itrp 0.1.0

data/lib/handlers/query_resource.rb

@@ -0,0 +1,68 @@
+module ITRP
+
+class Cmd_query_resource  < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :resource
+		@attach_cmd  = ''
+		@trigger = 'query'
+	end
+
+	def completions(patt)
+		TRP::QueryResourcesRequest
+		        .fields
+				.values
+				.collect { |a| a.name }
+				.grep( /^#{Regexp.escape(patt)}/i)
+	end
+
+    def enter(patt)
+
+		terms = patt.scan( /(\w+)\s*=\s*([\w\-_\.\:]+)+/ )
+
+		qparams = terms.inject({}) { |acc,t| acc.store( t[0].to_sym, t[1]);acc}
+
+		[:maxitems].each do |a|
+			qparams[a] = qparams[a].to_i if qparams.key? a
+		end
+
+	    p qparams 
+
+		# meter names 
+		req =mk_request(TRP::Message::Command::QUERY_RESOURCES_REQUEST,
+						{
+						 :resource_group => appstate(:cgguid),
+                         :time_interval => appstate(:time_interval)
+						}.merge(qparams))
+
+        rows = [] 
+
+		get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+
+            resp.resources.each do | res |
+
+            rows << [ "#{res.resource_id}",
+                      Time.at( res.time.tv_sec).to_s(),
+                      res.source_ip.label,
+                      res.source_port.label,
+                      res.destination_ip.label,
+                      res.destination_port.label,
+                      wrap(res.uri,50),
+                      wrap(res.userlabel,40)
+            ]
+            end
+
+        end
+
+		table = Terminal::Table.new( 
+				:headings => %w(ID Time SourceIP Port DestIP Port URI Label ),
+				:rows => rows)
+		puts(table) 
+
+    end
+
+
+end
+end
+
+

data/lib/handlers/resolve.rb

@@ -0,0 +1,34 @@
+module ITRP
+
+class Cmd_resolve  < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :counter
+		@attach_cmd  = ''
+		@trigger = 'resolve'
+	end
+
+	def enter(cmdline)
+
+		patt = cmdline.scan(/resolve\s+(\S*)/).flatten.first 
+
+        patt.split(',')
+
+		req =mk_request(TRP::Message::Command::KEY_LOOKUP_REQUEST,
+						 :counter_group => appstate(:cgguid),
+						 :keys  => patt.split(','))
+
+
+        rows = []
+		get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+            resp.keys.each do |k|
+                rows << [ k.key, k.label, k.readable ]
+            end
+		end
+
+		table = Terminal::Table.new( :headings => %w(Key  Label Readable ), :rows => rows)
+		puts(table) 
+    end
+
+end
+end

data/lib/handlers/resource.rb

@@ -0,0 +1,30 @@
+module ITRP
+
+class Cmd_resource  < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :any
+		@attach_cmd  = 'set'
+		@trigger = 'resource'
+	end
+
+
+	def completions(patt)
+        [ "HTTP URIs     {4EF9DEB9-4332-4867-A667-6A30C5900E9E} ",
+          "DNS Resources {D1E27FF0-6D66-4E57-BB91-99F76BB2143E} ",
+          "SSL Certs     {5AEE3F0B-9304-44BE-BBD0-0467052CF468} ",
+        ].grep( /#{Regexp.escape(patt)}/i)  
+    end
+
+	def enter(s)
+        patt = s.scan(/set\s+resource\s+(.*)\s+({.*}$)/).flatten 
+		patt[0].strip!
+		print("\nContext set to resource group [#{patt[0]}] [#{patt[1]}]\n\n")
+		@appenv.prompt = "iTRP R:(#{patt[0]})> "
+		@appenv.context_data[:cgguid] = patt[1]
+		@appenv.context_data[:cgname] = patt[0]
+		@appenv.context = :resource
+	end
+end
+
+end 

data/lib/handlers/set.rb

@@ -0,0 +1,35 @@
+module ITRP
+
+class Cmd_set < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :any
+		@attach_cmd  = ''
+		@trigger = 'set'
+	end
+
+	def enter(cmdline)
+		print("\nCurrent state\n")
+		print_state
+	end
+end
+
+class Cmd_reset < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :any
+		@attach_cmd  = ''
+		@trigger = 'reset'
+	end
+
+	def enter(cmdline)
+		@appenv.prompt = "iTRP> "
+		@appenv.context  = :any  
+		print_state
+		print("\nReset state OK\n")
+	end
+
+end
+
+end
+

