#!/usr/bin/perl


use Cflow qw(:flowvars find);

open(INFILE, 'logins.txt');

while (<INFILE>) {
	($user, $ip, $login_time, $logout_time) = split(/,/);

	$ipaddr = &ip2num($ip);

	($start_sec,$start_min,$start_hour,$start_mday,$start_mon,$start_year,$start_wday,$start_yday,$start_isdst) = localtime($login_time);

	$start_mon++;

	$startyear = $start_year + 1900;

	if ($start_mon < 10) {
		$startdate = "$startyear-0$start_mon-$start_mday";
		$startyearmon = "$startyear-0$start_mon";
	}
	else {
		$startdate = "$startyear-$start_mon-$start_mday";
		$startyearmon = "$startyear-$start_mon";
	}	

	open(OUTFILE, ">>./$start_year-$start_mon-$start_mday.csv");
	
	find(\&lacey_1_wanted, </data/flow-tools/lacey-1/$startyear/$startyearmon/$startdate/ft-v05*>);
	find(\&lacey_2_wanted, </data/flow-tools/lacey-2/$startyear/$startyearmon/$startdate/ft-v05*>);

}

sub lacey_1_wanted {

	if (($srcaddr == $ipaddr || $dstaddr == $ipaddr)
	    && ($starttime >= $login_time && $endtime <= $logout_time)
	    && !($nexthopip eq '216.177.255.240') ) {
		$start = localtime($startime);
                $end = localtime($endtime);
                $proto = getprotobynumber($protocol);
                print OUTFILE "lacey-1,$start,$end,$src_as,$dst_as,$srcip,$dstip,$srcport,$dstport,$nexthopip,$bytes,$proto\n";
	}
}

sub lacey_2_wanted {

	if (($srcaddr == $ipaddr || $dstaddr == $ipaddr)
	    && ($starttime >= $login_time && $endtime <= $logout_time) 
	    && !($nexthopip eq '216.177.255.241') ) {
		$start = localtime($startime);
                $end = localtime($endtime);
                $proto = getprotobynumber($protocol);
                print OUTFILE "lacey-2,$start,$end,$src_as,$dst_as,$srcip,$dstip,$srcport,$dstport,$nexthopip,$bytes,$proto\n";
	}
}

sub ip2num {
   ($o1,$o2,$o3,$o4) = split /\./,shift(@_);
   return ( ($o1 << 24) | ($o2 << 16) | ($o3 << 8) | $o4)
}