summaryrefslogtreecommitdiff
path: root/libopie2
authormickeyl <mickeyl>2004-01-06 20:21:25 (UTC)
committer mickeyl <mickeyl>2004-01-06 20:21:25 (UTC)
commit543c349726a63798491e85cf0dda89e79c6183d1 (patch) (side-by-side diff)
treea230464852b0a32f1113ac4753c1423676ce66bb /libopie2
parent7a9f4e78be5e2b888568ba99b2b65505d2a50bf0 (diff)
downloadopie-543c349726a63798491e85cf0dda89e79c6183d1.zip
opie-543c349726a63798491e85cf0dda89e79c6183d1.tar.gz
opie-543c349726a63798491e85cf0dda89e79c6183d1.tar.bz2
start parsing 802.11 control frames
Diffstat (limited to 'libopie2') (more/less context) (ignore whitespace changes)
-rw-r--r--libopie2/opienet/802_11_user.h4
-rw-r--r--libopie2/opienet/opcap.cpp2648
-rw-r--r--libopie2/opienet/opcap.h2
3 files changed, 1335 insertions, 1319 deletions
diff --git a/libopie2/opienet/802_11_user.h b/libopie2/opienet/802_11_user.h
index ad84514..7ae27c5 100644
--- a/libopie2/opienet/802_11_user.h
+++ b/libopie2/opienet/802_11_user.h
@@ -1,458 +1,458 @@
#ifndef IEEE_802_11
#define IEEE_802_11
enum ieee_802_11_link_status_failure_reason {
reserved0, Unspecified=1, Previous_not_valid,
Sender_Quits_ESS_or_IBSS,
Due_Inactivity, AP_Overload,
Class_2_from_NonAuth,
Class_3_from_NonAuth,
Sender_Quits_BSS,
Association_requester_not_authenticated,
Reserved10
};
#define IEEE_802_11_LINK_STATUS_FAILURE_REASON_STRINGS \
{ \
{reserved0, 0xff," Reserved reason "},\
{Unspecified, 0xff," Unspecified Reason "},\
{Previous_not_valid, 0xff," Previous Authentication no longer valid "},\
{Sender_Quits_ESS_or_IBSS,0xff," Deauthenticated because sending station is leaving (has left) IBSS or ESS "},\
{Due_Inactivity, 0xff," Disassociated due to inactivity "},\
{AP_Overload, 0xff," Disassociated because AP is unable to handle all currently associated stations "},\
{Class_2_from_NonAuth, 0xff," Class 2 frame received from non-Authenticated station"},\
{Class_3_from_NonAuth, 0xff," Class 3 frame received from non�Associated station"},\
{Sender_Quits_BSS, 0xff," Disassociated because sending station is leaving (has left) BSS"},\
{Association_requester_not_authenticated,0xff," Station requesting (Re)Association is not Authenticated with responding station"},\
{Reserved10, 0xff," Reserved"},\
{0,0,NULL}\
};
struct ieee_802_11_header {
u_int16_t frame_control;// needs to be subtyped
u_int16_t duration;
u_int8_t mac1[6];
u_int8_t mac2[6];
u_int8_t mac3[6];
u_int16_t SeqCtl;
u_int8_t mac4[6];
// u_int16_t gapLen;
// u_int8_t gap[8];
};
struct ieee_802_3_header {
u_int16_t status;
u_int16_t payload_length;
u_int8_t dst_mac[6];
u_int8_t src_mac[6];
};
#define P80211_OUI_LEN 3
struct ieee_802_11_802_2_header {
u_int8_t dsap;
u_int8_t ssap; /* always 0xAA */
u_int8_t ctrl; /* always 0x03 */
u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
u_int16_t type; /* packet type ID field */
};
/* See RFC 826 for protocol description. ARP packets are variable
in size; the arphdr structure defines the fixed-length portion.
Protocol type values are the same as those for 10 Mb/s Ethernet.
