Exemplo n.º 1
0
void create_mod_pkt(unsigned char *link_pkt,struct cooking_data *flow,mapid_pkthdr_t *pkt_head) {
	
	unsigned char *ret_data;
	unsigned int ret_size;
	ether_header* eth = NULL;
	ip_header* ip = NULL;
	tcp_header* tcp = NULL;
	int ether_len = 0, ip_len = 0, tcp_len = 0;

	eth = (ether_header*)link_pkt;
	ether_len = sizeof(ether_header);
	ip = (ip_header*)(link_pkt + ether_len);
	ip_len = (ip->ver_ihl & 0xf) * 4;
	
	tcp = (tcp_header*)(link_pkt + ether_len + ip_len);
	tcp_len = tcp->off * 4;
	tcp->seq = 0;

	if (flow->client_ready && flow->server_ready && flow->collect != BOTH_SIDE) {
	    DEBUG_CMD(Debug_Message("client and server are ready but we dont collect both"));
	}

	if (flow->client_ready) {
	    ret_data = flow->ret_client_data;
	    ret_size = flow->client_size;
	}
	else {
	    ret_data = flow->ret_server_data;
	    ret_size = flow->server_size;
	}

	if (ret_size > (unsigned int)flow->threshold){
	    DEBUG_CMD(Debug_Message("Packet size is greater than Threshold : %d", ret_size - flow->threshold));
	}

	ip->tlen = ntohs(ret_size + ip_len + tcp_len);
	
	//fprintf(stderr, "flow->mod_pkt_size old %d new %d\n", flow->mod_pkt_size, (sizeof(char) * (ret_size +ether_len + ip_len + tcp_len)));
/* DEL	
	if (flow->mod_pkt_size < (sizeof(char)*(ret_size + ether_len + ip_len + tcp_len))) {
		flow->mod_pkt = realloc(flow->mod_pkt,(sizeof(char)*(ret_size + ether_len + ip_len + tcp_len)));
		flow->mod_pkt_size = (sizeof(char) * (ret_size + ether_len + ip_len + tcp_len));
	}
*/
//	memset(link_pkt, 0, (sizeof(char) * (ret_size + ether_len + ip_len + tcp_len)));
//	memcpy(link_pkt, eth, ether_len);
//	memcpy(&link_pkt[ether_len], ip, ip_len);
//	memcpy(&link_pkt[ether_len + ip_len], tcp, tcp_len);	
	memcpy(&link_pkt[ether_len + ip_len + tcp_len], ret_data, ret_size);

	//flow->client_headers = flow->ret_client_headers;
	//flow->server_headers = flow->ret_server_headers;

	pkt_head->caplen = pkt_head->wlen = ret_size + ether_len + ip_len + tcp_len;

//DEL	memcpy(link_pkt, flow->mod_pkt, pkt_head->caplen);
	flow->cooked = 1;
	//printf("create_mod_pkt: pkt_head->caplen: %d\n", pkt_head->caplen);
}
Exemplo n.º 2
0
void interface_no_acl(const char *cmdline) /* no ip access-group <acl> [in|out] */
{
	arglist *args;
	char *dev;
	acl_chain chain = chain_in;
	char *listno;

	dev = librouter_device_cli_to_linux(interface_edited->cish_string, interface_major,
	                interface_minor);
	args = librouter_make_args(cmdline);
	listno = args->argv[3];
	if (args->argc == 4)
		chain = chain_both;
	else {
		if (strcasecmp(args->argv[4], "in") == 0)
			chain = chain_in;
		else if (strcasecmp(args->argv[4], "out") == 0)
			chain = chain_out;
	}
	if ((chain == chain_in) || (chain == chain_both)) {
		if (librouter_acl_matched_exists(listno, dev, 0, "INPUT")) {
			sprintf(buf, "/bin/iptables -D INPUT -i %s -j %s", dev, listno);

			DEBUG_CMD(buf);
			system(buf);
		}
		if (librouter_acl_matched_exists(listno, dev, 0, "FORWARD")) {
			sprintf(buf, "/bin/iptables -D FORWARD -i %s -j %s", dev, listno);

			DEBUG_CMD(buf);
			system(buf);
		}
	}
	if ((chain == chain_out) || (chain == chain_both)) {
		if (librouter_acl_matched_exists(listno, 0, dev, "OUTPUT")) {
			sprintf(buf, "/bin/iptables -D OUTPUT -o %s -j %s", dev, listno);

			DEBUG_CMD(buf);
			system(buf);
		}
		if (librouter_acl_matched_exists(listno, 0, dev, "FORWARD")) {
			sprintf(buf, "/bin/iptables -D FORWARD -o %s -j %s", dev, listno);

			DEBUG_CMD(buf);
			system(buf);
		}
	}

	librouter_destroy_args(args);
	free(dev);
}
Exemplo n.º 3
0
static void
cmd_stats (char *device, int pid, MAPI_UNUSED uid_t uid, int sock)	/*removed id, id==pid here */
//dev = device
//if = IPC id used to send ack message back to client
{
  struct mapiipcbuf buf;
  char *devtype;
  mapidrv *drv;
  int err = 0;
  char* dev=device;
  struct mapi_stat stats;

  if (running_shutdown)
    err = MAPI_SHUTTING_DOWN;

  //Decide which driver to use
  for (drv = drvlist; drv != NULL; drv = drv->next)
    {
      if (drv->device != NULL)
		if (strcmp (dev, drv->device) == 0)
		  {
		    //DEBUG_CMD(Debug_Message("Using driver %s for %s", drv->name, dev));
		    break;
		  }
    }

  if (drv == NULL)
    {
      DEBUG_CMD(Debug_Message("No driver found for %s", dev));
      report_error (MAPID_NO_DRIVER, pid, sock);
      return;
    }

  //Calls driver
  if (err == 0)
    {
      mapidrv_stats = get_drv_funct (drv->handle, "mapidrv_stats");
      err = mapidrv_stats (drv->devid, &devtype, &stats);
    }

  if (err != 0)
    {
	buf.mtype = pid;
	buf.cmd = MAPI_STATS_ERR;
	buf.remote_errorcode=err;
	buf.fd = 0;
	mapiipc_daemon_write ((struct mapiipcbuf *) &buf, sock);
	return;
    }
  else
    {
      //Send ack back to user
      buf.mtype = pid;
      memcpy ((char *)buf.data, &stats, sizeof(struct mapi_stat));
      buf.cmd = MAPI_STATS_ACK;
      buf.fd = 0;
    }

  mapiipc_daemon_write (&buf, sock);
}
Exemplo n.º 4
0
static int dist_init(mapidflib_function_instance_t *instance,
                     MAPI_UNUSED int flow_descr)
{
    mapiFunctArg* fargs=instance->args;
    int fid,fd;
    char *minstr, *maxstr, *intervalstr;
    dist_internal_t *i=instance->internal_data=malloc(sizeof(dist_internal_t));
    dist_t *dist=instance->result.data;

    fd=getargint(&fargs);
    fid=getargint(&fargs);
    minstr = getargstr(&fargs);
    maxstr = getargstr(&fargs);
    intervalstr = getargstr(&fargs);

    dist->min=fhlp_str2ull(minstr);
    dist->max=fhlp_str2ull(maxstr);
    i->interval=fhlp_str2ull(intervalstr);

    i->num=ceil(((double)(dist->max-dist->min)/(double)i->interval));
    i->res_instance=fhlp_get_function_instance(instance->hwinfo->gflist,fd,fid);
    dist->intervals=i->num;

