implemented sniffer function in daemon.cc

7 files changed, 38 insertions, 76 deletions

diff --git a/noncore/net/wellenreiter/daemon/source/Makefile b/noncore/net/wellenreiter/daemon/source/Makefile
index bcbc799..f3f41f0 100644
--- a/noncore/net/wellenreiter/daemon/source/Makefile
+++ b/noncore/net/wellenreiter/daemon/source/Makefile
@@ -1,33 +1,28 @@
 # $Id$
 
         CPP       = g++
 
         OPTIMFLAGS= -g
         WARNFLAGS= -Wall  -pedantic -DDEBUG
         LDFLAGS         = 
         LIBS    = -lpcap ../../libwellenreiter/source/libwellenreiter.a
-        OBJ     = daemon.o
+        OBJ     = daemon.o cardmode.o sniffer.o
 
 .SUFFIXES:
         .PHONY:         all wellenreiterd clean distclean realclean
 
 %.o : %.cc
         $(CPP) $(WARNFLAGS) $(OPTIMFLAGS) -c $< -o $@
 
         all:wellenreiterd
 
         wellenreiterd:$(OBJ)
         $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) $(OBJ) $(LDFLAGS) $(LIBS) -o $@
         @echo Build wellenreiterd
 
-sniffer: sniffer.o cardmode.o
-        $(CPP) $(OPTIMFLAGS) $(WARNFLAGS) sniffer.o cardmode.o $(LDFLAGS) $(LIBS) -o $@
-        @echo Build sniffer
-
-
 clean distclean realclean:
         @rm -rf wellenreiterd *~ *.o
         @echo All dependent files have been removed.
 
         daemon.o:config.hh
 
diff --git a/noncore/net/wellenreiter/daemon/source/TODO b/noncore/net/wellenreiter/daemon/source/TODO
index 39b1a05..2d72ab7 100644
--- a/noncore/net/wellenreiter/daemon/source/TODO
+++ b/noncore/net/wellenreiter/daemon/source/TODO
@@ -1,5 +1,4 @@
 implement communication protocol
 security analysis
-implement sniffer (last step)
 security analysis
 code cleanup
\ No newline at end of file
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.cc b/noncore/net/wellenreiter/daemon/source/cardmode.cc
index f84ce23..8069edc 100644
--- a/noncore/net/wellenreiter/daemon/source/cardmode.cc
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.cc
@@ -1,27 +1,28 @@
 /* $Id$ */
 
+#include "config.hh"
 #include "cardmode.hh"
 
 int card_into_monitormode (char *device, int cardtype)
 {
 
         int datalink; /* used for getting the pcap datalink type */
         char CiscoRFMON[35] = "/proc/driver/aironet/";
         FILE *CISCO_CONFIG_FILE;
         char errbuf[PCAP_ERRBUF_SIZE];
         pcap_t *handle;
         
         /* Checks if we have a device to sniff on */
         if(device == NULL)
         {
                 printf ("Fatal error i did not have any interfaces to sniff on\n");
                 return 0;
-    }
+        }
 
         /* Setting the prmiscous and up flag to the interface */
         if (card_set_promisc_up (device) == 0)
         {
                 printf ("Interface flags correctly set using ifconfig\n");
         }
 
         /* Check the cardtype and executes the commands to go into monitor mode */
diff --git a/noncore/net/wellenreiter/daemon/source/cardmode.hh b/noncore/net/wellenreiter/daemon/source/cardmode.hh
index 87284a1..ecc97b1 100644
--- a/noncore/net/wellenreiter/daemon/source/cardmode.hh
+++ b/noncore/net/wellenreiter/daemon/source/cardmode.hh
@@ -8,18 +8,16 @@
 #include <stdlib.h>
 #include <pcap.h>  
 #include <errno.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <net/bpf.h>
 
-#endif /* CARDMODE_HH */
-
 /* Defines, used for the card setup */
 #define   DEFAULT_PATH       "/proc/driver/aironet/%s/Config"
         #define   CARD_TYPE_CISCO1
         #define   CARD_TYPE_NG2
         #define   CARD_TYPE_HOSTAP3
 
 /* only for now, until we have the daemon running */
 /*the config file should provide these information */
@@ -28,9 +26,9 @@
         #define   SBIN_PATH"/sbin/ifconfig %s promisc up"
 #define WLANCTL_PATH   "/sbin/wlanctl-ng"
 
