void cis_reap_connection(connection *cn) { if (cn->state.reaping == 1) return; linklist_add(reaper_list,cn); cn->state.reaping = 1; }
END_TEST START_TEST(test_linklist_add) { const char name[] = "krit kasemosoth"; const char title[] = "senior software engineer"; struct linklist *lnk = linklist_create(); linklist_add(lnk, (void*)name); fail_unless(lnk->size == 1, "Failed to add a new item %s to the list\n", name); linklist_add(lnk, (void*)title); fail_unless(lnk->size == 2, "Failed to add a new item %s to the list\n", name); }
/****************************************************************************** *功能:pcap_loop的回调函数 *参数1:pcap_loop的最后一个参数,当收到足够数量的包后pcap_loop会调用callback回调函数, *同时将pcap_loop()的最后一个参数传递给它 *参数2:收到的数据包的pcap_pkthdr类型的指针 *参数3:收到的数据包数据 ******************************************************************************/ void callback(u_char *argument, const struct pcap_pkthdr *packet_hander, const u_char *packet_content) { u_char mac_string[18]; attack_target element; struct arp_head *arp_protocol; unsigned short operation_code; struct in_addr source_ip_address; arp_protocol = (struct arp_head *)(packet_content+14); operation_code = ntohs(arp_protocol->operation_field); if(2 == operation_code) //数字2为ARP应答 { memcpy( (void *)&source_ip_address, (void *)&arp_protocol->source_ip_addr, sizeof(struct in_addr) ); //复制ip element.ip.s_addr = source_ip_address.s_addr; //printf("IP: %s\n", inet_ntoa(source_ip_address)); memset(mac_string, 0, 18); sprintf(mac_string, "%02x:%02x:%02x:%02x:%02x:%02x", arp_protocol->source_mac_addr[0], arp_protocol->source_mac_addr[1], arp_protocol->source_mac_addr[2], arp_protocol->source_mac_addr[3], arp_protocol->source_mac_addr[4], arp_protocol->source_mac_addr[5] ); //复制mac地址到链表当中 memset(element.mac, 0, 18); memcpy(element.mac, mac_string, 18); linklist_add(&l, &element); //printf("MAC: %s\n", mac_string); } //linklist_show(&l); }
void addPath(const char *path, int squash_uids, int squash_perms) { size_t len; char *full_name = NULL, *lnk = NULL; struct dirent *file = NULL; DIR *direc = NULL; struct stat st; int overWrite; __u16 inodeType; direc = opendir(path); if ( !direc ) log_error("[Local fs opendir] Cannot open directory %s", path); while (( file = readdir(direc)) != NULL ) { if (( !strcmp(file->d_name, "." )) || ( !strcmp(file->d_name, ".." ))) continue; len = strlen(path) + strlen( file->d_name ) + 3; if ( full_name ) { free( full_name ); full_name = NULL; } full_name = (char*)malloc(len + 2); if ( !full_name ) log_error("[Local fs stat] Memory allocation error ( full_name --> %s/%s )", path, file->d_name); memset(full_name, 0, len + 2); snprintf(full_name, len, "%s/%s", path, file->d_name); lstat(full_name, &st); mode_t fmt = st.st_mode & S_IFMT; if ( squash_uids ) st.st_uid = st.st_gid = 0; if ( squash_perms ) st.st_mode &= ~( LINUX_S_IRWXG | LINUX_S_IRWXO ); overWrite = name_to_inode( file->d_name ); if ( st.st_nlink > 1 ) { if (( lnk = linklist_add(st.st_dev, st.st_ino, full_name + modPath_path_len))) { if ( overWrite ) { log_action(ACT_RM, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_rm(file->d_name)) log_error("[Filesystem error] cannot rm %s/%s", log_cwd(), file->d_name); } log_action(ACT_HARDLINK, file->d_name, lnk, 0, 0, 0, 0, 0, 0, overWrite); if (!do_hardlink(&st, lnk, file->d_name)) log_error("[Filesystem error] cannot hardlink %s --> %s", file->d_name, lnk); continue; } } if ( overWrite ) inodeType = inode_mode( file->d_name ); if (( fmt == S_IFDIR ) && ( overWrite ) && ( !LINUX_S_ISDIR(inodeType))) log_error("[Remote fs mismatch] %s/%s exists but isn't a directory when it should be.", log_cwd(), file->d_name); else if (( fmt != S_IFDIR) && ( overWrite )) { if ( LINUX_S_ISDIR(inodeType)) log_error("[Remote fs mismatch] %s/%s exists but is a directory when it shouldn't be.", log_cwd(), file->d_name); if ((!LINUX_S_ISREG(inodeType)) && (!LINUX_S_ISLNK(inodeType)) && (!LINUX_S_ISBLK(inodeType)) && (!LINUX_S_ISCHR(inodeType)) && (!LINUX_S_ISFIFO(inodeType)) && (!LINUX_S_ISSOCK(inodeType))) log_error("[Remote