extern "C" int nblink_initialize(void)
{
char ErrBuf[ERRBUF_SIZE + 1];
int NetPDLProtoDBFlags = nbPROTODB_FULL;
int NetPDLDecoderFlags = nbDECODER_GENERATEPDML_COMPLETE;
int ShowNetworkNames = 0;
char* NetPDLFileName = (char*) NETPDLDIR"/"NETPDLFILE;
struct stat netpdlstat;
pkhdr = new struct pcap_pkthdr;
if (nbIsInitialized() == nbFAILURE)
{
if (stat(NETPDLFILE, &netpdlstat) > 0 || errno != ENOENT)
{
NetPDLFileName += sizeof(NETPDLDIR) + 1 - 1; /* null char and '/' cancel out */
}
if (nbInitialize(NetPDLFileName, NetPDLProtoDBFlags, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
return nbFAILURE;
}
}
Decoder= nbAllocatePacketDecoder(NetPDLDecoderFlags, ErrBuf, sizeof(ErrBuf));
if (Decoder == NULL)
{
printf("Error creating the NetPDLParser: %s.\n", ErrBuf);
return nbFAILURE;
}
// Get the PacketDecoderVars; let's do the check, although it is not really needed
if ((PacketDecoderVars= Decoder->GetPacketDecoderVars()) == NULL)
{
printf("Error: cannot get an instance of the nbPacketDecoderVars class.\n");
return nbFAILURE;
}
// Set the appropriate NetPDL configuration variables
// PacketDecoderVars->SetVariableNumber((char*) NETPDL_VARIABLE_SHOWNETWORKNAMES, ShowNetworkNames);
if (PacketDecoderVars->SetVariableNumber((char*) NETPDL_VARIABLE_SHOWNETWORKNAMES, ShowNetworkNames)==nbFAILURE)
{
printf("Error: cannot set variables of the decoder properly.\n");
return nbFAILURE;
}
PDMLReader = Decoder->GetPDMLReader();
return 0;
}
int main(int argc, char *argv[])
{
char ErrBuf[1024];
nbPacketDecoder *Decoder;
nbPacketDumpFilePcap* PcapPacketDumpFile;
nbNetPDLLinkLayer_t LinkLayerType;
unsigned long PacketCounter= 0;
char *PSMLAsciiBuffer;
int PSMLElements;
nbPSMLReader *PSMLReader;
int Res;
if (ParseCommandLine(argc, argv) == nbFAILURE)
return nbFAILURE;
printf("\n\nLoading NetPDL protocol database...\n");
Res= nbInitialize(NetPDLFileName, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf) );
if (Res == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
printf("\n\nUsing the NetPDL database embedded in the NetBee library instead.\n");
}
// In case the NetBee library has not been initialized,
// initialize right now with the embedded NetPDL protocol database instead
if (nbIsInitialized() == nbFAILURE)
{
if (nbInitialize(NULL, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
return nbFAILURE;
}
}
printf("NetPDL Protocol database loaded.\n");
Decoder= nbAllocatePacketDecoder(nbDECODER_GENERATEPDML_COMPLETE |
nbDECODER_GENERATEPSML | nbDECODER_KEEPALLPSML | nbDECODER_KEEPALLPDML, ErrBuf, sizeof(ErrBuf));
// Create a NetPDL Parser to decode packet
if (Decoder == NULL)
{
printf("Error creating the NetPDLParser: %s.\n", ErrBuf);
return nbFAILURE;
}
// Allocate a pcap dump file reader
if ((PcapPacketDumpFile= nbAllocatePacketDumpFilePcap(ErrBuf, sizeof(ErrBuf))) == NULL)
{
printf("Error creating the PcapPacketDumpFile: %s.\n", ErrBuf);
return nbFAILURE;
}
// Open the pcap file
if (PcapPacketDumpFile->OpenDumpFile(CaptureFileName, 0) == nbFAILURE)
{
printf("%s", PcapPacketDumpFile->GetLastError());
return nbFAILURE;
}
// Get the link layer type (will be used in the decoding process)
if (PcapPacketDumpFile->GetLinkLayerType(LinkLayerType) == nbFAILURE)
{
printf("%s", PcapPacketDumpFile->GetLastError());
return nbFAILURE;
}
printf("\n\n==========================================================================\n");
printf("Printing PSML data as soon as it gets decoded.\n\n");
// Create a new PSML Manager to get data from NetBeePacketDecoder
