int tunemu_open(tunemu_device device)
{
int ppp_unit_number = -1;
if (device[0] != 0)
{
if (check_device_name(device) < 0)
{
tun_error("invalid device name \"%s\"", device);
return -1;
}
ppp_unit_number = atoi(device + 3);
}
int ppp_unit_fd = ppp_new_unit(&ppp_unit_number);
if (ppp_unit_fd < 0)
return -1;
if (ppp_setup_unit(ppp_unit_fd) < 0)
{
close(ppp_unit_fd);
return -1;
}
if (open_pcap() < 0)
{
close(ppp_unit_fd);
return -1;
}
make_device_name(device, ppp_unit_number);
return ppp_unit_fd;
}
void Pcap(TQueueItem* start, TQueueItem* stop, TQueueCallbackArgs args)
{
char* pcap_filename = get_config_value("pcap_filename");
if(pcap_filename==NULL)
return;
open_pcap(pcap_filename);
TQueueItem* item = start;
while(item != NULL)
{
TPacket* packet = item->packet;
uint8_t* packet_l2_start;
uint32_t packet_l2_length;
onep_dpss_pkt_get_l2_start((onep_dpss_paktype_t*)packet, &packet_l2_start, &packet_l2_length);
pcap_pkthdr_t x = {{(uint32_t)item->timestamp.tv_sec, (uint32_t)item->timestamp.tv_nsec / 1000}, packet_l2_length, packet_l2_length};
pcap_dump((u_char*)pcap_dumpfile, &x, packet_l2_start);
item = GetNextItem(item, stop);
}
pcap_dump_flush(pcap_dumpfile);
}
int main()
{
open_pcap();
while(1)
tcp_read();
}
int main(int argc, char *argv[])
{
char *out;
int i;
if (argc < 3) {
printf("Usage: %s <out.cap> <in.cap> [in2.cap] [...]\n", argv[0]);
exit(1);
}
out = argv[1];
_outfd = open_pcap(out);
for (i = 2; i < argc; i++) {
char *in = argv[i];
int prog = (int) (((double) (i - 1)) / ((double)(argc - 2))
* 100.0);
printf("Pwning %s (%d/%d %d%%)\n", in, i - 1, argc - 2, prog);
fflush(stdout);
pwn(in);
}
printf("Done\n");
exit(0);
}
int main(int argc, char *argv[])
{
pcap_t *pt;
struct bpf_program bp;
if (argc != 2)
err_quit("Usage: igmpdump <interface>");
pt = open_pcap(argv[1], 500, FILTER, &linktype, &bp);
loop_pcap(pt, &bp, igmpdump, 0);
return 0;
}
static void save_network(const struct network *n)
{
int i;
_outfd = open_pcap(_outfilename);
write_pcap(_outfd, n->n_beacon, n->n_beaconlen);
for (i = 0; i < 4; i++)
{
struct packet *p = &n->n_handshake->c_handshake[i];
if (p->p_len) packet_write_pcap(_outfd, p);
}
}
static void save_network(const struct network * n)
{
REQUIRE(n != NULL);
int i;
_outfd = open_pcap(_outfilename);
write_pcap(_outfd, n->n_beacon, n->n_beaconlen);
for (i = 0; i < 4; i++)
{
struct packet * p = &n->n_handshake->c_handshake[i];
ALLEGE(p != NULL); //-V547
if (p->p_len) packet_write_pcap(_outfd, p);
}
}
static int init(struct parameters *args)
{
char *new_iptables_config = NULL;
char *interfaces_buf = NULL;
char **ifaces = NULL;
int thread_count = thread_get_packet_capture_cpu_count();
const char *file_in = NULL;
const char *file_out = NULL;
const char *file_drop = NULL;
int count;
bool dump = false;
/* Setup iptables rules */
if (save_iptables("raw", &iptables_saved)) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"cannot save iptables rules");
cleanup();
return 1;
}
{
const char *iter;
const char *interfaces = parameters_get_string(args, "interfaces", NULL);
if (!interfaces) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"no interfaces selected");
cleanup();
return 1;
}
for (count = 0, iter = interfaces; *iter; ++iter) {
if (*iter == ',')
++count;
}
interfaces_buf = strdup(interfaces);
if (!interfaces_buf) {
error(L"memory error");
cleanup();
return 1;
}
++count;
}
ifaces = malloc((sizeof(char *) * (count + 1)));