It is followed by the variable-sized fields ar_sha, arp_spa,
arp_tha and arp_tpa in that order, according to the lengths
specified. Field names used correspond to RFC 826. */
#define ETH_ALEN 6
struct myarphdr
{
unsigned short int ar_hrd; /* Format of hardware address. */
unsigned short int ar_pro; /* Format of protocol address. */
unsigned char ar_hln; /* Length of hardware address. */
unsigned char ar_pln; /* Length of protocol address. */
unsigned short int ar_op; /* ARP opcode (command). */
/* Ethernet looks like this : This bit is variable sized
however... */
unsigned char ar_sha[ETH_ALEN]; /* Sender hardware address. */
unsigned char ar_sip[4]; /* Sender IP address. */
unsigned char ar_tha[ETH_ALEN]; /* Target hardware address. */
unsigned char ar_tip[4]; /* Target IP address. */
};
// following is incoplete and may be incorrect and need reorganization
#define ieee_802_11_frame_type_Management 0x00
#define ieee_802_11_frame_type_Control 0x01
#define ieee_802_11_frame_type_Data 0x10
#define ieee_802_11_frame_type_Reserved 0x11
#define ieee_802_11_frame_subtype_Association_Req 0x0 // Association Request
#define ieee_802_11_frame_subtype_Association_Resp 0x1 // Association Response
#define ieee_802_11_frame_subtype_Reassociation_Req 0x2 // Reassociation Request
#define ieee_802_11_frame_subtype_Reassociation_Resp 0x3 // Reassociation Response
#define ieee_802_11_frame_subtype_Probe_Req 0x4 // Probe Request
#define ieee_802_11_frame_subtype_Probe_Resp 0x5 // Probe Response
#define ieee_802_11_frame_subtype_Beacon 0x8 // Beacon
#define ieee_802_11_frame_subtype_ATIM 0x9 // ATIM
#define ieee_802_11_frame_subtype_Disassociation 0xA // Disassociation
#define ieee_802_11_frame_subtype_Authentication 0xB // Authentication
#define ieee_802_11_frame_subtype_Deauthentication 0xC // Deauthentication
#define ieee_802_11_frame_subtype_PS_Poll 0xA // PS-Poll
#define ieee_802_11_frame_subtype_RTS 0xB // RTS
#define ieee_802_11_frame_subtype_CTS 0xC // CTS
#define ieee_802_11_frame_subtype_ACK 0xD // ACK
#define ieee_802_11_frame_subtype_CFEnd 0xE // CF-End
#define ieee_802_11_frame_subtype_CFEnd_CFAck 0xF // CF-End + CF-Ack
#define ieee_802_11_frame_subtype_Data 0x0 // Data
#define ieee_802_11_frame_subtype_Data_CFAck 0x1 // Data + CF-Ack
#define ieee_802_11_frame_subtype_Data_CF_Poll 0x2 // Data + CF-Poll
#define ieee_802_11_frame_subtype_Data_CF_AckCF_Poll 0x3 // Data + CF-Ack + CF-Poll
#define ieee_802_11_frame_subtype_NullFunction 0x4 // Null Function (no data)
#define ieee_802_11_frame_subtype_CF_Ack 0x5 // CF-Ack (no data)
#define ieee_802_11_frame_subtype_CF_Poll 0x6 // CF-Poll (no data)
#define ieee_802_11_frame_subtype_CF_AckCF_Poll 0x7 // CF-Ack + CF-Poll (no data)
#define ieee_802_11_frame_subtype_strings {\
{ ieee_802_11_frame_subtype_Association_Req, 0xF,"f Association Request"},\
{ ieee_802_11_frame_subtype_Association_Resp, 0xF,"1 Association Response"},\
{ ieee_802_11_frame_subtype_Reassociation_Req, 0xF,"2 Reassociation Request"},\
{ ieee_802_11_frame_subtype_Reassociation_Resp, 0xF,"3 Reassociation Response"},\
{ ieee_802_11_frame_subtype_Probe_Req , 0xF,"4 Probe Request"},\
{ ieee_802_11_frame_subtype_Probe_Resp , 0xF,"5 Probe Response"},\
{ ieee_802_11_frame_subtype_Beacon , 0xF,"8 Beacon"},\
{ ieee_802_11_frame_subtype_ATIM , 0xF,"9 ATIM"},\
{ ieee_802_11_frame_subtype_Disassociation, 0xF,"A Disassociation"},\
{ ieee_802_11_frame_subtype_Authentication, 0xF,"B Authentication"},\
{ ieee_802_11_frame_subtype_Deauthentication, 0xF,"C Deauthentication"},\
{ ieee_802_11_frame_subtype_PS_Poll , 0xF,"A PS-Poll"},\
