summaryrefslogtreecommitdiff
authormickeyl <mickeyl>2003-10-09 00:03:06 (UTC)
committer mickeyl <mickeyl>2003-10-09 00:03:06 (UTC)
commitf8d08db59ac05f5bf2f56e6ebf69c28dfbe8b13e (patch) (side-by-side diff)
tree36059d71abfcdb73748c1941fb9458dc75e0d4a8
parent5517443d9ebe96ff9c30d91b2254418964d5c410 (diff)
downloadopie-f8d08db59ac05f5bf2f56e6ebf69c28dfbe8b13e.zip
opie-f8d08db59ac05f5bf2f56e6ebf69c28dfbe8b13e.tar.gz
opie-f8d08db59ac05f5bf2f56e6ebf69c28dfbe8b13e.tar.bz2
- catch up with changed sniffing behaviour in newer wlan-ng *puke* drivers
- new API: OPacketCapturer::next( int time )
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--libopie2/opienet/onetwork.cpp12
-rw-r--r--libopie2/opienet/opcap.cpp27
-rw-r--r--libopie2/opienet/opcap.h5
3 files changed, 38 insertions, 6 deletions
diff --git a/libopie2/opienet/onetwork.cpp b/libopie2/opienet/onetwork.cpp
index 1f529d2..45ee4c0 100644
--- a/libopie2/opienet/onetwork.cpp
+++ b/libopie2/opienet/onetwork.cpp
@@ -886,100 +886,106 @@ void OCiscoMonitoringInterface::setEnabled( bool b )
QString OCiscoMonitoringInterface::name() const
{
return "cisco";
}
void OCiscoMonitoringInterface::setChannel( int )
{
// cisco devices automatically switch channels when in monitor mode
}
/*======================================================================================
* OWlanNGMonitoringInterface
*======================================================================================*/
OWlanNGMonitoringInterface::OWlanNGMonitoringInterface( ONetworkInterface* iface, bool prismHeader )
:OMonitoringInterface( iface, prismHeader )
{
iface->setMonitoring( this );
}
OWlanNGMonitoringInterface::~OWlanNGMonitoringInterface()
{
}
void OWlanNGMonitoringInterface::setEnabled( bool b )
{
//FIXME: do nothing if its already in the same mode
QString enable = b ? "true" : "false";
QString prism = _prismHeader ? "true" : "false";
QString cmd;
cmd.sprintf( "$(which wlanctl-ng) %s lnxreq_wlansniff channel=%d enable=%s prismheader=%s",
(const char*) _if->name(), 1, (const char*) enable, (const char*) prism );
system( cmd );
}
QString OWlanNGMonitoringInterface::name() const
{
return "wlan-ng";
}
-void OWlanNGMonitoringInterface::setChannel( int )
+void OWlanNGMonitoringInterface::setChannel( int c )
{
- // wlan-ng devices automatically switch channels when in monitor mode
- // NOTE: The above note no longer seems to be true for recent driver versions!
+ //NOTE: Older wlan-ng drivers automatically hopped channels while lnxreq_wlansniff=true. Newer ones don't.
+
+ QString enable = "true"; //_if->monitorMode() ? "true" : "false";
+ QString prism = _prismHeader ? "true" : "false";
+ QString cmd;
+ cmd.sprintf( "$(which wlanctl-ng) %s lnxreq_wlansniff channel=%d enable=%s prismheader=%s",
+ (const char*) _if->name(), c+1, (const char*) enable, (const char*) prism );
+ system( cmd );
}
/*======================================================================================
* OHostAPMonitoringInterface
*======================================================================================*/
OHostAPMonitoringInterface::OHostAPMonitoringInterface( ONetworkInterface* iface, bool prismHeader )
:OMonitoringInterface( iface, prismHeader )
{
iface->setMonitoring( this );
}
OHostAPMonitoringInterface::~OHostAPMonitoringInterface()
{
}
void OHostAPMonitoringInterface::setEnabled( bool b )
{
// IW_MODE_MONITOR was introduced in Wireless Extensions Version 15
// Wireless Extensions < Version 15 need iwpriv commandos for monitoring
#if WIRELESS_EXT > 14
if ( b )
_if->setMode( "monitor" ); // IW_MODE_MONITOR doesn't support prism header
else
_if->setMode( "managed" );
#else
int monitorCode = _prismHeader ? 1 : 2;
if ( b )
{
_if->setPrivate( "monitor", 1, monitorCode );
}
else
{
_if->setPrivate( "monitor", 1, 0 );
}
#endif
}
QString OHostAPMonitoringInterface::name() const
{
return "hostap";
}
/*======================================================================================
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index 9ed2b83..38ca1a1 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -1,91 +1,95 @@
/*
                This file is part of the Opie Project
              Copyright (C) 2003 by the Wellenreiter team:
Martin J. Muench <mjm@remote-exploit.org>
Max Moser <mmo@remote-exploit.org
Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de>
=.