PSMLReader= Decoder->GetPSMLReader();
if (PSMLReader == NULL)
{
printf("PSMLReader initialization failed: %s\n", Decoder->GetLastError() );
return nbFAILURE;
}
PSMLElements= PSMLReader->GetSummary(&PSMLAsciiBuffer);
if (PSMLElements == nbFAILURE)
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
while (1)
{
int RetVal;
struct pcap_pkthdr *PktHeader;
const unsigned char *PktData;
RetVal= PcapPacketDumpFile->GetNextPacket(&PktHeader, &PktData);
if (RetVal == nbWARNING)
break; // capture file ended
if (RetVal == nbFAILURE)
{
printf("Cannot read from the capture source file: %s\n", PcapPacketDumpFile->GetLastError() );
return nbFAILURE;
}
PacketCounter++;
// Decode packet
if (Decoder->DecodePacket(LinkLayerType, PacketCounter, PktHeader, PktData) == nbFAILURE)
{
printf("\nError decoding a packet %s\n\n", Decoder->GetLastError());
return nbFAILURE;
}
// Get the current item in PSML format and print it on screen
PSMLElements= PSMLReader->GetCurrentPacket(&PSMLAsciiBuffer);
if (PSMLElements == nbFAILURE)
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError());
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
}
// Dump PSML file to disk
if (PSMLReader->SaveDocumentAs(PSML_TEMPFILENAME) == nbFAILURE)
{
printf("%s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
printf("\n\n==========================================================================\n");
printf("Now printing PSML data reading everything from file, through the decoder.\n\n");
PSMLElements= PSMLReader->GetSummary(&PSMLAsciiBuffer);
if (PSMLElements == nbFAILURE)
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
for (unsigned long i= 1; i <= PacketCounter; i++)
{
// Get the current item in PSML format and print it on screen
PSMLElements= PSMLReader->GetPacket(i, &PSMLAsciiBuffer);
if ((PSMLElements == nbFAILURE) || (PSMLElements == nbWARNING))
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
}
// Delete the decoder; is is no longer in use
// The decoder will delete also the PSMLReader.
nbDeallocatePacketDecoder(Decoder);
printf("\n\n==========================================================================\n");
printf("Now printing PSML data reading everything directly from file.\n\n");
PSMLReader= nbAllocatePSMLReader((char*) PSML_TEMPFILENAME, ErrBuf, sizeof(ErrBuf));
if (PSMLReader == NULL)
{
printf("PSMLReader creation failed: %s\n", ErrBuf);
return nbFAILURE;
}
PSMLElements= PSMLReader->GetSummary(&PSMLAsciiBuffer);
if (PSMLElements == nbFAILURE)
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
for (unsigned long i= 1; i <= PacketCounter; i++)
{
// Get the current item in PSML format and print it on screen
PSMLElements= PSMLReader->GetPacket(i, &PSMLAsciiBuffer);
if ((PSMLElements == nbFAILURE) || (PSMLElements == nbWARNING))
{
printf("Reading summary from PSMLReader failed %s\n", PSMLReader->GetLastError() );
return nbFAILURE;
}
PrintPSMLBuffer(PSMLAsciiBuffer, PSMLElements);
}
nbDeallocatePSMLReader(PSMLReader);
// NetBee cleanup
nbCleanup();
// Remove temporary file
remove(PSML_TEMPFILENAME);
return nbSUCCESS;
}
extern "C" int nblink_initialize(void)
{
char ErrBuf[ERRBUF_SIZE + 1];
int NetPDLProtoDBFlags = nbPROTODB_MINIMAL;
int NetPDLDecoderFlags = nbDECODER_GENERATEPDML;
int ShowNetworkNames = 0;
char* NetPDLFileName = (char*) NETPDLDIR"/"NETPDLFILE;
struct stat netpdlstat;
struct sigaction sa;
/* Set up signal handler. */
memset(&sa, 0, sizeof sa);
sa.sa_handler = sigint_handler;
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESTART;
