/* * show the data in a joined window */ static void curses_connection_data_join(void) { char src[MAX_ASCII_ADDR_LEN]; char dst[MAX_ASCII_ADDR_LEN]; char title[64]; DEBUG_MSG("curses_connection_data_join"); if (wdg_conndata) { struct conn_object *tmp_conn = curr_conn; wdg_destroy_object(&wdg_conndata); curses_destroy_conndata(); curr_conn = tmp_conn; } /* don't timeout this connection */ curr_conn->flags |= CONN_VIEWING; wdg_create_object(&wdg_conndata, WDG_COMPOUND, WDG_OBJ_WANT_FOCUS); wdg_set_color(wdg_conndata, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_conndata, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_conndata, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_conndata, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_set_title(wdg_conndata, "Connection data", WDG_ALIGN_LEFT); wdg_set_size(wdg_conndata, 1, 2, -1, SYSMSG_WIN_SIZE - 1); wdg_create_object(&wdg_join, WDG_SCROLL, 0); snprintf(title, 64, "%s:%d - %s:%d", ip_addr_ntoa(&curr_conn->L3_addr1, src), ntohs(curr_conn->L4_addr1), ip_addr_ntoa(&curr_conn->L3_addr2, dst), ntohs(curr_conn->L4_addr2)); wdg_set_title(wdg_join, title, WDG_ALIGN_LEFT); wdg_set_color(wdg_join, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_set_color(wdg_join, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_size(wdg_join, 2, 3, -2, SYSMSG_WIN_SIZE - 2); /* set the buffers */ wdg_scroll_set_lines(wdg_join, GBL_CONF->connection_buffer / (current_screen.cols / 2) ); /* link the widget together within the compound */ wdg_compound_add(wdg_conndata, wdg_join); /* add the destroy callback */ wdg_add_destroy_key(wdg_conndata, CTRL('Q'), curses_destroy_conndata); /* * do not add inject callback because we can determine where to inject in * joined mode... */ wdg_compound_add_callback(wdg_conndata, 'j', curses_connection_data_split); wdg_compound_add_callback(wdg_conndata, 'k', curses_connection_kill_wrapper); wdg_compound_add_callback(wdg_conndata, ' ', curses_connection_data_help); wdg_draw_object(wdg_conndata); wdg_set_focus(wdg_conndata); /* print the old data */ connbuf_print(&curr_conn->data, join_print); /* add the hook on the connection to receive data only from it */ conntrack_hook_conn_add(curr_conn, join_print_po); }
/* * display the statistics windows */ static void curses_show_stats(void) { DEBUG_MSG("curses_show_stats"); /* if the object already exist, set the focus to it */ if (wdg_stats) { wdg_set_focus(wdg_stats); return; } wdg_create_object(&wdg_stats, WDG_WINDOW, WDG_OBJ_WANT_FOCUS); wdg_set_title(wdg_stats, "Statistics:", WDG_ALIGN_LEFT); wdg_set_size(wdg_stats, 1, 2, 70, 21); wdg_set_color(wdg_stats, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_stats, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_stats, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(wdg_stats, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_stats, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_draw_object(wdg_stats); wdg_set_focus(wdg_stats); /* display the stats */ refresh_stats(); /* add the callback on idle to refresh the stats */ wdg_add_idle_callback(refresh_stats); /* add the destroy callback */ wdg_add_destroy_key(wdg_stats, CTRL('Q'), curses_stop_stats); }
static void curses_manage_filters(void) { if (!wdg_filters) { wdg_create_object(&wdg_filters, WDG_LIST, WDG_OBJ_WANT_FOCUS); } wdg_set_size(wdg_filters, 1, 2, -1, SYSMSG_WIN_SIZE - 1); wdg_set_title(wdg_filters, "Select a filter...", WDG_ALIGN_LEFT); wdg_set_color(wdg_filters, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_filters, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_filters, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(wdg_filters, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_filters, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_list_select_callback(wdg_filters, curses_select_filter); wdg_add_destroy_key(wdg_filters, CTRL('Q'), NULL); wdg_draw_object(wdg_filters); wdg_set_focus(wdg_filters); refresh_filter_list(); }
