#!/usr/bin/perl -w

use Config;
use FileHandle;

my $sidewinderlog = shift;
my $destfolder = 'L:\\sw-logs';

my $ftp_file        = "$destfolder\\ftp.log";
my $dns_file        = "$destfolder\\dns.log";
my $web_file        = "$destfolder\\web.log";
my $mail_file       = "$destfolder\\mail.log";
my $other_file      = "$destfolder\\other.log";

my $inputfh = new FileHandle "< $sidewinderlog";
my $ftp = new FileHandle "> $ftp_file";
my $dns = new FileHandle "> $dns_file";
my $web = new FileHandle "> $web_file";
my $mail = new FileHandle "> $mail_file";
my $other = new FileHandle "> $other_file";

my $c; # Count

while ( <$inputfh> ) {

    $c++;
    if ( ! ( $c % 10000 ) ) {
        print "$c done...\n";
    }
    # Filter double lines
    if ( ! /date=\"/ ) { next; }
    # FTP
    if ( /dstport: 21 / || /dstport: 20 / || /srcport: 21 / || /srcport: 20 / ||
         /dstport=21,/ || /dstport=20,/ || /srcport=21,/ || /srcport=20,/           
       )    
    {
        print $ftp $_;
        next;
    }
    # DNS
    if ( /dstport: 53 / || /srcport: 53 / || /dstport=53,/ || /srcport=53,/ ) {
        print $dns $_;
        next;
    }
    # WEB
    if (
        (/srcip: 10.10.10.1[0-9]?/ && ( /dstport: 80 / || /dstport: 53 / || /dstport: 443 / ))
        ||
        (/srcip=10.10.10.1[0-9]?,/ && ( /dstport=80,/ || /dstport=53,/ || /dstport=443,/ ))
    ) {
        print $web $_;
        next;
    }
    # MAIL
    if ( /dstport: 25 / || /srcport: 25 / || /dstport=25,/ || /srcport=25,/ ) {
        print $mail $_;
        next;
    }
    print $other $_;
	
}

close $inputfh;
	
	close $ftp;
	close $dns;
	close $web;
	close $mail;
	close $other;