static void lbmtcp_order_key(lbmtcp_transport_t * transport)
{
gboolean swap = FALSE;
int compare;
/* Order the key so that addr1:port1 <= addr2:port2 */
compare = cmp_address(&(transport->addr1), &(transport->addr2));
if (compare > 0)
{
swap = TRUE;
}
else if (compare == 0)
{
if (transport->port1 > transport->port2)
{
swap = TRUE;
}
}
if (swap)
{
address addr;
guint16 port;
copy_address_shallow(&addr, &(transport->addr1));
copy_address_shallow(&(transport->addr2), &(transport->addr1));
copy_address_shallow(&(transport->addr1), &addr);
port = transport->port2;
transport->port2 = transport->port1;
transport->port1 = port;
}
}
bool operator< (const QTreeWidgetItem &other) const
{
if (other.type() != wlan_station_row_type_) return QTreeWidgetItem::operator< (other);
const WlanStationTreeWidgetItem *other_row = static_cast<const WlanStationTreeWidgetItem *>(&other);
switch (treeWidget()->sortColumn()) {
case col_bssid_:
return cmp_address(&addr_, &other_row->addr_) < 0;
case col_pct_packets_:
return packets_ < other_row->packets_;
case col_beacons_:
return sent_ < other_row->sent_;
case col_data_packets_:
return received_ < other_row->received_;
case col_probe_reqs_:
return probe_req_ < other_row->probe_req_;
case col_probe_resps_:
return probe_resp_ < other_row->probe_resp_;
case col_auths_:
return auth_ < other_row->auth_;
case col_deauths_:
return deauth_ < other_row->deauth_;
case col_others_:
return other_ < other_row->other_;
default:
break;
}
return QTreeWidgetItem::operator< (other);
}
/* WSLUA_ATTRIBUTE Pinfo_lo RO lower Address of this Packet. */
static int Pinfo_get_lo(lua_State *L) {
Pinfo pinfo = checkPinfo(L,1);
Address addr;
addr = (Address)g_malloc(sizeof(address));
if (cmp_address(&(pinfo->ws_pinfo->src), &(pinfo->ws_pinfo->dst) ) < 0) {
copy_address(addr, &(pinfo->ws_pinfo->src));
} else {
copy_address(addr, &(pinfo->ws_pinfo->dst));
}
pushAddress(L,addr);
return 1;
}
bool operator< (const QTreeWidgetItem &other) const
{
if (other.type() != mcast_table_type_) return QTreeWidgetItem::operator< (other);
const MulticastStatTreeWidgetItem *other_row = static_cast<const MulticastStatTreeWidgetItem *>(&other);
switch (treeWidget()->sortColumn()) {
case col_src_addr_:
return cmp_address(&src_addr_, &other_row->src_addr_) < 0;
case col_src_port_:
return src_port_ < other_row->src_port_;
case col_dst_addr_:
return cmp_address(&dst_addr_, &other_row->dst_addr_) < 0;
case col_dst_port_:
return dst_port_ < other_row->dst_port_;
case col_packets_:
return num_packets_ < other_row->num_packets_;
case col_packets_s_:
return avg_pps_ < other_row->avg_pps_;
case col_avg_bw_:
return avg_bw_ < other_row->avg_bw_;
case col_max_bw_:
return max_bw_ < other_row->max_bw_;
case col_max_burst_:
return top_burst_size_ < other_row->top_burst_size_;
case col_burst_alarms_:
return num_bursts_ < other_row->num_bursts_;
case col_max_buffers_:
return top_buff_usage_ < other_row->top_buff_usage_;
case col_buffer_alarms_:
return num_buff_alarms_ < other_row->num_buff_alarms_;
default:
break;
}
return QTreeWidgetItem::operator< (other);
}
static guint add_or_get_node(seq_analysis_info_t *sainfo, address *node) {
guint i;
if (node->type == AT_NONE) return NODE_OVERFLOW;
for (i=0; i<MAX_NUM_NODES && i < sainfo->num_nodes ; i++) {
if ( cmp_address(&(sainfo->nodes[i]), node) == 0 ) return i; /* it is in the array */
}
if (i >= MAX_NUM_NODES) {
return NODE_OVERFLOW;
} else {
sainfo->num_nodes++;
copy_address(&(sainfo->nodes[i]), node);
return i;
}
}
struct udp_analysis *
get_udp_conversation_data(conversation_t *conv, packet_info *pinfo)
{
int direction;
struct udp_analysis *udpd=NULL;
/* Did the caller supply the conversation pointer? */
if (conv == NULL)
conv = find_or_create_conversation(pinfo);
/* Get the data for this conversation */
udpd=(struct udp_analysis *)conversation_get_proto_data(conv, hfi_udp->id);
/* If the conversation was just created or it matched a
* conversation with template options, udpd will not
* have been initialized. So, initialize
* a new udpd structure for the conversation.