/* * the auto-refreshing list of connections */ void curses_show_connections(void) { DEBUG_MSG("curses_show_connections"); /* if the object already exist, set the focus to it */ if (wdg_connections) { wdg_set_focus(wdg_connections); return; } wdg_create_object(&wdg_connections, WDG_DYNLIST, WDG_OBJ_WANT_FOCUS); wdg_set_title(wdg_connections, "Live connections:", WDG_ALIGN_LEFT); wdg_set_size(wdg_connections, 1, 2, -1, SYSMSG_WIN_SIZE - 1); wdg_set_color(wdg_connections, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_connections, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_connections, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(wdg_connections, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_connections, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_draw_object(wdg_connections); wdg_set_focus(wdg_connections); /* set the list print callback */ wdg_dynlist_print_callback(wdg_connections, conntrack_print); /* set the select callback */ wdg_dynlist_select_callback(wdg_connections, curses_connection_data); /* add the callback on idle to refresh the profile list */ wdg_add_idle_callback(refresh_connections); /* add the destroy callback */ wdg_add_destroy_key(wdg_connections, CTRL('Q'), curses_kill_connections); wdg_dynlist_add_callback(wdg_connections, 'd', curses_connection_detail); wdg_dynlist_add_callback(wdg_connections, 'k', curses_connection_kill); wdg_dynlist_add_callback(wdg_connections, 'x', curses_connection_purge); wdg_dynlist_add_callback(wdg_connections, ' ', curses_connection_help); }
/* * plugin management */ static void curses_plugin_mgmt(void) { DEBUG_MSG("curses_plugin_mgmt"); /* create the array for the list widget */ curses_create_plug_array(); /* if the object already exist, set the focus to it */ if (wdg_plugin) { /* set the new array */ wdg_list_set_elements(wdg_plugin, wdg_plugin_elements); return; } wdg_create_object(&wdg_plugin, WDG_LIST, WDG_OBJ_WANT_FOCUS); wdg_set_size(wdg_plugin, 1, 2, -1, SYSMSG_WIN_SIZE - 1); wdg_set_title(wdg_plugin, "Select a plugin...", WDG_ALIGN_LEFT); wdg_set_color(wdg_plugin, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_plugin, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_plugin, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(wdg_plugin, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_plugin, WDG_COLOR_TITLE, EC_COLOR_TITLE); /* set the elements */ wdg_list_set_elements(wdg_plugin, wdg_plugin_elements); /* add the destroy callback */ wdg_add_destroy_key(wdg_plugin, CTRL('Q'), curses_plug_destroy); /* add the callback */ wdg_list_select_callback(wdg_plugin, curses_select_plugin); wdg_list_add_callback(wdg_plugin, ' ', curses_plugin_help); wdg_draw_object(wdg_plugin); wdg_set_focus(wdg_plugin); }
/* * display the initial menu to setup global options * at startup. */ static void curses_setup(void) { wdg_t *menu; struct wdg_menu file[] = { {"File", 'F', "", NULL}, {"Open...", CTRL('O'), "C-o", curses_file_open}, {"Dump to file...", CTRL('D'), "C-d", curses_file_write}, {"-", 0, "", NULL}, {"Exit", CTRL('X'), "C-x", curses_exit}, {NULL, 0, NULL, NULL}, }; struct wdg_menu live[] = { {"Sniff", 'S', "", NULL}, {"Unified sniffing...", 'U', "U", curses_unified_sniff}, {"Bridged sniffing...", 'B', "B", curses_bridged_sniff}, {"-", 0, "", NULL}, {"Set pcap filter...", 'p', "p", curses_pcap_filter}, {NULL, 0, NULL, NULL}, }; struct wdg_menu options[] = { {"Options", 'O', "", NULL}, {"Unoffensive", 0, tag_unoff, toggle_unoffensive}, {"Promisc mode", 0, tag_promisc, toggle_nopromisc}, {"Set netmask", 'n', "n" , curses_set_netmask}, {NULL, 0, NULL, NULL}, }; DEBUG_MSG("curses_setup"); wdg_create_object(&menu, WDG_MENU, WDG_OBJ_WANT_FOCUS | WDG_OBJ_ROOT_OBJECT); wdg_set_title(menu, GBL_VERSION, WDG_ALIGN_RIGHT); wdg_set_color(menu, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(menu, WDG_COLOR_WINDOW, EC_COLOR_MENU); wdg_set_color(menu, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(menu, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_menu_add(menu, file); wdg_menu_add(menu, live); wdg_menu_add(menu, options); wdg_menu_add(menu, menu_help); wdg_draw_object(menu); DEBUG_MSG("curses_setup: