// -----------------------------
void test_ip()
{
int i,k;
IPADDRESS * ipa[MAXIP];
unsigned ipaddress,ipx;
unsigned short ipaddress6[8], ipx6[8];
printf("IPADDRESS testing\n");
srand( time(0) );
for(i=0;i<MAXIP;i++)
{
if( i % 2 )
{
ipa[i]= ip_new(IPV4_FAMILY);
ipaddress = rand() * rand();
ip_set( ipa[i], &ipaddress, IPV4_FAMILY );
if( !ip_equal(ipa[i],&ipaddress, IPV4_FAMILY ) )
printf("error with ip_equal\n");
ip_get( ipa[i], &ipx, IPV4_FAMILY );
if( ipx != ipaddress )
printf("error with ip_get\n");
}
else
{
ipa[i]= ip_new(IPV6_FAMILY);
for(k=0;k<8;k++) ipaddress6[k] = (char) (rand() % (1<<16));
ip_set( ipa[i], ipaddress6, IPV6_FAMILY );
if( !ip_equal(ipa[i],&ipaddress6, IPV6_FAMILY ) )
printf("error with ip6_equal\n");
ip_get( ipa[i], ipx6, IPV6_FAMILY );
for(k=0;k<8;k++)
if( ipx6[k] != ipaddress6[k] )
printf("error with ip6_get\n");
}
printf("[%d] ",i);
ip_fprint(stdout,ipa[i]);
printf("\n");
}
printf("IP testing completed\n");
}
void test_ip4_parsing(void)
{
unsigned host, mask, not_flag;
PORTSET portset;
char **curip;
int ret;
IPADDRESS *adp;
char *ips[] = {
"138.26.1.24:25",
"1.1.1.1/255.255.255.0:444",
"1.1.1.1/16:25-28",
"1.1.1.1/255.255.255.255:25 27-29",
"z/24",
"0/0",
"0.0.0.0/0.0.0.0:25-26 28-29 31",
"0.0.0.0/0.0.2.0",
NULL
};
for(curip = ips; curip[0] != NULL; curip++)
{
portset_init(&portset);
/* network byte order stuff */
if((ret = ip4_parse(curip[0], 1, ¬_flag, &host, &mask, &portset)) != 0)
{
fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret);
}
else
{
printf("%c", not_flag ? '!' : ' ');
printf("%s/", inet_ntoa(*(struct in_addr *) &host));
printf("%s", inet_ntoa(*(struct in_addr *) &mask));
printf(" parsed successfully!\n");
}
/* host byte order stuff */
if((ret = ip4_parse(curip[0], 0, ¬_flag, &host, &mask, &portset)) != 0)
{
fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret);
}
else
{
adp = ip_new(IPV4_FAMILY);
ip_set(adp, &host, IPV4_FAMILY);
ip_fprint(stdout, adp);
fprintf(stdout, "*****************\n");
ip_free(adp);
}
}
return;
}
void got_packet (u_char *useless,const struct pcap_pkthdr *pheader, const u_char *packet) {
if ( intr_flag != 0 ) { check_interupt(); }
inpacket = 1;
tstamp = pheader->ts;
/* are we dumping */
if (mode & MODE_DUMP) {
time_t now = time(NULL);
/* check if we should roll on time */
if( ( roll_time != 0 ) &&
( now >= (roll_time_last + roll_time) ) )
{
roll_time_last = now;
printf("Rolling on time.\n");
dump_file_roll();
}
dump_file_offset = (uint64_t)ftell((FILE *)dump_handle);
/* check if we should roll on size */
if ( (roll_size > 0) &&
(dump_file_offset >= roll_size) )
{
printf("Rolling on size.\n");
dump_file_roll();
}
/* write the packet */
pcap_dump((u_char *)dump_handle, pheader, packet);
if ( dump_with_flush )
pcap_dump_flush(dump_handle);
}
else if ( mode & MODE_FILE ) {
read_file_offset = (uint64_t)ftell(pcap_file(handle)) - pheader->caplen - 16;
}
/* printf("[*] Got network packet...\n"); */
ether_header *eth_hdr;
eth_hdr = (ether_header *) (packet);
u_short eth_type;
eth_type = ntohs(eth_hdr->eth_ip_type);
int eth_header_len;
eth_header_len = ETHERNET_HEADER_LEN;
vlanid = 0;
if ( eth_type == ETHERNET_TYPE_8021Q ) {
/* printf("[*] ETHERNET TYPE 8021Q\n"); */
eth_type = ntohs(eth_hdr->eth_8_ip_type);
eth_header_len +=4;
vlanid = ntohs(eth_hdr->eth_8_vid);