    DEBUG_CMD(Debug_Message("Distribution: num=%lld", i->num));

    dist_reset(instance);
    return 0;
}
Exemplo n.º 5
0
static void * load_driver(const char *dir, const char *name) {
	char *path, *msg;
	void *handle= NULL;

	if (asprintf(&path, "%s/%s", dir, name) < 0) {
		DEBUG_CMD(Debug_Message("asprintf failed"));
	}
	handle = dlopen(path, RTLD_NOW);
	if (!handle) {
		msg = dlerror();
		DEBUG_CMD(Debug_Message("Error loading driver: %s", msg ? msg
				: "unknown reason"));
	}

	free(path);
	return handle;
}
Exemplo n.º 6
0
static void cmd_delete_offline_device(char *dev, int pid, int sock) {
	mapidrv *drv;
	struct mapiipcbuf buf;
	long file_size;

	for (drv = drvlist; drv != NULL; drv = drv->next) {
		if (drv->device != NULL)
			if (strcmp(dev, drv->device) == 0) {
				break;
			}
	}

	if (drv == NULL) {
		DEBUG_CMD(Debug_Message("No device found for %s", dev));
		report_error(MAPID_NO_DEVICE, pid, sock);
		return;
	}

	if (drv->offline != 0) {
		mapidrv_delete_device = get_drv_funct(drv->handle,
				"mapidrv_delete_device");
		mapidrv_delete_device(drv->devid);
		drv->active=0;
	}

	buf.mtype = pid;
	buf.cmd = DELETE_OFFLINE_DEVICE_ACK;
	buf.fd = -1;

	if (log_to_file) {
		file_size = acquire_write_lock(log_fd_info);
		write_to_file(log_fd_info, "MAPID: offline device %s was deleted at ",
				dev);
		write_date(log_fd_info);
		write_newline(log_fd_info, "\n");
		release_write_lock(log_fd_info, file_size);
	}
	if (log_to_syslog)
		log_message("offline device %s was deleted", dev);
    
  DEBUG_CMD(Debug_Message("Deleted offline device %s", dev));

	mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);
}
Exemplo n.º 7
0
/* 
  * Private function to
  * Configure coefficients using  array.
  */
static void set_color_coefficients(disp_adapter_t *adapter, int layer, short coef[]) {
	omap_ctx_t *o_ctx= adapter->ms_ctx;

	TRACE;
	if (layer > 1) {
		DEBUG_MSG("layer out of range");
		return;
	}
	*OMAP_DISPC_VID_CONV_COEF(layer,0) = (coef[0]&0x7FF) | ((coef[1] &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF0 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,0) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,1) = (coef[2]&0x7FF) | ((coef[3] &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF1 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,1) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,2) = (coef[4]&0x7FF) | ((coef[5] &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF2 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,2) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,3) = (coef[6]&0x7FF) | ((coef[7] &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF3 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,3) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,4) = (coef[8]&0x7FF) ;
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF4 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,4) ));
}
Exemplo n.º 8
0
/* 
 * Configure coefficients using   Ry,  RCr,  RCb,  Gy,  GCr,  GCb,  By,  BCr,  BCb
 * Normally used for custom yuv coefficients, maybe from configuration file
 */
void set_custom_color_coefficients(disp_adapter_t *adapter, int layer, short ry, short rcr, short rcb, short gy, short gcr, short gcb, short by, short bcr, short bcb) {
	omap_ctx_t *o_ctx= adapter->ms_ctx;

	TRACE;
	if (layer > 1) {
		DEBUG_MSG("layer out of range");
		return;
	}
	*OMAP_DISPC_VID_CONV_COEF(layer,0) = (ry&0x7FF) | ((rcr &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF0 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,0) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,1) = (rcb&0x7FF) | ((gy &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF1 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,1) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,2) = (gcr&0x7FF) | ((gcb &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF2 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,2) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,3) = (by&0x7FF) | ((bcr &0x7FF) << 16);
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF3 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,3) ));
	*OMAP_DISPC_VID_CONV_COEF(layer,3) = (bcb&0x7FF) ;
	DEBUG_CMD(disp_printf(adapter, "OMAP_DISPC_VID_CONV_COEF4 layer %d  %x", layer, *OMAP_DISPC_VID_CONV_COEF(layer,4) ));
}
Exemplo n.º 9
0
/*
 * Set up color conversions coefficients table for YUV to RGB
 * Returns
 * 	0x0: Limited range selected: 16 subtracted from Y before color space conversion
 *	0x1: Full range selected: Y is not modified before the color space conversion
 * Note: Constistent with Bit 11 in DISPC_VIDn_ATTRIBUTES
 */
int set_yuv_to_rgb_conversion(disp_adapter_t *adapter, int layer, int entry) {
	omap_ctx_t *o_ctx= adapter->ms_ctx;
	TRACE;
	if (layer > 1) {
		DEBUG_MSG("layer out of range");
		return -1;
	}
	DEBUG_CMD(disp_printf(adapter, "Set YUV conversion coefficients table %s ", color_coefficients_table[entry].name));
	set_color_coefficients(adapter, layer, color_coefficients_table[entry].coefficients);
	return color_coefficients_table[entry].range;
}
Exemplo n.º 10
0
static int bpf_cleanup(mapidflib_function_instance_t *instance) {

  // Clear filter
  int result;
  PassFilter_t command;
  command.WriteHW = TRUE;
  sprintf(command.achFilterString, "DeleteFilter = %u", ((struct bpf_internal_data *)instance->internal_data)->filter_id);

  // Hack to see if card is closed
  char namebuff[16];
  result = NTCI_GetDeviceName(((struct bpf_internal_data *)instance->internal_data)->napatechhandle, namebuff, 16);

  if (result == NTCI_ERRCODE_SUCCESS) {
    if((result = NTCI_PacketClassification(((struct bpf_internal_data *)instance->internal_data)->napatechhandle, //((napa_nt_adapterinfo_t *)instance->hwinfo->adapterinfo)->napatechhandle,
                                           STID_PASS_FILTER,
                                           &command)) != NTCI_ERRCODE_SUCCESS) {

      FilterError_t error;
      result = NTCI_PacketClassification(((struct bpf_internal_data *)instance->internal_data)->napatechhandle, //((napa_nt_adapterinfo_t *)instance->hwinfo->adapterinfo)->napatechhandle,
                                         STID_GET_FILTER_ERROR,
                                         &error);

      DEBUG_CMD(Debug_Message("%s",error.achFilterError1)); // stderr
      DEBUG_CMD(Debug_Message("%s",error.achFilterError2)); // stderr
      DEBUG_CMD(Debug_Message("%s",error.achFilterError3)); // stderr

      return 1; // FIXME: errorcode
    }
  }
  else {
    printf("ERROR: Card closed, cannot free filter with id %u\n", ((struct bpf_internal_data *)instance->internal_data)->filter_id);
    // TODO: delete the filter anyway, maybe re-opening the card to delete and re-close. Or maybe even calling NtplTool (dirty)
  }

  if (instance->internal_data != NULL) {
    free(((struct bpf_internal_data *)instance->internal_data)->expression);
    free(instance->internal_data);
  }

  return 0;
}
Exemplo n.º 11
0
/**
 * closes a flow described by fd
 * if send_reply is non-zero, a response is sent to client's mapi stub,
 * (send_reply=0 is used for local clean-ups)
 */
static void cmd_close_flow(int fd, int pid, int sock, int send_reply) {
	struct flow *f;
	struct client *cl;
	struct mapiipcbuf buf;
	long file_size;

	f=(struct flow*)flist_get(flowlist, fd);

	if (f) {
		/* to avoid reading memory after it's freed */
		int tmpfd = f->fd;
		/* prevent closing flows of other processes */
		if (pid != f->id) {
			DEBUG_CMD(Debug_Message(
					"Proc %d tried to close flow %d, which belongs to proc %d",
					pid, f->fd, f->id));
			report_error(MAPI_INVALID_FLOW, pid, sock);
			return;
		}

		cleanup_flow(f);

		while(__sync_lock_test_and_set(&clientlist_lock,1));
		cl = flist_get(clientlist, pid);
		f = (struct flow *) flist_remove(cl->flowlist, fd);
		cl->numflows--;
		clientlist_lock = 0;