.=l.
           .>+-=
 _;:,     .>    :=|. This program is free software; you can
.> <`_,   >  .   <= redistribute it and/or modify it under
:`=1 )Y*s>-.--   : the terms of the GNU Library General Public
.="- .-=="i,     .._ License as published by the Free Software
 - .   .-<_>     .<> Foundation; either version 2 of the License,
     ._= =}       : or (at your option) any later version.
    .%`+i>       _;_.
    .i_,=:_.      -<s. This program is distributed in the hope that
     +  .  -:.       = it will be useful, but WITHOUT ANY WARRANTY;
    : ..    .:,     . . . without even the implied warranty of
    =_        +     =;=|` MERCHANTABILITY or FITNESS FOR A
  _.=:.       :    :=>`: PARTICULAR PURPOSE. See the GNU
..}^=.=       =       ; Library General Public License for more
++=   -.     .`     .: details.
 :     =  ...= . :.=-
 -.   .:....=;==+<; You should have received a copy of the GNU
  -_. . .   )=.  = Library General Public License along with
    --        :-=` this library; see the file COPYING.LIB.
If not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
/* OPIE */
-
#include <opie2/opcap.h>
/* QT */
-
#include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects)
#include <qsocketnotifier.h>
#include <qobjectlist.h>
+/* SYSTEM */
+#include <sys/time.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/* LOCAL */
#include "udp_ports.h"
/*======================================================================================
* OPacket
*======================================================================================*/
OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent )
:QObject( parent, "Generic" ), _hdr( header ), _data( data )
{
//qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen );
_end = (unsigned char*) data + header.len;
//qDebug( "OPacket::data @ %0x, end @ %0x", data, _end );
switch ( datalink )
{
case DLT_EN10MB:
qDebug( "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" );
new OEthernetPacket( _end, (const struct ether_header*) data, this );
break;
case DLT_IEEE802_11:
qDebug( "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" );
new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this );
break;
case DLT_PRISM_HEADER:
qDebug( "OPacket::OPacket(): Received Packet. Datalink = PRISM_HEADER" );
new OPrismHeaderPacket( _end, (const struct prism_hdr*) (unsigned char*) data, this );
break;
default:
qWarning( "OPacket::OPacket(): Received Packet over unsupported datalink (type %d)!", datalink );
}
}
OPacket::~OPacket()
{
}
timevalstruct OPacket::timeval() const
{
return _hdr.ts;
}
@@ -151,97 +155,97 @@ QString OPacket::dump( int bpl ) const
if ( !((i+1) % bpl) )
{
str.append( bytes );
str.append( ' ' );
str.append( chars );
str.append( '\n' );
tmp.sprintf( "%04X: ", i+1 ); str.append( tmp );
bytes = "";
chars = "";
}
}
if ( (len % bpl) )
{
str.append( bytes.leftJustify( 1 + 3*bpl ) );
str.append( chars );
}
str.append( '\n' );
return str;
}
int OPacket::len() const
{
return _hdr.len;
}
/*======================================================================================
* OEthernetPacket
*======================================================================================*/
OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
:QObject( parent, "Ethernet" ), _ether( data )
{
qDebug( "Source = %s", (const char*) sourceAddress().toString() );
qDebug( "Destination = %s", (const char*) destinationAddress().toString() );
if ( sourceAddress() == OMacAddress::broadcast )
qDebug( "Source is broadcast address" );
if ( destinationAddress() == OMacAddress::broadcast )
qDebug( "Destination is broadcast address" );
switch ( type() )
{
case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
- case ETHERTYPE_ARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = ARP" ); break; }
+ case ETHERTYPE_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
case ETHERTYPE_REVARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" ); break; }
default: qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" );
}
}
OEthernetPacket::~OEthernetPacket()
{
}
OMacAddress OEthernetPacket::sourceAddress() const
{
return OMacAddress( _ether->ether_shost );
}
OMacAddress OEthernetPacket::destinationAddress() const
{
return OMacAddress( _ether->ether_dhost );
}
int OEthernetPacket::type() const
{
return ntohs( _ether->ether_type );
}
/*======================================================================================
* OIPPacket
*======================================================================================*/
OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
:QObject( parent, "IP" ), _iphdr( data )
{
qDebug( "OIPPacket::OIPPacket(): decoding IP header..." );
//qDebug( "FromAddress: %s", (const char*) inet_ntoa( *src ) );
//qDebug( " ToAddress: %s", (const char*) inet_ntoa( *dst ) );
qDebug( "FromAddress: %s", (const char*) fromIPAddress().toString() );
qDebug( " toAddress: %s", (const char*) toIPAddress().toString() );
switch ( protocol() )
{
case IPPROTO_UDP: new OUDPPacket( end, (const struct udphdr*) (data+1), this ); break;
@@ -1085,96 +1089,113 @@ void OPacketCapturer::close()
{
if ( _sn )
{
_sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
delete _sn;
}
closeDumpFile();
_open = false;
}
qDebug( "OPacketCapturer::close() --- dumping capturing statistics..." );
qDebug( "--------------------------------------------------" );
for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
qDebug( "%s : %d", (const char*) it.key(), it.data() );
qDebug( "--------------------------------------------------" );
}
int OPacketCapturer::dataLink() const
{
return pcap_datalink( _pch );
}
void OPacketCapturer::dump( OPacket* p )
{
if ( !_pcd )
{
qWarning( "OPacketCapturer::dump() - cannot dump without open capture file!" );
return;
}
pcap_dump( (u_char*) _pcd, &p->_hdr, p->_data );
}
int OPacketCapturer::fileno() const
{
if ( _open )
{
return pcap_fileno( _pch );
}
else
{
return -1;
}
}
+
+OPacket* OPacketCapturer::next( int time )
+{
+ fd_set fds;
+ struct timeval tv;
+ FD_ZERO( &fds );
+ FD_SET( pcap_fileno( _pch ), &fds );
+ tv.tv_sec = time / 1000;
+ tv.tv_usec = time % 1000;
+ int retval = select( 1, &fds, NULL, NULL, &tv);
+ if ( retval > 0 ) // clear to read!
