package com.radware.defenseflow.dp;

import com.radware.defenseflow.dp.DPRep;
import java.io.RandomAccessFile;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import me.prettyprint.cassandra.serializers.StringSerializer;
import org.apache.avro.ipc.trace.SpanStorage;
import org.opendaylight.defense4all.core.DFAppModule;
import org.opendaylight.defense4all.core.DFAppRoot;
import org.opendaylight.defense4all.core.Mitigation;
import org.opendaylight.defense4all.core.PN;
import org.opendaylight.defense4all.core.Traffic;
import org.opendaylight.defense4all.framework.core.ExceptionControlApp;
import org.opendaylight.defense4all.framework.core.FMHolder;
import org.opendaylight.defense4all.framework.core.FrameworkMain;
import org.opendaylight.defense4all.framework.core.Repo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.snmp4j.util.SnmpConfigurator;

/* loaded from: input_file:com/radware/defenseflow/dp/DPEventMgr.class */
public class DPEventMgr extends DFAppModule {
    protected static final int ACTION_INVALID = -1;
    protected static final int ACTION_RESERVED = 0;
    protected static final int ACTION_PROCESS_SYSLOGS = 1;
    public DPRep amsRep;
    protected ConcurrentHashMap<String, MonitoredTraffic> monitoredTraffics;
    String rsyslogDFPipe;
    private Logger log = LoggerFactory.getLogger(getClass());
    public Repo<String> monitoredTrafficRepo = null;
    protected Hashtable<String, String> dpNames = new Hashtable<>();

    public DPEventMgr() {
        this.monitoredTraffics = null;
        this.monitoredTraffics = new ConcurrentHashMap<>();
    }

    public void setRsyslogDFPipe(String str) {
        this.rsyslogDFPipe = str;
    }

    public void setAmsRep(DPRep dPRep) {
        this.amsRep = dPRep;
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void init() throws ExceptionControlApp {
        super.init();
        try {
            this.monitoredTrafficRepo = this.fMain.getRepoFactory().getOrCreateRepo(DFAppRoot.RepoMajor.DF_AMS_REP.name(), DPRep.RepoMinor.MONITORED_TRAFFIC.name(), StringSerializer.get(), true, MonitoredTraffic.getRCDs());
            Hashtable<String, Hashtable<String, Object>> table = this.monitoredTrafficRepo.getTable();
            if (table == null) {
                this.log.error("Failed to init - received null monitoredTraffic table");
                this.fMain.getHealthTracker().reportHealthIssue(5);
                throw new ExceptionControlApp("Failed to init - received null monitoredTraffic table");
            }
            Iterator<Map.Entry<String, Hashtable<String, Object>>> it = table.entrySet().iterator();
            while (it.hasNext()) {
                try {
                    MonitoredTraffic monitoredTraffic = new MonitoredTraffic(it.next().getValue());
                    this.monitoredTraffics.put(monitoredTraffic.key, monitoredTraffic);
                } catch (ExceptionControlApp e) {
                }
            }
            if (this.fMain.isDebugRun()) {
                try {
                    Runtime runtime = Runtime.getRuntime();
                    runtime.exec("mkfifo " + this.rsyslogDFPipe);
                    runtime.exec("sudo service rsyslog restart");
                } catch (Throwable th) {
                }
            }
            try {
                addBackgroundTask(1, null);
            } catch (Exception e2) {
                this.log.error("Failed to instantiate periodic task to read syslogs from DPs", (Throwable) e2);
                this.fMain.getHealthTracker().reportHealthIssue(5);
            }
        } catch (Throwable th2) {
            this.log.error("Failed to getOrCreateRepo for monitored traffic.", th2);
            this.fMain.getHealthTracker().reportHealthIssue(5);
            throw new ExceptionControlApp("Failed to getOrCreateRepo for monitored traffic.", th2);
        }
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void finit() {
        super.finit();
        String str = null;
        for (Map.Entry<String, MonitoredTraffic> entry : this.monitoredTraffics.entrySet()) {
            try {
                MonitoredTraffic value = entry.getValue();
                str = value.key;
                this.monitoredTrafficRepo.setRow(entry.getKey(), value.toRow());
            } catch (ExceptionControlApp e) {
                this.log.error("Failed to record monitored traffic in repo - " + str, (Throwable) e);
            }
        }
    }