		//send an ACK that flow closed
		if (send_reply) {

			buf.mtype = pid;
			buf.cmd = CLOSE_FLOW_ACK;
			buf.fd = tmpfd;
			mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);

			if (log_to_file) {
				file_size = acquire_write_lock(log_fd_info);
				write_to_file(log_fd_info, "MAPID: flow %d was closed at ",
						buf.fd);
				write_date(log_fd_info);
				write_newline(log_fd_info, "\n");
				release_write_lock(log_fd_info, file_size);
			}
			if (log_to_syslog)
				log_message("flow %d was closed", buf.fd);
		}
	} else {
		report_error(MAPI_INVALID_FLOW, pid, sock);
	}
}
Exemplo n.º 12
0
void do_accesslist_policy(const char *cmdline)
{
	arglist *args;
	char *target;
	char cmd[256];
	FILE *procfile;

	procfile = fopen("/proc/net/ip_tables_names", "r");

	args = librouter_make_args(cmdline);
	if (strcmp(args->argv[1], "accept") == 0) {
		target = "ACCEPT";
		if (!procfile)
			goto bailout;
		/* doesnt need to load modules! */
	} else {
		if (strcmp(args->argv[1], "drop") == 0) {
			target = "DROP";
		} else
			target = "REJECT";
	}
	if (procfile)
		fclose(procfile);

	sprintf(cmd, "/bin/iptables -P INPUT %s", target);
	DEBUG_CMD(cmd);
	system(cmd);

	sprintf(cmd, "/bin/iptables -P OUTPUT %s", target);
	DEBUG_CMD(cmd);
	system(cmd);

	sprintf(cmd, "/bin/iptables -P FORWARD %s", target);
	DEBUG_CMD(cmd);
	system(cmd);

	bailout: librouter_destroy_args(args);
}
Exemplo n.º 13
0
static int anonymizeip_process(mapidflib_function_instance_t *instance,
			 MAPI_UNUSED unsigned char* dev_pkt,
			 unsigned char* link_pkt,
			 MAPI_UNUSED mapid_pkthdr_t* pkt_head)
{
  struct ip *ip;
  struct ip6_hdr *ip6;
  uint64_t orig6[2], anon6[2];
  anonip_inst_t *i = instance->internal_data;
  unsigned int len = instance->hwinfo->cap_length;

  switch(instance->hwinfo->link_type) {
  case DLT_EN10MB: // Ethernet
    ip = (struct ip *)(link_pkt + sizeof(ether_header));
    len -= sizeof(ether_header);
    break;
  case DLT_CHDLC: // PoS
    ip = (struct ip *)(link_pkt + 4);
    len -= 4;
    break;
  default:
    DEBUG_CMD(Debug_Message("Link layer not supported"));
    exit(-1);
  }

  if (len < sizeof(struct ip))
    return 0;

  switch(ip->ip_v) {
  case 4:
      ip->ip_src.s_addr = htonl(anonymize(&i->anon_instance, ntohl(ip->ip_src.s_addr)));
      ip->ip_dst.s_addr = htonl(anonymize(&i->anon_instance, ntohl(ip->ip_dst.s_addr)));
      break;
  case 6:
      if (len < sizeof(struct ip6_hdr))
	return 0;
      ip6 = (struct ip6_hdr *)ip;
      //See panonymizer.h for IPv6 support
      memcpy(orig6, &ip6->ip6_src, 16);
      anonymize_v6(&i->anon_instance, orig6, anon6);
      memcpy(&ip6->ip6_src, anon6, 16);
      memcpy(orig6, &ip6->ip6_dst, 16);
      anonymize_v6(&i->anon_instance, orig6, anon6);
      memcpy(&ip6->ip6_dst, anon6, 16);
      break;
  default:
    return 0;
  }
  return 1;
}
Exemplo n.º 14
0
/*
 * Returns a pointer to a function inside a driver
 * drv = pointer to driver
 * funct = name of function
 */
void *drv_get_funct(void *drv, const char *funct)
{
  char *msg= NULL;
  void *my_funct = (void *) dlsym(drv, funct);
  
  if (my_funct == NULL) {
    msg = (char *) dlerror();
    DEBUG_CMD(Debug_Message("ERROR: drv_get_funct: %s", msg));
    dlclose(drv);
    exit(EXIT_FAILURE);
  }

  return my_funct;
}
Exemplo n.º 15
0
static void * get_drv_funct(void *drv, const char *funct)
//Returns a pointer to a function inside a driver
//drv = pointer to driver
//funct = name of function
{
	char *msg= NULL;
	void *my_funct = dlsym(drv, funct);

	if (my_funct == NULL) {
		msg = dlerror();
		DEBUG_CMD(Debug_Message("ERROR: get_drv_funct: %s", msg));
		dlclose(drv);
		exit(EXIT_FAILURE);
	}

	return my_funct;
}
Exemplo n.º 16
0
static void cmd_read_results(int fd, int fid, int pid, int sock)
//Read results from a function
//fd = flow descriptor
//fid = function ID
{
	mapidrv *drv = get_drv(fd);
	mapid_result_t *result;
	struct mapiipcbuf buf;
	int err;
	char *p = (char *)buf.data;

	if (drv == NULL) {
		/* driver not found(should be handled in create_flow), or invalid flow id */
		DEBUG_CMD(Debug_Message("cmd_read_results: no driver found"));
		report_error(MAPI_INVALID_FLOW, pid, sock);
		return;
	}
	mapidrv_read_results = get_drv_funct(drv->handle, "mapidrv_read_results");
	err = mapidrv_read_results(drv->devid, fd, fid, &result);
	if (err != 0) {
		report_error(err, pid, sock);
		return;
	}
	buf.mtype = get_id(fd);
	buf.cmd = READ_RESULT_ACK;
	buf.fd = fd;

	//Copy result data 
	if (result->funct_res_size + 2*sizeof(mapid_shm_t) < DATA_SIZE) {
		memcpy(p, &result->shm, sizeof(mapid_shm_t));
		p += sizeof (result->shm);
		memcpy(p, &result->shm_spinlock, sizeof(mapid_shm_t));
		if (result->funct_res_size > 0) {
			p += sizeof (result->shm);
			memcpy(p, result->funct_res, result->funct_res_size);
		}
		buf.size = result->funct_res_size + 2*sizeof(mapid_shm_t);
	} else {
		//TODO: Return proper error message
	}

	mapiipc_daemon_write(&buf, sock);

