Changeset 734

Show
Ignore:
Timestamp:
01/08/07 14:11:40 (2 years ago)
Author:
common
Message:

nepenthes

  • log-surfnet
    • fix: update attack severity for delayed attacks
    • fix: erase closed sockets from the socket tracker if there is no outstanding query to process
Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • nepenthes/trunk/modules/log-surfnet/log-surfnet.cpp

    r676 r734  
    7777        m_closed = false; 
    7878 
    79         m_severity = 0
     79        m_severity = -1
    8080} 
    8181 
     
    472472                        attackid); 
    473473 
    474         m_SocketTracker[(uintptr_t) socket].m_closed = true; 
     474        if (m_SocketTracker[(uintptr_t) socket].m_Details.size() > 0) 
     475        { 
     476        m_SocketTracker[(uintptr_t) socket].m_closed = true; 
     477        }else 
     478        { 
     479                m_SocketTracker.erase((uintptr_t)socket); 
     480        } 
    475481} 
    476482 
     
    650656        } 
    651657 
     658        if (m_SocketTracker[(uintptr_t)s].m_severity != -1) 
     659        { 
     660                string query; 
     661 
     662                query = "SELECT surfnet_attack_update_severity('"; 
     663                query += itos(m_SocketTracker[(uintptr_t)s].m_attackID); 
     664                query += "','"; 
     665                query += itos(m_SocketTracker[(uintptr_t)s].m_severity); 
     666                query += "');"; 
     667 
     668                m_SQLHandler->addQuery(&query,NULL,NULL); 
     669        } 
     670 
    652671        if (m_SocketTracker[(uintptr_t)s].m_closed == true) 
    653672        {