BufferedReader br = new BufferedReader(fr);
123 | String line;
124 | while ( ( line = br.readLine() ) != null ) {
125 | if (DEBUG) System.out.println( "Received line." );
126 | IPTableResult itr = parseData( line.getBytes() );
127 | if ( itr != null )
128 | {
129 | if (DEBUG) System.out.println( itr );
130 | fireIPTableResult( itr );
131 | }
132 |
133 |
134 | Thread.sleep( (int)(Math.random()*100 ) );
135 | }
136 | } catch ( Exception e ) {
137 | e.printStackTrace();
138 | System.exit(-1);
139 | }
140 | }
141 | public static void main ( String[] args ) {
142 | DEBUG = true;
143 | IPTablesLog ipl = new IPTablesLog( new File( "logs/iptables.txt" ) );
144 | ipl.run();
145 | }
146 |
147 | }
148 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/PcapFile.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import com.voytechs.jnetstream.io.StreamFormatException;
10 | import com.voytechs.jnetstream.io.EOPacketStream;
11 | import com.voytechs.jnetstream.io.EOPacket;
12 | import com.voytechs.jnetstream.io.RawformatInputStream;
13 | import com.voytechs.jnetstream.io.PacketInputStream;
14 | import com.voytechs.jnetstream.npl.SyntaxError;
15 | import com.voytechs.jnetstream.primitive.MacAddressPrimitive;
16 | import com.voytechs.jnetstream.primitive.IpAddressPrimitive;
17 | import com.voytechs.jnetstream.primitive.PrimitiveException;
18 | import edu.gatech.csc.visualfirewall.data.*;
19 | import edu.gatech.csc.visualfirewall.data.listener.AbstractPacketListener;
20 |
21 | import java.io.File;
22 | import java.io.IOException;
23 | import java.net.InetAddress;
24 |
25 | import javax.swing.event.EventListenerList;
26 |
27 |
28 | /**
29 | * @author chris
30 | * Mar 30, 2005
31 | * PcapFile
32 | */
33 | public class PcapFile extends AbstractDataSource {
34 | EventListenerList abstractPacketListeners = new EventListenerList();
35 |
36 | public PcapFile( File input ) {
37 | this.input = input;
38 | this.produces = AbstractPacket.class;
39 | }
40 |
41 | public void run() {
42 | try {
43 | /* Opens up the capture file as an input stream. */
44 | PacketInputStream in =
45 | new RawformatInputStream(input.getAbsolutePath());
46 |
47 |
48 | /* Loop exists when EOPacketStream exception is thrown */
49 | while (true) {
50 |
51 | /* Aligns the position of the stream at beginning of packet */
52 | in.nextPacket();
53 |
54 | /* Returns the name of the first header */
55 | String linkType = in.getLinkType();
56 |
57 | if (linkType.equals("Ethernet") == true) {
58 |
59 | /*
60 | * Read 6 bytes (48 bits).
61 | *
62 | * Alternative is to read all the data yourself, but then
63 | * you have to take care of those pescky details such as
64 | * how to take care of unsigned values using signed data
65 | * types, etc... All of this is has already been done
66 | * for you with various library classes.
67 | *
68 | * I.e.
69 | * byte[] dst = new byte[6];
70 | * for (int i = 0; i < 6; i ++) {
71 | * dst[i] = in.readByte();
72 | * }
73 | *
74 | */
75 | MacAddressPrimitive dst = new MacAddressPrimitive();
76 | dst.setValue(in);
77 |
78 | MacAddressPrimitive src = new MacAddressPrimitive();
79 | src.setValue(in);
80 |
81 | int etherProtocol = in.readUnsignedShort();
82 |
83 | // Now check if its IP protocol
84 | if (etherProtocol == 0x800) {
85 | int version = in.readBits(4);
86 | int hlen = in.readBits(4);
87 | int precedence = in.readBits(3);
88 | int delay = in.readBits(1);
89 | int throughtput = in.readBits(1);
90 | int reliability = in.readBits(1);
91 | in.readBits(2); // Reserved 2 bits
92 |
93 | int length = in.readUnsignedShort();
94 | int id = in.readUnsignedShort();
95 |
96 | in.readBits(1); // Reserved 1 flag bit
97 |
98 | int doNotFragment = in.readBits(1);
99 | int moreFragments = in.readBits(1);
100 |
101 | int offset = in.readBits(13);
102 | int timeToLive = in.readUnsignedByte();
103 | int ipProtocol = in.readUnsignedByte();
104 | int checksum = in.readUnsignedShort();
105 |
106 | IpAddressPrimitive source = new IpAddressPrimitive();
107 | source.setValue(in);
108 |
109 | IpAddressPrimitive destination =
110 | new IpAddressPrimitive();
111 | destination.setValue(in);
112 |
113 | // Skipping all the options, etc...
114 |
115 | //System.out.print("IP");
116 | //System.out.print(" " + source);
117 | //System.out.print(" -> " + destination);
118 |
119 | // Now check for TCP protocol
120 | if (ipProtocol == 6) {
121 | int spt = in.readUnsignedShort();
122 | int dpt = in.readUnsignedShort();
123 | //System.out.println(" protocol=TCP spt="+spt+" dpt="+dpt);
124 | fireAbstractPacket( new IPPacket( InetAddress.getByName(source.toString()), InetAddress.getByName(destination.toString()), new TCPPacket( spt, dpt, 0, length ), length ) );
125 | } else if (ipProtocol == 17) {
126 | int spt = in.readUnsignedShort();
127 | int dpt = in.readUnsignedShort();
128 | int len = in.readUnsignedShort();
129 | //System.out.println(" protocol=UDP spt="+spt+" dpt="+dpt+" len="+len);
130 | fireAbstractPacket( new IPPacket( InetAddress.getByName(source.toString()), InetAddress.getByName(destination.toString()), new UDPPacket( spt, dpt, len ), length ) );
131 |
132 | } else if (ipProtocol == 1) {
133 | int type = in.readUnsignedByte();
134 | int code = in.readUnsignedByte();
135 | //System.out.println(" protocol=ICMP type="+type+" code="+code);
136 | fireAbstractPacket( new IPPacket( InetAddress.getByName(source.toString()), InetAddress.getByName(destination.toString()), new ICMPPacket( (short)type, (short)code, length ), length ) );
137 |
138 | } else { // For all other protocols display number
139 | //System.out.println(
140 | // " protocol=0x"
141 | // + Integer.toHexString(ipProtocol) );
142 | }
143 |
144 | } else {
145 | /*System.out.print("Ethernet");
146 | System.out.print(" " + src);
147 | System.out.print(" -> " + dst);
148 | System.out.println(
149 | " protocol=0x"
150 | + Integer.toHexString(etherProtocol) );*/
151 | }
152 | } else {
153 | //System.out.println("Unsupported packet type " + linkType);
154 | }
155 | try {
156 | Thread.sleep( (int)(Math.random()*100 ) );
157 | } catch (Exception e) {
158 | }
159 | }
160 | } catch (StreamFormatException t) {
161 | t.printStackTrace();
162 | } catch (EOPacket eo) {
163 | eo.printStackTrace();
164 | } catch (EOPacketStream eos) {
165 | // This is normal condition
166 | } catch(IOException ie) {
167 | ie.printStackTrace();
168 | } catch(SyntaxError se) {
169 | se.printStackTrace();
170 | } catch(PrimitiveException pe) {
171 | pe.printStackTrace();
172 | }
173 | }
174 |
175 | public void addAbstractPacketListener( AbstractPacketListener listener ) {
176 | abstractPacketListeners.add( AbstractPacketListener.class, listener );
177 | }
178 |
179 | public void removeAbstractPacketListener( AbstractPacketListener listener ) {
180 | abstractPacketListeners.remove( AbstractPacketListener.class, listener );
181 | }
182 |
183 | protected void fireAbstractPacket( AbstractPacket iptr ) {
184 | Object[] listeners = abstractPacketListeners.getListenerList();
185 | int numListeners = listeners.length;
186 | // TODO: the example was broken, check if 'i' should be incremented by 1 or 2.
187 | for ( int i = 0; i < numListeners; i += 2 ) {
188 | if ( listeners[i] == AbstractPacketListener.class )
189 | ((AbstractPacketListener)listeners[i+1]).dispatchPacket( iptr );
190 | }
191 | }
192 |
193 | public static void main(String[] args) {
194 | new PcapFile( new File( "logs/50228-http.pcap" ) ).run();
195 | }
196 | }
197 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/SnortAlarmDatabase.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 22, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import java.io.BufferedReader;
10 | import java.io.File;
11 | import java.io.FileInputStream;
12 | import java.io.FileOutputStream;
13 | import java.io.InputStreamReader;
14 | import java.io.ObjectInputStream;
15 | import java.io.ObjectOutputStream;
16 | import java.util.HashMap;
17 |
18 | /**
19 | * @author chris
20 | * Apr 22, 2005
21 | * SnortAlarmDatabase
22 | */
23 | public class SnortAlarmDatabase {
24 | static final boolean DEBUG = false;
25 | HashMap hm;
26 |
27 | public String getAlarmType( int sid ) {
28 | return ( (String)hm.get( new Integer( sid ) ) );
29 | }
30 |
31 | public SnortAlarmDatabase() {
32 | hm = new HashMap();
33 | File sadfile = new File("config/snortalarm.dat");
34 | if ( sadfile.exists() ) {
35 | if (DEBUG) System.out.println( "Loading database." );
36 | try {
37 | ObjectInputStream ois = new ObjectInputStream(new FileInputStream( sadfile) );
38 | hm = (HashMap)ois.readObject();
39 | ois.close();
40 | } catch ( Exception e ) {
41 | e.printStackTrace();
42 | System.exit(-1);
43 | }
44 | } else {
45 | if (DEBUG) System.out.println( "Creating database." );
46 | File snortalerts = new File("config/rules.map");
47 | if ( ! snortalerts.exists() ) {
48 | System.out.println( "Cannot find a snort database or rules to create one." );
49 | System.exit(-1);
50 | }
51 | try {
52 | BufferedReader br = new BufferedReader( new InputStreamReader( new FileInputStream(snortalerts) ) );
53 | ObjectOutputStream oos = new ObjectOutputStream( new FileOutputStream( sadfile ) );
54 | String line;
55 | while ( (line = br.readLine() ) != null ) {
56 | String[] parts = line.split( "," );
57 | Integer sid = new Integer( parts[0] );
58 | hm.put( sid, parts[1] );
59 | }
60 | oos.writeObject(hm);
61 | } catch ( Exception e ) {
62 | e.printStackTrace();
63 | System.exit(-1);
64 | }
65 | }
66 | }
67 |
68 | public static void main(String[] args) {
69 | SnortAlarmDatabase sad = new SnortAlarmDatabase();
70 | System.out.println( sad.hm.get( new Integer( 253 ) ) );
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/datasource/SnortLog.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 30, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.datasource;
8 |
9 | import java.io.File;
10 | import java.io.BufferedReader;
11 | import java.io.FileReader;
12 | import java.util.Date;
13 | import java.util.regex.Matcher;
14 | import java.util.regex.Pattern;
15 | import java.net.InetAddress;
16 |
17 | import javax.swing.event.EventListenerList;
18 |
19 | import edu.gatech.csc.visualfirewall.data.SnortAlarm;
20 | import edu.gatech.csc.visualfirewall.data.listener.SnortAlarmListener;
21 |
22 | import java.text.SimpleDateFormat;
23 | import java.util.Date;
24 |
25 | /**
26 | * @author chris Mar 30, 2005 SnortLog
27 | */
28 | public class SnortLog extends AbstractDataSource {
29 |
30 | EventListenerList snortAlarmListeners = new EventListenerList();
31 | static final boolean DEBUG = false;
32 | SimpleDateFormat sdf = new SimpleDateFormat("mm/dd-H:mm:ss.SSSSSS");
33 | int year = new Date().getYear();
34 |
35 | Pattern p = Pattern
36 | .compile("^(.{21}).*?\\[(\\d+):(\\d+):(\\d+)\\] (.*?) \\[\\*\\*\\].*?\\[Priority: (\\d+)\\] \\{(PIM|TCP|UDP|ICMP)\\} ([\\d\\.]+):?(\\d+)? \\-> ([\\d\\.]+):?(\\d+)?");
37 |
38 | Pattern p2 = Pattern
39 | .compile("^(.{21}).*?\\[(\\d+):(\\d+):(\\d+)\\]\\s+(.*?)\\s+\\[\\*\\*\\].*?\\s[{]([^}]*)[}]\\s+([\\d\\.]+):?(\\d+)?\\s+\\->\\s+([\\d\\.]+):?(\\d+)?");
40 |
41 | public SnortLog(File input) {
42 | this.input = input;
43 | this.produces = SnortAlarm.class;
44 | }
45 |
46 | SnortAlarm parseData(byte[] data) {
47 | String mystr = new String(data);
48 |
49 | Matcher m = p.matcher(mystr);
50 | Matcher m2 = p2.matcher(mystr);
51 |
52 | if (m.find())
53 | {
54 |
55 | //if(DEBUG)System.out.println(mystr);
56 |
57 | try {
58 | int i = 1;
59 | Date timestamp = sdf.parse(m.group(i++));
60 | timestamp.setYear( year );
61 | short[] type = new short[3];
62 | type[0] = Short.parseShort(m.group(i++));
63 | type[1] = Short.parseShort(m.group(i++));
64 | type[2] = Short.parseShort(m.group(i++));
65 | String desc = m.group(i++);
66 | byte priority = Byte.parseByte(m.group(i++));
67 | String proto = m.group(i++);
68 | InetAddress srcip = InetAddress.getByName(m.group(i++));
69 | int spt = -1;
70 | if ( m.group(i) != null )
71 | spt = Integer.parseInt(m.group(i++));
72 | else
73 | i++;
74 | InetAddress dstip = InetAddress.getByName(m.group(i++));
75 | int dpt = -1;
76 | if ( m.group(i) != null )
77 | dpt = Integer.parseInt(m.group(i++));
78 | else
79 | i++;
80 | return (new SnortAlarm(timestamp, type, desc, priority, srcip, dstip, proto, spt, dpt));
81 | } catch (Exception e) {
82 | e.printStackTrace();
83 | return null;
84 | }
85 | }
86 | else if(m2.find())
87 | {
88 | //if(DEBUG)System.out.println(mystr);
89 |
90 | try
91 | {
92 | int i = 1;
93 | Date timestamp = sdf.parse(m2.group(i++));
94 | timestamp.setYear( year );
95 |
96 | short[] type = new short[3];
97 | type[0] = Short.parseShort(m2.group(i++));
98 | type[1] = Short.parseShort(m2.group(i++));
99 | type[2] = Short.parseShort(m2.group(i++));
100 |
101 | String desc = m2.group(i++);
102 |
103 | byte priority = 0;
104 | String proto = m2.group(i++);
105 |
106 | InetAddress srcip = InetAddress.getByName(m2.group(i++));
107 |
108 | int spt = -1;
109 | if ( m2.group(i) != null )
110 | spt = Integer.parseInt(m2.group(i++));
111 | else
112 | i++;
113 | InetAddress dstip = InetAddress.getByName(m2.group(i++));
114 | int dpt = -1;
115 | if ( m2.group(i) != null )
116 | dpt = Integer.parseInt(m2.group(i++));
117 | else
118 | i++;
119 |
120 | return (new SnortAlarm(timestamp, type, desc, priority, srcip, dstip, proto, spt, dpt));
121 | } catch (Exception e) {
122 | e.printStackTrace();
123 | return null;
124 | }
125 | }
126 | else
127 | {
128 | if(DEBUG)System.out.println("DID NOT MATCH: "+mystr);
129 | return null;
130 | }
131 |
132 | }
133 |
134 | public void run() {
135 | //System.out.println( "SnortLog Started" );
136 | try {
137 | FileReader fr = new FileReader(input);
138 | BufferedReader br = new BufferedReader(fr);
139 | String line;
140 | while ((line = br.readLine()) != null) {
141 | SnortAlarm sa = parseData(line.getBytes());
142 | if (sa != null)
143 | fireSnortAlarm( sa );
144 |
145 | Thread.sleep( (int)(Math.random()*100));
146 | }
147 | } catch (Exception e) {
148 | e.printStackTrace();
149 | System.exit(-1);
150 | }
151 | }
152 |
153 | public void addSnortAlarmListener( SnortAlarmListener listener ) {
154 | snortAlarmListeners.add( SnortAlarmListener.class, listener );
155 | }
156 |
157 | public void removeSnortAlarmListener( SnortAlarmListener listener ) {
158 | snortAlarmListeners.remove( SnortAlarmListener.class, listener );
159 | }
160 |
161 | protected void fireSnortAlarm( SnortAlarm iptr ) {
162 | Object[] listeners = snortAlarmListeners.getListenerList();
163 | int numListeners = listeners.length;
164 |
165 | if (DEBUG) System.out.println(iptr);
166 |
167 | for ( int i = 0; i < numListeners; i += 2 ) {
168 | if ( listeners[i] == SnortAlarmListener.class )
169 | ((SnortAlarmListener)listeners[i+1]).dispatchAlarm( iptr );
170 | }
171 | }
172 |
173 | public static void main(String[] args) {
174 | new SnortLog(new File("logs/snort.txt")).run();
175 | }
176 | }
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/AbstractView.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.event.ActionEvent;
10 | import java.awt.event.ActionListener;
11 | import java.awt.*;
12 |
13 | import org.jfree.chart.JFreeChart;
14 |
15 | import edu.gatech.csc.visualfirewall.data.AbstractPacket;
16 | import edu.gatech.csc.visualfirewall.data.IPTableResult;
17 | import edu.gatech.csc.visualfirewall.data.SnortAlarm;
18 | import edu.gatech.csc.visualfirewall.data.listener.AbstractPacketListener;
19 | import edu.gatech.csc.visualfirewall.data.listener.IPTableResultListener;
20 | import edu.gatech.csc.visualfirewall.data.listener.SnortAlarmListener;
21 | import javax.media.opengl.GLCanvas;
22 | import javax.media.opengl.GL;
23 | import javax.media.opengl.glu.GLU;
24 |
25 |
26 | /**
27 | * @author chris Mar 31, 2005 AbstractView
28 | */
29 | public abstract class AbstractView implements ActionListener,
30 | SnortAlarmListener, IPTableResultListener, AbstractPacketListener {
31 |
32 | private boolean DEBUG = false;
33 |
34 | public boolean isMaximized;
35 |
36 | String name;
37 |
38 | Component canvas;
39 | public long lastUpdateTime;
40 | Rectangle worldWindowRect;
41 | boolean worldWindowChanged;
42 |
43 | public JFreeChart chart = null;
44 |
45 | //protected Rectangle wallInterior;
46 |
47 | int viewportWidth;
48 | int viewportHeight;
49 |
50 | public float red = 1.0f,
51 | green = 1.0f,
52 | blue = 1.0f,
53 | alpha = 1.0f;
54 |
55 | public AbstractView(){}
56 |
57 | public AbstractView(Rectangle worldWindowRect) {
58 |
59 | if(DEBUG)System.out.println("AbstractView: AbstractView() called");
60 |
61 | isMaximized = false;
62 | this.worldWindowRect = worldWindowRect;
63 | this.worldWindowChanged = false;
64 |
65 | //initWall();
66 |
67 | lastUpdateTime = System.currentTimeMillis();
68 | // get a GLCanvas
69 | /*
70 | GLCapabilities capabilities = new GLCapabilities();
71 | canvas = GLDrawableFactory.getFactory().createGLCanvas(capabilities);
72 | // add a GLEventListener, which will get called when the
73 | // canvas is resized or needs a repaint
74 | canvas.addGLEventListener(this);
75 | */
76 | // temp debug
77 | //javax.swing.Timer timer = new javax.swing.Timer(25, this);
78 | //timer.start();
79 | }
80 |
81 | public String getName()
82 | {
83 | return name;
84 | }
85 |
86 | public void setName(String name)
87 | {
88 | this.name = name;
89 | }
90 |
91 | public Component getCanvas()
92 | {
93 | return canvas;
94 | }
95 |
96 | public GLCanvas getGLCanvas()
97 | {
98 | return (GLCanvas)canvas;
99 | }
100 |
101 | /*
102 | * (non-Javadoc)
103 | *
104 | * @see java.awt.event.ActionListener#actionPerformed(java.awt.event.ActionEvent)
105 | */
106 | public void actionPerformed(ActionEvent arg0) {
107 | // TODO Auto-generated method stub
108 |
109 | }
110 |
111 | protected void resetWorldWindow(GL gl, GLU glu) {
112 |
113 | if(DEBUG)System.out.println("AbstractView: resetWorldWindow() called");
114 | //System.out.println ("reset world window: " + worldWindowRect );
115 | // set the world window
116 | gl.glMatrixMode(GL.GL_PROJECTION);
117 | gl.glLoadIdentity();
118 | glu.gluOrtho2D(worldWindowRect.x, worldWindowRect.x
119 | + worldWindowRect.width, worldWindowRect.y, worldWindowRect.y
120 | + worldWindowRect.height);
121 | // set viewport
122 | // args are x, y, width, height
123 | gl.glViewport(0, 0, viewportWidth, viewportHeight);
124 |
125 | worldWindowChanged = false;
126 | //initWall();
127 | }
128 |
129 | public void dispatchAlarm(SnortAlarm snortAlarm) {
130 | //System.out.println(snortAlarm.toString());
131 | }
132 |
133 | public void dispatchResult(IPTableResult ipTableResult)
134 | {
135 | //System.out.println(ipTableResult.toString() );
136 | }
137 |
138 | public void dispatchPacket(AbstractPacket packet)
139 | {
140 | //System.out.println(packet.toString() );
141 | }
142 |
143 |
144 | /**
145 | * @return Returns the alpha.