if (sigaction(SIGINT, &sa, NULL)) {
ofp_fatal(errno, "sigterm(SIGINT) failed");
}
pkhdr = new struct pcap_pkthdr;
if (nbIsInitialized() == nbFAILURE)
{
if (stat(NETPDLFILE, &netpdlstat) > 0 || errno != ENOENT)
{
NetPDLFileName += sizeof(NETPDLDIR) + 1 - 1; /* null char and '/' cancel out */
}
if (nbInitialize(NetPDLFileName, NetPDLProtoDBFlags, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
return nbFAILURE;
}
}
Decoder= nbAllocatePacketDecoder(NetPDLDecoderFlags, ErrBuf, sizeof(ErrBuf));
if (Decoder == NULL)
{
printf("Error creating the NetPDLParser: %s.\n", ErrBuf);
return nbFAILURE;
}
// Get the PacketDecoderVars; let's do the check, although it is not really needed
if ((PacketDecoderVars= Decoder->GetPacketDecoderVars()) == NULL)
{
printf("Error: cannot get an instance of the nbPacketDecoderVars class.\n");
return nbFAILURE;
}
// Set the appropriate NetPDL configuration variables
// PacketDecoderVars->SetVariableNumber((char*) NETPDL_VARIABLE_SHOWNETWORKNAMES, ShowNetworkNames);
if (PacketDecoderVars->SetVariableNumber((char*) NETPDL_VARIABLE_SHOWNETWORKNAMES, ShowNetworkNames)==nbFAILURE)
{
printf("Error: cannot set variables of the decoder properly.\n");
return nbFAILURE;
}
PDMLReader = Decoder->GetPDMLReader();
return 0;
}
int main(int argc, char* argv[])
{
char ErrBuf[PCAP_ERRBUF_SIZE + 1] = "";
int Res; // Generic Variable for return code
// Pcap related structures
char pcapSourceName[2048] = "";
pcap_t *PcapHandle = NULL;
// Data for parsing packets and extracting fields
nbPacketEngine *PacketEngine;
nbExtractedFieldsReader* FieldReader;
_nbExtractedFieldsDescriptorVector *Descriptors;
nbNetPDLUtils* NetPDLUtils;
int PacketCounter;
int AcceptedPkts;
if (ParseCommandLine(argc, argv) == nbFAILURE)
return nbFAILURE;
fprintf(stderr, "\nLoading NetPDL protocol database...\n");
if (ConfigParams.NetPDLFileName)
{
int Res;
Res= nbInitialize(ConfigParams.NetPDLFileName, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf) );
if (Res == nbFAILURE)
{
fprintf(stderr, "Error initializing the NetBee Library: %s\n", ErrBuf);
fprintf(stderr, "Trying to use the NetPDL database embedded in the NetBee library instead.\n");
}
}
// In case the NetBee library has not been initialized
// initialize right now with the embedded NetPDL protocol database instead
// Previous initialization may fail because the NetPDL file has errors, or because it is missing,
// or because the user didn't specify a NetPDL file
if (nbIsInitialized() == nbFAILURE)
{
if (nbInitialize(NULL, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
fprintf(stderr, "Error initializing the NetBee Library: %s\n", ErrBuf);
return nbFAILURE;
}
}
fprintf(stderr, "NetPDL Protocol database loaded.\n\n");
PacketEngine= nbAllocatePacketEngine(ConfigParams.UseJit, ErrBuf, sizeof(ErrBuf));
if (PacketEngine == NULL)
{
fprintf(stderr, "Error retrieving the PacketEngine: %s", ErrBuf);
return nbFAILURE;
}
fprintf(stderr, "Compiling filter \'%s\'...\n", ConfigParams.NetPFLExtractString);
Res= PacketEngine->Compile((char* ) ConfigParams.NetPFLExtractString, nbNETPDL_LINK_LAYER_ETHERNET);
if (Res == nbFAILURE)
{
fprintf(stderr, "Error compiling the filter '%s': %s", ConfigParams.NetPFLExtractString, PacketEngine->GetLastError());
return nbFAILURE;
}
if (PacketEngine->InitNetVM(nbNETVM_CREATION_FLAG_COMPILEANDEXECUTE)== nbFAILURE)
{
fprintf(stderr, "Error initializing the netVM : %s", PacketEngine->GetLastError());
return nbFAILURE;
}
if (ConfigParams.CaptureFileName)
