Beispiel #1
0
void process_ip(const u_char* packet, const struct ether_header *ethernet, const struct sniff_ip *ip, const char *payload, u_int size_ip){
	ip = (struct sniff_ip*)(packet + ETHERNET_SIZE);
	size_ip = IP_HL(ip)*4;
	ip_packets++;
	char buffer[MAX_BUF_SIZE];

	sprintf(buffer, "%s", inet_ntoa(ip->ip_src)); 
	IP_src_addr = insert(IP_src_addr, buffer); 
	sprintf(buffer, "%s", inet_ntoa(ip->ip_dst)); 
	IP_dest_addr = insert(IP_dest_addr, buffer); 

	sprintf(buffer, "%d", ip->ip_ttl); 
	TTL_list = insert(TTL_list, buffer);

	if(ntohs (ethernet->ether_type) == ETHERTYPE_IP){
		if(ip->ip_p==IPPROTO_TCP){
			strcpy(buffer, "TCP");
			transLayer = insert(transLayer, buffer);
			process_tcp(packet, size_ip);                 
		} else if(ip->ip_p == IPPROTO_UDP){
			strcpy(buffer, "UDP");
			transLayer = insert(transLayer, buffer);
			process_udp(packet, size_ip);                       
		} else if(ip->ip_p == IPPROTO_ICMP){
			strcpy(buffer, "ICMP");
			transLayer = insert(transLayer, buffer);
			process_icmp(packet, size_ip, ip);
		} else{
			sprintf(buffer, "0x%02x", ip->ip_p);  
			transLayer = insert(transLayer, buffer);
		}
	}     
}
Beispiel #2
0
/* process TCP, UDP or ICMP header */
int
process_transp(int direction, int iface, UCHAR proto, struct ip_hdr *ip_hdr,
			   UCHAR *pointer, UINT buffer_len)
{
	struct udp_hdr *udp_hdr;

	switch (proto) {
		case IPPROTO_UDP:
			/* process udp_hdr */

			if (buffer_len < sizeof(struct udp_hdr)) {
				DBGOUT(("filter_packet: too small buffer for udp_hdr! (%u)\n", buffer_len));
				return FILTER_UNKNOWN;
			}

			udp_hdr = (struct udp_hdr *)pointer;

			return process_udp(direction, iface, ip_hdr, udp_hdr, pointer, buffer_len);

		default:
			return FILTER_UNKNOWN;
	}

	/* UNREACHED */
}
Beispiel #3
0
genErr_t process_l4(void *jobj_ref)
{
  debug ("In function %s", __FUNCTION__);
  struct json_object *jobj = (struct json_object *)jobj_ref;
  void *tjobj = NULL;

  tjobj=get_val_from_key(jobj, "udp", lObj);
  if(tjobj)
    {
      process_udp(tjobj);
      free_json_obj(tjobj);
    }
  else
    {
      debug ("%s", "udp not available");
    }

  tjobj=get_val_from_key(jobj, "tcp", lObj);
  if(tjobj)
    {
      process_tcp(tjobj);
      free_json_obj(tjobj);
    }
  else
    {
      debug ("%s", "tcp not available");
    }

  return (SUCCESS);
}
Beispiel #4
0
static void gen_ip_proc(u_char * data, int skblen, struct timeval* ts)
{
	switch (((struct ip *) data)->ip_p) {
    case IPPROTO_TCP:
	process_tcp(data, skblen,  ts);
	break;
    case IPPROTO_UDP:
	process_udp(data,  ts);
	break;
    case IPPROTO_ICMP:
	if (nids_params.n_tcp_streams)
	    process_icmp(data, ts);
	break;
    default:
	break;
    }
}
Beispiel #5
0
static void gen_ip_proc(u_char * data, int skblen,int id)
{
    switch (((struct ip *) data)->ip_p) {
    case IPPROTO_TCP:
	process_tcp(data, skblen,id);
	break;
    case IPPROTO_UDP:
	process_udp((char *)data,id);
	break;
    case IPPROTO_ICMP:
	if (nids_params.n_tcp_streams)
	    process_icmp(data,id);
	break;
    default:
		//printf("other!\n");
	break;
    }
}
Beispiel #6
0
static void gen_ip_proc(u_char * data, int skblen)
{
    switch (((struct ip *) data)->ip_p) {
    case IPPROTO_TCP:
        pthread_mutex_lock(&tcp_lost_mutex);
	process_tcp(data, skblen);
        pthread_mutex_unlock(&tcp_lost_mutex);
	break;
    case IPPROTO_UDP:
	process_udp( (char*)data );
	break;
    case IPPROTO_ICMP:
	if (nids_params.n_tcp_streams)
	    process_icmp(data);
	break;
    default:
	break;
    }
}
Beispiel #7
0
void process_ip(u_char *pkt, uint32_t pkt_len, void **ip_context_list){
	//printf("ip_context_list %p\n", ip_context_list);
	//TODO: check !
	//DEBUG_HERE();
	//debug_pkt(pkt, pkt_len);
	int ip_header_len = (pkt[0] & 0x0F)*4;