146 | */
147 | public float getAlpha() {
148 | return alpha;
149 | }
150 | /**
151 | * @param alpha The alpha to set.
152 | */
153 | public void setAlpha(float alpha) {
154 | this.alpha = alpha;
155 | }
156 | /**
157 | * @return Returns the blue.
158 | */
159 | public float getBlue() {
160 | return blue;
161 | }
162 | /**
163 | * @param blue The blue to set.
164 | */
165 | public void setBlue(float blue) {
166 | this.blue = blue;
167 | }
168 | /**
169 | * @return Returns the green.
170 | */
171 | public float getGreen() {
172 | return green;
173 | }
174 | /**
175 | * @param green The green to set.
176 | */
177 | public void setGreen(float green) {
178 | this.green = green;
179 | }
180 | /**
181 | * @return Returns the lastUpdateTime.
182 | */
183 | public long getLastUpdateTime() {
184 | return lastUpdateTime;
185 | }
186 | /**
187 | * @param lastUpdateTime The lastUpdateTime to set.
188 | */
189 | public void setLastUpdateTime(long lastUpdateTime) {
190 | this.lastUpdateTime = lastUpdateTime;
191 | }
192 | /**
193 | * @return Returns the red.
194 | */
195 | public float getRed() {
196 | return red;
197 | }
198 | /**
199 | * @param red The red to set.
200 | */
201 | public void setRed(float red) {
202 | this.red = red;
203 | }
204 | /**
205 | * @return Returns the viewportHeight.
206 | */
207 | public int getViewportHeight() {
208 | return viewportHeight;
209 | }
210 | /**
211 | * @param viewportHeight The viewportHeight to set.
212 | */
213 | public void setViewportHeight(int viewportHeight) {
214 | this.viewportHeight = viewportHeight;
215 | }
216 | /**
217 | * @return Returns the viewportWidth.
218 | */
219 | public int getViewportWidth() {
220 | return viewportWidth;
221 | }
222 | /**
223 | * @param viewportWidth The viewportWidth to set.
224 | */
225 | public void setViewportWidth(int viewportWidth) {
226 | this.viewportWidth = viewportWidth;
227 | }
228 | /**
229 | * @return Returns the worldWindowChanged.
230 | */
231 | public boolean getWorldWindowChanged() {
232 | return worldWindowChanged;
233 | }
234 | /**
235 | * @param worldWindowChanged The worldWindowChanged to set.
236 | */
237 | public void setWorldWindowChanged(boolean worldWindowChanged) {
238 | this.worldWindowChanged = worldWindowChanged;
239 | }
240 | /**
241 | * @return Returns the worldWindowRect.
242 | */
243 | public Rectangle getWorldWindowRect() {
244 | return worldWindowRect;
245 | }
246 | /**
247 | * @param worldWindowRect The worldWindowRect to set.
248 | */
249 | public void setWorldWindowRect(Rectangle worldWindowRect) {
250 | this.worldWindowRect = worldWindowRect;
251 | }
252 | /**
253 | * @param canvas The canvas to set.
254 | */
255 | public void setGLCanvas(GLCanvas canvas) {
256 | this.canvas = canvas;
257 | }
258 |
259 | public void setCanvas(Component canvas) {
260 | this.canvas = canvas;
261 | }
262 | }
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/Dot.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 23, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.Color;
10 |
11 | /**
12 | * @author trost
13 | *
14 | * TODO To change the template for this generated type comment go to
15 | * Window - Preferences - Java - Code Style - Code Templates
16 | */
17 | public class Dot
18 | {
19 | public int x, y;
20 | public Color color;
21 | public long age;
22 | public int radius;
23 |
24 | Dot(float x, float y, float radius, Color color)
25 | {
26 | this(x,y,color);
27 | this.radius = (int)radius;
28 | }
29 |
30 | Dot(float x, float y, Color color)
31 | {
32 | this.x = (int)x;
33 | this.y = (int)y;
34 | this.radius = (int)15;
35 | this.color = color;
36 | this.age = System.currentTimeMillis();
37 | }
38 |
39 | public boolean equals(Object d)
40 | {
41 | if(d.getClass().equals(this.getClass()))
42 | {
43 | Dot dot = (Dot)d;
44 |
45 | if( dot.x == x &&
46 | dot.y == y &&
47 | dot.radius == radius )
48 | {
49 | //System.out.println("Dot: equals() calles : "+ this + " == "+ d);
50 | return true;
51 | }
52 | }
53 |
54 | //System.out.println("Dot: equals() calles : "+ this + "!= "+ d);
55 | return false;
56 | }
57 |
58 | public String toString()
59 | {
60 | return "("+x+","+y+","+ radius+"), "+color;
61 | }
62 |
63 | }
64 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/DotComparator.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 23, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.util.Comparator;
10 |
11 | import edu.gatech.csc.visualfirewall.view.Dot;
12 |
13 | /**
14 | * @author trost
15 | *
16 | * TODO To change the template for this generated type comment go to
17 | * Window - Preferences - Java - Code Style - Code Templates
18 | */
19 | public class DotComparator implements Comparator {
20 |
21 | /**
22 | *
23 | */
24 | public DotComparator() {
25 | super();
26 | // TODO Auto-generated constructor stub
27 | }
28 |
29 | /* (non-Javadoc)
30 | * @see java.util.Comparator#compare(java.lang.Object, java.lang.Object)
31 | */
32 | public int compare(Object o1, Object o2)
33 | {
34 | Dot dot1 = (Dot)o1;
35 | Dot dot2 = (Dot)o2;
36 |
37 | if(dot1.equals(dot2))
38 | return 0;
39 |
40 | if(dot1.age > dot2.age)
41 | return 1;
42 | else if(dot1.age < dot2.age)
43 | return -1;
44 | else
45 | {
46 | if(dot1.x < dot2.x)
47 | return 1;
48 | else if(dot1.x > dot2.x)
49 | return -1;
50 | else
51 | if(dot1.y < dot2.y)
52 | return 1;
53 | else if(dot1.y > dot2.y)
54 | return -1;
55 | else
56 | return 0;
57 | }
58 | }
59 |
60 | }
61 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/IDSAlarmView.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.Color;
10 | import java.awt.Rectangle;
11 | import java.awt.event.ActionEvent;
12 | import java.util.Date;
13 | import java.util.HashMap;
14 | import java.util.HashSet;
15 | import java.util.Iterator;
16 | import java.util.Set;
17 | import java.util.TreeSet;
18 |
19 | import javax.media.opengl.GL;
20 | import javax.media.opengl.GLAutoDrawable;
21 | import javax.media.opengl.GLCanvas;
22 | import javax.media.opengl.GLCapabilities;
23 | import javax.media.opengl.GLDrawable;
24 | import javax.media.opengl.GLEventListener;
25 | import javax.media.opengl.glu.GLU;
26 |
27 | import com.sun.opengl.util.GLUT;
28 |
29 | import edu.gatech.csc.visualfirewall.VisualFirewall;
30 | import edu.gatech.csc.visualfirewall.data.SnortAlarm;
31 | import edu.gatech.csc.visualfirewall.datasource.SnortAlarmDatabase;
32 | import java.awt.*;
33 |
34 | /**
35 | * @author Jason Trost
36 | * Mar 31, 2005
37 | * VisualSignatureView
38 | */
39 | public class IDSAlarmView extends AbstractView implements GLEventListener {
40 |
41 | boolean DEBUG = false;
42 | boolean EXPERIMENTAL = true;
43 |
44 | protected static final double TWO_PI = 2 * Math.PI;
45 | protected static final double ARC_SEGMENT = TWO_PI / 36;
46 |
47 | GLCanvas canvas;
48 |
49 | protected Rectangle worldWindowRect;
50 | boolean worldWindowChanged;
51 |
52 | protected Rectangle wallInterior;
53 |
54 | int viewportWidth;
55 | int viewportHeight;
56 |
57 | java.util.SortedSet linesSet;
58 | java.util.SortedSet dotsSet;
59 |
60 | // These are used for aging the lines.
61 | public static final double ONE_MIN = 60000;
62 | public static final double TWO_MIN = 2*ONE_MIN;
63 | public static final double THREE_MIN = 3*ONE_MIN;
64 | public static final double FOUR_MIN = 4*ONE_MIN;
65 | public static final double FIVE_MIN = 5*ONE_MIN;
66 |
67 | // Height and Width of the GL Canvas
68 | public static final float HEIGHT = 3000.0f;
69 | public static final float WIDTH = 3000.0f;
70 |
71 | // X coordinates of the left axis and right axis
72 | public static final float LEFT_AXIS = WIDTH * 0.15f;
73 | public static final float RIGHT_AXIS = WIDTH * 0.9f;
74 |
75 | // Y coordinates of the bottom axis and top "axis"
76 | public static final float BOTTOM_AXIS = HEIGHT * 0.1f;
77 | public static final float TOP_AXIS = HEIGHT * 0.9f;
78 |
79 | // length of the axises
80 | double SIDE_AXIS_LENGTH = (TOP_AXIS - BOTTOM_AXIS);
81 | double BOTTOM_AXIS_LENGTH = (RIGHT_AXIS - LEFT_AXIS);
82 |
83 | // 2^24
84 | public static final long NUM_SUBNET = 16777216L;
85 |
86 | // 2^16
87 | public static int NUM_PORTS = 65535;
88 |
89 | public static final String[] RULE_SET_TICKS =
90 | { "attack-responses", "backdoor", "bad-traffic", "chat", "ddos",
91 | "deleted", "dns", "dos", "experimental", "exploit", "finger",
92 | "ftp", "icmp-info", "icmp", "imap", "info", "local", "misc",
93 | "multimedia", "mysql", "netbios", "nntp", "oracle", "other-ids",
94 | "p2p", "policy", "pop2", "pop3", "porn", "rpc", "rservices", "scan",
95 | "shellcode", "smtp", "snmp", "sql", "telnet", "tftp", "virus", "web-attacks",
96 | "web-cgi", "web-client", "web-coldfusion", "web-frontpage", "web-iis",
97 | "web-misc", "web-php", "x11"};
98 |
99 | public static final float[] BG_RGB = VisualFirewall.BG_COLOR.getColorComponents(null);
100 | public static final float[] AXIS_RGB = VisualFirewall.FG_COLOR.getColorComponents(null);
101 |
102 | public static int DRAW_AXIS = 1;
103 |
104 | HashMap ruleTypeToTick = new HashMap();
105 |
106 | SnortAlarmDatabase snortAlarmDatabase = new SnortAlarmDatabase();
107 |
108 | Color[] priority = {Color.green, Color.yellow, Color.ORANGE, Color.red};
109 |
110 | public IDSAlarmView(Rectangle worldWindowRect)
111 | {
112 | super(worldWindowRect);
113 |
114 |
115 |
116 |
117 | GLCapabilities capabilities = new GLCapabilities();
118 | setCanvas(new GLCanvas(capabilities));
119 |
120 |
121 | // add a GLEventListener, which will get called when the
122 | // canvas is resized or needs a repaint
123 | getGLCanvas().addGLEventListener(this);
124 |
125 | for(int i = 0; i < RULE_SET_TICKS.length; ++i)
126 | {
127 | ruleTypeToTick.put(RULE_SET_TICKS[i], new Integer(i));
128 | }
129 | setName("IDSAlarm");
130 |
131 | // this is used to keep the lines sorted by age.
132 | linesSet = new TreeSet( new LineComparator() );
133 | // this is used to keep the dot sorted by age.
134 | dotsSet = new TreeSet( new DotComparator() );
135 |
136 | //javax.swing.Timer timer = new javax.swing.Timer (10000, this);
137 | //timer.start();
138 |
139 | }
140 |
141 | public void actionPerformed(ActionEvent event)
142 | {
143 |
144 | }
145 |
146 | /**
147 | * Remember that the GLDrawable is actually the
148 | * GLCanvas that we dealt with earlier.
149 | */
150 | public void init(GLAutoDrawable gld)
151 | {
152 | //if(DEBUG)System.out.println("VisualSignatureView: init() called");
153 | //Remember not to save the
154 | //GL and GLU objects for
155 | //use outside of this method.
156 | //New ones will be provided
157 | //later.
158 | GL gl = getGLCanvas().getGL();
159 | GLU glu = new GLU();
160 |
161 | gl.glClearColor(BG_RGB[0], BG_RGB[1], BG_RGB[2], 1.0f );
162 |
163 | //Let's make the point 5 pixels wide
164 | gl.glPointSize(5.0f);
165 |
166 | //glViewport's arguments represent
167 | //left, bottom, width, height
168 | gl.glViewport(0, 0, (int)WIDTH, (int)HEIGHT);
169 | gl.glMatrixMode(GL.GL_PROJECTION);
170 | gl.glLoadIdentity();
171 | //gluOrtho2D's arguments represent
172 | //left, right, bottom, top
173 | glu.gluOrtho2D(0, WIDTH, 0, HEIGHT);
174 |
175 | // This is supposed to optimize repeatedly drawn graphics. See
176 | // http://fly.cc.fer.hr/~unreal/theredbook/chapter04.html for more info.
177 | gl.glNewList(DRAW_AXIS, GL.GL_COMPILE);
178 | drawAxis(gl);
179 | gl.glEndList();
180 | }
181 |
182 | public void display(GLAutoDrawable gld)
183 | {
184 | //System.out.println("IDSAlarmView: display() called");
185 | // Remember to get a new copy
186 | // of GL object instead of
187 | // saving a previous one
188 | GL gl = getGLCanvas().getGL();
189 | GLU glu = new GLU();
190 |
191 | // is there a pending world window change?
