[Flow-tools] [PATCH] SQLite3 support for flow-export

Taisuke Yamada Wed, 04 May 2005 03:01:15 -0700

Hi.

I have modified flow-export to support SQLite3 as an export target,
and so sending in a patch.

SQLite3 is an embeddable SQL database engine which excels when used
from single-thread application (see http://sqlite.org/ for more).
Since this is "in-process", this is great when you want to store data,
but don't want extra complexity of running a database.

With this patch, you can call flow-export with new option "-f 6".

  flow-export -f 6 -m... -u dbfile.db:raw < data

This will insert records into table "raw" of file "dbfile.db".

Best Regards,
-- 
Taisuke Yamada <[EMAIL PROTECTED]>
2268 E9A2 D4F9 014E F11D  1DF7 DCA3 83BC 78E5 CD3A

Message to my public address may not be handled in a timely manner.
For a direct contact, please use my private address on my namecard.

diff -ur flow-tools-0.67.orig/acconfig.h flow-tools-0.67.test/acconfig.h
--- flow-tools-0.67.orig/acconfig.h     2003-12-04 14:42:33.000000000 +0900
+++ flow-tools-0.67.test/acconfig.h     2005-04-26 18:44:46.000000000 +0900
@@ -20,6 +20,9 @@
 /* PGSQL */
 #undef HAVE_PGSQL
 
+/* SQLITE3 */
+#undef HAVE_SQLITE3
+
 /* DEC */
 #undef HAVE_LL_STRTOUL
 
diff -ur flow-tools-0.67.orig/configure.in flow-tools-0.67.test/configure.in
--- flow-tools-0.67.orig/configure.in   2003-12-04 15:18:15.000000000 +0900
+++ flow-tools-0.67.test/configure.in   2005-04-26 18:46:22.000000000 +0900
@@ -24,6 +24,9 @@
 AC_SUBST(PGSQLLIB)
 AC_SUBST(PGSQLCFLAGS)
 AC_SUBST(PGSQLINCLUDE)
+AC_SUBST(SQLITE3LIB)
+AC_SUBST(SQLITE3CFLAGS)
+AC_SUBST(SQLITE3INCLUDE)
 
 dnl extra argument: --with-mysql
 WITH_MYSQL=
@@ -49,6 +52,18 @@
 ]
 )
 
+dnl extra argument: --with-sqlite3
+WITH_SQLITE3=
+AC_ARG_WITH(sqlite3,
+[  --with-sqlite3[=PATH]           Compile in SQLite3 support. (default=no)],
+[ if test -x "$withval"; then
+    WHERE_SQLITE3=$withval
+  else
+    WHERE_SQLITE3="/usr"
+  fi
+]
+)
+
 dnl Checks for libraries.
 
 if test "x$WHERE_MYSQL" != "x"; then
@@ -73,6 +88,17 @@
   )
 fi
 
+if test "x$WHERE_SQLITE3" != "x"; then
+  LIBS="-L$WHERE_SQLITE3/lib/sqlite3"
+  AC_CHECK_LIB(sqlite3, sqlite3_open,
+    [
+      SQLITE3CFLAGS="-L$WHERE_SQLITE3/lib -I$WHERE_SQLITE3/include/sqlite3"
+      SQLITE3LIB="-lsqlite3"
+      AC_DEFINE(HAVE_SQLITE3)
+    ]
+  )
+fi
+
 AC_CHECK_LIB(y, main,YLIB="$YLIB -ly",)
 AC_CHECK_LIB(z, zlibVersion)
 case "X$LIBS" in
diff -ur flow-tools-0.67.orig/src/Makefile.am 
flow-tools-0.67.test/src/Makefile.am
--- flow-tools-0.67.orig/src/Makefile.am        2003-12-04 14:42:33.000000000 
+0900
+++ flow-tools-0.67.test/src/Makefile.am        2005-04-26 18:44:27.000000000 
+0900
@@ -102,8 +102,8 @@
 
 flow_export_SOURCES = flow-export.c
 flow_export_LDFLAGS = -L../lib
-flow_export_CFLAGS = @MYSQLCFLAGS@ @PGSQLCFLAGS@
-flow_export_LDADD =  -lft @MYSQLLIB@ @PGSQLLIB@
+flow_export_CFLAGS = @MYSQLCFLAGS@ @PGSQLCFLAGS@ @SQLITE3CFLAGS@
+flow_export_LDADD =  -lft @MYSQLLIB@ @PGSQLLIB@ @SQLITE3LIB@
 flow_export_DEPENDENCIES = ftbuild.h
 
 flow_header_SOURCES = flow-header.c
diff -ur flow-tools-0.67.orig/src/flow-export.c 
flow-tools-0.67.test/src/flow-export.c
--- flow-tools-0.67.orig/src/flow-export.c      2003-12-04 14:55:31.000000000 
+0900
+++ flow-tools-0.67.test/src/flow-export.c      2005-04-26 18:57:09.000000000 
+0900
@@ -73,6 +73,15 @@
 
