void moloch_db_add_local_ip(char *str, MolochIpInfo_t *ii)
{
patricia_node_t *node;
if (!ipTree) {
ipTree = New_Patricia(32);
}
node = make_and_lookup(ipTree, str);
node->data = ii;
}
struct Class *
make_class(void)
{
struct Class *tmp;
tmp = (struct Class *) MyMalloc(sizeof(struct Class));
ConFreq(tmp) = DEFAULT_CONNECTFREQUENCY;
PingFreq(tmp) = DEFAULT_PINGFREQUENCY;
MaxUsers(tmp) = 1;
MaxSendq(tmp) = DEFAULT_SENDQ;
tmp->ip_limits = New_Patricia(PATRICIA_BITS);
return tmp;
}
TEST (patricia, positive_lookup_ipv6_prefix) {
patricia_tree_t* lookup_ipv6_tree;
lookup_ipv6_tree = New_Patricia(128);
make_and_lookup_ipv6(lookup_ipv6_tree, (char*)"2a03:f480::/32");
//Destroy_Patricia(lookup_ipv6_tree, (void_fn_t)0);
prefix_t prefix_for_check_address;
inet_pton(AF_INET6, "2a03:f480:2130:cf05:face:b00c::1", (void*)&prefix_for_check_address.add.sin6);
prefix_for_check_address.family = AF_INET6;
prefix_for_check_address.bitlen = 128;
bool found = patricia_search_best2(lookup_ipv6_tree, &prefix_for_check_address, 1) != NULL;
EXPECT_EQ( found, true );
}
AddressTree::AddressTree() {
numAddresses = 0, memset(addressString, 0, sizeof(addressString));
ptree = New_Patricia(128);
}
int main(int argc, char **argv)
{
/*
* Check for superuser privileges
*/
if (geteuid()) {
printf("Running %s requires superuser privileges! Exiting...\n", LISPD);
exit(EXIT_FAILURE);
}
/*
* Initialize the random number generator
*/
iseed = (unsigned int) time (NULL);
srandom(iseed);
/*
* Set up signal handlers
*/
signal(SIGHUP, signal_handler);
signal(SIGTERM, signal_handler);
signal(SIGINT, signal_handler);
signal(SIGQUIT, signal_handler);
/*
* set up syslog now, checking to see if we're daemonizing...
*/
set_up_syslog();
/*
* Unload/load LISP kernel modules
*/
system("/sbin/modprobe -r lisp lisp_int");
if (system("/sbin/modprobe lisp")) {
syslog(LOG_DAEMON, "Loading the 'lisp' kernel module failed! Exiting...");
exit(EXIT_FAILURE);
}
syslog(LOG_DAEMON, "Loaded the 'lisp' kernel module");
sleep(1);
if (system("/sbin/modprobe lisp_int")) {
syslog(LOG_DAEMON, "Loading the 'lisp_int' kernel module failed! Exiting...");
exit(EXIT_FAILURE);
}
syslog(LOG_DAEMON, "Loaded the 'lisp_int' kernel module");
sleep(1);
/*
* Setup LISP and routing netlink sockets
*/
if (!setup_netlink()) {
syslog(LOG_DAEMON, "Can't set up netlink socket for lisp_mod communication");
exit(EXIT_FAILURE);
}
if (!setup_netlink_iface()) {
syslog(LOG_DAEMON, "Can't set up netlink socket for interface events");
exit(EXIT_FAILURE);
}
syslog(LOG_DAEMON, "Netlink sockets created");
/*
* set up databases
*/
AF4_database = New_Patricia(sizeof(struct in_addr) * 8);
AF6_database = New_Patricia(sizeof(struct in6_addr) * 8);
/*
* Parse command line options
*/
handle_lispd_command_line(argc, argv);
// Modified by acabello
// init_datacache has the following parameters:
// void (*cbk)(datacache_elt_t*); -> callback function (see example in lispd_lib.c)
if (!init_datacache(callback_elt)) {