 /* Prototypes */
 
 int card_into_monitormode (char * device, int cardtype);
 int card_set_promisc_up (char * device);
 
-
+#endif /* CARDMODE_HH */
diff --git a/noncore/net/wellenreiter/daemon/source/daemon.cc b/noncore/net/wellenreiter/daemon/source/daemon.cc
index b3a37b6..1f9e98a 100644
--- a/noncore/net/wellenreiter/daemon/source/daemon.cc
+++ b/noncore/net/wellenreiter/daemon/source/daemon.cc
@@ -1,48 +1,66 @@
 /*
  * Startup functions of wellenreiter
  *
  * $Id$
  */
 
 #include "config.hh"
 #include "daemon.hh"
+#include "cardmode.hh"
+#include "sniffer.hh"
 
 /* Main function of wellenreiterd */
 int main(int argc, char **argv)
 {
-  int sock, maxfd, guiport=GUIPORT;
-  char guihost[]="127.0.0.1";
+  int sock, maxfd;
   struct sockaddr_in *cliaddr;
   socklen_t len=sizeof(struct sockaddr);
   char buffer[128];
-  FILE *fp=stdin; /* Will be replaced with sniffer */
+  pcap_t *handletopcap;             /* The handle to the libpcap */
+  char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */
+  struct pcap_pkthdr header;     /* The packet header from pcap*/
+  const u_char *packet;          /* The actual packet content*/
+
   fd_set rset;
 
   fprintf(stderr, "wellenreiterd %s\n\n", VERSION);
 
+  /* will be replaced soon, just for max because max is lazy :-) */
+  if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0)
+  {
+    fprintf(stderr, "Cannot set card into mon mode, aborting\n");
+    exit(-1);
+  }
+
+  /* opening the pcap for sniffing */
+  handletopcap = pcap_open_live(SNIFFER_DEVICE, BUFSIZ, 1, 1000, errbuf);
+#ifdef HAVE_PCAP_NONBLOCK
+  pcap_setnonblock(handletopcap, 1, errstr);
+#endif
+
   /* Setup socket for incoming commands */
   if((sock=commsock(DAEMONADDR, DAEMONPORT)) < 0)
   {
     wl_logerr("Cannot setup socket");
     exit(-1);
   }
   wl_loginfo("Set up socket '%d' for GUI communication", sock);
 
   FD_ZERO(&rset);
 
   /* Start main loop */
   wl_loginfo("Starting main loop");
   while(1)
   {
 
     FD_SET(sock, &rset);
-    FD_SET(fileno(fp), &rset);
-    maxfd=sock+fileno(fp)+1;
+    FD_SET(pcap_fileno(handletopcap), &rset);
+    maxfd=sock + pcap_fileno(handletopcap) + 1;
     if(select(maxfd, &rset, NULL, NULL, NULL) < 0)
     {
       wl_logerr("Error calling select: %s", strerror(errno));
       break;
     }     
 
     /* Got data on local socket from GUI */
     if(FD_ISSET(sock, &rset))
@@ -50,32 +68,28 @@ int main(int argc, char **argv)
       memset(buffer, 0, sizeof(buffer));
       if(recvfrom(sock, buffer, sizeof(buffer)-1, 0, (struct sockaddr *)cliaddr, &len) < 0)
       {
          wl_logerr("Cannot read from socket: %s", strerror(errno));
          break;
       }
       wl_loginfo("Received command from '%s': %s", inet_ntoa(cliaddr->sin_addr), buffer); 
 
-      /* Pass string to analyze function */
-      //      sendcomm(guihost, guiport, buffer);
+      /* will be passed to analyze function */
+      fprintf(stderr, "Received command: %s\n", buffer);
 
     }
 
-    /* Will be replaced with sniffer ... later */
-    if(FD_ISSET(fileno(fp), &rset))
+    /* Pcap stuff */
+    if(FD_ISSET(pcap_fileno(handletopcap), &rset))
     {
-      memset(buffer, 0, sizeof(buffer));
-      if(fgets(buffer, sizeof(buffer) - 1, fp) == NULL)
-      {
-         wl_logerr("Cannot read from stdin: %s", strerror(errno));
-         break;
-      }
-      wl_loginfo("Sending command to '%s': %s", GUIADDR, buffer);
 