}
Exemplo n.º 17
0
char *pc_get_param(conf_category_entry_t *entry, const char *name)
{
  conf_parameter_t *p;

  if (entry == NULL)
  {
      DEBUG_CMD(Debug_Message("pc_get_param: NULL category"));
      exit(1);
  }
  p = entry->params;
  while (p != NULL)
  {
    if (strcmp(p->name, name) == 0)
      return p->value;
    else
      p = p->next;
  }
  return NULL;
}
Exemplo n.º 18
0
static int dist_instance(mapidflib_function_instance_t *instance,
                         MAPI_UNUSED int fd,
                         MAPI_UNUSED mapidflib_flow_mod_t *flow_mod)
{
    int afd,fid;
    unsigned long long min,max,interval;
    char *minstr, *maxstr, *intervalstr;
    mapiFunctArg* fargs=instance->args;

    afd=getargint(&fargs);
    fid=getargint(&fargs);
    minstr = getargstr(&fargs);
    maxstr = getargstr(&fargs);
    intervalstr = getargstr(&fargs);

    if(fhlp_get_function_instance(instance->hwinfo->gflist,afd,fid)==NULL)
        return MFUNCT_INVALID_ARGUMENT_1;

    if(minstr)
        min=fhlp_str2ull(minstr);
    else
        return MFUNCT_INVALID_ARGUMENT_3;
    if(maxstr)
        max=fhlp_str2ull(maxstr);
    else
        return MFUNCT_INVALID_ARGUMENT_4;
    if(interval)
        interval=fhlp_str2ull(intervalstr);
    else
        return MFUNCT_INVALID_ARGUMENT_5;

    if(min>max)
        return MFUNCT_INVALID_ARGUMENT;

    if(interval>(max-min))
        return MFUNCT_INVALID_ARGUMENT_4;

    instance->def->shm_size=sizeof(unsigned long long)*(ceil((double)(max-min)/(double)interval)+1)+sizeof(dist_t);

    DEBUG_CMD(Debug_Message("SIZE: %d", instance->def->shm_size));

    return 0;
};
Exemplo n.º 19
0
static void cmd_load_library(char *lib, int pid, int sock) {
	struct mapiipcbuf buf;
	int err;
	mapidrv *drv = drvlist;

	//Call each driver and tell it to load the new library
	while (drv) {
		mapidrv_load_library = get_drv_funct(drv->handle,
				"mapidrv_load_library");
		err = mapidrv_load_library(lib);
		if (err != 0) {
			DEBUG_CMD(Debug_Message("Could not load library %s", lib));
		}
		drv = drv->next;
	}

	buf.mtype = pid;
	buf.cmd = LOAD_LIBRARY_ACK;
	mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);
}
Exemplo n.º 20
0
static void cmd_connect(int fd, int pid, int sock)
//Connect to flow
//fd = flow descriptor
{
	struct mapiipcbuf buf;
	int err = 0;
	mapidrv *drv = get_drv(fd);
	long file_size;

	if (drv == NULL) {
		/* driver not found(should be handled in create_flow), or invalid flow id */
		DEBUG_CMD(Debug_Message("cmd_connect: no driver found"));
		report_error(MAPI_INVALID_FLOW, pid, sock);
		return;
	}

	if (err == 0) {
		mapidrv_connect = get_drv_funct(drv->handle, "mapidrv_connect");
		err = mapidrv_connect(drv->devid, fd);
	}
	if (err != 0) {
		report_error(err, pid, sock);
		return;
	}

	buf.cmd = CONNECT_ACK;
	buf.mtype = get_id(fd); /* should be == pid */
	buf.fd = fd;

	if (log_to_file) {
		file_size = acquire_write_lock(log_fd_info);
		write_to_file(log_fd_info, "MAPID: connect to flow %d at ", fd);
		write_date(log_fd_info);
		write_newline(log_fd_info, "\n");
		release_write_lock(log_fd_info, file_size);
	}
	if (log_to_syslog)
		log_message("connect to flow %d", fd);

	mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);
}
Exemplo n.º 21
0
static int bpf_instance(mapidflib_function_instance_t *instance,
			MAPI_UNUSED int fd,
			MAPI_UNUSED mapidflib_flow_mod_t *flow_mod)
{

  mapiFunctArg* fargs=instance->args;
  char *str = getargstr(&fargs);
  
  if (instance->hwinfo->offline != 0) // Cant use packet classification on offline streams
    return -1; // FIXME: errorcode
  
  /* 
   *	Checking Arguments
   */
  if(str == NULL)
    return MFUNCT_INVALID_ARGUMENT_1;

  if(strlen(str) < 1)  // could also force a maximum length for the filter expression
    return MFUNCT_INVALID_ARGUMENT_1;

  /*
   *	Dummy BPF filter compilation in order to check filter is OK.
   */
 /* if((pcap = pcap_open_dead(instance->hwinfo->link_type, instance->hwinfo->cap_length)) == NULL){
    DEBUG_CMD(Debug_Message("pcap_open_dead failed"));
    return PCAP_OPEN_DEAD_ERR;
  }
  
  temp = malloc(sizeof(struct bpf_filter));

  if(pcap_compile(pcap, ((struct bpf_program*)&((struct bpf_filter *)temp)->compiled), str, 1, 0)) {
    DEBUG_CMD(Debug_Message("bpf compilation error: %s str: \"%s\"", pcap_geterr(pcap), str));
    free(temp);
    return PCAP_BPF_ERR;
  }

  pcap_close(pcap);
  pcap_freecode((struct bpf_program *)&((struct bpf_filter *)temp)->compiled);
  free(temp);
*/


  /*
    NOTE: The filter should really be applied in init() and only checked for validity here,
    but as there is no way to test-compile the expression and check for resources
    it's done here.
  */
  int result;
  PassFilter_t command;
  command.WriteHW = TRUE;
  sprintf(command.achFilterString, str); //"Capture[Priority=0;Feed=0]=ALL");

  if((result = NTCI_PacketClassification(((napa_nt_adapterinfo_t *)instance->hwinfo->adapterinfo)->napatechhandle,
                                         STID_PASS_FILTER,
                                         &command)) != NTCI_ERRCODE_SUCCESS) {
                 printf("----got errorcode %d\n",result);
    FilterError_t error;
    result = NTCI_PacketClassification(((napa_nt_adapterinfo_t *)instance->hwinfo->adapterinfo)->napatechhandle,
                                       STID_GET_FILTER_ERROR,
                                       &error);
    DEBUG_CMD(Debug_Message("%s",error.achFilterError1)); // stderr
    DEBUG_CMD(Debug_Message("%s",error.achFilterError2)); // stderr
    DEBUG_CMD(Debug_Message("%s",error.achFilterError3)); // stderr

    return MFUNCT_COULD_NOT_APPLY_FUNCT; // FIXME: errorcode
  }

  instance->internal_data = malloc(sizeof(struct bpf_internal_data));
  struct bpf_internal_data *idata = (struct bpf_internal_data *)instance->internal_data;
  idata->napatechhandle = ((napa_nt_adapterinfo_t *)instance->hwinfo->adapterinfo)->napatechhandle;
  idata->expression = strdup(command.achFilterString);
  idata->filter_id = command.ReturnData.u.FilterIndex.FilterId;
  idata->group_index = command.ReturnData.u.FilterIndex.u.GroupIndex;

