diff --git a/src/main/java/de/hsh/inform/orientdb_project/CommandLineInterface.java b/src/main/java/de/hsh/inform/orientdb_project/CommandLineInterface.java index d5c239a..58da80f 100644 --- a/src/main/java/de/hsh/inform/orientdb_project/CommandLineInterface.java +++ b/src/main/java/de/hsh/inform/orientdb_project/CommandLineInterface.java @@ -16,7 +16,9 @@ import org.apache.commons.cli.ParseException; import com.tinkerpop.blueprints.impls.orient.OrientGraphNoTx; import de.hsh.inform.orientdb_project.model.EthernetFrameModel; +import de.hsh.inform.orientdb_project.model.HostModel; import de.hsh.inform.orientdb_project.model.Model; +import de.hsh.inform.orientdb_project.model.TcpConnectionModel; import de.hsh.inform.orientdb_project.orientdb.OrientDbHelperService; import de.hsh.inform.orientdb_project.repository.EthernetFrameRepository; import de.hsh.inform.orientdb_project.repository.HostRepository; @@ -43,14 +45,14 @@ public class CommandLineInterface { this.hostRepository = new HostRepository(this.ogf); this.ethernetFrameRepository = new EthernetFrameRepository(this.odhs.getDatabaseDocument()); - options.addOption("e", "ethernetFramesByBytes", false, "Find ethernet frames that contain a given byte sequence."); + options.addOption("e", "ethernetFramesByBytes", false, "Find ethernet frames that contain a given byte sequence. - Try FF FF FF FF FF FF"); - options.addOption("htoipp", "hostsByIpAndPort", false, "Find hosts that have tcp connections to a given ip address and port."); + options.addOption("htoipp", "hostsByIpAndPort", false, "Find hosts that have tcp connections to a given ip address and port. ( ) - Try 197.218.177.69 25"); options.addOption("htoex", "hostsByConnToExternalHosts", false, "Find hosts that have tcp connections to external hosts."); options.addOption("hinw", "hostsWithIncomingOnWellKnownPorts", false, "Find hosts that have incoming tcp connections on well known ports."); - options.addOption("ta", "tcpConnectionActiveAt", false, "Find tcp connections that were active at a given timestamp."); - options.addOption("tbpm", "tcpConnectionBytesPerMinuteBetween", false, "Get datavolume (bytes per minute) between two given ip addresses."); + options.addOption("ta", "tcpConnectionActiveAt", false, "Find tcp connections that were active at a given timestamp. Try 901714389"); + options.addOption("tbpm", "tcpConnectionBytesPerMinuteBetween", false, "Get datavolume (bytes per minute) between two given ip addresses. - Try 172.16.114.207 206.251.19.72"); options.addOption("h", "help", false, "show help."); options.addOption("q", "quit", false, "quit the program."); @@ -80,8 +82,40 @@ public class CommandLineInterface { } if(cmd.hasOption("htoipp")) { - + String ipAddress = cmd.getArgs()[0]; + int port = Integer.valueOf(cmd.getArgs()[1]); + List result = this.hostRepository.findByConnectionsTo(ipAddress, port); + System.out.println("Hosts that had connections to " + ipAddress + " " + port + ":"); + this.printResults(result); } + + if(cmd.hasOption("htoex")) { + List result = this.hostRepository.findAllByConnectionsToOutsideHosts(); + System.out.println("Hosts that had connections to external hosts:"); + this.printResults(result); + } + + if(cmd.hasOption("hinw")) { + List result = this.hostRepository.findAllByIncomingConnectionOnWellKnownPort(); + System.out.println("Hosts that had incoming connections on well known ports:"); + this.printResults(result); + } + + if(cmd.hasOption("ta")) { + long ts = Long.valueOf(cmd.getArgs()[0]); + System.out.println("Tcp connections active at given timestamp " + ts + ":"); + List result = this.tcpConnectionRepository.findByActiveWhen(ts); + this.printResults(result); + } + + if(cmd.hasOption("tbpm")) { + String ipA = cmd.getArgs()[0]; + String ipB = cmd.getArgs()[1]; + System.out.println("Bytes per minute between " + ipA + " and " + ipB + ": "); + long bytesPerMinute = this.tcpConnectionRepository.getTotalDataVolumePerMinuteBetweenHosts(ipA, ipB); + System.out.println(bytesPerMinute + " bytes per minute"); + } + } catch (ParseException e) { //log.log(Level.SEVERE, "Failed to parse comand line properties", e); log.log(Level.SEVERE, "I did not understand that. Sorry.");