 #endif /* PGSQL*/
 
+#ifdef HAVE_SQLITE3
+
+#include <sqlite3.h>
+
+#define DB_DEFAULT_DBNAME "netflow"
+#define DB_DEFAULT_DBTABLE "raw"
+
+#endif /* SQLITE3 */
+
 #if HAVE_LL_STRTOUL
   #define strtoull strtoul
 #endif /* HAVE_LL_STRTOULL */
@@ -96,12 +105,15 @@
     int (*where)(struct ftio *ftio, struct options *opt);
 };
 
+int debug;
+
 int format0(struct ftio *ftio, struct options *opt);
 int format1(struct ftio *ftio, struct options *opt);
 int format2(struct ftio *ftio, struct options *opt);
 int format3(struct ftio *ftio, struct options *opt);
 int format4(struct ftio *ftio, struct options *opt);
 int format5(struct ftio *ftio, struct options *opt);
+int format6(struct ftio *ftio, struct options *opt);
 
 int ftxfield_tocflow(u_int64 xfields, u_int32 *cfmask);
 
@@ -111,9 +123,9 @@
 
 void usage(void);
 
-#define NFORMATS 6 /* nformats - 1 */
+#define NFORMATS 7 /* nformats - 1 */
 struct jump format[] = {{format0}, {format1}, {format2}, {format3},
-                        {format4}, {format5}};
+                        {format4}, {format5}, {format6}};
 
 int main(int argc, char **argv)
 {
@@ -121,7 +133,7 @@
   struct ftio ftio;
   struct ftprof ftp;
   struct options opt;
-  int debug;
+  /* int debug; */
 
   /* init fterr */
   fterr_setid(argv[0]);
@@ -958,6 +970,96 @@
  
 } /* format5 */ 
 
+/*
+ * function: format6
+ *
+ * export flows into SQLite3 Database
+ */
+int format6(struct ftio *ftio, struct options *opt)
+{
+#ifdef HAVE_SQLITE3
+  struct fts3rec_offsets fo;
+  struct ftver ftv;
+  char fields[1024], values[1024], query[3*1024];
+  char *rec;
+  char *db_name, *db_table, *tmp;
+  int len;
+
+  sqlite3 *db;
+
+  db_name = DB_DEFAULT_DBNAME;
+  db_table = DB_DEFAULT_DBTABLE;
+
+  /* parse URI string */
+  if (strlen(opt->dbaseURI)) {
+    tmp = opt->dbaseURI;
+
+    db_name = strsep(&tmp, ":");
+    db_table = strsep(&tmp, ":");
+
+    if (!db_name || !db_table) {
+      fterr_warnx("Missing field in dbaseURI, expecting dbfile:table.");
+      return -1;
+    }
+  } /* dbaseURI */
+
+  ftio_get_ver(ftio, &ftv);
+  fts3rec_compute_offsets(&fo, &ftv);
+
+  /* remove invalid fields */
+  opt->ft_mask &= ftrec_xfield(&ftv);
+
+  /* generate the field names once */
+  fmt_xfields_type(fields, opt->ft_mask);
+
+  /* open PostgreSQL database */
+  if (sqlite3_open(db_name, &db) != SQLITE_OK)
+    fterr_errx(1, "sqlite3_open(): failed\n");
+
+  if (sqlite3_exec(db, "BEGIN", NULL, NULL, &tmp) != SQLITE_OK)
+    fterr_errx(1, "sqlite3_exec(): BEGIN failed\n");
+
+  /* foreach flow */
+  while ((rec = ftio_read(ftio))) {
+    len = fmt_xfields_val(values, rec, &fo, opt->ft_mask, 1);
+
+    /* form SQL query and execute it */
+    if (len) {
+      strcpy(query, "INSERT INTO ");
+      strcat(query, db_table);
+      strcat(query, "(");
+      strcat(query, fields);
+      strcat(query, ") VALUES (");
+      strcat(query, values);
+      strcat(query, ")");
+
+      if (debug)
+        fprintf(stderr, "field=%s\n val=%s\n query=%s\n", fields, values,
+          query);
+
+      if (sqlite3_exec(db, query, NULL, NULL, &tmp) != SQLITE_OK)
+        fterr_errx(1, "sqlite3_exec(): %s\n", tmp);
+    }
+
+    ++opt->records;
+  } /* while */
+
+  if (sqlite3_exec(db, "COMMIT", NULL, NULL, &tmp) != SQLITE_OK)
+    fterr_errx(1, "sqlite3_exec(): COMMIT failed.\n");
+
+  /* close database */
+  sqlite3_close(db);
+
+#else /* SQLITE3 */
+
+  fterr_warnx("Format not supported");
+
+#endif /* SQLITE3 */
+
+  return 0;
+ 
+} /* format6 */ 
+
 int fmt_xfields_type(char *buf, u_int64 xfield)
 {
   int comma;

_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools

[Flow-tools] [PATCH] SQLite3 support for flow-export

Reply via email to