Exemple #1
0
int DissectInit(void)
{
    char telnet_dir[256];

    /* part of file name */
    incr = 0;

    /* info id */
    ip_id = ProtId("ip");
    ipv6_id = ProtId("ipv6");
    tcp_id = ProtId("tcp");
    ip_dst_id = ProtAttrId(ip_id, "ip.dst");
    ip_src_id = ProtAttrId(ip_id, "ip.src");
    ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
    ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
    port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
    port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
    lost_id = ProtAttrId(tcp_id, "tcp.lost");
    telnet_id = ProtId("telnet");

    /* pei id */
    pei_host_id = ProtPeiComptId(telnet_id, "host");
    pei_user_id = ProtPeiComptId(telnet_id, "user");
    pei_password_id= ProtPeiComptId(telnet_id, "password");
    pei_cmd_id = ProtPeiComptId(telnet_id, "cmd");

    /* telnet tmp directory */
    sprintf(telnet_dir, "%s/%s", ProtTmpDir(), TELNET_TMP_DIR);
    mkdir(telnet_dir, 0x01FF);

    return 0;
}
Exemple #2
0
int DissectInit(void)
{
    char rtp_dir[256];
    
    /* part of file name */
    incr = 0;

    /* info id */
    ppp_id = ProtId("ppp");
    eth_id = ProtId("eth");
    ip_id = ProtId("ip");
    ip_dst_id = ProtAttrId(ip_id, "ip.dst");
    ip_src_id = ProtAttrId(ip_id, "ip.src");
    ip_offset_id = ProtAttrId(ip_id, "ip.offset");
    ipv6_id = ProtId("ipv6");
    ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
    ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
    ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
    udp_id = ProtId("udp");
    uport_dst_id = ProtAttrId(udp_id, "udp.dstport");
    uport_src_id = ProtAttrId(udp_id, "udp.srcport");
    rtp_id = ProtId("rtp");
    rtcp_id = ProtId("rtcp");
    if (rtcp_id != -1)
        rtcp_phone_id = ProtAttrId(rtcp_id, "rtcp.phone");
 
    /* pei id */
    pei_from = ProtPeiComptId(rtp_id, "from");
    pei_to = ProtPeiComptId(rtp_id, "to");
    pei_audio_from = ProtPeiComptId(rtp_id, "audio_from");
    pei_audio_to = ProtPeiComptId(rtp_id, "audio_to");
    pei_audio_mix = ProtPeiComptId(rtp_id, "audio_mix");
    pei_duration = ProtPeiComptId(rtp_id, "duration");

    /* rtp tmp directory */
    sprintf(rtp_dir, "%s/%s", ProtTmpDir(), RTP_TMP_DIR);
    mkdir(rtp_dir, 0x01FF);

    return 0;
}
Exemple #3
0
int DispInit(const char *cfg_file)
{
    char buffer[CFG_LINE_MAX_SIZE];
    char bufcpy[CFG_LINE_MAX_SIZE];
    char *param;
    FILE *fp;
    int res, i;

    LogPrintf(LV_DEBUG, "PCAP2WAV Dispatcher");

    nrtp = 0;

    /* read configuration file */
    fp = fopen(cfg_file, "r");
    if (fp == NULL) {
        LogPrintf(LV_ERROR, "Config file can't be opened");
        return -1;
    }
    res = 0;
    while (fgets(buffer, CFG_LINE_MAX_SIZE, fp) != NULL) {
        /* check if line is a comment */
        if (!CfgParIsComment(buffer)) {
            param = strstr(buffer, CFG_PAR_XDECODE);
            if (param != NULL) {
                res = sscanf(param, CFG_PAR_XDECODE"=%s %s", xdecode, bufcpy);
                if (res > 0) {
                    break;
                }
            }
        }
    }
    fclose(fp);
    if (!res) {
        strcpy(xdecode, XCLI_BASE_DIR);
    }
    else {
        i = 0;
        while (xdecode[i] != '\0' && xdecode[i] != '\0')
            i++;
        xdecode[i] = '\0';
    }
    
    tstart = time(NULL);
    
    ip_id = ProtId("ip");
    if (ip_id != -1) {
        ip_dst_id = ProtAttrId(ip_id, "ip.dst");
        ip_src_id = ProtAttrId(ip_id, "ip.src");
    }
    ipv6_id = ProtId("ipv6");
    if (ipv6_id != -1) {
        ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
        ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
    }

