#include "ekg2.h"
#include <stdio.h>
#include <string.h>
#include <pcap.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "sniff_ip.h"
#include "sniff_gg.h"
#include "sniff_dns.h"
#include "sniff_rivchat.h"
#include "sniff_dns.inc"
#include "sniff_gg.inc"
#include "sniff_rivchat.inc"

Wykres zależności załączania dla sniff.c:

Struktury danych
struct	connection_t

Definicje
#define	SNAPLEN 2000

#define	PROMISC 0

#define	GET_DEV(s) ((pcap_t ) ((session_t ) s)->priv)

#define	MAX_BYTES_PER_LINE 16

#define	SNIFF_HANDLER(x, type) static int x(session_t s, const connection_t hdr, const type *pkt, int len)

#define	CHECK_LEN(x)

#define	CHECK_LEN(x)

#define	RIVCHAT_PACKET_LEN 328

#define	WATCHER_PCAP(x, y)

#define	DEFAULT_FILTER "(tcp and (net 217.17.41.80/28 or net 217.17.45.128/27 or net 85.232.236.0/24 or net 91.197.12.0/22)) or (udp and (port 16127 or port 53))"

Definicje typów
typedef int(*	sniff_handler_t) (session_t , const connection_t , const unsigned char *, int)

Wyliczenia
enum	pkt_way_t { SNIFF_OUTGOING = 0, SNIFF_INCOMING }

Funkcje
static int	sniff_theme_init ()

static int	sniff_plugin_destroy ()

static char *	build_code (const unsigned char *code)

static char *	build_sha1 (const unsigned char *digest)

static char *	build_hex (guint32 hex)

static char *	build_hex2 (guint32 hex)

static char *	_inet_ntoa (struct in_addr ip)

static char *	_inet_ntoa6 (struct in6_addr ip)

static char *	build_windowip_name (struct in_addr ip)

static connection_t *	sniff_udp_get (const struct iphdr ip, const struct udphdr udp)

static connection_t *	sniff_tcp_find_connection (const struct iphdr ip, const struct tcphdr tcp)

static void	tcp_print_payload (u_char *payload, size_t len)

static char *	tcp_print_flags (u_char tcpflag)

static void	sniff_loop_tcp (session_t s, int len, const u_char packet, const struct iphdr *ip, int size_ip)

static void	sniff_loop_udp (session_t s, int len, const u_char packet, const struct iphdr *ip)

static void	sniff_loop_ip (session_t s, int len, const u_char packet)

static void	sniff_loop_ether (u_char data, const struct pcap_pkthdr header, const u_char *packet)

void	sniff_loop_sll (u_char data, const struct pcap_pkthdr header, const u_char *packet)

static int	sniff_pcap_read_EN10MB (int type, int fd, watch_type_t watch, session_t *s)

static int	sniff_pcap_read_SLL (int type, int fd, watch_type_t watch, session_t *s)

static int	sniff_pcap_read (int type, int fd, watch_type_t watch, session_t *s)

static int	sniff_command_connect (const char name, const char params, session_t session, const char *target, int quiet)

static int	sniff_command_disconnect (const char name, const char params, session_t session, const char *target, int quiet)

static int	sniff_command_connections (const char name, const char params, session_t session, const char *target, int quiet)

static int	sniff_session_deinit (void *data, va_list ap)

static int	sniff_validate_uid (void *data, va_list ap)

static int	sniff_status_show (void *data, va_list ap)

static int	sniff_print_version (void *data, va_list ap)

	__attribute__ ((visibility("default")))

Zmienne
plugin_t	sniff_plugin = { .name = "sniff", .pclass = PLUGIN_PROTOCOL , .destroy = sniff_plugin_destroy, .theme_init = sniff_theme_init }

static list_t	tcp_connections

static plugins_params_t	sniff_plugin_vars []

Dokumentacja definicji

◆ CHECK_LEN [1/2]

#define CHECK_LEN ( x )

Wartość:

if (len < x) {\
        debug_error("%s()  * READ less than: %d (len: %d) (%s)\n", __FUNCTION__, x, len, #x);\
        return -1;\
    }

◆ CHECK_LEN [2/2]

#define CHECK_LEN ( x )

