X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fos_dbd%2Falert.c;h=991157c4ab75eeb6705220bffbbb299f4dee0034;hp=517b65c477f78c2a3a240f9cadd3f5e241a4bf3a;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554

diff --git a/src/os_dbd/alert.c b/src/os_dbd/alert.c
index 517b65c..991157c 100755
--- a/src/os_dbd/alert.c
+++ b/src/os_dbd/alert.c
@@ -1,4 +1,5 @@
-/* @(#) $Id$ */
+/* @(#) $Id: ./src/os_dbd/alert.c, 2011/09/08 dcid Exp $
+ */
 
 /* Copyright (C) 2009 Trend Micro Inc.
  * All rights reserved.
@@ -78,7 +79,7 @@ int __DBSelectLocation(char *location, DBConfig *db_config)
 int __DBInsertLocation(char *location, DBConfig *db_config)
 {
     char sql_query[OS_SIZE_1024];
-    
+
     memset(sql_query, '\0', OS_SIZE_1024);
 
     /* Generating SQL */
@@ -108,6 +109,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
 {
     int i;
     unsigned int s_ip = 0, d_ip = 0, location_id = 0;
+    unsigned short s_port = 0, d_port = 0;
     int *loc_id;
     char sql_query[OS_SIZE_8192 +1];
     char *fulllog = NULL;
@@ -116,7 +118,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
     /* Clearing the memory before insert */
     sql_query[0] = '\0';
     sql_query[OS_SIZE_8192] = '\0';
-    
+
 
     /* Converting srcip to int */
     if(al_data->srcip)
@@ -129,7 +131,24 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
             s_ip = net.s_addr;
         }
     }
-    d_ip = 0;
+
+    /* Converting dstip to int */
+    if(al_data->dstip)
+    {
+        struct in_addr net;
+
+        /* Extracting ip address */
+        if(inet_aton(al_data->dstip, &net))
+        {
+            d_ip = net.s_addr;
+        }
+    }
+
+    /* Source Port */
+    s_port = al_data->srcport;
+
+    /* Destination Port */
+    d_port = al_data->dstport;
 
 
     /* Escaping strings */
@@ -138,8 +157,8 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
 
     /* We first need to insert the location */
     loc_id = OSHash_Get(db_config->location_hash, al_data->location);
-    
-    
+
+
     /* If we dont have location id, we must select and/or insert in the db */
     if(!loc_id)
     {
@@ -153,7 +172,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
 
         if(!location_id)
         {
-            merror("%s: Unable to insert location: '%s'.", 
+            merror("%s: Unable to insert location: '%s'.",
                    ARGV0, al_data->location);
             return(0);
         }
@@ -164,15 +183,30 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
         *loc_id = location_id;
         OSHash_Add(db_config->location_hash, al_data->location, loc_id);
     }
-    
+
 
     i = 0;
     while(al_data->log[i])
     {
-        fulllog = os_LoadString(fulllog, al_data->log[i]);
+        long len = strlen(al_data->log[i]);
+        char templog[len+2];
+        if (al_data->log[i+1]) {
+            snprintf(templog, len, "%s\n", al_data->log[i]);
+        }
+        else {
+            snprintf(templog, len, "%s", al_data->log[i]);
+        }
+        fulllog = os_LoadString(fulllog, templog);
+//      fulllog = os_LoadString(fulllog, al_data->log[i]);
         i++;
     }
     osdb_escapestr(fulllog);
+    if(strlen(fulllog) >  7456)
+    {
+        fulllog[7454] = '.';
+        fulllog[7455] = '.';
+        fulllog[7456] = '\0';
+    }
 
 
     /* Inserting data */
@@ -183,7 +217,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
                 "INSERT INTO "
                 "data(id, server_id, \"user\", full_log) "
                 "VALUES ('%u', '%u', '%s', '%s') ",
-                db_config->alert_id, db_config->server_id, 
+                db_config->alert_id, db_config->server_id,
                 al_data->user, fulllog);
     }
     else
@@ -192,29 +226,32 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
                 "INSERT INTO "
                 "data(id, server_id, user, full_log) "
                 "VALUES ('%u', '%u', '%s', '%s') ",
-                db_config->alert_id, db_config->server_id, 
+                db_config->alert_id, db_config->server_id,
                 al_data->user, fulllog);
     }
 
     free(fulllog);
     fulllog = NULL;
-    
-    
+
+
     /* Inserting into the db */
     if(!osdb_query_insert(db_config->conn, sql_query))
     {
         merror(DB_GENERROR, ARGV0);
     }
-                                
+
 
 
     /* Generating final SQL */
     snprintf(sql_query, OS_SIZE_8192,
             "INSERT INTO "
-            "alert(id,server_id,rule_id,timestamp,location_id,src_ip) "
-            "VALUES ('%u', '%u', '%u','%u', '%u', '%lu')",
+            "alert(id,server_id,rule_id,timestamp,location_id,src_ip,src_port,dst_ip,dst_port,alertid) "
+            "VALUES ('%u', '%u', '%u','%u', '%u', '%lu', '%u', '%lu', '%u', '%s')",
             db_config->alert_id, db_config->server_id, al_data->rule,
-            (unsigned int)time(0), *loc_id, (unsigned long)ntohl(s_ip));
+            (unsigned int)time(0), *loc_id,
+            (unsigned long)ntohl(s_ip), (unsigned short)s_port,
+            (unsigned long)ntohl(d_ip), (unsigned short)d_port,
+            al_data->alertid);
 
 
     /* Inserting into the db */
@@ -223,7 +260,7 @@ int OS_Alert_InsertDB(alert_data *al_data, DBConfig *db_config)
         merror(DB_GENERROR, ARGV0);
     }
 
-    
+
     db_config->alert_id++;
     return(1);
 }