int all_local_ipaddrs_chksum_disable() { struct ifreq *ifaces; int ifaces_count; int i, ind = 0; struct nids_chksum_ctl *ctlp; unsigned int tmp; if (!get_all_ifaces(&ifaces, &ifaces_count)) return -1; ctlp = (struct nids_chksum_ctl *) malloc(ifaces_count * sizeof(struct nids_chksum_ctl)); if (!ctlp) return -1; for (i = 0; i < ifaces_count; i++) { tmp = get_addr_from_ifreq(ifaces + i); if (tmp) { ctlp[ind].netaddr = tmp; ctlp[ind].mask = inet_addr("255.255.255.255"); ctlp[ind].action = NIDS_DONT_CHKSUM; ind++; } } free(ifaces); nids_register_chksum_ctl(ctlp, ind); }
/** * Init the network monitoring * @param device Device * @param dump PCAP file * @param pcap PCAP filter */ void net_init(char *device, char *dump, char *pcap) { static struct nids_chksum_ctl ctl; nids_params.n_tcp_streams = 4096; /* Streams to track for re-assembly */ nids_params.n_hosts = 1024; /* Hosts to track for defrag */ nids_params.scan_num_hosts = 0; /* Disable portscan detection */ nids_params.device = device; nids_params.filename = dump; nids_params.pcap_filter = pcap; if (!nids_init()) fatal("Initialization of libnids failed"); /* Register callbacks */ nids_register_udp((void *) net_udp); nids_register_tcp((void *) net_tcp); /* Disable checksum control */ ctl.netaddr = 0; ctl.mask = 0; ctl.action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(&ctl, 1); }
/* Example 1: simple disabling of checksums on a predefined network */ void simple_chksum_ctl_example() { static struct nids_chksum_ctl ctl; ctl.netaddr = inet_addr("172.16.99.0"); ctl.mask = inet_addr("255.255.255.0"); ctl.action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(&ctl, 1); }
void initLibnids() { /* init libnids */ if (!nids_init()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } /* disable checksum for all packets */ struct nids_chksum_ctl ctl; ctl.netaddr = inet_addr("0.0.0.0"); ctl.mask = inet_addr("0.0.0.0"); ctl.action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(&ctl, 1); /* register ip frag call back */ nids_register_ip_frag(my_ip_frag_func); /* register ip call back */ nids_register_ip(my_ip_func); }
static int cook_init(mapidflib_function_instance_t *instance, MAPI_UNUSED int fd) { struct cooking_data *data; if (nids_not_inited) { pcap_t *desc; struct nids_chksum_ctl *nochksumchk; desc = malloc(sizeof(pcap_t)); desc->fd = 1; desc->linktype = instance->hwinfo->link_type; desc->bufsize = instance->hwinfo->cap_length; nids_params.pcap_desc = desc; nids_params.tcp_workarounds = 1; /* disable checksum checking for all packets */ nochksumchk = malloc(sizeof(struct nids_chksum_ctl)); nochksumchk->netaddr = 0; nochksumchk->mask = 0; nochksumchk->action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(nochksumchk, 1); if (!nids_init()) { DEBUG_CMD(Debug_Message("NIDS Error: %s", nids_errbuf)); return -1; } nids_register_tcp(mapi_tcp_callback); nids_not_inited = 0; } data = (struct cooking_data *)(instance->internal_data); /* //check if uncook is applied functs = flist_get(instance->hwinfo->gflist->fflist, fd); for (fid=1; (funct=flist_get(functs, fid)); fid++) { if (!strcmp(funct->instance->def->name, "UNCOOK")) data->keep_headers = 1; } */ //printf("Cooking : %s keeping headers %d \n", (data->keep_headers)?"":"NOT", fd); if (data->threshold <= 0) { data->threshold = 32000; //default value 32K } if (data->threshold < 1600) instance->hwinfo->cap_length = 1600; else instance->hwinfo->cap_length = data->threshold + 100;//+100 for headers data->ret_client_data = malloc(sizeof(char) * data->threshold); data->ret_server_data = malloc(sizeof(char) * data->threshold); data->client_ready = 0; data->server_ready = 0; //data->ni = nids_mapi_init(&desc, instance->hwinfo->link_type); //data->ni = nids_create(); return 0; }