	uint32_t src_ip_addr = pkt[12]<<24 | pkt[13]<<16 | pkt[14]<<8 | pkt[15];
	uint32_t dst_ip_addr = pkt[16]<<24 | pkt[17]<<16 | pkt[18]<<8 | pkt[19];
	
	ip_context *cur_ip_context = get_ip_context(src_ip_addr, dst_ip_addr, (ip_context**)ip_context_list);
	
	//TODO: CLIENT_ADDR, SERVER_ADDR
	call_callback(IP_SRC_ADDR, &src_ip_addr, cur_ip_context->user_context);
	call_callback(IP_DST_ADDR, &dst_ip_addr, cur_ip_context->user_context);

	
	int ip_protocol = pkt[9];
	if(ip_protocol == IP_TYPE_UDP){
		process_udp(pkt+ip_header_len, pkt_len-ip_header_len, (void**)cur_ip_context);
	}
}
Beispiel #8
0
static void process_mine(unsigned char *pkt, int len)
{
    ether_header_t *ether_header = (ether_header_t *)pkt;
    ip_header_t *ip_header = (ip_header_t *)(pkt + 14);
    icmp_header_t *icmp_header;
    udp_header_t *udp_header;
    /* ip_udp_pseudo_header_t *ip_udp_pseudo_header;
    unsigned char tmp[6]; */
    int i;
    
    if (ether_header->type[1] != 0x00)
	return;

    /* ignore fragmented packets */

    if (ntohs(ip_header->flags_frag_offset) & 0x3fff)
	return;
    
    /* check ip header checksum */
    i = ip_header->checksum;
    ip_header->checksum = 0;
    ip_header->checksum = dcln_checksum((unsigned short *)ip_header, 2*(ip_header->version_ihl & 0x0f));
    if (i != ip_header->checksum)
      return;

    switch (ip_header->protocol) {
    case 1: /* icmp */
	icmp_header = (icmp_header_t *)(pkt + ETHER_H_LEN + 4*(ip_header->version_ihl & 0x0f));
	process_icmp(ether_header, ip_header, icmp_header);
	break;
    case 17: /* udp */
      udp_header = (udp_header_t *)(pkt + ETHER_H_LEN + 4*(ip_header->version_ihl & 0x0f));
      process_udp(ether_header, ip_header, udp_header);
    default:
      break;
    }
}
Beispiel #9
0
void
process_packet(unsigned char *ignore, const struct pcap_pkthdr *header, const unsigned char *packet) {
  //  static int packet_count = 1;                   
  struct flow_record *record;
  unsigned char proto = 0;

  /* declare pointers to packet headers */
  const struct ip_hdr *ip;              
  unsigned int transport_len;
  unsigned int ip_hdr_len;
  const void *transport_start;

  struct flow_key key;
  
  flocap_stats_incr_num_packets();
  if (output_level > none) {
    fprintf(output, "\npacket number %lu:\n", flocap_stats_get_num_packets());
  }
  //  packet_count++;
  
  // ethernet = (struct ethernet_hdr*)(packet);
  