*/
if (!udpd) {
udpd = init_udp_conversation_data();
conversation_add_proto_data(conv, hfi_udp->id, udpd);
}
if (!udpd) {
return NULL;
}
/* check direction and get ua lists */
direction=cmp_address(&pinfo->src, &pinfo->dst);
/* if the addresses are equal, match the ports instead */
if (direction == 0) {
direction= (pinfo->srcport > pinfo->destport) ? 1 : -1;
}
if (direction >= 0) {
udpd->fwd=&(udpd->flow1);
udpd->rev=&(udpd->flow2);
} else {
udpd->fwd=&(udpd->flow2);
udpd->rev=&(udpd->flow1);
}
return udpd;
}
static int get_ifindex(const struct sockaddr *s)
{
struct ifaddrs *ifaddr, *ifa;
int name2index = -ENODEV;
if (-1 == getifaddrs(&ifaddr))
return errno;
for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) {
if (ifa->ifa_addr == NULL)
continue;
if (cmp_address(ifa->ifa_addr, s)) {
name2index = if_nametoindex(ifa->ifa_name);
break;
}
}
freeifaddrs(ifaddr);
return name2index;
}
void
add_conversation_table_data_with_conv_id(
conv_hash_t *ch,
const address *src,
const address *dst,
guint32 src_port,
guint32 dst_port,
conv_id_t conv_id,
int num_frames,
int num_bytes,
nstime_t *ts,
nstime_t *abs_ts,
ct_dissector_info_t *ct_info,
port_type ptype)
{
const address *addr1, *addr2;
guint32 port1, port2;
conv_item_t *conv_item = NULL;
unsigned int conversation_idx = 0;
if (src_port > dst_port) {
addr1 = src;
addr2 = dst;
port1 = src_port;
port2 = dst_port;
} else if (src_port < dst_port) {
addr2 = src;
addr1 = dst;
port2 = src_port;
port1 = dst_port;
} else if (cmp_address(src, dst) < 0) {
addr1 = src;
addr2 = dst;
port1 = src_port;
port2 = dst_port;
} else {
addr2 = src;
addr1 = dst;
port2 = src_port;
port1 = dst_port;
}
/* if we don't have any entries at all yet */
if (ch->conv_array == NULL) {
ch->conv_array = g_array_sized_new(FALSE, FALSE, sizeof(conv_item_t), 10000);
ch->hashtable = g_hash_table_new_full(conversation_hash,
conversation_equal, /* key_equal_func */
g_free, /* key_destroy_func */
NULL); /* value_destroy_func */
} else {
/* try to find it among the existing known conversations */
conv_key_t existing_key;
gpointer conversation_idx_hash_val;
existing_key.addr1 = *addr1;
existing_key.addr2 = *addr2;
existing_key.port1 = port1;
existing_key.port2 = port2;
existing_key.conv_id = conv_id;
if (g_hash_table_lookup_extended(ch->hashtable, &existing_key, NULL, &conversation_idx_hash_val)) {
conv_item = &g_array_index(ch->conv_array, conv_item_t, GPOINTER_TO_UINT(conversation_idx_hash_val));
}
}
/* if we still don't know what conversation this is it has to be a new one
and we have to allocate it and append it to the end of the list */
if (conv_item == NULL) {
conv_key_t *new_key;
conv_item_t new_conv_item;
copy_address(&new_conv_item.src_address, addr1);
copy_address(&new_conv_item.dst_address, addr2);
new_conv_item.dissector_info = ct_info;
new_conv_item.ptype = ptype;
new_conv_item.src_port = port1;
new_conv_item.dst_port = port2;
new_conv_item.conv_id = conv_id;
new_conv_item.rx_frames = 0;
new_conv_item.tx_frames = 0;
new_conv_item.rx_bytes = 0;
new_conv_item.tx_bytes = 0;
new_conv_item.modified = TRUE;
if (ts) {
memcpy(&new_conv_item.start_time, ts, sizeof(new_conv_item.start_time));