syslog(LOG_DAEMON, "malloc (datacache): %s", strerror(errno));
exit(EXIT_FAILURE);
}
/*
* Now do the config file
*/
handle_lispd_config_file();
/*
* now build the v4/v6 receive sockets
*/
if (build_receive_sockets() == 0)
exit(EXIT_FAILURE);
/*
* create timers
*/
if ((map_register_timer_fd = timerfd_create(CLOCK_REALTIME, 0)) == -1)
syslog(LOG_INFO, "Could not create periodic map register timer");
/*
* see if we need to daemonize, and if so, do it
*/
if (daemonize) {
syslog(LOG_INFO, "Starting the daemonizing process");
if ((pid = fork()) < 0) {
exit(EXIT_FAILURE);
}
umask(0);
if (pid > 0)
exit(EXIT_SUCCESS);
if ((sid = setsid()) < 0)
exit(EXIT_FAILURE);
if ((chdir("/")) < 0)
exit(EXIT_FAILURE);
close(STDIN_FILENO);
close(STDOUT_FILENO);
close(STDERR_FILENO);
}
/* PN XXX
* comment out test definition to avoid any
* interactions with the data plane
*/
#define test
#ifdef test
int ret = register_lispd_process();
if (ret < 0) {
syslog(LOG_INFO, "Couldn't register lispd process, err: %d", ret);
exit(EXIT_FAILURE);
}
syslog(LOG_DAEMON, "Registered lispd with kernel module");
ret = install_database_mappings();
if (ret < 0) {
syslog(LOG_INFO, "Could not install database mappings, err: %d", ret);
exit(EXIT_FAILURE);
}
syslog(LOG_DAEMON, "Installed database mappings");
ret = install_map_cache_entries();
if (ret < 0) {
syslog(LOG_INFO, "Could not install static map-cache entries, err: %d", ret);
}
#endif
/*
* Dump routing table so we can get the gateway address for source routing
*/
if (!dump_routing_table(AF_INET, RT_TABLE_MAIN))
syslog(LOG_INFO, "Dumping main routing table failed");
/*
* Register to the Map-Server(s)
*/
if (!map_register(AF6_database))
syslog(LOG_INFO, "Could not map register AF_INET6 with Map Servers");
if (!map_register(AF4_database))
syslog(LOG_INFO, "Could not map register AF_INET with Map Servers");
event_loop();
syslog(LOG_INFO, "Exiting..."); /* event_loop returned bad */
closelog();
return(0);
}
static void get_netroutes(void) {
FILE *pnr=NULL;
char lbuf[1024], intf[32];
uint32_t dest, gw, refcnt, use, mask, irtt;
uint16_t metric, flags, window, mtu;
char destnet[128], gwstr[128], addstr[128];
int lineno=0;
pnr=fopen("/proc/net/route", "r");
if (pnr == NULL) {
ERR("cant open /proc/net/route: `%s'", strerror(errno));
exit(1);
}
rt=New_Patricia(128);
/*
* Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
* eth1 0045A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0
*/
for (lineno=0; fgets(lbuf, sizeof(lbuf) -1, pnr) != NULL; lineno++) {
if (lineno == 0) {
continue;
}
#if 0
#define RTF_UP 0x0001 /* route usable */
#define RTF_GATEWAY 0x0002 /* destination is a gateway */
#define RTF_HOST 0x0004 /* host entry (net otherwise) */
#define RTF_REINSTATE 0x0008 /* reinstate route after tmout */
#define RTF_DYNAMIC 0x0010 /* created dyn. (by redirect) */
#define RTF_MODIFIED 0x0020 /* modified dyn. (by redirect) */
#define RTF_MTU 0x0040 /* specific MTU for this route */
