static int pares_ipv4_packet(struct sk_buff *skb, struct iphdr *iphdr, dba_result_t *res)
{
int ret = 0;
if (unlikely(!iphdr)) {
return -1;
}
switch (iphdr->protocol) {
case IPPROTO_ICMP:
ret = parse_icmp_packet(skb, (struct icmphdr *)(IPv4_NXT_HDR(iphdr)), res);
break;
case IPPROTO_IGMP:
ret = parse_igmp_packet(skb, (struct igmphdr *)(IPv4_NXT_HDR(iphdr)), res);
break;
case IPPROTO_TCP:
ret = parse_tcp_packet(skb, (struct tcphdr *)(IPv4_NXT_HDR(iphdr)), res);
break;
case IPPROTO_UDP:
ret = parse_udp_packet(skb, (struct udphdr *)(IPv4_NXT_HDR(iphdr)), res);
break;
case IPPROTO_IPV6:
break;
default:
break;
}
return ret;
}
boolean parse_packet(struct sk_buff *skb, struct sniffed_packet_descr_t *descr)
{
struct iphdr *ip_header;
/* we only handle packets, which are big enough
* to contain an IP-header.
*/
if(skb->len < sizeof(struct iphdr) )
return FALSE;
ip_header = (struct iphdr *) skb->data;
/*
check range of IHL-field
*/
if(ip_header->ihl < 5 || ip_header->ihl > 15)
return FALSE;
/*
check ihl against skb-len
*/
if(skb->len < ip_header->ihl * 4)
return FALSE;
/* It has been verified that skb->data[0] to skb->data[ihl*4-1]
* is readable. Extract information from ip-header
*/
descr->subject = descr->src = ip_header->saddr;
if(ip_header->protocol == IPPROTO_TCP)
return parse_tcp_packet(skb, descr);
else if(ip_header->protocol == IPPROTO_ICMP)
return parse_icmp_packet(skb, descr);
else if(ip_header->protocol == IPPROTO_UDP)
return parse_udp_packet(skb, descr);
return FALSE;
}
