Пример #1
0
int main(void) {
  // Construit un paquet RRQ avec options
  size_t len = (size_t) 512;
  char buf[len];
  tftp_make_rrq_opt(buf, &len, "fichier", (size_t) 1024, (size_t) 0);
  
  // Affiche le paquet RRQ
  tftp_print(buf);
  
  // Construit un paquet ACK
  len = (size_t) 512;
  tftp_make_ack(buf, &len, (uint16_t) 541);
  
  // Affiche le paquet ACK
  tftp_print(buf);
  
  // Construit un paquet ERROR
  len = (size_t) 512;
  tftp_make_error(buf, &len, FILNF, errors[FILNF]);
  
  // Affiche le paquet ERROR
  tftp_print(buf);
  
  // Construit un paquet OACK
  len = (size_t) 512;
  tftp_make_OACK(buf, &len, (size_t) 1024, (size_t) 0);
  
  // Affiche le paquet OACK
  tftp_print_OACK(buf);
  
  return EXIT_SUCCESS;
}
Пример #2
0
char *
RaDumpUserBuffer (struct ArgusParserStruct *parser, struct ArgusRecordStruct *argus, int ind, int len) 
{
   struct ArgusFlow *flow = (struct ArgusFlow *) argus->dsrs[ARGUS_FLOW_INDEX];
   unsigned short sport = 0, dport = 0;
   int type, proto, process = 0;
   struct ArgusDataStruct *user = NULL;
   u_char buf[MAXSTRLEN], *bp = NULL, dchr;
   int slen = 0, done = 0;

   switch (ind) {
      case ARGUS_SRCUSERDATA_INDEX:
         dchr = 's';
         break;
      case ARGUS_DSTUSERDATA_INDEX:
         dchr = 'd';
         break;
   }

   if ((user = (struct ArgusDataStruct *)argus->dsrs[ind]) != NULL) {
      bp = (u_char *) &user->array;
      slen = (user->hdr.argus_dsrvl16.len - 2 ) * 4;
      slen = (user->count < slen) ? user->count : slen;
      slen = (slen > len) ? len : slen;
      snapend = bp + slen;
   }

   if (flow != NULL) {
      switch (flow->hdr.subtype & 0x3F) {
         case ARGUS_FLOW_CLASSIC5TUPLE: {
            switch (type = flow->hdr.argus_dsrvl8.qual) {
               case ARGUS_TYPE_IPV4:
                  switch (flow->ip_flow.ip_p) {
                     case IPPROTO_TCP:
                     case IPPROTO_UDP: {
                        proto = flow->ip_flow.ip_p;
                        sport = flow->ip_flow.sport;
                        dport = flow->ip_flow.dport;
                        process++;
                        break;
                     }
                     case IPPROTO_IGMP: {
                        struct ArgusMetricStruct *metric = (void *)argus->dsrs[ARGUS_METRIC_INDEX];
                        if ((metric != NULL) && (((ind == ARGUS_SRCUSERDATA_INDEX) && metric->src.pkts) ||
                                                 ((ind == ARGUS_DSTUSERDATA_INDEX) && metric->dst.pkts))) {
                           igmp_print(bp, slen);
                           done++;
                           break;
                        }
                     }

                     case IPPROTO_PIM: {
                        struct ArgusMetricStruct *metric = (void *)argus->dsrs[ARGUS_METRIC_INDEX];
                        if ((metric != NULL) && (((ind == ARGUS_SRCUSERDATA_INDEX) && metric->src.pkts) ||
                                                 ((ind == ARGUS_DSTUSERDATA_INDEX) && metric->dst.pkts))) {
                           pim_print(bp, slen);
                           done++;
                           break;
                        }
                     }
                  }
                  break; 
               case ARGUS_TYPE_IPV6: {
                  switch (flow->ipv6_flow.ip_p) {
                     case IPPROTO_TCP:
                     case IPPROTO_UDP: {
                        proto = flow->ipv6_flow.ip_p;
                        sport = flow->ipv6_flow.sport;
                        dport = flow->ipv6_flow.dport;
                        process++;
                        break;
                     }

                     case IPPROTO_PIM: {
                        struct ArgusMetricStruct *metric = (void *)argus->dsrs[ARGUS_METRIC_INDEX];

                        if ((metric != NULL) && (((ind == ARGUS_SRCUSERDATA_INDEX) && metric->src.pkts) ||
                                                 ((ind == ARGUS_DSTUSERDATA_INDEX) && metric->dst.pkts))) {
                           pim_print(bp, slen);
                           done++;
                           break;
                        }
                     }
                  }
                  break;
               }
               case ARGUS_TYPE_ARP: {
                  if (ind == ARGUS_SRCUSERDATA_INDEX) {
                     arp_src_print(parser, argus);
                  }
                  if (ind == ARGUS_DSTUSERDATA_INDEX) {
                     arp_dst_print(parser, argus);
                  }
                  done++;
                  break;
               }
/*
struct ArgusMacFlow {
   struct ether_header ehdr;
   unsigned char dsap, ssap;
};

*/

               case ARGUS_TYPE_ETHER: {
                  if (flow != NULL)
                     if ((flow->mac_flow.mac_union.ether.ssap == LLCSAP_BPDU) &&
                         (flow->mac_flow.mac_union.ether.dsap == LLCSAP_BPDU))
                        stp_print (bp, slen);
                  done++;
                  break;
               }
            }
         }
      }
   }

   if (process && bp) {
      *(int *)&buf = 0;