#define RTF_MSS RTF_MTU /* Compatibility :-( */
#define RTF_WINDOW 0x0080 /* per route window clamping */
#define RTF_IRTT 0x0100 /* Initial round trip time */
#define RTF_REJECT 0x0200 /* Reject route */
#endif
/* in de gw fl ref us me ma mt wi ir */
if (sscanf(lbuf, "%31s %x %x %hx %u %u %hu %x %hu %hu %u", intf, &dest, &gw, &flags, &refcnt, &use, &metric, &mask, &mtu, &window, &irtt) == 11) {
int mycidr=0;
strcpy(destnet, INT_NTOA(dest));
mycidr=masktocidr(mask);
strcpy(gwstr, INT_NTOA(gw));
if (flags & RTF_UP && mycidr > -1) {
sa_u s_u;
route_info_t ri_u;
ri_u.p=xmalloc(sizeof(*ri_u.info_s));
memset(ri_u.p, 0, sizeof(*ri_u.info_s));
ri_u.info_s->intf=xstrdup(intf);
ri_u.info_s->metric=metric; /* could only be 0xff anyhow */
ri_u.info_s->flags=flags;
if ((flags & RTF_GATEWAY) == RTF_GATEWAY) {
s_u.ss=&ri_u.info_s->gw;
s_u.sin->sin_addr.s_addr=gw;
s_u.sin->sin_family=AF_INET;
}
sprintf(addstr, "%s/%d", destnet, mycidr);
DBG("net %s via %s metric %u", addstr, (flags & RTF_GATEWAY) == 0 ? intf : gwstr, metric);
node=make_and_lookup(rt, addstr);
if (node == NULL) {
exit(1);
}
node->data=ri_u.p;
}
}
else {
ERR("can not parse `%s'", lbuf);
}
}
fclose(pnr);
need_netroutes=0;
return;
}
AddressResolution::AddressResolution() {
num_resolved_addresses = num_resolved_fails = 0;
ptree = New_Patricia(128);
}
void moloch_rules_load_rule(char *filename, YamlNode_t *parent)
{
char *name = moloch_rules_get_value(parent, "name");
if (!name)
LOGEXIT("%s: name required for rule", filename);
char *when = moloch_rules_get_value(parent, "when");
if (!when)
LOGEXIT("%s: when required for rule '%s'", filename, name);
char *bpf = moloch_rules_get_value(parent, "bpf");
GPtrArray *fields = moloch_rules_get_values(parent, "fields");
char *expression = moloch_rules_get_value(parent, "expression");
if (!bpf && !fields && !expression)
LOGEXIT("%s: bpf, fields, or expressions required for rule '%s'", filename, name);
if ((bpf && fields) || (bpf && expression) || (fields && expression))
LOGEXIT("%s: Only one of bpf, fields, or expressions can be set for rule '%s'", filename, name);
GPtrArray *ops = moloch_rules_get_values(parent, "ops");
if (!ops)
LOGEXIT("%s: ops required for rule '%s'", filename, name);
if (expression) {
LOGEXIT("Currently don't support expression, hopefully soon!");
}
int type;
int saveFlags = 0;
if (strcmp(when, "everyPacket") == 0) {
type = MOLOCH_RULE_TYPE_EVERY_PACKET;
if (!bpf)
LOGEXIT("%s: everyPacket only supports bpf", filename);
} else if (strcmp(when, "sessionSetup") == 0) {
type = MOLOCH_RULE_TYPE_SESSION_SETUP;
} else if (strcmp(when, "afterClassify") == 0) {
type = MOLOCH_RULE_TYPE_AFTER_CLASSIFY;
if (bpf)
LOGEXIT("%s: %s doesn't support bpf", filename, when);
} else if (strcmp(when, "fieldSet") == 0) {
type = MOLOCH_RULE_TYPE_FIELD_SET;
if (bpf)
LOGEXIT("%s: %s doesn't support bpf", filename, when);
} else if (strcmp(when, "beforeMiddleSave") == 0) {
type = MOLOCH_RULE_TYPE_BEFORE_SAVE;
saveFlags = 1;