192 | if ( getWorldWindowChanged() )
193 | resetWorldWindow(gl, glu);
194 |
195 | // load identity matrix
196 | gl.glMatrixMode (GL.GL_MODELVIEW);
197 | gl.glLoadIdentity();
198 |
199 | //erase GLCanvas using the clear color
200 | //gl.glClearColor(red, green, blue, alpha); // background
201 | gl.glClear(GL.GL_COLOR_BUFFER_BIT);
202 |
203 | //Choose our color for drawing
204 | //drawAxis(gl);
205 | gl.glCallList(DRAW_AXIS);
206 |
207 | //if(DEBUG)System.out.println("linesSet.size(): "+linesSet.size());
208 |
209 | Set removeThese = new HashSet();
210 |
211 | synchronized(linesSet)
212 | {
213 | Iterator iter = (Iterator)linesSet.iterator();
214 | while(iter.hasNext() )
215 | {
216 | long time = System.currentTimeMillis();
217 | Line line = (Line) iter.next();
218 |
219 | double elapsed = time - line.age;
220 | float colorChange = (float)(elapsed/FIVE_MIN);
221 |
222 | line.age = time;
223 |
224 | Color c = line.getColor();
225 |
226 | float[] rgb = c.getColorComponents(null);
227 |
228 | c = new Color( rgb[0] - colorChange >= (BG_RGB[0] + 0.1f)?(rgb[0] - colorChange):(BG_RGB[0] + 0.1f),
229 | rgb[1] - colorChange >= (BG_RGB[1] + 0.1f)?(rgb[1] - colorChange):(BG_RGB[1] + 0.1f),
230 | rgb[2] - colorChange >= (BG_RGB[2] + 0.1f)?(rgb[2] - colorChange):(BG_RGB[2] + 0.1f) );
231 |
232 | /*rgb = c.getColorComponents(null);
233 |
234 | if(rgb[0] <= BG_RGB[0] && rgb[1] <= BG_RGB[1] && rgb[2] <= BG_RGB[2])
235 | {
236 | removeThese.add(line);
237 | continue;
238 | }*/
239 |
240 | line.setColor(c);
241 | drawLine(gl, line);
242 | }
243 |
244 | linesSet.removeAll(removeThese);
245 | }
246 |
247 | synchronized(dotsSet)
248 | {
249 | Iterator iter = (Iterator)dotsSet.iterator();
250 | while(iter.hasNext() )
251 | {
252 | Dot dot = (Dot)iter.next();
253 | drawDot(gl, dot);
254 | }
255 | }
256 | //drawAxis(gl);
257 |
258 | drawVerticalTimeBar(gl);
259 | }
260 |
261 | // precompute for optmizarion
262 | double SIDE_AXIS_LENGTH_DIV_RULE_SET_TICKS_length = SIDE_AXIS_LENGTH/RULE_SET_TICKS.length;
263 | double LEFT_AXIS_MINIS_10 = LEFT_AXIS - 10.0f;
264 | double LEFT_AXIS_MINIS_35 = LEFT_AXIS - 35.0f;
265 | double LEFT_AXIS_PLUS_10 = LEFT_AXIS + 10.0f;
266 | double TOP_AXIS_PLUS_35 = TOP_AXIS + 35.0f;
267 | double LOW_ADDR_X = RIGHT_AXIS - "0.0.0.0".length()*11;
268 | double HIGH_ADDR_X = RIGHT_AXIS - "255.255.255.0".length()*14;
269 | double BOTTOM_AXIS_MINUS_100 = BOTTOM_AXIS - 100.0f;
270 | double TIME_LABEL_X = (LEFT_AXIS + BOTTOM_AXIS_LENGTH/2.0f - "Time".length()*18);
271 | double BOTTOM_AXIS_MINUS_150 = BOTTOM_AXIS - 150.0f;
272 | double BOTTOM_AXIS_LENGTH_DIV_25 = BOTTOM_AXIS_LENGTH/25;
273 | double BOTTOM_AXIS_LENGTH_DIV_24 = BOTTOM_AXIS_LENGTH/24;
274 | double BOTTOM_AXIS_PLUS_10 = BOTTOM_AXIS + 10.0f;
275 | double BOTTOM_AXIS_MINUS_10 = BOTTOM_AXIS - 10.0f;
276 | double BOTTOM_AXIS_MINUS_50 = BOTTOM_AXIS - 50;
277 |
278 | String[] time = { "00:00", "01:00", "02:00", "03:00", "04:00",
279 | "05:00", "06:00", "07:00", "08:00", "09:00",
280 | "10:00", "11:00", "12:00", "13:00", "14:00",
281 | "15:00", "16:00", "17:00", "18:00", "19:00",
282 | "20:00", "21:00", "22:00", "23:00"};
283 |
284 | void drawAxis(GL gl)
285 | {
286 | gl.glColor3f(AXIS_RGB[0], AXIS_RGB[1], AXIS_RGB[2]);
287 |
288 | /////////////// Draw top and bottom boundaries //////////////////
289 | gl.glColor3f(BG_RGB[0] + 0.1f, BG_RGB[1] + 0.1f, BG_RGB[2] + 0.1f);
290 | gl.glPointSize(1.0f);
291 |
292 | gl.glBegin(GL.GL_LINES);
293 | gl.glVertex2d(0.0f, HEIGHT - 1);
294 | gl.glVertex2d(WIDTH, HEIGHT - 1);
295 | gl.glEnd();
296 |
297 | gl.glBegin(GL.GL_LINES);
298 | gl.glVertex2d(0.0f, 0.0f);
299 | gl.glVertex2d(WIDTH, 0.0f);
300 | gl.glEnd();
301 | /////////////////////////////////////////////////////////////////
302 |
303 |
304 | GLUT glut = new GLUT();
305 |
306 | gl.glColor3fv(AXIS_RGB, 0);
307 | gl.glPointSize(5.0f);
308 |
309 | ///////////////////////// Left Axis //////////////////////////////////////////
310 | gl.glBegin(GL.GL_LINES);
311 | gl.glVertex2d(LEFT_AXIS, BOTTOM_AXIS);
312 | gl.glVertex2d(LEFT_AXIS, TOP_AXIS);
313 | gl.glEnd();
314 |
315 | for(int i = 0; i < RULE_SET_TICKS.length; ++i)
316 | {
317 | double y = (i * SIDE_AXIS_LENGTH_DIV_RULE_SET_TICKS_length) + BOTTOM_AXIS;
318 |
319 | gl.glBegin(GL.GL_LINES);
320 | gl.glVertex2d(LEFT_AXIS_MINIS_10, (float)y);
321 | gl.glVertex2d(LEFT_AXIS_PLUS_10, (float)y);
322 | gl.glEnd();
323 |
324 | if(isMaximized)
325 | {
326 | /////////////////// make text labels for snort rules classes ///////////
327 | gl.glColor3fv(AXIS_RGB, 0);
328 | int width = glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, RULE_SET_TICKS[i] );
329 |
330 | double tmpX = LEFT_AXIS_MINIS_35 - (width*5);
331 | gl.glRasterPos2f((float)tmpX + 20, (float)y - 10.0f);
332 | //Take a string and make it a bitmap, put it in the 'gl' passed over and pick
333 | //the GLUT font, then provide the string to show
334 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, RULE_SET_TICKS[i]);
335 |
336 | // Draw a horizontal grid
337 | gl.glEnable(GL.GL_LINE_STIPPLE);
338 | gl.glLineStipple(3, (short)0xAAAA);
339 |
340 | gl.glColor3f(0.15f, 0.15f, 0.15f);
341 | gl.glBegin(GL.GL_LINES);
342 | gl.glVertex2d(LEFT_AXIS_PLUS_10, (float)y);
343 | gl.glVertex2d(RIGHT_AXIS, (float)y);
344 | gl.glEnd();
345 |
346 | gl.glColor3fv(AXIS_RGB, 0);
347 |
348 | gl.glDisable(GL.GL_LINE_STIPPLE);
349 | }
350 | }
351 |
352 | ///////////////////////// Right Axis //////////////////////////////////////////
353 | gl.glBegin(GL.GL_LINES);
354 | gl.glVertex2d(RIGHT_AXIS, BOTTOM_AXIS);
355 | gl.glVertex2d(RIGHT_AXIS, TOP_AXIS);
356 | gl.glEnd();
357 |
358 | if(isMaximized)
359 | {
360 | gl.glRasterPos2f((float)LOW_ADDR_X, (float)TOP_AXIS_PLUS_35);
361 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "0.0.0.0");
362 |
363 | gl.glRasterPos2f((float)HIGH_ADDR_X, (float)BOTTOM_AXIS_MINUS_100);
364 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "255.255.255.0");
365 |
366 | gl.glRasterPos2f((float)TIME_LABEL_X, (float)BOTTOM_AXIS_MINUS_150);
367 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "Time");
368 |
369 | if(EXPERIMENTAL)
370 | {
371 | float x = (float)(LEFT_AXIS + BOTTOM_AXIS_LENGTH/2.0f - "Monitored Subnet".length()*14);
372 | gl.glRasterPos2f((float)x, (float)TOP_AXIS + 30.0f);
373 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "Monitored Subnet");
374 | }
375 | }
376 |
377 | if(EXPERIMENTAL)
378 | {
379 | ///////////////////////// Top Axis //////////////////////////////////////////
380 | gl.glBegin(GL.GL_LINES);
381 | gl.glVertex2d(LEFT_AXIS, TOP_AXIS);
382 | gl.glVertex2d(RIGHT_AXIS, TOP_AXIS);
383 | gl.glEnd();
384 | }
385 |
386 | ///////////////////////// Bottom Axis //////////////////////////////////////////
387 | gl.glBegin(GL.GL_LINES);
388 | gl.glVertex2d(LEFT_AXIS, BOTTOM_AXIS);
389 | gl.glVertex2d(RIGHT_AXIS, BOTTOM_AXIS);
390 | gl.glEnd();
391 |
392 | // time ticks
393 | for(int i = 1; i <= 24; ++i)
394 | {
395 | double x = (i * BOTTOM_AXIS_LENGTH_DIV_25) + LEFT_AXIS;
396 |
397 | gl.glBegin(GL.GL_LINES);
398 | gl.glVertex2d((float)x, BOTTOM_AXIS_PLUS_10);
399 | gl.glVertex2d((float)x, BOTTOM_AXIS_MINUS_10);
400 | gl.glEnd();
401 | int t = (i-1)%24;
402 |
403 | if(isMaximized && ( (t % 3) == 0) )
404 | {
405 |
406 | ///////////////////////////////////////////////////////////
407 | gl.glRasterPos2f((float)x - 60, (float)BOTTOM_AXIS_MINUS_50);
408 | //Take a string and make it a bitmap, put it in the 'gl' passed over and pick
409 | //the GLUT font, then provide the string to show
410 |
411 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, time[t]);
412 | }
413 | }
414 | }
415 |
416 | void drawVerticalTimeBar(GL gl)
417 | {
418 | //////////////////Draw "Current Time Vertical Line" ////////////////////////////
419 | Date now = new Date();
420 | float hour = now.getHours();
421 | float minutes = now.getMinutes();
422 |
423 | double time = hour + ((double)minutes)/60.0;
424 | //double x = (time + 1) * (BOTTOM_AXIS_LENGTH_DIV_25) + LEFT_AXIS;
425 | double x = (time * BOTTOM_AXIS_LENGTH_DIV_24) + LEFT_AXIS;
426 |
427 | gl.glEnable(GL.GL_LINE_STIPPLE);
428 | // Set the stippling pattern
429 | gl.glLineStipple(3, (short)0xAAAA);
430 |
431 | // draw current time line
432 | gl.glColor3f(0.1f, 0.1f, 0.5f);
433 | gl.glBegin(GL.GL_LINE_STRIP);
434 | gl.glVertex2d((float)x, BOTTOM_AXIS);
435 | gl.glVertex2d((float)x, TOP_AXIS);
436 | gl.glEnd();
437 |
438 | gl.glDisable(GL.GL_LINE_STIPPLE);
439 | }
440 |
441 | void drawLine(GL gl, Line line)
442 | {
443 | gl.glPointSize(5.0f);
444 |
445 | Color color = line.getColor();
446 | float[] rgb = color.getColorComponents(null);
447 |
448 | gl.glEnable(GL.GL_SMOOTH);
449 | gl.glColor3fv(rgb, 0);
450 |
451 | gl.glBegin(GL.GL_LINES);
452 | gl.glVertex2d(line.x1, line.y1);
453 | gl.glVertex2d(line.x2, line.y2);
454 | gl.glEnd();
455 | gl.glDisable(GL.GL_SMOOTH);
456 | }
457 |
458 | void drawDot(GL gl, Dot dot)
459 | {
460 | Color color = dot.color;
461 | float[] rgb = color.getColorComponents(null);
462 | double theta;
463 |
464 | float x,y;
465 |
466 | gl.glColor3fv(rgb, 0);
467 |
468 | gl.glBegin (GL.GL_POLYGON);
469 | gl.glVertex2f(dot.x, dot.y);
470 |
471 | for (theta = 0; theta <= TWO_PI; theta += ARC_SEGMENT)
472 | {
473 | x = (float) (dot.x + (Math.sin(theta) * dot.radius));
474 | y = (float) (dot.y + (Math.cos(theta) * dot.radius));
475 |
476 | gl.glVertex2f(x,y);
477 | }
478 | gl.glEnd();
479 | }
480 |
481 | //we won't need these two methods
482 | public void reshape(GLAutoDrawable drawable, int x, int y, int width, int height)
483 | {
484 | GL gl = getGLCanvas().getGL();
485 | GLU glu = new GLU();
486 |
487 | // save size for viewport reset
488 | setViewportWidth(width);
489 | setViewportHeight(height);
490 |
491 | resetWorldWindow(gl, glu);
492 |
493 | display(drawable);
494 | }
495 |
496 | public void displayChanged(GLAutoDrawable drawable, boolean modeChanged, boolean deviceChanged)
497 | {
498 | }
499 |
500 | public void addLine(Line line)
501 | {
502 | synchronized(linesSet)
503 | {
504 | //if(!linesSet.contains(line))
505 | linesSet.add(line);
506 | }
507 | }
508 |
509 | public void renderVerticalBitmapString(GL gl, float x, float y, int bitmapHeight, int font, String string)
510 | {
511 | GLUT glut = new GLUT();
512 | char c;
513 |
514 | for (int i = 0; i < string.length(); ++i)
515 | {
516 | c = string.charAt(i);
517 |
518 | gl.glRasterPos2f(x, y+bitmapHeight*i);
519 | glut.glutBitmapCharacter(font, c);
520 | }
521 |
522 | }
523 |
524 |
525 |
526 | double SIDE_AXIS_LENGTH_DIV_NUM_SUBNET = SIDE_AXIS_LENGTH/((double)NUM_SUBNET);
527 |
528 | public void dispatchAlarm(SnortAlarm snortAlarm)
529 | {
530 | // create 2 'Dots' and a line connecting them
531 |
532 | short sId = snortAlarm.type[1];
533 |
534 | String ruleType = snortAlarmDatabase.getAlarmType(sId);
535 | Integer ruleTypeY = (Integer)ruleTypeToTick.get(ruleType);
536 |
537 | if(DEBUG)System.out.println(ruleType +" : "+snortAlarm);
538 |
539 |
540 | if(ruleTypeY == null)
541 | {
542 | //System.out.println("ruleType == null for sId = "+sId);
543 | return;
544 | }
545 |
546 | double y = (ruleTypeY.intValue() * SIDE_AXIS_LENGTH_DIV_RULE_SET_TICKS_length) + BOTTOM_AXIS;
547 |
548 | int hour = snortAlarm.timestamp.getHours();
549 | int min = snortAlarm.timestamp.getMinutes();
550 |
551 | double time = hour + ((double)min)/60.0;
552 | double x = (time * BOTTOM_AXIS_LENGTH_DIV_24) + LEFT_AXIS;
553 |
554 | Dot d1 = new Dot((float)x, (float)y, priority[snortAlarm.priority]);
555 |
556 | byte[] attacker = snortAlarm.srcip.getAddress();
557 |
558 | long subnet = (0x0FF & attacker[0]);
559 | subnet <<= 8;
560 | subnet |= (0x0FF & attacker[1]);
561 | subnet <<= 8;
562 | subnet |= (0x0FF & attacker[2]);
563 | subnet <<= 8;
564 | subnet |= (0x0FF & attacker[3]);
565 |
566 | //24 bit netmask
567 | subnet &= 0x0000000000FFFFFFL;
568 |
569 | double attackerY = SIDE_AXIS_LENGTH_DIV_NUM_SUBNET*((double)subnet) + BOTTOM_AXIS;
570 |
571 | Dot d2 = new Dot((float)RIGHT_AXIS, (float)attackerY, priority[snortAlarm.priority]);
572 |
573 | addLine(new Line((float)x, (float)RIGHT_AXIS, (float)y, (float)attackerY, VisualFirewall.FG_COLOR));
574 |
575 | Dot d3 = null;
576 | //////////////experimental: draw lines to victim too //////////////////////////////////
577 | if(EXPERIMENTAL)
578 | {
579 | byte[] victim = snortAlarm.dstip.getAddress();
580 |
581 | subnet = (0x0FF & victim[0]);
582 | subnet <<= 8;
583 | subnet |= (0x0FF & victim[1]);
584 | subnet <<= 8;
585 | subnet |= (0x0FF & victim[2]);
586 | subnet <<= 8;
587 | subnet |= (0x0FF & victim[3]);
588 |
589 | //subnet netmask
590 | subnet &= 0x00000000000000FFL;
591 |
592 | double victimX = LEFT_AXIS + BOTTOM_AXIS_LENGTH*((double)subnet)/ 255.0;
593 |
594 | d3 = new Dot((float)victimX, (float)TOP_AXIS, priority[snortAlarm.priority]);
595 | addLine(new Line((float)x, (float)victimX, (float)y, (float)TOP_AXIS, Color.red));
596 | }
597 | ////////////////////////////////////////////////////////////////////////////////////
598 |
599 | synchronized(dotsSet)
600 | {
601 | dotsSet.add(d1);
602 | dotsSet.add(d2);
603 |
604 | if(EXPERIMENTAL && d3 != null)
605 | dotsSet.add(d3);
606 | }
607 |
608 | }
609 |
610 |
611 | }
612 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/Line.java:
--------------------------------------------------------------------------------
1 | package edu.gatech.csc.visualfirewall.view;
2 |
3 | import java.awt.Color;
4 |
5 | class Line
6 | {
7 | public int x1;
8 | public int x2;
9 |
10 | public int y1;
11 | public int y2;
12 |
13 | // default TCP color
14 | Color color = Color.GREEN;
15 |
16 | public long age;
17 |
18 | public Line(float x1, float x2, float y1, float y2)
19 | {
20 | this.x1 = (int)x1;
21 | this.x2 = (int)x2;
22 | this.y1 = (int)y1;
23 | this.y2 = (int)y2;
24 | this.age = System.currentTimeMillis();
25 | }
26 |
27 | public Line(float x1, float x2, float y1, float y2, Color color)
28 | {
29 | this(x1, x2, y1, y2);
30 | this.color = color;
31 | }
32 |
33 | public String toString()
34 | {
35 | return "("+x1+","+y1+"), ("+x2+","+y2+"), "+color+ ", "+age;
36 | }
37 |
38 | /**
39 | * @return Returns the color.
