void cap_http::nids_cap_loop(void* args) { cap_http* ins=cap_http::get_instance(); ACE_DEBUG((LM_INFO,"nids_cap_loop thread begin\n")); int ret=0; ret=nids_run(); ACE_DEBUG((LM_INFO,"nids_cap_loop thread quit\n")); }
int main() { if(!nids_init()) puts("init failure."); nids_register_ip_frag(load); nids_register_ip(cnter); nids_run(); }
int main(int argc, char** argv) { /* set libnids parameters */ getOptions(argc, argv); /* create finger table */ g_FingerTable = create_hashtable(65536, finger_hash_from_key_fn, finger_keys_equal_fn); if (g_FingerTable == NULL) { fprintf(stderr, "finger table creation failed\n"); exit(1); } /* create packet cache */ g_PacketCache = malloc(sizeof(PacketEntry) * g_MaxPackets); if (g_PacketCache == NULL) { fprintf(stderr, "packet cache creation failed #1\n"); exit(1); } int i; for (i = 0; i < g_MaxPackets; i++) { /* initialize packet cache */ g_PacketCache[i].length = 0; } /* start running */ if (g_Offline == FALSE) { /* online: read from network interface */ initLibnids(); loop(); } else { int i; for (i = 0; i < g_NumFiles; i++) { /* set input trace file */ nids_params.filename = g_filenames[i]; /* offline: read from captured files */ initLibnids(); nids_run(); } } fprintf(stderr, "[Final Result]\n"); fprintf(stderr, "%llu pkts, %llu bytes\n", g_NumIPPackets, g_BytesIP); fprintf(stderr, "chunksize: %d windowsize: %d" " cachesize: %d overhead: %d, ignoreheader: %d\n", g_ChunkSize, g_WindowSize, g_MaxPackets, g_Overhead, g_IgnoreHeader); fprintf(stderr, "Bytes: %llu total %llu redundant %llu overhead\n", g_BytesIP, g_BytesRedundant, g_BytesOverhead); fprintf(stderr, "Cache: %d packets %d fingerprints\n", g_NumPacketsInCache, hashtable_count(g_FingerTable)); float saving = 100.0 * (g_BytesRedundant - g_BytesOverhead) / g_BytesIP; fprintf(stderr, "saving: %.02f %%\n", saving); return 0; }
int main(int argc, char *argv[]) { int c; while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'n': Opt_dns = 0; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) { nids_params.pcap_filter = copy_argv(argv + 1); } else nids_params.pcap_filter = DEFAULT_PCAP_FILTER; nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) errx(1, "%s", nids_errbuf); nids_register_tcp(sniff_http_client); warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); nids_run(); /* NOTREACHED */ exit(0); }
int main () { // here we can alter libnids params, for instance: // nids_params.n_hosts=256; nids_params.filename = "C:\\Temp\\2\\100050--65.55.209.215.53123-147.237.72.235.80.pcap"; //nids_params.filename = "C:\\Temp\\http.pcap"; if (!nids_init ()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } nids_register_tcp (tcp_callback); nids_run (); return 0; }
int main(int argc, char **argv) { if(argc>1) { nids_params.pcap_filter=argv[1]; fprintf(stderr, "Set filter to \"%s\"\n", nids_params.pcap_filter); } /* nids_params.syslog = logger; */ nids_params.scan_num_hosts=0; nids_params.scan_num_ports=0; nids_init(); nids_register_tcp(got_packet); nids_run(); return(0); }
/** * Main entry point for this program. * * @param argc * @param argv */ int main(int argc, char *argv[]) { // Check parameters if ((argc < 2)||(argc > 4)) { print_usage(); return 1; } // Configure libnids if (argc > 2) { if (strcmp(argv[1], "-r") != 0) { print_usage(); return 1; } nids_params.filename = argv[2]; if (argc == 4) { nids_params.pcap_filter = argv[3]; } } else { nids_params.pcap_filter = argv[1]; } // Initialize libnids if (!nids_init()) { fprintf(stderr, "libnids initialization failed: %s\n", nids_errbuf); return 1; } // Create LibHTP configuration cfg = htp_config_create(); htp_config_set_server_personality(cfg, HTP_SERVER_APACHE_2_2); htp_config_register_response(cfg, callback_response); htp_config_register_log(cfg, callback_log); // Run libnids nids_register_tcp(tcp_callback); nids_run(); // Destroy LibHTP configuration htp_config_destroy(cfg); return 0; }