{
// Let's set the source file
if ((PcapHandle= pcap_open_offline(ConfigParams.CaptureFileName, ErrBuf)) == NULL)
{
fprintf(stderr, "Cannot open the capture source file: %s\n", ErrBuf);
return nbFAILURE;
}
}
else
{
// Let's set the device
if ((PcapHandle= pcap_open_live(ConfigParams.AdapterName, 65535 /*snaplen*/,
ConfigParams.PromiscuousMode, 1000 /* read timeout in ms */, ErrBuf)) == NULL)
{
fprintf(stderr, "Cannot open the capture interface: %s\n", ErrBuf);
return nbFAILURE;
}
}
if (ConfigParams.CaptureFileName == NULL)
fprintf(stderr, "\nReading network packets from interface: %s \n\n", ConfigParams.AdapterName);
else
fprintf(stderr, "\nReading network packets from file: %s \n\n", ConfigParams.CaptureFileName);
fprintf(stderr, "===============================================================================\n");
// Initialize packet counters
PacketCounter= 0;
AcceptedPkts= 0;
// Initialize classes for packet processing
NetPDLUtils= nbAllocateNetPDLUtils(ErrBuf, sizeof(ErrBuf));
FieldReader= PacketEngine->GetExtractedFieldsReader();
// Get the DescriptorVector of fields that will be extracted from each packet
Descriptors=FieldReader->GetFields();
CMeasurement ElapsedTime;
ElapsedTime.Start();
while (1)
{
struct pcap_pkthdr *PktHeader;
const unsigned char *PktData;
int RetVal;
int Result;
RetVal= pcap_next_ex(PcapHandle, &PktHeader, &PktData);
if (RetVal == -2)
break; // capture file ended
if (RetVal < 0)
{
fprintf(stderr, "Cannot read packet: %s\n", pcap_geterr(PcapHandle));
return nbFAILURE;
}
// Timeout expired
if (RetVal == 0)
continue;
PacketCounter++;
Result= PacketEngine->ProcessPacket(PktData, PktHeader->len);
if (Result != nbFAILURE)
{
AcceptedPkts++;
printf("Packet %d Timestap %d.%d\n", PacketCounter, (int) PktHeader->ts.tv_sec, (int) PktHeader->ts.tv_usec);
for (int j=0; j < Descriptors->NumEntries; j++)
{
char FormattedField[1024];
_nbExtractedFieldsDescriptor FieldDescriptor;
FieldDescriptor= Descriptors->FieldDescriptor[j];
switch (FieldDescriptor.FieldType)
{
case PDL_FIELD_TYPE_ALLFIELDS:
{
};
break;
case PDL_FIELD_TYPE_BIT:
{
};
break;
default:
{
if (FieldDescriptor.Valid)
{
if (FieldDescriptor.Length > MAX_FIELD_SIZE)
{
fprintf(stderr, "The field size is larger than the max value allowed in this program.");
return nbFAILURE;
}
// If the raw packet dump is enough for you, you can get rid off this function
Res= NetPDLUtils->FormatNetPDLField(FieldDescriptor.Proto, FieldDescriptor.Name,
PktData + FieldDescriptor.Offset, FieldDescriptor.Length, FormattedField,
sizeof(FormattedField));
if (Res == nbSUCCESS)
{
printf("\t%s.%s: offset=%d len=%d value=%s\n", FieldDescriptor.Proto,FieldDescriptor.Name,
FieldDescriptor.Offset, FieldDescriptor.Length, FormattedField);
}
}
else
{
printf("\t%s.%s: offset= * len= * value= *\n", FieldDescriptor.Proto,FieldDescriptor.Name);
}
}
}
}
}
}
ElapsedTime.EndAndPrint();
fprintf(stderr, "\n\nThe filter accepted %d out of %d packets\n", AcceptedPkts, PacketCounter);
if (PcapHandle)
pcap_close(PcapHandle);
nbDeallocatePacketEngine(PacketEngine);
nbCleanup();
return nbSUCCESS;
}
int main(int argc, char *argv[])
{
char ErrorMsg[1024];
nbPacketDecoder *Decoder;
nbPacketDumpFilePcap* PcapPacketDumpFile;
nbNetPDLLinkLayer_t LinkLayerType;
unsigned long PacketCounter= 0;
nbPDMLReader *PDMLReader;
//char Buffer[2048];
char ProtoName[2048];
char FieldName[2048];
char ErrBuf[2048];
int Res;
int i, ProtoNameLength;
if (ParseCommandLine(argc, argv) == nbFAILURE)
return nbFAILURE;
