int main (int argc, char **argv) { int quit = 0; #if defined(__GLIBC__) setup_signal_handlers (); #endif /* command line/config options */ verify_global_config (argc, argv); parse_conf_file (&argc, &argv); parse_cmd_line (argc, argv); /* initialize storage */ init_storage (); /* setup to use the current locale */ set_locale (); #ifdef HAVE_LIBGEOIP init_geoip (); #endif /* init logger */ logger = init_log (); set_signal_data (logger); /* init parsing spinner */ parsing_spinner = new_gspinner (); parsing_spinner->process = &logger->process; /* outputting to stdout */ if (conf.output_html) { ui_spinner_create (parsing_spinner); goto out; } /* init curses */ set_input_opts (); if (conf.no_color || has_colors () == FALSE) { conf.color_scheme = NO_COLOR; conf.no_color = 1; } else { start_color (); } init_colors (); init_windows (&header_win, &main_win); set_curses_spinner (parsing_spinner); /* configuration dialog */ if (isatty (STDIN_FILENO) && (conf.log_format == NULL || conf.load_conf_dlg)) { refresh (); quit = render_confdlg (logger, parsing_spinner); } /* straight parsing */ else { ui_spinner_create (parsing_spinner); } out: /* main processing event */ time (&start_proc); if (conf.load_from_disk) set_general_stats (); else if (!quit && parse_log (&logger, NULL, -1)) FATAL ("Error while processing file"); logger->offset = logger->process; /* no valid entries to process from the log */ if (logger->process == 0) FATAL ("Nothing valid to process."); /* init reverse lookup thread */ gdns_init (); parse_initial_sort (); allocate_holder (); end_spinner (); time (&end_proc); /* stdout */ if (conf.output_html) standard_output (); /* curses */ else curses_output (); /* clean */ house_keeping (); return EXIT_SUCCESS; }
int main(int argc, char **argv) { char *ptr; int c, i, j, cpu_tmp, opt_index, ops_touched = 0, vals[4] = {0}; bool prio_high = false, setsockmem = true; void (*main_loop)(struct ctx *ctx) = NULL; struct ctx ctx; init_ctx(&ctx); srand(time(NULL)); while ((c = getopt_long(argc, argv, short_options, long_options, &opt_index)) != EOF) { switch (c) { case 'd': case 'i': ctx.device_in = xstrdup(optarg); break; case 'o': ctx.device_out = xstrdup(optarg); break; case 'P': ctx.prefix = xstrdup(optarg); break; case 'R': ctx.link_type = LINKTYPE_IEEE802_11; ctx.rfraw = 1; break; case 'r': ctx.randomize = true; break; case 'J': ctx.jumbo = true; break; case 'T': ctx.magic = (uint32_t) strtoul(optarg, NULL, 0); pcap_check_magic(ctx.magic); break; case 'f': ctx.filter = xstrdup(optarg); break; case 'M': ctx.promiscuous = false; break; case 'A': setsockmem = false; break; case 'u': ctx.uid = strtoul(optarg, NULL, 0); ctx.enforce = true; break; case 'g': ctx.gid = strtoul(optarg, NULL, 0); ctx.enforce = true; break; case 't': if (!strncmp(optarg, "host", strlen("host"))) ctx.packet_type = PACKET_HOST; else if (!strncmp(optarg, "broadcast", strlen("broadcast"))) ctx.packet_type = PACKET_BROADCAST; else if (!strncmp(optarg, "multicast", strlen("multicast"))) ctx.packet_type = PACKET_MULTICAST; else if (!strncmp(optarg, "others", strlen("others"))) ctx.packet_type = PACKET_OTHERHOST; else if (!strncmp(optarg, "outgoing", strlen("outgoing"))) ctx.packet_type = PACKET_OUTGOING; else ctx.packet_type = -1; break; case 'S': ptr = optarg; ctx.reserve_size = 0; for (j = i = strlen(optarg); i > 0; --i) { if (!isdigit(optarg[j - i])) break; ptr++; } if (!strncmp(ptr, "KiB", strlen("KiB"))) ctx.reserve_size = 1 << 10; else if (!strncmp(ptr, "MiB", strlen("MiB"))) ctx.reserve_size = 1 << 20; else if (!strncmp(ptr, "GiB", strlen("GiB"))) ctx.reserve_size = 1 << 30; else panic("Syntax error in ring size param!