// ----------------------------- void test_ip() { int i,k; IPADDRESS * ipa[MAXIP]; unsigned ipaddress,ipx; unsigned short ipaddress6[8], ipx6[8]; printf("IPADDRESS testing\n"); srand( time(0) ); for(i=0;i<MAXIP;i++) { if( i % 2 ) { ipa[i]= ip_new(IPV4_FAMILY); ipaddress = rand() * rand(); ip_set( ipa[i], &ipaddress, IPV4_FAMILY ); if( !ip_equal(ipa[i],&ipaddress, IPV4_FAMILY ) ) printf("error with ip_equal\n"); ip_get( ipa[i], &ipx, IPV4_FAMILY ); if( ipx != ipaddress ) printf("error with ip_get\n"); } else { ipa[i]= ip_new(IPV6_FAMILY); for(k=0;k<8;k++) ipaddress6[k] = (char) (rand() % (1<<16)); ip_set( ipa[i], ipaddress6, IPV6_FAMILY ); if( !ip_equal(ipa[i],&ipaddress6, IPV6_FAMILY ) ) printf("error with ip6_equal\n"); ip_get( ipa[i], ipx6, IPV6_FAMILY ); for(k=0;k<8;k++) if( ipx6[k] != ipaddress6[k] ) printf("error with ip6_get\n"); } printf("[%d] ",i); ip_fprint(stdout,ipa[i]); printf("\n"); } printf("IP testing completed\n"); }
void test_ip4_parsing(void) { unsigned host, mask, not_flag; PORTSET portset; char **curip; int ret; IPADDRESS *adp; char *ips[] = { "138.26.1.24:25", "1.1.1.1/255.255.255.0:444", "1.1.1.1/16:25-28", "1.1.1.1/255.255.255.255:25 27-29", "z/24", "0/0", "0.0.0.0/0.0.0.0:25-26 28-29 31", "0.0.0.0/0.0.2.0", NULL }; for(curip = ips; curip[0] != NULL; curip++) { portset_init(&portset); /* network byte order stuff */ if((ret = ip4_parse(curip[0], 1, ¬_flag, &host, &mask, &portset)) != 0) { fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret); } else { printf("%c", not_flag ? '!' : ' '); printf("%s/", inet_ntoa(*(struct in_addr *) &host)); printf("%s", inet_ntoa(*(struct in_addr *) &mask)); printf(" parsed successfully!\n"); } /* host byte order stuff */ if((ret = ip4_parse(curip[0], 0, ¬_flag, &host, &mask, &portset)) != 0) { fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret); } else { adp = ip_new(IPV4_FAMILY); ip_set(adp, &host, IPV4_FAMILY); ip_fprint(stdout, adp); fprintf(stdout, "*****************\n"); ip_free(adp); } } return; }
void got_packet (u_char *useless,const struct pcap_pkthdr *pheader, const u_char *packet) { if ( intr_flag != 0 ) { check_interupt(); } inpacket = 1; tstamp = pheader->ts; /* are we dumping */ if (mode & MODE_DUMP) { time_t now = time(NULL); /* check if we should roll on time */ if( ( roll_time != 0 ) && ( now >= (roll_time_last + roll_time) ) ) { roll_time_last = now; printf("Rolling on time.\n"); dump_file_roll(); } dump_file_offset = (uint64_t)ftell((FILE *)dump_handle); /* check if we should roll on size */ if ( (roll_size > 0) && (dump_file_offset >= roll_size) ) { printf("Rolling on size.\n"); dump_file_roll(); } /* write the packet */ pcap_dump((u_char *)dump_handle, pheader, packet); if ( dump_with_flush ) pcap_dump_flush(dump_handle); } else if ( mode & MODE_FILE ) { read_file_offset = (uint64_t)ftell(pcap_file(handle)) - pheader->caplen - 16; } /* printf("[*] Got network packet...