int main () { logfd = open ("./logfile", O_WRONLY | O_CREAT | O_TRUNC, 0600); if (logfd < 0) { perror ("opening ./logfile:"); exit (1); } if (!nids_init ()) { fprintf (stderr, "%s\n", nids_errbuf); exit (1); } nids_register_tcp (sniff_callback); nids_run (); return 0; }
int main(int argc, char *argv[]) { int c; char *services, *savefile, *triggers; services = savefile = triggers = NULL; while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { switch (c) { case 'c': Opt_client = 1; break; case 'd': Opt_debug++; break; case 'f': services = optarg; break; case 'i': nids_params.device = optarg; break; case 'm': Opt_magic = 1; break; case 'n': Opt_dns = 0; break; case 'r': Opt_read = 1; savefile = optarg; break; case 's': if ((Opt_snaplen = atoi(optarg)) == 0) usage(); break; case 't': triggers = optarg; break; case 'w': Opt_write = 1; savefile = optarg; break; default: usage(); } } argc -= optind; argv += optind; if (Opt_read && Opt_write) usage(); if (!record_init(savefile)) err(1, "record_init"); signal(SIGHUP, sig_hup); signal(SIGINT, sig_die); signal(SIGTERM, sig_die); if (Opt_read) { record_dump(); record_close(); exit(0); } if (argc != 0) nids_params.pcap_filter = copy_argv(argv); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; if (!nids_init()) { record_close(); errx(1, "nids_init: %s", nids_errbuf); } if (Opt_magic) { trigger_init_magic(DSNIFF_LIBDIR DSNIFF_MAGIC); } if (triggers) { trigger_init_list(triggers); } if (services == NULL) { services = DSNIFF_LIBDIR DSNIFF_SERVICES; } trigger_init_services(services); nids_register_ip(trigger_ip); nids_register_ip(trigger_udp); if (Opt_client) { nids_register_ip(trigger_tcp_raw); signal(SIGALRM, trigger_tcp_raw_timeout); alarm(TRIGGER_TCP_RAW_TIMEOUT); } else nids_register_tcp(trigger_tcp); if (nids_params.pcap_filter != NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else warnx("listening on %s", nids_params.device); nids_run(); /* NOTREACHED */ exit(0); }
/** * Main loop of derrick. */ void derrick_run() { nids_run(); }
int main(int argc, char *argv[]) { extern char *optarg; extern int optind; int c; while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; case 'p': nids_params.filename = optarg; break; case 'v': Opt_invert = 1; break; default: usage(); } } argc -= optind; argv += optind; if (argc > 0 && strlen(argv[0])) { if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) err(1, "malloc"); if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) errx(1, "invalid regular expression"); } if (argc > 1) nids_params.pcap_filter = copy_argv(argv + 1); nids_params.scan_num_hosts = 0; nids_params.syslog = null_syslog; fh_map_init(); if (!nids_init()) errx(1, "nids_init: %s", nids_errbuf); nids_register_ip(decode_udp_nfs); nids_register_tcp(decode_tcp_nfs); if (nids_params.pcap_filter != NULL) { if (nids_params.filename == NULL) { warnx("listening on %s [%s]", nids_params.device, nids_params.pcap_filter); } else { warnx("using %s [%s]", nids_params.filename, nids_params.pcap_filter); } } else { if (nids_params.filename == NULL) { warnx("listening on %s", nids_params.device); } else { warnx("using %s", nids_params.filename); } } nids_run(); /* NOTREACHED */ exit(0); }