int DissectInit(void)
{
char telnet_dir[256];
/* part of file name */
incr = 0;
/* info id */
ip_id = ProtId("ip");
ipv6_id = ProtId("ipv6");
tcp_id = ProtId("tcp");
ip_dst_id = ProtAttrId(ip_id, "ip.dst");
ip_src_id = ProtAttrId(ip_id, "ip.src");
ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
lost_id = ProtAttrId(tcp_id, "tcp.lost");
telnet_id = ProtId("telnet");
/* pei id */
pei_host_id = ProtPeiComptId(telnet_id, "host");
pei_user_id = ProtPeiComptId(telnet_id, "user");
pei_password_id= ProtPeiComptId(telnet_id, "password");
pei_cmd_id = ProtPeiComptId(telnet_id, "cmd");
/* telnet tmp directory */
sprintf(telnet_dir, "%s/%s", ProtTmpDir(), TELNET_TMP_DIR);
mkdir(telnet_dir, 0x01FF);
return 0;
}
int DissectInit(void)
{
char rtp_dir[256];
/* part of file name */
incr = 0;
/* info id */
ppp_id = ProtId("ppp");
eth_id = ProtId("eth");
ip_id = ProtId("ip");
ip_dst_id = ProtAttrId(ip_id, "ip.dst");
ip_src_id = ProtAttrId(ip_id, "ip.src");
ip_offset_id = ProtAttrId(ip_id, "ip.offset");
ipv6_id = ProtId("ipv6");
ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
udp_id = ProtId("udp");
uport_dst_id = ProtAttrId(udp_id, "udp.dstport");
uport_src_id = ProtAttrId(udp_id, "udp.srcport");
rtp_id = ProtId("rtp");
rtcp_id = ProtId("rtcp");
if (rtcp_id != -1)
rtcp_phone_id = ProtAttrId(rtcp_id, "rtcp.phone");
/* pei id */
pei_from = ProtPeiComptId(rtp_id, "from");
pei_to = ProtPeiComptId(rtp_id, "to");
pei_audio_from = ProtPeiComptId(rtp_id, "audio_from");
pei_audio_to = ProtPeiComptId(rtp_id, "audio_to");
pei_audio_mix = ProtPeiComptId(rtp_id, "audio_mix");
pei_duration = ProtPeiComptId(rtp_id, "duration");
/* rtp tmp directory */
sprintf(rtp_dir, "%s/%s", ProtTmpDir(), RTP_TMP_DIR);
mkdir(rtp_dir, 0x01FF);
return 0;
}
int DispInit(const char *cfg_file)
{
char buffer[CFG_LINE_MAX_SIZE];
char bufcpy[CFG_LINE_MAX_SIZE];
char *param;
FILE *fp;
int res, i;
LogPrintf(LV_DEBUG, "PCAP2WAV Dispatcher");
nrtp = 0;
/* read configuration file */
fp = fopen(cfg_file, "r");
if (fp == NULL) {
LogPrintf(LV_ERROR, "Config file can't be opened");
return -1;
}
res = 0;
while (fgets(buffer, CFG_LINE_MAX_SIZE, fp) != NULL) {
/* check if line is a comment */
if (!CfgParIsComment(buffer)) {
param = strstr(buffer, CFG_PAR_XDECODE);
if (param != NULL) {
res = sscanf(param, CFG_PAR_XDECODE"=%s %s", xdecode, bufcpy);
if (res > 0) {
break;
}
}
}
}
fclose(fp);
if (!res) {
strcpy(xdecode, XCLI_BASE_DIR);
}
else {
i = 0;
while (xdecode[i] != '\0' && xdecode[i] != '\0')
i++;
xdecode[i] = '\0';
}
tstart = time(NULL);
ip_id = ProtId("ip");
if (ip_id != -1) {
ip_dst_id = ProtAttrId(ip_id, "ip.dst");