    /* pei id */
    rtp_id = ProtId("rtp");
    if (rtp_id != -1) {
        pei_rtp_from = ProtPeiComptId(rtp_id, "from");
        pei_rtp_to = ProtPeiComptId(rtp_id, "to");
        pei_rtp_audio_from = ProtPeiComptId(rtp_id, "audio_from");
        pei_rtp_audio_to = ProtPeiComptId(rtp_id, "audio_to");
        pei_rtp_audio_mix = ProtPeiComptId(rtp_id, "audio_mix");
        pei_rtp_duration = ProtPeiComptId(rtp_id, "duration");
    }
    
    /* directory for repository */
    mkdir(xdecode, 0x01FF);

    return 0;
}
Exemple #4
0
int DissectInit(void)
{
    char tmp_dir[256];
    int i;
    NDPI_PROTOCOL_BITMASK all;

    /* part of file name */
    incr = 0;
    pthrs_ins = 0;
    pthread_mutex_init(&pthrs_mux, NULL);
    
    prl_thrs = xmalloc(pthrs_dim*sizeof(tca_flow *));
    prl_thrs_en = xmalloc(pthrs_dim*sizeof(char));
    if (prl_thrs != NULL) {
        memset(prl_thrs, 0, pthrs_dim*sizeof(tca_flow *));
        for (i=0; i!=pthrs_dim; i++) {
            prl_thrs_en[i] = 0;
        }
    }
    
    /* info id */
    ppp_id = ProtId("ppp");
    eth_id = ProtId("eth");
    ip_id = ProtId("ip");
    ipv6_id = ProtId("ipv6");
    tcp_id = ProtId("tcp");
    if (ip_id != -1) {
        ip_dst_id = ProtAttrId(ip_id, "ip.dst");
        ip_src_id = ProtAttrId(ip_id, "ip.src");
        ip_offset_id = ProtAttrId(ip_id, "ip.offset");
    }
    if (ipv6_id != -1) {
        ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
        ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
        ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
    }
    if (tcp_id != -1) {
        port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
        port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
        lost_id = ProtAttrId(tcp_id, "tcp.lost");
        syn_id = ProtAttrId(tcp_id, "tcp.syn");
    }
    tcp_ca_id = ProtId("tcp-ca");
    
    /* pei id */
    pei_ip_src_id = ProtPeiComptId(tcp_ca_id, "ip.src");
    pei_ip_dst_id = ProtPeiComptId(tcp_ca_id, "ip.dst");
    pei_dns_id = ProtPeiComptId(tcp_ca_id, "dns");
    pei_port_src_id = ProtPeiComptId(tcp_ca_id, "port.src");
    pei_port_dst_id = ProtPeiComptId(tcp_ca_id, "port.dst");
    pei_l7protocol_id = ProtPeiComptId(tcp_ca_id, "l7prot");
    pei_lat_id = ProtPeiComptId(tcp_ca_id, "lat");
    pei_long_id = ProtPeiComptId(tcp_ca_id, "long");
    pei_country_code_id = ProtPeiComptId(tcp_ca_id, "country_code");
    pei_bsent_id = ProtPeiComptId(tcp_ca_id, "byte.sent");
    pei_brecv_id = ProtPeiComptId(tcp_ca_id, "byte.receiv");
    pei_blost_sent_id = ProtPeiComptId(tcp_ca_id, "byte.lost.sent");
    pei_blost_recv_id = ProtPeiComptId(tcp_ca_id, "byte.lost.receiv");
    pei_pkt_sent_id = ProtPeiComptId(tcp_ca_id, "pkt.sent");
    pei_pkt_recv_id = ProtPeiComptId(tcp_ca_id, "pkt.receiv");
    pei_trace_sent = ProtPeiComptId(tcp_ca_id, "trace.sent");
    pei_trace_recv = ProtPeiComptId(tcp_ca_id, "trace.receiv");
    pei_metadata = ProtPeiComptId(tcp_ca_id, "metadata");
    pei_trace_img = ProtPeiComptId(tcp_ca_id, "trace.img");

    /* tmp directory */
    sprintf(tmp_dir, "%s/%s", ProtTmpDir(), TCP_CA_TMP_DIR);
    mkdir(tmp_dir, 0x01FF);