\n"); */ ether_header *eth_hdr; eth_hdr = (ether_header *) (packet); u_short eth_type; eth_type = ntohs(eth_hdr->eth_ip_type); int eth_header_len; eth_header_len = ETHERNET_HEADER_LEN; vlanid = 0; if ( eth_type == ETHERNET_TYPE_8021Q ) { /* printf("[*] ETHERNET TYPE 8021Q\n"); */ eth_type = ntohs(eth_hdr->eth_8_ip_type); eth_header_len +=4; vlanid = ntohs(eth_hdr->eth_8_vid); } else if ( eth_type == (ETHERNET_TYPE_802Q1MT|ETHERNET_TYPE_802Q1MT2|ETHERNET_TYPE_802Q1MT3|ETHERNET_TYPE_8021AD) ) { /* printf("[*] ETHERNET TYPE 802Q1MT\n"); */ eth_type = ntohs(eth_hdr->eth_82_ip_type); eth_header_len +=8; vlanid = ntohs(eth_hdr->eth_82_vid); } /* zero-ise our structure, simplifies our hashing later on */ int ip_tracked = 0; ip_t *ip_src = calloc(1, sizeof(ip_t)); ip_t *ip_dst = calloc(1, sizeof(ip_t)); if ( eth_type == ETHERNET_TYPE_IP ) { /* printf("[*] Got IPv4 Packet...\n"); */ ip4_header *ip4; ip4 = (ip4_header *) (packet + eth_header_len); ip_set(&ip_config, ip_src, &ip4->ip_src, AF_INET); ip_set(&ip_config, ip_dst, &ip4->ip_dst, AF_INET); if ( ip4->ip_p == IP_PROTO_TCP ) { tcp_header *tcph; tcph = (tcp_header *) (packet + eth_header_len + (IP_HL(ip4)*4)); /* printf("[*] IPv4 PROTOCOL TYPE TCP:\n"); */ ip_tracked = cx_track(ip_src, tcph->src_port, ip_dst, tcph->dst_port, ip4->ip_p, pheader->len, tcph->t_flags, tstamp, AF_INET); } else if (ip4->ip_p == IP_PROTO_UDP) { udp_header *udph; udph = (udp_header *) (packet + eth_header_len + (IP_HL(ip4)*4)); /* printf("[*] IPv4 PROTOCOL TYPE UDP:\n"); */ ip_tracked = cx_track(ip_src, udph->src_port, ip_dst, udph->dst_port, ip4->ip_p, pheader->len, 0, tstamp, AF_INET); } else if (ip4->ip_p == IP_PROTO_ICMP) { icmp_header *icmph; icmph = (icmp_header *) (packet + eth_header_len + (IP_HL(ip4)*4)); /* printf("[*] IP PROTOCOL TYPE ICMP\n"); */ ip_tracked = cx_track(ip_src, icmph->s_icmp_id, ip_dst, icmph->s_icmp_id, ip4->ip_p, pheader->len, 0, tstamp, AF_INET); } else { /* printf("[*] IPv4 PROTOCOL TYPE OTHER: %d\n",ip4->ip_p); */ ip_tracked = cx_track(ip_src, ip4->ip_p, ip_dst, ip4->ip_p, ip4->ip_p, pheader->len, 0, tstamp, AF_INET); } } else if ( eth_type == ETHERNET_TYPE_IPV6) { /* printf("[*] Got IPv6 Packet...\n"); */ ip6_header *ip6; ip6 = (ip6_header *) (packet + eth_header_len); ip_set(&ip_config, ip_src, &ip6->ip_src, AF_INET6); ip_set(&ip_config, ip_dst, &ip6->ip_dst, AF_INET6); if ( ip6->next == IP_PROTO_TCP ) { tcp_header *tcph; tcph = (tcp_header *) (packet + eth_header_len + IP6_HEADER_LEN); /* printf("[*] IPv6 PROTOCOL TYPE TCP:\n"); */ ip_tracked = cx_track(ip_src, tcph->src_port, ip_dst, tcph->dst_port, ip6->next, pheader->len, tcph->t_flags, tstamp, AF_INET6); } else if (ip6->next == IP_PROTO_UDP) { udp_header *udph; udph = (udp_header *) (packet + eth_header_len + IP6_HEADER_LEN); /* printf("[*] IPv6 PROTOCOL TYPE UDP:\n"); */ ip_tracked = cx_track(ip_src, udph->src_port, ip_dst, udph->dst_port, ip6->next, pheader->len, 0, tstamp, AF_INET6); } else if (ip6->next == IP6_PROTO_ICMP) { //icmp6_header *icmph; //icmph = (icmp6_header *) (packet + eth_header_len + IP6_HEADER_LEN); /* printf("[*] IPv6 PROTOCOL TYPE ICMP\n"); */ ip_tracked = cx_track(ip_src, ip6->hop_lmt, ip_dst, ip6->hop_lmt, ip6->next, pheader->len, 0, tstamp, AF_INET6); } else { /* printf("[*] IPv6 PROTOCOL TYPE OTHER: %d\n",ip6->next); */ ip_tracked = cx_track(ip_src, ip6->next, ip_dst, ip6->next, ip6->next, pheader->len, 0, tstamp, AF_INET6); } } if ( ip_tracked == 0 ) { if (ip_src != NULL) ip_free(ip_src); if (ip_dst != NULL) ip_free(ip_dst); } inpacket = 0; return; (void) useless; /* else { */ /* printf("[*] ETHERNET TYPE : %x\n", eth_hdr->eth_ip_type); */ /* return; */ /* } */ }