ip_src_id = ProtAttrId(ip_id, "ip.src");
}
ipv6_id = ProtId("ipv6");
if (ipv6_id != -1) {
ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
}
/* pei id */
rtp_id = ProtId("rtp");
if (rtp_id != -1) {
pei_rtp_from = ProtPeiComptId(rtp_id, "from");
pei_rtp_to = ProtPeiComptId(rtp_id, "to");
pei_rtp_audio_from = ProtPeiComptId(rtp_id, "audio_from");
pei_rtp_audio_to = ProtPeiComptId(rtp_id, "audio_to");
pei_rtp_audio_mix = ProtPeiComptId(rtp_id, "audio_mix");
pei_rtp_duration = ProtPeiComptId(rtp_id, "duration");
}
/* directory for repository */
mkdir(xdecode, 0x01FF);
return 0;
}
int DissectInit(void)
{
char tmp_dir[256];
int i;
NDPI_PROTOCOL_BITMASK all;
/* part of file name */
incr = 0;
pthrs_ins = 0;
pthread_mutex_init(&pthrs_mux, NULL);
prl_thrs = xmalloc(pthrs_dim*sizeof(tca_flow *));
prl_thrs_en = xmalloc(pthrs_dim*sizeof(char));
if (prl_thrs != NULL) {
memset(prl_thrs, 0, pthrs_dim*sizeof(tca_flow *));
for (i=0; i!=pthrs_dim; i++) {
prl_thrs_en[i] = 0;
}
}
/* info id */
ppp_id = ProtId("ppp");
eth_id = ProtId("eth");
ip_id = ProtId("ip");
ipv6_id = ProtId("ipv6");
tcp_id = ProtId("tcp");
if (ip_id != -1) {
ip_dst_id = ProtAttrId(ip_id, "ip.dst");
ip_src_id = ProtAttrId(ip_id, "ip.src");
ip_offset_id = ProtAttrId(ip_id, "ip.offset");
}
if (ipv6_id != -1) {
ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
}
if (tcp_id != -1) {
port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
lost_id = ProtAttrId(tcp_id, "tcp.lost");
syn_id = ProtAttrId(tcp_id, "tcp.syn");
}
tcp_ca_id = ProtId("tcp-ca");
/* pei id */
pei_ip_src_id = ProtPeiComptId(tcp_ca_id, "ip.src");
pei_ip_dst_id = ProtPeiComptId(tcp_ca_id, "ip.dst");
pei_dns_id = ProtPeiComptId(tcp_ca_id, "dns");
pei_port_src_id = ProtPeiComptId(tcp_ca_id, "port.src");
pei_port_dst_id = ProtPeiComptId(tcp_ca_id, "port.dst");
pei_l7protocol_id = ProtPeiComptId(tcp_ca_id, "l7prot");
pei_lat_id = ProtPeiComptId(tcp_ca_id, "lat");
pei_long_id = ProtPeiComptId(tcp_ca_id, "long");
pei_country_code_id = ProtPeiComptId(tcp_ca_id, "country_code");
pei_bsent_id = ProtPeiComptId(tcp_ca_id, "byte.sent");
pei_brecv_id = ProtPeiComptId(tcp_ca_id, "byte.receiv");
pei_blost_sent_id = ProtPeiComptId(tcp_ca_id, "byte.lost.sent");
pei_blost_recv_id = ProtPeiComptId(tcp_ca_id, "byte.lost.receiv");
pei_pkt_sent_id = ProtPeiComptId(tcp_ca_id, "pkt.sent");
pei_pkt_recv_id = ProtPeiComptId(tcp_ca_id, "pkt.receiv");
pei_trace_sent = ProtPeiComptId(tcp_ca_id, "trace.sent");
pei_trace_recv = ProtPeiComptId(tcp_ca_id, "trace.receiv");
pei_metadata = ProtPeiComptId(tcp_ca_id, "metadata");
pei_trace_img = ProtPeiComptId(tcp_ca_id, "trace.img");
