void IpqLoop() { int status; struct pcap_pkthdr PHdr; unsigned char buf[PKT_BUFSIZE]; static ipq_packet_msg_t *m; #ifdef DEBUG_GIDS printf("Reading Packets from ipq handle \n"); #endif while(1) { ResetIV(); status = ipq_read(ipqh, buf, PKT_BUFSIZE, 1000000); if (status < 0) { ipq_perror("IpqLoop: "); } /* man ipq_read tells us that when a timeout is specified * ipq_read will return 0 when it is interupted. */ else if(status == 0) { /* Do the signal check. If we don't do this we will * evaluate the signal only when we receive an actual * packet. We don't want to depend on this. */ sig_check(); } else { switch(ipq_message_type(buf)) { case NLMSG_ERROR: fprintf(stderr, "Received error message %d\n", ipq_get_msgerr(buf)); break; case IPQM_PACKET: m = ipq_get_packet(buf); g_m = m; #ifdef DEBUG_INLINE printf("%02X:%02X:%02X:%02X:%02X:%02X\n", m->hw_addr[0], m->hw_addr[1], m->hw_addr[2], m->hw_addr[3], m->hw_addr[4], m->hw_addr[5]); #endif TranslateToPcap(m, &PHdr); PcapProcessPacket(NULL, &PHdr, (u_char *)m->payload); HandlePacket(m); break; } /* switch */ } /* if - else */ } /* while() */ }
void IpqLoop() { int status; struct pcap_pkthdr PHdr; unsigned char buf[PKT_BUFSIZE]; static ipq_packet_msg_t *m; #ifdef DEBUG_GIDS printf("Reading Packets from ipq handle \n"); #endif while(1) { ResetIV(); status = ipq_read(ipqh, buf, PKT_BUFSIZE, 0); if (status < 0) { ipq_perror("IpqLoop: "); } else { switch(ipq_message_type(buf)) { case NLMSG_ERROR: fprintf(stderr, "Received error message %d\n", ipq_get_msgerr(buf)); break; case IPQM_PACKET: m = ipq_get_packet(buf); g_m = m; #ifdef DEBUG_INLINE printf("%02X:%02X:%02X:%02X:%02X:%02X\n", m->hw_addr[0], m->hw_addr[1], m->hw_addr[2], m->hw_addr[3], m->hw_addr[4], m->hw_addr[5]); #endif TranslateToPcap(m, &PHdr); PcapProcessPacket(NULL, &PHdr, (u_char *)m->payload); HandlePacket(m); break; } /* switch */ } /* if - else */ } /* while() */ }
/* Loop reading packets from IPFW - borrowed mostly from the TCP-MSSD daemon in FreeBSD ports tree Questions, comments send to: [email protected] */ void IpfwLoop() { char pkt[IP_MAXPACKET]; struct pcap_pkthdr PHdr; ssize_t pktlen, hlen; struct ip *pip = (struct ip *)pkt; struct sockaddr_in sin; socklen_t sinlen; int s; int rtsock; int ifindex; fd_set fdset; ifindex = 0; rtsock = -1; #ifdef DEBUG_GIDS printf("Reading Packets from ipfw divert socket \n"); #endif /* Build divert socket */ if ((s = socket(PF_INET, SOCK_RAW, IPPROTO_DIVERT)) == -1) { perror("IpfwLoop: can't create divert socket"); exit(-1); } /* Fill in necessary fields */ bzero(&sin, sizeof(sin)); sin.sin_family = PF_INET; sin.sin_addr.s_addr = INADDR_ANY; sin.sin_port = htons(pv.divert_port); /* Bind that biatch */ if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1) { perror("IpfwLoop: can't bind divert socket"); exit(-1); } /* Lets process the packet */ while (1) { ResetIV(); FD_ZERO(&fdset); FD_SET(s, &fdset); if (rtsock != -1) { FD_SET(rtsock, &fdset); } if (select(32, &fdset, (fd_set *)NULL, (fd_set *)NULL, (struct timeval *)NULL) == -1) { printf("select failed"); continue; } if (FD_ISSET(s, &fdset)) { sinlen = sizeof(sin); if ((pktlen = recvfrom(s, pkt, sizeof(pkt), 0,(struct sockaddr *)&sin, &sinlen)) == -1) { if (errno != EINTR) { printf("IpfwLoop: read from divert socket failed"); continue; } } hlen = pip->ip_hl << 2; TranslateToPcap(&PHdr,pktlen); PcapProcessPacket(NULL, &PHdr, pkt); HandlePacket(); /* If we don't drop and don't reject, reinject it back into ipfw, * otherwise, we just drop it */ if (! iv.drop && ! iv.reject) { if (sendto(s, pkt, pktlen, 0,(struct sockaddr *)&sin, sinlen) == -1) { printf("IpfwLoop: write to divert socket failed"); } } } /* end if */ } /* end while */ }