40 | */
41 | public Color getColor() {
42 | return color;
43 | }
44 | /**
45 | * @param color The color to set.
46 | */
47 | public void setColor(Color color) {
48 | this.color = color;
49 | }
50 | /**
51 | * @return Returns the x1.
52 | */
53 | public float getX1() {
54 | return x1;
55 | }
56 | /**
57 | * @param x1 The x1 to set.
58 | */
59 | public void setX1(float x1) {
60 | this.x1 = (int)x1;
61 | }
62 | /**
63 | * @return Returns the x2.
64 | */
65 | public float getX2() {
66 | return x2;
67 | }
68 | /**
69 | * @param x2 The x2 to set.
70 | */
71 | public void setX2(float x2) {
72 | this.x2 = (int)x2;
73 | }
74 | /**
75 | * @return Returns the y1.
76 | */
77 | public float getY1() {
78 | return y1;
79 | }
80 | /**
81 | * @param y1 The y1 to set.
82 | */
83 | public void setY1(float y1) {
84 | this.y1 = (int)y1;
85 | }
86 | /**
87 | * @return Returns the y2.
88 | */
89 | public float getY2() {
90 | return y2;
91 | }
92 | /**
93 | * @param y2 The y2 to set.
94 | */
95 | public void setY2(float y2) {
96 | this.y2 = (int)y2;
97 | }
98 |
99 | public void setAge(long age) {
100 | this.age = age;
101 | }
102 |
103 | public boolean equals(Object line)
104 | {
105 | if(line.getClass().equals(this.getClass()) )
106 | {
107 | Line l = (Line)line;
108 |
109 | if(l.x1 == x1 && l.x2 == x2 && l.y1 == y1 && l.y2 == y2 )
110 | return true;
111 | }
112 |
113 | return false;
114 |
115 | }
116 |
117 | public static void main(String[] args)
118 | {
119 | Line l1 = new Line(1,2,3,4);
120 | int x = 1;
121 |
122 | Line l2 = new Line(1,2,3,4);
123 |
124 | if(l1.equals(l2))
125 | {
126 | System.out.println("l1 == l2");
127 | }
128 | else
129 | System.out.println("l1 != l2");
130 |
131 | }
132 |
133 | }
134 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/LineComparator.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 23, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.util.Comparator;
10 |
11 | /**
12 | * @author trost
13 | *
14 | * TODO To change the template for this generated type comment go to
15 | * Window - Preferences - Java - Code Style - Code Templates
16 | */
17 | public class LineComparator implements Comparator {
18 |
19 | /**
20 | *
21 | */
22 | public LineComparator() {
23 | super();
24 | // TODO Auto-generated constructor stub
25 | }
26 |
27 | /* (non-Javadoc)
28 | * @see java.util.Comparator#compare(java.lang.Object, java.lang.Object)
29 | */
30 | public int compare(Object o1, Object o2)
31 | {
32 | Line line1 = (Line)o1;
33 | Line line2 = (Line)o2;
34 |
35 | if(line1.equals(line2))
36 | return 0;
37 |
38 | if(line1.age > line2.age)
39 | return 1;
40 | else if(line1.age < line2.age)
41 | return -1;
42 | else
43 | {
44 | if(line1.x1 < line2.x2)
45 | return 1;
46 | else if(line1.x1 > line2.x2)
47 | return -1;
48 | else
49 | {
50 | if(line1.y1 < line2.y2)
51 | return 1;
52 | else if(line1.y1 > line2.y2)
53 | return -1;
54 | else
55 | {
56 | return 0;
57 | }
58 | }
59 | }
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/PongBall.java:
--------------------------------------------------------------------------------
1 | package edu.gatech.csc.visualfirewall.view;
2 |
3 | import java.awt.*;
4 |
5 | /**
6 | * @author nic(k)
7 | *
8 | * TODO To change the template for this generated type comment go to
9 | * Window - Preferences - Java - Code Style - Code Templates
10 | */
11 | public class PongBall extends Object{
12 |
13 |
14 |
15 | //ip addr of them (not host)
16 | protected String ipaddr;
17 |
18 | //port num
19 | protected int srcPort, dstPort;
20 |
21 | //direction of traffic
22 | protected boolean incoming = false;
23 |
24 | //to explode or not ;)
25 | protected boolean explode = false;
26 |
27 | //vectors of motion
28 | protected double xV, yV;
29 |
30 | //pixel coord
31 | protected float x,y;
32 |
33 | //pixel coordinates for origin and end points
34 | public double xOrigin, yOrigin, xEnd, yEnd;
35 |
36 | //pixel speed
37 | public static float velocity;
38 |
39 | float slope, lineOffset;
40 |
41 | protected float red, green, blue;
42 |
43 | public float textRed, textGreen, textBlue;
44 |
45 | public boolean reflecting, movingLeft, drawCircle;
46 |
47 | public int bounceCounter = 2;
48 |
49 | public Color textColor;
50 |
51 | public boolean isUDP = false;
52 | public boolean isTCP = false;
53 | public boolean isICMP = false;
54 |
55 | public short type, code;
56 |
57 | protected double ballRadius = 25;
58 |
59 | public PongBall (float xV, float yV){
60 | this.xV = xV;
61 | this.yV = yV;
62 |
63 | x = 0;
64 | y = 0;
65 |
66 | red = 0.5f;
67 | green = 0.5f;
68 | blue = 0.5f;
69 |
70 | velocity = 1000f;
71 |
72 | }
73 |
74 |
75 |
76 | public double getXV() {
77 | return xV;
78 | }
79 |
80 | public double getYV() {
81 | return yV;
82 | }
83 |
84 | public void setVector(double xO, double yO, double xE, double yE) {
85 | this.xOrigin = xO;
86 | this.yOrigin = yO;
87 |
88 | this.xEnd = xE;
89 | this.yEnd = yE;
90 |
91 | //change later?
92 | x = (float) xO;
93 | y = (float) yO;
94 |
95 | this.xV = xE - xO;
96 | this.yV = yE - yO;
97 |
98 | slope = (float) yV / (float) xV;
99 | lineOffset = y - slope*x;
100 |
101 | }
102 |
103 |
104 | /*
105 | * used to reflect ball
106 | */
107 | public void reflectVectorSlope() {
108 | double oldxO, oldyO;
109 |
110 | //origin is now the end point
111 | oldxO = xOrigin;
112 | oldyO = yOrigin;
113 | xOrigin = xEnd;
114 | yOrigin = yEnd;
115 |
116 | //switch new x end
117 | xEnd = oldxO;
118 |
119 | //new y end
120 | yEnd = yEnd*2 - oldyO;
121 |
122 | x = (float) xOrigin;
123 | y = (float) yOrigin;
124 |
125 | this.xV = xEnd - xOrigin;
126 | this.yV = yEnd - yOrigin;
127 |
128 | slope = (float) yV / (float) xV;
129 | lineOffset = y - slope*x;
130 |
131 | this.reflecting = true;
132 | this.movingLeft = !movingLeft;
133 |
134 | bounceCounter--;
135 |
136 | }
137 |
138 |
139 | public void setXYcoord(float x, float y){
140 | this.x = x;
141 | this.y = y;
142 | }
143 |
144 | public float getXcoord(){
145 | return x;
146 | }
147 |
148 | public float getYcoord(){
149 | return y;
150 | }
151 |
152 | public float getRed() {
153 | return red;
154 | }
155 | public float getGreen() {
156 | return green;
157 | }
158 | public float getBlue() {
159 | return blue;
160 | }
161 |
162 | public void setColor(float red, float green, float blue){
163 | this.red = red;
164 | this.green = green;
165 | this.blue = blue;
166 | }
167 |
168 | /*
169 | * converts an AWT Color to the RGB floats that JOGL likes
170 | */
171 | public void setTextColor(Color c){
172 | textRed = c.getRed() / 255f;
173 | textGreen = c.getGreen() / 255f;
174 | textBlue = c.getBlue() / 255f;
175 | }
176 |
177 | public void setVelocity(float vel){
178 | velocity = vel;
179 | }
180 |
181 | public float getVelocity(){
182 | return velocity;
183 | }
184 |
185 | public double getRadius(){
186 | return ballRadius;
187 | }
188 |
189 | public void setRadius(double newRadius){
190 | ballRadius = newRadius;
191 | }
192 |
193 |
194 | public void setRejected(boolean yesNo){
195 | explode = yesNo;
196 | }
197 |
198 | public boolean isRejected(){
199 | return explode;
200 | }
201 |
202 | public void setIncoming(boolean yesNo){
203 |
204 | incoming = yesNo;
205 |
206 | if(incoming){
207 | drawCircle = true;
208 | movingLeft = true;
209 | }
210 | else{
211 | drawCircle = false;
212 | movingLeft = false;
213 | }
214 |
215 | reflecting = false;
216 | }
217 |
218 | public boolean isIncoming(){
219 | return incoming;
220 | }
221 |
222 | public void setIPPorts(String ip, int src, int dst){
223 | ipaddr = ip;
224 | srcPort = src;
225 | dstPort = dst;
226 | }
227 |
228 | public int getSrcPort(){
229 | return srcPort;
230 | }
231 |
232 | public int getDstPort(){
233 | return dstPort;
234 | }
235 |
236 |
237 | public String getIPAddr(){
238 | return ipaddr;
239 | }
240 |
241 | }//end class
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/PongView.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.Color;
10 | import java.awt.Rectangle;
11 | import java.awt.event.KeyEvent;
12 | import java.awt.event.KeyListener;
13 | import java.net.Inet4Address;
14 | import java.net.InetAddress;
15 | import java.util.HashMap;
16 | import java.util.LinkedList;
17 | import java.util.ListIterator;
18 | import java.util.Random;
19 |
20 | import javax.media.opengl.GL;
21 | import javax.media.opengl.GLAutoDrawable;
22 | import javax.media.opengl.GLCanvas;
23 | import javax.media.opengl.GLCapabilities;
24 | import javax.media.opengl.GLDrawable;
25 | import javax.media.opengl.GLEventListener;
26 | import javax.media.opengl.glu.GLU;
27 |
28 | import com.sun.opengl.util.GLUT;
29 |
30 | import edu.gatech.csc.visualfirewall.VisualFirewall;
31 | import edu.gatech.csc.visualfirewall.data.ICMPPacket;
32 | import edu.gatech.csc.visualfirewall.data.IPTableResult;
33 | import edu.gatech.csc.visualfirewall.data.TCPPacket;
34 | import edu.gatech.csc.visualfirewall.data.UDPPacket;
35 |
36 |
37 |
38 | /**
39 | * @author chris, nic(k), jason
40 | * Mar 31, 2005
41 | * PongView
42 | */
43 | public class PongView extends AbstractView implements GLEventListener, KeyListener {
44 |
45 | boolean DEBUG = false;
46 | boolean DEBUG2 = false;
47 |
48 | final int MAX_BALLS = 5000;
49 |
50 |
51 | /* color swatch */
52 | Random rand = new Random();
53 |
54 | int colorArrayCount = 0;
55 | double[][] colorArray =
56 | {{30.0/255.0,144/255.0,1}, {143/255.0,188/255.0,143/255.0}, { 255/255.0,255.0/255.0,0}, { 188/255.0,143/255.0,143/255.0 }, { 255/255.0,127/255.0,80/255.0 },{ 219/255.0,112/255.0,147/255.0},
57 | {0,191/255.0,1}, {46/255.0,139/255.0,87/255.0}, { 255.0/255.0,215/255.0,0}, { 205/255.0,92/255.0,92/255.0 }, { 240/255.0,128/255.0,128/255.0 }, { 199/255.0,21/255.0,133/255.0},
58 | {135/255.0,206/255.0,250/255.0}, {60/255.0,179/255.0,113/255.0}, { 238/255.0,221/255.0,130/255.0}, { 139/255.0,69/255.0,19/255.0 }, { 255/255.0,99/255.0,71/255.0 }, { 208/255.0,32/255.0,144/255.0 },
59 | {135/255.0,206/255.0,250/255.0}, {32/255.0,178/255.0,170/255.0}, { 218/255.0,165/255.0,32/255.0}, { 160/255.0,82/255.0,45/255.0 }, { 255/255.0,69/255.0,0 }, { 238/255.0,130/255.0,238/255.0 },
60 | {70/255.0,130/255.0,180/255.0}, {152/255.0,251/255.0,152/255.0}, { 184/255.0,134/255.0,11/255.0}, { 205/255.0,133/255.0,63/255.0 },{ 154/255.0, 1.0, 154/255.0}, { 176/255.0,48/255.0,96/255.0}};
61 |
62 | //ICMP traffic count values: echo/reply, dest unreach(net, host, proto, port), 11=timeout, other
63 | protected int ICMP_IN[] = {0,0,0,0,0,0,0};
64 | protected int ICMP_OUT[] = {0,0,0,0,0,0,0};
65 | protected int ICMP_ARRAY_SIZE = ICMP_IN.length;
66 | protected int ICMP_IN_TOTAL = 0;
67 | protected int ICMP_OUT_TOTAL = 0;
68 | //pie chart locale
69 | protected final int ICMP_RADIUS = 80;
70 | protected float ICMP_X = worldWindowRect.width*0.57f;
71 | protected float ICMP_Y = worldWindowRect.height*0.02f;
72 |
73 | protected final float UDP_INNER_WIDTH = 0.9f;
74 |
75 | final int OFFSET = 0;
76 | protected final int LEFT_WALL_X = 360;
77 | protected final int R_OFFSET = worldWindowRect.width - 550;
78 | protected final int WALL_HEIGHT = worldWindowRect.height - OFFSET;
79 | protected final int WALL_BOTTOM = OFFSET;
80 |
81 | protected static final double TWO_PI = 2 * Math.PI;
82 | protected static final double ARC_SEGMENT = TWO_PI / 9; // how many circle outline points
83 | protected static double ICMP_ARC_SEG = TWO_PI / 360; // how many circle outline points
84 |
85 | protected static final long NUM_ADDR = 4294967295L;
86 | protected static final double CUBE_ROOT_65535 = Math.pow(65535, 0.3333333);
87 |
88 | //ftp = 21, ssh = 22, http = 80, https = 443
89 | protected static final String[] OPEN_PORTS = {"21", "ftp", "22", "ssh", "80", "http", "443", "https"};
90 | protected static final int OPEN_PORT_SPACING = 35;
91 | protected static final int OPEN_PORT_OFFSET = 200;
92 | protected static int[] OPEN_PORTS_X_OFFSETS = new int[OPEN_PORTS.length];
93 | protected static int[] OPEN_PORTS_Y_OFFSETS = new int[OPEN_PORTS.length];
94 |
95 | protected static final int[] MARKED_PORTS = {10, 80, 150, 500, 1000, 5000, 10000, 50000};
96 | protected static int[] MARKED_PORTS_X_OFFSETS = new int[MARKED_PORTS.length];
97 | protected static int[] MARKED_PORTS_Y_OFFSETS = new int[MARKED_PORTS.length];
98 |
99 | protected static final double[] TICK_MARKS = new double[8];
100 |
101 | public static final float[] BG_RGB = VisualFirewall.BG_COLOR.getColorComponents(null);
102 | public static final float[] AXIS_RGB = VisualFirewall.FG_COLOR.getColorComponents(null);
103 |
104 | //protected final double FPS = 30.0;
105 | //protected final int MS_PER_FRAME = (int) Math.round (1000.0 / FPS);
106 |
107 | protected long lastUpdateTime;
108 |
109 | HashMap addrColorMap = new HashMap(MAX_BALLS);
110 |
111 | LinkedList activeBalls = new LinkedList();
112 | LinkedList inActiveBalls = new LinkedList();
113 |
114 |
115 | public PongView( Rectangle worldRect ) {
116 | super(worldRect);
117 |
118 | lastUpdateTime = System.currentTimeMillis();
119 |
120 | if(DEBUG)System.out.println("PongView: PongView() called");
121 | //setWorldWindowRect(worldWindowRect);
122 | //setWorldWindowChanged(false);
123 |
124 | // get a GLCanvas
125 | GLCapabilities capabilities = new GLCapabilities();
126 | setCanvas(new GLCanvas());
127 | // add a GLEventListener, which will get called when the
128 | // canvas is resized or needs a repaint
129 | getGLCanvas().addGLEventListener(this);
130 |
131 | // instantiate inActive list
132 |
133 | for(int i = 0; i < MAX_BALLS; i++)
134 | inActiveBalls.add(new PongBall(0,0));
135 |
136 | //add key listener
137 | getGLCanvas().addKeyListener(this);
138 |
139 | }
140 |
141 | public void init(GLAutoDrawable drawable) {
142 |
143 | if(DEBUG)System.out.println("PongView: init() called");
144 |
145 | //System.out.println ("init()");
146 |
147 | GL gl = getGLCanvas().getGL();
148 | GLUT glut = new GLUT();
149 |
150 | //Y axis tick marks
151 | for(int i = 0; i < MARKED_PORTS.length; i++)
152 | TICK_MARKS[i] = worldWindowRect.height - OFFSET - OPEN_PORT_OFFSET -
153 | ( worldWindowRect.height - OFFSET*2 - OPEN_PORT_OFFSET)
154 | *(Math.pow(MARKED_PORTS[i], 0.333) / CUBE_ROOT_65535);
155 |
156 | // set erase color 20% GREY
157 | gl.glClearColor(BG_RGB[0], BG_RGB[1], BG_RGB[2],1);
158 |
159 | for(int i = 1; i < OPEN_PORTS.length; i=i+2){
160 | int width = glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, OPEN_PORTS[i] );
161 | OPEN_PORTS_X_OFFSETS[i] = LEFT_WALL_X - 35 - (width*5);
162 | OPEN_PORTS_Y_OFFSETS[i] = worldWindowRect.height - OFFSET - i*OPEN_PORT_SPACING;
163 | }
164 |
165 | //draw numbers
166 | for(int i = 0; i < MARKED_PORTS.length; i++){
167 | String port = (new Integer(MARKED_PORTS[i]) ).toString();
168 | int width = glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, port );
169 | MARKED_PORTS_X_OFFSETS[i] = LEFT_WALL_X - 35 - (width*5);
170 | MARKED_PORTS_Y_OFFSETS[i] = (int)(worldWindowRect.height - OFFSET - OPEN_PORT_OFFSET -
171 | ( worldWindowRect.height - OFFSET*2 - OPEN_PORT_OFFSET)
172 | *(Math.pow(MARKED_PORTS[i], 0.333) / CUBE_ROOT_65535));
173 | }
174 |
175 | // This is supposed to optimize repeatedly drawn graphics. See
176 | // http://fly.cc.fer.hr/~unreal/theredbook/chapter04.html for more info.