\n"); *ptr = 0; ctx.reserve_size *= strtol(optarg, NULL, 0); break; case 'b': cpu_tmp = strtol(optarg, NULL, 0); cpu_affinity(cpu_tmp); if (ctx.cpu != -2) ctx.cpu = cpu_tmp; break; case 'H': prio_high = true; break; case 'c': ctx.pcap = PCAP_OPS_RW; ops_touched = 1; break; case 'm': ctx.pcap = PCAP_OPS_MM; ops_touched = 1; break; case 'G': ctx.pcap = PCAP_OPS_SG; ops_touched = 1; break; case 'Q': ctx.cpu = -2; break; case 's': ctx.print_mode = PRINT_NONE; break; case 'q': ctx.print_mode = PRINT_LESS; break; case 'X': ctx.print_mode = (ctx.print_mode == PRINT_ASCII) ? PRINT_HEX_ASCII : PRINT_HEX; break; case 'l': ctx.print_mode = (ctx.print_mode == PRINT_HEX) ? PRINT_HEX_ASCII : PRINT_ASCII; break; case 'k': ctx.kpull = strtol(optarg, NULL, 0); break; case 'n': frame_count_max = strtol(optarg, NULL, 0); break; case 'F': ptr = optarg; ctx.dump_interval = 0; for (j = i = strlen(optarg); i > 0; --i) { if (!isdigit(optarg[j - i])) break; ptr++; } if (!strncmp(ptr, "KiB", strlen("KiB"))) { ctx.dump_interval = 1 << 10; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "MiB", strlen("MiB"))) { ctx.dump_interval = 1 << 20; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "GiB", strlen("GiB"))) { ctx.dump_interval = 1 << 30; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "sec", strlen("sec"))) { ctx.dump_interval = 1; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "min", strlen("min"))) { ctx.dump_interval = 60; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "hrs", strlen("hrs"))) { ctx.dump_interval = 60 * 60; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "s", strlen("s"))) { ctx.dump_interval = 1; ctx.dump_mode = DUMP_INTERVAL_TIME; } else { panic("Syntax error in time/size param!\n"); } *ptr = 0; ctx.dump_interval *= strtol(optarg, NULL, 0); break; case 'V': ctx.verbose = 1; break; case 'B': ctx.dump_bpf = true; break; case 'D': pcap_dump_type_features(); die(); break; case 'U': update_geoip(); die(); break; case 'v': version(); break; case 'h': help(); break; case '?': switch (optopt) { case 'd': case 'i': case 'o': case 'f': case 't': case 'P': case 'F': case 'n': case 'S': case 'b': case 'k': case 'T': case 'u': case 'g': case 'e': panic("Option -%c requires an argument!\n", optopt); default: if (isprint(optopt)) printf("Unknown option character `0x%X\'!\n", optopt); die(); } default: break; } } if (!ctx.filter && optind != argc) { int ret; off_t offset = 0; for (i = optind; i < argc; ++i) { size_t alen = strlen(argv[i]) + 2; size_t flen = ctx.filter ? strlen(ctx.filter) : 0; ctx.filter = xrealloc(ctx.filter, 1, flen + alen); ret = slprintf(ctx.filter + offset, strlen(argv[i]) + 2, "%s ", argv[i]); if (ret < 0) panic("Cannot concatenate filter string!