void cap_http::nids_cap_loop(void* args)
{
cap_http* ins=cap_http::get_instance();
ACE_DEBUG((LM_INFO,"nids_cap_loop thread begin\n"));
int ret=0;
ret=nids_run();
ACE_DEBUG((LM_INFO,"nids_cap_loop thread quit\n"));
}
int main()
{
if(!nids_init())
puts("init failure.");
nids_register_ip_frag(load);
nids_register_ip(cnter);
nids_run();
}
int main(int argc, char** argv)
{
/* set libnids parameters */
getOptions(argc, argv);
/* create finger table */
g_FingerTable = create_hashtable(65536, finger_hash_from_key_fn,
finger_keys_equal_fn);
if (g_FingerTable == NULL) {
fprintf(stderr, "finger table creation failed\n");
exit(1);
}
/* create packet cache */
g_PacketCache = malloc(sizeof(PacketEntry) * g_MaxPackets);
if (g_PacketCache == NULL) {
fprintf(stderr, "packet cache creation failed #1\n");
exit(1);
}
int i;
for (i = 0; i < g_MaxPackets; i++) {
/* initialize packet cache */
g_PacketCache[i].length = 0;
}
/* start running */
if (g_Offline == FALSE) {
/* online: read from network interface */
initLibnids();
loop();
}
else {
int i;
for (i = 0; i < g_NumFiles; i++) {
/* set input trace file */
nids_params.filename = g_filenames[i];
/* offline: read from captured files */
initLibnids();
nids_run();
}
}
fprintf(stderr, "[Final Result]\n");
fprintf(stderr, "%llu pkts, %llu bytes\n", g_NumIPPackets, g_BytesIP);
fprintf(stderr, "chunksize: %d windowsize: %d"
" cachesize: %d overhead: %d, ignoreheader: %d\n",
g_ChunkSize, g_WindowSize,
g_MaxPackets, g_Overhead, g_IgnoreHeader);
fprintf(stderr, "Bytes: %llu total %llu redundant %llu overhead\n",
g_BytesIP, g_BytesRedundant, g_BytesOverhead);
fprintf(stderr, "Cache: %d packets %d fingerprints\n",
g_NumPacketsInCache, hashtable_count(g_FingerTable));
float saving = 100.0 * (g_BytesRedundant - g_BytesOverhead) / g_BytesIP;
fprintf(stderr, "saving: %.02f %%\n", saving);
return 0;
}
int
main(int argc, char *argv[])
{
int c;
while ((c = getopt(argc, argv, "i:nvh?V")) != -1) {
switch (c) {
case 'i':
nids_params.device = optarg;
break;
case 'n':
Opt_dns = 0;
break;
case 'v':
Opt_invert = 1;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc > 0 && strlen(argv[0])) {
if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL)
err(1, "malloc");
if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0)
errx(1, "invalid regular expression");
}
if (argc > 1) {
nids_params.pcap_filter = copy_argv(argv + 1);
}
else nids_params.pcap_filter = DEFAULT_PCAP_FILTER;
nids_params.scan_num_hosts = 0;
nids_params.syslog = null_syslog;
if (!nids_init())
errx(1, "%s", nids_errbuf);
nids_register_tcp(sniff_http_client);
warnx("listening on %s [%s]", nids_params.device,
nids_params.pcap_filter);
nids_run();
/* NOTREACHED */
exit(0);
}
int
main ()
{
// here we can alter libnids params, for instance:
// nids_params.n_hosts=256;
nids_params.filename = "C:\\Temp\\2\\100050--65.55.209.215.53123-147.237.72.235.80.pcap";
//nids_params.filename = "C:\\Temp\\http.pcap";
if (!nids_init ())
{
fprintf(stderr,"%s\n",nids_errbuf);
exit(1);
}
nids_register_tcp (tcp_callback);
nids_run ();
return 0;
}
int main(int argc, char **argv)
{
if(argc>1) {
nids_params.pcap_filter=argv[1];
fprintf(stderr, "Set filter to \"%s\"\n", nids_params.pcap_filter);
}
/*
nids_params.syslog = logger;
*/
nids_params.scan_num_hosts=0;
nids_params.scan_num_ports=0;
nids_init();
nids_register_tcp(got_packet);
nids_run();
return(0);
}
/**
* Main entry point for this program.
