int main(int argc, char **argv) { get_sys_info(f[0],10); usleep(600000); size_mac=sizeof(struct ether_header); size_ip=sizeof(struct ip); /////////////////////////////////// signal(SIGINT, sigproc); signal(SIGTERM, sigproc); signal(SIGINT, sigproc); //perror("what's wrong\n"); //init_loop(&shmp,&shmid,shmpath); //init_loop(&shmp,&shmid,shmpath1); int i; char buf[256]; initBCBuff(); printf("1111111111111111\n"); for(i=0;i<snortnum;++i)//create shm { losep[i]=0LL; sprintf(buf,"%s",shmpath); //puts(buf); init_loop(&shmp[i],&shmid[i],buf,i); } hb=init_HB(HB_MAX); init_free_link(FREE_NODE); init_BC();//the cache for the pro classificationd printf("EIinit bc\n"); init_patterns(); int sockfd; struct pcap_pkthdr pkthdr; if ((sockfd = socket (PF_PACKET, SOCK_RAW, htons (ETH_P_ALL))) < 0) { printf ("create socket failed\n"); return -1; } if (0 != set_promisc ("eth0", sockfd)) { printf ("Failed to set interface promisc mode\n"); } unsigned char buffer[65535] = {0}; while (1) { //memset (&packet, 0x0, sizeof (packet)); memset (buffer, 0x0, sizeof (buffer)); pkthdr.caplen = recvfrom (sockfd, buffer, sizeof (buffer), 0, NULL, NULL); my_callback(NULL,&pkthdr,buffer); } return 0; }
void global_setup( int use_random, int hash_bits ) { FILE *log_file; time_t timer; /* Clear the log file. No error handling done. */ #if defined(ANDROID) sprintf(log_file_path, "%s/%s", android_files_dir, LOG_FILE_NAME); #elif defined(__linux__) strcpy( log_file_path, LOG_FILE_NAME ); #else char directory_buffer[MAX_PATH_LENGTH]; getcwd( directory_buffer, MAX_PATH_LENGTH ); if ( directory_buffer[strlen( directory_buffer ) - 1] == '\\' ) sprintf( log_file_path, "%s%s", directory_buffer, LOG_FILE_NAME ); else sprintf( log_file_path, "%s\\%s", directory_buffer, LOG_FILE_NAME ); #endif if ( use_log_file ) { log_file = fopen( log_file_path, "w" ); if ( log_file != NULL ) { time( &timer ); fprintf( log_file, "%s %s\n", LOG_TEXT, ctime( &timer ) ); fprintf( log_file, "%s %s %s\n", ENGINE_TEXT, __DATE__, __TIME__ ); fclose( log_file ); } } if ( use_random ) { time( &timer ); my_srandom( timer ); } else my_srandom( 1 ); init_hash( hash_bits ); init_bitboard(); init_moves(); init_patterns(); init_coeffs(); init_timer(); init_probcut(); init_stable(); setup_search(); }
int main(int argc, char* argv[]) { char *dev; /* name of the device to use */ char *net; /* dot notation of the network address */ char *mask;/* dot notation of the network mask */ int ret; /* return code */ //const u_char *packet; pcap_t* descr; /*you can man it*/ char errbuf[PCAP_ERRBUF_SIZE]; bpf_u_int32 netp; /* ip */ bpf_u_int32 maskp;/* subnet mask */ struct in_addr addr; /* ask pcap to find a valid device for use to sniff on */ dev = pcap_lookupdev(errbuf); /* error checking */ if(dev == NULL) { printf("%s\n",errbuf); exit(1); } /* print out device name */ printf("DEV: %s\n",dev); /* ask pcap for the network address and mask of the device */ /* ret = pcap_lookupnet(dev,&netp,&maskp,errbuf); if(ret == -1) { printf("%s\n",errbuf); exit(1); } */ /* get the network address in a human readable form */ // addr.s_addr = netp; // net = inet_ntoa(addr); /* if(net == NULL)// thanks Scott :-P { perror("inet_ntoa"); exit(1); } printf("NET: %s\n",net); // do the same as above for the device's mask addr.s_addr = maskp; mask = inet_ntoa(addr); if(mask == NULL) { perror("inet_ntoa"); exit(1); }*/ signal(SIGINT, sigproc); signal(SIGTERM, sigproc); signal(SIGINT, sigproc); printf("MASK: %s\n",mask); size_mac=sizeof(struct ether_header); size_ip=sizeof(struct ip); //char *filename="/dev/shm/get.pcap"; //char *filename="./get.pcap"; //char *filename="/run/shm/http.pcap"; initBCBuff(); /* pthread_t my_thread; if(pthread_create(&my_thread, NULL, threadclass, NULL)!