#include <iostream>
#include <string>
#include <windows.h>
#include <time.h>
#include <queue>
#include <map>

using namespace std;

class knock
{
public:
	string fromip;
	string toip;
	int fromport;
	int toport;
	clock_t timestamp;
	void print()
	{
		cout<<"KNOCK"<<endl;
		cout<<"\tFROM IP -> "<<fromip<<endl;
		cout<<"\tFROM PORT -> "<<fromport<<endl;
		cout<<"\tto IP -> "<<toip<<endl;
		cout<<"\tto PORT -> "<<toport<<endl;
		cout<<"\ttimestamp -> "<<(long)timestamp<<endl;
	}
};

queue <knock> knockqueue;

knock parseknock(string bob) // a really slow and insecure way of parsing the log file
{

	knock k;
	k.timestamp = clock();
	string fromport;
	string fromip = fromport = bob.substr(bob.find("from IP:"), bob.length() - bob.find("from IP:"));
	fromip = fromip.substr(0,fromip.find(","));
	fromip = fromip.substr(8,fromip.length() - 8);
	k.fromip = fromip;

	fromport = fromport.substr(fromport.find("Port:"), fromport.length() - fromport.find("Port:"));
	fromport = fromport.substr(0,fromport.find(","));
	fromport = fromport.substr(5,fromport.length() - 5);
	k.fromport = atoi(fromport.c_str());

	string toport;
	string toip = toport = bob.substr(bob.find("to IP:"), bob.length() - bob.find("to IP:"));
	toip = toip.substr(0,toip.find(","));
	toip = toip.substr(6,toip.length() - 6);
	k.toip = toip;

	toport = toport.substr(toport.find("Port:"), toport.length() - toport.find("Port:"));
	toport = toport.substr(0,toport.find(","));
	toport = toport.substr(5,toport.length() - 5);
	k.toport = atoi(toport.c_str());
	return k;
}



//thread
DWORD WINAPI MonitorQueueThread(LPVOID junk)
{
	  while (1==1)
	  { 
		Sleep(100);
		if ( (knockqueue.size() > 0) && (clock() - knockqueue.front().timestamp > 1000) ) // if there is something in the queue and the latest entry is at least a second old
			{
				cout<<"Knock sequence arrived: ";
				while (knockqueue.size() > 0)
				{	cout<<(knockqueue.front()).toport<<" ";
					knockqueue.pop();
				}
				cout<<endl;
			}
	  }
      return 0;
}
//end thread

void main()
{	string bob;

	//create the queue processing thread
    HANDLE hThread1; DWORD dwGenericThread; int lszThreadParam;
    hThread1 = CreateThread(NULL,0,MonitorQueueThread,&lszThreadParam,0,&dwGenericThread);
	//end create que processing thread

	while (1==1)
	{
		getline(cin,bob);
		if ( (bob.find("Protocol:UDP",0) != string::npos) && (bob.find("Direction:Outgoing",0) != string::npos)) //silly filtering for now.. .easier to test outgoing knocks when developing
			{
				knockqueue.push(parseknock(bob));
			}
	}
}