#! /usr/local/bin/perl -w
#
# $Id: tunnellog.pl,v 1.6 2001/05/11 10:53:34 coelho Exp $
#
# (c) Fabien Coelho <fabien@coelho.net> 2000-2001
# 
#
# LICENSE
# 
# THIS PROGRAM IS DISTRIBUTED AS IS, WITHOUT ANY WARRANTY, UNDER
# THE TERMS OF THE GNU GENERAL PUBLIC LICENSE (GNU-GPL).
#
# See http://www.gnu.org/ for more information.
#
#
# DOCUMENTATION
# 
# This script analyzes a tunnel event log and shows current connexions.
#

my %current = ();

# returns ip and port as usual
sub iport
{
    my ($ip,$port) = split /:/, $_[0];
    if ($ip =~ /^(..)(..)(..)(..)$/)
    {
	return hex($1) . "." . hex($2) . "." . 
	    hex($3) . "." . hex($4) . ":$port";
    }
    return "?:?";
}

# returns a local human readable date from unix time
sub date
{
    my ($s,$mn,$h,$md,$m,$y) = localtime($_[0]);
    return ($y+1900). "/" . ($m+1) . "/$md $h:$mn:$s"; 
}

# process tunnel log file
while (<>)
{
    if (/^\[tunnel:(.*)\] +(\S*) (\S*) +0x(.*)\/0x(.*) at (.*)$/)
    {
	($ps,$sk,$cmd,$client,$server,$date) = 
	    ($2,$1,$3,iport($4),iport($5),date($6));
	$key = "$ps $client $server";
	$val = "$cmd $date $sk";
	if (exists $current{$key})
	{
	    print $key, " ", $current{$key}, " -> ", $val, "\n";
	}
	$current{$key} = $val;
    }
}

print "\nSTILL OPEN\n";

# dump current connexions
foreach $k (sort keys %current)
{
    $v = $current{$k};
    if ($v =~ /open/)
    {
	print "$k:$v\n";
    }
}