=0) { msg("Ecreate thread error\n"); exit(0); } */ /// msg("kkkkkkkkkkkkk\n"); int i; #if 1 #define MAX_FILE 4 char filenameA[MAX_FILE+1][200]={{"/run/shm/http.pcap"},{"/run/shm/ftp.pcap"},{"/run/shm/pop3.pcap"},{"/run/shm/smtp.pcap"},{""}}; //char filenameA[MAX_FILE+1][200]={{"/run/shm/http.pcap"},{""}}; //char *filename="./exam-for/ftp.pcap"; char *filename; printf("EIinit hb\n"); hb=init_HB(HB_MAX); init_free_link(FREE_NODE); init_BC();//the cache for the pro classificationd printf("EIinit bc\n"); init_patterns(); msg("hhhhhh\n"); DELAY_INI(); NS_TIME_START(time); int num=0; int kk=0; again: filename= filenameA[num]; // msg("kk=%d\n",kk); num=(num+1)%MAX_FILE; if(kk==100000) goto endk; ++kk; descr =pcap_open_offline(filename, errbuf); if(descr == NULL) { printf("pcap_open_live(): %s\n",errbuf); exit(1); } ///////////////////////////// DELAY(DELAY_NS); pcap_loop(descr,-1,my_callback,NULL); //printf("llllllllllllll\n"); pcap_close(descr); goto again; endk: exitflag=1; //sem_post(&bin_sem); NS_TIME_END(time); msg("\n===================%d\n\n",kk); for(i=0;i<PRO_MAX+2;++i) { printf("%s:%lld\n",pro_map[i],pronum[i]); } printf("losepacket=%lld\n",losepacket); //speed(NS_GET_TIMEP(time),count+sum,firstlen); speed1(NS_GET_TIMEP(time),packet_num,packet_len); speed2(NS_GET_TIMEP(time),packet_num,packet_len,100000,DELAY_NS); #else int fd=open(filename,O_RDONLY); if(fd<=0) perror("open error\n"); //unsigned char buf struct pcap_pkthdr head; u_char buf[3000]; int headlen=sizeof(struct pcap_file_header); int phead=sizeof(struct pcap_pkthdr); //while(read(fd,&head,sizeof())) NS_TIME_START(time); printf("EIinit hb\n"); hb=init_HB(HB_MAX); init_free_link(FREE_NODE); init_BC();//the cache for the pro classificationd printf("EIinit bc\n"); init_patterns(); //msg("EISpppppppppp"); while(1) { lseek(fd,headlen,SEEK_SET); //read(fd,buf,headlen); while(read(fd,&head,phead)) { //printf("lllll\n"); read(fd,buf,head.caplen); my_callback(NULL,&head,buf); //printf("%d\n",head.caplen); } } #endif //pthread_join(my_thread, NULL); ///////////////////////////////////////////////////// return 0; }
int main(int argc, char **argv) { char *dev; /* name of the device to use */ char *net; /* dot notation of the network address */ char *mask;/* dot notation of the network mask */ int ret; /* return code */ //const u_char *packet; pcap_t* descr; /*you can man it*/ char errbuf[PCAP_ERRBUF_SIZE]; bpf_u_int32 netp; /* ip */ bpf_u_int32 maskp;/* subnet mask */ struct in_addr addr; initBCBuff(); /* ask pcap to find a valid device for use to sniff on */ dev = pcap_lookupdev(errbuf); /* error checking */ if(dev == NULL) { printf("%s\n",errbuf); exit(1); } /* print out device name */ printf("DEV: %s\n",dev); /* ask pcap for the network address and mask of the device */ ret = pcap_lookupnet(dev,&netp,&maskp,errbuf); if(ret == -1) { printf("%s\n",errbuf); exit(1); } /* get the network address in a human readable form */ addr.s_addr = netp; net = inet_ntoa(addr); if(net == NULL)/* thanks Scott :-P */ { perror("inet_ntoa"); exit(1); } printf("NET: %s\n",net); /* do the same as above for the device's mask */ addr.s_addr = maskp; mask = inet_ntoa(addr); if(mask == NULL) { perror("inet_ntoa"); exit(1); } printf("MASK: %s\n",mask); //descr = pcap_open_live(dev,65536,1 ,0,errbuf); descr = pcap_open_live(dev,MAX_BUFFER_FOR_PACKET,1 ,0,errbuf); // descr = pcap_open_live(NULL,BUFSIZ,1 ,0,errbuf); if(descr == NULL) { printf("pcap_open_live(): %s\n",errbuf); exit(1); } //printf("pcap:%d\n",descr->bufsize); get_sys_info(f[0],10); usleep(600000); size_mac=sizeof(struct ether_header); size_ip=sizeof(struct ip); /////////////////////////////////// signal(SIGINT, sigproc); signal(SIGTERM, sigproc); signal(SIGINT, sigproc); //perror("what's wrong\n"); //init_loop(&shmp,&shmid,shmpath); //init_loop(&shmp,&shmid,shmpath1); int i; char buf[256]; printf("1111111111111111\n"); for(i=0;i<snortnum;++i)//create shm { losep[i]=0LL; sprintf(buf,"%s",shmpath); //puts(buf); init_loop(&shmp[i],&shmid[i],buf,i); } ////////////// //compile ac dfa /////////////// printf("EIinit hb\n"); hb=init_HB(HB_MAX); init_free_link(FREE_NODE); init_BC();//the cache for the pro classificationd printf("EIinit bc\n"); init_patterns(); //msg("EISpppppppppp"); pcap_loop(descr,-1,my_callback,NULL); ///////////////////////////////////// //pthread_join(threadid,NULL); printf("aaaaaaa\n"); return 0; }