menu created"); /* create the bottom windows for user messages */ wdg_create_object(&sysmsg_win, WDG_SCROLL, WDG_OBJ_WANT_FOCUS); wdg_set_title(sysmsg_win, "User messages:", WDG_ALIGN_LEFT); wdg_set_size(sysmsg_win, 0, SYSMSG_WIN_SIZE, 0, 0); wdg_set_color(sysmsg_win, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(sysmsg_win, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(sysmsg_win, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(sysmsg_win, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(sysmsg_win, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_scroll_set_lines(sysmsg_win, 500); wdg_draw_object(sysmsg_win); /* give the focus to the menu */ wdg_set_focus(menu); DEBUG_MSG("curses_setup: sysmsg created"); /* initialize the options */ if (GBL_OPTIONS->unoffensive) tag_unoff[0] = '*'; else tag_unoff[0] = ' '; if (GBL_PCAP->promisc) tag_promisc[0] = '*'; else tag_promisc[0] = ' '; /* give the control to the interface */ wdg_events_handler('u'); wdg_destroy_object(&menu); DEBUG_MSG("curses_setup: end"); }
/* * details for a connection */ static void curses_connection_detail(void *conn) { struct conn_tail *c = (struct conn_tail *)conn; char tmp[MAX_ASCII_ADDR_LEN]; char *proto = ""; char name[MAX_HOSTNAME_LEN]; unsigned int row = 0; DEBUG_MSG("curses_connection_detail"); /* if the object already exist, set the focus to it */ if (wdg_conn_detail) { wdg_destroy_object(&wdg_conn_detail); wdg_conn_detail = NULL; } wdg_create_object(&wdg_conn_detail, WDG_WINDOW, WDG_OBJ_WANT_FOCUS); wdg_set_title(wdg_conn_detail, "Connection detail:", WDG_ALIGN_LEFT); wdg_set_size(wdg_conn_detail, 1, 2, 75, 23); wdg_set_color(wdg_conn_detail, WDG_COLOR_SCREEN, EC_COLOR); wdg_set_color(wdg_conn_detail, WDG_COLOR_WINDOW, EC_COLOR); wdg_set_color(wdg_conn_detail, WDG_COLOR_BORDER, EC_COLOR_BORDER); wdg_set_color(wdg_conn_detail, WDG_COLOR_FOCUS, EC_COLOR_FOCUS); wdg_set_color(wdg_conn_detail, WDG_COLOR_TITLE, EC_COLOR_TITLE); wdg_draw_object(wdg_conn_detail); wdg_set_focus(wdg_conn_detail); /* add the destroy callback */ wdg_add_destroy_key(wdg_conn_detail, CTRL('Q'), NULL); /* print the information */ wdg_window_print(wdg_conn_detail, 1, ++row, "Source MAC address : %s", mac_addr_ntoa(c->co->L2_addr1, tmp)); wdg_window_print(wdg_conn_detail, 1, ++row, "Destination MAC address : %s", mac_addr_ntoa(c->co->L2_addr2, tmp)); ++row; wdg_window_print(wdg_conn_detail, 1, ++row, "Source IP address : %s", ip_addr_ntoa(&(c->co->L3_addr1), tmp)); if (host_iptoa(&(c->co->L3_addr1), name) == E_SUCCESS) wdg_window_print(wdg_conn_detail, 1, ++row, "Source hostname : %s", name); #ifdef HAVE_GEOIP if (GBL_CONF->geoip_support_enable) wdg_window_print(wdg_conn_detail, 1, ++row, "Source location : %s", geoip_country_by_ip(&c->co->L3_addr1)); #endif wdg_window_print(wdg_conn_detail, 1, ++row, "Destination IP address : %s", ip_addr_ntoa(&(c->co->L3_addr2), tmp)); if (host_iptoa(&(c->co->L3_addr2), name) == E_SUCCESS) wdg_window_print(wdg_conn_detail, 1, ++row, "Destination hostname : %s", name); #ifdef HAVE_GEOIP if (GBL_CONF->geoip_support_enable) wdg_window_print(wdg_conn_detail, 1, ++row, "Destination location : %s", geoip_country_by_ip(&c->co->L3_addr2)); #endif ++row; switch (c->co->L4_proto) { case NL_TYPE_UDP: proto = "UDP"; break; case NL_TYPE_TCP: proto = "TCP"; break; } wdg_window_print(wdg_conn_detail, 1, ++row, "Protocol : %s", proto); wdg_window_print(wdg_conn_detail, 1, ++row, "Source port : %-5d %s", ntohs(c->co->L4_addr1), service_search(c->co->L4_addr1, c->co->L4_proto)); wdg_window_print(wdg_conn_detail, 1, ++row, "Destination port : %-5d %s", ntohs(c->co->L4_addr2), service_search(c->co->L4_addr2, c->co->L4_proto)); row++; wdg_window_print(wdg_conn_detail, 1, ++row, "--> %d <-- %d total: %d ", c->co->tx, c->co->rx, c->co->xferred); row++; if (c->co->DISSECTOR.user) { wdg_window_print(wdg_conn_detail, 1, ++row, "Account : %s / %s", c->co->DISSECTOR.user, c->co->DISSECTOR.pass); if (c->co->DISSECTOR.info) wdg_window_print(wdg_conn_detail, 1, ++row, "Additional Info : %s", c->co->DISSECTOR.info); } }