{ ieee_802_11_frame_subtype_RTS , 0xF,"B RTS"},\
{ ieee_802_11_frame_subtype_CTS , 0xF,"C CTS"},\
{ ieee_802_11_frame_subtype_ACK , 0xF,"D ACK"},\
{ ieee_802_11_frame_subtype_CFEnd , 0xF,"E CF-End"},\
{ ieee_802_11_frame_subtype_CFEnd_CFAck , 0xF,"F CF-End + CF-Ack"},\
{ ieee_802_11_frame_subtype_Data , 0xF,"0 Data"},\
{ ieee_802_11_frame_subtype_Data_CFAck , 0xF,"1 Data + CF-Ack"},\
{ ieee_802_11_frame_subtype_Data_CFPoll , 0xF,"2 Data + CF-Poll"},\
{ ieee_802_11_frame_subtype_Data_CFAck_CFPoll, 0xF,"3 Data + CF-Ack + CF-Poll"},\
{ ieee_802_11_frame_subtype_Null_Function , 0xF,"4 Null Function (no data)"},\
{ ieee_802_11_frame_subtype_CFAck , 0xF,"5 CF-Ack (no data)"},\
{ ieee_802_11_frame_subtype_CFPoll , 0xF,"6 CF-Poll (no data)"},\
{ ieee_802_11_frame_subtype_CFAck_CFPoll, 0xF,"y7 CF-Ack + CF-Poll (no data)"},\
{ 0,0,NULL}\
}
struct ieee_802_11_frame_subtype_class {
u_int8_t subtype;
u_int8_t mask;
u_int8_t klass;
u_int8_t type;
};
#define ieee_802_11_frame_subtype_classes {\
{ ieee_802_11_frame_subtype_Association_Req, 0xF,2,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Association_Resp, 0xF,2,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Reassociation_Req, 0xF,2,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Reassociation_Resp, 0xF,2,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Probe_Req , 0xF,1,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Probe_Resp , 0xF,1,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Beacon , 0xF,1,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_ATIM , 0xF,1,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Disassociation, 0xF,2,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Authentication, 0xF,1,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_Deauthentication, 0xF,3,ieee_802_11_frame_type_Management},\
{ ieee_802_11_frame_subtype_PS-Poll , 0xF,3,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_RTS , 0xF,1,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_CTS , 0xF,1,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_ACK , 0xF,1,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_CFEnd , 0xF,1,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_CFEnd_CFAck , 0xF,1,ieee_802_11_frame_type_Control},\
{ ieee_802_11_frame_subtype_Data , 0xF,3,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_Data_CFAck , 0xF,3,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_Data_CF_Poll 0xF,3,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_Data_CF_AckCF_Poll, 0xF,3,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_NullFunction 0xF,1,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_CF_Ack , 0xF,1,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_CF_Poll , 0xF,1,ieee_802_11_frame_type_Data},\
{ ieee_802_11_frame_subtype_CF_AckCF_Poll, 0xF,1,ieee_802_11_frame_type_Data},\
{ 0,0,NULL}\
}
#define IEEE802_11_FC_LEN 2
#define T_MGMT 0x0 /* management */
#define T_CTRL 0x1 /* control */
#define T_DATA 0x2 /* data */
#define T_RESV 0x3 /* reserved */
#define ST_ASSOC_REQUEST 0x0
#define ST_ASSOC_RESPONSE 0x1
#define ST_REASSOC_REQUEST 0x2
#define ST_REASSOC_RESPONSE 0x3
#define ST_PROBE_REQUEST 0x4
#define ST_PROBE_RESPONSE 0x5
/* RESERVED 0x6 */
/* RESERVED 0x7 */
#define ST_BEACON 0x8
#define ST_ATIM 0x9
#define ST_DISASSOC 0xA
#define ST_AUTH 0xB
#define ST_DEAUTH 0xC
/* RESERVED 0xD */
/* RESERVED 0xE */
/* RESERVED 0xF */
#define CTRL_PS_POLL 0xA
#define CTRL_RTS 0xB
#define CTRL_CTS 0xC
#define CTRL_ACK 0xD
#define CTRL_CF_END 0xE
#define CTRL_END_ACK 0xF
/*
* Bits in the frame control field.