if (!ifaces) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"memory error");
free(interfaces_buf);
cleanup();
return 1;
}
messagef(HAKA_LOG_INFO, MODULE_NAME, L"installing iptables rules for device(s) %s", interfaces_buf);
{
int index = 0;
char *str, *ptr = NULL;
for (index = 0, str = interfaces_buf; index < count; index++, str = NULL) {
char *token = strtok_r(str, ",", &ptr);
assert(token != NULL);
ifaces[index] = token;
}
ifaces[index] = NULL;
}
new_iptables_config = iptables_config(ifaces, thread_count);
if (!new_iptables_config) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"cannot generate iptables rules");
free(ifaces);
free(interfaces_buf);
cleanup();
return 1;
}
free(ifaces);
ifaces = NULL;
free(interfaces_buf);
interfaces_buf = NULL;
if (apply_iptables(new_iptables_config)) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"cannot setup iptables rules");
free(new_iptables_config);
cleanup();
return 1;
}
free(new_iptables_config);
/* Setup pcap dump */
dump = parameters_get_boolean(args, "dump", false);
if (dump) {
file_in = parameters_get_string(args, "dump_input", NULL);
file_out = parameters_get_string(args, "dump_output", NULL);
file_drop = parameters_get_string(args, "dump_drop", NULL);
if (!(file_in || file_out || file_drop)) {
message(HAKA_LOG_WARNING, MODULE_NAME, L"no dump pcap files specified");
}
else {
pcap = malloc(sizeof(struct pcap_sinks));
if (!pcap) {
message(HAKA_LOG_ERROR, MODULE_NAME, L"memory error");
cleanup();
return 1;
}
memset(pcap, 0, sizeof(struct pcap_sinks));
if (file_in) {
open_pcap(&pcap->in, file_in);
messagef(HAKA_LOG_INFO, MODULE_NAME, L"dumping received packets into '%s'", file_in);
}
if (file_out) {
open_pcap(&pcap->out, file_out);
messagef(HAKA_LOG_INFO, MODULE_NAME, L"dumping emitted packets into '%s'", file_out);
}
if (file_drop) {
open_pcap(&pcap->drop, file_drop);
messagef(HAKA_LOG_INFO, MODULE_NAME, L"dumping dropped packets into '%s'", file_drop);
}
}
}
return 0;
}
/** Initialise IC **/
RETURN_STATUS init_uc()
{
open_pcap();
return SUCCESS;
}
int
main(int argc, char *argv[])
{
int c, lopt=0;
char *ptr, localname[1024], *localport;
struct addrinfo *aip;
/* end main1 */
/* include main2 */
opterr = 0; /* don't want getopt() writing to stderr */
while ( (c = getopt(argc, argv, "0i:l:v")) != -1)
{
switch (c)
{
case '0':
zerosum = 1;
break;
case 'i':
device = optarg; /* pcap device */
break;
case 'l': /* local IP address and port #: a.b.c.d.p */
if ( (ptr = strrchr(optarg, '.')) == NULL)
usage("invalid -l option");
*ptr++ = 0; /* null replaces final period */
localport = ptr; /* service name or port number */
strncpy(localname, optarg, sizeof(localname));
lopt = 1;
break;
case 'v':
verbose = 1;
break;
case '?':
usage("unrecognized option");
}
}
/* end main2 */
/* include main3 */
if (optind != argc-2)
usage("missing <host> and/or <serv>");
/* 4convert destination name and service */
aip = Host_serv(argv[optind], argv[optind+1], AF_INET, SOCK_DGRAM);
dest = aip->ai_addr; /* don't freeaddrinfo() */
destlen = aip->ai_addrlen;
/*
* Need local IP address for source IP address for UDP datagrams.
* Can't specify 0 and let IP choose, as we need to know it for
* the pseudoheader to calculate the UDP checksum.
* If -l option supplied, then use those values; otherwise,
* connect a UDP socket to the destination to determine the right
* source address.