177 | gl.glNewList(1, GL.GL_COMPILE);
178 | drawStaticGraphics(gl, glut);
179 | gl.glEndList();
180 |
181 | }
182 |
183 | public void display(GLAutoDrawable drawable)
184 | {
185 | if(DEBUG)System.out.println("PongView: display() called");
186 |
187 | long inTime = System.currentTimeMillis();
188 |
189 | // System.out.println ("display()");
190 |
191 | GL gl = getGLCanvas().getGL();
192 | GLU glu = new GLU();
193 |
194 | // is there a pending world window change?
195 | if (worldWindowChanged)
196 | resetWorldWindow(gl, glu);
197 |
198 | //calls gl compiled drawStaticGraphics
199 | gl.glCallList(1);
200 |
201 | drawICMPChart(gl);
202 |
203 | GLUT glut = new GLUT();
204 |
205 | //update and draw every ball
206 | updateDisplaySimul(gl, glut);
207 | }
208 |
209 | /*
210 | * (non-Javadoc)
211 | *
212 | * @see net.java.games.jogl.GLEventListener#reshape(net.java.games.jogl.GLDrawable,
213 | * int, int, int, int)
214 | */
215 | public void reshape(GLAutoDrawable drawable, int x, int y, int width, int height) {
216 |
217 | if(DEBUG)System.out.println("PongView: reshape() called");
218 |
219 | GL gl = getGLCanvas().getGL();
220 | GLU glu = new GLU();
221 |
222 | // save size for viewport reset
223 | viewportWidth = width;
224 | viewportHeight = height;
225 |
226 | resetWorldWindow(gl, glu);
227 | }
228 |
229 | /*
230 | * in display list for optimization:
231 | * statically (repeatedly) drawn axises, text, hash marks
232 | */
233 | public void drawStaticGraphics(GL gl, GLUT glut){
234 | // load identity matrix
235 | gl.glMatrixMode(GL.GL_MODELVIEW);
236 | gl.glLoadIdentity();
237 |
238 | // clear screen
239 | gl.glClear(GL.GL_COLOR_BUFFER_BIT);
240 |
241 | // draw the barriers
242 | gl.glColor3f(AXIS_RGB[0], AXIS_RGB[1], AXIS_RGB[2]);
243 | gl.glBegin(GL.GL_LINES);
244 | gl.glVertex2f(LEFT_WALL_X, OFFSET);
245 | gl.glVertex2f(LEFT_WALL_X, worldWindowRect.height - OFFSET);
246 | gl.glVertex2f(R_OFFSET, OFFSET);
247 | gl.glVertex2f(R_OFFSET, worldWindowRect.height - OFFSET);
248 | gl.glEnd();
249 |
250 | //draw hashes on barriers
251 | double height;
252 | gl.glColor3f(AXIS_RGB[0], AXIS_RGB[1], AXIS_RGB[2]);
253 | gl.glBegin(GL.GL_LINES);
254 | for(int i = 0; i < TICK_MARKS.length; i++){
255 | //System.out.println("["+i+"] "+"tick mark y pixel: "+TICK_MARKS[i]);
256 | gl.glVertex2f(LEFT_WALL_X-10, (float)TICK_MARKS[i]);
257 | gl.glVertex2f(LEFT_WALL_X+10, (float)TICK_MARKS[i]);
258 | }
259 | gl.glEnd();
260 |
261 |
262 | if(isMaximized){
263 | // draw open ports
264 | for(int i = 1; i < OPEN_PORTS.length; i=i+2){
265 | int width = glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, OPEN_PORTS[i] );
266 | gl.glRasterPos2f(OPEN_PORTS_X_OFFSETS[i], OPEN_PORTS_Y_OFFSETS[i]);
267 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, OPEN_PORTS[i]);
268 |
269 | //hashes
270 | gl.glBegin(GL.GL_LINES);
271 | gl.glVertex2f(LEFT_WALL_X-10, worldWindowRect.height - OFFSET - i*OPEN_PORT_SPACING);
272 | gl.glVertex2f(LEFT_WALL_X+10, worldWindowRect.height - OFFSET - i*OPEN_PORT_SPACING);
273 | gl.glEnd();
274 |
275 | //System.out.println("i-1: "+ i);
276 | }
277 |
278 | //draw numbers
279 | for(int i = 0; i < MARKED_PORTS.length; i++){
280 | String port = (new Integer(MARKED_PORTS[i]) ).toString();
281 | gl.glRasterPos2f(MARKED_PORTS_X_OFFSETS[i], MARKED_PORTS_Y_OFFSETS[i]);
282 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, port);
283 | }
284 |
285 |
286 | gl.glRasterPos2f(worldWindowRect.width*0.51f, worldWindowRect.height*0.05f);
287 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "ICMP");
288 | gl.glRasterPos2f(worldWindowRect.width*0.52f, worldWindowRect.height*0.03f);
289 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "IN");
290 |
291 | gl.glRasterPos2f(worldWindowRect.width*0.65f, worldWindowRect.height*0.05f);
292 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "ICMP");
293 | gl.glRasterPos2f(worldWindowRect.width*0.655f, worldWindowRect.height*0.03f);
294 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "OUT");
295 |
296 | /*
297 | gl.glRasterPos2f(worldWindowRect.width*0.095f, worldWindowRect.height-10);
298 | glut.glutBitmapString(gl, GLUT.BITMAP_HELVETICA_10, "0");
299 |
300 | gl.glRasterPos2f(worldWindowRect.width*0.084f, worldWindowRect.height*0.08f);
301 | glut.glutBitmapString(gl, GLUT.BITMAP_HELVETICA_10, "65535");
302 | */
303 |
304 | gl.glRasterPos2f(R_OFFSET+30, worldWindowRect.height-40);
305 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "0.0.0.0");
306 |
307 | gl.glRasterPos2f(R_OFFSET+30, 40);
308 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "255.255.255.255");
309 | }
310 | }
311 |
312 | /*
313 | * draws the ICMP chart
314 | */
315 | public void drawICMPChart(GL gl){
316 |
317 | //center of circle
318 | float cx = ICMP_X + ICMP_RADIUS;
319 | float cy = ICMP_Y + ICMP_RADIUS;
320 | float x,y;
321 | double curAngle, stopAngle;
322 |
323 | //incoming ICMP
324 | curAngle = 0;
325 | gl.glBegin (GL.GL_POLYGON);
326 | gl.glVertex2f(cx,cy);
327 | for(int i = 0; i < ICMP_ARRAY_SIZE; i++){
328 |
329 | if(ICMP_IN_TOTAL!=0)
330 | stopAngle = curAngle + ((float) ICMP_IN[i] / (float)ICMP_IN_TOTAL)*TWO_PI;
331 | else{
332 | stopAngle = curAngle + TWO_PI;
333 | i = 6;
334 | }
335 |
336 | while(curAngle <= stopAngle){
337 | x = (float) (cx + (Math.sin(curAngle) * ICMP_RADIUS));
338 | y = (float) (cy + (Math.cos(curAngle) * ICMP_RADIUS));
339 |
340 | switch(i){
341 | case 0:
342 | gl.glColor3f(1, 0, 0);
343 | break;
344 | case 1:
345 | gl.glColor3f(0, 1, 0);
346 | break;
347 | case 2:
348 | gl.glColor3f(0, 0, 1);
349 | break;
350 | case 3:
351 | gl.glColor3f(1, 1, 0);
352 | break;
353 | case 4:
354 | gl.glColor3f(0, 1, 1);
355 | break;
356 | case 5:
357 | gl.glColor3f(1, 0, 1);
358 | break;
359 | case 6:
360 | gl.glColor3f(1, 1, 1);
361 | break;
362 | default:
363 | gl.glColor3f(0.5f, 0.5f, 0.5f);
364 | break;
365 | }
366 |
367 | gl.glVertex2f(x,y);
368 | //System.out.println("ICMP IN ("+x+","+y+")");
369 |
370 | curAngle = curAngle + ICMP_ARC_SEG;
371 | }
372 | }
373 | gl.glEnd();
374 |
375 | //outgoing ICMP
376 | curAngle = 0;
377 | cx += 400;
378 | gl.glBegin (GL.GL_POLYGON);
379 | gl.glVertex2f(cx,cy);
380 | for(int i = 0; i < ICMP_ARRAY_SIZE; i++){
381 |
382 | if(ICMP_OUT_TOTAL != 0)
383 | stopAngle = curAngle + ((float) ICMP_OUT[i] / (float)ICMP_OUT_TOTAL)*TWO_PI;
384 | else{
385 | stopAngle = curAngle + TWO_PI;
386 | i = 6;
387 | }
388 |
389 | //System.out.println("cur: "+curAngle+ " stop: "+stopAngle);
390 | while(curAngle <= stopAngle){
391 | x = (float) (cx + (Math.sin(curAngle) * ICMP_RADIUS));
392 | y = (float) (cy + (Math.cos(curAngle) * ICMP_RADIUS));
393 |
394 | switch(i){
395 | case 0:
396 | gl.glColor3f(1, 0, 0);
397 | break;
398 | case 1:
399 | gl.glColor3f(0, 1, 0);
400 | break;
401 | case 2:
402 | gl.glColor3f(0, 0, 1);
403 | break;
404 | case 3:
405 | gl.glColor3f(1, 1, 0);
406 | break;
407 | case 4:
408 | gl.glColor3f(0, 1, 1);
409 | break;
410 | case 5:
411 | gl.glColor3f(1, 0, 1);
412 | break;
413 | case 6:
414 | gl.glColor3f(1, 1, 1);
415 | break;
416 | default:
417 | gl.glColor3f(0.5f, 0.5f, 0.5f);
418 | break;
419 | }
420 | gl.glVertex2f(x,y);
421 | curAngle = curAngle + ICMP_ARC_SEG;
422 | }
423 | }
424 | gl.glEnd();
425 |
426 |
427 | }
428 |
429 |
430 | /*
431 | * update and display each packet
432 | */
433 | public void updateDisplaySimul(GL gl, GLUT glut){
434 |
435 | // calculate elapsed time since last update
436 | long elapsed = System.currentTimeMillis() - lastUpdateTime;
437 | // System.out.println ("elapsed ms = " + elapsed);
438 | double elapsedSec = elapsed / 1000d;
439 |
440 | PongBall ball;
441 | float newX, newY;
442 |
443 | //color from IP mapping
444 | double color[];
445 |
446 |
447 | synchronized(activeBalls){
448 | for(ListIterator li = activeBalls.listIterator(); li.hasNext();){
449 | ball = (PongBall) li.next();
450 |
451 |
452 | // update ball location
453 | if(ball.movingLeft)
454 | newX = ball.getXcoord() - (float) (ball.getVelocity() * elapsedSec);
455 | else //moving right
456 | newX = ball.getXcoord() + (float) (ball.getVelocity() * elapsedSec);
457 | newY = ball.slope * newX + ball.lineOffset;
458 | ball.setXYcoord(newX, newY);
459 |
460 | //collision detection on top / bottom for bouncing balls
461 | if( ball.reflecting &&
462 | ( (ball.bounceCounter == 0)
463 | || (ball.getYcoord() >= worldWindowRect.height)
464 | || (ball.getYcoord() <= ball.getRadius())
465 | || (ball.getYcoord() <= ball.getRadius())
466 | || (ball.movingLeft && ball.getXcoord() <= (R_OFFSET + LEFT_WALL_X)/2)
467 | || (!ball.movingLeft && ball.getXcoord() >= (R_OFFSET + LEFT_WALL_X)/2) ) )
468 | {
469 | //tired of bouncing
470 | if(DEBUG2) System.out.println("Deactivating ball: tired of bouncing");
471 | inActiveBalls.add(ball);
472 | li.remove();
473 | }
474 | //collision on left / right axises
475 | else if(ball.isRejected() &&
476 | ((ball.movingLeft && ball.getXcoord() <= ball.xEnd)
477 | || (!ball.movingLeft && ball.getXcoord() >= ball.xEnd)) ){
478 |
479 | //firewall rules
480 | //bounce the ball
481 | ball.setColor(0.5f, 0.5f, 0.5f);
482 | ball.reflectVectorSlope();
483 | }
484 | // pass through
485 | else if( (ball.movingLeft && ball.getXcoord() <= LEFT_WALL_X - 200)
486 | || (!ball.movingLeft && ball.getXcoord() >= R_OFFSET + 200) )
487 | {
488 | if(DEBUG2) System.out.println("Deactivating ball: out of bounds");
489 | inActiveBalls.add(ball);
490 | li.remove();
491 | }
492 | //display the ball
493 | else{
494 | if(DEBUG2) System.out.println("Drawing my ball");
495 | //display ball
496 | if(ball.drawCircle){
497 | //draw circle
498 | double radius = ball.getRadius();
499 | double cx = ball.getXcoord() + radius;
500 | double cy = ball.getYcoord() + radius;
501 |
502 | //System.out.println ("drawCircle at " + cx + "," + cy);
503 | float x, y;
504 |
505 | gl.glBegin (GL.GL_POLYGON);
506 | if(ball.reflecting || ball.isUDP)
507 | gl.glColor4f(ball.getRed(), ball.getGreen(), ball.getBlue(),1);
508 | else
509 | gl.glColor4d(ball.textRed, ball.textGreen, ball.textBlue, 1);
510 | for (double theta = 0; theta < TWO_PI; theta += ARC_SEGMENT) {
511 | x = (float)(cx + (Math.sin(theta) * radius));
512 | y = (float)(cy + (Math.cos(theta) * radius));
513 | gl.glVertex2f(x,y);
514 | }//end for loop
515 | gl.glEnd();
516 |
517 | if(ball.isUDP && !ball.reflecting){
518 | double borderRadius = radius * UDP_INNER_WIDTH;
519 | gl.glBegin (GL.GL_POLYGON);
520 | for (double theta = 0; theta < TWO_PI; theta += ARC_SEGMENT) {
521 | //inner ball
522 | x = (float)(cx + (Math.sin(theta) * borderRadius));
523 | y = (float)(cy + (Math.cos(theta) * borderRadius));
524 | gl.glColor4d(ball.textRed, ball.textGreen, ball.textBlue, 1);
525 | gl.glVertex2f(x,y);
526 | }//end for loop
527 | gl.glEnd();
528 | }
529 | }
530 | else{
531 | //draw rectangle
532 | double radius = ball.getRadius();
533 | double ballX = ball.getXcoord();
534 | double ballY = ball.getYcoord();
535 |
536 | gl.glBegin (GL.GL_QUADS);
537 | if(ball.reflecting || ball.isUDP)
538 | gl.glColor4f(ball.getRed(), ball.getGreen(), ball.getBlue(),1);
539 | else
540 | gl.glColor4d(ball.textRed, ball.textGreen, ball.textBlue, 1);
541 | gl.glVertex2d(ballX + radius, ballY + radius);
542 | gl.glVertex2d(ballX + radius, ballY - radius);
543 | gl.glVertex2d(ballX - radius, ballY - radius);
544 | gl.glVertex2d(ballX - radius, ballY + radius);
545 | gl.glEnd();
546 |
547 | if(ball.isUDP && !ball.reflecting){
548 | double borderRadius = radius * UDP_INNER_WIDTH;
549 | //inner ball
550 | gl.glBegin(GL.GL_QUADS);
551 | gl.glColor4d(ball.textRed, ball.textGreen, ball.textBlue, 1);
552 | gl.glVertex2d(ballX + borderRadius, ballY + borderRadius);
553 | gl.glVertex2d(ballX + borderRadius, ballY - borderRadius);
554 | gl.glVertex2d(ballX - borderRadius, ballY - borderRadius);
555 | gl.glVertex2d(ballX - borderRadius, ballY + borderRadius);
556 | gl.glEnd();
557 | }
558 | }
559 |
560 | // display end string (port or IP:PORT) on top of balls
561 | if(!ball.reflecting){
562 |
563 | //colorize text yo
564 | //gl.glEnable(GL.GL_BLEND);
565 | gl.glColor4d(ball.textRed, ball.textGreen, ball.textBlue, 1);
566 | if(isMaximized){
567 | if(ball.isIncoming()){
568 | gl.glRasterPos2f(R_OFFSET, (float) ball.yOrigin);
569 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, ball.getIPAddr() + ":" + ball.getSrcPort());
570 | gl.glRasterPos2f(LEFT_WALL_X + 15, (float)ball.yEnd);
571 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, String.valueOf(ball.getDstPort()));
572 | }
573 | else{
574 | gl.glRasterPos2f(R_OFFSET, (float) ball.yEnd);
575 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, ball.getIPAddr() + ":" + ball.getDstPort());
576 | gl.glRasterPos2f(LEFT_WALL_X + 15, (float) ball.yOrigin);