Wartość:

if (len < x) {\
        debug_error("%s()  * READ less than: %d (len: %d) (%s)\n", __FUNCTION__, x, len, #x);   \
        return;                                         \
    }

◆ DEFAULT_FILTER

#define DEFAULT_FILTER "(tcp and (net 217.17.41.80/28 or net 217.17.45.128/27 or net 85.232.236.0/24 or net 91.197.12.0/22)) or (udp and (port 16127 or port 53))"

◆ GET_DEV

#define GET_DEV ( s ) ((pcap_t *) ((session_t *) s)->priv)

◆ MAX_BYTES_PER_LINE

#define MAX_BYTES_PER_LINE 16

◆ PROMISC

#define PROMISC 0

◆ RIVCHAT_PACKET_LEN

#define RIVCHAT_PACKET_LEN 328

◆ SNAPLEN

#define SNAPLEN 2000

◆ SNIFF_HANDLER

#define SNIFF_HANDLER	(	x,
		type
	)	static int x(session_t s, const connection_t hdr, const type *pkt, int len)

◆ WATCHER_PCAP

#define WATCHER_PCAP	(	x,
		y
	)

Wartość:

static WATCHER_SESSION(x) {                 \
        if (type) return 0;                 \
        if (!s) {                       \
            debug_error("sniff_pcap_read() no session!\n"); \
            return -1;                  \
        }                           \
        pcap_dispatch(GET_DEV(s), 1, y, (void *) s);        \
        return 0;                       \
    }

Dokumentacja definicji typów

◆ sniff_handler_t

typedef int(* sniff_handler_t) (session_t *, const connection_t *, const unsigned char *, int)

Dokumentacja typów wyliczanych

◆ pkt_way_t

enum pkt_way_t

Wartości wyliczeń
SNIFF_OUTGOING
SNIFF_INCOMING

Dokumentacja funkcji

◆ attribute()

__attribute__ ( (visibility("default")) )

◆ _inet_ntoa()

static char* _inet_ntoa ( struct in_addr ip )

static

◆ _inet_ntoa6()

static char* _inet_ntoa6 ( struct in6_addr ip )

static

◆ build_code()

static char* build_code ( const unsigned char * code )

static

◆ build_hex()

static char* build_hex ( guint32 hex )

static

◆ build_hex2()

static char* build_hex2 ( guint32 hex )

static

◆ build_sha1()

static char* build_sha1 ( const unsigned char * digest )

static

◆ build_windowip_name()

static char* build_windowip_name ( struct in_addr ip )

static

◆ sniff_command_connect()

static int sniff_command_connect	(	const char *	name,
		const char **	params,
		session_t *	session,
		const char *	target,
		int	quiet
	)

static

◆ sniff_command_connections()

static int sniff_command_connections	(	const char *	name,
		const char **	params,
		session_t *	session,
		const char *	target,
		int	quiet
	)

static

◆ sniff_command_disconnect()

static int sniff_command_disconnect	(	const char *	name,
		const char **	params,
		session_t *	session,
		const char *	target,
		int	quiet
	)

static

◆ sniff_loop_ether()

static void sniff_loop_ether	(	u_char *	data,
		const struct pcap_pkthdr *	header,
		const u_char *	packet
	)

inlinestatic

◆ sniff_loop_ip()

static void sniff_loop_ip	(	session_t *	s,
		int	len,
		const u_char *	packet
	)

inlinestatic

◆ sniff_loop_sll()

void sniff_loop_sll	(	u_char *	data,
		const struct pcap_pkthdr *	header,
		const u_char *	packet
	)

◆ sniff_loop_tcp()

static void sniff_loop_tcp	(	session_t *	s,
		int	len,
		const u_char *	packet,
		const struct iphdr *	ip,
		int	size_ip
	)

inlinestatic

◆ sniff_loop_udp()

static void sniff_loop_udp	(	session_t *	s,
		int	len,
		const u_char *	packet,
		const struct iphdr *	ip
	)

inlinestatic

◆ sniff_pcap_read()

static int sniff_pcap_read	(	int	type,
		int	fd,
		watch_type_t	watch,
		session_t *	s
	)

static

◆ sniff_pcap_read_EN10MB()