*/
if (lopt)
{
/* 4convert local name and service */
aip = Host_serv(localname, localport, AF_INET, SOCK_DGRAM);
local = aip->ai_addr; /* don't freeaddrinfo() */
locallen = aip->ai_addrlen;
}
else
{
int s;
s = Socket(AF_INET, SOCK_DGRAM, 0);
Connect(s, dest, destlen);
/* kernel chooses correct local address for dest */
locallen = sizeof(locallookup);
local = (struct sockaddr *)&locallookup;
Getsockname(s, local, &locallen);
if (locallookup.sin_addr.s_addr == htonl(INADDR_ANY))
err_quit("Can't determine local address - use -l\n");
close(s);
}
open_output(); /* open output, either raw socket or libnet */
open_pcap(); /* open packet capture device */
setuid(getuid()); /* don't need superuser privileges anymore */
Signal(SIGTERM, cleanup);
Signal(SIGINT, cleanup);
Signal(SIGHUP, cleanup);
test_udp();
cleanup(0);
}
int main(int argc, char** argv)
{
const char* pcap_file;
const char* capture_interface;
const char* tmp;
int is_live = 0;
int snaplen = 65535;
uint32_t packet_pool_size = 1;
pthread_t worker_id;
uint32_t conn_no = 0;
uint32_t conn_max = 0;
uint32_t flow_timeout = 0;
int print_stats_enabled = 0;
if (argc != 2) {
usage(argv[0]);
return -1;
}
msg_setlevel(MSG_INFO);
// install signal handler
if (SIG_ERR == signal(SIGINT, sig_handler)) {
msg(MSG_ERROR, "Could not install signal handler for SIGINT.");
return -1;
}
if (SIG_ERR == signal(SIGCHLD, sig_chld_handler)) {
msg(MSG_ERROR, "Could not install signal handler for SIGCHLD");
return -1;
}
struct dumpers dumps;
dumpers_init(&dumps);
struct config* conf = config_new(argv[1]);
if (!conf) {
msg(MSG_ERROR, "Invalid config. Abort!");
return 0;
}
// check if we should have any output over msg
// quite mode is necessary when we are dumping to stdout
tmp = config_get_option(conf, MAIN_NAME, "quiet");
if (tmp) {
if (!strcmp(tmp, "yes")) {
msg_setlevel(-1);
}
}
// check if we have a config statement that changes message level
tmp = config_get_option(conf, MAIN_NAME, "msg_level");
if (tmp) {
if (!strcmp(tmp, "fatal")) {
msg_setlevel(MSG_FATAL);
} else if (!strcmp(tmp, "error")) {
msg_setlevel(MSG_ERROR);
} else if (!strcmp(tmp, "debug")) {
msg_setlevel(MSG_DEBUG);
} else if (!strcmp(tmp, "info")) {
msg_setlevel(MSG_INFO);
} else if (!strcmp(tmp, "stats")) {
msg_setlevel(MSG_STATS);
} else {
msg(MSG_FATAL, "Unknown msg level ...");
}
}
// do we want to periodically output statistics on dropped/received packets?
