KumiSystems/openwrtv4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
openwrtv4/openwrt/package/pipacs/src/pipacs.c

590 lines
19 KiB
C
Raw Normal View History

add pipacs package (thanks to Janos) SVN-Revision: 2865
2006-01-09 15:46:03 +00:00
// http://www.phj.hu/freesoft.asp
#include <stdio.h>
#include <stdlib.h>
#include "parser.h"
#ifndef LINUX
#include <mstcpip.h>
#include <ws2tcpip.h>
#else
#include <termios.h>
struct promisc_device
{
char name[16]; /* name (e.g. eth0) */
int reset; /* do we have to reset it on exit ? */
struct ifreq oldifr; /* old settings */
struct promisc_device *next;
};
#endif
DWORD dwIoControlCode=SIO_RCVALL;
DWORD dwProtocol=IPPROTO_IP, dwInterface=0;
#define MAXVER 2
#define MINVER 6
SOCKET s;
//
// Filters (Globals)
//
unsigned int uiSourceAddr=0, uiDestAddr=0, uiXAddr=0;
unsigned short usSourcePort = 0, usDestPort = 0, usXPort = 0;
unsigned short usSourceNet = 32, usDestNet = 32, usXNet = 32;
unsigned long ulDestNet=0xffffffff, ulSourceNet=0xffffffff, ulXNet=0xffffffff;
BOOL bFilter=FALSE;
int iline=25;
char myipname[64];
char pattern[1024];
int justheader=0;
int gre=0;
int sortbysize,fromip,toip;
int skipvlan=0;
extern char filename[128];
extern char intlist[128];
#ifndef LINUX
void PrintInterfaceList( void );
int GetInterface(SOCKET , SOCKADDR_IN *, int );
#endif
extern int InitIPAcc( void );
extern int CloseIPAcc( void );
extern int iCycle;
extern int iScreen;
extern int iFile;
extern int iDetail;
extern int iRun;
extern long lNum;
extern FILE *f;
extern int iProto;
extern int iSum;
extern char execname[];
extern int mostird;
extern int iLnxplus;
int set_raw_mode(void)
{
int fd = STDIN_FILENO;
struct termios t;
if (tcgetattr(fd, &t) < 0) { perror("tcgetattr"); return -1; }
t.c_lflag &= ~ICANON;
if (tcsetattr(fd, TCSANOW, &t) < 0) { perror("tcsetattr"); return -1; }
setbuf(stdin, NULL);
return 0;
}//
// Function: usage
//
// Description:
// Prints usage information.
//
char *author = "phj";
void usage(char *progname)
{
printf(" usage: %s options\n where options:\n", progname);
printf(" [-c:sec] Dump cycle in sec (10)\n");
printf(" [-f:file[-e:program]] Results into a file [and exec program](-)\n");
printf(" [-n:db] Execute just db cycle (0)\n");
printf(" [-l:lineno] Print lineno lines of hosts(25)\n");
printf(" [-k] Sort result by packet count (size)\n");
printf(" [-1] Ignore source IP (don't ignore)\n");
printf(" [-2] Ignore destination IP (don't ignore)\n");
printf(" [-h] Print just the header(use -a!)\n");
printf(" [-a] Print packet info&data (-)\n");
printf(" [-p] Print just summary info (-)\n");
printf(" Otherwise print sum&ip pairs\n");
//#ifndef LINUX
printf(" [-t:[tcp|udp|icmp|....|number]] Filter on IP protocoll (ALL)\n");
//#endif
printf(" [-g] Make GRE encapsulation trasparent (-)\n");
printf(" [-v] Skip VLAN headers (-)\n");
printf(" [-sa:IP[/Net]] Filter on source address (-)/net\n");
printf(" [-sp:Port] Filter on source port (-)\n");
printf(" [-da:IP[/Net]] Filter on dest address/net (-)\n");
printf(" [-dp:Port] Filter on dest port(-)\n");
printf(" [-xa:IP[/Net]] Filter on src|dest address/net (-)\n");
printf(" [-xp:Port] Filter on src|dest port (-)\n");
printf(" [-pa:pattern] String match (0), last param!!!\n");
#ifndef LINUX
printf(" [-i:int] Capture on this interface (0)\n");
printf(" Available interfaces:\n");
PrintInterfaceList();
#else
printf(" [-i:int[,int]] Capture on this interface (eth0)\n");
#endif
printf(" Filtering rules: t && (sa|da|xa) && (sp|dp|xp)");
printf("\nVer. %d.%d (c):2000-2006, P<>l<EFBFBD>czi-Horv<72>th J<>nos\n",MAXVER,MINVER);
#ifndef LINUX
WSACleanup();
ExitProcess(-1);
#else
exit(5);
#endif
}
//
// Function: ValidateArgs
//
// Description:
// This function parses the command line arguments and
// sets global variables to indicate how the app should act.