static int sniff_pcap_read_EN10MB	(	int	type,
		int	fd,
		watch_type_t	watch,
		session_t *	s
	)

static

◆ sniff_pcap_read_SLL()

static int sniff_pcap_read_SLL	(	int	type,
		int	fd,
		watch_type_t	watch,
		session_t *	s
	)

static

◆ sniff_plugin_destroy()

static int sniff_plugin_destroy ( )

static

◆ sniff_print_version()

static int sniff_print_version	(	void *	data,
		va_list	ap
	)

static

◆ sniff_session_deinit()

static int sniff_session_deinit	(	void *	data,
		va_list	ap
	)

static

◆ sniff_status_show()

static int sniff_status_show	(	void *	data,
		va_list	ap
	)

static

◆ sniff_tcp_find_connection()

static connection_t* sniff_tcp_find_connection	(	const struct iphdr *	ip,
		const struct tcphdr *	tcp
	)

static

◆ sniff_theme_init()

static int sniff_theme_init ( )

static

◆ sniff_udp_get()

static connection_t* sniff_udp_get	(	const struct iphdr *	ip,
		const struct udphdr *	udp
	)

static

◆ sniff_validate_uid()

static int sniff_validate_uid	(	void *	data,
		va_list	ap
	)

static

◆ tcp_print_flags()

static char* tcp_print_flags ( u_char tcpflag )

static

◆ tcp_print_payload()

static void tcp_print_payload	(	u_char *	payload,
		size_t	len
	)

static

Dokumentacja zmiennych

◆ sniff_plugin

plugin_t sniff_plugin = { .name = "sniff", .pclass = PLUGIN_PROTOCOL , .destroy = sniff_plugin_destroy, .theme_init = sniff_theme_init }

◆ sniff_plugin_vars

plugins_params_t sniff_plugin_vars[]

static

Wartość początkowa:

= {
    {  "alias" ,  0 ,  0 ,  VAR_STR ,  NULL , NULL },
    {  "auto_connect" ,  "0" ,  0 ,  VAR_BOOL ,  NULL , NULL },
    {  "filter" ,   "(tcp and (net 217.17.41.80/28 or net 217.17.45.128/27 or net 85.232.236.0/24 or net 91.197.12.0/22)) or (udp and (port 16127 or port 53))"  ,  0 ,  VAR_STR ,  NULL , NULL },
    { NULL, NULL, 0, -1, NULL }
}

◆ tcp_connections

list_t tcp_connections

static

Struktury danych

Definicje

Definicje typów

Wyliczenia

Funkcje

Zmienne

Dokumentacja definicji

◆ CHECK_LEN [1/2]

◆ CHECK_LEN [2/2]

◆ DEFAULT_FILTER

◆ GET_DEV

◆ MAX_BYTES_PER_LINE

◆ PROMISC

◆ RIVCHAT_PACKET_LEN

◆ SNAPLEN

◆ SNIFF_HANDLER

◆ WATCHER_PCAP

Dokumentacja definicji typów

◆ sniff_handler_t

Dokumentacja typów wyliczanych

◆ pkt_way_t

Dokumentacja funkcji

◆ __attribute__()

◆ _inet_ntoa()

◆ _inet_ntoa6()

◆ build_code()

◆ build_hex()

◆ build_hex2()

◆ build_sha1()

◆ build_windowip_name()

◆ sniff_command_connect()

◆ sniff_command_connections()

◆ sniff_command_disconnect()

◆ sniff_loop_ether()

◆ sniff_loop_ip()

◆ sniff_loop_sll()

◆ sniff_loop_tcp()

◆ sniff_loop_udp()

◆ sniff_pcap_read()

◆ sniff_pcap_read_EN10MB()

◆ sniff_pcap_read_SLL()

◆ sniff_plugin_destroy()

◆ sniff_print_version()

◆ sniff_session_deinit()

◆ sniff_status_show()

◆ sniff_tcp_find_connection()

◆ sniff_theme_init()

◆ sniff_udp_get()

◆ sniff_validate_uid()

◆ tcp_print_flags()

◆ tcp_print_payload()

Dokumentacja zmiennych

◆ sniff_plugin

◆ sniff_plugin_vars

◆ tcp_connections

◆ attribute()