\n"); else offset += ret; } } if (!ctx.device_in) ctx.device_in = xstrdup("any"); register_signal(SIGINT, signal_handler); register_signal(SIGHUP, signal_handler); tprintf_init(); if (prio_high) { set_proc_prio(-20); set_sched_status(SCHED_FIFO, sched_get_priority_max(SCHED_FIFO)); } if (ctx.device_in && (device_mtu(ctx.device_in) || !strncmp("any", ctx.device_in, strlen(ctx.device_in)))) { if (!ctx.rfraw) ctx.link_type = pcap_devtype_to_linktype(ctx.device_in); if (!ctx.device_out) { ctx.dump = 0; main_loop = recv_only_or_dump; } else if (device_mtu(ctx.device_out)) { register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO); main_loop = receive_to_xmit; } else { ctx.dump = 1; register_signal_f(SIGALRM, timer_next_dump, SA_SIGINFO); main_loop = recv_only_or_dump; if (!ops_touched) ctx.pcap = PCAP_OPS_SG; } } else { if (ctx.device_out && device_mtu(ctx.device_out)) { register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO); main_loop = pcap_to_xmit; if (!ops_touched) ctx.pcap = PCAP_OPS_MM; } else { main_loop = read_pcap; if (!ops_touched) ctx.pcap = PCAP_OPS_SG; } } bug_on(!main_loop); init_geoip(0); if (setsockmem) set_system_socket_memory(vals, array_size(vals)); if (!ctx.enforce) xlockme(); main_loop(&ctx); if (!ctx.enforce) xunlockme(); if (setsockmem) reset_system_socket_memory(vals, array_size(vals)); destroy_geoip(); device_restore_irq_affinity_list(); tprintf_cleanup(); destroy_ctx(&ctx); return 0; }
int main (int argc, char **argv) { if (argc != 3) { log_error("Usage: geoip_server geoipdb port\n"); return 1; } GeoIP* gi = init_geoip(argv[1]); if (gi == NULL) { log_error("Could not open geoip database %s\n", argv[1]); return 1; } void *context = zmq_init(1); if (context == NULL) { log_error("Could not initialize ZMQ\n"); return 1; } // Socket to talk to clients void *responder = zmq_socket(context, ZMQ_REP); if (responder == NULL) { log_error("Could not initialize ZMQ responder\n"); return 1; } // Check port char port[25]; if (strlen(argv[2]) > 6 || atoi(argv[2]) == 0) { log_error("Invalid port %s", argv[2]); return 1; } int rc; sprintf(port, "tcp://*:%s", argv[2]); rc = zmq_bind (responder, port); assert(rc == 0); while (1) { char input[MAX_BUFFER]; // Wait for next request from client zmq_msg_t request; rc = zmq_msg_init(&request); assert(rc == 0); rc = zmq_recv(responder, &request, 0); assert(rc == 0); int size = zmq_msg_size(&request); if (size + 1 >= MAX_BUFFER ) { // treat this as an error, this message is too large to be a valid geoip request. goto bad_message; } // Copy and null terminate incoming message char* req_data = (char*) zmq_msg_data(&request); strncpy(input, req_data, size); input[size] = 0; zmq_msg_close(&request); // Process GeoIP request or fail. if (strncmp(input, "geoip ", 6) == 0) { char output[MAX_BUFFER]; int bytes = resolve_ip(gi, input + 6, output, MAX_BUFFER); zmq_msg_t reply; rc = zmq_msg_init_size(&reply, bytes); assert(rc == 0); memcpy((void*)zmq_msg_data(&reply), output, bytes); rc = zmq_send(responder, &reply, 0); assert(rc == 0); zmq_msg_close(&reply); } else { goto bad_message; } continue; bad_message: // Bail, invalid input. rc = zmq_msg_close (&request); assert(rc == 0); zmq_msg_t reply; rc = zmq_msg_init_size(&reply, 6); assert(rc == 0); memcpy((void *) zmq_msg_data (&reply), "ERROR", 5); rc = zmq_send(responder, &reply, 0); assert(rc == 0); rc = zmq_msg_close (&reply); assert(rc == 0); } zmq_term (context); return 0; }