//printf("\nEnter the protocol and field you want to look at (default: 'ip.src'):\n ");
//fgets(Buffer, sizeof(Buffer), stdin);
//// fgets reads also the newline character, so we have to reset it
//Buffer[strlen(Buffer) - 1]= 0;
// In case the user enters a given field, let's copy it within the proper variables
// Let's copy the fieldname into the proper variables
i=0;
while ( (ProtoAndFieldName[i]) && (ProtoAndFieldName[i] != '.') && (i < (sizeof(ProtoName) - 1)) )
{
ProtoName[i]= ProtoAndFieldName[i];
i++;
}
ProtoName[i]= 0;
ProtoNameLength= i;
i=0;
while ( (ProtoAndFieldName[ProtoNameLength + i + 1]) && (i < (sizeof(FieldName) - 1)) )
{
FieldName[i]= ProtoAndFieldName[ProtoNameLength + i + 1];
i++;
}
FieldName[i]= 0;
printf("\n\nLoading NetPDL protocol database...\n");
Res= nbInitialize(NetPDLFileName, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf) );
if (Res == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
printf("\n\nUsing the NetPDL database embedded in the NetBee library instead.\n");
}
// In case the NetBee library has not been initialized,
// initialize right now with the embedded NetPDL protocol database instead
if (nbIsInitialized() == nbFAILURE)
{
if (nbInitialize(NULL, nbPROTODB_FULL, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
return nbFAILURE;
}
}
printf("NetPDL Protocol database loaded.\n");
Decoder= nbAllocatePacketDecoder(nbDECODER_GENERATEPDML_COMPLETE |
nbDECODER_GENERATEPSML | nbDECODER_KEEPALLPSML | nbDECODER_KEEPALLPDML, ErrorMsg, sizeof(ErrorMsg));
// Create a NetPDL Parser to decode packet
if (Decoder == NULL)
{
printf("Error creating the NetPDLParser: %s.\n", ErrorMsg);
return nbFAILURE;
}
// Allocate a pcap dump file reader
if ((PcapPacketDumpFile= nbAllocatePacketDumpFilePcap(ErrBuf, sizeof(ErrBuf))) == NULL)
{
printf("Error creating the PcapPacketDumpFile: %s.\n", ErrBuf);
return nbFAILURE;
}
// Open the pcap file
if (PcapPacketDumpFile->OpenDumpFile(CaptureFileName, 0) == nbFAILURE)
{
printf("%s", PcapPacketDumpFile->GetLastError());
return nbFAILURE;
}
// Get the link layer type (will be used in the decoding process)
if (PcapPacketDumpFile->GetLinkLayerType(LinkLayerType) == nbFAILURE)
{
printf("%s", PcapPacketDumpFile->GetLastError());
return nbFAILURE;
}
printf("\n\n==========================================================================\n");
printf("Printing PDML fields values data as soon as packets get decoded.\n\n");
// Get a new PDML Manager
PDMLReader= Decoder->GetPDMLReader();
// Initialize the PDMLReader to get data from NetBeePacketDecoder
if (PDMLReader == NULL)
{
printf("PDMLReader initialization failed: %s\n", Decoder->GetLastError() );
return nbFAILURE;
}
while (1)
{
int RetVal;
struct pcap_pkthdr *PktHeader;
const unsigned char *PktData;
struct _nbPDMLField *PDMLField;
RetVal= PcapPacketDumpFile->GetNextPacket(&PktHeader, &PktData);
if (RetVal == nbWARNING)
break; // capture file ended
if (RetVal == nbFAILURE)
{
printf("Cannot read from the capture source file: %s\n", PcapPacketDumpFile->GetLastError() );
return nbFAILURE;
}
PacketCounter++;
// Decode packet
if (Decoder->DecodePacket(LinkLayerType, PacketCounter, PktHeader, PktData) == nbFAILURE)
{
printf("\nError decoding a packet %s\n\n", Decoder->GetLastError());
return nbFAILURE;
}
PDMLField= NULL;
// Please remember that this loop is usually executed twice
// In fact, if the selected field is found in the packet, we have to repeat the loop to see if
// another instance of that field is still there.