//
void ValidateArgs(int argc, char **argv)
{
int i,j;
char *ptr;
sortbysize=1; fromip=1; toip=1;
if (argc <2) { usage(argv[0]); return; }
if (*(author+2) != 'j') { usage(argv[0]); return; }
for(i=1; i < argc ;i++) {
if ((argv[i][0] == '-') || (argv[i][0] == '/')) {
switch (tolower(argv[i][1])) {
case 't': // traffic type
ptr = &argv[i][2];
while (*++ptr) *ptr = toupper(*ptr);
ptr = &argv[i][3];
for ( j=0;j<134;j++) {
if (!strcmp(ptr, szProto[j])) {
// dwIoControlCode = SIO_RCVALL;
#ifdef LINUX
dwProtocol = j;
#endif
iProto=j;
break;
}
}
if ((j>133) && atoi(&argv[i][3])) {
// dwIoControlCode = SIO_RCVALL;
#ifdef LINUX
dwProtocol = atoi(&argv[i][3]);
#endif
iProto=atoi(&argv[i][3]);
} else if (j>133) usage(argv[0]);
break;
case 'i': // interface number
#ifndef LINUX
dwInterface = atoi(&argv[i][3]);
#else
strcpy(intlist,&argv[i][3]);
ptr=strchr(intlist,' ');
if (ptr) *ptr=0;
#endif
break;
case 'g': // gre
gre=1;
break;
case 'c': // cycle time
iCycle = atoi(&argv[i][3]);
break;
case 'a': // cycle time
iDetail = 1;
break;
case 'h': // cycle time
iDetail = justheader = 1;
break;
case 'n': // just n cycle
lNum = atol(&argv[i][3]);
break;
case 'l': // lineno lines
iline = atoi(&argv[i][3]);
break;
case 'p': // just summary
if ((tolower(argv[i][2]) == 'a')) {
strcpy(pattern,&argv[i][4]); printf("\n Pattern: \'%s",&argv[i][4]);
while (++i<argc) { strcat(pattern," "); strcat(pattern,&argv[i][0]); printf(" %s",argv[i]); }
printf("\'\n");
} else iSum=1;
break;
case 'f': // filename to write
strcpy(filename,&argv[i][3]);
iFile=1; //iScreen=0;
break;
case 'e': // execname
strcpy(execname,&argv[i][3]);
break;
case 'k': // sor by count
sortbysize = 0;
break;
case '1': // ignore src
fromip = 0;
break;
case '2': // ignore dst
toip = 0;
break;
case 'v': // sor by count
skipvlan = 4;
if ((tolower(argv[i][2]) == ':')) {
skipvlan=atoi(&argv[i][3]);
}
break;
case 's': // Filter on source ip or port
if (tolower(argv[i][2]) == 'a') {
ptr=strchr(&argv[i][4],'/');
if (ptr) { usSourceNet=atoi(ptr+1); *ptr=0;}
uiSourceAddr = ntohl(inet_addr(&argv[i][4]));
} else if (tolower(argv[i][2]) == 'p')
usSourcePort = (unsigned short)atoi(&argv[i][4]);
else
usage(argv[0]);
bFilter = TRUE;
break;
case 'd': // Filter on dest ip or port
if (tolower(argv[i][2]) == 'a') {
ptr=strchr(&argv[i][4],'/');
if (ptr) { usDestNet=atoi(ptr+1); *ptr=0; }
uiDestAddr = ntohl(inet_addr(&argv[i][4]));
} else if (tolower(argv[i][2]) == 'p')
usDestPort = (unsigned short)atoi(&argv[i][4]);
else
usage(argv[0]);
bFilter = TRUE;
break;
case 'x': // Filter on source or dest ip or port
if (tolower(argv[i][2]) == 'a') {
ptr=strchr(&argv[i][4],'/');
if (ptr) { usXNet=atoi(ptr+1); *ptr=0; }
uiXAddr = ntohl(inet_addr(&argv[i][4]));
} else if (tolower(argv[i][2]) == 'p')
usXPort = (unsigned short)atoi(&argv[i][4]);
else
usage(argv[0]);
bFilter = TRUE;
break;
default:
usage(argv[0]);
}
} else usage(argv[0]);
}
iLnxplus+=skipvlan;
return;
}
#ifndef LINUX
//
// Function: PrintInterfaceList
//
// Description:
// This function prints all local IP interfaces.