memcpy(&new_conv_item.stop_time, ts, sizeof(new_conv_item.stop_time));
memcpy(&new_conv_item.start_abs_time, abs_ts, sizeof(new_conv_item.start_abs_time));
} else {
nstime_set_unset(&new_conv_item.start_abs_time);
nstime_set_unset(&new_conv_item.start_time);
nstime_set_unset(&new_conv_item.stop_time);
}
g_array_append_val(ch->conv_array, new_conv_item);
conversation_idx = ch->conv_array->len - 1;
conv_item = &g_array_index(ch->conv_array, conv_item_t, conversation_idx);
/* ct->conversations address is not a constant but src/dst_address.data are */
new_key = g_new(conv_key_t, 1);
set_address(&new_key->addr1, conv_item->src_address.type, conv_item->src_address.len, conv_item->src_address.data);
set_address(&new_key->addr2, conv_item->dst_address.type, conv_item->dst_address.len, conv_item->dst_address.data);
new_key->port1 = port1;
new_key->port2 = port2;
new_key->conv_id = conv_id;
g_hash_table_insert(ch->hashtable, new_key, GUINT_TO_POINTER(conversation_idx));
}
/* update the conversation struct */
conv_item->modified = TRUE;
if ( (!cmp_address(src, addr1)) && (!cmp_address(dst, addr2)) && (src_port==port1) && (dst_port==port2) ) {
conv_item->tx_frames += num_frames;
conv_item->tx_bytes += num_bytes;
} else {
conv_item->rx_frames += num_frames;
conv_item->rx_bytes += num_bytes;
}
if (ts) {
if (nstime_cmp(ts, &conv_item->stop_time) > 0) {
memcpy(&conv_item->stop_time, ts, sizeof(conv_item->stop_time));
} else if (nstime_cmp(ts, &conv_item->start_time) < 0) {
memcpy(&conv_item->start_time, ts, sizeof(conv_item->start_time));
memcpy(&conv_item->start_abs_time, abs_ts, sizeof(conv_item->start_abs_time));
}
}
}
static gboolean lbm_uimflow_add_to_graph(seq_analysis_info_t * seq_info, packet_info * pinfo, const lbm_uim_stream_info_t * stream_info)
{
lbm_uim_stream_endpoint_t epa;
lbm_uim_stream_endpoint_t epb;
seq_analysis_item_t * item;
gchar * ctxinst1 = NULL;
gchar * ctxinst2 = NULL;
gboolean swap_endpoints = FALSE;
int rc;
if (stream_info->endpoint_a.type != stream_info->endpoint_b.type)
{
return (FALSE);
}
if (stream_info->endpoint_a.type == lbm_uim_instance_stream)
{
rc = memcmp((void *)stream_info->endpoint_a.stream_info.ctxinst.ctxinst,
(void *)stream_info->endpoint_b.stream_info.ctxinst.ctxinst,
LBM_CONTEXT_INSTANCE_BLOCK_SZ);
if (rc <= 0)
{
swap_endpoints = FALSE;
}
else
{
swap_endpoints = TRUE;
}
}
else
{
if (stream_info->endpoint_a.stream_info.dest.domain < stream_info->endpoint_b.stream_info.dest.domain)
{
swap_endpoints = FALSE;
}
else if (stream_info->endpoint_a.stream_info.dest.domain > stream_info->endpoint_b.stream_info.dest.domain)
{
swap_endpoints = TRUE;
}
else
{
int compare;
compare = cmp_address(&(stream_info->endpoint_a.stream_info.dest.addr), &(stream_info->endpoint_b.stream_info.dest.addr));
if (compare < 0)
{
swap_endpoints = FALSE;
}
else if (compare > 0)
{
swap_endpoints = TRUE;
}
else
{
if (stream_info->endpoint_a.stream_info.dest.port <= stream_info->endpoint_b.stream_info.dest.port)
{
swap_endpoints = FALSE;
}
else
{
swap_endpoints = TRUE;
}
}
}
}
if (swap_endpoints == FALSE)
{
epa = stream_info->endpoint_a;