*/
#define FC_VERSION(fc) ((fc) & 0x3)
#define FC_TYPE(fc) (((fc) >> 2) & 0x3)
#define FC_SUBTYPE(fc) (((fc) >> 4) & 0xF)
#define FC_TO_DS(fc) ((fc) & 0x0100)
#define FC_FROM_DS(fc) ((fc) & 0x0200)
#define FC_MORE_FLAG(fc) ((fc) & 0x0400)
#define FC_RETRY(fc) ((fc) & 0x0800)
#define FC_POWER_MGMT(fc) ((fc) & 0x1000)
#define FC_MORE_DATA(fc) ((fc) & 0x2000)
#define FC_WEP(fc) ((fc) & 0x4000)
#define FC_ORDER(fc) ((fc) & 0x8000)
struct ieee_802_11_mgmt_header {
u_int16_t fc;
u_int16_t duration;
u_int8_t da[6];
u_int8_t sa[6];
u_int8_t bssid[6];
u_int16_t seq_ctrl;
};
struct ieee_802_11_data_header {
- u_int16_t frame_control;
+ u_int16_t fc;
u_int16_t duration;
u_int8_t mac1[6];
u_int8_t mac2[6];
u_int8_t mac3[6];
u_int16_t SeqCtl;
u_int8_t mac4[6];
// u_int16_t gapLen;
// u_int8_t gap[8];
};
struct ieee_802_11_control_header {
- u_int16_t frame_control;
+ u_int16_t fc;
u_int16_t duration;
u_int8_t mac1[6];
u_int8_t mac2[6];
u_int8_t mac3[6];
u_int16_t SeqCtl;
u_int8_t mac4[6];
// u_int16_t gapLen;
// u_int8_t gap[8];
};
#define CAPABILITY_ESS(cap) ((cap) & 0x0001)
#define CAPABILITY_IBSS(cap) ((cap) & 0x0002)
#define CAPABILITY_CFP(cap) ((cap) & 0x0004)
#define CAPABILITY_CFP_REQ(cap) ((cap) & 0x0008)
#define CAPABILITY_PRIVACY(cap) ((cap) & 0x0010)
struct ssid_t {
u_int8_t element_id;
u_int8_t length;
u_char ssid[33]; /* 32 + 1 for null */
};
struct rates_t {
u_int8_t element_id;
u_int8_t length;
u_int8_t rate[8];
};
struct challenge_t {
u_int8_t element_id;
u_int8_t length;
u_int8_t text[254]; /* 1-253 + 1 for null */
};
struct fh_t {
u_int8_t element_id;
u_int8_t length;
u_int16_t dwell_time;
u_int8_t hop_set;
u_int8_t hop_pattern;
u_int8_t hop_index;
};
struct ds_t {
u_int8_t element_id;
u_int8_t length;
u_int8_t channel;
};
struct cf_t {
u_int8_t element_id;
u_int8_t length;
u_int8_t count;
u_int8_t period;
u_int16_t max_duration;
u_int16_t dur_remaing;
};
struct tim_t {
u_int8_t element_id;
u_int8_t length;
u_int8_t count;
u_int8_t period;
u_int8_t bitmap_control;
u_int8_t bitmap[251];
};
struct ibss_t {
u_int8_t element_id;
u_int8_t length;
u_int16_t atim_window;
};
#define E_SSID 0
#define E_RATES 1
#define E_FH 2
#define E_DS 3
#define E_CF 4
#define E_TIM 5
#define E_IBSS 6
#define E_CHALLENGE 16
#define E_CISCO 133
struct ieee_802_11_mgmt_body {
u_int8_t timestamp[8];
u_int16_t beacon_interval;
// u_int16_t listen_interval;
// u_int16_t status_code;
// u_int16_t aid;
// u_char ap[6];
// u_int16_t reason_code;
// u_int16_t auth_alg;
// u_int16_t auth_trans_seq_num;
// struct challenge_t challenge;
u_int16_t capability_info;
// struct ssid_t ssid;
// struct rates_t rates;
// struct ds_t ds;
// struct cf_t cf;
// struct fh_t fh;
// struct tim_t tim;
