static void log_syn(struct ip *ip, struct tcphdr *tcp) { char buf[32]; MBK *mbk; int uid; struct in_addr ip_src, ip_dst; struct passwd *p; mbk=mbk_new("localhost", 1099, "630712e3e78e9ac261f13b8918c1dbdc"); sprintf(buf, "%u", ntohs(tcp->th_sport)); mbk->append(mbk, "sport", buf); sprintf(buf, "%u", ntohs(tcp->th_dport)); mbk->append(mbk, "dport", buf); mbk->append(mbk, "src", hostlookup(ip->ip_src.s_addr)); mbk->append(mbk, "dest", hostlookup(ip->ip_dst.s_addr)); ip_src=ip->ip_src; ip_dst=ip->ip_dst; #ifdef __NetBSD__ if(k_getuid (&ip_dst, tcp->th_dport, &ip_src, tcp->th_sport, &uid) < 0) { if(k_getuid (&ip_src, tcp->th_sport, &ip_dst, tcp->th_dport, &uid) < 0) { uid=-1; /* If I can't find it, set it to -1 */ } } #else uid=-1; #endif if(uid>=0) { sprintf(buf, "%d", uid); mbk->append(mbk, "uid", buf); if( (p=getpwuid(uid)) != NULL) { mbk->append(mbk, "username", p->pw_name); } else { log_msg("getpwuid(%d) did not return a valid passwd entry\n", uid); } } mbk->send(mbk); mbk->destroy(mbk); }
static ulong lookuphost(char *s) { char to[4]; ulong ip; memset(to, 0, sizeof to); parseip(to, s); ip = nhgetl(to); if(ip != 0) return ip; if((s = hostlookup(s)) == nil) return 0; parseip(to, s); ip = nhgetl(to); free(s); return ip; }
int print_header(void) { fprintf(fp, "\n"); fprintf(fp, "%s => ", hostlookup(ip->saddr)); fprintf(fp, "%s [%d]\n", hostlookup(ip->daddr), ntohs(tcp->dest)); }