}
else if ( eth_type == (ETHERNET_TYPE_802Q1MT|ETHERNET_TYPE_802Q1MT2|ETHERNET_TYPE_802Q1MT3|ETHERNET_TYPE_8021AD) ) {
/* printf("[*] ETHERNET TYPE 802Q1MT\n"); */
eth_type = ntohs(eth_hdr->eth_82_ip_type);
eth_header_len +=8;
vlanid = ntohs(eth_hdr->eth_82_vid);
}
/* zero-ise our structure, simplifies our hashing later on */
int ip_tracked = 0;
ip_t *ip_src = calloc(1, sizeof(ip_t));
ip_t *ip_dst = calloc(1, sizeof(ip_t));
if ( eth_type == ETHERNET_TYPE_IP ) {
/* printf("[*] Got IPv4 Packet...\n"); */
ip4_header *ip4;
ip4 = (ip4_header *) (packet + eth_header_len);
ip_set(&ip_config, ip_src, &ip4->ip_src, AF_INET);
ip_set(&ip_config, ip_dst, &ip4->ip_dst, AF_INET);
if ( ip4->ip_p == IP_PROTO_TCP ) {
tcp_header *tcph;
tcph = (tcp_header *) (packet + eth_header_len + (IP_HL(ip4)*4));
/* printf("[*] IPv4 PROTOCOL TYPE TCP:\n"); */
ip_tracked = cx_track(ip_src, tcph->src_port, ip_dst, tcph->dst_port, ip4->ip_p, pheader->len, tcph->t_flags, tstamp, AF_INET);
}
else if (ip4->ip_p == IP_PROTO_UDP) {
udp_header *udph;
udph = (udp_header *) (packet + eth_header_len + (IP_HL(ip4)*4));
/* printf("[*] IPv4 PROTOCOL TYPE UDP:\n"); */
ip_tracked = cx_track(ip_src, udph->src_port, ip_dst, udph->dst_port, ip4->ip_p, pheader->len, 0, tstamp, AF_INET);
}
else if (ip4->ip_p == IP_PROTO_ICMP) {
icmp_header *icmph;
icmph = (icmp_header *) (packet + eth_header_len + (IP_HL(ip4)*4));
/* printf("[*] IP PROTOCOL TYPE ICMP\n"); */
ip_tracked = cx_track(ip_src, icmph->s_icmp_id, ip_dst, icmph->s_icmp_id, ip4->ip_p, pheader->len, 0, tstamp, AF_INET);
}
else {
/* printf("[*] IPv4 PROTOCOL TYPE OTHER: %d\n",ip4->ip_p); */
ip_tracked = cx_track(ip_src, ip4->ip_p, ip_dst, ip4->ip_p, ip4->ip_p, pheader->len, 0, tstamp, AF_INET);
}
}
else if ( eth_type == ETHERNET_TYPE_IPV6) {
/* printf("[*] Got IPv6 Packet...\n"); */
ip6_header *ip6;
ip6 = (ip6_header *) (packet + eth_header_len);
ip_set(&ip_config, ip_src, &ip6->ip_src, AF_INET6);
ip_set(&ip_config, ip_dst, &ip6->ip_dst, AF_INET6);
if ( ip6->next == IP_PROTO_TCP ) {
tcp_header *tcph;
tcph = (tcp_header *) (packet + eth_header_len + IP6_HEADER_LEN);
/* printf("[*] IPv6 PROTOCOL TYPE TCP:\n"); */
ip_tracked = cx_track(ip_src, tcph->src_port, ip_dst, tcph->dst_port, ip6->next, pheader->len, tcph->t_flags, tstamp, AF_INET6);
}
else if (ip6->next == IP_PROTO_UDP) {
udp_header *udph;
udph = (udp_header *) (packet + eth_header_len + IP6_HEADER_LEN);
/* printf("[*] IPv6 PROTOCOL TYPE UDP:\n"); */
ip_tracked = cx_track(ip_src, udph->src_port, ip_dst, udph->dst_port, ip6->next, pheader->len, 0, tstamp, AF_INET6);
}
else if (ip6->next == IP6_PROTO_ICMP) {
//icmp6_header *icmph;
//icmph = (icmp6_header *) (packet + eth_header_len + IP6_HEADER_LEN);
/* printf("[*] IPv6 PROTOCOL TYPE ICMP\n"); */
ip_tracked = cx_track(ip_src, ip6->hop_lmt, ip_dst, ip6->hop_lmt, ip6->next, pheader->len, 0, tstamp, AF_INET6);
}
else {
/* printf("[*] IPv6 PROTOCOL TYPE OTHER: %d\n",ip6->next); */
ip_tracked = cx_track(ip_src, ip6->next, ip_dst, ip6->next, ip6->next, pheader->len, 0, tstamp, AF_INET6);
}
}
if ( ip_tracked == 0 )
{
if (ip_src != NULL) ip_free(ip_src);
if (ip_dst != NULL) ip_free(ip_dst);
}
inpacket = 0;
return;
(void) useless;
/* else { */
/* printf("[*] ETHERNET TYPE : %x\n", eth_hdr->eth_ip_type); */
/* return; */
/* } */
}