  DEBUG_CMD(Debug_Message("BPF_NTPL: %s\n\tFilterId: %u GroupIndex: 0x%lx", idata->expression, idata->filter_id, idata->group_index));

  return 0;
}
Exemplo n.º 22
0
static int strsearch_init(mapidflib_function_instance_t *instance,
                          MAPI_UNUSED int fd)
//Initializes the function
{
    char *str, *strbak;
    int off, dpth;

    unsigned char *tmpstr, *tstrbak;
    unsigned char *ret;	// holds the final parsed string
    int len=0;	// length of the final parsed string
    unsigned short pattern_ctr = 0;
    char hexpair[3];
    mapiFunctArg* fargs;
    struct mapid_strsearch_pattern *pattern = NULL;
    struct mapid_strsearch_pattern *lastptrn, *tmpptrn = NULL;

    fargs=instance->args;
    str = getargstr(&fargs);
    off = getargint(&fargs);
    dpth = getargint(&fargs);

    /* parse pattern
     *
     * Non printable characters or general binary content can be specified by
     * using pipes enclosing the binary data which are represented in hex
     * values for each byte.  For example, 'abcd' is the same as '|61 62 63
     * 64|' or 'ab|63 64|' or '|61|b|6364|. If the pipe character needs to be
     * searched, it should be preceeded by a '\'.
     */

    strbak = str; // backup pointer
    tstrbak = tmpstr = (unsigned char *)malloc(strlen(str)*sizeof(char));
    ret=tmpstr;
    hexpair[2]='\0';

    while(*str!='\0') {

        // Two pipes "||" separates two match strings.
        // A||B will match both a packet with either A or B in it.
        if (*str == '|' && *(str+1) == '|') // Should be safe since last char will be '\0'
        {
            if (!isEscaped(str))
            {
                len=tmpstr-ret;
                if (len <= 0)
                {
                    // Empty OR node, skip
                    str += 2;
                    continue;
                }
                if((dpth > 0) && (dpth < len))
                {
                    DEBUG_CMD(Debug_Message("The depth (%d) is less than the size of the pattern (%d)", dpth, len));
                    return MDLIB_STRSEARCH_DEPTH_LESS_THAN_PTRN_ERR;
                }

                tmpptrn = malloc(sizeof(struct mapid_strsearch_pattern));

                tmpptrn->str = (unsigned char *)malloc(len * sizeof(char));
                tmpptrn->slen = len;
                tmpptrn->offset = off;
                tmpptrn->depth = dpth;
                memcpy(tmpptrn->str, ret, len);
                //compute Boyer-Moore's shift and skip tables
                tmpptrn->shift = make_shift((char *)ret, len);
                tmpptrn->skip = make_skip((char *)ret, len);
                tmpptrn->next = NULL;

                if (pattern == NULL)
                {
                    pattern = tmpptrn;
                    lastptrn = tmpptrn;
                }
                else
                {
                    lastptrn->next = tmpptrn;
                    lastptrn = tmpptrn;
                }

                tmpptrn = NULL;
                ret = tmpstr;
                pattern_ctr++;
            }
            else
            {
                *tmpstr=*str;
                tmpstr++;
            }
            str++;
        }

        // '|' means that hex mode begins unless it is escaped \|
        // every hex number consists of two characters ,e.g A is written as 0A
        else if(*str=='|') {
            if(!isEscaped(str)) {
                int hexcount=0;
                str++;
                //parse until closing '|'
                while(*str!='|') {
                    if(*str=='\0') {
                        return MDLIB_STRSEARCH_UNTERMINATED_PIPE_ERR;
                    }
                    // |AC DE| => ignore white spaces between hex numbers
                    if(*str==' ') {
                        str++;
                        continue;
                    }
                    //convert hex to character
                    hexpair[hexcount++]=*str;
                    if(hexcount==2) {
                        hexcount=0;
                        sscanf(hexpair,"%x",(int *)tmpstr);
                        tmpstr++;
                    }
                    str++;
                }
            }
            else {
                *tmpstr=*str;
                tmpstr++;
            }
        }
        // special case for escape character '\\'
        else if(*str=='\\') {
            if(isEscaped(str)) {
                *tmpstr=*str;
                tmpstr++;
            }
        }
        else {
            *tmpstr=*str;
            tmpstr++;
        }
        str++;
    }
    len=tmpstr-ret;
    /* end of pattern parsing */

    /*
      Arne: Will fix it later

    funct = fhlp_get_first();
    while (funct) {
      if(strcmp(funct->name,"STR_SEARCH")==0)
        if(funct->internal_data)
    if(memcmp(((struct mapid_strsearch *)funct->internal_data)->str, ret,
    	  ((struct mapid_strsearch *)funct->internal_data)->slen) == 0)
      if(((struct mapid_strsearch *)funct->internal_data)->offset == off &&
         ((struct mapid_strsearch *)funct->internal_data)->depth == dpth){
        instance->internal_data = funct->internal_data;
        printf("added optimised string search: %s offset: %d depth: %d\n",strbak, off, dpth);
        return 0;
      }
      funct = funct->next;
    }
    */

    if((dpth > 0) && (dpth < len)) {
        DEBUG_CMD(Debug_Message("The depth (%d) is less than the size of the pattern (%d)", dpth, len));
        return MDLIB_STRSEARCH_DEPTH_LESS_THAN_PTRN_ERR;
    }

    if (len > 0)
    {
        tmpptrn = malloc(sizeof(struct mapid_strsearch_pattern));

        tmpptrn->str = (unsigned char *)malloc(len * sizeof(char));
        tmpptrn->slen = len;
        tmpptrn->offset = off;
        tmpptrn->depth = dpth;
        memcpy(tmpptrn->str, ret, len);
        //compute Boyer-Moore's shift and skip tables
        tmpptrn->shift = make_shift((char *)ret, len);
        tmpptrn->skip = make_skip((char *)ret, len);
        tmpptrn->next = NULL;

        if (pattern == NULL)
            pattern = tmpptrn;
        else
            lastptrn->next = tmpptrn;

        pattern_ctr++;
    }

    if (pattern == NULL)
    {
        // Invalid search term
        return MDLIB_STRSEARCH_NOT_A_VALID_SEARCH_STRING;
    }

    instance->internal_data = malloc(sizeof(struct mapid_strsearch));
    /*
      ((struct mapid_strsearch *)instance->internal_data)->str = (unsigned char *)malloc(len * sizeof(char));
      ((struct mapid_strsearch *)instance->internal_data)->slen = len;
      ((struct mapid_strsearch *)instance->internal_data)->offset = off;
      ((struct mapid_strsearch *)instance->internal_data)->depth = dpth;
      memcpy(((struct mapid_strsearch *)instance->internal_data)->str, ret, len);
      //compute Boyer-Moore's shift and skip tables
      ((struct mapid_strsearch *)instance->internal_data)->shift = make_shift((char *)ret, len);
      ((struct mapid_strsearch *)instance->internal_data)->skip = make_skip((char *)ret, len);
    */
    ((struct mapid_strsearch *)instance->internal_data)->pattern = pattern;
    ((struct mapid_strsearch *)instance->internal_data)->num_patterns = pattern_ctr;
    ((struct mapid_strsearch *)instance->internal_data)->currentIteration = 0;
    DEBUG_CMD(Debug_Message("added string search: %s offset: %d depth: %d nodes: %u", strbak, off, dpth, pattern_ctr));

    free(tstrbak);

    return 0;
}
Exemplo n.º 23
0
static int cook_init(mapidflib_function_instance_t *instance, MAPI_UNUSED int fd)
{
	struct cooking_data *data;

	if (nids_not_inited) {
		pcap_t *desc;
		struct nids_chksum_ctl *nochksumchk;

		desc = malloc(sizeof(pcap_t));
		desc->fd = 1;
		desc->linktype = instance->hwinfo->link_type;
		desc->bufsize = instance->hwinfo->cap_length;

		nids_params.pcap_desc = desc;
		nids_params.tcp_workarounds = 1;

