static int proto_eap_init(struct proto *proto, struct registry_instance *i) {
if (proto_number_register("8021x", 0x0, proto) != POM_OK ||
proto_number_register("ppp", 0xc227, proto) != POM_OK)
return POM_ERR;
struct proto_eap_priv *priv = malloc(sizeof(struct proto_eap_priv));
if (!priv) {
pom_oom(sizeof(struct proto_eap_priv));
return POM_ERR;
}
memset(priv, 0, sizeof(struct proto_eap_priv));
proto_set_priv(proto, priv);
priv->p_timeout = ptype_alloc_unit("uint32", "seconds");
if (!priv->p_timeout)
goto err;
struct registry_param *p = registry_new_param("timeout", "60", priv->p_timeout, "Transaction timeout", 0);
if (registry_instance_add_param(i, p) != POM_OK) {
registry_cleanup_param(p);
goto err;
}
static struct data_item_reg evt_identity_data_items[PROTO_EAP_EVT_IDENTITY_DATA_COUNT] = { { 0 } };
evt_identity_data_items[evt_eap_common_identifier].name = "identifier";
evt_identity_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_identity_data_items[evt_eap_common_code].name = "code";
evt_identity_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8");
evt_identity_data_items[evt_eap_identity_identity].name = "identity";
evt_identity_data_items[evt_eap_identity_identity].value_type = ptype_get_type("string");
static struct data_reg evt_eap_identity_data = {
.items = evt_identity_data_items,
.data_count = PROTO_EAP_EVT_IDENTITY_DATA_COUNT
};
static struct event_reg_info proto_eap_identity = { 0 };
proto_eap_identity.source_name = "proto_eap";
proto_eap_identity.source_obj = priv;
proto_eap_identity.name = "eap_identity";
proto_eap_identity.description = "EAP Identity";
proto_eap_identity.data_reg = &evt_eap_identity_data;
priv->evt_identity = event_register(&proto_eap_identity);
if (!priv->evt_identity)
goto err;
static struct data_item_reg evt_md5_challenge_data_items[PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT] = { { 0 } };
evt_md5_challenge_data_items[evt_eap_common_identifier].name = "identifier";
evt_md5_challenge_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_md5_challenge_data_items[evt_eap_common_code].name = "code";
evt_md5_challenge_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8");
evt_md5_challenge_data_items[evt_eap_md5_challenge_value].name = "value";
evt_md5_challenge_data_items[evt_eap_md5_challenge_value].value_type = ptype_get_type("bytes");
evt_md5_challenge_data_items[evt_eap_md5_challenge_name].name = "name";
evt_md5_challenge_data_items[evt_eap_md5_challenge_name].value_type = ptype_get_type("string");
static struct data_reg evt_eap_md5_challenge_data = {
.items = evt_md5_challenge_data_items,
.data_count = PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT
};
static struct event_reg_info proto_eap_md5_challenge = { 0 };
proto_eap_md5_challenge.source_name = "proto_eap";
proto_eap_md5_challenge.source_obj = priv;
proto_eap_md5_challenge.name = "eap_md5_challenge";
proto_eap_md5_challenge.description = "EAP MD5-Challenge";
proto_eap_md5_challenge.data_reg = &evt_eap_md5_challenge_data;
priv->evt_md5_challenge = event_register(&proto_eap_md5_challenge);
if (!priv->evt_md5_challenge)
goto err;
static struct data_item_reg evt_success_failure_data_items[PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT] = { { 0 } };
evt_success_failure_data_items[evt_eap_common_identifier].name = "identifier";
evt_success_failure_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_success_failure_data_items[evt_eap_success_failure_success].name = "success";
evt_success_failure_data_items[evt_eap_success_failure_success].value_type = ptype_get_type("bool");
static struct data_reg evt_eap_success_failure_data = {
.items = evt_success_failure_data_items,
.data_count = PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT
};
static struct event_reg_info proto_eap_success_failure = { 0 };
proto_eap_success_failure.source_name = "proto_eap";
proto_eap_success_failure.source_obj = priv;
proto_eap_success_failure.name = "eap_success_failure";
proto_eap_success_failure.description = "EAP Success/Failure";
proto_eap_success_failure.data_reg = &evt_eap_success_failure_data;
priv->evt_success_failure = event_register(&proto_eap_success_failure);
if (!priv->evt_success_failure)
goto err;
return POM_OK;
err:
proto_eap_cleanup(priv);
return POM_ERR;
}
static int proto_ppp_pap_init(struct proto *proto, struct registry_instance *i) {
if (proto_number_register("ppp", 0xc023, proto) != POM_OK)
return POM_ERR;
struct proto_ppp_pap_priv *priv = malloc(sizeof(struct proto_ppp_pap_priv));
if (!priv) {
pom_oom(sizeof(struct proto_ppp_pap_priv));
return POM_ERR;
}
memset(priv, 0, sizeof(struct proto_ppp_pap_priv));
proto_set_priv(proto, priv);
static struct data_item_reg evt_request_data_items[PROTO_PPP_PAP_EVT_REQUEST_DATA_COUNT] = { { 0 } };
evt_request_data_items[evt_ppp_pap_request_code].name = "code";
