void selftest_client_xmit_packet(struct Adapter *adapter, struct Thread *thread, struct Packet *pkt) { struct TestAdapter *testadapter = (struct TestAdapter *)adapter->userdata; struct TestAdapter *other; struct Selftest *selftest = testadapter->parent; struct Frame frame[1]; if (&selftest->client == testadapter) other = &selftest->server; else other = &selftest->client; { struct PcapFile *x; x = pcapfile_openwrite("self-query.pcap", 1); pcapfile_writeframe(x, pkt->buf, pkt->max, pkt->max, 0, 0); pcapfile_close(x); } network_receive( frame, thread, other->adapter, 0, 0, pkt->buf, pkt->max); }
/*************************************************************************** * Test the banner1 detection system by throwing random frames at it ***************************************************************************/ void banner1_test(const char *filename) { struct PcapFile *cap; unsigned link_type; cap = pcapfile_openread(filename); if (cap == NULL) { fprintf(stderr, "%s: can't open capture file\n", filename); return; } link_type = pcapfile_datalink(cap); for (;;) { int packets_read; unsigned secs; unsigned usecs; unsigned origlength; unsigned length; unsigned char px[65536]; struct PreprocessedInfo parsed; unsigned x; packets_read = pcapfile_readframe( cap, /* capture dump file */ &secs, &usecs, &origlength, &length, px, sizeof(px)); if (packets_read == 0) break; x = preprocess_frame(px, length, link_type, &parsed); if (x == 0) continue; } pcapfile_close(cap); }
/**************************************************************************** * During a self-test, we intercept the client "transmit" function to * instead forward directly to the server "receive" path, thus simulating * from the server's point of a view the reception of a packet. We also * intercept the reverse path in the function * "selftest_server_to_client_response". ****************************************************************************/ void selftest_client_to_server_query(struct Adapter *adapter, struct Thread *thread, struct Packet *pkt) { struct TestAdapter *testadapter = (struct TestAdapter *)adapter->userdata; struct TestAdapter *other; struct Selftest *selftest = testadapter->parent; struct Frame frame[1]; if (&selftest->client == testadapter) other = &selftest->server; else other = &selftest->client; /* Save the query packet to a file for inspection */ { struct PcapFile *x; x = pcapfile_openwrite("self-query.pcap", 1); pcapfile_writeframe(x, pkt->buf, pkt->max, pkt->max, 0, 0); pcapfile_close(x); } /* * SHORT CIRCUIT * This is supposed to be a "transmit" function from the DNS client, * but what we are doing instead is just forwarding it to the * "receive" function of the DNS server. */ network_receive( frame, thread, other->adapter, 0, 0, pkt->buf, pkt->max); }
int pcap2zone(int argc, char *argv[]) { struct Pcap2Zone pcap2zone[1]; struct Catalog *catalog; int i; /* * Create a catalog/database */ catalog = catalog_create(); pcap2zone->db = catalog; /* * Initialize it with a pseudo-SOA record for the root zone */ { static const struct DomainPointer root = {(const unsigned char*)"\0",1}; struct ZoneFileParser *parser; parser = zonefile_begin( root, /* origin */ 60, /* TTL */ 10000, /* filesize */ "<pcap2zone>", /* filename */ zonefile_load, /* callback */ catalog /* callback data */ ); LOAD("$TTL 60\r\n" "@ IN SOA ns hostmaster (\r\n" " 2003080800 ; sn = serial number\r\n" " 172800 ; ref = refresh = 2d\r\n" " 15m ; ret = update retry = 15m\r\n" " 1209600 ; ex = expiry = 2w\r\n" " 1H ; nx = nxdomain ttl = 1h\r\n" " )\r\n", parser); zonefile_end(parser); } for (i=2; i<argc; i++) { const char *filename = argv[i]; struct Tracker tracker[1]; struct PcapFile *p; //uint64_t filesize; memset(tracker, 0, sizeof(tracker[0])); //filesize = tracker_get_filesize(tracker, filename); p = pcapfile_openread(filename); if (p == NULL) { perror(filename); continue; } for (;;) { unsigned char buf[65536]; int x; unsigned secs; unsigned usecs; unsigned original_length; unsigned bytes_read; x = pcapfile_readframe( p, &secs, &usecs, &original_length, &bytes_read, buf, sizeof(buf) ); if (x <= 0) break; { struct PreprocessedInfo info; unsigned x; x = preprocess_frame( buf, bytes_read, 1, &info); if (x && info.found == FOUND_DNS && info.port_src == 53) grab_dns_response(catalog, buf, info.found_offset, bytes_read); } tracker_report(tracker, bytes_read); } pcapfile_close(p); } return Success; }