static int proto_eap_init(struct proto *proto, struct registry_instance *i) { if (proto_number_register("8021x", 0x0, proto) != POM_OK || proto_number_register("ppp", 0xc227, proto) != POM_OK) return POM_ERR; struct proto_eap_priv *priv = malloc(sizeof(struct proto_eap_priv)); if (!priv) { pom_oom(sizeof(struct proto_eap_priv)); return POM_ERR; } memset(priv, 0, sizeof(struct proto_eap_priv)); proto_set_priv(proto, priv); priv->p_timeout = ptype_alloc_unit("uint32", "seconds"); if (!priv->p_timeout) goto err; struct registry_param *p = registry_new_param("timeout", "60", priv->p_timeout, "Transaction timeout", 0); if (registry_instance_add_param(i, p) != POM_OK) { registry_cleanup_param(p); goto err; } static struct data_item_reg evt_identity_data_items[PROTO_EAP_EVT_IDENTITY_DATA_COUNT] = { { 0 } }; evt_identity_data_items[evt_eap_common_identifier].name = "identifier"; evt_identity_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8"); evt_identity_data_items[evt_eap_common_code].name = "code"; evt_identity_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8"); evt_identity_data_items[evt_eap_identity_identity].name = "identity"; evt_identity_data_items[evt_eap_identity_identity].value_type = ptype_get_type("string"); static struct data_reg evt_eap_identity_data = { .items = evt_identity_data_items, .data_count = PROTO_EAP_EVT_IDENTITY_DATA_COUNT }; static struct event_reg_info proto_eap_identity = { 0 }; proto_eap_identity.source_name = "proto_eap"; proto_eap_identity.source_obj = priv; proto_eap_identity.name = "eap_identity"; proto_eap_identity.description = "EAP Identity"; proto_eap_identity.data_reg = &evt_eap_identity_data; priv->evt_identity = event_register(&proto_eap_identity); if (!priv->evt_identity) goto err; static struct data_item_reg evt_md5_challenge_data_items[PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT] = { { 0 } }; evt_md5_challenge_data_items[evt_eap_common_identifier].name = "identifier"; evt_md5_challenge_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8"); evt_md5_challenge_data_items[evt_eap_common_code].name = "code"; evt_md5_challenge_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8"); evt_md5_challenge_data_items[evt_eap_md5_challenge_value].name = "value"; evt_md5_challenge_data_items[evt_eap_md5_challenge_value].value_type = ptype_get_type("bytes"); evt_md5_challenge_data_items[evt_eap_md5_challenge_name].name = "name"; evt_md5_challenge_data_items[evt_eap_md5_challenge_name].value_type = ptype_get_type("string"); static struct data_reg evt_eap_md5_challenge_data = { .items = evt_md5_challenge_data_items, .data_count = PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT }; static struct event_reg_info proto_eap_md5_challenge = { 0 }; proto_eap_md5_challenge.source_name = "proto_eap"; proto_eap_md5_challenge.source_obj = priv; proto_eap_md5_challenge.name = "eap_md5_challenge"; proto_eap_md5_challenge.description = "EAP MD5-Challenge"; proto_eap_md5_challenge.data_reg = &evt_eap_md5_challenge_data; priv->evt_md5_challenge = event_register(&proto_eap_md5_challenge); if (!priv->evt_md5_challenge) goto err; static struct data_item_reg evt_success_failure_data_items[PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT] = { { 0 } }; evt_success_failure_data_items[evt_eap_common_identifier].name = "identifier"; evt_success_failure_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8"); evt_success_failure_data_items[evt_eap_success_failure_success].name = "success"; evt_success_failure_data_items[evt_eap_success_failure_success].value_type = ptype_get_type("bool"); static struct data_reg evt_eap_success_failure_data = { .items = evt_success_failure_data_items, .data_count = PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT }; static struct event_reg_info proto_eap_success_failure = { 0 }; proto_eap_success_failure.source_name = "proto_eap"; proto_eap_success_failure.source_obj = priv; proto_eap_success_failure.name = "eap_success_failure"; proto_eap_success_failure.description = "EAP Success/Failure"; proto_eap_success_failure.data_reg = &evt_eap_success_failure_data; priv->evt_success_failure = event_register(&proto_eap_success_failure); if (!priv->evt_success_failure) goto err; return POM_OK; err: proto_eap_cleanup(priv); return POM_ERR; }