*
* @param argc
* @param argv
*/
int main(int argc, char *argv[]) {
// Check parameters
if ((argc < 2)||(argc > 4)) {
print_usage();
return 1;
}
// Configure libnids
if (argc > 2) {
if (strcmp(argv[1], "-r") != 0) {
print_usage();
return 1;
}
nids_params.filename = argv[2];
if (argc == 4) {
nids_params.pcap_filter = argv[3];
}
} else {
nids_params.pcap_filter = argv[1];
}
// Initialize libnids
if (!nids_init()) {
fprintf(stderr, "libnids initialization failed: %s\n", nids_errbuf);
return 1;
}
// Create LibHTP configuration
cfg = htp_config_create();
htp_config_set_server_personality(cfg, HTP_SERVER_APACHE_2_2);
htp_config_register_response(cfg, callback_response);
htp_config_register_log(cfg, callback_log);
// Run libnids
nids_register_tcp(tcp_callback);
nids_run();
// Destroy LibHTP configuration
htp_config_destroy(cfg);
return 0;
}
int
main ()
{
logfd = open ("./logfile", O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (logfd < 0)
{
perror ("opening ./logfile:");
exit (1);
}
if (!nids_init ())
{
fprintf (stderr, "%s\n", nids_errbuf);
exit (1);
}
nids_register_tcp (sniff_callback);
nids_run ();
return 0;
}
int
main(int argc, char *argv[])
{
int c;
char *services, *savefile, *triggers;
services = savefile = triggers = NULL;
while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) {
switch (c) {
case 'c':
Opt_client = 1;
break;
case 'd':
Opt_debug++;
break;
case 'f':
services = optarg;
break;
case 'i':
nids_params.device = optarg;
break;
case 'm':
Opt_magic = 1;
break;
case 'n':
Opt_dns = 0;
break;
case 'r':
Opt_read = 1;
savefile = optarg;
break;
case 's':
if ((Opt_snaplen = atoi(optarg)) == 0)
usage();
break;
case 't':
triggers = optarg;
break;
case 'w':
Opt_write = 1;
savefile = optarg;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (Opt_read && Opt_write)
usage();
if (!record_init(savefile))
err(1, "record_init");
signal(SIGHUP, sig_hup);
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
if (Opt_read) {
record_dump();
record_close();
exit(0);
}
if (argc != 0)
nids_params.pcap_filter = copy_argv(argv);
nids_params.scan_num_hosts = 0;
nids_params.syslog = null_syslog;
if (!nids_init()) {
record_close();
errx(1, "nids_init: %s", nids_errbuf);
}
if (Opt_magic) {
trigger_init_magic(DSNIFF_LIBDIR DSNIFF_MAGIC);
}
if (triggers) {
trigger_init_list(triggers);
}
if (services == NULL) {
services = DSNIFF_LIBDIR DSNIFF_SERVICES;
}
trigger_init_services(services);
nids_register_ip(trigger_ip);
nids_register_ip(trigger_udp);
if (Opt_client) {
nids_register_ip(trigger_tcp_raw);
signal(SIGALRM, trigger_tcp_raw_timeout);
alarm(TRIGGER_TCP_RAW_TIMEOUT);
}
else nids_register_tcp(trigger_tcp);
if (nids_params.pcap_filter != NULL) {
warnx("listening on %s [%s]", nids_params.device,
nids_params.pcap_filter);
}
else warnx("listening on %s", nids_params.device);
nids_run();
/* NOTREACHED */
exit(0);
}
/**
* Main loop of derrick.
*/
void derrick_run()
{
nids_run();
}
int
main(int argc, char *argv[])
{
extern char *optarg;
extern int optind;
int c;
while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) {
switch (c) {
case 'i':
nids_params.device = optarg;
break;
case 'p':
nids_params.filename = optarg;
break;
case 'v':
Opt_invert = 1;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc > 0 && strlen(argv[0])) {
if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL)
err(1, "malloc");
if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0)
errx(1, "invalid regular expression");
}
if (argc > 1)
nids_params.pcap_filter = copy_argv(argv + 1);
nids_params.scan_num_hosts = 0;
nids_params.syslog = null_syslog;
fh_map_init();
if (!nids_init())
errx(1, "nids_init: %s", nids_errbuf);
nids_register_ip(decode_udp_nfs);
nids_register_tcp(decode_tcp_nfs);
if (nids_params.pcap_filter != NULL) {
if (nids_params.filename == NULL) {
warnx("listening on %s [%s]", nids_params.device,
nids_params.pcap_filter);
}
else {
warnx("using %s [%s]", nids_params.filename,
nids_params.pcap_filter);
}
}
else {
if (nids_params.filename == NULL) {
warnx("listening on %s", nids_params.device);
}
else {
warnx("using %s", nids_params.filename);
}
}
nids_run();
/* NOTREACHED */
exit(0);
}