evt_request_data_items[evt_ppp_pap_request_code].value_type = ptype_get_type("uint8");
evt_request_data_items[evt_ppp_pap_request_identifier].name = "identifier";
evt_request_data_items[evt_ppp_pap_request_identifier].value_type = ptype_get_type("uint8");
evt_request_data_items[evt_ppp_pap_request_peer_id].name = "peer_id";
evt_request_data_items[evt_ppp_pap_request_peer_id].value_type = ptype_get_type("string");
evt_request_data_items[evt_ppp_pap_request_password].name = "password";
evt_request_data_items[evt_ppp_pap_request_password].value_type = ptype_get_type("string");
static struct data_reg evt_ppp_pap_request_data = {
.items = evt_request_data_items,
.data_count = PROTO_PPP_PAP_EVT_REQUEST_DATA_COUNT
};
static struct event_reg_info proto_ppp_pap_request = { 0 };
proto_ppp_pap_request.source_name = "proto_ppp_pap";
proto_ppp_pap_request.source_obj = priv;
proto_ppp_pap_request.name = "ppp_pap_request";
proto_ppp_pap_request.description = "PPP PAP Authentication request";
proto_ppp_pap_request.data_reg = &evt_ppp_pap_request_data;
priv->evt_request = event_register(&proto_ppp_pap_request);
if (!priv->evt_request)
goto err;
static struct data_item_reg evt_ack_nack_data_items[PROTO_PPP_PAP_EVT_ACK_NACK_DATA_COUNT] = { { 0 } };
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_code].name = "code";
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_code].value_type = ptype_get_type("uint8");
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_identifier].name = "identifier";
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_identifier].value_type = ptype_get_type("uint8");
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_message].name = "message";
evt_ack_nack_data_items[evt_ppp_pap_ack_nack_message].value_type = ptype_get_type("string");
static struct data_reg evt_ppp_pap_ack_nack_data = {
.items = evt_ack_nack_data_items,
.data_count = PROTO_PPP_PAP_EVT_ACK_NACK_DATA_COUNT
};
static struct event_reg_info proto_ppp_pap_ack_nack = { 0 };
proto_ppp_pap_ack_nack.source_name = "proto_ppp_pap";
proto_ppp_pap_ack_nack.source_obj = priv;
proto_ppp_pap_ack_nack.name = "ppp_pap_ack_nack";
proto_ppp_pap_ack_nack.description = "PPP-PAP ACK/NACK";
proto_ppp_pap_ack_nack.data_reg = &evt_ppp_pap_ack_nack_data;
priv->evt_ack_nack = event_register(&proto_ppp_pap_ack_nack);
if (!priv->evt_ack_nack)
goto err;
priv->p_auth_timeout = ptype_alloc_unit("uint32", "seconds");
if (!priv->p_auth_timeout)
goto err;
struct registry_param *p = registry_new_param("auth_timeout", "60", priv->p_auth_timeout, "Authentication timeout", 0);
if (proto_add_param(proto, p) != POM_OK) {
registry_cleanup_param(p);
goto err;
}
return POM_OK;
err:
proto_ppp_pap_cleanup(priv);
return POM_ERR;
}
static int input_pcap_interface_init(struct input *i) {
if (input_pcap_common_init(i) != POM_OK)
return POM_ERR;
struct input_pcap_priv *priv = i->priv;
struct registry_param *p = NULL;
priv->tpriv.iface.p_interface = ptype_alloc("string");
priv->tpriv.iface.p_promisc = ptype_alloc("bool");
priv->tpriv.iface.p_buff_size = ptype_alloc_unit("uint32", "bytes");
if (!priv->tpriv.iface.p_interface || !priv->tpriv.iface.p_promisc || !priv->tpriv.iface.p_buff_size)
goto err;
priv->tpriv.iface.perf_dropped = registry_instance_add_perf(i->reg_instance, "dropped_pkt", registry_perf_type_counter, "Dropped packets", "pkts");
if (!priv->tpriv.iface.perf_dropped)
goto err;
registry_perf_set_update_hook(priv->tpriv.iface.perf_dropped, input_pcap_interface_perf_dropped, priv);
char err[PCAP_ERRBUF_SIZE] = { 0 };
char *dev = "<none>";
pcap_if_t *alldevsp = NULL;
if (pcap_findalldevs(&alldevsp, err)) {
pomlog(POMLOG_WARN "Warning, could not find a suitable interface to sniff packets from : %s", err);
alldevsp = NULL;
} else {
dev = alldevsp->name;
}
p = registry_new_param("interface", dev, priv->tpriv.iface.p_interface, "Interface to capture packets from", 0);
if (alldevsp) {
pcap_if_t *tmp;
for (tmp = alldevsp; tmp; tmp = tmp->next) {
if (registry_param_info_add_value(p, tmp->name) != POM_OK) {
pcap_freealldevs(alldevsp);
goto err;
}
}
pcap_freealldevs(alldevsp);
}
if (input_add_param(i, p) != POM_OK)
goto err;
p = registry_new_param("promisc", "no", priv->tpriv.iface.p_promisc, "Promiscious mode", 0);
if (input_add_param(i, p) != POM_OK)
goto err;
p = registry_new_param("buff_size", "16777216", priv->tpriv.iface.p_buff_size, "PCAP ring buffer size", 0);
if (input_add_param(i, p) != POM_OK)
goto err;
priv->type = input_pcap_type_interface;
return POM_OK;
err:
if (priv->tpriv.iface.p_interface)
ptype_cleanup(priv->tpriv.iface.p_interface);
if (priv->tpriv.iface.p_promisc)
ptype_cleanup(priv->tpriv.iface.p_promisc);
if (priv->tpriv.iface.p_buff_size)
ptype_cleanup(priv->tpriv.iface.p_buff_size);
if (p)
registry_cleanup_param(p);
free(priv);
return POM_ERR;
}
struct ptype *ptype_alloc(const char* type) {
return ptype_alloc_unit(type, NULL);
}