  /* define/compute ip header offset */
  ip = (struct ip_hdr*)(packet + ETHERNET_HDR_LEN);
  ip_hdr_len = ip_hdr_length(ip);
  if (ip_hdr_len < 20) {
    if (output_level > none) { 
      fprintf(output, "   * Invalid IP header length: %u bytes\n", ip_hdr_len);
    }
    return;
  }
  if (ntohs(ip->ip_len) < sizeof(struct ip_hdr) || ntohs(ip->ip_len) > header->caplen) {
    /* 
     * IP packet is malformed (shorter than a complete IP header, or
     * claims to be longer than it is), or not entirely captured by
     * libpcap (which will depend on MTU and SNAPLEN; you can change
     * the latter if need be).
     */
    return ;
  }
  transport_len =  ntohs(ip->ip_len) - ip_hdr_len;

  /* print source and destination IP addresses */
  if (output_level > none) {
    fprintf(output, "       from: %s\n", inet_ntoa(ip->ip_src));
    fprintf(output, "         to: %s\n", inet_ntoa(ip->ip_dst));
    fprintf(output, "     ip len: %u\n", ntohs(ip->ip_len));
    fprintf(output, " ip hdr len: %u\n", ip_hdr_len);
  }

  if (ip_fragment_offset(ip) == 0) {

    /* fill out IP-specific fields of flow key, plus proto selector */
    key.sa = ip->ip_src;
    key.da = ip->ip_dst;
    proto = key.prot = ip->ip_prot;  

  }  else {
    // fprintf(info, "found IP fragment (offset: %02x)\n", ip_fragment_offset(ip));

    /*
     * select IP processing, since we don't have a TCP or UDP header 
     */
    key.sa = ip->ip_src;
    key.da = ip->ip_dst;
    proto = key.prot = IPPROTO_IP;
  }  

  /* determine transport protocol and handle appropriately */

  transport_start = (void *)ip + ip_hdr_len;
  switch(proto) {
  case IPPROTO_TCP:
    record = process_tcp(header, transport_start, transport_len, &key);
    break;
  case IPPROTO_UDP:
    record = process_udp(header, transport_start, transport_len, &key);
    break;
  case IPPROTO_ICMP:
    record = process_icmp(header, transport_start, transport_len, &key);
    break;    
  case IPPROTO_IP:
  default:
    record = process_ip(header, transport_start, transport_len, &key);
    break;
  }

  /*
   * if our packet is malformed TCP, UDP, or ICMP, then the process
   * functions will return NULL; we deal with that case by treating it
   * as just an IP packet
   */
  if (record == NULL) {
#if 1
    record = process_ip(header, transport_start, transport_len, &key);
    if (record == NULL) {
      fprintf(info, "warning: unable to process ip packet (improper length or otherwise malformed)\n");
      return;
    }
    record->invalid++;
#else
    /*
     * if the processing of malformed packets causes trouble, choose
     * this code path instead 
     */
    return;
#endif
  }
  
  /*
   * set minimum ttl in flow record
   */
  if (record->ttl > ip->ip_ttl) {
    record->ttl = ip->ip_ttl; 
  }

  /* increment packet count in flow record */
  record->np++; 

  /* update flow record timestamps */
  if (timerisset(&record->start)) {
    record->end = header->ts;
  } else {
    record->start = record->end = header->ts;
  }

  /*
   * copy initial data packet, if configured to report idp, and this
   * is the first packet in the flow with nonzero data payload
   */
  if ((report_idp) && record->op && (record->idp_len == 0)) {
    record->idp_len = (ntohs(ip->ip_len) < report_idp ? ntohs(ip->ip_len) : report_idp);
    record->idp = malloc(record->idp_len);
    memcpy(record->idp, ip, record->idp_len);
    if (output_level > none) {
      fprintf(output, "stashed %u bytes of IDP\n", record->idp_len);
    }
  }

