void got_packet(u_char * useless, const struct pcap_pkthdr *pheader,
const u_char * packet)
{
config.p_s.got_packets++;
packetinfo pstruct = {0};
packetinfo *pi = &pstruct;
pi->packet = packet;
pi->pheader = pheader;
set_pkt_end_ptr (pi);
config.tstamp = pi->pheader->ts; // Global
if (config.intr_flag != 0) {
check_interrupt();
}
config.inpacket = 1;
prepare_eth(pi);
check_vlan(pi);
//parse_eth(pi);
if (pi->eth_type == ETHERNET_TYPE_IP) {
prepare_ip4(pi);
parse_ip4(pi);
} else if (pi->eth_type == ETHERNET_TYPE_IPV6) {
prepare_ip6(pi);
parse_ip6(pi);
} else {
config.p_s.otherl_recv++;
//vlog(0x3, "[*] ETHERNET TYPE : %x\n",pi->eth_hdr->eth_ip_type);
}
config.inpacket = 0;
return;
}
static int parse_selector(int *argc_p, char ***argv_p, struct tc_u32_sel *sel)
{
int argc = *argc_p;
char **argv = *argv_p;
int res = -1;
if (argc <= 0)
return -1;
if (matches(*argv, "u32") == 0) {
NEXT_ARG();
res = parse_u32(&argc, &argv, sel, 0, 0);
goto done;
}
if (matches(*argv, "u16") == 0) {
NEXT_ARG();
res = parse_u16(&argc, &argv, sel, 0, 0);
goto done;
}
if (matches(*argv, "u8") == 0) {
NEXT_ARG();
res = parse_u8(&argc, &argv, sel, 0, 0);
goto done;
}
if (matches(*argv, "ip") == 0) {
NEXT_ARG();
res = parse_ip(&argc, &argv, sel);
goto done;
}
if (matches(*argv, "ip6") == 0) {
NEXT_ARG();
res = parse_ip6(&argc, &argv, sel);
goto done;
}
if (matches(*argv, "udp") == 0) {
NEXT_ARG();
res = parse_udp(&argc, &argv, sel);
goto done;
}
if (matches(*argv, "tcp") == 0) {
NEXT_ARG();
res = parse_tcp(&argc, &argv, sel);
goto done;
}
if (matches(*argv, "icmp") == 0) {
NEXT_ARG();
res = parse_icmp(&argc, &argv, sel);
goto done;
}
return -1;
done:
*argc_p = argc;
*argv_p = argv;
return res;
}
static int parse_selector(int *argc_p, char ***argv_p,
struct tc_u32_sel *sel, struct nlmsghdr *n)
{
int argc = *argc_p;
char **argv = *argv_p;
int res = -1;
if (argc <= 0)
return -1;
if (matches(*argv, "u32") == 0) {
NEXT_ARG();
res = parse_u32(&argc, &argv, sel, 0, 0);
} else if (matches(*argv, "u16") == 0) {
NEXT_ARG();
res = parse_u16(&argc, &argv, sel, 0, 0);
} else if (matches(*argv, "u8") == 0) {
NEXT_ARG();
res = parse_u8(&argc, &argv, sel, 0, 0);
} else if (matches(*argv, "ip") == 0) {
NEXT_ARG();
res = parse_ip(&argc, &argv, sel);
} else if (matches(*argv, "ip6") == 0) {
NEXT_ARG();
res = parse_ip6(&argc, &argv, sel);
} else if (matches(*argv, "udp") == 0) {
NEXT_ARG();
res = parse_udp(&argc, &argv, sel);
} else if (matches(*argv, "tcp") == 0) {
NEXT_ARG();
res = parse_tcp(&argc, &argv, sel);
} else if (matches(*argv, "icmp") == 0) {
NEXT_ARG();
res = parse_icmp(&argc, &argv, sel);
} else if (matches(*argv, "mark") == 0) {
NEXT_ARG();
res = parse_mark(&argc, &argv, n);
} else if (matches(*argv, "ether") == 0) {
NEXT_ARG();
res = parse_ether(&argc, &argv, sel);
} else
return -1;
*argc_p = argc;
*argv_p = argv;
return res;
}
void prepare_ip4ip(packetinfo *pi)
{
packetinfo pipi;
memset(&pipi, 0, sizeof(packetinfo));
config.p_s.ip4ip_recv++;
pipi.pheader = pi->pheader;
pipi.packet = (pi->packet + pi->eth_hlen + (IP_HL(pi->ip4) * 4));
pipi.end_ptr = pi->end_ptr;
if (pi->ip4->ip_p == IP_PROTO_IP4) {
prepare_ip4(&pipi);
parse_ip4(&pipi);
}
else {
prepare_ip6(&pipi);
parse_ip6(&pipi);
}
}
void prepare_ip6ip(packetinfo *pi)
{
packetinfo pipi;
memset(&pipi, 0, sizeof(packetinfo));
config.p_s.ip6ip_recv++;
pipi.pheader = pi->pheader;
pipi.packet = (pi->packet + pi->eth_hlen + IP6_HEADER_LEN);