data/lib/handlers/timeslices.rb

@@ -0,0 +1,31 @@
+module ITRP
+
+class Cmd_timeslices  < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :any
+		@attach_cmd  = ''
+		@trigger = 'timeslices'
+	end
+
+	def enter(cmdline)
+
+		req =mk_request(TRP::Message::Command::TIMESLICES_REQUEST,{:context=>0}) 	
+
+        rows = [] 
+
+		get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+            resp.slices.each do | window |
+                rows << [ Time.at(window.from.tv_sec), Time.at(window.to.tv_sec) ]
+            end
+        end 
+
+		table = Terminal::Table.new( 
+				:headings => %w(From  To),
+				:rows => rows)
+		puts(table) 
+    end
+
+end
+end
+

data/lib/handlers/toppers.rb

@@ -0,0 +1,41 @@
+module ITRP
+
+class Cmd_toppers  < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :counter
+		@attach_cmd  = ''
+		@trigger = 'toppers'
+	end
+
+	def enter(cmdline)
+
+		patt = cmdline.scan(/toppers ([0-9]+)/).flatten.first 
+
+		req =TrisulRP::Protocol.mk_request(TRP::Message::Command::COUNTER_GROUP_REQUEST,
+			 :counter_group => @appenv.context_data[:cgguid],
+			 :meter => patt.to_i,
+			 :resolve_keys => true,
+			 :time_interval =>  mk_time_interval(@appenv.context_data[:time_window]))
+
+		TrisulRP::Protocol.get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+			  print "Counter Group = #{resp.counter_group}\n"
+			  print "Meter = #{resp.meter}\n"
+
+			  rows = [] 
+			  resp.keys.each do |key|
+			  		rows << [ key.key,
+							  key.label,
+							  key.readable,
+							  key.metric ] 
+			  end
+
+			table = Terminal::Table.new :headings => ["Key", "Label", "Readable", "Metric"], :rows => rows
+			puts(table) 
+		end
+
+	end
+
+end
+end
+

data/lib/handlers/trackers.rb

@@ -0,0 +1,49 @@
+module ITRP
+
+class Cmd_flow_trackers   < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :flow
+		@attach_cmd  = ''
+		@trigger = 'tracker'
+	end
+
+	def enter(cmdline)
+
+		patt = cmdline.scan(/tracker\s+([0-9]+)/).flatten.first 
+
+		req =TrisulRP::Protocol.mk_request(TRP::Message::Command::SESSION_TRACKER_REQUEST,
+			 :session_group  => appstate(:cgguid),
+			 :time_interval => appstate(:time_interval),
+			 :resolve_keys => true,
+			 :tracker_id => patt.to_i)
+
+		rows = []
+		TrisulRP::Protocol.get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+		
+			resp.sessions.each do | sess |
+
+			rows << [ "#{sess.session_key}",
+					  Time.at( sess.time_interval.from.tv_sec).to_s(),
+					  sess.protocol.label,
+					  sess.key1A.label,
+					  sess.key1Z.label,
+					  sess.key2A.label,
+					  sess.key2Z.label,
+					  sess.tracker_statval 
+					]
+			end
+
+		end
+
+		table = Terminal::Table.new( 
+				:headings => %w(Key Last-Seen Prot SourceIP DestIP SPort DPort TrackerVal),
+				:rows => rows)
+		puts(table) 
+
+
+	end
+
+end
+end
+

data/lib/handlers/traffic.rb

@@ -0,0 +1,68 @@
+module ITRP
+
+class Cmd_traffic < Cmd 
+	def initialize (e)
+		super(e)
+		@enabled_in_state = :counter
+		@attach_cmd  = ''
+		@trigger = 'traffic'
+	end
+
+
+
+    def enter(cmdline)
+
+        patt = cmdline.scan(/traffic (.*)/).flatten.first 
+		patt ||= "0"
+		showmeters = patt.split(',').map(&:to_i)
+
+		# meter names 
+		req =mk_request(TRP::Message::Command::COUNTER_GROUP_INFO_REQUEST,
+						 :counter_group => @appenv.context_data[:cgguid],
+						 :get_meter_info => true )
+
+		colnames   = ["Timestamp"]
+		get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+			  resp.group_details.each do |group_detail|
+			  	group_detail.meters.each do |meter|
+					colnames  <<  meter.name  
+				end
+			  end
+		end
+
+
+		req =TrisulRP::Protocol.mk_request(TRP::Message::Command::COUNTER_ITEM_REQUEST,
+			 :counter_group => @appenv.context_data[:cgguid],
+			 :key => @appenv.context_data[:cgkey],
+			 :time_interval =>  mk_time_interval(@appenv.context_data[:time_window]) )
+
+		rows  = [] 
+
+	
+		TrisulRP::Protocol.get_response_zmq(@appenv.zmq_endpt,req) do |resp|
+			  print "Counter Group = #{resp.stats.counter_group}\n"
+			  print "Key           = #{resp.stats.key}\n"
+
+			  tseries  = {}
+			  resp.stats.meters.each do |meter|
+				meter.values.each do |val|
+					tseries[ val.ts.tv_sec ] ||= []
+					tseries[ val.ts.tv_sec ]  << val.val 
+				end
+			  end
+
+
+			  rows = []
+			  tseries.each do |ts,valarr|
+			  	rows << [ ts, valarr ].flatten 
+			  end
+
+			  table = Terminal::Table.new(:headings => colnames,  :rows => rows )
+			  puts(table) 
+		end
+
+	end
+
+end
+end
+