if (bpf)
LOGEXIT("%s: %s doesn't support bpf", filename, when);
} else if (strcmp(when, "beforeFinalSave") == 0) {
type = MOLOCH_RULE_TYPE_BEFORE_SAVE;
saveFlags = 2;
if (bpf)
LOGEXIT("%s: %s doesn't support bpf", filename, when);
} else if (strcmp(when, "beforeBothSave") == 0) {
type = MOLOCH_RULE_TYPE_BEFORE_SAVE;
saveFlags = 3;
if (bpf)
LOGEXIT("%s: %s doesn't support bpf", filename, when);
} else {
LOGEXIT("%s: Unknown when '%s'", filename, when);
}
if (loading.rulesLen[type] >= MOLOCH_RULES_MAX)
LOGEXIT("Too many %s rules", when);
int n = loading.rulesLen[type]++;
MolochRule_t *rule = loading.rules[type][n] = MOLOCH_TYPE_ALLOC0(MolochRule_t);
rule->filename = filename;
rule->saveFlags = saveFlags;
if (bpf)
rule->bpf = g_strdup(bpf);
if (fields) {
int i;
rule->fields = malloc((int)fields->len * 2);
for (i = 0; i < (int)fields->len; i++) {
YamlNode_t *node = g_ptr_array_index(fields, i);
int pos = moloch_field_by_exp(node->key);
if (pos == -1)
LOGEXIT("%s Couldn't find field '%s'", filename, node->key);
rule->fields[(int)rule->fieldsLen++] = pos;
switch (config.fields[pos]->type) {
case MOLOCH_FIELD_TYPE_INT:
case MOLOCH_FIELD_TYPE_INT_ARRAY:
case MOLOCH_FIELD_TYPE_INT_HASH:
case MOLOCH_FIELD_TYPE_INT_GHASH:
rule->hash[pos] = g_hash_table_new_full(NULL, NULL, NULL, NULL);
break;
case MOLOCH_FIELD_TYPE_IP:
case MOLOCH_FIELD_TYPE_IP_GHASH:
rule->tree4[pos] = New_Patricia(32);
rule->tree6[pos] = New_Patricia(128);
break;
case MOLOCH_FIELD_TYPE_STR:
case MOLOCH_FIELD_TYPE_STR_ARRAY:
case MOLOCH_FIELD_TYPE_STR_HASH:
case MOLOCH_FIELD_TYPE_STR_GHASH:
rule->hash[pos] = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, g_free);
break;
case MOLOCH_FIELD_TYPE_CERTSINFO:
LOGEXIT("%s: Currently don't support any certs fields", filename);
}
if (node->value)
moloch_rules_load_add_field(rule, pos, node->value);
else {
int j;
for (j = 0; j < (int)node->values->len; j++) {
YamlNode_t *fnode = g_ptr_array_index(node->values, j);
moloch_rules_load_add_field(rule, pos, fnode->key);
}
}
}
}
moloch_field_ops_init(&rule->ops, ops->len, MOLOCH_FIELD_OPS_FLAGS_COPY);
int i;
for (i = 0; i < (int)ops->len; i++) {
YamlNode_t *node = g_ptr_array_index(ops, i);
int pos = moloch_field_by_exp(node->key);
if (pos == -1)
LOGEXIT("%s Couldn't find field '%s'", filename, node->key);
moloch_field_ops_add(&rule->ops, pos, node->value, strlen(node->value));
}
}
void moloch_rules_load_add_field(MolochRule_t *rule, int pos, char *key)
{
uint32_t n;
char *key2;
GPtrArray *rules;
patricia_node_t *node;
config.fields[pos]->ruleEnabled = 1;
switch (config.fields[pos]->type) {
case MOLOCH_FIELD_TYPE_INT:
case MOLOCH_FIELD_TYPE_INT_ARRAY:
case MOLOCH_FIELD_TYPE_INT_HASH:
case MOLOCH_FIELD_TYPE_INT_GHASH:
if (!loading.fieldsHash[pos])
loading.fieldsHash[pos] = g_hash_table_new_full(NULL, NULL, NULL, moloch_rules_free_array);
n = atoi(key);
g_hash_table_add(rule->hash[pos], (void *)(long)n);
rules = g_hash_table_lookup(loading.fieldsHash[pos], (void *)(long)n);