-      /* Send string to GUI */
-      sendcomm(guihost, guiport, "%d: %s", 1234, buffer);
+      /* Grab one single packet */
+      packet = pcap_next(handletopcap, &header);
+
+      /* process the packet */
+      process_packets(NULL,&header,*&packet);
 
     }
   }
   close(sock);
   exit(0);
 }
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.cc b/noncore/net/wellenreiter/daemon/source/sniffer.cc
index be64d67..66d5b6f 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.cc
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.cc
@@ -7,55 +7,16 @@
  */
 
 #include "config.hh"
 #include "cardmode.hh"
 #include "sniffer.hh"
 #include "ieee802_11.hh"
 #include "extract.hh"
 
-int main(void)
-        {
-        if(card_into_monitormode (SNIFFER_DEVICE, CARD_TYPE_NG) < 0)
-                return 0;
-                start_sniffing (SNIFFER_DEVICE);
-
-  return 1;
-}
-
-int start_sniffing (char * device)
-{
- 
-                pcap_t *handletopcap;     /* The handle to the libpcap */
-        char errbuf[PCAP_ERRBUF_SIZE]; /* The errorbuffer of libpacap */
-        struct pcap_pkthdr header;     /* The packet header from pcap*/
-    const u_char *packet;          /* The actual packet content*/
-
-        /* opening the pcap for sniffing */
-        handletopcap = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf);
-
-        #ifdef HAVE_PCAP_NONBLOCK
-            pcap_setnonblock(handletopcap, 1, errstr);
-        #endif
-        /*start scanning */
-        //pcap_loop(handletopcap,-1,process_packets,NULL);
-        /* Loope endless */
-        while(1)
-        {
-                /* Grab one single packet */
-            packet = pcap_next(handletopcap, &header);
-
-                /* process the packet */
-                        process_packets(NULL,&header,*&packet);         
-        }
-
-        printf("\nDone processing packets... wheew!\n");
-        return 1;
-}
-
 void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet)
 {
         u_int caplen = pkthdr->caplen;
         u_int length = pkthdr->len;
         u_int16_t fc;
         u_int HEADER_LENGTH;
 
         /* pinfo holds all interresting information for us */
@@ -293,17 +254,17 @@ int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo)
                         break;
                 } /* end of switch*/
         } /* end of for loop */
         return 0;
         
 } /* End of handle_beacon */
 
 
-static int GetHeaderLength(u_int16_t fc)
+int GetHeaderLength(u_int16_t fc)
 {
         int iLength=0;
 
         switch (FC_TYPE(fc)) {
         case T_MGMT:
                 iLength = MGMT_HEADER_LEN;
                 break;
         case T_CTRL:
diff --git a/noncore/net/wellenreiter/daemon/source/sniffer.hh b/noncore/net/wellenreiter/daemon/source/sniffer.hh
index d262353..7e1e3be 100644
--- a/noncore/net/wellenreiter/daemon/source/sniffer.hh
+++ b/noncore/net/wellenreiter/daemon/source/sniffer.hh
@@ -8,20 +8,18 @@
 #include <stdlib.h>
 #include <pcap.h>  
 #include <errno.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <net/bpf.h>
 
-
 #define   NONBROADCASTING "non-broadcasting"
 
-
 /* holds all the interresting data */
 struct packetinfo
 {
         int isvalid;
         int pktlen;
         int fctype;
         int fcsubtype;
         int fc_wep;
@@ -31,26 +29,22 @@ struct packetinfo
         int channel;
         char bssid[sizeof("00:00:00:00:00:00")];
         char desthwaddr[sizeof("00:00:00:00:00:00")];
         char sndhwaddr[sizeof("00:00:00:00:00:00")];
                 char *ssid;
         int ssid_len;
 };
 
-
-/* Prototypes */
-int sniffer(void);
-int start_sniffing (char * device);
 void process_packets(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char* packet);
 int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo);
 void etheraddr_string(register const u_char *ep,char * text);
 int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo);
 
-static int GetHeaderLength(u_int16_t fc);
+int GetHeaderLength(u_int16_t fc);
 
 /*
  * True if  "l" bytes of "var" were captured.
  *
  * The "snapend - (l) <= snapend" checks to make sure "l" isn't so large
  * that "snapend - (l)" underflows.
  *
  * The check is for <= rather than < because "l" might be 0.