data/lib/itrp.rb

@@ -0,0 +1,140 @@
+# Trisul Remote Protocol iTRP (Interactive TRP) 
+#
+# NSM (Network Security & Traffic Monitoring) Console App
+#
+# Full interactive shell app (Work in Progress) 
+#
+# ruby itrp.rb tcp://192.168.1.8:5555  
+#
+#
+require 'trisulrp'
+require 'readline'
+require 'fileutils'
+
+require_relative 'cmd_base'
+require_relative 'cmd_root'
+
+# Check arguments
+raise %q{
+  itrp.rb - interactive TRP shell 
+
+  Usage   : itrp.rb  trisul-zmq-endpt 
+  Example : itrp.rb  tcp://192.168.1.8:5555 
+} unless ARGV.length==1
+
+HISTFILE=File.expand_path("~/.itrp_history")
+DEFAULT_PROMPT="iTRP> "
+
+class ITRPEnv
+	attr_accessor :prompt 
+	attr_accessor :context 
+	attr_accessor :context_data  
+	attr_accessor :zmq_endpt
+end 
+Appenv = ITRPEnv.new
+Appenv.prompt = DEFAULT_PROMPT
+Appenv.zmq_endpt = ARGV.shift 
+Appenv.context = :any
+Appenv.context_data =  { } 
+
+
+print("\n\niTRP Interactive TRP Shell for Trisul\n");
+
+class Dispatches
+
+	def initialize()
+
+		# load handlers
+		reload
+
+		# root proc 
+		@cmd_roots = { :any => ITRP::Cmd_root.new(Appenv) }
+		@cmd_roots[:any].set_time_window 
+
+
+		# build command tree 
+		(ITRP::constants-[:Cmd, :Cmd_root]).each do |k|
+			kls = ITRP::const_get(k)
+			ins = kls.new(Appenv)
+			@cmd_roots[ins.enabled_in_state] ||= ITRP::Cmd_root.new(Appenv) 
+			@cmd_roots[ins.enabled_in_state].place_node(ins)
+		end
+		
+		# hook up autocompletion 
+		Readline.completion_proc = proc do |s| 
+			buff = Readline.line_buffer()
+
+			[Appenv.context, :any].uniq.collect do |ctx|
+				node  = @cmd_roots[ctx].find_node(buff.split(' '))
+				(node or @cmd_roots[:any]).completions(s) 
+			end.flatten  
+		end
+
+		# history load 
+        if File.exist? HISTFILE
+            File.readlines(HISTFILE).each do |l|
+                Readline::HISTORY.push(l.chop)
+            end
+        end
+
+	end
+	def invoke(cmdline)
+		# system commands
+		case cmdline.scan(/(\w+)/).flatten.first 
+			when 'reload' ; reload 
+			when 'quit'   ; quit 
+			when 'help'   ; help
+			when 'clear'  ; system("clear") 
+			else;
+		end 
+
+		# dispatch to correct plugin w/ context
+		[Appenv.context, :any].uniq.collect do |ctx|
+			node  = @cmd_roots[ctx].find_node(cmdline.strip.split(' '))
+			node.enter(cmdline.strip) and return if node 
+		end
+	end
+
+	def reload
+		print("Loading command handlers ")
+		Dir.glob("handlers/*rb") do |f|
+			load(f)
+			print('.')
+		end
+		print("done\n")
+	end
+
+	def help
+		@cmd_roots.each do |k,v|
+			print "Context :#{k}\n"
+			v.treeprint 
+		end 
+	end
+
+	def quit
+
+        File.open( HISTFILE, "w") do |h|
+            Readline::HISTORY.to_a.uniq.each do |l|
+                h.write(l + "\n" ) 
+            end
+        end
+
+		exit 0
+	end
+
+
+end
+
+
+dispatches = Dispatches.new()
+while cmd = Readline.readline(Appenv.prompt, true)
+    begin
+        dispatches.invoke(cmd)
+        Readline::HISTORY.push(cmd)
+    rescue Exception => e 
+		if e.message == 'exit' ; exit; end
+        puts "Error " + e.message 
+        puts "Error " + e.backtrace.join('\n') 
+    end
+end
+