577 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, String.valueOf(ball.getSrcPort()));
578 | }
579 | }
580 | }
581 | }
582 | }
583 | }//synchronized
584 |
585 | if(isMaximized){
586 | gl.glColor3d(0.118, 0.565, 1);
587 | gl.glRasterPos2f(worldWindowRect.width*0.21f, worldWindowRect.height*0.03f);
588 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "SPEED: "+ PongBall.velocity / 1000);
589 | }
590 | lastUpdateTime = System.currentTimeMillis();
591 | }
592 |
593 |
594 |
595 | public void displayChanged(GLAutoDrawable arg0, boolean arg1, boolean arg2) {
596 |
597 | if(DEBUG)System.out.println("PongView: displayChanged() called");
598 | // TODO Auto-generated method stub
599 |
600 | }
601 |
602 | /*
603 | * maps port # to pixel on left barrier
604 | */
605 | protected double mapPort(int port){
606 | for(int i = 0; i < OPEN_PORTS.length; i = i+2){
607 | if (OPEN_PORTS[i].equals(Integer.toString(port))){
608 | return worldWindowRect.height - OFFSET - (i+1)*OPEN_PORT_SPACING;
609 | }
610 | }
611 |
612 | return worldWindowRect.height - OFFSET - OPEN_PORT_OFFSET -
613 | ( worldWindowRect.height - OFFSET*2 - OPEN_PORT_OFFSET)*(Math.pow(port, 0.333) / CUBE_ROOT_65535);
614 | }
615 |
616 | /*
617 | * maps ip addr to pixel on right barrier
618 | */
619 | protected double mapIP(InetAddress ip){
620 |
621 | byte[] ipByte = ((Inet4Address) ip).getAddress();
622 |
623 | long addr = ((long)(((char)ipByte[0])&0xff)<<24) |
624 | ((long)(((char)ipByte[1])&0xff)<<16) |
625 | ((long)(((char)ipByte[2])&0xff)<<8) |
626 | (long)((char)ipByte[3])&0xff;
627 | addr &= 0x00000000ffffffff;
628 | //System.out.println( ip +" "+addr );
629 | //addr = NUM_ADDR/2;
630 | double tmp = worldWindowRect.height - OFFSET - ( worldWindowRect.height - OFFSET*2)*((double)addr / (double)NUM_ADDR);
631 | return tmp;
632 |
633 | }
634 |
635 | public void dispatchResult(IPTableResult ipTR)
636 | {
637 | //System.out.println("PongView: " + ipTR.toString() );
638 |
639 | PongBall ball = (PongBall) inActiveBalls.getFirst();
640 |
641 | if( ((Inet4Address) ipTR.packet.srcip).getHostAddress().equals(VisualFirewall.localIPAddr)){
642 | ball.setIncoming(false);
643 | }
644 | else if( ((Inet4Address) ipTR.packet.dstip).getHostAddress().equals(VisualFirewall.localIPAddr)){
645 | ball.setIncoming(true);
646 |
647 | }
648 | else{
649 | //System.out.println("Disregard packet...");
650 | return;
651 | }
652 |
653 |
654 |
655 | //check if accepted (enter) or rejected (explode)
656 | if(ipTR.accepted)
657 | ball.setRejected(false);
658 | else
659 | ball.setRejected(true);
660 |
661 |
662 | if(ipTR.packet.pdu != null)
663 | {
664 | if(ipTR.packet.length < 500)
665 | ball.setRadius(15);
666 | else
667 | ball.setRadius(Math.sqrt(ipTR.packet.length*0.645));
668 |
669 | //System.out.println("ip len: " +ipTR.packet.length);
670 | //System.out.println("radius: "+ball.getRadius());
671 |
672 | if(ipTR.packet.pdu.getClass() == TCPPacket.class){
673 |
674 | if (DEBUG) System.out.println("TCP PACKET!");
675 |
676 | TCPPacket tcp = (TCPPacket) ipTR.packet.pdu;
677 |
678 | //set color black
679 | ball.setColor(0,1,0);
680 |
681 | ball.isTCP = true;
682 | ball.isUDP = false;
683 | ball.isICMP = false;
684 |
685 | //set the vectors (end, begin) points for balls
686 | if(ball.isIncoming()){
687 | ball.setVector(R_OFFSET - ball.getRadius(), mapIP(ipTR.packet.srcip), LEFT_WALL_X + ball.getRadius(), mapPort(tcp.dstport));
688 | ball.setIPPorts(((Inet4Address) ipTR.packet.srcip).getHostAddress(), tcp.srcport, tcp.dstport);
689 | }
690 | else{
691 | ball.setVector(LEFT_WALL_X + ball.getRadius(), mapPort(tcp.srcport), R_OFFSET - ball.getRadius(), mapIP(ipTR.packet.dstip));
692 | ball.setIPPorts(((Inet4Address) ipTR.packet.dstip).getHostAddress(), tcp.srcport, tcp.dstport);
693 | }
694 |
695 | //ball.textColor = mapIPColor(ball.getIPAddr());
696 |
697 | }
698 | else if(ipTR.packet.pdu.getClass() == UDPPacket.class){
699 | if (DEBUG) System.out.println("UDP PACKET!");
700 |
701 | UDPPacket udp = (UDPPacket) ipTR.packet.pdu;
702 |
703 | //set color white
704 | ball.setColor(0.9f,0.9f,0.9f);
705 |
706 | ball.isUDP = true;
707 | ball.isTCP = false;
708 | ball.isICMP = false;
709 |
710 | if(ball.isIncoming()){
711 | ball.setVector(R_OFFSET - ball.getRadius(), mapIP(ipTR.packet.srcip), LEFT_WALL_X + ball.getRadius(), mapPort(udp.dstport));
712 | ball.setIPPorts(((Inet4Address) ipTR.packet.srcip).getHostAddress(), udp.srcport, udp.dstport);
713 | }
714 | else{
715 | ball.setVector(LEFT_WALL_X + ball.getRadius(), mapPort(udp.srcport), R_OFFSET - ball.getRadius(), mapIP(ipTR.packet.dstip));
716 | ball.setIPPorts(((Inet4Address) ipTR.packet.dstip).getHostAddress(), udp.dstport, udp.srcport);
717 | }
718 |
719 | }
720 | else if(ipTR.packet.pdu.getClass() == ICMPPacket.class){
721 | if (DEBUG) System.out.println("ICMP PACKET!");
722 |
723 | if(ball.isIncoming())
724 | ICMP_IN_TOTAL++;
725 | else
726 | ICMP_OUT_TOTAL++;
727 |
728 | ICMPPacket icmp = (ICMPPacket) ipTR.packet.pdu;
729 |
730 | ball.isTCP = false;
731 | ball.isUDP = false;
732 | ball.isICMP = true;
733 |
734 | if(icmp.type == 0 || icmp.type == 8){
735 | if(ball.isIncoming())
736 | ICMP_IN[0]++;
737 | else
738 | ICMP_OUT[0]++;
739 | }
740 | else if(icmp.type == 3){
741 | //codes!
742 | if(icmp.code == 0){
743 | //net unr
744 | if(ball.isIncoming())
745 | ICMP_IN[1]++;
746 | else
747 | ICMP_OUT[1]++;
748 | }
749 | else if(icmp.code == 1){
750 | //host unr
751 | if(ball.isIncoming())
752 | ICMP_IN[2]++;
753 | else
754 | ICMP_OUT[2]++;
755 | }
756 | else if(icmp.code == 2){
757 | //proto unr
758 | if(ball.isIncoming())
759 | ICMP_IN[3]++;
760 | else
761 | ICMP_OUT[3]++;
762 | }
763 | else if(icmp.code == 3){
764 | //port unr
765 | if(ball.isIncoming())
766 | ICMP_IN[4]++;
767 | else
768 | ICMP_OUT[4]++;
769 | }
770 | else{
771 | //don't care - consider other?
772 | if(ball.isIncoming())
773 | ICMP_IN[6]++;
774 | else
775 | ICMP_OUT[6]++;
776 | }
777 | }
778 | else if(icmp.type == 11){
779 | //time exceeded
780 | if(ball.isIncoming())
781 | ICMP_IN[5]++;
782 | else
783 | ICMP_OUT[5]++;
784 | }
785 | else{
786 | //other type, don't draw anything
787 | if(ball.isIncoming())
788 | ICMP_IN[6]++;
789 | else
790 | ICMP_OUT[6]++;
791 | }
792 |
793 | //System.out.println("type: "+icmp.type+" code: "+icmp.code);
794 | }
795 | else{
796 | System.out.println("JUST AN IP PACKET.");
797 | return;
798 | }
799 | }//END IP_TR IF
800 |
801 |
802 | //System.out.println("ICMP IN ("+ICMP_IN_TOTAL+") e:"+ICMP_IN[0]+" n: "+ICMP_IN[1]+" h: "+ICMP_IN[2]+" pr: "+ICMP_IN[3]+" pt: "+ICMP_IN[4]+" ex: "+ICMP_IN[5]+" ot: "+ICMP_IN[6]);
803 | //System.out.println("ICMP OUT ("+ICMP_OUT_TOTAL+") e:"+ICMP_OUT[0]+" n: "+ICMP_OUT[1]+" h: "+ICMP_OUT[2]+" pr: "+ICMP_OUT[3]+" pt: "+ICMP_OUT[4]+" ex: "+ICMP_OUT[5]+" ot: "+ICMP_IN[6]);
804 |
805 | //randomly choose IP color
806 | if(!addrColorMap.containsKey((String) ball.getIPAddr())){
807 |
808 | //Color c = new Color (rand.nextInt (255), rand.nextInt (255), rand.nextInt (255));
809 | Color c = new Color((float)colorArray[colorArrayCount][0], (float)colorArray[colorArrayCount][1], (float)colorArray[colorArrayCount][2]);
810 | ball.setTextColor(c);
811 | addrColorMap.put((String) ball.ipaddr, (Color) c);
812 |
813 | colorArrayCount++;
814 | colorArrayCount %= 30;
815 | }
816 | else
817 | ball.setTextColor((Color) addrColorMap.get((String) ball.getIPAddr()));
818 |
819 | //put it in a collection to be checked by display()
820 |
821 | synchronized(activeBalls){
822 | if(DEBUG) System.out.println("Adding new ball to queue");
823 | if(!ball.isICMP)
824 | activeBalls.add(inActiveBalls.removeFirst());
825 | //else
826 | //inActiveBalls.add(ball);
827 | }
828 |
829 | }//end dispatchResult()
830 |
831 |
832 | /*
833 | * Allows user to change the velocity of all balls
834 | */
835 | public void keyTyped(KeyEvent ke){
836 |
837 | // > 0 inc, stop at 5000
838 | // <
839 |
840 | if(ke.getKeyChar()=='a'){
841 | if(PongBall.velocity >= 0 && PongBall.velocity < 5000)
842 | PongBall.velocity += 500;
843 | }
844 | else if(ke.getKeyChar()=='s'){
845 | if(PongBall.velocity > 0 && PongBall.velocity <= 5000)
846 | PongBall.velocity -= 500;
847 | }
848 |
849 |
850 |
851 | }
852 |
853 | public void keyPressed(KeyEvent ke){
854 |
855 | }
856 |
857 | public void keyReleased(KeyEvent ke){
858 |
859 | }
860 |
861 |
862 | }//end class
863 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/StatisticsView.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import edu.gatech.csc.visualfirewall.VisualFirewall;
10 | import edu.gatech.csc.visualfirewall.data.*;
11 | import edu.gatech.csc.visualfirewall.data.listener.IPTableResultListener;
12 |
13 | import java.awt.BorderLayout;
14 | import java.awt.Dimension;
15 | import java.awt.Rectangle;
16 | import java.text.SimpleDateFormat;
17 | import java.util.Date;
18 | import java.util.Timer;
19 |
20 | import javax.swing.JPanel;
21 |
22 | import org.jfree.chart.ChartFactory;
23 | import org.jfree.chart.ChartPanel;
24 | import org.jfree.chart.JFreeChart;
25 | import org.jfree.chart.axis.DateAxis;
26 | import org.jfree.chart.plot.XYPlot;
27 | import org.jfree.data.time.Second;
28 | import org.jfree.data.time.TimeSeriesCollection;
29 | import org.jfree.data.time.TimeSeries;
30 |
31 | /**
32 | * @author chris Mar 31, 2005 StatisticsView
33 | */
34 | public class StatisticsView extends AbstractView implements
35 | IPTableResultListener {
36 | boolean DEBUG = false;
37 | static TimeSeriesCollection dataset;
38 | static TimeSeries[] series = new TimeSeries[3];
39 | static String category = "";
40 | Date currtimestamp = null;
41 | int throughput = 0, throughput_in = 0, throughput_out = 0;
42 | JPanel chartPanel;
43 |
44 | static final int UPDATE_PERIOD = 10;
45 |
46 | /**
47 | * @param arg0
48 | */
49 | public StatisticsView(Rectangle worldRect) {
50 | super(worldRect);
51 | setWorldWindowRect(worldWindowRect);
52 | dataset = createDataset();
53 |
54 | chart = createChart(dataset);
55 | chartPanel = (JPanel) new ChartPanel(chart);
56 | chartPanel.setPreferredSize(new Dimension(500, 500));
57 | //((ChartPanel) chartPanel).setVerticalZoom(false);
58 | //((ChartPanel) chartPanel).setHorizontalZoom(false);
59 |
60 | canvas = new JPanel(new BorderLayout());
61 | ((JPanel) canvas).add(chartPanel);
62 | Timer timer = new Timer();
63 | timer.schedule( new java.util.TimerTask() {
64 | public void run() {
65 | updateChart();
66 | }
67 | }, 10*1000, 10*1000 );
68 |
69 | setName("Statistics");
70 | }
71 |
72 | private static TimeSeriesCollection createDataset() {
73 | series[0] = new TimeSeries("Total Throughput (bytes/sec)", Second.class);
74 | series[1] = new TimeSeries("Incoming Throughput (bytes/sec)",
75 | Second.class);
76 | series[2] = new TimeSeries("Outgoing Throughput (bytes/sec)",
77 | Second.class);
78 | dataset = new TimeSeriesCollection();
79 | dataset.addSeries(series[0]);
80 | dataset.addSeries(series[1]);
81 | dataset.addSeries(series[2]);
82 | return dataset;
83 | }
84 |
85 | public void addMouseListener(VFW_MouseListener vfwML) {
86 | //System.out.println("Statistics: addMouseListener(VFW_MouseListener vfwML) called.");
87 | chartPanel.addMouseListener(vfwML);
88 | ((ChartPanel) chartPanel).addChartMouseListener(vfwML);
89 | }
90 |
91 | private static JFreeChart createChart(TimeSeriesCollection dataset) {
92 | // create the chart...
93 | JFreeChart chart = ChartFactory.createTimeSeriesChart(null, // chart
94 | // title
95 | "Time (sec)", // domain axis label
96 | "Throughput bytes/sec", // range axis label
97 | dataset, // data
98 | false, // include legend
99 | false, // tooltips?
100 | false // URLs?
101 | );
102 | // NOW DO SOME OPTIONAL CUSTOMISATION OF THE CHART...
103 | // set the background color for the chart...
104 |
105 | chart.setBackgroundPaint( VisualFirewall.BG_COLOR );
106 | chart.setBorderPaint( VisualFirewall.FG_COLOR );
107 | // OPTIONAL CUSTOMISATION COMPLETED.
108 | XYPlot plot = chart.getXYPlot();
109 | plot.setBackgroundPaint( VisualFirewall.BG_COLOR );
110 |
111 |
112 | plot.getRangeAxis().setLabelPaint( VisualFirewall.FG_COLOR );
113 | plot.getRangeAxis().setTickLabelPaint( VisualFirewall.FG_COLOR );
114 | DateAxis axis = (DateAxis) plot.getDomainAxis();
115 | axis.setLabelPaint( VisualFirewall.FG_COLOR );
116 | axis.setDateFormatOverride(new SimpleDateFormat("hh:mm:ss"));
117 | axis.setAutoRange(true);
118 | axis.setFixedAutoRange(3600000);
119 | axis.setTickLabelPaint( VisualFirewall.FG_COLOR );
120 | return chart;
121 | }
122 |
123 | public static JPanel createDemoPanel() {
124 | JFreeChart chart = createChart(createDataset());
125 | return new ChartPanel(chart);
126 | }
127 |
128 | /**
129 | * Returns a description of the demo.
