feat(vault01/legal_scripting): update legal request script
This commit is contained in:
parent
64635bdd26
commit
b845a08bfb
1 changed files with 14 additions and 3 deletions
|
@ -10,8 +10,13 @@ writeShellApplication {
|
|||
name = "nat-request-daddr";
|
||||
runtimeInputs = [ postgresql ];
|
||||
text = ''
|
||||
TARGET_TIMESTAMP=$2
|
||||
TARGET_PREFIX=$1
|
||||
TARGET_TIMESTAMP=$3
|
||||
TARGET_PREFIX=$2
|
||||
SRC_PREFIX=$1
|
||||
if [ -z "$TARGET_TIMESTAMP" ] || [ -z "$TARGET_PREFIX" ] || [ -z "$SRC_PREFIX" ]; then
|
||||
echo "$(basename "$0") SOURCE_IP DISTANT_IP TIMESTAMP"
|
||||
exit 1
|
||||
fi
|
||||
psql -d ulogd -U ulogd -c "
|
||||
select
|
||||
vlan_id,
|
||||
|
@ -21,8 +26,12 @@ writeShellApplication {
|
|||
orig_l4_dport as dport,
|
||||
flow_start_sec, flow_end_sec
|
||||
from ulog2_ct
|
||||
join vlan_prefixes on ulog2_ct.orig_ip_saddr_str <<= vlan_prefixes.prefix
|
||||
join kea_log on ulog2_ct.orig_ip_saddr_str <<= kea_log.ip_addr
|
||||
where
|
||||
lease_start_sec <= $TARGET_TIMESTAMP
|
||||
and
|
||||
$TARGET_TIMESTAMP <= lease_end_sec
|
||||
and
|
||||
-- if we don't have conn start, we considered it started before the target time
|
||||
( flow_start_sec IS NULL or flow_start_sec <= $TARGET_TIMESTAMP )
|
||||
and
|
||||
|
@ -30,6 +39,8 @@ writeShellApplication {
|
|||
( flow_end_sec IS NULL or flow_end_sec >= $TARGET_TIMESTAMP )
|
||||
and
|
||||
orig_ip_daddr_str <<= inet '$TARGET_PREFIX'
|
||||
and
|
||||
reply_ip_daddr_str <<= inet '$SRC_PREFIX'
|
||||
;"
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue