void NE_CallUserSignalProc( HMODULE16 hModule, UINT16 code )
{
FARPROC16 proc;
HMODULE16 user = GetModuleHandle16("user.exe");
if (!user) return;
if ((proc = GetProcAddress16( user, "SignalProc" )))
{
/* USER is always a builtin dll */
pSignalProc sigproc = (pSignalProc)((ENTRYPOINT16 *)MapSL( (SEGPTR)proc ))->target;
sigproc( hModule, code, 0, 0, 0 );
}
}
void load_application(wkr_t* w){
LOG_FUNCTION
w->ctl->scgi = scgi_new();
if(w->ctl->scgi == NULL) {
LOG_ERROR(SEVERE,"Cannot create SCGI Request");
sigproc();
return;
}
w->http = http_new(w);
if(w->http == NULL) {
scgi_body_add(w->ctl->scgi, "unable to load application.", strlen("unable to load application."));
LOG_ERROR(SEVERE,"unable to load application.");
}else if(worker_listen(w) < 0) {
scgi_body_add(w->ctl->scgi, "Error Initializing Workers.", strlen("Error Initializing Workers."));
LOG_ERROR(WARN,"Error Initializing Workers.");
}else{
worker_accept_requests(w);
LOG_INFO("Worker ready for serving requests.");
init_idle_watcher(w);
LOG_INFO("Successfully loaded rack application=%s with environment=%s",
w->tmp->path.str, w->tmp->env.str);
}
//loading adapter according to application type
LOG_DEBUG(DEBUG,"webroar_root = %s", w->tmp->root_path.str);
LOG_DEBUG(DEBUG,"path = %s, name = %s, type = %s, environment = %s, baseuri = %s, analytics = %c",
w->tmp->path.str, w->tmp->name.str, w->tmp->type.str,
w->tmp->env.str, w->tmp->resolver.str, w->tmp->profiler);
// Send error or ok acknowledgement message
if(w->ctl->scgi->body_length > 0){
// Send error response
w->ctl->error = TRUE;
get_worker_add_ctl_scgi(w, TRUE);
ev_io_start(w->loop,&(w->ctl->w_write));
ev_timer_again(w->loop, &w->ctl->t_ack);
}else{
// Send acknowledgement message
get_worker_add_ctl_scgi(w, FALSE);
ev_io_start(w->loop,&(w->ctl->w_write));
}
wkr_tmp_free(&w->tmp);
}
void application_config_read_cb(wkr_t* w, scgi_t *scgi){
LOG_FUNCTION
char *str;
/*w->ctl->scgi = scgi_new();
if(w->ctl->scgi == NULL) {
LOG_ERROR(SEVERE,"Cannot create SCGI Request");
sigproc();
return;
} */
if(w->tmp->is_static){
#ifdef W_ZLIB
str = (char*) scgi_header_value_get(scgi, "LOWER_LIMIT");
if(str){
w->tmp->lower_limit = atol(str);
}
str = (char*) scgi_header_value_get(scgi, "UPPER_LIMIT");
if(str){
w->tmp->upper_limit = atol(str);
}
#ifdef W_REGEX
str = (char*) scgi_header_value_get(scgi, "CONTENT_TYPE");
if(str){
wr_string_new(w->tmp->r_content_type, str, strlen(str));
}else {
wr_string_new(w->tmp->r_content_type, DEFAULT_CONTENT_TYPE, strlen(DEFAULT_CONTENT_TYPE));
}
str = (char*) scgi_header_value_get(scgi, "USER_AGENT");
if(str){
wr_string_new(w->tmp->r_user_agent, str, strlen(str));
}
#endif
#endif
}else{
if(drop_privileges(w, scgi) == FALSE) {
wkr_tmp_free(&w->tmp);
sigproc();
return;
}
manipulate_environment_variable(w, scgi);
str = (char*) scgi_header_value_get(scgi, "PATH");
if(str){
wr_string_new(w->tmp->path, str, strlen(str));
}
str = (char*) scgi_header_value_get(scgi, "ENV");
if(str){
wr_string_new(w->tmp->env, str, strlen(str));
}
str = (char*) scgi_header_value_get(scgi, "TYPE");
if(str){
wr_string_new(w->tmp->type, str, strlen(str));
}
str = (char*) scgi_header_value_get(scgi, "BASE_URI");
if(str){
wr_string_new(w->tmp->resolver, str, strlen(str));
}
str = (char*) scgi_header_value_get(scgi, "ANALYTICS");
if(str && strcmp(str,"enabled")==0){
w->tmp->profiler = 'y';
}else{
w->tmp->profiler = 'n';
}
}
load_application(w);
}
int main(int argc, char *argv[])
#endif
{
HTTPserver *httpd = NULL;
Prefs *prefs = NULL;
char *ifName;
int rc;
#ifdef WIN32
initWinsock32();
#endif
if((ntop = new(std::nothrow) Ntop(argv[0])) == NULL) _exit(0);
if((prefs = new(std::nothrow) Prefs(ntop)) == NULL) _exit(0);
#ifndef WIN32
if((argc == 2) && (argv[1][0] != '-'))
rc = prefs->loadFromFile(argv[1]);
else
#endif
rc = prefs->loadFromCLI(argc, argv);
if(rc < 0) return(-1);
ntop->registerPrefs(prefs);
prefs->registerNetworkInterfaces();
if(prefs->get_num_user_specified_interfaces() == 0) {
/* We add all interfaces available on this host */
prefs->add_default_interfaces();
}
if(prefs->daemonize_ntopng())
ntop->daemonize();
for(int i=0; i<MAX_NUM_INTERFACES; i++) {
NetworkInterface *iface;
if((ifName = ntop->get_if_name(i)) == NULL)
continue;
/* [ zmq-collector.lua@tcp://127.0.0.1:5556 ] */
if(ifName && (strstr(ifName, "tcp://")
|| strstr(ifName, "ipc://"))
) {
char *at = strchr(ifName, '@');
char *topic = (char*)"flow", *endpoint;
if(at != NULL)
endpoint = &at[1];
else
endpoint = ifName;
iface = new CollectorInterface(endpoint, topic);
} else {
#ifdef HAVE_PF_RING
try {
iface = new PF_RINGInterface(ifName);
} catch (int) {
#endif
iface = new PcapInterface(ifName);
#ifdef HAVE_PF_RING
}
#endif
}
if(prefs->get_cpu_affinity() >= 0)
iface->set_cpu_affinity(prefs->get_cpu_affinity());
if(prefs->get_packet_filter() != NULL)
iface->set_packet_filter(prefs->get_packet_filter());
ntop->registerInterface(iface);
}
ntop->createExportInterface();
if(prefs->do_dump_flows_on_db())
ntop->createHistoricalInterface();
if(ntop->getInterfaceAtId(0) == NULL) {
ntop->getTrace()->traceEvent(TRACE_ERROR, "Startup error: missing super-user privileges ?");
_exit(0);
}
if(prefs->do_change_user())
Utils::dropPrivileges();
#ifndef WIN32
if(prefs->get_pid_path() != NULL) {
FILE *fd;
fd = fopen(prefs->get_pid_path(), "w");
if(fd != NULL) {
fprintf(fd, "%u\n", getpid());
fclose(fd);
chmod(prefs->get_pid_path(), 0777);
ntop->getTrace()->traceEvent(TRACE_NORMAL, "PID stored in file %s",
prefs->get_pid_path());
} else
ntop->getTrace()->traceEvent(TRACE_ERROR, "Unable to store PID in file %s",
prefs->get_pid_path());
}
#endif
ntop->loadGeolocation(prefs->get_docs_dir());
ntop->registerHTTPserver(httpd = new HTTPserver(prefs->get_http_port(),
prefs->get_docs_dir(),
prefs->get_scripts_dir()));
/*
We have created the network interface and thus changed user. Let's not check
if we can write on the data directory
*/
{
char path[MAX_PATH];
FILE *fd;
snprintf(path, sizeof(path), "%s/.test", ntop->get_working_dir());
ntop->fixPath(path);
if((fd = fopen(path, "w")) == NULL) {
ntop->getTrace()->traceEvent(TRACE_ERROR,
"Unable to write on %s [%s]: please specify a different directory (-d)",
ntop->get_working_dir(), path);
_exit(0);
} else {
fclose(fd); /* All right */
unlink(path);
}
}
if(prefs->get_categorization_key() != NULL) {
ntop->getTrace()->traceEvent(TRACE_WARNING,
"Host categorization is not enabled: using default key");
ntop->setCategorization(new Categorization(prefs->get_categorization_key()));
prefs->enable_categorization();
}
if(prefs->get_httpbl_key() != NULL) {
ntop->getTrace()->traceEvent(TRACE_WARNING,
"HTTPBL categorization is not enabled: using default key");
ntop->setHTTPBL(new HTTPBL(prefs->get_httpbl_key()));
prefs->enable_httpbl();
}
ntop->getTrace()->traceEvent(TRACE_NORMAL, "Working directory: %s",
ntop->get_working_dir());
ntop->getTrace()->traceEvent(TRACE_NORMAL, "Scripts/HTML pages directory: %s",
ntop->get_install_dir());
signal(SIGINT, sigproc);
signal(SIGTERM, sigproc);
signal(SIGINT, sigproc);
#if defined(WIN32) && defined(DEMO_WIN32)
ntop->getTrace()->traceEvent(TRACE_NORMAL, "-----------------------------------------------------------");
ntop->getTrace()->traceEvent(TRACE_WARNING, "This is a demo version of ntopng limited to %d packets", MAX_NUM_PACKETS);
ntop->getTrace()->traceEvent(TRACE_WARNING, "Please go to http://shop.ntop.org for getting the full version");
ntop->getTrace()->traceEvent(TRACE_NORMAL, "-----------------------------------------------------------");
#endif
ntop->start();
sigproc(0);
delete ntop;
return(0);
}
// executed for each packet in the pcap file
static void pcap_packet_callback(u_char * args, const struct pcap_pkthdr *header, const u_char * packet)
{
const struct ndpi_ethhdr *ethernet = (struct ndpi_ethhdr *) packet;
struct ndpi_iphdr *iph = (struct ndpi_iphdr *) &packet[sizeof(struct ndpi_ethhdr)];
u_int64_t time;
static u_int64_t lasttime = 0;
u_int16_t type, ip_offset;
raw_packet_count++;
if((capture_until != 0) && (header->ts.tv_sec >= capture_until)) {
sigproc(0);
return;
}
time = ((uint64_t) header->ts.tv_sec) * detection_tick_resolution +
header->ts.tv_usec / (1000000 / detection_tick_resolution);
if (lasttime > time) {
// printf("\nWARNING: timestamp bug in the pcap file (ts delta: %llu, repairing)\n", lasttime - time);
time = lasttime;
}
lasttime = time;
type = ethernet->h_proto;
// just work on Ethernet packets that contain IP
if (_pcap_datalink_type == DLT_EN10MB && type == htons(ETH_P_IP)
&& header->caplen >= sizeof(struct ndpi_ethhdr)) {
u_int16_t frag_off = ntohs(iph->frag_off);
if(header->caplen < header->len) {
static u_int8_t cap_warning_used = 0;
if (cap_warning_used == 0) {
printf("\n\nWARNING: packet capture size is smaller than packet size, DETECTION MIGHT NOT WORK CORRECTLY\n\n");
cap_warning_used = 1;
}
}
if (iph->version != 4) {
static u_int8_t ipv4_warning_used = 0;
v4_warning:
if (ipv4_warning_used == 0) {
printf("\n\nWARNING: only IPv4 packets are supported in this demo (nDPI supports both IPv4 and IPv6), all other packets will be discarded\n\n");
ipv4_warning_used = 1;
}
return;
}
ip_offset = sizeof(struct ndpi_ethhdr);
if(decode_tunnels && (iph->protocol == IPPROTO_UDP) && ((frag_off & 0x3FFF) == 0)) {
u_short ip_len = ((u_short)iph->ihl * 4);
struct ndpi_udphdr *udp = (struct ndpi_udphdr *)&packet[sizeof(struct ndpi_ethhdr)+ip_len];
u_int16_t sport = ntohs(udp->source), dport = ntohs(udp->dest);
if((sport == GTP_U_V1_PORT) || (dport == GTP_U_V1_PORT)) {
/* Check if it's GTPv1 */
u_int offset = sizeof(struct ndpi_ethhdr)+ip_len+sizeof(struct ndpi_udphdr);
u_int8_t flags = packet[offset];
u_int8_t message_type = packet[offset+1];
if((((flags & 0xE0) >> 5) == 1 /* GTPv1 */) && (message_type == 0xFF /* T-PDU */)) {
ip_offset = sizeof(struct ndpi_ethhdr)+ip_len+sizeof(struct ndpi_udphdr)+8 /* GTPv1 header len */;
if(flags & 0x04) ip_offset += 1; /* next_ext_header is present */
if(flags & 0x02) ip_offset += 4; /* sequence_number is present (it also includes next_ext_header and pdu_number) */
if(flags & 0x01) ip_offset += 1; /* pdu_number is present */
iph = (struct ndpi_iphdr *) &packet[ip_offset];
if (iph->version != 4) {
// printf("WARNING: not good (packet_id=%u)!\n", (unsigned int)raw_packet_count);
goto v4_warning;
}
}
}