};
/* a 802.11 value */
struct val_80211 {
unsigned int did;
unsigned short status, len;
unsigned int data;
};
/* header attached during prism monitor mode */
struct prism_hdr {
unsigned int msgcode, msglen;
char devname[16];
struct val_80211 hosttime, mactime, channel, rssi, sq, signal,
noise, rate, istx, frmlen;
};
struct ieee_802_11_data_body {
//FIXME
};
struct ieee_802_11_control_body {
//FIXME
};
struct ctrl_rts_t {
u_int16_t fc;
u_int16_t duration;
u_int8_t ra[6];
u_int8_t ta[6];
u_int8_t fcs[4];
};
#define CTRL_RTS_LEN (2+2+6+6+4)
struct ctrl_cts_t {
u_int16_t fc;
u_int16_t duration;
u_int8_t ra[6];
u_int8_t fcs[4];
};
#define CTRL_CTS_LEN (2+2+6+4)
struct ctrl_ack_t {
u_int16_t fc;
u_int16_t duration;
u_int8_t ra[6];
u_int8_t fcs[4];
};
#define CTRL_ACK_LEN (2+2+6+4)
struct ctrl_ps_poll_t {
u_int16_t fc;
u_int16_t aid;
u_int8_t bssid[6];
u_int8_t ta[6];
u_int8_t fcs[4];
};
#define CTRL_PS_POLL_LEN (2+2+6+6+4)
struct ctrl_end_t {
u_int16_t fc;
u_int16_t duration;
u_int8_t ra[6];
u_int8_t bssid[6];
u_int8_t fcs[4];
};
#define CTRL_END_LEN (2+2+6+6+4)
struct ctrl_end_ack_t {
u_int16_t fc;
u_int16_t duration;
u_int8_t ra[6];
u_int8_t bssid[6];
u_int8_t fcs[4];
};
#define CTRL_END_ACK_LEN (2+2+6+6+4)
#define IV_IV(iv) ((iv) & 0xFFFFFF)
#define IV_PAD(iv) (((iv) >> 24) & 0x3F)
#define IV_KEYID(iv) (((iv) >> 30) & 0x03)
#endif
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index e9b3b2c..012c0a3 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -1,1317 +1,1331 @@
-/*
- � � � � � � � � This file is part of the Opie Project
-� � � � � � � Copyright (C) 2003 by Michael 'Mickey' Lauer <mickey@Vanille.de>
- =.
- .=l.
-� � � � � �.>+-=
-�_;:, � � .> � �:=|. This program is free software; you can
-.> <`_, � > �. � <= redistribute it and/or modify it under
-:`=1 )Y*s>-.-- � : the terms of the GNU Library General Public
-.="- .-=="i, � � .._ License as published by the Free Software
-�- . � .-<_> � � .<> Foundation; either version 2 of the License,
-� � �._= =} � � � : or (at your option) any later version.
-� � .%`+i> � � � _;_.
-� � .i_,=:_. � � �-<s. This program is distributed in the hope that
-� � �+ �. �-:. � � � = it will be useful, but WITHOUT ANY WARRANTY;
-� � : .. � �.:, � � . . . without even the implied warranty of
-� � =_ � � � �+ � � =;=|` MERCHANTABILITY or FITNESS FOR A
-� _.=:. � � � : � �:=>`: PARTICULAR PURPOSE. See the GNU
-..}^=.= � � � = � � � ; Library General Public License for more
-++= � -. � � .` � � .: details.
-�: � � = �...= . :.=-
-�-. � .:....=;==+<; You should have received a copy of the GNU
-� -_. . . � )=. �= Library General Public License along with
-� � -- � � � �:-=` this library; see the file COPYING.LIB.
