void *
accept_eep_client(void *data)
{
capture_packet_t *pkt;
// Begin accepting connections
while (eep_cfg.server_sock > 0) {
if ((pkt = capture_eep_receive())) {
// Avoid parsing from multiples sources.
// Avoid parsing while screen in being redrawn
capture_lock();
if (capture_packet_parse(pkt) != 0) {
capture_packet_destroy(pkt);
}
capture_unlock();
}
}
// Leave the thread gracefully
pthread_exit(NULL);
return 0;
}
void
parse_packet(u_char *info, const struct pcap_pkthdr *header, const u_char *packet)
{
// Capture info
capture_info_t *capinfo = (capture_info_t *) info;
// UDP header data
struct udphdr *udp;
// UDP header size
uint16_t udp_off;
// TCP header data
struct tcphdr *tcp;
// TCP header size
uint16_t tcp_off;
// Packet data
u_char data[MAX_CAPTURE_LEN];
// Packet payload data
u_char *payload = NULL;
// Whole packet size
uint32_t size_capture = header->caplen;
// Packet payload size
uint32_t size_payload = size_capture - capinfo->link_hl;
// Captured packet info
packet_t *pkt;
// Ignore packets while capture is paused
if (capture_paused())
return;
// Check if we have reached capture limit
if (capture_cfg.limit && sip_calls_count() >= capture_cfg.limit)
return;
// Check maximum capture length
if (header->caplen > MAX_CAPTURE_LEN)
return;
// Copy packet payload
memcpy(data, packet, header->caplen);
// Check if we have a complete IP packet
if (!(pkt = capture_packet_reasm_ip(capinfo, header, data, &size_payload, &size_capture)))
return;
// Only interested in UDP packets
if (pkt->proto == IPPROTO_UDP) {
// Get UDP header
udp = (struct udphdr *)((u_char *)(data) + (size_capture - size_payload));
udp_off = sizeof(struct udphdr);
// Set packet ports
pkt->src.port = htons(udp->uh_sport);
pkt->dst.port = htons(udp->uh_dport);
// Remove UDP Header from payload
size_payload -= udp_off;
if ((int32_t)size_payload < 0)
size_payload = 0;
// Remove TCP Header from payload
payload = (u_char *) (udp) + udp_off;
// Complete packet with Transport information
packet_set_type(pkt, PACKET_SIP_UDP);
packet_set_payload(pkt, payload, size_payload);
} else if (pkt->proto == IPPROTO_TCP) {
// Get TCP header
tcp = (struct tcphdr *)((u_char *)(data) + (size_capture - size_payload));
tcp_off = (tcp->th_off * 4);
// Set packet ports
pkt->src.port = htons(tcp->th_sport);
pkt->dst.port = htons(tcp->th_dport);
// Get actual payload size
size_payload -= tcp_off;
if ((int32_t)size_payload < 0)
size_payload = 0;
// Get payload start
payload = (u_char *)(tcp) + tcp_off;
// Complete packet with Transport information
packet_set_type(pkt, PACKET_SIP_TCP);
packet_set_payload(pkt, payload, size_payload);
// Create a structure for this captured packet
if (!(pkt = capture_packet_reasm_tcp(pkt, tcp, payload, size_payload)))
return;
#if defined(WITH_GNUTLS) || defined(WITH_OPENSSL)
// Check if packet is TLS
if (capture_cfg.keyfile) {
tls_process_segment(pkt, tcp);
}
#endif
// Check if packet is WS or WSS
capture_ws_check_packet(pkt);
} else {
// Not handled protocol
packet_destroy(pkt);
return;
}
// Avoid parsing from multiples sources.
// Avoid parsing while screen in being redrawn
capture_lock();
// Check if we can handle this packet
if (capture_packet_parse(pkt) == 0) {
#ifdef USE_EEP
// Send this packet through eep
capture_eep_send(pkt);
#endif
// Store this packets in output file
dump_packet(capture_cfg.pd, pkt);
// If storage is disabled, delete frames payload
if (capture_cfg.storage == 0) {
packet_free_frames(pkt);
}
// Allow Interface refresh and user input actions
capture_unlock();
return;
}
// Not an interesting packet ...
packet_destroy(pkt);
// Allow Interface refresh and user input actions
capture_unlock();
}