// In case there is not another instance of that field, the second iteration goes into the
// nbWARNING part, and then it exits.
while (1)
{
int Ret;
Ret= PDMLReader->GetPDMLField(ProtoName, FieldName, PDMLField, &PDMLField);
if (Ret == nbSUCCESS)
{
printf("The value of field '%s.%s' is %s\n", ProtoName, FieldName, PDMLField->ShowValue);
continue;
}
if (Ret == nbFAILURE)
{
printf("Field '%s.%s' not found in packet #%ld. Is protocol '%s' present in packet #%ld? (NetBee returned error: %s)\n\n",
ProtoName, FieldName, PacketCounter, ProtoName, PacketCounter, PDMLReader->GetLastError());
break;
}
if (Ret == nbWARNING)
break;
}
}
// Dump PDML file to disk
if (PDMLReader->SaveDocumentAs(PDML_TEMPFILENAME) == nbFAILURE)
printf("%s\n", PDMLReader->GetLastError() );
// Delete the decoder; is is no longer in use
// The decoder will delete also the PDMLReader.
nbDeallocatePacketDecoder(Decoder);
printf("\n\n==========================================================================\n");
printf("Now printing PDML field values by reading PDML packets from file.\n\n");
PDMLReader= nbAllocatePDMLReader((char*) PDML_TEMPFILENAME, ErrorMsg, sizeof(ErrorMsg));
if (PDMLReader == NULL)
{
printf("PDMLReader creation failed: %s\n", ErrorMsg);
return nbFAILURE;
}
for (unsigned long i= 1; i <= PacketCounter; i++)
{
struct _nbPDMLField *PDMLField;
PDMLField= NULL;
while (1)
{
int Ret;
Ret= PDMLReader->GetPDMLField(i, ProtoName, FieldName, PDMLField, &PDMLField);
if (Ret == nbSUCCESS)
{
printf("The value of field '%s.%s' is %s\n", ProtoName, FieldName, PDMLField->ShowValue);
continue;
}
if (Ret == nbFAILURE)
{
printf("Field '%s.%s' not found in packet #%ld. Is protocol '%s' present in packet #%ld? (NetBee returned error: %s)\n\n",
ProtoName, FieldName, i, ProtoName, i, PDMLReader->GetLastError());
break;
}
if (Ret == nbWARNING)
break;
}
}
nbDeallocatePDMLReader(PDMLReader);
// NetBee cleanup
nbCleanup();
// Remove temporary file
remove(PDML_TEMPFILENAME);
return nbSUCCESS;
}
int main(int argc, char *argv[])
{
nbPacketCapture *PacketCapture;
nbNetVmPortLocalAdapter *DeviceList, *TargetDestDevice;
int IfNumber;
int IfChosen;
char ReadMethod;
bool ReceiveFromCallback;
char FilterString[2048];
char ErrBuf[2048];
Usage();
printf("\n...Loading NetPDL protocol database.\n");
if (argc == 2)
{
int Res;
Res= nbInitialize(argv[1], ErrBuf, sizeof(ErrBuf) );
if (Res == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
printf("\n\nUsing the NetPDL database embedded in the NetBee library instead.\n");
}
}
// In case the NetBee library has not been initialized, initialize right now with the embedded NetPDL protocol database instead
if (nbIsInitialized() == nbFAILURE)
{
if (nbInitialize(NULL, ErrBuf, sizeof(ErrBuf)) == nbFAILURE)
{
printf("Error initializing the NetBee Library; %s\n", ErrBuf);