int main(int argc, char **argv) { char *ptr; int c, i, j, cpu_tmp, opt_index, ops_touched = 0, vals[4] = {0}; bool prio_high = false, setsockmem = true; void (*main_loop)(struct ctx *ctx) = NULL; struct ctx ctx; init_ctx(&ctx); srand(time(NULL)); while ((c = getopt_long(argc, argv, short_options, long_options, &opt_index)) != EOF) { switch (c) { case 'd': case 'i': ctx.device_in = xstrdup(optarg); break; case 'o': ctx.device_out = xstrdup(optarg); break; case 'P': ctx.prefix = xstrdup(optarg); break; case 'R': ctx.rfraw = 1; break; case 'r': ctx.randomize = true; break; case 'J': ctx.jumbo = true; break; case 'T': ctx.magic = (uint32_t) strtoul(optarg, NULL, 0); pcap_check_magic(ctx.magic); break; case 'f': ctx.filter = xstrdup(optarg); break; case 'M': ctx.promiscuous = false; break; case 'N': ctx.hwtimestamp = false; break; case 'A': setsockmem = false; break; case 'u': ctx.uid = strtoul(optarg, NULL, 0); ctx.enforce = true; break; case 'g': ctx.gid = strtoul(optarg, NULL, 0); ctx.enforce = true; break; case 'C': ctx.fanout_group = strtoul(optarg, NULL, 0); if (ctx.fanout_group == 0) panic("Non-zero fanout group id required!\n"); break; case 'K': if (!strncmp(optarg, "hash", strlen("hash"))) ctx.fanout_type = PACKET_FANOUT_HASH; else if (!strncmp(optarg, "lb", strlen("lb")) || !strncmp(optarg, "rr", strlen("rr"))) ctx.fanout_type = PACKET_FANOUT_LB; else if (!strncmp(optarg, "cpu", strlen("cpu"))) ctx.fanout_type = PACKET_FANOUT_CPU; else if (!strncmp(optarg, "rnd", strlen("rnd"))) ctx.fanout_type = PACKET_FANOUT_RND; else if (!strncmp(optarg, "roll", strlen("roll"))) ctx.fanout_type = PACKET_FANOUT_ROLLOVER; else if (!strncmp(optarg, "qm", strlen("qm"))) ctx.fanout_type = PACKET_FANOUT_QM; else panic("Unknown fanout type!\n"); break; case 'L': if (!strncmp(optarg, "defrag", strlen("defrag"))) ctx.fanout_type |= PACKET_FANOUT_FLAG_DEFRAG; else if (!strncmp(optarg, "roll", strlen("roll"))) ctx.fanout_type |= PACKET_FANOUT_FLAG_ROLLOVER; else panic("Unknown fanout option!\n"); break; case 't': if (!strncmp(optarg, "host", strlen("host"))) ctx.packet_type = PACKET_HOST; else if (!strncmp(optarg, "broadcast", strlen("broadcast"))) ctx.packet_type = PACKET_BROADCAST; else if (!strncmp(optarg, "multicast", strlen("multicast"))) ctx.packet_type = PACKET_MULTICAST; else if (!strncmp(optarg, "others", strlen("others"))) ctx.packet_type = PACKET_OTHERHOST; else if (!strncmp(optarg, "outgoing", strlen("outgoing"))) ctx.packet_type = PACKET_OUTGOING; else ctx.packet_type = -1; break; case 'S': ptr = optarg; for (j = i = strlen(optarg); i > 0; --i) { if (!isdigit(optarg[j - i])) break; ptr++; } if (!strncmp(ptr, "KiB", strlen("KiB"))) ctx.reserve_size = 1 << 10; else if (!strncmp(ptr, "MiB", strlen("MiB"))) ctx.reserve_size = 1 << 20; else if (!strncmp(ptr, "GiB", strlen("GiB"))) ctx.reserve_size = 1 << 30; else panic("Syntax error in ring size param!