# to run: bro -r tracefile ex5b.bro weird alarm

global conn_count = 0 &synchronized;
global conn_per_orig: table[addr] of count &default=0 &synchronized;
global conn_attempt_per_orig: table[addr] of count &default=0 &synchronized;

function print_results()
{
    for ( orig in conn_per_orig )
    {
        print fmt("successful connections from host %s: %d out of %d attempts", 
                orig, conn_per_orig[orig], conn_attempt_per_orig[orig] );
    }
}


event connection_established(c: connection)
{
       local id = c$id;

       local log_msg =
                fmt("%.6f %.6f %s %s %d %d %d %d ",
                        c$start_time, c$duration, id$orig_h, id$resp_h, 
                        id$orig_p, id$resp_p, c$orig$size, c$resp$size);
        print log_msg;


        ++conn_count;
        ++conn_per_orig[id$orig_h];
}


event new_connection(c: connection)
{
    local orig = c$id$orig_h;
    ++conn_attempt_per_orig[orig];
}


event bro_done()
{       
        print fmt("Total number of successful connections: %d", conn_count);
        print_results();
}