if (!rules) {
rules = g_ptr_array_new();
g_hash_table_insert(loading.fieldsHash[pos], (void *)(long)n, rules);
}
g_ptr_array_add(rules, rule);
break;
case MOLOCH_FIELD_TYPE_IP:
case MOLOCH_FIELD_TYPE_IP_GHASH:
if (!loading.fieldsTree4[pos]) {
loading.fieldsTree4[pos] = New_Patricia(32);
loading.fieldsTree6[pos] = New_Patricia(128);
}
if (strchr(key, '.') != 0) {
make_and_lookup(rule->tree4[pos], key);
node = make_and_lookup(loading.fieldsTree4[pos], key);
} else {
make_and_lookup(rule->tree6[pos], key);
node = make_and_lookup(loading.fieldsTree6[pos], key);
}
if (node->data) {
rules = node->data;
} else {
node->data = rules = g_ptr_array_new();
}
g_ptr_array_add(rules, rule);
break;
case MOLOCH_FIELD_TYPE_STR:
case MOLOCH_FIELD_TYPE_STR_ARRAY:
case MOLOCH_FIELD_TYPE_STR_HASH:
case MOLOCH_FIELD_TYPE_STR_GHASH:
if (!loading.fieldsHash[pos])
loading.fieldsHash[pos] = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, moloch_rules_free_array);
key2 = g_strdup(key);
if (!g_hash_table_add(rule->hash[pos], key2))
g_free(key2);
rules = g_hash_table_lookup(loading.fieldsHash[pos], key);
if (!rules) {
rules = g_ptr_array_new();
g_hash_table_insert(loading.fieldsHash[pos], g_strdup(key), rules);
}
g_ptr_array_add(rules, rule);
break;
}
}
int
main (int argc, char ** argv)
{
int ret, q, rq, lq, n, ch, mac[ETH_ALEN];
char * rif, * lif; /* right/left interfaces */
struct vnfin vi;
struct in_addr acladdr;
__u8 len;
q = 256; /* all CPUs */
rif = lif = NULL;
verbose = 0;
tree = New_Patricia (32);
memset (&vi, 0, sizeof (vi));
while ((ch = getopt (argc, argv, "r:l:q:R:L:a:e:")) != -1) {
switch (ch) {
case 'r' :
rif = optarg;
break;
case 'l' :
lif = optarg;
break;
case 'q' :
q = atoi (optarg);
break;
case 'v' :
verbose = 1;
break;
case 'L' :
sscanf (optarg, "%02x:%02x:%02x:%02x:%02x:%02x",
&mac[0], &mac[1], &mac[2],
&mac[3], &mac[4], &mac[5]);
MACCOPY (mac, vi.lmac);
break;
case 'R' :
sscanf (optarg, "%02x:%02x:%02x:%02x:%02x:%02x",
&mac[0], &mac[1], &mac[2],
&mac[3], &mac[4], &mac[5]);
MACCOPY (mac, vi.rmac);
break;
case 'a' :
D ("install ACL Entry %s", optarg);
ret = split_prefixlen (optarg, &acladdr, &len);
if (!ret) {
D ("invalid prefix %s\n", optarg);
return -1;
}
add_patricia_entry (tree, &acladdr, len, main);
break;
case 'e' :
vale_rings = atoi (optarg);
if (vale_rings > 4) {
D ("vale ring should be smaller than 4");
return -1;
}
break;
default :
usage ();
return -1;
}
}
if (rif == NULL || lif == NULL) {
usage ();
return -1;
}
rq = nm_get_ring_num (rif, NM_DIR_RX);
lq = nm_get_ring_num (lif, NM_DIR_RX);
if (rq < 0 || lq < 0) {
D ("failed to get ring number");
return -1;
}
D ("rq=%d, lq=%d", rq, lq);
D ("Change Mac Left %02x:%02x:%02x:%02x:%02x:%02x <-> "
"%02x:%02x:%02x:%02x:%02x:%02x",
vi.lmac[0], vi.lmac[1], vi.lmac[2],
vi.lmac[3], vi.lmac[4], vi.lmac[5],
vi.rmac[0], vi.rmac[1], vi.rmac[2],
vi.rmac[3], vi.rmac[4], vi.rmac[5]);
/* asign processing threads */
rq = (rq < q) ? rq : q;
