forked from DGNum/infrastructure
36 lines
1,010 B
Nix
36 lines
1,010 B
Nix
|
# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
|
||
|
|
#
|
||
|
|
# SPDX-License-Identifier: EUPL-1.2
|
||
|
|
|
||
|
|
{
|
||
|
|
writeShellApplication,
|
||
|
|
postgresql,
|
||
|
|
}:
|
||
|
|
writeShellApplication {
|
||
|
|
name = "nat-request-daddr";
|
||
|
|
runtimeInputs = [ postgresql ];
|
||
|
|
text = ''
|
||
|
|
TARGET_TIMESTAMP=$2
|
||
|
|
TARGET_PREFIX=$1
|
||
|
|
psql -d ulogd -U ulogd -c "
|
||
|
|
select
|
||
|
|
vlan_id,
|
||
|
|
reply_ip_daddr_str as used_ip,
|
||
|
|
reply_l4_dport as used_port,
|
||
|
|
orig_ip_daddr_str as daddr,
|
||
|
|
orig_l4_dport as dport,
|
||
|
|
flow_start_sec, flow_end_sec
|
||
|
|
from ulog2_ct
|
||
|
|
join vlan_prefixes on ulog2_ct.orig_ip_saddr_str <<= vlan_prefixes.prefix
|
||
|
|
where
|
||
|
|
-- if we don't have conn start, we considered it started before the target time
|
||
|
|
( flow_start_sec IS NULL or flow_start_sec <= $TARGET_TIMESTAMP )
|
||
|
|
and
|
||
|
|
-- similar for conn end
|
||
|
|
( flow_end_sec IS NULL or flow_end_sec >= $TARGET_TIMESTAMP )
|
||
|
|
and
|
||
|
|
orig_ip_daddr_str <<= inet '$TARGET_PREFIX'
|
||
|
|
;"
|
||
|
|
'';
|
||
|
|
}
|