+ return next();
+ else
+ return 0;
+}
+
+
OPacket* OPacketCapturer::next()
{
packetheaderstruct header;
qDebug( "==> OPacketCapturer::next()" );
const unsigned char* pdata = pcap_next( _pch, &header );
qDebug( "<== OPacketCapturer::next()" );
if ( pdata && header.len )
{
OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
// packets shouldn't be inserted in the QObject child-parent hierarchy,
// because due to memory constraints they will be deleted as soon
// as possible - that is right after they have been processed
// by emit() [ see below ]
//TODO: make gathering statistics optional, because it takes time
p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
#ifndef NODEBUG
p->dumpStructure( const_cast<QObjectList*>( p->children() ) );
#endif
return p;
}
else
{
qWarning( "OPacketCapturer::next() - no packet received!" );
return 0;
}
}
bool OPacketCapturer::open( const QString& name )
{
if ( _open )
{
if ( name == _name ) // ignore opening an already openend device
{
return true;
}
else // close the last opened device
{
close();
}
}
_name = name;
// open libpcap
pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] );
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index 51f067a..54b256b 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -560,96 +560,101 @@ class OPacketCapturer : public QObject
Q_OBJECT
public:
/**
* Constructor.
*/
OPacketCapturer( QObject* parent = 0, const char* name = 0 );
/**
* Destructor.
*/
~OPacketCapturer();
/**
* Set the packet capturer to use blocking or non-blocking IO. This can be useful when
* not using the socket notifier, e.g. without an application object.
*/
void setBlocking( bool );
/**
* @returns true if the packet capturer uses blocking IO calls.
*/
bool blocking() const;
/**
* Close the packet capturer. This is automatically done in the destructor.
*/
void close();
/**
* Close the output capture file.
*/
void closeDumpFile();
/**
* @returns the data link type.
* @see <pcap.h> for possible values.
*/
int dataLink() const;
/**
* Dump a packet to the output capture file.
*/
void dump( OPacket* );
/**
* @returns the file descriptor of the packet capturer. This is only useful, if
* not using the socket notifier, e.g. without an application object.
*/
int fileno() const;
/**
* @returns the next @ref OPacket from the packet capturer.
* @note If blocking mode is true then this call might block.
*/
OPacket* next();
/**
+ * @returns the next @ref OPacket from the packet capturer, if
+ * one arrives within @a time milliseconds.
+ */
+ OPacket* next( int time );
+ /**
* Open the packet capturer to capture packets in live-mode from @a interface.
*/
bool open( const QString& interface );
/**
* Open the packet capturer to capture packets in offline-mode from @a file.
*/
bool open( const QFile& file );
/**
* Open a prerecorded tcpdump compatible capture file for use with @ref dump()
*/
bool openDumpFile( const QString& filename );
/**
* @returns true if the packet capturer is open
*/
bool isOpen() const;
/**
* @returns the snapshot length of this packet capturer
*/
int snapShot() const;
/**
* @returns true if the input capture file has a different byte-order
* than the byte-order of the running system.
*/
bool swapped() const;
/**
* @returns the libpcap version string used to write the input capture file.
*/
QString version() const;
/**
* @returns the packet statistic database.
* @see QMap
*/
const QMap<QString,int>& statistics() const;
signals:
/**
* This signal is emitted, when a packet has been received.
*/
void receivedPacket( OPacket* );
protected slots:
void readyToReceive();
protected:
QString _name; // devicename
bool _open; // check this before doing pcap calls
pcap_t* _pch; // pcap library handle
pcap_dumper_t* _pcd; // pcap dumper handle