return nbFAILURE;
}
}
printf("...NetPDL Protocol database loaded.\n\n");
PacketCapture= new nbPacketCapture;
if (PacketCapture == NULL)
{
printf("Error creating the nbPacketCapture class\n");
goto end;
}
DeviceList= PacketCapture->GetListLocalAdapters();
if (DeviceList == NULL)
{
printf("Error getting the devices installed in the system: %s\n", PacketCapture->GetLastError() );
goto end;
}
printf("Installed adapters:\n");
IfNumber= 1;
TargetDestDevice= DeviceList;
while (TargetDestDevice)
{
printf("\tInterface number %d: %s (%s)\n", IfNumber, TargetDestDevice->Description, TargetDestDevice->Name);
TargetDestDevice= TargetDestDevice->GetNext();
IfNumber++;
}
printf("\nPlease enter the number (1-%d) corresponding to the desired device: ", IfNumber - 1);
scanf("%d", &IfChosen);
if (IfChosen < 1 || IfChosen >= IfNumber)
{
printf("\nInterface number out of range.\n");
goto end;
}
TargetDestDevice= DeviceList;
for (int i= 1; i < IfChosen; TargetDestDevice= TargetDestDevice->GetNext(), i++);
//Cloning + state information of source device updating.
if (PacketCapture->SetSrcDataDevice(TargetDestDevice,TargetDestDevice->Name,TargetDestDevice->Description,nbNETDEVICE_PROMISCUOUS) == nbFAILURE)
{
printf("Error setting the source device: %s", PacketCapture->GetLastError() );
goto end;
}
printf("\nPlease type 'C' if you want to receive packets through the callback,");
printf("\n or 'R' if you want to receive packets through a read() function: ");
fflush(stdin);
scanf("%c", &ReadMethod);
if (ReadMethod == 'C')
ReceiveFromCallback= true;
else
ReceiveFromCallback= false;
if (ReceiveFromCallback)
{
if (PacketCapture->RegisterCallbackFunction(ReadPacketsCallback, NULL) == nbFAILURE)
{
printf("Error setting the destination callback function: %s", PacketCapture->GetLastError() );
goto end;
}
}
fflush(stdin);
printf("\n\nType name of filter file (.asm)\n Press [Enter] to avoid filter loading.\nSelection:");
gets(FilterString);
if (PacketCapture->InjectFilter(FilterString) == nbFAILURE)
{
printf("Error setting the packet filter: %s", PacketCapture->GetLastError() );
goto end;
}
if (PacketCapture->Start() == nbFAILURE)
{
printf("Cannot start the capture process: %s", PacketCapture->GetLastError() );
goto end;
}
printf("\nListening on %s...\n", TargetDestDevice->Description);
if (ReceiveFromCallback)
{
nbNetPkt * Packet;
while(1)
{
Packet= PacketCapture->GetPacket();
PacketCapture->WritePacket(Packet);
PacketCapture->ReleaseExBuf(Packet);
}
}
else
{
nbNetPkt *Packet;
while(1)
{
if (PacketCapture->ReadPacket(&Packet, NULL) == nbFAILURE)
{
printf("Error reading packets from the given source: %s", PacketCapture->GetLastError() );
goto end;
}
ReadPacketsCallback(NULL, Packet, NULL);
PacketCapture->ReleaseExBuf(Packet);
}
}
end:
PacketCapture->Stop();
nbCleanup();
return nbSUCCESS;
}