#define ISPORT(p) (dport == (p) || sport == (p))

      switch (proto) {
         case IPPROTO_TCP: {
            if (ISPORT(BGP_PORT))
               bgp_print(bp, slen); 
            else if (ISPORT(TELNET_PORT))
               telnet_print(bp, slen);
            else if (ISPORT(PPTP_PORT))
               pptp_print(bp, slen);
            else if (ISPORT(NETBIOS_SSN_PORT))
               nbt_tcp_print(bp, slen);
            else if (ISPORT(BEEP_PORT))
               beep_print(bp, slen);
            else if (ISPORT(NAMESERVER_PORT) || ISPORT(MULTICASTDNS_PORT)) 
                ns_print(bp + 2, slen - 2, 0);
            else if (ISPORT(MSDP_PORT))
               msdp_print(bp, slen);
            else if (ISPORT(LDP_PORT))
               ldp_print(bp, slen);
            else {
               int elen = 0;
               parser->eflag = ArgusThisEflag;
               elen = ArgusEncode (parser, (const char *)bp, NULL, slen, ArgusBuf, sizeof(ArgusBuf));
               parser->eflag = ARGUS_HEXDUMP;
            }
            break;
         }

         case IPPROTO_UDP: {
            if (ISPORT(NAMESERVER_PORT))
               ns_print(bp, slen, 0);
            else if (ISPORT(MULTICASTDNS_PORT))
               ns_print(bp, slen, 1);
            else if (ISPORT(NTP_PORT))
               ntp_print(bp, slen);
            else if (ISPORT(LDP_PORT))
               ldp_print(bp, slen);
            else if (ISPORT(RADIUS_PORT) || ISPORT(RADIUS_NEW_PORT) ||
                     ISPORT(RADIUS_ACCOUNTING_PORT) ||
                     ISPORT(RADIUS_NEW_ACCOUNTING_PORT) )
               radius_print(bp, slen);
            else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT))
               krb_print(bp, slen);
            else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT))
               snmp_print(bp, slen);
            else if (ISPORT(TIMED_PORT))
               timed_print(bp, slen);
            else if (ISPORT(TFTP_PORT))
               tftp_print(bp, slen);
            else if (ISPORT(IPPORT_BOOTPC) || ISPORT(IPPORT_BOOTPS))
               bootp_print(bp, slen);
            else if (ISPORT(RIP_PORT))
               rip_print(bp, slen);
            else if (ISPORT(AODV_PORT))
               aodv_print(bp, slen, 0);
            else if (ISPORT(L2TP_PORT))
               l2tp_print(bp, slen);
            else if (ISPORT(SYSLOG_PORT))
               syslog_print(bp, slen);
            else if (ISPORT(LMP_PORT))
               lmp_print(bp, slen);
            else if ((sport >= RX_PORT_LOW && sport <= RX_PORT_HIGH) ||
                     (dport >= RX_PORT_LOW && dport <= RX_PORT_HIGH))
               rx_print(bp, slen, sport, dport);
            else if (dport == BFD_CONTROL_PORT || dport == BFD_ECHO_PORT )
               bfd_print(bp, slen, dport);
            else if (ISPORT(NETBIOS_NS_PORT))
               nbt_udp137_print(bp, slen);
            else if (ISPORT(NETBIOS_DGRAM_PORT))
               nbt_udp138_print(bp, slen);
            else if (ISPORT(ISAKMP_PORT))
               isakmp_print(bp, slen);
            else if (ISPORT(ISAKMP_PORT_NATT))
               isakmp_rfc3948_print(bp, slen);
            else if (ISPORT(ISAKMP_PORT_USER1) || ISPORT(ISAKMP_PORT_USER2))
               isakmp_print(bp, slen);
            else {
               int elen = 0;
               parser->eflag = ArgusThisEflag;
               elen = ArgusEncode (parser, (const char *)bp, NULL, slen, ArgusBuf, sizeof(ArgusBuf));
               parser->eflag = ARGUS_HEXDUMP;
            }
/*
            else if (ISPORT(3456))
               vat_print(bp, slen);
            else if (ISPORT(ZEPHYR_SRV_PORT) || ISPORT(ZEPHYR_CLT_PORT))
               zephyr_print(bp, slen);
            else if (ISPORT(RIPNG_PORT))
               ripng_print(bp, slen);
            else if (ISPORT(DHCP6_SERV_PORT) || ISPORT(DHCP6_CLI_PORT))
               dhcp6_print(bp, slen);
            else if (dport == 4567)
               wb_print(bp, slen);
            else if (ISPORT(CISCO_AUTORP_PORT))
               cisco_autorp_print(bp, slen);
            else if (ISPORT(RADIUS_PORT) || ISPORT(RADIUS_NEW_PORT) ||
                     ISPORT(RADIUS_ACCOUNTING_PORT) || ISPORT(RADIUS_NEW_ACCOUNTING_PORT) )
               radius_print(bp, slen);
            else if (dport == HSRP_PORT)
               hsrp_print(bp, slen);
            else if (ISPORT(LWRES_PORT))
               lwres_print(bp, slen);
            else if (ISPORT(MPLS_LSP_PING_PORT))
               lspping_print(bp, slen);
*/
         }
      }
   }

   return (ArgusBuf);
}