    @Override // org.opendaylight.defense4all.framework.core.Module, org.opendaylight.defense4all.core.Detector
    public void reset(FrameworkMain.ResetLevel resetLevel) throws ExceptionControlApp {
        super.reset(resetLevel);
        this.monitoredTrafficRepo.truncate();
        this.monitoredTraffics.clear();
    }

    public void addAMS(String str) {
        try {
            String str2 = (String) this.dfAppRoot.amsRepo.getCellValue(str, "mgmt_ip_addr_string");
            String str3 = (String) this.dfAppRoot.amsRepo.getCellValue(str, "label");
            if (str2 != null && str3 != null) {
                this.dpNames.put(str2, str3);
            }
        } catch (Throwable th) {
            this.log.error("Failed to retrieve from amsRepo dpAddr or dpLabel for " + str);
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to add AMS " + str);
        }
    }

    public void removeAMS(String str) {
        try {
            String str2 = (String) this.dfAppRoot.amsRepo.getCellValue(str, "mgmt_ip_addr_string");
            if (str2 != null) {
                this.dpNames.remove(str2);
            }
        } catch (Throwable th) {
            this.log.error("Failed to retrieve from amsRepo dpAddr for " + str);
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to remove AMS " + str);
        }
    }

    public void addPN(String str) {
    }

    public void removePN(String str) {
    }

    public void startMonitoring(String str) {
        String str2 = null;
        boolean z = false;
        boolean z2 = false;
        try {
            Mitigation mitigation = new Mitigation(this.dfAppRoot.mitigationsRepo.getRow(str));
            PN pn = new PN(this.dfAppRoot.pNsRepo.getRow(mitigation.pnKey));
            Traffic traffic = new Traffic(pn.retrieveVlanFromProps(), mitigation.dstAddr, pn.dstAddrPrefixLen);
            traffic.addProtocolPort(mitigation.protocolPort.protocol, mitigation.protocolPort.port);
            str2 = MonitoredTraffic.generateKey(mitigation.dstAddr.getHostName(), mitigation.protocolPort);
            MonitoredTraffic monitoredTraffic = new MonitoredTraffic(str2, mitigation.pnKey, str, traffic);
            this.monitoredTraffics.put(str2, monitoredTraffic);
            z = true;
            this.monitoredTrafficRepo.setRow(str2, monitoredTraffic.toRow());
            z2 = true;
            this.log.debug("Starting to monitor security events from DefensePros for traffic " + monitoredTraffic.toString());
            mitigation.monitoredTrafficKey = str2;
            this.dfAppRoot.mitigationsRepo.setRow(str, mitigation.toRow());
        } catch (Throwable th) {
            this.log.error("Excepted starting monitoring for " + str, th);
            FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to start monitoring AMS for mitigated traffic.");
            this.fMain.getHealthTracker().reportHealthIssue(1);
            if (str2 != null && z) {
                try {
                    this.monitoredTraffics.remove(str2);
                } catch (Throwable th2) {
                    this.log.error("Failed to clean up after excepting trying to start monitoring " + str, th2);
                    FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to stop monitoring AMS for mitigated traffic.");
                    return;
                }
            }
            if (str2 != null && z2) {
                this.monitoredTrafficRepo.deleteRow(str2);
            }
        }
    }

    public void stopMonitoring(String str) {
        try {
            String str2 = (String) this.dfAppRoot.mitigationsRepo.getCellValue(str, Mitigation.MONITORED_TRAFFIC_KEY);
            MonitoredTraffic remove = this.monitoredTraffics.remove(str2);
            if (remove != null) {
                this.log.debug("Stopping to monitor security events from DefensePros for traffic " + remove.toString());
            }
            this.monitoredTrafficRepo.deleteRow(str2);
        } catch (Throwable th) {
            this.log.error("Failed to stopMonitoring.", th);
            this.fMain.getHealthTracker().reportHealthIssue(1);
        }
    }