//
void PrintInterfaceList()
{
SOCKET_ADDRESS_LIST *slist=NULL;
SOCKET s;
char buf[2048];
DWORD dwBytesRet;
int ret,
i;
s = socket(AF_INET, SOCK_STREAM, IPPROTO_IP);
if (s == SOCKET_ERROR) {
printf("socket() failed: %d\n", WSAGetLastError());
return;
}
ret = WSAIoctl(s, SIO_ADDRESS_LIST_QUERY, NULL, 0, buf, 2048,&dwBytesRet, NULL, NULL);
if (ret == SOCKET_ERROR){
printf("WSAIoctl(SIO_ADDRESS_LIST_QUERY) failed: %d\n",WSAGetLastError());
return;
}
slist = (SOCKET_ADDRESS_LIST *)buf;
for(i=0; i < slist->iAddressCount ;i++) {
printf(" %-2d ........ [%s]\n", i,
inet_ntoa(((SOCKADDR_IN *)slist->Address[i].lpSockaddr)->sin_addr));
}
closesocket(s);
return;
}
//
// Function: GetInterface
//
// Description:
// This function retrieves a zero based index and returns
// the IP interface corresponding to that.
//
int GetInterface(SOCKET s, SOCKADDR_IN *ifx, int num)
{
SOCKET_ADDRESS_LIST *slist=NULL;
char buf[2048];
DWORD dwBytesRet;
int ret;
ret = WSAIoctl(s, SIO_ADDRESS_LIST_QUERY, NULL, 0, buf, 2048,&dwBytesRet, NULL, NULL);
if (ret == SOCKET_ERROR) {
printf("WSAIoctl(SIO_ADDRESS_LIST_QUERY) failed: %d\n",WSAGetLastError());
return -1;
}
slist = (SOCKET_ADDRESS_LIST *)buf;
if (num >= slist->iAddressCount) return -1;
ifx->sin_addr.s_addr = ((SOCKADDR_IN *)slist->Address[num].lpSockaddr)->sin_addr.s_addr;
if (*author != 'p') return -1;
return 0;
}
#endif
#ifdef LINUX
struct promisc_device *prom;
void init_capture( void )
/*
* 1) Open our capture socket
* 2) Set all the promisc devices to promiscous mode
*/
{
struct ifreq ifr;
struct promisc_device *p,*pp;
struct protoent *pr;
char *p1,*p2;
if ((s = socket (AF_INET, SOCK_PACKET, htons (ETH_P_ALL))) < 0)
{
printf(" can't get socket: \n");
exit(1);
}
strcpy(myipname,intlist);
p1=intlist; p=NULL;
while (p1) {
pp=p;
p = malloc(sizeof(struct promisc_device));
if (pp) pp->next=p; else prom=p;
if ( (p2=strchr(p1,','))) *p2++=0;
strcpy(&p->name,p1); p->next=NULL;
printf(" %s",p->name); fflush(stdout);
p1=p2;
// while(p!=NULL) {
strcpy (p -> oldifr.ifr_name, p -> name);
if (ioctl (s, SIOCGIFFLAGS, &(p -> oldifr)) < 0) {
printf(" can't get flags: \n");
exit(2);
}
p -> reset = 1;
ifr = p -> oldifr;
if (ifr.ifr_flags & IFF_PROMISC) printf(" already promisc! \n");
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl (s, SIOCSIFFLAGS, &ifr) < 0) {
printf(" can't set flags: \n");
exit(3);
}
// p = p -> next;
}
}
void exit_capture(void)
{
struct promisc_device *p;
/* do we have to check (capture_sd >= 0) ? */
p = prom;
