#!/usr/bin/perl
use strict;
use warnings;

# sites to skip
my @skipSrc =
(
  '^192\.168\.2\.',
  '^192\.168\.5\.'
);

my @skipDst =
(
  '\S+\.domain\.com',
  'www\.test\.com'
);

# heartbeat
my $ht = 3600;


my $out = shift;
die if (!$out);
open(MAIN, ">$out") or die;
select MAIN;

# globals
my $mTime;
my $MTime;
my %data;
my %totals;

MWL: while(<>)
{
  # parse the string
  my ($time, $ip, $ty, $size, $req, $mime) =
    /^(\d+\.\d+) +\d+ (\d+\.\d+\.\d+\.\d+) (\w+\/\d+) (\d+) (.+) - \w+\/\S+ (\S+\/\S+|-)$/;
  die if(!$time);

  # count only lan users connecting to the internet
  foreach my $re(@skipSrc) {
    next MWL if($ip =~ qr/$re/i);
  }
  foreach my $re(@skipDst) {
    next MWL if($req =~ qr/^(?:CONNECT |(?:GET|POST|STOR) (?:https?|ftps?):\/\/)(?:$re)(?::\d+)?/);
  }

  # condense time to seconds and increment the byte counter for that ip
  $time = int($time);
  $mTime = $time if(!$mTime || $time < $mTime);
  $MTime = $time if(!$MTime || $time > $MTime);

  $data{$ip}{$time} += $size;
  $totals{$ip} += $size;
}

my $period = ($MTime - $mTime) / 86400;
my $max = 0;
my @plots;
print("print \"Totals\t\tDay average:\"\n");

foreach my $ip(keys %totals) {
  $max = $totals{$ip} if($totals{$ip} > $max);
}
foreach my $ip(keys %totals)
{
  my $tIp = $totals{$ip};
  print("print \"$ip" . ($tIp == $max? "*": "") . ":\t" . $tIp . 
      "/" . int($tIp / $period) . "\"\n");
}

print("set xdata time\nset timefmt \"%s\"\n");
foreach my $ip(keys %data)
{
  my $file = "$out.$ip";
  open(OUT, ">$file") or die;
  push(@plots, "'$file' using 1:2 \$1 title \"$ip\" \$2");

  my $oTime = 0;
  foreach my $time(sort keys %{$data{$ip}})
  {
    print(OUT "\n") if($oTime && (($time - $oTime) > $ht));
    $oTime = $time;

    print(OUT $time . " " . $data{$ip}{$time} . "\n");
  }
}
print("plot \$0 " . join(", \\\n\t", @plots) . "\n") if(@plots);