int main(int argc, char *argv[]) { struct ipulog_handle *h; unsigned char* buf; int len; ulog_packet_msg_t *upkt; int i; if (argc != 4) { fprintf(stderr, "Usage: %s count group timeout\n", argv[0]); exit(1); } /* allocate a receive buffer */ buf = (unsigned char *) malloc(MYBUFSIZ); /* create ipulog handle */ h = ipulog_create_handle(ipulog_group2gmask(atoi(argv[2])),150000); if (!h) { /* if some error occurrs, print it to stderr */ ipulog_perror(NULL); exit(1); } alarm(atoi(argv[3])); /* loop receiving packets and handling them over to handle_packet */ for (i = 0; i < atoi(argv[1]); i++) { len = ipulog_read(h, buf, MYBUFSIZ, 1); if (len <= 0) { ipulog_perror("ulog_test: short read"); exit(1); } printf("%d bytes received\n", len); while (upkt = ipulog_get_packet(h, buf, len)) { handle_packet(upkt); } } /* just to give it a cleaner look */ ipulog_destroy_handle(h); return 0; }
int main(int argc, char* argv[]) { int i; /* initialize our list of static clients */ unsigned char ulogbuffer[MAXLEN]; for (i = 1; i < argc; i++) initnetworkbyhost(argv[i]); struct ipulog_handle *h = ipulog_create_handle(1, 150000); if (!h) { ipulog_perror(0); return 1; } /* set up our buffer pointer */ flowbuffer.version = VERSION; flowbuffer.packettype = PKT_VERBOSEFIREWALL; flowbuffer.reserved = 0; buffer = (struct verbosefirewall*)flowbuffer.data; buffer->base = NETBASE; buffer->mask = 16; buffer->count=0; /* create the socket for our use */ sendsock = socket(AF_INET, SOCK_DGRAM, 0); const struct sniff_ip *ip; while(1) { int len = ipulog_read(h, ulogbuffer, MAXLEN, 1); if (len <= 0) { ipulog_perror("ipulog_read returned a value less than 0"); return 2; } /* do something with packet */ /* printf("Read %i bytes:\n", len); for (i = 0; i < len; i++) { if (!(i%20)) printf("\n"); printf("%02hhX ", buffer[i]); } */ ulog_packet_msg_t *packet; while(packet = ipulog_get_packet(h, ulogbuffer, len)) { //* printf("\n"); printf("mark: %u\n", packet->mark); printf("timestamp_sec: %u\n", packet->timestamp_sec); printf("timestamp_usec: %u\n", packet->timestamp_usec); printf("hook: %u\n", packet->hook); printf("indev_name: %s\n", packet->indev_name); printf("outdev_name: %s\n", packet->outdev_name); printf("data_len: %u\n", packet->data_len); printf("prefix: %s\n", packet->prefix); printf("mac: %02hhX:%02hhX:%02hhX:%02hhX:%02hhX:%02hhX\n", packet->mac[0], packet->mac[1], packet->mac[2], packet->mac[3], packet->mac[4], packet->mac[5]); printf("\t"); // */ /* convert the prefix to an unsigned short int */ //unsigned short prefix = strtol(packet->prefix, NULL, 16); ip = (struct sniff_ip*)(&(packet->payload[0])); //void report(unsigned int src, unsigned int dst, unsigned char type, unsigned short srcport, unsigned short dstport) { struct tcp_udp * p = (struct tcp_udp*)IP_NEXT(ip); report(ntohl(ip->ip_src), ntohl(ip->ip_dst), ip->ip_p, p->srcport, p->dstport); } } }