130 | *
131 | * @return A description.
132 | */
133 | public static String getDemoDescription() {
134 | return "A time series chart.";
135 | }
136 |
137 | public void updateChart() {
138 | Second ts = new Second();
139 | series[0].add(ts, throughput/UPDATE_PERIOD);
140 | series[1].add(ts, throughput_in/UPDATE_PERIOD);
141 | series[2].add(ts, throughput_out/UPDATE_PERIOD);
142 | throughput = 0;
143 | throughput_in = 0;
144 | throughput_out = 0;
145 | }
146 |
147 | public void dispatchResult(IPTableResult ipTableResult) {
148 | /*
149 | if (currtimestamp == null)
150 | currtimestamp = ipTableResult.timestamp;
151 | if (ipTableResult.timestamp.compareTo(currtimestamp) > 10) {
152 | Second ts = new Second(currtimestamp);
153 | series[0].add(ts, throughput);
154 | series[1].add(ts, throughput_in);
155 | series[2].add(ts, throughput_out);
156 | currtimestamp = ipTableResult.timestamp;
157 | throughput = 0;
158 | throughput_in = 0;
159 | throughput_out = 0;
160 | }
161 | */
162 | throughput += ipTableResult.packet.length;
163 | if (ipTableResult.packet.srcip.equals(VisualFirewall.localInetAddress))
164 | throughput_out += ipTableResult.packet.length;
165 | else
166 | throughput_in += ipTableResult.packet.length;
167 | }
168 |
169 | public static void main(String[] args) {
170 | }
171 | }
172 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/VFW_MouseListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.*;
10 | import java.awt.event.MouseEvent;
11 | import java.awt.event.MouseListener;
12 |
13 | import org.jfree.chart.ChartMouseEvent;
14 | import org.jfree.chart.ChartMouseListener;
15 |
16 | import edu.gatech.csc.visualfirewall.VisualFirewall;
17 |
18 | import org.jfree.chart.JFreeChart;
19 |
20 | /**
21 | * @author chris
22 | * Mar 31, 2005
23 | * VFW_MouseListener
24 | */
25 | public class VFW_MouseListener implements MouseListener, ChartMouseListener {
26 |
27 | VisualFirewall parent;
28 |
29 | public VFW_MouseListener ( VisualFirewall parent ) {
30 | this.parent = parent;
31 | }
32 | /* (non-Javadoc)
33 | * @see java.awt.event.MouseListener#mouseClicked(java.awt.event.MouseEvent)
34 | */
35 | public void mouseClicked(MouseEvent e) {
36 | // TODO Auto-generated method stub
37 | Component c = e.getComponent();
38 |
39 | if(VisualFirewall.needBounds)
40 | {
41 | VisualFirewall.needBounds = false;
42 |
43 | for(int x = 0; x < VisualFirewall.NUMVIEWS; ++x)
44 | {
45 | parent.bounds[x] = parent.canvases[x].getBounds();
46 | }
47 | }
48 |
49 | for(int x = 1; x < VisualFirewall.NUMVIEWS; ++x)
50 | {
51 | if(c == (Component) parent.canvases[x])
52 | {
53 | parent.sideJPanel.removeAll();
54 | parent.mainJPanel.removeAll();
55 |
56 | int tmp = parent.perm[0];
57 | parent.perm[0] = parent.perm[x];
58 | parent.perm[x] = tmp;
59 |
60 | Component tmpCanvas = parent.canvases[0];
61 | parent.canvases[0] = parent.canvases[x];
62 | parent.canvases[x] = tmpCanvas;
63 |
64 | for (int a = 0; a < VisualFirewall.NUMVIEWS; ++a)
65 | {
66 | parent.canvases[a].setBounds( parent.bounds[a] );
67 |
68 | if(a == 0)
69 | {
70 | parent.mainJPanel.add(parent.canvases[a], BorderLayout.CENTER);
71 | }
72 | else
73 | {
74 | parent.sideJPanel.add( parent.canvases[a] );
75 | }
76 | }
77 |
78 | for(int i = 0; i < VisualFirewall.NUMVIEWS; ++i)
79 | {
80 | if(parent.canvases[0].equals(parent.views[i].getCanvas()))
81 | {
82 | parent.views[i].isMaximized = true;
83 | }
84 | else
85 | {
86 | parent.views[i].isMaximized = false;
87 | }
88 | }
89 |
90 | parent.jSplitPane.setDividerLocation(parent.jSplitPane.getDividerLocation());
91 | parent.jSplitPane.updateUI();
92 | break;
93 | }
94 | } // end for()
95 |
96 | }
97 |
98 | /* (non-Javadoc)
99 | * @see java.awt.event.MouseListener#mousePressed(java.awt.event.MouseEvent)
100 | */
101 | public void mousePressed(MouseEvent e) {
102 | // TODO Auto-generated method stub
103 |
104 | }
105 |
106 | /* (non-Javadoc)
107 | * @see java.awt.event.MouseListener#mouseReleased(java.awt.event.MouseEvent)
108 | */
109 | public void mouseReleased(MouseEvent e) {
110 | // TODO Auto-generated method stub
111 |
112 | }
113 |
114 | /* (non-Javadoc)
115 | * @see java.awt.event.MouseListener#mouseEntered(java.awt.event.MouseEvent)
116 | */
117 | public void mouseEntered(MouseEvent e) {
118 | }
119 |
120 | /* (non-Javadoc)
121 | * @see java.awt.event.MouseListener#mouseExited(java.awt.event.MouseEvent)
122 | */
123 | public void mouseExited(MouseEvent e) {
124 | // TODO Auto-generated method stub
125 | mouseEntered(e);
126 | }
127 |
128 | public void chartMouseClicked(ChartMouseEvent event)
129 | {
130 | JFreeChart chart = event.getChart();
131 |
132 | for(int x = 1; x < VisualFirewall.NUMVIEWS; ++x)
133 | {
134 | if( parent.views[x].chart != null &&
135 | ( chart == parent.views[x].chart ||
136 | chart.equals( parent.views[x].chart) ) )
137 | {
138 | mouseClicked(new MouseEvent(parent.views[x].getCanvas(), 0,0,0,0,0,0, false));
139 | break;
140 | }
141 | } // end for()
142 | }
143 |
144 | public void chartMouseMoved(ChartMouseEvent event)
145 | {
146 |
147 | }
148 |
149 | public static void main(String[] args) {
150 | }
151 | }
152 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/VFW_WindowListener.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 22, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.event.WindowEvent;
10 | import java.awt.event.WindowListener;
11 |
12 | import edu.gatech.csc.visualfirewall.VisualFirewall;
13 |
14 | /**
15 | * @author trost
16 | *
17 | * TODO To change the template for this generated type comment go to
18 | * Window - Preferences - Java - Code Style - Code Templates
19 | */
20 | public class VFW_WindowListener implements WindowListener {
21 |
22 | VisualFirewall parent;
23 |
24 | /**
25 | *
26 | */
27 | public VFW_WindowListener(VisualFirewall parent) {
28 | super();
29 |
30 | this.parent = parent;
31 | // TODO Auto-generated constructor stub
32 | }
33 |
34 | /* (non-Javadoc)
35 | * @see java.awt.event.WindowListener#windowActivated(java.awt.event.WindowEvent)
36 | */
37 | public void windowActivated(WindowEvent e) {
38 | // TODO Auto-generated method stub
39 | parent.jSplitPane.setDividerLocation(parent.jSplitPane.getDividerLocation());
40 | parent.jSplitPane.updateUI();
41 | }
42 |
43 | /* (non-Javadoc)
44 | * @see java.awt.event.WindowListener#windowClosed(java.awt.event.WindowEvent)
45 | */
46 | public void windowClosed(WindowEvent e) {
47 | // TODO Auto-generated method stub
48 |
49 | }
50 |
51 | /* (non-Javadoc)
52 | * @see java.awt.event.WindowListener#windowClosing(java.awt.event.WindowEvent)
53 | */
54 | public void windowClosing(WindowEvent e) {
55 | // TODO Auto-generated method stub
56 |
57 | }
58 |
59 | /* (non-Javadoc)
60 | * @see java.awt.event.WindowListener#windowDeactivated(java.awt.event.WindowEvent)
61 | */
62 | public void windowDeactivated(WindowEvent e) {
63 | // TODO Auto-generated method stub
64 |
65 | }
66 |
67 | /* (non-Javadoc)
68 | * @see java.awt.event.WindowListener#windowDeiconified(java.awt.event.WindowEvent)
69 | */
70 | public void windowDeiconified(WindowEvent e) {
71 | parent.jSplitPane.setDividerLocation(parent.jSplitPane.getDividerLocation());
72 | parent.jSplitPane.updateUI();
73 |
74 | }
75 |
76 | /* (non-Javadoc)
77 | * @see java.awt.event.WindowListener#windowIconified(java.awt.event.WindowEvent)
78 | */
79 | public void windowIconified(WindowEvent e) {
80 | // TODO Auto-generated method stub
81 |
82 | }
83 |
84 | /* (non-Javadoc)
85 | * @see java.awt.event.WindowListener#windowOpened(java.awt.event.WindowEvent)
86 | */
87 | public void windowOpened(WindowEvent e) {
88 | parent.jSplitPane.setDividerLocation(parent.jSplitPane.getDividerLocation());
89 | parent.jSplitPane.updateUI();
90 |
91 | }
92 |
93 | }
94 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/VisualSignatureView.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Mar 31, 2005
3 | *
4 | * TODO To change the template for this generated file go to
5 | * Window - Preferences - Java - Code Style - Code Templates
6 | */
7 | package edu.gatech.csc.visualfirewall.view;
8 |
9 | import java.awt.Color;
10 | import java.awt.Rectangle;
11 | import java.awt.event.ActionEvent;
12 | import java.util.HashSet;
13 | import java.util.Iterator;
14 | import java.util.Set;
15 | import java.util.TreeSet;
16 |
17 | import javax.media.opengl.GL;
18 | import javax.media.opengl.GLAutoDrawable;
19 | import javax.media.opengl.GLCanvas;
20 | import javax.media.opengl.GLCapabilities;
21 | import javax.media.opengl.GLDrawable;
22 | import javax.media.opengl.GLEventListener;
23 | import javax.media.opengl.glu.GLU;
24 |
25 | import com.sun.opengl.util.GLUT;
26 |
27 | import edu.gatech.csc.visualfirewall.VisualFirewall;
28 | import edu.gatech.csc.visualfirewall.data.IPPacket;
29 | import edu.gatech.csc.visualfirewall.data.IPTableResult;
30 | import edu.gatech.csc.visualfirewall.data.TCPPacket;
31 | import edu.gatech.csc.visualfirewall.data.UDPPacket;
32 |
33 |
34 | /**
35 | * @author Jason Trost
36 | * Mar 31, 2005
37 | * VisualSignatureView
38 | */
39 | public class VisualSignatureView extends AbstractView implements GLEventListener {
40 |
41 | boolean DEBUG = false;
42 |
43 | GLCanvas canvas;
44 |
45 | protected Rectangle worldWindowRect;
46 | boolean worldWindowChanged;
47 |
48 | protected Rectangle wallInterior;
49 |
50 | int viewportWidth;
51 | int viewportHeight;
52 |
53 | //java.util.List linesList = new LinkedList();
54 | java.util.SortedSet linesSet;
55 |
56 | // These are used for aging the lines.
57 | public static final double ONE_MIN = 60000;
58 | public static final double TWO_MIN = 2*ONE_MIN;
59 | public static final double THREE_MIN = 3*ONE_MIN;
60 | public static final double FOUR_MIN = 4*ONE_MIN;
61 | public static final double FIVE_MIN = 5*ONE_MIN;
62 |
63 | public static final float HEIGHT = 3000.0f;
64 | public static final float WIDTH = 3000.0f;
65 |
66 | public static final float PORT_AXIS_X = WIDTH * 0.12f;
67 | public static final float ADDR_AXIS_X = WIDTH * 0.82f;
68 |
69 | public static final long NUM_ADDR = 4294967295L;
70 | public static int NUM_PORTS = 65535;
71 | public static final double CUBE_ROOT_65535 = Math.pow(65535, 0.3333333);
72 |
73 | public static final int[] MARKED_PORTS = {10, 80, 150, 500, 1000, 5000, 10000, 50000};
74 | public static double[] MARKED_PORTS_HEIGHT = new double[MARKED_PORTS.length];
75 | public static double[] MARKED_PORTS_HEIGHT_MINUS_12 = new double[MARKED_PORTS.length];
76 | public static String[] MARKED_PORTS_AS_STRINGS = new String[MARKED_PORTS.length];
77 | public static int[] MARKED_PORTS_AS_STRINGS_WIDTH = new int[MARKED_PORTS.length];
78 |
79 | public static double[] MARKED_PORTS_X = new double[MARKED_PORTS.length];
80 |
81 | public static final float[] BG_RGB = VisualFirewall.BG_COLOR.getColorComponents(null);
82 | public static final float[] AXIS_RGB = VisualFirewall.FG_COLOR.getColorComponents(null);
83 |
84 | public static final Color TCP_LINE_COLOR = Color.GREEN;
85 | public static final Color UDP_LINE_COLOR = Color.ORANGE;
86 |
87 | public static int DRAW_AXIS = 1;
88 |
89 | public VisualSignatureView(Rectangle worldWindowRect)
90 | {
91 | super(worldWindowRect);
92 |
93 | GLCapabilities capabilities = new GLCapabilities();
94 | setCanvas(new GLCanvas(capabilities));
95 |
96 | // add a GLEventListener, which will get called when the
97 | // canvas is resized or needs a repaint
98 | getGLCanvas().addGLEventListener(this);
99 |
100 | linesSet = new TreeSet( new LineComparator() );
101 |
102 | //javax.swing.Timer timer = new javax.swing.Timer (10000, this);
103 | //timer.start();
104 |
105 | GLUT glut = new GLUT();
106 |
107 | // precompute here for extra performance.
108 | for(int i = 0; i < MARKED_PORTS.length; ++i)
109 | {
110 | MARKED_PORTS_HEIGHT[i] = HEIGHT * ( 1.0 - Math.pow(MARKED_PORTS[i], 0.333333) / CUBE_ROOT_65535);
111 | MARKED_PORTS_HEIGHT_MINUS_12[i] = MARKED_PORTS_HEIGHT[i] - 12.0f;
112 | MARKED_PORTS_AS_STRINGS[i] = Integer.toString(MARKED_PORTS[i]);
113 | MARKED_PORTS_AS_STRINGS_WIDTH[i] = 5*glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, MARKED_PORTS_AS_STRINGS[i] );
114 | MARKED_PORTS_X[i] = PORT_AXIS_X_MINUS_20 - MARKED_PORTS_AS_STRINGS_WIDTH[i];
115 | }
116 |
117 | setName("VisualSignature");
118 | }
119 |
120 | public void actionPerformed(ActionEvent event)
121 | {
122 | //System.out.println(linesSet.size());
123 | }
124 |
125 | /**
126 | * Remember that the GLDrawable is actually the
127 | * GLCanvas that we dealt with earlier.
128 | */
129 | public void init(GLAutoDrawable gld)
130 | {
131 | //if(DEBUG)System.out.println("VisualSignatureView: init() called");
132 | //Remember not to save the
133 | //GL and GLU objects for
134 | //use outside of this method.
135 | //New ones will be provided
136 | //later.
137 | GL gl = getGLCanvas().getGL();
138 | GLU glu = new GLU();
139 |
140 | gl.glClearColor(BG_RGB[0], BG_RGB[1], BG_RGB[2], 1.0f );
141 |
142 | //Let's make the point 5 pixels wide
143 | gl.glPointSize(5.0f);
144 |
145 | //glViewport's arguments represent
146 | //left, bottom, width, height
147 | gl.glViewport(0, 0, (int)WIDTH, (int)HEIGHT);
148 | gl.glMatrixMode(GL.GL_PROJECTION);
149 | gl.glLoadIdentity();
150 | //gluOrtho2D's arguments represent
151 | //left, right, bottom, top
152 | glu.gluOrtho2D(0, WIDTH, 0, HEIGHT);
153 |
154 | // This is supposed to optimize repeatedly drawn graphics. See
155 | // http://fly.cc.fer.hr/~unreal/theredbook/chapter04.html for more info.
156 | gl.glNewList(DRAW_AXIS, GL.GL_COMPILE);
157 | drawAxis(gl);
158 | gl.glEndList();
159 | }
160 |
161 | int size = 0;
162 | boolean clear = true;
163 |
164 | public void display(GLAutoDrawable gld)
165 | {
166 | //System.out.println("VisualSignatureView: display() called, linesSet.size(): "+linesSet.size());
167 |
168 | //if(DEBUG)System.out.println("VisualSignatureView: display() called");
169 | // Remember to get a new copy
170 | // of GL object instead of
171 | // saving a previous one
172 | GL gl = getGLCanvas().getGL();
173 | GLU glu = new GLU();
174 |
175 | // is there a pending world window change?