  /* increment overall byte count */
  flocap_stats_incr_num_bytes(transport_len);
 
  return;
}
Beispiel #10
0
void process_hl_udp (OS_FRAME *frame) {
   /* Process udp protocol frame */
   process_udp (frame);
}
Beispiel #11
0
static void bench(
    uhd::transport::dpdk_zero_copy::sptr *stream, uint32_t nb_ports, double timeout)
{
    uint64_t total_xfer[NUM_PORTS];
    uint32_t id;
    struct dpdk_test_stats *stats = (struct dpdk_test_stats *) malloc(sizeof(*stats)*nb_ports);
    for (id = 0; id < nb_ports; id++) {
        stats[id].tx_seqno        = 1;
        stats[id].tx_xfer         = 0;
        stats[id].last_ackno      = 0;
        stats[id].last_seqno      = 0;
        stats[id].dropped_packets = 0;
        total_xfer[id]            = 0;
    }
    sleep(1);
    struct timeval bench_start, bench_end;
    gettimeofday(&bench_start, NULL);
    /*
     * The test...
     */
    uint64_t total_received = 0;
    uint32_t consec_no_rx   = 0;
    while ((total_received / nb_ports) < 10000000) { //&& consec_no_rx < 10000) {
        for (id = 0; id < nb_ports; id++) {
            unsigned int nb_rx = 0;
            uhd::transport::managed_recv_buffer::sptr bufs[BURST_SIZE];
            for (; nb_rx < BURST_SIZE; nb_rx++) {
                bufs[nb_rx] = stream[id]->get_recv_buff(timeout);
                if (bufs[nb_rx].get() == nullptr) {
                    bufs[nb_rx].reset();
                    break;
                }
            }

            if (nb_rx <= 0) {
                if (timeout > 0.0) {
                    send_udp(stream[id], id, true, stats);
                }
                consec_no_rx++;
                if (consec_no_rx >= 100000) {
                    // uint32_t skt_drops = stream[id]->get_drop_count();
                    // printf("TX seq %d, TX ack %d, RX seq %d, %d drops!\n",
                    // stats[id].tx_seqno, stats[id].last_ackno, stats[id].last_seqno,
                    // skt_drops);
                    consec_no_rx = 0;
                    break;
                }
                continue;
            } else {
                consec_no_rx = 0;
            }

            for (unsigned int buf = 0; buf < nb_rx; buf++) {
                total_xfer[id] += bufs[buf]->size();
                auto data = bufs[buf]->cast<uint32_t *>();
                process_udp(id, data, stats);
            }

            total_received += nb_rx;
        }

        for (id = 0; id < nb_ports; id++) {
            /* TX portion */
            uint32_t window_end = stats[id].last_ackno + TX_CREDITS;
            // uint32_t window_end = last_seqno[port] + TX_CREDITS;
            if (window_end <= stats[id].tx_seqno) {
                if (consec_no_rx == 9999) {
                    send_udp(stream[id], id, true, stats);
                }
                // send_udp(tx[id], id, true);
                ;
            } else {
                for (unsigned int pktno = 0;
                     (pktno < BURST_SIZE) && (stats[id].tx_seqno < window_end);
                     pktno++) {
                    send_udp(stream[id], id, false, stats);
                }
            }
        }
    }
    gettimeofday(&bench_end, NULL);
    printf("Benchmark complete\n\n");

    for (id = 0; id < nb_ports; id++) {
        printf("\n");
        printf("Bytes received = %ld\n", total_xfer[id]);
        printf("Bytes sent = %ld\n", stats[id].tx_xfer);
        printf("Time taken = %ld us\n",
            (bench_end.tv_sec - bench_start.tv_sec)*1000000
                + (bench_end.tv_usec - bench_start.tv_usec));
        double elapsed_time = (bench_end.tv_sec - bench_start.tv_sec)*1000000
            + (bench_end.tv_usec - bench_start.tv_usec);
        elapsed_time *= 1.0e-6;
        double elapsed_bytes = total_xfer[id];
        printf("RX Performance = %e Gbps\n", elapsed_bytes*8.0/1.0e9/elapsed_time);
        elapsed_bytes = stats[id].tx_xfer;
        printf("TX Performance = %e Gbps\n", elapsed_bytes*8.0/1.0e9/elapsed_time);
        uint32_t skt_drops = stream[id]->get_drop_count();
        printf("Dropped %d packets\n", stats[id].dropped_packets);
        printf("Socket reports dropped %d packets\n", skt_drops);
        for (unsigned int i = 0; i < 16; i++) {
            if (i >= stats[id].dropped_packets)
                break;
            printf("Last(%u), Recv(%u)\n", stats[id].lasts[i], stats[id].drops[i]);
        }
        // printf("%d missed/dropped packets\n", errors);
        printf("\n");
    }
    free(stats);
}
Beispiel #12
0
/** Long lived processing entry point. Split out from main to simply
 *  daemonisation on some platforms. */
static int run_loop( n2n_sn_t * sss )
{
    uint8_t pktbuf[N2N_SN_PKTBUF_SIZE];
    int keep_running=1;