\n"); ctx.reserve_size *= strtoul(optarg, NULL, 0); break; case 'b': cpu_tmp = strtol(optarg, NULL, 0); cpu_affinity(cpu_tmp); if (ctx.cpu != -2) ctx.cpu = cpu_tmp; break; case 'H': prio_high = true; break; case 'c': ctx.pcap = PCAP_OPS_RW; ops_touched = 1; break; case 'm': ctx.pcap = PCAP_OPS_MM; ops_touched = 1; break; case 'G': ctx.pcap = PCAP_OPS_SG; ops_touched = 1; break; case 'Q': ctx.cpu = -2; break; case 's': ctx.print_mode = PRINT_NONE; break; case 'q': ctx.print_mode = PRINT_LESS; break; case 'X': ctx.print_mode = (ctx.print_mode == PRINT_ASCII) ? PRINT_HEX_ASCII : PRINT_HEX; break; case 'l': ctx.print_mode = (ctx.print_mode == PRINT_HEX) ? PRINT_HEX_ASCII : PRINT_ASCII; break; case 'k': ctx.kpull = strtoul(optarg, NULL, 0); break; case 'n': frame_count_max = strtoul(optarg, NULL, 0); break; case 'F': ptr = optarg; for (j = i = strlen(optarg); i > 0; --i) { if (!isdigit(optarg[j - i])) break; ptr++; } if (!strncmp(ptr, "KiB", strlen("KiB"))) { ctx.dump_interval = 1 << 10; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "MiB", strlen("MiB"))) { ctx.dump_interval = 1 << 20; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "GiB", strlen("GiB"))) { ctx.dump_interval = 1 << 30; ctx.dump_mode = DUMP_INTERVAL_SIZE; } else if (!strncmp(ptr, "sec", strlen("sec"))) { ctx.dump_interval = 1; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "min", strlen("min"))) { ctx.dump_interval = 60; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "hrs", strlen("hrs"))) { ctx.dump_interval = 60 * 60; ctx.dump_mode = DUMP_INTERVAL_TIME; } else if (!strncmp(ptr, "s", strlen("s"))) { ctx.dump_interval = 1; ctx.dump_mode = DUMP_INTERVAL_TIME; } else { panic("Syntax error in time/size param!\n"); } ctx.dump_interval *= strtoul(optarg, NULL, 0); break; case 'V': ctx.verbose = true; break; case 'B': ctx.dump_bpf = true; break; case 'D': pcap_dump_type_features(); die(); break; case 'U': update_geoip(); die(); break; case 'w': ctx.link_type = LINKTYPE_LINUX_SLL; break; case 'v': version(); break; case 'h': help(); break; case '?': switch (optopt) { case 'd': case 'i': case 'o': case 'f': case 't': case 'P': case 'F': case 'n': case 'S': case 'b': case 'k': case 'T': case 'u': case 'g': case 'e': panic("Option -%c requires an argument!\n", optopt); default: if (isprint(optopt)) printf("Unknown option character `0x%X\'!\n", optopt); die(); } default: break; } } if (!ctx.filter && optind != argc) ctx.filter = argv2str(optind, argc, argv); if (!ctx.device_in) ctx.device_in = xstrdup("any"); register_signal(SIGINT, signal_handler); register_signal(SIGQUIT, signal_handler); register_signal(SIGTERM, signal_handler); register_signal(SIGHUP, signal_handler); tprintf_init(); if (prio_high) { set_proc_prio(-20); set_sched_status(SCHED_FIFO, sched_get_priority_max(SCHED_FIFO)); } if (device_mtu(ctx.device_in) || !strncmp("any", ctx.device_in, strlen(ctx.device_in))) { if (ctx.rfraw) setup_rfmon_mac80211_dev(&ctx, &ctx.device_in); if (!ctx.link_type) ctx.link_type = pcap_dev_to_linktype(ctx.device_in); if (link_has_sll_hdr(ctx.link_type)) { switch (ctx.magic) { case ORIGINAL_TCPDUMP_MAGIC: ctx.magic = ORIGINAL_TCPDUMP_MAGIC_LL; break; case NSEC_TCPDUMP_MAGIC: ctx.magic = NSEC_TCPDUMP_MAGIC_LL; break; case ___constant_swab32(ORIGINAL_TCPDUMP_MAGIC): ctx.magic = ___constant_swab32(ORIGINAL_TCPDUMP_MAGIC_LL); break; case ___constant_swab32(NSEC_TCPDUMP_MAGIC): ctx.magic = ___constant_swab32(NSEC_TCPDUMP_MAGIC_LL); break; } } if (!ctx.device_out) { ctx.dump = 0; main_loop = recv_only_or_dump; } else if (device_mtu(ctx.device_out)) { register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO); main_loop = receive_to_xmit; } else { ctx.dump = 1; register_signal_f(SIGALRM, timer_next_dump, SA_SIGINFO); main_loop = recv_only_or_dump; if (!ops_touched) ctx.pcap = PCAP_OPS_SG; } } else { if (ctx.device_out && device_mtu(ctx.device_out)) { register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO); main_loop = pcap_to_xmit; if (!ops_touched) ctx.pcap = PCAP_OPS_MM; } else { setsockmem = false; main_loop = read_pcap; if (!ops_touched) ctx.pcap = PCAP_OPS_SG; } } bug_on(!main_loop); init_geoip(0); if (setsockmem) set_system_socket_memory(vals, array_size(vals)); if (!ctx.enforce) xlockme(); if (ctx.verbose) printf("pcap file I/O method: %s\n", pcap_ops_group_to_str[ctx.pcap]); main_loop(&ctx); if (!ctx.enforce) xunlockme(); if (setsockmem) reset_system_socket_memory(vals, array_size(vals)); destroy_geoip(); device_restore_irq_affinity_list(); tprintf_cleanup(); destroy_ctx(&ctx); return 0; }
int main (int argc, char **argv) { int quit = 0; #if defined(__GLIBC__) setup_signal_handlers (); #endif /* command line/config options */ verify_global_config (argc, argv); parse_conf_file (&argc, &argv); parse_cmd_line (argc, argv); /* initialize storage */ init_storage (); /* setup to use the current locale */ set_locale (); #ifdef HAVE_LIBGEOIP init_geoip (); #endif /* init logger */ logger = init_log (); /* init parsing spinner */ parsing_spinner = new_gspinner (); parsing_spinner->process = &logger->process; /* outputting to stdout */ if (conf.output_html) { ui_spinner_create (parsing_spinner); goto out; } /* init curses */ set_input_opts (); if (conf.no_color || has_colors () == FALSE) { conf.color_scheme = NO_COLOR; conf.no_color = 1; } else { start_color (); } init_colors (); init_windows (&header_win, &main_win); set_curses_spinner (parsing_spinner); /* configuration dialog */ if (isatty (STDIN_FILENO) && (conf.log_format == NULL || conf.load_conf_dlg)) { refresh (); quit = verify_format (logger, parsing_spinner); } /* straight parsing */ else { ui_spinner_create (parsing_spinner); } out: /* main processing event */ time (&start_proc); if (conf.load_from_disk) set_general_stats (); else if (!quit && parse_log (&logger, NULL, -1)) FATAL ("Error while processing file"); logger->offset = logger->process; /* no valid entries to process from the log */ if ((logger->process == 0) || (logger->process == logger->invalid)) FATAL ("Nothing valid to process."); /* init reverse lookup thread */ gdns_init (); parse_initial_sort (); allocate_holder (); end_spinner (); time (&end_proc); /* stdout */ if (conf.output_html) { /* CSV */ if (conf.output_format && strcmp ("csv", conf.output_format) == 0) output_csv (logger, holder); /* JSON */ else if (conf.output_format && strcmp ("json", conf.output_format) == 0) output_json (logger, holder); /* HTML */ else output_html (logger, holder); } /* curses */ else { allocate_data (); if (!conf.skip_term_resolver) gdns_thread_create (); render_screens (); get_keys (); attroff (COLOR_PAIR (COL_WHITE)); /* restore tty modes and reset * terminal into non-visual mode */ endwin (); } /* clean */ house_keeping (); return EXIT_SUCCESS; }