int main (int argc, char *argv[]) { char errbuf[PCAP_ERRBUF_SIZE]; pcap_t *dh; struct bpf_program filter; char filter_app[] = "ip and tcp"; bpf_u_int32 mask; bpf_u_int32 net; struct pcap_pkthdr header; const u_char *packet; if (parse_config (argv[0])) { printf ("Failed to parse config file, leaving\n"); return -1; } if (process_parms (argc,argv)) { printf ("Bad parameters, leaving\n"); return -1; } if (devname==NULL) { #ifdef WIN32 printf ("A device number is required. Run with -list to get a list.\n"); #else printf ("A device name (such as eth0) is required\n"); #endif exit (-1); } if (daemonize && debuglogdir[0]==0) { printf ("In daemon mode at least a debug log directory (-dd) must be used\n"); exit (-1); } #ifndef WIN32 if (daemonize) { switch (go_daemon()) { case -1: daemonize=0; log_debug (0, "Failed to become a daemon!"); exit (-1); case 1: // We are the parent. Exit and let the child on its own exit (0); case 0: log_debug (3, "Successfully became a daemon."); break; default: daemonize=0; log_debug (0, "This is a bug!"); exit (-1); } } #endif #ifdef WIN32 pcap_if_t *alldevs; int inum = atoi (devname); if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1) { fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf); exit(1); } int devnum=0; pcap_if_t *d; for(d=alldevs; d; d=d->next) { devnum++; printf("%d. %s", devnum, d->name); if (d->description) printf(" (%s)\n", d->description); else printf(" (No description available)\n"); } if(devnum==0) { printf("\nNo interfaces found! Make sure WinPcap is installed.\n"); return -1; } if(inum < 1 || inum > devnum) { printf("\nInterface number out of range.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* Jump to the selected adapter */ for(d=alldevs, devnum=0; devnum< inum-1 ;d=d->next, devnum++) {;} strcpymalloc ( (u_char **) &devname, (u_char *) d->name); #endif log_debug (3, "Getting address and mask for device %s...",devname); if (pcap_lookupnet(devname, &net, &mask, errbuf)==-1) { log_debug (0, "error [%s]",errbuf); exit (-1); } log_debug (3, "OK"); log_debug (3, "Opening device..."); #ifdef WIN32 /* At this point, we don't need any more the device list. Free it */ dh = pcap_open (devname, 65535, promisc?PCAP_OPENFLAG_PROMISCUOUS:0, 1000, NULL, errbuf); pcap_freealldevs(alldevs); #else // dh = pcap_open_live (devname, 65535, promisc, 1000, errbuf); dh = pcap_open_offline(input_file, errbuf); #endif if (dh==NULL) { log_debug (0, "error [%s]",errbuf); exit (-1); } log_debug (3, "OK"); if (data_offset == -1) /* User didn't force an offset, try to find out */ { char *dln; log_debug (3, "Checking datalink type..."); if (get_datalink_info (dh, &dln, &data_offset)) { log_debug (0, "not supported. Please play with the -offset option (see docs)"); exit (-1); } log_debug (3, "OK, %s, offset = %d", dln, data_offset); } else { log_debug (1, "Using an user defined offset [%d], for datalink type [%d], good luck!", data_offset, get_datalink_type(dh)); } log_debug (3, "Compiling filter [%s]...",filter_app); if (pcap_compile(dh, &filter, filter_app, 0, net)==-1) { log_debug (0, "error [%s]",errbuf); exit (-1); } log_debug (3, "OK"); log_debug (3, "Setting filter..."); if (pcap_setfilter(dh, &filter)==-1) { log_debug (0, "error [%s]",errbuf); exit (-1); } log_debug (3, "OK"); log_debug (3, "Entering capture loop..."); if (chatlogdir[0]!=0) #ifdef WIN32 mkdir (chatlogdir); #else mkdir (chatlogdir,0700); #endif if (debuglogdir[0]!=0) #ifdef WIN32 mkdir (debuglogdir); #else mkdir (debuglogdir,0700); #endif long packet_count = 0; while (1) { packet = pcap_next(dh, &header); if (packet==NULL) { log_debug (5, "No packet received"); continue; } process_packet (++packet_count, &header,packet); } }
