예제 #1
0
//
// Constructor
//
DatagramSocket::DatagramSocket(const char* interface, bool ipv6)
    throw(SocketException, SystemException)
{
    // New implementation object from factory, if defined
    _impl    = (_factory) ? _factory->createDatagramSocketImpl()
                          :  new PlainSocketImpl;
    _status  = TID_SOCKET_STATUS_UNSPECIFIED;
    _channel = NULL;
    _ipv6    = ipv6;

    // Create a SOCK_DGRAM socket
    _impl->create(_ipv6);
    _status |= TID_SOCKET_STATUS_CREATED;

    // Asocia el socket y lo pone en escucha
    try
    {
        InetSocketAddress inet(PlainSocketImpl::ANY_PORT, _ipv6);
        bind((SocketAddress*) &inet, interface);
    }
    catch(IllegalArgumentException& e)
    {
        throw SocketException(e.what());
    }
}
예제 #2
0
int lpg_log_struct(struct logger_t* log, connection_t* conn, const char* tag, void* data)
{

	switch (conn->app_proto) {
	     // log depening on the protoco
	case SMTP:
	{	
		struct smtp_struct* logdata =  (struct smtp_struct *) data;
		
		snprintf(statement, MAX_STATEMENT, "insert into SMTP_LOGS (ClientIP,ClientPort,ServerIP,orig_ServerIP,ServerPort,orig_serverport,Message,Type,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d, %d,'%s', '%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->dest,conn->orig_dest,conn->dport,conn->orig_dport,logdata->Message,tag,conn->timestamp
		);
		execute_statement(statement);


		break;
	}
	case FTP:
	{
		struct ftp_struct* logdata =  (struct ftp_struct *) data;
		
		snprintf(statement, MAX_STATEMENT, "insert into FTP_LOGS (ClientIP,ClientPort,ServerIP,orig_ServerIP,ServerPort,orig_serverport,Message,type,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d,'%s','%s', (select current_timestamp),'%s', (select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->dest,conn->orig_dest,conn->dport,conn->orig_dport,logdata->Message,tag,conn->timestamp
		);

		execute_statement(statement);
	 	break;	
	}
	case HTTP:
	{	
		if (strcmp(tag,"client") == 0) {
			struct http_client_struct* logdata =  (struct http_client_struct *) data;
			snprintf(statement, MAX_STATEMENT, "insert into HTTP_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,requestedhost,requestedlocation,useragent,method,requestheader,requestbodybinarylocation,responsereturnedtype,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d, '%s', '%s', '%s',  '%s', '%s', '%s','%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
			conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->requestedHost,logdata->requestedLocation,logdata->userAgent,logdata->method,logdata->requestHeader,logdata->requestBodyBinaryLocation,logdata->responseReturnedType,conn->timestamp
			);
			execute_statement(statement);
			
		}
		else {
			struct http_server_struct* logdata =  (struct http_server_struct *) data;
			snprintf(statement, MAX_STATEMENT, "update HTTP_LOGS set servertype = '%s', responsecontenttype = '%s', responselastmodified = '%s', responseheader = '%s', responsebodybinarylocation = '%s' where trumantimestamp = '%s'",
			logdata->serverType,logdata->responseContentType,logdata->responseLastModified,logdata->responseHeader,logdata->responseBodyBinaryLocation,conn->timestamp
			);
			execute_statement(statement);				    

		
		}
	 	break;
	}

	break;
	case IRC:
	{	
		if (strcmp(tag,"client") == 0) {
			struct irc_client_struct* logdata =  (struct irc_client_struct *) data;
			snprintf(statement, MAX_STATEMENT, "insert into IRC_CLIENT_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,Command,Arguments,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d, %d,'%s', '%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
			conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->command,logdata->arguments,conn->timestamp
			);
			execute_statement(statement);

		}
		else if (strcmp(tag,"logfile") == 0) {
			char location[MAX_PATH_LENGTH];
			snprintf(location,MAX_PATH_LENGTH,"irc/%s",conn->timestamp);
			snprintf(statement, MAX_STATEMENT, "insert into IRC_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,logfilelocation,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d, '%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
			conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,location,conn->timestamp
			);
			execute_statement(statement);
	