    sss->start_time = time(NULL);

    while(keep_running) 
    {
        int rc;
        ssize_t bread;
        int max_sock;
        fd_set socket_mask;
        struct timeval wait_time;
        time_t now=0;

        FD_ZERO(&socket_mask);
        max_sock = MAX(sss->sock, sss->mgmt_sock);

#ifdef N2N_MULTIPLE_SUPERNODES
        max_sock = MAX(max_sock, sss->sn_sock);
        FD_SET(sss->sn_sock, &socket_mask);

        if (sss->snm_discovery_state != N2N_SNM_STATE_READY)
        {
            communities_discovery(sss, time(NULL));
        }
#endif

        FD_SET(sss->sock, &socket_mask);
        FD_SET(sss->mgmt_sock, &socket_mask);

        wait_time.tv_sec = 10; wait_time.tv_usec = 0;
        rc = select(max_sock+1, &socket_mask, NULL, NULL, &wait_time);

        now = time(NULL);

        if(rc > 0) 
        {
#ifdef N2N_MULTIPLE_SUPERNODES
            if (FD_ISSET(sss->sn_sock, &socket_mask))
            {
                struct sockaddr_in  sender_sock;
                size_t              i;

                i = sizeof(sender_sock);
                bread = recvfrom(sss->sn_sock, pktbuf, N2N_SN_PKTBUF_SIZE, 0/*flags*/,
                                 (struct sockaddr *)&sender_sock, (socklen_t*)&i);

                if (bread <= 0)
                {
                    traceEvent(TRACE_ERROR, "recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno));
                    keep_running = 0;
                    break;
                }

                /* We have a datagram to process */
                process_sn_msg(sss, &sender_sock, pktbuf, bread, now);
            }
#endif

            if (FD_ISSET(sss->sock, &socket_mask)) 
            {
                struct sockaddr_in  sender_sock;
                socklen_t           i;

                i = sizeof(sender_sock);
                bread = recvfrom( sss->sock, pktbuf, N2N_SN_PKTBUF_SIZE, 0/*flags*/,
				  (struct sockaddr *)&sender_sock, (socklen_t*)&i);

                if ( bread < 0 ) /* For UDP bread of zero just means no data (unlike TCP). */
                {
                    /* The fd is no good now. Maybe we lost our interface. */
                    traceEvent( TRACE_ERROR, "recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno) );
                    keep_running=0;
                    break;
                }

                /* We have a datagram to process */
                if ( bread > 0 )
                {
                    /* And the datagram has data (not just a header) */
                    process_udp( sss, &sender_sock, pktbuf, bread, now );
                }
            }

            if (FD_ISSET(sss->mgmt_sock, &socket_mask)) 
            {
                struct sockaddr_in  sender_sock;
                size_t              i;

                i = sizeof(sender_sock);
                bread = recvfrom( sss->mgmt_sock, pktbuf, N2N_SN_PKTBUF_SIZE, 0/*flags*/,
				  (struct sockaddr *)&sender_sock, (socklen_t*)&i);

                if ( bread <= 0 )
                {
                    traceEvent( TRACE_ERROR, "recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno) );
                    keep_running=0;
                    break;
                }

                /* We have a datagram to process */
                process_mgmt( sss, &sender_sock, pktbuf, bread, now );
            }
        }
        else
        {
            traceEvent( TRACE_DEBUG, "timeout" );
        }

        purge_expired_registrations( &(sss->edges) );

    } /* while */

    deinit_sn( sss );

    return 0;
}