lq = (lq < q) ? lq : q;
/* start threads from right to left */
for (n = 0; n < rq; n++) {
struct vnfapp * va;
va = (struct vnfapp *) malloc (sizeof (struct vnfapp));
memset (va, 0, sizeof (struct vnfapp));
struct vnfin * v;
v = (struct vnfin *) malloc (sizeof (struct vnfin));
memcpy (v, &vi, sizeof (struct vnfin));
SET_R2L (v);
va->data = v;
va->rx_q = n;
va->tx_q = n % lq;
va->rx_if = rif;
va->tx_if = lif;
va->rx_fd = nm_vl_rx_ring (rif, va->rx_q, &va->rx_ring);
va->tx_fd = nm_vl_tx_ring (lif, va->tx_q, &va->tx_ring);
pthread_create (&va->tid, NULL, processing_thread, va);
}
/* start threads from left to right */
for (n = 0; n < lq; n++) {
struct vnfapp * va;
va = (struct vnfapp *) malloc (sizeof (struct vnfapp));
memset (va, 0, sizeof (struct vnfapp));
struct vnfin * v;
v = (struct vnfin *) malloc (sizeof (struct vnfin));
memcpy (v, &vi, sizeof (struct vnfin));
SET_L2R (v);
va->data = v;
va->rx_q = n;
va->tx_q = n % rq;
va->rx_if = lif;
va->tx_if = rif;
va->rx_fd = nm_vl_rx_ring (lif, va->rx_q, &va->rx_ring);
va->tx_fd = nm_vl_tx_ring (rif, va->tx_q, &va->tx_ring);
pthread_create (&va->tid, NULL, processing_thread, va);
}
while (1)
sleep (100);
return 0;
}
Ntop::Ntop(char *appName) {
globals = new NtopGlobals();
pa = new PeriodicActivities();
address = new AddressResolution();
categorization = NULL;
httpbl = NULL;
custom_ndpi_protos = NULL;
prefs = NULL, redis = NULL;
num_defined_interfaces = 0;
local_interface_addresses = New_Patricia(128);
export_interface = NULL;
historical_interface_id = -1;
start_time = 0; /* It will be initialized by start() */
memset(iface, 0, sizeof(iface));
httpd = NULL, runtimeprefs = NULL, geo = NULL;
#ifdef WIN32
if(SHGetFolderPath(NULL, CSIDL_PERSONAL, NULL,
SHGFP_TYPE_CURRENT, working_dir) != S_OK) {
strcpy(working_dir, "C:\\Windows\\Temp" /* "\\ntopng" */); // Fallback: it should never happen
}
// Get the full path and filename of this program
if(GetModuleFileName(NULL, startup_dir, sizeof(startup_dir)) == 0) {
startup_dir[0] = '\0';
} else {
for(int i=(int)strlen(startup_dir)-1; i>0; i--)
if(startup_dir[i] == '\\') {
startup_dir[i] = '\0';
break;
}
}
dirs[0] = startup_dir;
strcpy(install_dir, startup_dir);
#else
snprintf(working_dir, sizeof(working_dir), "%s/ntopng", CONST_DEFAULT_WRITABLE_DIR);
umask (0);
mkdir(working_dir, 0777);
if(getcwd(startup_dir, sizeof(startup_dir)) == NULL)
ntop->getTrace()->traceEvent(TRACE_ERROR, "Occurred while checking the current directory (errno=%d)", errno);
dirs[0] = startup_dir;
install_dir[0] = '\0';
for(int i=0; dirs[i] != NULL; i++) {
char path[MAX_PATH];
struct stat statbuf;
snprintf(path, sizeof(path), "%s/scripts/lua/index.lua", dirs[i]);
fixPath(path);
if(stat(path, &statbuf) == 0) {
strcpy(install_dir, dirs[i]);
break;
}
}
#endif
// printf("--> %s [%s]\n", startup_dir, appName);
initTimezone();
}
void
route_table_init(struct route_table *rt)
{
rt->ipv4_table = New_Patricia(32);
rt->ipv6_table = New_Patricia(128);
}