void read_file (FILE *f) { long length; fseek (f, 0, SEEK_END); length = ftell (f); fseek (f, 0, SEEK_SET); char *data = (char *) malloc (length + 1); fread (data, 1, length, f); fclose (f); data[length]=0; char *c = data; int line = 1; while (c< (data + length)) { while (*c && (*c=='\n' || *c=='\r')) c++; if (!*c) break; char *d = strchr (c, '\n'); if (d == NULL) d= strchr (c, '\r'); if (d != NULL) *d = 0; char *next = c+strlen (c)+1; d = strchr (c, '#'); if (d != NULL) *d = 0; d= strchr (c, '='); if (d != NULL) *d = ' '; if (get_tokens((u_char*) c, &line_tokens, 0)==2) { log_debug (0, "Parsing %s", c); u_char *s = line_tokens[0]; while (*s) { *s=tolower (*s); s++; } if (strcmp ((char *) line_tokens[0], "chatdir")==0) { strncpy (chatlogdir, (char *) line_tokens[1], MAX_DIR_LENGTH); chatlogdir[MAX_DIR_LENGTH]=0; log_debug (0, "chatdir = %s", chatlogdir); } if (strcmp ((char *) line_tokens[0], "debugdir")==0) { strncpy (debuglogdir, (char *) line_tokens[1], MAX_DIR_LENGTH); debuglogdir[MAX_DIR_LENGTH]=0; log_debug (0, "debuglogdir = %s", debuglogdir); } #ifndef WIN32 if (strcmp ((char *) line_tokens[0], "daemonize")==0) { daemonize=atoi ((char *) line_tokens[1]); log_debug (0, "daemonize = %d", daemonize); } #endif if (strncmp ((char *) line_tokens[0], "promisc", 7)==0) { promisc=atoi ((char *) line_tokens[1]); log_debug (0, "promisc = %d", daemonize); } if (strcmp ((char *) line_tokens[0], "verbose")==0) { debug_level=atoi ((char *) line_tokens[1]); log_debug (0, "verbose = %d", debug_level); } if (strcmp ((char *) line_tokens[0], "data_offset")==0) { data_offset=atoi ((char *) line_tokens[1]); log_debug (0, "data_offset = %d", data_offset); } if (strcmp ((char *) line_tokens[0], "interface")==0) { strcpymalloc((u_char **) &devname, line_tokens[1]); log_debug (0, "interface = %s", devname); } } else { log_debug (0, "Skipping %s", c); } c=next; line++; } free (data); }
void read_file (FILE *f) { long length; fseek (f, 0, SEEK_END); length = ftell (f); fseek (f, 0, SEEK_SET); char *data = (char *) malloc (length + 1); fread (data, 1, length, f); fclose (f); data[length]=0; char *c = data; int line = 1; int param = 1; while (c< (data + length)) { while (*c && (*c=='\n' || *c=='\r')) c++; if (!*c) break; char *d = strchr (c, '\n'); if (d == NULL) d= strchr (c, '\r'); if (d != NULL) *d = 0; char *next = c+strlen (c)+1; d = strchr (c, '#'); if (d != NULL) *d = 0; d= strchr (c, '='); if (d != NULL) *d = ' '; if (get_tokens((u_char*) c, &line_tokens, 0)==2) { log_debug (0, "Parsing %s", c); u_char *s = line_tokens[0]; while (*s) { *s=tolower (*s); s++; } if (strcmp ((char *) line_tokens[0], "chatdir")==0) { // Include date informations into chatlogdir strncpy (auxchatlogdir, (char *) line_tokens[1], MAX_DIR_LENGTH); strncpy (debuglogdir, (char *) line_tokens[1], MAX_DIR_LENGTH); auxchatlogdir[MAX_DIR_LENGTH]=0; debuglogdir[MAX_DIR_LENGTH]=0; date_logchat(auxchatlogdir); strcpy (debuglogdir,auxchatlogdir); strcat (debuglogdir,"/debug"); log_debug (0, "chatdir = %s", chatlogdir); } if (strcmp ((char *) line_tokens[0], "daemonize")==0) { daemonize=atoi ((char *) line_tokens[1]); log_debug (0, "daemonize = %d", daemonize); } if (strncmp ((char *) line_tokens[0], "promisc", 7)==0) { promisc=atoi ((char *) line_tokens[1]); log_debug (0, "promisc = %d", daemonize); } if (strcmp ((char *) line_tokens[0], "verbose")==0) { debug_level=atoi ((char *) line_tokens[1]); log_debug (0, "verbose = %d", debug_level); } if (strcmp ((char *) line_tokens[0], "data_offset")==0) { data_offset=atoi ((char *) line_tokens[1]); log_debug (0, "data_offset = %d", data_offset); } if (strcmp ((char *) line_tokens[0], "interface")==0) { strcpymalloc((u_char **) &devname, line_tokens[1]); log_debug (0, "interface = %s", devname); } if (strcmp ((char *) line_tokens[0], "proxy")==0) { strcpy (proxy_addr,(const char *) line_tokens[1]); log_debug (0, "Proxy address = %s", proxy_addr); } if (strcmp ((char *) line_tokens[0], "filter")==0) { strcat(filter_app, " and ("); while(line_tokens[param]) { strcat(filter_app, " "); strcat(filter_app, (const char *) line_tokens[param]); param++; } strcat(filter_app, " )"); use_filter = 1; if (param < 3) printf("Incomplete filter: %s \n\n", filter_app); log_debug (0, "Pcap filter = %s", filter_app); } } else { log_debug (0, "Skipping %s", c); } c=next; line++; } free (data); }
int process_parms (int argc, char *argv[]) { int i=1; while (i<argc) { if (strcmp (argv[i], "-help")==0 || strchr (argv[i],'?')) { show_help (); exit (-1); } #ifdef WIN32 if (strcmp (argv[i], "-list")==0) { list_devices (); exit (-1); } #endif if (strcmp (argv[i], "-cd")==0) { if (i==argc-1) { printf ("-cd requires a parameter.\n"); return -1; } strcpy (chatlogdir,argv[i+1]); i++; } else if (strcmp (argv[i], "-dd")==0) { if (i==argc-1) { printf ("-dd requires a parameter.\n"); return -1; } strcpy (debuglogdir,argv[i+1]); i++; } else if (strcmp (argv[i], "-d")==0) { daemonize=1; } else if (strcmp (argv[i], "-p")==0) { promisc=1; } else if (strncmp (argv[i],"-v",2)==0) { int v=0; for (char *c=argv[i];*c;c++) if (*c=='v') v++; debug_level=v; } else if (strcmp (argv[i], "-offset")==0) { if (i==argc-1) { printf ("-offset requires a parameter.\n"); return -1; } data_offset=atoi (argv[i+1]); i++; } else if (strcmp (argv[i], "-if")==0) { if (i==argc-1) { printf ("-if requires you to specify an input file.\n"); return -1; } strcpy (input_file,argv[i+1]); i++; } else { if (argv[i][0]!='-') { strcpymalloc((u_char **) &devname, (u_char *) argv[i]); } } i++; } return 0; }
int process_parms (int argc, char *argv[]) { int i=1, j=0; while (i<argc) { if (strcmp (argv[i], "-help")==0 || strchr (argv[i],'?')) { show_help (); exit (-1); } if (strcmp (argv[i], "-filter")==0) { int countf = 0; strcat(filter_app, " and ("); for (j = i + 1; j < argc && argv[j][0] != '-'; j++) { strcat(filter_app, " "); strcat(filter_app, argv[j]); countf++; i++; } strcat(filter_app, " )"); if (countf < 1) { printf("Incomplete filter: %s \n\n", filter_app); return -1; } use_filter = 1; } if (strcmp (argv[i], "-proxy")==0) { if (i==argc-1) { printf ("-proxy requires a parameter.\n"); return -1; } strcpy (proxy_addr,argv[i+1]); i++; } else if (strcmp (argv[i], "-cd")==0) { if (i==argc-1) { printf ("-cd requires a parameter.\n"); return -1; } // Include date informations into chatlogdir strcpy (auxchatlogdir,argv[i+1]); strcpy (debuglogdir,argv[i+1]); strcat (debuglogdir,"/debug"); date_logchat(auxchatlogdir); i++; } else if (strcmp (argv[i], "-d")==0) { daemonize=1; } else if (strcmp (argv[i], "-p")==0) { promisc=1; } else if (strncmp (argv[i],"-v",2)==0) { int v=0; for (char *c=argv[i];*c;c++) if (*c=='v') v++; debug_level=v; } else if (strcmp (argv[i], "-offset")==0) { if (i==argc-1) { printf ("-offset requires a parameter.\n"); return -1; } data_offset=atoi (argv[i+1]); i++; } else if (strcmp (argv[i], "-i")==0) { strcpymalloc((u_char **) &devname, (u_char *) argv[i+1]); i++; } i++; } return 0; }