- If not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
-
-*/
-
-/* OPIE */
-#include <opie2/opcap.h>
-#include <opie2/odebug.h>
-
-/* QT */
-#include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects)
-#include <qsocketnotifier.h>
-#include <qobjectlist.h>
-
-/* SYSTEM */
-#include <sys/time.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-/* LOCAL */
-#include "udp_ports.h"
-
-/*======================================================================================
- * OPacket
- *======================================================================================*/
-
-OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent )
- :QObject( parent, "Generic" ), _hdr( header ), _data( data )
-{
- //qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen );
-
- _end = (unsigned char*) data + header.len;
- //qDebug( "OPacket::data @ %0x, end @ %0x", data, _end );
-
- switch ( datalink )
- {
- case DLT_EN10MB:
- odebug << "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" << oendl;
- new OEthernetPacket( _end, (const struct ether_header*) data, this );
- break;
-
- case DLT_IEEE802_11:
- odebug << "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" << oendl;
- new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this );
- break;
-
- case DLT_PRISM_HEADER:
- odebug << "OPacket::OPacket(): Received Packet. Datalink = PRISM_HEADER" << oendl;
- new OPrismHeaderPacket( _end, (const struct prism_hdr*) (unsigned char*) data, this );
- break;
-
- default:
- owarn << "OPacket::OPacket(): Received Packet over unsupported datalink, type " << datalink << "!" << oendl;
- }
-}
-
-
-OPacket::~OPacket()
-{
-}
-
-
-timevalstruct OPacket::timeval() const
-{
- return _hdr.ts;
-}
-
-
-int OPacket::caplen() const
-{
- return _hdr.caplen;
-}
-
-
-void OPacket::updateStats( QMap<QString,int>& stats, QObjectList* l )
-{
- if (!l) return;
- QObject* o = l->first();
- while ( o )
- {
- stats[o->name()]++;
- updateStats( stats, const_cast<QObjectList*>( o->children() ) );
- o = l->next();
- }
-}
-
-
-void OPacket::dumpStructure( QObjectList* l )
-{
- QString packetString( "[ |" + _dumpStructure( l ) + " ]" );
- odebug << "OPacket::dumpStructure: " << packetString << oendl;
-}
-
-
-QString OPacket::_dumpStructure( QObjectList* l )
-{
- if (!l) return QString::null;
- QObject* o = l->first();
- QString str(" ");
-
- while ( o )
- {
- str.append( o->name() );
- str.append( " |" );
- str += _dumpStructure( const_cast<QObjectList*>( o->children() ) );
- o = l->next();
- }
- return str;
-}
-
-QString OPacket::dump( int bpl ) const
-{
- static int index = 0;
- index++;
- int len = _hdr.caplen;
- QString str;
- str.sprintf( "\n<----- Packet #%04d Len = 0x%X (%d) ----->\n\n", index, len, len );
- str.append( "0000: " );
- QString tmp;
- QString bytes;
- QString chars;
-
- for ( int i = 0; i < len; ++i )
- {
- tmp.sprintf( "%02X ", _data[i] ); bytes.append( tmp );
- if ( (_data[i] > 31) && (_data[i]<128) ) chars.append( _data[i] );
- else chars.append( '.' );
-
- if ( !((i+1) % bpl) )
- {
- str.append( bytes );
- str.append( ' ' );
- str.append( chars );
- str.append( '\n' );
- tmp.sprintf( "%04X: ", i+1 ); str.append( tmp );
- bytes = "";
- chars = "";
- }
-
- }
- if ( (len % bpl) )
- {
- str.append( bytes.leftJustify( 1 + 3*bpl ) );
- str.append( chars );
- }
- str.append( '\n' );
- return str;
-}
-
-
-int OPacket::len() const
-{
- return _hdr.len;
-}
-
-
-/*======================================================================================
- * OEthernetPacket
- *======================================================================================*/
-
-OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
- :QObject( parent, "Ethernet" ), _ether( data )
-{
-
- odebug << "Source = " << sourceAddress().toString();