epb = stream_info->endpoint_b;
}
else
{
epb = stream_info->endpoint_a;
epa = stream_info->endpoint_b;
}
item = (seq_analysis_item_t *)g_malloc0(sizeof(seq_analysis_item_t));
copy_address(&(item->src_addr), &(pinfo->src));
copy_address(&(item->dst_addr), &(pinfo->dst));
item->frame_number = pinfo->fd->num;
item->port_src = pinfo->srcport;
item->port_dst = pinfo->destport;
item->protocol = g_strdup(port_type_to_str(pinfo->ptype));
if (stream_info->description == NULL)
{
item->frame_label = g_strdup_printf("(%" G_GUINT32_FORMAT ")", stream_info->sqn);
}
else
{
item->frame_label = g_strdup_printf("%s (%" G_GUINT32_FORMAT ")", stream_info->description, stream_info->sqn);
}
if (epa.type == lbm_uim_instance_stream)
{
ctxinst1 = bytes_to_str(pinfo->pool, epa.stream_info.ctxinst.ctxinst, sizeof(epa.stream_info.ctxinst.ctxinst));
ctxinst2 = bytes_to_str(pinfo->pool, epb.stream_info.ctxinst.ctxinst, sizeof(epb.stream_info.ctxinst.ctxinst));
item->comment = g_strdup_printf("%s <-> %s [%" G_GUINT64_FORMAT "]",
ctxinst1,
ctxinst2,
stream_info->channel);
}
else
{
item->comment = g_strdup_printf("%" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " <-> %" G_GUINT32_FORMAT ":%s:%" G_GUINT16_FORMAT " [%" G_GUINT64_FORMAT "]",
epa.stream_info.dest.domain,
address_to_str(pinfo->pool, &(epa.stream_info.dest.addr)),
epa.stream_info.dest.port,
epb.stream_info.dest.domain,
address_to_str(pinfo->pool, &(epb.stream_info.dest.addr)),
epb.stream_info.dest.port,
stream_info->channel);
}
item->conv_num = (guint16)LBM_CHANNEL_ID(stream_info->channel);
item->display = TRUE;
item->line_style = 1;
g_queue_push_tail(seq_info->items, item);
return (TRUE);
}
gcp_msg_t* gcp_msg(packet_info* pinfo, int o, gboolean keep_persistent_data) {
gcp_msg_t* m;
guint32 framenum = (guint32)pinfo->num;
guint32 offset = (guint32)o;
address* src = &(pinfo->src);
address* dst = &(pinfo->dst);
address* lo_addr;
address* hi_addr;
if (keep_persistent_data) {
wmem_tree_key_t key[3];
key[0].length = 1;
key[0].key = &(framenum);
key[1].length = 1;
key[1].key = &offset;
key[2].length = 0;
key[2].key =NULL;
if (( m = (gcp_msg_t *)wmem_tree_lookup32_array(msgs,key) )) {
m->committed = TRUE;
return m;
} else {
m = wmem_new(wmem_file_scope(), gcp_msg_t);
m->framenum = framenum;
m->time = pinfo->abs_ts;
m->trxs = NULL;
m->committed = FALSE;
wmem_tree_insert32_array(msgs,key,m);
}
} else {
m = wmem_new0(wmem_packet_scope(), gcp_msg_t);
m->framenum = framenum;
m->trxs = NULL;
m->committed = FALSE;
}
if (cmp_address(src, dst) < 0) {
lo_addr = src;
hi_addr = dst;
} else {
lo_addr = dst;
hi_addr = src;
}
switch(lo_addr->type) {
case AT_NONE:
m->lo_addr = 0;
m->hi_addr = 0;
break;
case AT_IPv4:
memcpy((guint8*)&(m->hi_addr),hi_addr->data,4);
memcpy((guint8*)&(m->lo_addr),lo_addr->data,4);
break;
case AT_SS7PC:
m->hi_addr = mtp3_pc_hash((const mtp3_addr_pc_t *)hi_addr->data);
m->lo_addr = mtp3_pc_hash((const mtp3_addr_pc_t *)lo_addr->data);
break;
default:
/* XXX: heuristic and error prone */
m->hi_addr = g_str_hash(address_to_str(wmem_packet_scope(), hi_addr));
m->lo_addr = g_str_hash(address_to_str(wmem_packet_scope(), lo_addr));
break;
}
return m;
}