tmp = config_get_option(conf, "MAIN_NAME", "packet_stats");
if (tmp) {
if (!strcmp(tmp, "yes")) {
print_stats_enabled = 1;
}
}
msg(MSG_INFO, "%s is initializing ...", argv[2]);
pcap_file = config_get_option(conf, MAIN_NAME, "pcapfile");
capture_interface = config_get_option(conf, MAIN_NAME, "interface");
if (!pcap_file && !capture_interface) {
msg(MSG_FATAL, "main: Neither \"pcapfile\" nor \"interface\" given in config file.");
exit(-1);
} if (pcap_file && capture_interface) {
msg(MSG_FATAL, "main: Got \'pcapfile\" *and* \"interface\". Please decide whether you want to work on- or offline!");
exit(-1);
}
tmp = config_get_option(conf, MAIN_NAME, "max_packet_size");
if (tmp) {
snaplen = atoi(tmp);
}
tmp = config_get_option(conf, MAIN_NAME, "packet_pool");
if (tmp) {
packet_pool_size = atoi(tmp);
}
// init connection pool
if (!config_get_option(conf, MAIN_NAME, "init_connection_pool")) {
msg(MSG_ERROR, "main: \"init_connection_pool\" missing in section %s", MAIN_NAME);
return -1;
}
conn_no = atoi(config_get_option(conf, MAIN_NAME, "init_connection_pool"));
if (!config_get_option(conf, MAIN_NAME, "max_connection_pool")) {
msg(MSG_ERROR, "main: \"max_connection_pool\" missing in section %s", MAIN_NAME);
return -1;
}
conn_max = atoi(config_get_option(conf, MAIN_NAME, "max_connection_pool"));
if (!config_get_option(conf, MAIN_NAME, "flow_timeout")) {
msg(MSG_ERROR, "main: \"flow_timeout\" missing in section %s", MAIN_NAME);
return -1;
}
flow_timeout = atoi(config_get_option(conf, MAIN_NAME, "flow_timeout"));
connection_init_pool(conn_no, conn_max, flow_timeout);
struct packet_pool* packet_pool = packet_pool_init(packet_pool_size, snaplen);
struct thread_data worker_data;
worker_data.pool = packet_pool;
worker_data.dumpers = &dumps;
pcap_t* pfile;
if (pcap_file) {
pfile = open_pcap(pcap_file, 0, snaplen);
dumpers_create_all(&dumps, conf, pcap_datalink(pfile), snaplen);
if (!dumps.count) {
msg(MSG_FATAL, "Could not configure any modules.");
return -1;
}
if (pthread_create(&worker_id, NULL, worker_thread, &worker_data)) {
msg(MSG_FATAL, "Could not create worker thread: %s", strerror(errno));
return -1;
}
} else {
is_live = 1;
pfile = open_pcap(capture_interface, 1, snaplen);
dumpers_create_all(&dumps, conf, pcap_datalink(pfile), snaplen);
if (!dumps.count) {
msg(MSG_FATAL, "Could not configure any modules.");
return -1;
}
// the dumper creating can take a significant amount of time.
// We could not read any packets during this initialization phase and
// could therefore drop a significant amount of packets (depending on
// the link speed). We therefore close and reopen the pcap descriptor
// in order to reset the statistics and get more accurate packet
// drop statistice (we had to open the pcap interface for retrieving the
// interface link type which is important for module initialization
pcap_close(pfile);
if (pthread_create(&worker_id, NULL, worker_thread, &worker_data)) {
msg(MSG_FATAL, "Could not create worker thread: %s", strerror(errno));
return -1;
}
pfile = open_pcap(capture_interface, 1, snaplen);
}
msg(MSG_INFO, "%s is up and running. Starting to consume packets ...", argv[0]);
struct pcap_pkthdr pcap_hdr;
time_t last_stats = 0;
time_t stats_interval = 10;
uint64_t captured = 0;
const unsigned char* data = NULL;
while (running) {
if (NULL != (data = pcap_next(pfile, &pcap_hdr))) {
captured++;
if (print_stats_enabled) {
if (pcap_hdr.ts.tv_sec - last_stats > stats_interval && is_live) {
last_stats = pcap_hdr.ts.tv_sec;
print_stats(pfile, captured, packet_pool);
}
}
packet_new(packet_pool, &pcap_hdr, data);
} else {
if (!is_live)
running = 0;
}
}
msg(MSG_INFO, "%s finished reading packets ...", argv[0]);
// TODO: this is a hack! we might need to wake the worker thread
// because it might be blocked at a mutex waiting for new packets
// we have to insert a packet in order to wake the thread from the
// mutex. Hence, we re-include the last packet into the pool again ...
// FIXME: The hack can result in a segmentation fault if no packet
// has been read from the pcap_t ...
unsigned char* useless = malloc(snaplen);
packet_new(packet_pool, &pcap_hdr, useless);
free(useless);
pthread_join(worker_id, NULL);
// ok, the second worker is stopped right now
// we are therefore the only thread that works on the connection pool.
// lets timeout all active connnections to update the statistics (e.g. for stats_module)
connection_flush_all_active_conns();
dumpers_finish(&dumps);
connection_deinit_pool();
packet_pool_deinit(packet_pool);
config_free(conf);
return 0;
}