- odebug << "Destination = " << destinationAddress().toString();
-
- if ( sourceAddress() == OMacAddress::broadcast )
- odebug << "Source is broadcast address" << oendl;
- if ( destinationAddress() == OMacAddress::broadcast )
- odebug << "Destination is broadcast address" << oendl;
-
- switch ( type() )
- {
- case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
- case ETHERTYPE_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
- case ETHERTYPE_REVARP: { odebug << "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" << oendl; break; }
- default: odebug << "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" << oendl;
- }
-
-}
-
-
-OEthernetPacket::~OEthernetPacket()
-{
-}
-
-
-OMacAddress OEthernetPacket::sourceAddress() const
-{
- return OMacAddress( _ether->ether_shost );
-}
-
-
-OMacAddress OEthernetPacket::destinationAddress() const
-{
- return OMacAddress( _ether->ether_dhost );
-}
-
-int OEthernetPacket::type() const
-{
- return ntohs( _ether->ether_type );
-}
-
-
-/*======================================================================================
- * OIPPacket
- *======================================================================================*/
-
-
-OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
- :QObject( parent, "IP" ), _iphdr( data )
-{
- odebug << "OIPPacket::OIPPacket(): decoding IP header..." << oendl;
-
- odebug << "FromAddress = " << fromIPAddress().toString();
- odebug << " toAddress = " << toIPAddress().toString();
-
- switch ( protocol() )
- {
- case IPPROTO_UDP: new OUDPPacket( end, (const struct udphdr*) (data+1), this ); break;
- case IPPROTO_TCP: new OTCPPacket( end, (const struct tcphdr*) (data+1), this ); break;
- default: odebug << "OIPPacket::OIPPacket(): unknown IP protocol, type = " << protocol() << oendl;
- }
-
-}
-
-OIPPacket::~OIPPacket()
-{
-}
-
-
-QHostAddress OIPPacket::fromIPAddress() const
-{
- return EXTRACT_32BITS( &_iphdr->saddr );
-}
-
-
-QHostAddress OIPPacket::toIPAddress() const
-{
- return EXTRACT_32BITS( &_iphdr->saddr );
-}
-
-
-int OIPPacket::tos() const
-{
- return _iphdr->tos;
-}
-
-
-int OIPPacket::len() const
-{
- return EXTRACT_16BITS( &_iphdr->tot_len );
-}
-
-
-int OIPPacket::id() const
-{
- return EXTRACT_16BITS( &_iphdr->id );
-}
-
-
-int OIPPacket::offset() const
-{
- return EXTRACT_16BITS( &_iphdr->frag_off );
-}
-
-
-int OIPPacket::ttl() const
-{
- return _iphdr->ttl;
-}
-
-
-int OIPPacket::protocol() const
-{
- return _iphdr->protocol;
-}
-
-
-int OIPPacket::checksum() const
-{
- return EXTRACT_16BITS( &_iphdr->check );
-}
-
-/*======================================================================================
- * OARPPacket
- *======================================================================================*/
-
-
-OARPPacket::OARPPacket( const unsigned char* end, const struct myarphdr* data, QObject* parent )
- :QObject( parent, "ARP" ), _arphdr( data )
-{
- odebug << "OARPPacket::OARPPacket(): decoding ARP header..." << oendl;
- odebug << "ARP type seems to be " << EXTRACT_16BITS( &_arphdr->ar_op ) << " = " << type() << oendl;
- odebug << "Sender: MAC " << senderMacAddress().toString() << " = IP " << senderIPV4Address().toString() << oendl;
- odebug << "Target: MAC " << targetMacAddress().toString() << " = IP " << targetIPV4Address().toString() << oendl;
-}
-
-
-OARPPacket::~OARPPacket()
-{
-}
-
-
-QString OARPPacket::type() const
-{
- switch ( EXTRACT_16BITS( &_arphdr->ar_op ) )
- {
- case 1: return "REQUEST";
- case 2: return "REPLY";
- case 3: return "RREQUEST";
- case 4: return "RREPLY";
- case 8: return "InREQUEST";
- case 9: return "InREPLY";
- case 10: return "NAK";
- default: qWarning( "OARPPacket::type(): invalid ARP type!" ); return "<unknown>";
- }
-}
-
-
-QHostAddress OARPPacket::senderIPV4Address() const
-{
- return EXTRACT_32BITS( &_arphdr->ar_sip );