while(p != NULL) {
if (ioctl (s, SIOCSIFFLAGS, &(p -> oldifr)) < 0) {
printf("can't reset flags: \n");
}
p = p -> next;
}
close (s);
}
#endif
//
// Function: main
//
int main(int argc, char **argv) {
WSADATA wsd;
SOCKADDR_IN if0;
int ret,count;
unsigned int optval;
DWORD dwBytesRet,
dwFlags,
nproc;
char rcvbuf[MAX_IP_SIZE];
WSABUF wbuf;
unsigned long i;
#ifndef LINUX
// Load Winsock
//
if (WSAStartup(MAKEWORD(2,2), &wsd) != 0) {
printf(" WSAStartup() failed: %d\n", GetLastError());
return -1;
}
#else
SOCKADDR ssaddr;
struct promisc_device *p;
fd_set ready;
struct timeval tv;
#endif
char Key;
int status;
FILE *input;
// Parse the command line
//
strcpy(intlist,"eth0");
for(i=100;i<255;i++) szProto[i]="?!?";
szProto[103]="PIM";
szProto[108]="IPCOMP";
szProto[112]="VRRP";
szProto[115]="L2TP";
szProto[124]="ISIS";
szProto[132]="SCTP";
szProto[133]="FC";
*execname=0;
ValidateArgs(argc, argv);
if (bFilter) {
i=uiSourceAddr;
if ( i || usSourcePort)
printf(" Source: %03d.%03d.%03d.%03d/%d:%d\n",(i&0xff000000)>>24,(i&0x00ff0000)>>16,(i&0x0000ff00)>>8,i&0xff,uiSourceAddr?usSourceNet:0, usSourcePort);
i=uiDestAddr;
if ( i || usDestPort)
printf(" Dest. : %03d.%03d.%03d.%03d/%d:%d\n",(i&0xff000000)>>24,(i&0x00ff0000)>>16,(i&0x0000ff00)>>8,i&0xff,uiDestAddr?usDestNet:0, usDestPort);
i=uiXAddr;
if ( i || usXPort)
printf(" IP. : %03d.%03d.%03d.%03d/%d:%d\n",(i&0xff000000)>>24,(i&0x00ff0000)>>16,(i&0x0000ff00)>>8,i&0xff,uiXAddr?usXNet:0, usXPort);
}
if (iFile) printf(" To file : %s\n",filename);
if (iProto) printf(" Protocol: %s (%d)\n",szProto[iProto],iProto);
// Create a raw socket for receiving IP datagrams
//
#ifndef LINUX
s = WSASocket(AF_INET, SOCK_RAW, dwProtocol, NULL, 0, WSA_FLAG_OVERLAPPED);
if (s == INVALID_SOCKET)
{
printf("WSASocket() failed: %d\n", WSAGetLastError());
return -1;
}
// Get an interface to read IP packets on
//
memset(&if0,0,sizeof(if0));
if0.sin_family = AF_INET;
if0.sin_port = htons(0);
if (GetInterface(s, &if0, dwInterface) != 0)
{
printf("Unable to obtain an interface\n");
return -1;
}
sprintf(myipname,"%-16s",inet_ntoa(if0.sin_addr));
#else
printf("starting capture ...."); fflush(stdout);
init_capture();
printf(" capture started ....\n"); fflush(stdout);
#endif
printf(" Binding to IF: %s\n", myipname);
#ifndef LINUX
//
// This socket MUST be bound before calling the ioctl
//
if (bind(s, (SOCKADDR *)&if0, sizeof(if0)) == SOCKET_ERROR) {
printf("bind() failed: %d\n", WSAGetLastError());
return -1;
}
//
// Set the SIO_RCVALLxxx ioctl