		/* disable checksum checking for all packets */
		nochksumchk = malloc(sizeof(struct nids_chksum_ctl));
		nochksumchk->netaddr = 0;
		nochksumchk->mask = 0;
	    nochksumchk->action = NIDS_DONT_CHKSUM;
		nids_register_chksum_ctl(nochksumchk, 1);

		if (!nids_init()) {
			DEBUG_CMD(Debug_Message("NIDS Error: %s", nids_errbuf));
			return -1;
		}

		nids_register_tcp(mapi_tcp_callback);
		nids_not_inited = 0;
	}

	data = (struct cooking_data *)(instance->internal_data);


/*	//check if uncook is applied
	functs = flist_get(instance->hwinfo->gflist->fflist, fd);
	for (fid=1; (funct=flist_get(functs, fid)); fid++) {
	    if (!strcmp(funct->instance->def->name, "UNCOOK"))
		data->keep_headers = 1;
	}
*/
	//printf("Cooking : %s keeping headers %d \n", (data->keep_headers)?"":"NOT", fd);

	if (data->threshold <= 0) {
	    data->threshold = 32000; //default value 32K
	}

	if (data->threshold < 1600) 
	    instance->hwinfo->cap_length = 1600;
	else 
	    instance->hwinfo->cap_length = data->threshold + 100;//+100 for headers


	data->ret_client_data = malloc(sizeof(char) * data->threshold);
	data->ret_server_data = malloc(sizeof(char) * data->threshold);
	data->client_ready = 0;
	data->server_ready = 0;
	

	//data->ni = nids_mapi_init(&desc, instance->hwinfo->link_type);
	//data->ni = nids_create();

	return 0;
}
Exemplo n.º 24
0
void mapi_tcp_callback(struct tcp_stream *a_tcp, MAPI_UNUSED void **param)
{
	struct tcp_flow_data *td = a_tcp->user;
	struct cooking_data *flow = td->flow;

	//printf("tcp_callback : ");

	if (a_tcp->nids_state == NIDS_JUST_EST) {
	    //fprintf(stderr, "callback: established\n");
	    switch (flow->collect) {
		case SERVER_SIDE:
		    a_tcp->server.collect++;
		    a_tcp->client.collect--;
		    break;
		case CLIENT_SIDE:
		    a_tcp->client.collect++;
		    a_tcp->server.collect--;
		    break;
		case BOTH_SIDE:
		    a_tcp->server.collect++;
		    a_tcp->client.collect++;
		    break;
		default:
		    ;
	    }
		//printf("callback: just established\n");
	    return;
	}
	
	if (a_tcp->nids_state == NIDS_DATA) {
	//	printf("data\n");
	    struct half_stream *hlf;
	    //flist_t **heads;
	    unsigned char **ret_data;
	    unsigned int *ret_size;
	    int *ready;

	    if (a_tcp->client.count_new) {
			hlf = &a_tcp->client;
			//heads = &flow->ret_client_headers;
			ret_data = &flow->ret_client_data;
			ret_size = &flow->client_size;
			ready = &flow->client_ready;
			if (flow->collect == SERVER_SIDE)
		    	DEBUG_CMD(Debug_Message("Asked for server data but got client's"));
	    }
	    else {
			hlf = &a_tcp->server;
			//heads = &flow->ret_server_headers;
			ret_data = &flow->ret_server_data;
			ret_size = &flow->server_size;
			ready = &flow->server_ready;
			if (flow->collect == CLIENT_SIDE)
		    	DEBUG_CMD(Debug_Message("Asked for client data but got server's"));
	    }

	    if (td->discard) {
			return;
	    }

	    if (hlf->count - hlf->offset >= flow->threshold) { //we have enough data
		//*heads = hlf->headers;
			memcpy(*ret_data, hlf->data, flow->threshold);
			*ret_size = flow->threshold;
			*ready = 1;
			nids_discard(a_tcp, flow->threshold);
			if (flow->ret_once)
		    	td->discard = 1;
	    }
	    else { //keep them
			nids_discard(a_tcp, 0);
	    }
	    return;
	}

	if (a_tcp->nids_state == NIDS_CLOSE || a_tcp->nids_state == NIDS_RESET || a_tcp->nids_state == NIDS_TIMED_OUT || a_tcp->nids_state == NIDS_EXITING) {
	    int server_bytes, client_bytes;

		//printf("call_back: close\n");
	    
	    //flow->ret_server_headers = a_tcp->server.headers;
	    //flow->ret_client_headers = a_tcp->client.headers;
	    server_bytes = a_tcp->server.count - a_tcp->server.offset;
	    client_bytes = a_tcp->client.count - a_tcp->client.offset;
	    
	    if (server_bytes > 0 && flow->collect != CLIENT_SIDE) {
			//flow->ret_server_data = malloc(sizeof(unsigned char) * server_bytes);
			memcpy(flow->ret_server_data, a_tcp->server.data, flow->threshold);
			flow->server_size = server_bytes;
			flow->server_ready = 1;
	    }

	    if (client_bytes > 0 && flow->collect != SERVER_SIDE) {
		//flow->ret_client_data = malloc(sizeof(unsigned char) * client_bytes);
			memcpy(flow->ret_client_data, a_tcp->client.data, flow->threshold);
			flow->client_size = client_bytes;
			flow->client_ready = 1;
	    }
	}
}
Exemplo n.º 25
0
static void cmd_create_flow(char *device, int pid, uid_t uid, int sock) /*removed id, id==pid here */
//Create a new flow
//dev = device
//if = IPC id used to send ack message back to client
{
	struct flow *fl = (struct flow *) malloc(sizeof(struct flow));
	struct client *cl;
	struct mapiipcbuf buf;
	char *devtype;
	mapidrv *drv;
	int err = 0;
	char* dev=device;
	long file_size;

	fl->id = pid;
	fl->fd = ++fdseed;
	fl->drv = NULL;
	fl->uid = uid;
	fl->offline = 0;

	if (running_shutdown)
		err = MAPI_SHUTTING_DOWN;

	//Decide which driver to use
	for (drv = drvlist; drv != NULL; drv = drv->next) {
		if (drv->device != NULL)
			if (strcmp(dev, drv->device) == 0) {
				fl->drv = drv;
				DEBUG_CMD(Debug_Message("Using driver %s for %s", drv->name,
						dev));
				break;
			}
	}

	if (fl->drv == NULL) {
		DEBUG_CMD(Debug_Message("No driver found for %s", dev));
		report_error(MAPID_NO_DRIVER, pid, sock);
		free(fl);
		return;
	}

	++flows; //total number of currently registered flows

	//Calls driver
	if (err == 0) {
		mapidrv_create_flow = get_drv_funct(fl->drv->handle,
				"mapidrv_create_flow");
		err = mapidrv_create_flow(drv->devid, fl->fd, &devtype);

	}

	if (err != 0) {
		/* flow wasn't created */
		/* we can't leave the flow in place, but we need it for errno... */
		/* cleanup? */
		flows--;
		report_error(err, pid, sock);
		free(fl);
		return;
	} else {
		flist_append(flowlist, fl->fd, fl);

