/**
* @brief Send a TCP segment to libntoh
*/
void send_tcp_segment ( struct ip *iphdr , pntoh_tcp_callback_t callback )
{
ppeer_info_t pinfo;
ntoh_tcp_tuple5_t tcpt5;
pntoh_tcp_stream_t stream;
struct tcphdr *tcp;
size_t size_ip;
size_t total_len;
size_t size_tcp;
size_t size_payload;
unsigned char *payload;
int ret;
unsigned int error;
size_ip = iphdr->ip_hl * 4;
total_len = ntohs( iphdr->ip_len );
tcp = (struct tcphdr*)((unsigned char*)iphdr + size_ip);
if ( (size_tcp = tcp->th_off * 4) < sizeof(struct tcphdr) )
return;
payload = (unsigned char *)iphdr + size_ip + size_tcp;
size_payload = total_len - ( size_ip + size_tcp );
ntoh_tcp_get_tuple5 ( (void*)iphdr , tcp , &tcpt5 );
/* find the stream or creates a new one */
if ( !( stream = ntoh_tcp_find_stream( tcp_session , &tcpt5 ) ) )
if ( ! ( stream = ntoh_tcp_new_stream( tcp_session , &tcpt5, callback , 0 , &error , 1 , 1 ) ) )
{
fprintf ( stderr , "\n[e] Error %d creating new stream: %s" , error , ntoh_get_errdesc ( error ) );
return;
}
if ( size_payload > 0 )
pinfo = get_peer_info ( payload , size_payload , &tcpt5 );
else
pinfo = 0;
/* add this segment to the stream */
switch ( ( ret = ntoh_tcp_add_segment( tcp_session , stream, (void*)iphdr, total_len, (void*)pinfo ) ) )
{
case NTOH_OK:
break;
case NTOH_SYNCHRONIZING:
free_peer_info ( pinfo );
break;
default:
fprintf( stderr, "\n[e] Error %d adding segment: %s", ret, ntoh_get_retval_desc( ret ) );
free_peer_info ( pinfo );
break;
}
return;
}
/**
* @brief Send a TCP segment to libntoh
*/
void send_tcp_segment ( struct ip *iphdr , pntoh_tcp_callback_t callback )
{
ppeer_info_t pinfo;
ntoh_tcp_tuple5_t tcpt5;
pntoh_tcp_stream_t stream;
struct tcphdr *tcp;
size_t size_ip;
size_t total_len;
size_t size_tcp;
size_t size_payload;
unsigned char *payload;
int32_t ret;
unsigned int error;
size_ip = iphdr->ip_hl * 4;
total_len = ntohs( iphdr->ip_len );
tcp = (struct tcphdr*)((unsigned char*)iphdr + size_ip);
if ( (size_tcp = tcp->th_off * 4) < sizeof(struct tcphdr) )
{
return;
}
payload = (unsigned char *)iphdr + size_ip + size_tcp;
size_payload = total_len - ( size_ip + size_tcp );
ntoh_tcp_get_tuple5 ( iphdr , tcp , &tcpt5 );
/* find the stream or creates a new one */
if ( !( stream = ntoh_tcp_find_stream( tcp_session , &tcpt5 ) ) )
{
if ( ! ( stream = ntoh_tcp_new_stream( tcp_session , &tcpt5, callback , 0 , &error , 1 , 1 ) ) )
{
if (DEBUG)
{
fprintf ( stderr , "\n[e] Error %d creating new stream: %s" , error , ntoh_get_errdesc ( error ) );
}
return;
}
}
if ( size_payload > 0 )
{
pinfo = get_peer_info ( payload , size_payload , &tcpt5 );
}
else
{
pinfo = 0;
}
if (pinfo != 0)
{
/* HERE - determine if this is a packet type we're interested in */
//if (Contains((char *)payload, "HTTP") && (Contains((char *)payload, "GET") || Contains((char *)payload, "POST") || Contains((char *)payload, "HEAD")))
if (ntohs(tcpt5.dport) == 80)
{
pending_more_hdr_data = extractHttpHdr((const char *)(payload));
if (pending_more_hdr_data == 0)
{
size_t l = (strlen((const char *)(pinfo->path)));
i = 0;
while (i < l)
{
snc.mem.t5s[(snc.smem.shm[CTL][POS]) - 1][i] = (sig_atomic_t)(pinfo->path[i]);
i++;
}
snc.mem.t5s[(snc.smem.shm[CTL][POS]) - 1][i] = (sig_atomic_t)((const char)'\0');
if (DEBUG)
{
write(2, "\n\t[i] --- tcp tuple 5 --- ", 27);
write(2, (const char *)(pinfo->path), strlen((const char *)(pinfo->path)));
fflush(stderr);
}
extractSig();
ret = dumpToShm();
if(ret != 0)
{
if (DEBUG)
{
fprintf(stderr, "\n\t[Error] --- Unable to dump HTTP header to shared memory\n\t\tReason: %s\n", ret == CRING ? "CRING" : (ret == PWING ? "PWING" : "Unknown"));
}
}
else
{
if (DEBUG)
{
write(2, "\n\tSuccessfully dumped signature to shared memory\n", 49);
}
}
ret = 0;
}
}
}
/* add this segment to the stream */
switch ( ( ret = ntoh_tcp_add_segment( tcp_session , stream, iphdr, total_len, (void*)pinfo ) ) )
{
case NTOH_OK:
break;
case NTOH_SYNCHRONIZING:
free_peer_info ( pinfo );
break;
default:
if (DEBUG)
{
fprintf( stderr, "\n[e] Error %d adding segment: %s", ret, ntoh_get_retval_desc( ret ) );
}
free_peer_info ( pinfo );
break;
}
return;
}