static int proto_ppp_pap_init(struct proto *proto, struct registry_instance *i) { if (proto_number_register("ppp", 0xc023, proto) != POM_OK) return POM_ERR; struct proto_ppp_pap_priv *priv = malloc(sizeof(struct proto_ppp_pap_priv)); if (!priv) { pom_oom(sizeof(struct proto_ppp_pap_priv)); return POM_ERR; } memset(priv, 0, sizeof(struct proto_ppp_pap_priv)); proto_set_priv(proto, priv); static struct data_item_reg evt_request_data_items[PROTO_PPP_PAP_EVT_REQUEST_DATA_COUNT] = { { 0 } }; evt_request_data_items[evt_ppp_pap_request_code].name = "code"; evt_request_data_items[evt_ppp_pap_request_code].value_type = ptype_get_type("uint8"); evt_request_data_items[evt_ppp_pap_request_identifier].name = "identifier"; evt_request_data_items[evt_ppp_pap_request_identifier].value_type = ptype_get_type("uint8"); evt_request_data_items[evt_ppp_pap_request_peer_id].name = "peer_id"; evt_request_data_items[evt_ppp_pap_request_peer_id].value_type = ptype_get_type("string"); evt_request_data_items[evt_ppp_pap_request_password].name = "password"; evt_request_data_items[evt_ppp_pap_request_password].value_type = ptype_get_type("string"); static struct data_reg evt_ppp_pap_request_data = { .items = evt_request_data_items, .data_count = PROTO_PPP_PAP_EVT_REQUEST_DATA_COUNT }; static struct event_reg_info proto_ppp_pap_request = { 0 }; proto_ppp_pap_request.source_name = "proto_ppp_pap"; proto_ppp_pap_request.source_obj = priv; proto_ppp_pap_request.name = "ppp_pap_request"; proto_ppp_pap_request.description = "PPP PAP Authentication request"; proto_ppp_pap_request.data_reg = &evt_ppp_pap_request_data; priv->evt_request = event_register(&proto_ppp_pap_request); if (!priv->evt_request) goto err; static struct data_item_reg evt_ack_nack_data_items[PROTO_PPP_PAP_EVT_ACK_NACK_DATA_COUNT] = { { 0 } }; evt_ack_nack_data_items[evt_ppp_pap_ack_nack_code].name = "code"; evt_ack_nack_data_items[evt_ppp_pap_ack_nack_code].value_type = ptype_get_type("uint8"); evt_ack_nack_data_items[evt_ppp_pap_ack_nack_identifier].name = "identifier"; evt_ack_nack_data_items[evt_ppp_pap_ack_nack_identifier].value_type = ptype_get_type("uint8"); evt_ack_nack_data_items[evt_ppp_pap_ack_nack_message].name = "message"; evt_ack_nack_data_items[evt_ppp_pap_ack_nack_message].value_type = ptype_get_type("string"); static struct data_reg evt_ppp_pap_ack_nack_data = { .items = evt_ack_nack_data_items, .data_count = PROTO_PPP_PAP_EVT_ACK_NACK_DATA_COUNT }; static struct event_reg_info proto_ppp_pap_ack_nack = { 0 }; proto_ppp_pap_ack_nack.source_name = "proto_ppp_pap"; proto_ppp_pap_ack_nack.source_obj = priv; proto_ppp_pap_ack_nack.name = "ppp_pap_ack_nack"; proto_ppp_pap_ack_nack.description = "PPP-PAP ACK/NACK"; proto_ppp_pap_ack_nack.data_reg = &evt_ppp_pap_ack_nack_data; priv->evt_ack_nack = event_register(&proto_ppp_pap_ack_nack); if (!priv->evt_ack_nack) goto err; priv->p_auth_timeout = ptype_alloc_unit("uint32", "seconds"); if (!priv->p_auth_timeout) goto err; struct registry_param *p = registry_new_param("auth_timeout", "60", priv->p_auth_timeout, "Authentication timeout", 0); if (proto_add_param(proto, p) != POM_OK) { registry_cleanup_param(p); goto err; } return POM_OK; err: proto_ppp_pap_cleanup(priv); return POM_ERR; }
static int input_pcap_interface_init(struct input *i) { if (input_pcap_common_init(i) != POM_OK) return POM_ERR; struct input_pcap_priv *priv = i->priv; struct registry_param *p = NULL; priv->tpriv.iface.p_interface = ptype_alloc("string"); priv->tpriv.iface.p_promisc = ptype_alloc("bool"); priv->tpriv.iface.p_buff_size = ptype_alloc_unit("uint32", "bytes"); if (!priv->tpriv.iface.p_interface || !priv->tpriv.iface.p_promisc || !priv->tpriv.iface.p_buff_size) goto err; priv->tpriv.iface.perf_dropped = registry_instance_add_perf(i->reg_instance, "dropped_pkt", registry_perf_type_counter, "Dropped packets", "pkts"); if (!priv->tpriv.iface.perf_dropped) goto err; registry_perf_set_update_hook(priv->tpriv.iface.perf_dropped, input_pcap_interface_perf_dropped, priv); char err[PCAP_ERRBUF_SIZE] = { 0 }; char *dev = "<none>"; pcap_if_t *alldevsp = NULL; if (pcap_findalldevs(&alldevsp, err)) { pomlog(POMLOG_WARN "Warning, could not find a suitable interface to sniff packets from : %s", err); alldevsp = NULL; } else { dev = alldevsp->name; } p = registry_new_param("interface", dev, priv->tpriv.iface.p_interface, "Interface to capture packets from", 0); if (alldevsp) { pcap_if_t *tmp; for (tmp = alldevsp; tmp; tmp = tmp->next) { if (registry_param_info_add_value(p, tmp->name) != POM_OK) { pcap_freealldevs(alldevsp); goto err; } } pcap_freealldevs(alldevsp); } if (input_add_param(i, p) != POM_OK) goto err; p = registry_new_param("promisc", "no", priv->tpriv.iface.p_promisc, "Promiscious mode", 0); if (input_add_param(i, p) != POM_OK) goto err; p = registry_new_param("buff_size", "16777216", priv->tpriv.iface.p_buff_size, "PCAP ring buffer size", 0); if (input_add_param(i, p) != POM_OK) goto err; priv->type = input_pcap_type_interface; return POM_OK; err: if (priv->tpriv.iface.p_interface) ptype_cleanup(priv->tpriv.iface.p_interface); if (priv->tpriv.iface.p_promisc) ptype_cleanup(priv->tpriv.iface.p_promisc); if (priv->tpriv.iface.p_buff_size) ptype_cleanup(priv->tpriv.iface.p_buff_size); if (p) registry_cleanup_param(p); free(priv); return POM_ERR; }
struct ptype *ptype_alloc(const char* type) { return ptype_alloc_unit(type, NULL); }