/*****
*
* Copyright (C) 2003 Nicolas Delon <delon.nicolas@wanadoo.fr>
* All Rights Reserved
*
* This file is part of the Prelude program.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by 
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING.  If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*****/

#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>

#include <libprelude/list.h>
#include <libprelude/idmef-tree.h>
#include <libprelude/idmef-tree-func.h>
#include <libprelude/prelude-io.h>
#include <libprelude/prelude-message.h>
#include <libprelude/prelude-message-buffered.h>
#include <libprelude/idmef-msg-send.h>
#include <libprelude/sensor.h>
#include <libprelude/prelude-log.h>

#include "alert.h"
#include "config.h"

#define ANALYZER_CLASS "Firewall IDS"
#define ANALYZER_MODEL "Prelude PFlogger"
#define ANALYZER_MANUFACTURER "The Prelude Team http://www.prelude-ids.org"


static prelude_msgbuf_t *alert_msgbuf;
static prelude_msgbuf_t *heartbeat_msgbuf;

static void generate_time(idmef_time_t *time)
{
	struct timeval tv;

	gettimeofday(&tv, NULL);

	time->sec = tv.tv_sec;
	time->usec = tv.tv_usec;
}



static void generate_analyzer(idmef_analyzer_t *analyzer)
{
        prelude_analyzer_fill_infos(analyzer);
        idmef_string_set_constant(&analyzer->model, ANALYZER_MODEL);
        idmef_string_set_constant(&analyzer->class, ANALYZER_CLASS);
        idmef_string_set_constant(&analyzer->manufacturer, ANALYZER_MANUFACTURER);
        idmef_string_set_constant(&analyzer->version, VERSION);
}



static void send_heartbeat_cb(void *data)
{
	idmef_message_t *message;
	idmef_heartbeat_t *heartbeat;

	message = idmef_message_new();
	if ( ! message ) {
		log(LOG_ERR, "could not create idmef message\n");
		return;
	}

	idmef_heartbeat_new(message);
	heartbeat = message->message.heartbeat;

	generate_analyzer(&heartbeat->analyzer);
        generate_time(&heartbeat->create_time);

        idmef_msg_send(heartbeat_msgbuf, message, PRELUDE_MSG_PRIORITY_MID);

	idmef_message_free(message);
}



int	alert_init_subsystem(void)
{
	alert_msgbuf = prelude_msgbuf_new(1);
	if ( ! alert_msgbuf ) {
		log(LOG_ERR, "could not create msgbuf\n");
		return -1;
	}

	heartbeat_msgbuf = prelude_msgbuf_new(1);
	if ( ! heartbeat_msgbuf ) {
		prelude_msgbuf_close(alert_msgbuf);
		log(LOG_ERR, "could not create msgbuf\n");
		return -1;
	}

	prelude_heartbeat_register_cb(send_heartbeat_cb, NULL);

	return 0;
}



int alert_emit(idmef_message_t *message)
{
	idmef_alert_t *alert = message->message.alert;
	
	generate_analyzer(&alert->analyzer);
	generate_time(&alert->create_time);

	idmef_msg_send(alert_msgbuf, message, PRELUDE_MSG_PRIORITY_MID);

	return 0;
}