		//check if this is the first time we hear from this client
		cl = flist_get(clientlist, pid);
		if (cl == NULL) {
			cl = (struct client *) malloc(sizeof(struct client));
			cl->pid = pid;
			cl->sock = sock;
			// init the list that holds references to the flows of this client
			if ((cl->flowlist = malloc(sizeof(flist_t))) == NULL) {
				DEBUG_CMD(Debug_Message(
						"ERROR: cmd_create_flow - malloc new client struct: %s",
						strerror(errno)));
				exit(EXIT_FAILURE);
			}
			flist_init(cl->flowlist);
			if ((cl->devicelist = malloc(sizeof(flist_t))) == NULL) {
				DEBUG_CMD(Debug_Message(
						"ERROR: cmd_create_flow - malloc new client struct: %s",
						strerror(errno)));
				exit(EXIT_FAILURE);
			}
			flist_init(cl->devicelist);
			cl->numflows = 0;
			cl->numdevs = 0;
			flist_append(clientlist, pid, cl);
		}

		// save a reference to the newly created flow to client's flow list
		cl->numflows++;
		flist_append(cl->flowlist, fl->fd, fl);

		//Send ack back to user
		buf.mtype = pid;
		strcpy((char *)buf.data, devtype);
		buf.cmd = CREATE_FLOW_ACK;
		buf.fd = fl->fd;

		if (log_to_file) {
			file_size = acquire_write_lock(log_fd_info);
			write_to_file(log_fd_info,
					"MAPID: new flow was created ( device: %s, fd: %d ) at ",
					device, fl->fd);
			write_date(log_fd_info);
			write_newline(log_fd_info, "\n");
			release_write_lock(log_fd_info, file_size);
		}
		if (log_to_syslog)
			log_message("new flow was created ( device: %s, fd: %d )", device,
					fl->fd);
	}

	mapiipc_daemon_write(&buf, sock);
}
Exemplo n.º 26
0
static void cmd_create_offline_device(char *dev, int format, int pid, int sock)
//Create a new flow
//dev = device
//if = IPC id used to send ack message back to client
{
	struct mapiipcbuf buf;
	mapidrv *drv, *drv2, *lok;
	int err;
	int file;
	struct client *cl;
	char *format_;
	long file_size;

	//Get file descriptor
	buf.mtype = pid;
	buf.cmd = SEND_FD;
	mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);
	file = mapiipc_read_fd(sock);

	//Decide which driver to use
	for (drv = drvlist; drv != NULL; drv = drv->next) {
		if (drv->format == format) {
			DEBUG_CMD(Debug_Message("Using driver %s for %s", drv->name, dev));
			break;
		}
	}

	if (drv == NULL) {
		DEBUG_CMD(Debug_Message("ERROR: No driver found for %s", dev));
		report_error(MAPID_NO_DRIVER, pid, sock);
		return;
	}

	//Calls driver
	//First create new "device" for the file 
	drv2 = malloc(sizeof(mapidrv));
	drv2->device = malloc(strlen(dev)+7);
	sprintf(drv2->device, "%s@%d", dev, deviceid);
	lok=drvlist;

	while (lok->next!=NULL)
		lok = lok->next;
	lok->next = drv2;
	drv2->next=NULL;
	drv2->handle = drv->handle;
	drv2->name = strdup(drv->name);
	drv2->format = drv->format;
	drv2->devid = -deviceid++;
	drv2->offline = 1;
	drv2->active = 1;
	drv2->description = strdup(drv->description);
	drv2->offline_status = DEVICE_SETUP;

	mapidrv_add_device = get_drv_funct(drv->handle, "mapidrv_add_device");
	err = mapidrv_add_device(dev, file, drv2->devid, gflist,
			&drv2->offline_status);

	if (err != 0) {
		report_error(err, pid, sock);
		return;
	}

	// save a reference to the newly created flow to client's flow list
	cl = flist_get(clientlist, pid);
	if (cl == NULL) {
		cl = (struct client *) malloc(sizeof(struct client));
		cl->pid = pid;
		cl->sock = sock;
		// init the list that holds references to the flows of this client
		if ((cl->flowlist = malloc(sizeof(flist_t))) == NULL) {
			DEBUG_CMD(Debug_Message(
					"ERROR: cmd_create_flow - malloc new client struct: %s",
					strerror(errno)));
			exit(EXIT_FAILURE);
		}
		if ((cl->devicelist = malloc(sizeof(flist_t))) == NULL) {
			DEBUG_CMD(Debug_Message(
					"ERROR: cmd_create_flow - malloc new client struct: %s",
					strerror(errno)));
			exit(EXIT_FAILURE);
		}
		flist_init(cl->flowlist);
		flist_init(cl->devicelist);
		cl->numflows = 0;
		flist_append(clientlist, pid, cl);
	}

	flist_append(cl->devicelist, drv2->devid, drv->handle);
	cl->numdevs++;

	//Send ack back to user
	buf.mtype = pid;
	buf.cmd = CREATE_OFFLINE_DEVICE_ACK;
	strcpy((char *)buf.data, drv2->device);
	buf.fd = -1;

	if (format == 0)
		format_ = strdup("MFF_PCAP");
	else if (format == 1)
		format_ = strdup("MFF_RAW");
	else if (format == 2)
		format_ = strdup("MFF_DAG_ERF");
	else if (format == 4)
		format_ = strdup("MFF_NAPATECH");

	if (log_to_file) {
		file_size = acquire_write_lock(log_fd_info);
		write_to_file(
				log_fd_info,
				"MAPID: new offline device was created ( tracefile: %s, format: %s, device name returned: %s ) at ",
				dev, format_, buf.data);
		write_date(log_fd_info);
		write_newline(log_fd_info, "\n");
		release_write_lock(log_fd_info, file_size);
	}
	if (log_to_syslog)
		log_message(
				"new offline device was created ( tracefile: %s, format: %s, device name returned: %s )",
				dev, format_, buf.data);

	free(format_);
	mapiipc_daemon_write((struct mapiipcbuf *) &buf, sock);
}
Exemplo n.º 27
0
static int res2file_instance(mapidflib_function_instance_t *instance,
			     MAPI_UNUSED int flow_descr,
			     mapidflib_flow_mod_t *flow_mod)
{
  char *head, *savestr;
  int file;
  char *fids,*s;
  int type,fd,fid,save;
  char buf[DATA_SIZE],*cfids;
  char *types,*t,*t2,buf2[DATA_SIZE];
  int min=0;
  int reset = -1;
  mapiFunctArg* fargs=instance->args;

  if(!(types = getargstr(&fargs)))
	return(MFUNCT_INVALID_ARGUMENT_1);
  if(!(fids = getargstr(&fargs)))
	return(MFUNCT_INVALID_ARGUMENT_2);
  if(!(head = getargstr(&fargs)))
	  return(MFUNCT_INVALID_ARGUMENT_3);
  if((file = getargint(&fargs)) < 0)
	  return(MFUNCT_INVALID_ARGUMENT_4);
  else
  {
	  struct stat sbuf;
	  if(fstat(file, &sbuf) == -1)
	  {
		  DEBUG_CMD(Debug_Message("Cannot fstat() file descriptor %d", file));
		  return(MFUNCT_INVALID_ARGUMENT_4);
	  }
  }

  if((savestr = getargstr(&fargs)) == NULL)
  	return(MFUNCT_INVALID_ARGUMENT_5);

  if((save=parse_save(savestr))<0)
    return MFUNCT_INVALID_ARGUMENT_5;

  reset = getargint(&fargs);
  if(!(reset == 0 || reset == 1))
	  return(MFUNCT_INVALID_ARGUMENT_6);
  
