/usr/sbin/clean_conntrack.pl is in nuauth-utils 2.4.3-3.4.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 | #!/usr/bin/perl -w
#
## fwcon.pl: Forward "open" connection to actif table.
#
# Copyright(C) 2003-2005 INL
# Written by Thomas Sabono <thomas@inl.fr>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
use strict;
use DBI;
my $mysql_user="root";
my $mysql_pass="";
my $mysql_host="localhost";
my $mysql_database="ulogd";
my $actif_table="conntrack_ulog";
my $archive_table="ulog";
my $new_timeout=120;
my $mysql_rows="raw_mac, oob_time_sec, oob_time_usec, oob_prefix, oob_mark, oob_in, oob_out,
ip_saddr, ip_daddr, ip_protocol, ip_tos, ip_ttl, ip_totlen, ip_ihl, ip_csum,
ip_id, ip_fragoff, tcp_sport, tcp_dport, tcp_seq, tcp_ackseq, tcp_window,
tcp_urg, tcp_urgp, tcp_ack, tcp_psh, tcp_rst, tcp_syn, tcp_fin, udp_sport,
udp_dport, udp_len, icmp_type, icmp_code, icmp_echoid, icmp_echoseq, icmp_gateway,
icmp_fragmtu, pwsniff_user, pwsniff_pass, ahesp_spi, timestamp, state, end_timestamp,
start_timestamp, username, user_id, client_os, client_app, bytes_in, bytes_out,
packets_in, packets_out";
#
## Database initialisation.
#
my $mysql_connection="DBI:mysql:database=$mysql_database;host=$mysql_host";
my $dbh = DBI->connect($mysql_connection, $mysql_user, $mysql_pass)
or die "[!] Couldn't connect to database: " . DBI->errstr;
my $drh = DBI->install_driver("mysql");
#
## Get greater id.
#
my $sth = $dbh->prepare("SELECT id FROM $actif_table WHERE state = 0 OR state = 3 ORDER BY id DESC
LIMIT 1");
$sth->execute or die "[!] Couldn't execute statement: " . $sth->errstr;
my @buffer = $sth->fetchrow_array;
my $max_id = $buffer[0] ? $buffer[0] : 0;
#
## Execute update query.
#
$sth = $dbh->prepare("INSERT INTO $archive_table($mysql_rows)
SELECT $mysql_rows FROM $actif_table WHERE id <= $max_id AND (state = 0 OR state = 3)");
$sth->execute or die "[!] Couldn't execute statement: " . $sth->errstr;
#
## Delete old value from actif table.
#
$sth = $dbh->prepare("DELETE FROM $actif_table WHERE id <= $max_id AND (state=0 OR state=3)");
$sth->execute or die "[!] Couldn't execute statement: " . $sth->errstr;
#
## Update connection without reply
#
$sth = $dbh->prepare("UPDATE $actif_table SET state=3 WHERE state=1 AND timestamp<DATE_ADD(NOW(),INTERVAL $new_timeout SECOND)");
$sth->execute or die "[!] Couldn't execute statement: " . $sth->errstr;
|