//
optval = 1;
if (WSAIoctl(s, dwIoControlCode, &optval, sizeof(optval),
NULL, 0, &dwBytesRet, NULL, NULL) == SOCKET_ERROR) {
printf("WSAIotcl() set raw socket failed; %d\n", WSAGetLastError());
// return -1;
optval = 2;
if (WSAIoctl(s, dwIoControlCode, &optval, sizeof(optval),
NULL, 0, &dwBytesRet, NULL, NULL) == SOCKET_ERROR) {
printf("WSAIotcl() set raw socket only failed; %d\n", WSAGetLastError());
return -1;
}
}
system("cls");
#else
tv.tv_sec=0; tv.tv_usec=0;
set_raw_mode();
FD_ZERO(&ready);
FD_SET(STDIN_FILENO,&ready);
#endif
input = fopen("/dev/tty", "r"); //open the terminal keyboard
if (uiSourceAddr==0) ulSourceNet=0;
else for ( i=0; i<32-usSourceNet; i++) ulSourceNet <<= 1;
if (uiDestAddr==0) ulDestNet=0;
else for ( i=0; i<32-usDestNet; i++) ulDestNet <<= 1;
if (uiXAddr==0) ulXNet=0;
else for ( i=0; i<32-usXNet; i++) ulXNet <<= 1;
if (uiXAddr) uiSourceAddr=uiDestAddr=uiXAddr;
if (usXPort) usSourcePort=usDestPort=usXPort;
if (ulXNet) ulSourceNet=ulDestNet=ulXNet;
InitIPAcc();
// Start receiving IP datagrams until interrupted
//
count = 0;
if (iFile && iDetail) f=fopen(filename,"w+");
if (iProto) bFilter=1;
if (*(author+1) != 'h') iRun=0;
while (iRun) {
rcvbuf[MAX_IP_SIZE]=0;
wbuf.len = MAX_IP_SIZE;
wbuf.buf = rcvbuf;
#ifndef LINUX
dwFlags = 0;
ret = WSARecv(s, &wbuf, 1, &dwBytesRet, &dwFlags, NULL, NULL);
if (ret == SOCKET_ERROR) {
printf("WSARecv() failed: %d\n", WSAGetLastError());
return -1;
}
if (kbhit()) {
#else
dwFlags = sizeof(ssaddr);
ret = recvfrom (s, wbuf.buf, MAX_IP_SIZE, 0, &ssaddr, (int *) &dwFlags);
if (ret == -1) continue;
dwBytesRet=wbuf.len=ret;
p=prom;
while(p!=NULL) {
if (!strcmp(p -> name, ssaddr.sa_data)) break;
p=p->next;
}
if (!p) {
// printf("\n%s: ignored",ssaddr.sa_data); fflush(stdout);
continue;
}
FD_ZERO(&ready);
FD_SET(STDIN_FILENO,&ready);
if (select(STDIN_FILENO+1,&ready,NULL,NULL,&tv)>0) {
// if (FD_ISSET(STDIN_FILENO,&ready)) {
#endif
switch (getchar()) { /* branch to appropiate key handler */
case 0x1b: /* Esc */
iRun=0;
break;
default:
mostird=1;
break;
} //end of switch key
}
// Deccode the IP header
//
if (!(nproc = DecodeIPHeader(&wbuf, uiSourceAddr, usSourcePort, ulSourceNet,
uiDestAddr, usDestPort, ulDestNet, dwBytesRet,usXPort,uiXAddr,ulXNet)))
{
// printf("Error decoding IP header!\n");
// break;
}
}
// Cleanup
//
if (iRun && !iDetail) CloseIPAcc();
if (f) fclose(f);
#ifndef LINUX
closesocket(s);
WSACleanup();
#else
exit_capture();
#endif
return 0;
}
Reference in a new issue Copy permalink