several code fixes and cleanups, revival of the 'unknown' process

connection.cpp

@@ -69,10 +69,11 @@ Connection::Connection (Packet * packet)
 	if (packet->Outgoing())
 	{
 		sent_packets->add(packet);
+		refpacket = new Packet (*packet);
 	} else {
 		recv_packets->add(packet);
+		refpacket = packet->newInverted();
 	}
-	refpacket = packet->newPacket ();
 	lastpacket = packet->time.tv_sec;
 	if (DEBUG)
 		std::cout << "New reference packet created at " << refpacket << std::endl;
@@ -103,14 +104,15 @@ void Connection::add (Packet * packet)
 /* finds connection to which this packet belongs.
  * a packet belongs to a connection if it matches
  * to its reference packet */
-/* the incoming and outgoing streams of a connection
- * are 2 sepetate 'connections' in nethogs. */
 Connection * findConnection (Packet * packet)
 {
 	ConnList * current = connections;
+	Packet * invertedPacket = packet->newInverted();
 	while (current != NULL)
 	{
-		if (packet->match(current->val->refpacket))
+		/* the reference packet is always *outgoing* */
+		if ((packet->match(current->val->refpacket))
+		  || (invertedPacket->match(current->val->refpacket)))
 			return current->val;
 
 		current = current->next;

connection.h

@@ -60,8 +60,9 @@ public:
 	~Connection();
 
 	/* add a packet to the packlist 
-	 * will delete the packet when it is
-	 * 'merged' with another packet
+	 * will delete the packet structure
+	 * when it is 'merged with' (added to) another 
+	 * packet
 	 */
 	void add (Packet * packet);
 
@@ -73,6 +74,7 @@ public:
 	void sumanddel(timeval curtime, bpf_u_int32 * sent, bpf_u_int32 * recv);
 
 	/* for checking if a packet is part of this connection */
+	/* the reference packet is always *outgoing*. */
 	Packet * refpacket;
 private:
 	PackList * sent_packets; 

nethogs.h

@@ -19,7 +19,7 @@
 #define NEEDROOT 1
 #endif
 
-#define DEBUG 1
+#define DEBUG 0
 
 
 #define PROGNAME_WIDTH 27

packet.cpp

@@ -133,11 +133,17 @@ Packet::Packet (in_addr m_sip, unsigned short m_sport, in_addr m_dip, unsigned s
 	len = m_len; time = m_time;
 }
 
-Packet * Packet::newPacket ()
-{
-	return new Packet (sip, sport, dip, dport, len, time);
+Packet * Packet::newInverted () {
+	return new Packet (dip, dport, sip, sport, len, time);
 }
 
+/* constructs returns a new Packet() structure with the same contents as this one */
+/*Packet::Packet (const Packet &old_packet) {
+    sip = old_packet.sip; sport = old_packet.sport;
+    dip = old_packet.dip; dport = old_packet.dport;
+    len = old_packet.len; time = old_packet.time;
+}*/
+
 bool sameinaddr(in_addr one, in_addr other)
 {
 	return one.s_addr == other.s_addr;
@@ -167,8 +173,7 @@ char * Packet::gethashstring ()
 }
 
 /* 2 packets match if they have the same 
- * source and destination ports and IP's,
- * or inverted. */
+ * source and destination ports and IP's. */
 bool Packet::match (Packet * other)
 {
 	return (sport == other->sport) && (dport == other->dport) 

packet.h

@@ -28,11 +28,13 @@ public:
 	timeval time;
 
 	Packet (in_addr m_sip, unsigned short m_sport, in_addr m_dip, unsigned short m_dport, bpf_u_int32 m_len, timeval m_time);
-	/* copy constructor */
-	Packet * newPacket ();
+	/* using default copy constructor */
+	/* Packet (const Packet &old_packet); */
+	/* copy constructor that turns the packet around */
+	Packet * newInverted ();
 
 	bool isOlderThan(timeval t);
-	/* is this packet coming from here? */
+	/* is this packet coming from the local host? */
 	bool Outgoing ();
 
 	bool match (Packet * other);

process.cpp

@@ -304,13 +304,15 @@ int GreatestFirst (const void * ma, const void * mb)
 	} 
 	return 1;
 }
+
 int count_processes()
 {
 	int i = 0;
 	ProcList * curproc = processes;
 	while (curproc != NULL)
 	{
-		i++; curproc = curproc->getNext();
+		i++; 
+		curproc = curproc->getNext();
 	}
 	return i;
 }
@@ -348,7 +350,7 @@ void do_refresh()
 			assert (curproc != NULL);
 			assert (curproc->getVal() != NULL);
 		}
-		if (curproc->getVal()->getLastPacket() + PROCESSTIMEOUT <= curtime.tv_sec)
+		if ((curproc->getVal()->getLastPacket() + PROCESSTIMEOUT <= curtime.tv_sec) && (curproc->getVal() != unknownproc))
 		{
 			if (lastproc)
 			{
@@ -370,7 +372,7 @@ void do_refresh()
 				    sum_local = 0,
 				    sum_conn = 0,
 				    sum_connLocal = 0;	
-			ConnList * curconn = curproc->getVal()->incoming;
+			ConnList * curconn = curproc->getVal()->connections;
 			while (curconn != NULL)
 			{
 				curconn->getVal()->sumanddel(curtime, &sum, &sum_local);
@@ -469,14 +471,15 @@ Process * getProcess (Connection * connection, char * devicename)
 		if (inode == NULL)
 		{
 #if DEBUG
-			std::cerr << connection->refpacket->gethashstring() << " STILL not in table - dropping\n";
+			std::cerr << connection->refpacket->gethashstring() << " STILL not in table - adding to the unknown process\n";
 #endif
-			return NULL;
+			unknownproc->connections = new ConnList (connection, unknownproc->connections);
+			return unknownproc;
 		}
 	}
 
 	Process * proc = getProcess(*inode, devicename);
-	proc->incoming = new ConnList (connection, proc->incoming);
+	proc->connections = new ConnList (connection, proc->connections);
 	return proc;
 }
 

process.h

@@ -37,13 +37,12 @@ public:
 		inode = m_inode;
 		name = m_name;
 		devicename = m_devicename;
-		incoming = NULL;
-		outgoing = NULL;
+		connections = NULL;
 	}
 	int getLastPacket ()
 	{
 		int lastpacket=0;
-		ConnList * curconn=incoming;
+		ConnList * curconn=connections;
 		while (curconn != NULL)
 		{
 			if (DEBUG)
@@ -64,8 +63,7 @@ public:
 	int uid;
 
 	unsigned long inode;
-	ConnList * incoming;
-	ConnList * outgoing;
+	ConnList * connections;
 };
 
 Process * getProcess (Connection * connection, char * devicename = NULL);