    /* ndpi */
    ndpi = ndpi_init_detection_module();
    if (ndpi == NULL) {
        LogPrintf(LV_ERROR, "nDPi initializzation failed");

        return -1;
    }
    /* enable all protocols */
    NDPI_BITMASK_SET_ALL(all);
    ndpi_set_protocol_detection_bitmask2(ndpi, &all);
    ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
    ndpi_flow_struct_size = ndpi_detection_get_sizeof_ndpi_flow_struct();

    return 0;
}
Exemple #5
0
int DissectInit(void)
{
    char tmp_dir[256];
    unsigned short i;
    NDPI_PROTOCOL_BITMASK all;

    /* part of file name */
    incr = 0;
    incr_dig = 0;

    /* info id */
    ppp_id = ProtId("ppp");
    eth_id = ProtId("eth");
    ip_id = ProtId("ip");
    ipv6_id = ProtId("ipv6");
    tcp_id = ProtId("tcp");
    if (ip_id != -1) {
        ip_dst_id = ProtAttrId(ip_id, "ip.dst");
        ip_src_id = ProtAttrId(ip_id, "ip.src");
        ip_offset_id = ProtAttrId(ip_id, "ip.offset");
    }
    if (ipv6_id != -1) {
        ipv6_dst_id = ProtAttrId(ipv6_id, "ipv6.dst");
        ipv6_src_id = ProtAttrId(ipv6_id, "ipv6.src");
        ipv6_offset_id = ProtAttrId(ipv6_id, "ipv6.offset");
    }
    if (tcp_id != -1) {
        port_dst_id = ProtAttrId(tcp_id, "tcp.dstport");
        port_src_id = ProtAttrId(tcp_id, "tcp.srcport");
        lost_id = ProtAttrId(tcp_id, "tcp.lost");
    }
    tcp_grb_id = ProtId("tcp-grb");
    
    /* pei id */
    pei_l7protocol_id = ProtPeiComptId(tcp_grb_id, "l7prot");
    pei_txt_id = ProtPeiComptId(tcp_grb_id, "txt");
    pei_size_id = ProtPeiComptId(tcp_grb_id, "size");
    pei_file_id = ProtPeiComptId(tcp_grb_id, "file");
    pei_file_type_id = ProtPeiComptId(tcp_grb_id, "ftype");

    /* tmp directory */
    sprintf(tmp_dir, "%s/%s", ProtTmpDir(), TCP_GRB_TMP_DIR);
    mkdir(tmp_dir, 0x01FF);

    /* init dig */
    if (enable_dig) {
        for (i=0; i!=dig_type_dim; i++) {
            if (!dig_tbl[i].sreg && dig_tbl[i].starttxt != NULL) {
                dig_tbl[i].start = strdup(dig_tbl[i].starttxt);
                if (dig_tbl[i].start == NULL) {
                    LogPrintf(LV_FATAL, "No memory!");
                    return -1;
                }
                dig_tbl[i].slen = TcpGrbDigConvert(dig_tbl[i].start);
            }
            if (!dig_tbl[i].ereg && dig_tbl[i].endtxt != NULL) {
                dig_tbl[i].end = strdup(dig_tbl[i].endtxt);
                if (dig_tbl[i].end == NULL) {
                    LogPrintf(LV_FATAL, "No memory!");
                    return -1;
                }
                dig_tbl[i].elen = TcpGrbDigConvert(dig_tbl[i].end);
            }
            //printf("File %s slen:%i elen: %i\n", dig_tbl[i].ename, dig_tbl[i].slen, dig_tbl[i].elen);
        }
    }

    /* ndpi */
    pthread_mutex_init(&ndpi_mux, NULL);
    ndpi = ndpi_init_detection_module(NDPI_TICK_RES, nDPImalloc, nDPIfree, nDPIPrintf);
    if (ndpi == NULL) {
        LogPrintf(LV_ERROR, "nDPi initializzation failed");

        return -1;
    }
    /* enable all protocols */
    NDPI_BITMASK_SET_ALL(all);
    ndpi_set_protocol_detection_bitmask2(ndpi, &all);
    ndpi_proto_size = ndpi_detection_get_sizeof_ndpi_id_struct();
    ndpi_flow_struct_size = ndpi_detection_get_sizeof_ndpi_flow_struct();

    return 0;
}