fs mismatch] Existing file %s/%s has unknown/unsupported type [0x%x].", log_cwd(), file->d_name); } switch ( fmt ) { case S_IFDIR: // Directory log_action(ACT_MKDIR, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !overWrite ) if ( !do_mkdir( &st, file->d_name )) log_error("[Filesystem error] cannot mkdir %s/%s", log_cwd(), file->d_name); log_action(ACT_CHMODE, file->d_name, NULL, st.st_mode, 0, 0, 0, 0, 0, overWrite); if ( !do_chmode(file->d_name, st.st_mode)) log_error("[Filesystem error] Failed to chmode 0x%x for directory %s/%s", st.st_mode, log_cwd(), file->d_name); log_action(ACT_CHOWN, file->d_name, NULL, 0, st.st_uid, st.st_gid, 0, 0, 0, 0); if ( !do_chown(file->d_name, st.st_uid, st.st_gid)) log_error("[Filesystem error] Failed to chown %ld, %ld for directory %s/%s", st.st_uid, st.st_gid, log_cwd(), file->d_name); log_action(ACT_CHDIR, file->d_name, NULL, 0, 0, 0, 0, 0, 0, 0); if ( !do_chdir( file->d_name )) log_error("[Filesystem error] cannot chdir to newly created %s/%s", log_cwd(), file->d_name); addPath(full_name, squash_uids, squash_perms); log_action(ACT_CHDIR, "..", NULL, 0, 0, 0, 0, 0, 0, 0); if ( !do_chdir("..")) log_error("[Filesystem error] cannot chdir to parent directory"); break; case S_IFREG: // Regular file if ( overWrite ) { log_action(ACT_RM, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_rm(file->d_name)) log_error("[Filesystem error] cannot rm %s/%s", log_cwd(), file->d_name); } log_action(ACT_WRITE, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_write(full_name, file->d_name)) log_error("[Filesystem error] cannot write %s/%s", log_cwd(), file->d_name); break; case S_IFLNK: // Symbolic link lnk = (char*)malloc(MAX_PATHSIZE + 2); if ( !lnk ) log_error("[symlink] Memory allocation error (lnk)"); int len = readlink(full_name, lnk, MAX_PATHSIZE); if ( len == -1 ) { free(lnk); log_error("[Local filesystem error] Cannot read destination for link %s/%s", log_cwd(), file->d_name); } else lnk[len] = '\0'; if ( overWrite ) { log_action(ACT_RM, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_rm(file->d_name)) log_error("[Filesystem error] cannot rm %s/%s", log_cwd(), file->d_name); } log_action(ACT_SYMLINK, file->d_name, lnk, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_symlink(&st, lnk, file->d_name)) log_error("[Filesystem error] cannot symlink %s/%s --> %s", log_cwd(), file->d_name, lnk); free(lnk); break; case S_IFBLK: // Block device node case S_IFCHR: // Character device node case S_IFSOCK: // socket case S_IFIFO: // fifo if ( overWrite ) { log_action(ACT_RM, file->d_name, NULL, 0, 0, 0, 0, 0, 0, overWrite); if ( !do_rm(file->d_name)) log_error("[Filesystem error] cannot rm %s/%s", log_cwd(), file->d_name); } char nodetype = ( fmt == S_IFBLK ? 'b' : ( fmt == S_IFCHR ? 'c' : ( fmt == S_IFSOCK ? 's' : 'p' ))); unsigned long major = 0, minor = 0; if (( nodetype == 'b' ) || ( nodetype == 'c' )) { major = (long)major(st.st_rdev); minor = (long)minor(st.st_rdev); } log_action(ACT_MKNOD, file->d_name, NULL, 0, 0, 0, nodetype, major, minor, overWrite); if ( !do_mknod(file->d_name, nodetype, major, minor)) log_error("[Filesystem error] cannot mknod %c %ld,%ld %s/%s", log_cwd(), nodetype, major, minor, log_cwd(), file->d_name); break; } if ( fmt != S_IFDIR ) { // Not dir ? log_action(ACT_CHMODE, file->d_name, NULL, st.st_mode, 0, 0, 0, 0, 0, overWrite); if ( !do_chmode(file->d_name, st.st_mode)) log_error("[Filesystem error] Failed to chmode 0x%x for file %s/%s", st.st_mode, log_cwd(), file->d_name); log_action(ACT_CHOWN, file->d_name, NULL, 0, st.st_uid, st.st_gid, 0, 0, 0, 0); if ( !do_chown(file->d_name, st.st_uid, st.st_gid)) log_error("[Filesystem error] Failed to chown %ld, %ld for file %s/%s", st.st_uid, st.st_gid, log_cwd(), file->d_name); } if ( full_name ) { free( full_name ); full_name = NULL; } } closedir(direc); }