176 | if ( getWorldWindowChanged() )
177 | resetWorldWindow(gl, glu);
178 |
179 | // load identity matrix
180 | gl.glMatrixMode (GL.GL_MODELVIEW);
181 | gl.glLoadIdentity();
182 |
183 | //erase GLCanvas using the clear color
184 | //gl.glClearColor(red, green, blue, alpha); // background
185 | gl.glClear(GL.GL_COLOR_BUFFER_BIT);
186 |
187 | //Choose our color for drawing
188 | //drawAxis(gl);
189 | gl.glCallList(DRAW_AXIS);
190 |
191 | //if(DEBUG)System.out.println("linesSet.size(): "+linesSet.size());
192 |
193 | Set removeThese = new HashSet();
194 |
195 | synchronized(linesSet)
196 | {
197 | //System.out.println("linesSet.size() = "+linesSet.size());
198 |
199 | Iterator iter = (Iterator)linesSet.iterator();
200 | while(iter.hasNext() )
201 | {
202 | long time = System.currentTimeMillis();
203 | Line line = (Line) iter.next();
204 |
205 | double elapsed = time - line.age;
206 | float colorChange = (float)(elapsed/FIVE_MIN);
207 |
208 | line.age = time;
209 |
210 | Color c = line.getColor();
211 |
212 | float[] rgb = c.getColorComponents(null);
213 |
214 | c = new Color( rgb[0] - colorChange >= BG_RGB[0]?(rgb[0] - colorChange):BG_RGB[0],
215 | rgb[1] - colorChange >= BG_RGB[1]?(rgb[1] - colorChange):BG_RGB[1],
216 | rgb[2] - colorChange >= BG_RGB[2]?(rgb[2] - colorChange):BG_RGB[2] );
217 |
218 | rgb = c.getColorComponents(null);
219 |
220 | if(rgb[0] <= BG_RGB[0] && rgb[1] <= BG_RGB[1] && rgb[2] <= BG_RGB[2])
221 | {
222 | //System.out.println("line removed: "+line);
223 | removeThese.add(line);
224 | continue;
225 | }
226 |
227 | line.setColor(c);
228 | drawLine(gl, line);
229 | }
230 |
231 | linesSet.removeAll(removeThese);
232 | }
233 | //drawAxis(gl);
234 | }
235 |
236 | public static final double PORT_AXIS_X_MINUS_10 = PORT_AXIS_X - 10.0f;
237 | public static final double PORT_AXIS_X_PLUS_10 = PORT_AXIS_X + 10.0f;
238 | public static final double PORT_AXIS_X_MINUS_20 = PORT_AXIS_X - 20.0f;
239 |
240 | public static final float HIGH_ADDR_HEIGHT = HEIGHT*0.01f;
241 | public static final float LOW_ADDR_HEIGHT = HEIGHT*0.97f;
242 | public static final float ADDR_AXIS_X_PLUS_20 = ADDR_AXIS_X + 20;
243 |
244 | void drawAxis(GL gl)
245 | {
246 | /////////////// Draw top and bottom boundaries //////////////////
247 | gl.glColor3f(BG_RGB[0] + 0.1f, BG_RGB[1] + 0.1f, BG_RGB[2] + 0.1f);
248 | gl.glPointSize(1.0f);
249 |
250 | gl.glBegin(GL.GL_LINES);
251 | gl.glVertex2d(0.0f, HEIGHT - 1);
252 | gl.glVertex2d(WIDTH, HEIGHT - 1);
253 | gl.glEnd();
254 |
255 | gl.glBegin(GL.GL_LINES);
256 | gl.glVertex2d(0.0f, 0.0f);
257 | gl.glVertex2d(WIDTH, 0.0f);
258 | gl.glEnd();
259 | /////////////////////////////////////////////////////////////////
260 |
261 |
262 |
263 | //if(DEBUG)System.out.println("VisualSignatureView: drawAxis() called");
264 | GLUT glut = new GLUT();
265 |
266 | gl.glColor3f(AXIS_RGB[0], AXIS_RGB[1], AXIS_RGB[2]);
267 | gl.glPointSize(5.0f);
268 |
269 | gl.glBegin(GL.GL_LINES);
270 | gl.glVertex2d(PORT_AXIS_X, 0.0f);
271 | gl.glVertex2d(PORT_AXIS_X, HEIGHT);
272 | gl.glEnd();
273 |
274 |
275 | for(int i = 0; i < MARKED_PORTS.length; ++i)
276 | {
277 | //double tmpHeight = 1.0 - Math.pow(MARKED_PORTS[i], .3333) / CUBE_ROOT_65535;
278 | //tmpHeight *= HEIGHT;
279 |
280 | gl.glBegin(GL.GL_LINES);
281 | gl.glVertex2d(PORT_AXIS_X_MINUS_10, (float)MARKED_PORTS_HEIGHT[i]);
282 | gl.glVertex2d(PORT_AXIS_X_PLUS_10, (float)MARKED_PORTS_HEIGHT[i]);
283 | gl.glEnd();
284 |
285 | ///////////////////////////////////////////////////////////
286 |
287 | if(isMaximized)
288 | {
289 | //int width = glut.glutBitmapLength( GLUT.BITMAP_HELVETICA_10, MARKED_PORTS_AS_STRINGS[i] );
290 |
291 | gl.glRasterPos2f((float)MARKED_PORTS_X[i], (float)MARKED_PORTS_HEIGHT_MINUS_12[i]);
292 | //Take a string and make it a bitmap, put it in the 'gl' passed over and pick
293 | //the GLUT font, then provide the string to show
294 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, MARKED_PORTS_AS_STRINGS[i]);
295 | }
296 | }
297 |
298 | gl.glBegin(GL.GL_LINES);
299 | gl.glVertex2d(ADDR_AXIS_X, 0.0f);
300 | gl.glVertex2d(ADDR_AXIS_X, HEIGHT);
301 | gl.glEnd();
302 |
303 | if(isMaximized)
304 | {
305 | gl.glRasterPos2f(ADDR_AXIS_X_PLUS_20, HIGH_ADDR_HEIGHT);
306 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "255.255.255.255");
307 |
308 | gl.glRasterPos2f(ADDR_AXIS_X_PLUS_20, LOW_ADDR_HEIGHT);
309 | glut.glutBitmapString(GLUT.BITMAP_HELVETICA_10, "0.0.0.0" );
310 | }
311 | }
312 |
313 | void drawLine(GL gl, Line line)
314 | {
315 | //System.out.println(line);
316 |
317 | gl.glPointSize(5.0f);
318 |
319 | Color color = line.getColor();
320 | float[] rgb = color.getColorComponents(null);
321 |
322 | gl.glColor3fv(rgb, 0);
323 |
324 | gl.glBegin(GL.GL_LINES);
325 | gl.glVertex2d(line.x1, line.y1);
326 | gl.glVertex2d(line.x2, line.y2);
327 | gl.glEnd();
328 | }
329 |
330 | //we won't need these two methods
331 | public void reshape(GLAutoDrawable drawable, int x, int y, int width, int height)
332 | {
333 | GL gl = getGLCanvas().getGL();
334 | GLU glu = new GLU();
335 |
336 | // save size for viewport reset
337 | setViewportWidth(width);
338 | setViewportHeight(height);
339 |
340 | resetWorldWindow(gl, glu);
341 |
342 | display(drawable);
343 | }
344 |
345 | public void displayChanged(GLAutoDrawable drawable, boolean modeChanged, boolean deviceChanged)
346 | {
347 | }
348 |
349 | public void addLine(Line line)
350 | {
351 | synchronized(linesSet)
352 | {
353 | if(!linesSet.contains(line))
354 | linesSet.add(line);
355 | else
356 | {
357 | linesSet.remove(line);
358 | // this makes it so the age of the line in the Set is updated
359 | linesSet.add(line);
360 | }
361 | }
362 | }
363 |
364 | public void addLine(float x1, float x2, float y1, float y2)
365 | {
366 | addLine( new Line(x1, x2, y1, y2) );
367 | }
368 |
369 | public void addLine(long srcip, int dstport, Color color)
370 | {
371 | double percent = 1.0 - (double)srcip/ (double) NUM_ADDR;
372 | float y1 = HEIGHT * (float)percent;
373 |
374 | percent = 1.0 - Math.pow(dstport, 0.3333333) / CUBE_ROOT_65535;
375 | float y2 = HEIGHT * (float)percent;
376 |
377 | addLine( new Line(ADDR_AXIS_X, PORT_AXIS_X, y1, y2, color) );
378 | }
379 |
380 | public void dispatchResult(IPTableResult ipTableResult)
381 | {
382 | if( ipTableResult != null && ipTableResult.packet !=null &&
383 | ipTableResult.packet.srcip !=null && ipTableResult.packet.pdu !=null &&
384 | ipTableResult.packet.dstip !=null )
385 | {
386 | IPPacket ip = ipTableResult.packet;
387 |
388 | String srcIpStr = ip.srcip.toString().substring(1);
389 | String dstIpStr = ip.dstip.toString().substring(1);
390 |
391 | byte[] ipByte = ip.srcip.getAddress();
392 |
393 | long srcip = (0x0FF & ipByte[0]);
394 | srcip <<= 8;
395 | srcip |= (0x0FF & ipByte[1]);
396 | srcip <<= 8;
397 | srcip |= (0x0FF & ipByte[2]);
398 | srcip <<= 8;
399 | srcip |= (0x0FF & ipByte[3]);
400 | srcip &= 0x00000000FFFFFFFFL;
401 |
402 | ipByte = ip.dstip.getAddress();
403 |
404 | long dstip = (0x0FF & ipByte[0]);
405 | dstip <<= 8;
406 | dstip |= (0x0FF & ipByte[1]);
407 | dstip <<= 8;
408 | dstip |= (0x0FF & ipByte[2]);
409 | dstip <<= 8;
410 | dstip |= (0x0FF & ipByte[3]);
411 | dstip &= 0x00000000FFFFFFFFL;
412 |
413 | if(ip.pdu.getClass().getName().equals("edu.gatech.csc.visualfirewall.data.TCPPacket"))
414 | {
415 | if(DEBUG)System.out.println("ip.pdu.getClass().getName(): "+ip.pdu.getClass().getName());
416 |
417 | if(VisualFirewall.localIPAddr.equals(dstIpStr))
418 | {
419 | // incoming packet
420 | TCPPacket tcp = (TCPPacket)ip.pdu;
421 | addLine(srcip, tcp.dstport, TCP_LINE_COLOR);
422 | }
423 | else if(VisualFirewall.localIPAddr.equals(srcIpStr))
424 | {
425 | // outgoing packet
426 | TCPPacket tcp = (TCPPacket)ip.pdu;
427 | addLine(dstip, tcp.srcport, TCP_LINE_COLOR);
428 | }
429 | }
430 | else if(ip.pdu.getClass().getName().equals("edu.gatech.csc.visualfirewall.data.UDPPacket"))
431 | {
432 | if(VisualFirewall.localIPAddr.equals(dstIpStr))
433 | {
434 | // incoming packet
435 | UDPPacket udp = (UDPPacket)ip.pdu;
436 | addLine(srcip, udp.dstport, UDP_LINE_COLOR);
437 | }
438 | else if(VisualFirewall.localIPAddr.equals(srcIpStr))
439 | {
440 | // outgoing packet
441 | UDPPacket udp = (UDPPacket)ip.pdu;
442 | addLine(dstip, udp.srcport, UDP_LINE_COLOR);
443 | }
444 | }
445 | }
446 | }
447 |
448 |
449 | }
450 |
--------------------------------------------------------------------------------
/src/edu/gatech/csc/visualfirewall/view/VitalSigns2.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Created on Apr 14, 2005
3 | */
4 | package edu.gatech.csc.visualfirewall.view;
5 |
6 | import java.awt.BorderLayout;
7 | import java.awt.Color;
8 | import java.awt.Dimension;
9 | import java.awt.GradientPaint;
10 | import javax.swing.*;
11 |
12 | import java.awt.event.ActionEvent;
13 | import java.awt.event.ActionListener;
14 | import javax.swing.Timer;
15 |
16 |
17 | import org.jfree.chart.ChartFactory;
18 | import org.jfree.chart.ChartPanel;
19 | import org.jfree.chart.JFreeChart;
20 | import org.jfree.chart.axis.CategoryAxis;
21 | import org.jfree.chart.axis.CategoryLabelPositions;
22 | import org.jfree.chart.axis.NumberAxis;
23 | import org.jfree.chart.plot.CategoryPlot;
24 | import org.jfree.chart.plot.PlotOrientation;
25 | import org.jfree.chart.renderer.category.BarRenderer;
26 | import org.jfree.data.category.CategoryDataset;
27 | import org.jfree.data.category.DefaultCategoryDataset;
28 |
29 | /**
30 | * @author chris Apr 14, 2005 VitalSigns
31 | */
32 | public class VitalSigns2 extends JPanel {
33 | static DefaultCategoryDataset dataset;
34 | static String[] series = { "CPU", "Memory Used", "Net Util", "Alerts" };
35 | static String category = "";
36 | /**
37 | * @param arg0
38 | */
39 | public VitalSigns2(String title)
40 | {
41 | CategoryDataset dataset = createDataset();
42 | JFreeChart chart = createChart(dataset);
43 | JPanel chartPanel = (JPanel)new ChartPanel(chart);
44 | chartPanel.setPreferredSize(new Dimension(500, 500));
45 |
46 | setLayout(new BorderLayout());
47 | add(chartPanel);
48 |
49 | chart.getCategoryPlot().getRangeAxis().setAutoRange(false);
50 | new DataGenerator(100).start();
51 | }
52 |
53 | public VitalSigns2()
54 | {
55 | this("");
56 | }
57 |
58 | private static CategoryDataset createDataset() {
59 | dataset = new DefaultCategoryDataset();
60 | dataset.addValue(1, series[0], category);
61 | dataset.addValue(1, series[1], category);
62 | dataset.addValue(1, series[2], category);
63 | dataset.addValue(0, series[3], category);
64 | return dataset;
65 | }
66 |
67 | private static JFreeChart createChart(CategoryDataset dataset) {
68 | // create the chart...
69 | JFreeChart chart = ChartFactory.createBarChart("VitalSigns2", // chart
70 | // title
71 | "Vital Signs", // domain axis label
72 | "Health", // range axis label
73 | dataset, // data
74 | PlotOrientation.VERTICAL, // orientation
75 | true, // include legend
76 | true, // tooltips?
77 | false // URLs?
78 | );
79 | // NOW DO SOME OPTIONAL CUSTOMISATION OF THE CHART...
80 | // set the background color for the chart...
81 | chart.setBackgroundPaint(Color.white);
82 | // get a reference to the plot for further customisation...
83 | CategoryPlot plot = chart.getCategoryPlot();
84 | plot.setBackgroundPaint(Color.lightGray);
85 | plot.setDomainGridlinePaint(Color.white);
86 | plot.setDomainGridlinesVisible(true);
87 | plot.setRangeGridlinePaint(Color.white);
88 | // set the range axis to display integers only...
89 | final NumberAxis rangeAxis = (NumberAxis) plot.getRangeAxis();
90 | rangeAxis.setStandardTickUnits(NumberAxis.createIntegerTickUnits());
91 | // disable bar outlines...
92 | BarRenderer renderer = (BarRenderer) plot.getRenderer();
93 | renderer.setDrawBarOutline(false);
94 | // set up gradient paints for series...
95 | GradientPaint gp0 = new GradientPaint(0.0f, 0.0f, Color.blue, 0.0f,
96 | 0.0f, new Color(0, 0, 64));
97 | GradientPaint gp1 = new GradientPaint(0.0f, 0.0f, Color.green, 0.0f,
98 | 0.0f, new Color(0, 64, 0));
99 | GradientPaint gp2 = new GradientPaint(0.0f, 0.0f, Color.red, 0.0f,
100 | 0.0f, new Color(64, 0, 0));
101 | GradientPaint gp3 = new GradientPaint(0.0f, 0.0f, Color.yellow, 0.0f,
102 | 0.0f, new Color(64, 0, 0));
103 | renderer.setSeriesPaint(0, gp0);
104 | renderer.setSeriesPaint(1, gp1);
105 | renderer.setSeriesPaint(2, gp2);
106 | renderer.setSeriesPaint(3, gp3);
107 | CategoryAxis domainAxis = plot.getDomainAxis();
108 | domainAxis.setCategoryLabelPositions(CategoryLabelPositions
109 | .createUpRotationLabelPositions(Math.PI / 6.0));
110 | // OPTIONAL CUSTOMISATION COMPLETED.
111 | return chart;
112 | }
113 |
114 | public static void updateMemory(double y) {
115 | dataset.setValue(y, series[1], category);
116 | }
117 |
118 | public static void updateBitrate(double bps) {
119 | dataset.setValue(bps, series[2], category);
120 | }
121 |
122 | public static void updateAlert(double alert) {
123 | dataset.setValue(alert, series[3], category);
124 | }
125 |
126 |
127 | public static JPanel createDemoPanel() {
128 | JFreeChart chart = createChart(createDataset());
129 | return new ChartPanel(chart);
130 | }
131 |
132 | /**
133 | * Returns a description of the demo.
134 | *
135 | * @return A description.
136 | */
137 | public static String getDemoDescription() {
138 | return "A bar chart.";
139 | }
140 | }
141 |
142 | /**
143 | * The data generator.
144 | */
145 |
146 | class DataGenerator extends Timer implements ActionListener {
147 | double bps = 0;
148 | double alerts = 0;
149 | /**
150 | * Constructor.
151 | *
152 | * @param interval
153 | * the interval (in milliseconds)
154 | */
155 | DataGenerator(int interval) {
156 | super(interval, null);
157 | addActionListener(this);
158 | }
159 |
160 | /**
161 | * Adds a new free/total memory reading to the dataset.
162 | *
163 | * @param event
164 | * the action event.
165 | */
166 | public void actionPerformed(ActionEvent event) {
167 | long f = Runtime.getRuntime().freeMemory();
168 | long t = Runtime.getRuntime().totalMemory();
169 | bps += ( Math.random() - bps )/5.0;
170 | VitalSigns2.updateMemory((double)f/t);
171 | VitalSigns2.updateBitrate( bps );
172 | if ( Math.random() <= 1E-3 ) {
173 | alerts += 1.0d/100.0d;
174 | VitalSigns2.updateAlert( alerts );
175 | }
176 | }
177 | }
178 |
--------------------------------------------------------------------------------