  //Loop through fids and types and verify
  strncpy(buf,fids,DATA_SIZE);
  cfids=buf;
  strncpy(buf2,types,DATA_SIZE);
  t=buf2;

  while((s=strchr(cfids,','))!=NULL) {
    *s='\0';
    if((t2=strchr(t,','))==NULL)
      return MFUNCT_INVALID_ARGUMENT_1;
    *t2='\0';
    sscanf(cfids,"%d@%d",&fid,&fd);
    if(fhlp_get_function_instance(instance->hwinfo->gflist,fd,fid)==NULL)
      return MFUNCT_INVALID_ARGUMENT_2;
    if(min==0 || min>fid)
      min=fid;
    sscanf(t,"%d",&type);
    if(type!=R2F_RAW && type!=R2F_ULLSTR && type!=R2F_ULLSEC && 
       type!=R2F_STATS)
      return MFUNCT_INVALID_ARGUMENT_2;    
    
    cfids=s+1;
    t=t2+1;
  }
  sscanf(cfids,"%d@%d",&fid,&fd);
  if(fhlp_get_function_instance(instance->hwinfo->gflist,fd,fid)==NULL)
   return MFUNCT_INVALID_ARGUMENT_2; 
  
  if(save==PERIODIC) {
    //Move res2file in front of the other functions results are read from
    flow_mod->reorder=min;
  }

  return 0;
};
Exemplo n.º 28
0
void do_accesslist_mac(const char *cmdline)
{
	int crsr;
	arglist *args;
	acl_mode mode;
	acl_action action;
	char *acl, cmd[256];

	mode = add_acl;
	args = librouter_make_args(cmdline);
	acl = args->argv[1];
	if (!librouter_acl_exists(acl)) {
		sprintf(cmd, "/bin/iptables -N %s", acl);
		system(cmd);
	}
	crsr = 2;
	if (!strcmp(args->argv[crsr], "insert")) {
		mode = insert_acl;
		++crsr;
	} else if (!strcmp(args->argv[crsr], "no")) {
		mode = remove_acl;
		++crsr;
	}
	if (!strcmp(args->argv[crsr], "accept"))
		action = acl_accept;
	else if (!strcmp(args->argv[crsr], "drop"))
		action = acl_drop;
	else if (!strcmp(args->argv[crsr], "reject"))
		action = acl_reject;
	else if (!strcmp(args->argv[crsr], "log"))
		action = acl_log;
	else {
		fprintf(stderr, "%% Illegal action type, use accept, drop, reject, log or tcpmss\n");
		librouter_destroy_args(args);
		return;
	}
	crsr += 2;
	sprintf(cmd, "/bin/iptables ");
	switch (mode) {
	case insert_acl:
		strcat(cmd, "-I ");
		break;
	case remove_acl:
		strcat(cmd, "-D ");
		break;
	default:
		strcat(cmd, "-A ");
		break;
	}
	strcat(cmd, acl);
	strcat(cmd, " -m mac --mac-source ");
	strcat(cmd, args->argv[crsr]);
	switch (action) {
	case acl_accept:
		strcat(cmd, " -j ACCEPT");
		break;
	case acl_drop:
		strcat(cmd, " -j DROP");
		break;
	case acl_reject:
		strcat(cmd, " -j REJECT");
		break;
	case acl_log:
		strcat(cmd, " -j LOG");
		break;
	case acl_tcpmss:
		break;
	}DEBUG_CMD(cmd);
	system(cmd);
	librouter_destroy_args(args);
}
Exemplo n.º 29
0
// Wait for an allowed client to connect to the server
//  if(block) then wait until a right client is connected
//  else return immediately
int UDPConnection::WaitForClient(int block){

  if(m_ConMode!=CONMODE_SERVER){
    ERROR_MSG("Server not initialized\n");
    return FALSE;
  }
  DEBUG_MSG("Waiting for client\n");

#ifdef WIN32
  SetBlockMode(block);
#endif

  // Recieve data
  int first = 1;
  while((block==1)||(first==1)){

    if(first==0)
      sleep(1);

    DEBUG_MSG("Waiting for client\n");
    struct sockaddr_in client;
    int client_ln = sizeof(client);
    int n_read = recvfrom(m_socket,
                          m_buffer,
			                    MAX_FULL_BUFFER_SIZE,
			                    (block==0? MSG_DONTWAIT: 0),
			                    (struct sockaddr *)&client,
			                    (socklen_t*)&client_ln);
    if(n_read<0){
      ERROR_MSG((block!=0?"Error while fetching data\n":"No client present\n"));
      return FALSE;
    }

    int i;
    for(i=0;i<m_nb_allowed_client;i++){
      if(EqualIP(&client,&(m_allowed_client[i]))){
        memcpy(&m_client,&client,client_ln);

        m_Connected = true;

	      DEBUG_MSG("Sending accept connection: ");
	      DEBUG_CMD(PrintIP(&m_client));

        if(!SendMessage(ACCEPT_CONNECTION,NULL,0)){
	        ERROR_MSG("Sending accpeting connection\n");
          m_Connected = false;
	      }

	      DEBUG_MSG("Client found: ");
	      DEBUG_CMD(PrintIP(&client));
	      DEBUG_MSG("\n");
        return TRUE;
      }
    }

    if(!SendMessage(REFUSE_CONNECTION,NULL,0)){
      ERROR_MSG("Sending refusing connection\n");
    }

    ERROR_MSG("Unallowed client was found: ");
    ERROR_CMD(PrintIP(&client));
    first = 0;
  }

  return FALSE;
}
Exemplo n.º 30
0
void interface_acl(const char *cmdline) /* ip access-group <acl> <in|out> */
{
	arglist *args;
	char *dev;
	acl_chain chain = chain_in;
	char *listno;

	dev = librouter_device_cli_to_linux(interface_edited->cish_string, interface_major,
	                interface_minor);
	args = librouter_make_args(cmdline);
	listno = args->argv[2];
	if (strcasecmp(args->argv[3], "in") == 0)
		chain = chain_in;
	else if (strcasecmp(args->argv[3], "out") == 0)
		chain = chain_out;
	if (!librouter_acl_exists(listno)) {
		printf("%% access-list %s undefined\n", listno);
		free(dev);
		librouter_destroy_args(args);
		return;
	}
	if ((chain == chain_in) && (librouter_acl_matched_exists(0, dev, 0, "INPUT")
	                || librouter_acl_matched_exists(0, dev, 0, "FORWARD"))) {
		printf("%% inbound access-list already defined.\n");
		free(dev);
		librouter_destroy_args(args);
		return;
	}
	if ((chain == chain_out) && (librouter_acl_matched_exists(0, 0, dev, "OUTPUT")
	                || librouter_acl_matched_exists(0, 0, dev, "FORWARD"))) {
		printf("%% outbound access-list already defined.\n");
		free(dev);
		librouter_destroy_args(args);
		return;
	}
	if (chain == chain_in) {
		sprintf(buf, "/bin/iptables -A INPUT -i %s -j %s", dev, listno);

		DEBUG_CMD(buf);
		system(buf);

		sprintf(buf, "/bin/iptables -A FORWARD -i %s -j %s", dev, listno);

		DEBUG_CMD(buf);
		system(buf);

	} else {
		sprintf(buf, "/bin/iptables -A OUTPUT -o %s -j %s", dev, listno);

		DEBUG_CMD(buf);
		system(buf);

		sprintf(buf, "/bin/iptables -A FORWARD -o %s -j %s", dev, listno);

		DEBUG_CMD(buf);
		system(buf);
	}

	librouter_destroy_args(args);
	free(dev);
}