    public boolean check() {
        return true;
    }

    protected void backgroundProcessSyslogs() {
        String str;
        while (true) {
            try {
                RandomAccessFile randomAccessFile = new RandomAccessFile(this.rsyslogDFPipe, SnmpConfigurator.O_RETRIES);
                while (true) {
                    try {
                        String readLine = randomAccessFile.readLine();
                        if (null == readLine) {
                            break;
                        }
                        this.log.debug("DP SYSLOG msg: " + readLine);
                        if (readLine != null && readLine.length() != 0) {
                            try {
                                DPEvent fromString = DPEvent.fromString(readLine);
                                this.log.debug("DP SYSLOG Event: " + (fromString == null ? "null dp event" : fromString.toString()));
                                if (fromString != null && (str = this.dpNames.get(fromString.dpAddrStr)) != null) {
                                    fromString.dpName = str;
                                    try {
                                        DPSecEvent fromString2 = DPSecEvent.fromString(fromString.msg);
                                        if (fromString2 != null) {
                                            this.log.info("DP SYSLOG Event: " + fromString2.toString());
                                        }
                                        if (fromString2 == null) {
                                            this.fMain.getFR().logRecord(DFAppRoot.FR_AMS_OPERATIONAL, fromString.toString());
                                        } else {
                                            try {
                                                processSecEvent(fromString2);
                                            } catch (Throwable th) {
                                            }
                                        }
                                    } catch (ExceptionControlApp e) {
                                        this.log.error("Failed to process syslogMsg into dpEvent.", (Throwable) e);
                                        FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to parse AMS syslog security message: " + readLine);
                                        this.fMain.getHealthTracker().reportHealthIssue(3);
                                    }
                                }
                            } catch (ExceptionControlApp e2) {
                                this.log.error("Failed to parse syslogMsg into dpEvent.", (Throwable) e2);
                                FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to parse AMS syslog message: " + readLine);
                                this.fMain.getHealthTracker().reportHealthIssue(3);
                            }
                        }
                    } catch (Throwable th2) {
                        this.log.error("Failed to read from rsyslog pipe.", th2);
                        FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to read AMS syslogs.");
                        this.fMain.getHealthTracker().reportHealthIssue(1);
                        try {
                            Thread.sleep(1000L);
                            randomAccessFile.close();
                        } catch (Throwable th3) {
                        }
                    }
                }
                randomAccessFile.close();
            } catch (Throwable th4) {
                this.log.error("Failed to open rsyslog pipe.", th4);
                FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to read AMS syslogs. ");
                this.fMain.getHealthTracker().reportHealthIssue(3);
                try {
                    Thread.sleep(SpanStorage.DEFAULT_MAX_SPANS);
                } catch (Throwable th5) {
                }
            }
        }
    }

    protected void processSecEvent(DPSecEvent dPSecEvent) {
        for (Map.Entry<String, MonitoredTraffic> entry : this.monitoredTraffics.entrySet()) {
            MonitoredTraffic value = entry.getValue();
            if (value == null) {
                this.log.error("Null monitoredTraffic for key " + entry.getKey());
                this.fMain.getHealthTracker().reportHealthIssue(1);
            } else {
                try {
                    if (value.traffic.match(dPSecEvent.vlan, dPSecEvent.dstAddress, dPSecEvent.dpProtocol.toDFProtocol(), dPSecEvent.dstPort) != Traffic.TrafficMatch.NO) {
                        this.amsRep.dpBasedDetector.handleAttackReport(new AttackReport(System.currentTimeMillis() / 1000, value, dPSecEvent));
                    }
                } catch (ExceptionControlApp e) {
                    this.log.error("Failed to match AMS security syslog message to monitored traffic.", (Throwable) e);
                    FMHolder.get().getFR().logRecord(DFAppRoot.FR_DF_FAILURE, "Failed to match AMS security syslog message to monitored traffic.");
                    this.fMain.getHealthTracker().reportHealthIssue(1);
                }
            }
        }
    }

    @Override // org.opendaylight.defense4all.framework.core.Module
    protected void actionSwitcher(int i, Object obj) {
        switch (i) {
            case 0:
            default:
                return;
            case 1:
                backgroundProcessSyslogs();
                return;
        }
    }

    public void test() {
    }
}