		}
		else {
			struct irc_server_struct* logdata =  (struct irc_server_struct *) data;
			snprintf(statement, MAX_STATEMENT, "insert into IRC_SERVER_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,ServerName,NumericReply,RecipientNickname,Message,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d, '%s','%s','%s','%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
			conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->serverName,logdata->numericReply,logdata->recipientNickname,logdata->message,conn->timestamp
			);
			execute_statement(statement);

		
		}
	 break;
	}
	case UNKNOWN:
	{
		if (strcmp(conn->dest,"") == 0) {
			snprintf(conn->dest,IPLENGTH,"0.0.0.0");
		}
		struct unknown_struct* logdata =  (struct unknown_struct *) data;

		snprintf(statement, MAX_STATEMENT, "insert into UNKNOWN_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,binaryLocation,type,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d,'%s','%s', (select current_timestamp),'%s', (select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->binaryLocation,tag,conn->timestamp
		);

		msg(MSG_DEBUG,"try to execute: %s",statement);
		execute_statement(statement);
	 	break;	
	}

	case DNS:
	{
		struct dns_struct* logdata =  (struct dns_struct *) data;
		snprintf(statement, MAX_STATEMENT, "insert into DNS_LOGS (clientIP,orig_ServerIP,ServerIP,DomainName,date,trumantimestamp,sample_id) Values (inet('%s'),inet('%s'),inet('%s'),'%s', (select current_timestamp),'%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		logdata->clientIP,logdata->serverIP,logdata->realServerIP,logdata->domain,conn->timestamp
		);
		execute_statement(statement);

		break;
	}
	case FTP_data:
	{
		struct ftp_data_struct* logdata = (struct ftp_data_struct *) data;
		snprintf(statement, MAX_STATEMENT, "insert into FTP_Passive_Logs (clientIP,clientport,orig_ServerIP,ServerIP,orig_serverport,Serverport,binarylocation, type, filename, date,Trumantimestamp,sample_id) VALUES \
		(inet('%s'),%d,inet('%s'),inet('%s'),%d,%d,'%s', \
		(select case when type = '' then null else type end from awaited_pasv where serverport = %d and serverIP = inet('%s')), \
		(select case when filename = '' then null else filename end from awaited_pasv where serverport = %d and serverIP = inet('%s')), (select current_timestamp), '%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->binaryLocation,conn->dport,conn->dest,conn->dport,conn->dest,conn->timestamp
		);
		msg(MSG_DEBUG,"try to insert: %s",statement);
		execute_statement(statement);
		snprintf(statement, MAX_STATEMENT, "delete from awaited_pasv where serverport = %d and serverip = inet('%s')",
		conn->dport,conn->dest);
		execute_statement(statement);	
		break;
	}
	case SSL_Proto:
	{
		struct ssl_struct* logdata = (struct ssl_struct *) data;
		snprintf(statement, MAX_STATEMENT, "insert into SSL_Logs (clientIP,clientport,orig_ServerIP,ServerIP,orig_serverport,Serverport, Client_Hello_SSL_Version, server_certificate_location, http_request_location,date, Trumantimestamp,sample_id) VALUES (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d,'%s', '%s', '%s', (select current_timestamp), '%s',(select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->sslVersion,logdata->server_cert,logdata->http_request,conn->timestamp
		);
		msg(MSG_DEBUG,"try to insert: %s",statement);
		execute_statement(statement);
		break;
	}
	case UNKNOWN_UDP:
	{
		struct unknown_struct* logdata =  (struct unknown_struct *) data;

		snprintf(statement, MAX_STATEMENT, "insert into UNKNOWN_UDP_LOGS (ClientIP,ClientPort,orig_ServerIP,ServerIP,orig_serverport,ServerPort,binaryLocation,type,date,TrumanTimestamp,sample_id) Values (inet('%s'),%d,inet('%s'),inet('%s'),%d,%d,'%s','%s', (select current_timestamp),'%s', (select distinct value from trumanbox_settings where key = 'CURRENT_SAMPLE'))",
		conn->source,conn->sport,conn->orig_dest,conn->dest,conn->orig_dport,conn->dport,logdata->binaryLocation,tag,conn->timestamp
		);
		msg(MSG_DEBUG,"try to execute: %s",statement);
		execute_statement(statement);
	 	break;	
	}default:
		{
		msg(MSG_DEBUG, "Protocol not yet handled, abort...");
		}


 	} // end of switch
	return 0;
} // end of lpg_log_struct