/* tmp directory */
sprintf(tmp_dir, "%s/%s", ProtTmpDir(), TCP_CA_TMP_DIR);
mkdir(tmp_dir, 0x01FF);
/* ndpi */
ndpi = ndpi_init_detection_module();
if (ndpi == NULL) {
LogPrintf(LV_ERROR, "nDPi initializzation failed");
return -1;
}
/* enable all protocols */
NDPI_BITMASK_SET_ALL(all);
ndpi_set_protocol_detection_bitmask2(ndpi, &all);
ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
ndpi_flow_struct_size = ndpi_detection_get_sizeof_ndpi_flow_struct();
return 0;
}
int DissectInit(void)
{
char tmp_dir[256];
unsigned short i;
NDPI_PROTOCOL_BITMASK all;
/* part of file name */
incr = 0;
incr_dig = 0;
/* info id */
ppp_id = ProtId("ppp");
eth_id = ProtId("eth");
ip_id = ProtId("ip");
ipv6_id = ProtId("ipv6");
tcp_id = ProtId("tcp");
if (ip_id != -1) {
ip_dst_id = ProtAttrId(ip_id, "ip.dst");
ip_src_id = ProtAttrId(ip_id, "ip.src");
ip_offset_id = ProtAttrId(ip_id, "ip.offset");
}
if (ipv6_id != -1) {
ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
}
if (tcp_id != -1) {
port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
lost_id = ProtAttrId(tcp_id, "tcp.lost");
}
tcp_grb_id = ProtId("tcp-grb");
/* pei id */
pei_l7protocol_id = ProtPeiComptId(tcp_grb_id, "l7prot");
pei_txt_id = ProtPeiComptId(tcp_grb_id, "txt");
pei_size_id = ProtPeiComptId(tcp_grb_id, "size");
pei_file_id = ProtPeiComptId(tcp_grb_id, "file");
pei_file_type_id = ProtPeiComptId(tcp_grb_id, "ftype");
/* tmp directory */
sprintf(tmp_dir, "%s/%s", ProtTmpDir(), TCP_GRB_TMP_DIR);
mkdir(tmp_dir, 0x01FF);
/* init dig */
if (enable_dig) {
for (i=0; i!=dig_type_dim; i++) {
if (!dig_tbl[i].sreg && dig_tbl[i].starttxt != NULL) {
dig_tbl[i].start = strdup(dig_tbl[i].starttxt);
if (dig_tbl[i].start == NULL) {
LogPrintf(LV_FATAL, "No memory!");
return -1;
}
dig_tbl[i].slen = TcpGrbDigConvert(dig_tbl[i].start);
}
if (!dig_tbl[i].ereg && dig_tbl[i].endtxt != NULL) {
dig_tbl[i].end = strdup(dig_tbl[i].endtxt);
if (dig_tbl[i].end == NULL) {
LogPrintf(LV_FATAL, "No memory!");
return -1;
}
dig_tbl[i].elen = TcpGrbDigConvert(dig_tbl[i].end);
}
//printf("File %s slen:%i elen: %i\n", dig_tbl[i].ename, dig_tbl[i].slen, dig_tbl[i].elen);
}
}
/* ndpi */
pthread_mutex_init(&ndpi_mux, NULL);
ndpi = ndpi_init_detection_module(NDPI_TICK_RES, nDPImalloc, nDPIfree, nDPIPrintf);
if (ndpi == NULL) {
LogPrintf(LV_ERROR, "nDPi initializzation failed");
return -1;
}
/* enable all protocols */
NDPI_BITMASK_SET_ALL(all);
ndpi_set_protocol_detection_bitmask2(ndpi, &all);
ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
ndpi_flow_struct_size = ndpi_detection_get_sizeof_ndpi_flow_struct();
return 0;
}