pipi.end_ptr = pi->end_ptr;
if (pi->ip6->next == IP_PROTO_IP4) {
prepare_ip4(&pipi);
parse_ip4(&pipi);
}
else {
prepare_ip6(&pipi);
parse_ip6(&pipi);
}
}
void got_packet(u_char *useless, const struct pcap_pkthdr *pheader,
const u_char *packet)
{
config.p_s.got_packets++;
packetinfo pstruct = {0};
packetinfo *pi = &pstruct;
pi->packet = packet;
pi->pheader = pheader;
set_pkt_end_ptr (pi);
config.tstamp = pi->pheader->ts; /* Global */
if (config.intr_flag != 0) {
check_interrupt();
}
config.inpacket = 1;
switch (config.linktype) {
case DLT_RAW:
prepare_raw(pi);
break;
case DLT_LINUX_SLL:
prepare_sll(pi);
break;
default:
prepare_eth(pi);
check_vlan(pi);
break;
}
switch (pi->eth_type) {
case ETHERNET_TYPE_IP:
prepare_ip4(pi);
parse_ip4(pi);
break;
case ETHERNET_TYPE_IPV6:
prepare_ip6(pi);
parse_ip6(pi);
break;
default:
config.p_s.otherl_recv++;
//vlog(0x3, "[*] ETHERNET TYPE : %x\n",pi->eth_hdr->eth_ip_type);
break;
}
config.inpacket = 0;
}
static void
parse_ppp (const struct pcap_pkthdr *header,
const u_char *packet)
{
const u_char *payload = packet + PPP_HDRLEN;
switch (PPP_PROTOCOL (packet))
{
case (PPP_IP):
parse_ip (header, payload);
break;
case (PPP_IPV6):
parse_ip6 (header, payload);
break;
default:
break;
}
}
static void
parse_linux_cooked (const struct pcap_pkthdr *header,
const u_char *packet)
{
const struct sll_header *sll = (struct sll_header *)packet;
u_char *payload = (u_char *)packet + sizeof (struct sll_header);
switch (sll->sll_protocol)
{
case (0x0008):
parse_ip (header, payload);
break;
case (0xDD86):
parse_ip6 (header, payload);
break;
default:
break;
}
}
static void
parse_ethernet (const struct pcap_pkthdr *header,
const u_char *packet)
{
const struct ether_header *ethernet = (struct ether_header *)packet;
const u_char * payload = packet + sizeof (struct ether_header);
switch (ntohs (ethernet->ether_type))
{
case (ETHERTYPE_IP):
parse_ip (header, payload);
break;
case (ETHERTYPE_IPV6):
parse_ip6 (header, payload);
break;
default:
break;
}
}
int parse_ip6_cidr(struct ip6_subnet *val, const char *saddr)
{
char saddr_cpy[MAX_STR_LEN_PROC];
char *slash;
int prefix;
if (parse_vars(&saddr, saddr)) {
return -1;
}
if (strlen(saddr) > MAX_STR_LEN_PROC) {
set_errf("String too long (max supported: %d)", MAX_STR_LEN_PROC);
return -2;
}
strncpy(saddr_cpy, saddr, MAX_STR_LEN_PROC);
slash = strstr(saddr_cpy, "/");
if (slash == NULL) {
set_errf("Missing '/' when parsing CIDR notation");
return -2;
}
*slash = 0;
prefix = atoi(slash + 1);
val->prefix = prefix;
parse_ip6((struct ipv6_addr *)&val->ip, saddr_cpy);
/* Apply mask making all bits outside the prefix zero */
int p = 120;
int cnt = 0;
while (p >= prefix) {
val->ip[15-cnt] = 0;
p -= 8;
cnt++;
}
if (prefix % 8 != 0) {
val->ip[15-cnt] &= ((int8_t)(1 << 7)) >> ((prefix %8) - 1);
}
int parse_ip6_cidr(struct ip6_subnet *val, const char *str2)
{
char str[MAX_STR_LEN_PROC];
char *slash;
int prefix;
if (parse_vars(str, sizeof(str), str2))
return -1;
slash = strstr(str, "/");
if (slash == NULL) {
set_errf("Missing '/' when parsing CIDR notation");
return -2;
}
*slash = 0;
prefix = atoi(slash + 1);
val->prefix = prefix;
parse_ip6((struct ipv6_addr *)&val->ip, str);
/* Apply mask making all bits outside the prefix zero */
int p = 120;
int cnt = 0;
while (p >= prefix) {
val->ip[15-cnt] = 0;
p -= 8;
cnt++;
}
if (prefix % 8 != 0) {
val->ip[15-cnt] &= ((int8_t)(1 << 7)) >> ((prefix %8) - 1);
}