-}
-
-
-QHostAddress OARPPacket::targetIPV4Address() const
-{
- return EXTRACT_32BITS( &_arphdr->ar_tip );
-}
-
-
-OMacAddress OARPPacket::senderMacAddress() const
-{
- return OMacAddress( _arphdr->ar_sha );
-}
-
-
-OMacAddress OARPPacket::targetMacAddress() const
-{
- return OMacAddress( _arphdr->ar_tha );
-}
-
-
-/*======================================================================================
- * OUDPPacket
- *======================================================================================*/
-
-
-OUDPPacket::OUDPPacket( const unsigned char* end, const struct udphdr* data, QObject* parent )
- :QObject( parent, "UDP" ), _udphdr( data )
-
-{
- odebug << "OUDPPacket::OUDPPacket(): decoding UDP header..." << oendl;
- odebug << "fromPort = " << fromPort() << oendl;
- odebug << " toPort = " << toPort() << oendl;
-
- // TODO: Make this a case or a hash if we know more udp protocols
-
- if ( fromPort() == UDP_PORT_BOOTPS || fromPort() == UDP_PORT_BOOTPC ||
- toPort() == UDP_PORT_BOOTPS || toPort() == UDP_PORT_BOOTPC )
- {
- odebug << "seems to be part of a DHCP conversation => creating DHCP packet." << oendl;
- new ODHCPPacket( end, (const struct dhcp_packet*) (data+1), this );
- }
-}
-
-
-OUDPPacket::~OUDPPacket()
-{
-}
-
-
-int OUDPPacket::fromPort() const
-{
- return EXTRACT_16BITS( &_udphdr->source );
-}
-
-
-int OUDPPacket::toPort() const
-{
- return EXTRACT_16BITS( &_udphdr->dest );
-}
-
-
-int OUDPPacket::length() const
-{
- return EXTRACT_16BITS( &_udphdr->len );
-}
-
-
-int OUDPPacket::checksum() const
-{
- return EXTRACT_16BITS( &_udphdr->check );
-}
-
-
-/*======================================================================================
- * ODHCPPacket
- *======================================================================================*/
-
-
-ODHCPPacket::ODHCPPacket( const unsigned char* end, const struct dhcp_packet* data, QObject* parent )
- :QObject( parent, "DHCP" ), _dhcphdr( data )
-
-{
- odebug << "ODHCPPacket::ODHCPPacket(): decoding DHCP information..." << oendl;
- odebug << "DHCP opcode seems to be " << _dhcphdr->op << ": " << ( isRequest() ? "REQUEST" : "REPLY" ) << oendl;
- odebug << "clientAddress = " << clientAddress().toString() << oendl;
- odebug << " yourAddress = " << yourAddress().toString() << oendl;
- odebug << "serverAddress = " << serverAddress().toString() << oendl;
- odebug << " relayAddress = " << relayAddress().toString() << oendl;
- odebug << "parsing DHCP options..." << oendl;
-
- _type = 0;
-
- const unsigned char* option = &_dhcphdr->options[4];
- char tag = -1;
- char len = -1;
-
- while ( ( tag = *option++ ) != -1 /* end of option field */ )
- {
- len = *option++;
- odebug << "recognized DHCP option #" << tag << ", length " << len << oendl;
-
- if ( tag == DHO_DHCP_MESSAGE_TYPE )
- _type = *option;
-
- option += len;
- if ( option >= end )
- {
- owarn << "DHCP parsing ERROR: sanity check says the packet is at its end!" << oendl;
- break;
- }
- }
-
- odebug << "DHCP type seems to be << " << type() << oendl;
-}
-
-
-ODHCPPacket::~ODHCPPacket()
-{
-}
-
-
-bool ODHCPPacket::isRequest() const
-{
- return ( _dhcphdr->op == 01 );
-}
-
-
-bool ODHCPPacket::isReply() const
-{
- return ( _dhcphdr->op == 02 );
-}
-
-
-QString ODHCPPacket::type() const
-{
- switch ( _type )
- {
- case 1: return "DISCOVER";
- case 2: return "OFFER";
- case 3: return "REQUEST";
- case 4: return "DECLINE";
- case 5: return "ACK";
- case 6: return "NAK";
- case 7: return "RELEASE";
- case 8: return "INFORM";
- default: qWarning( "ODHCPPacket::type(): invalid DHCP type (%d) !", _dhcphdr->op ); return "<unknown>";
- }
-}
-
-
-QHostAddress ODHCPPacket::clientAddress() const
-{
- return EXTRACT_32BITS( &_dhcphdr->ciaddr );
-}
-
-
-QHostAddress ODHCPPacket::yourAddress() const
-{
- return EXTRACT_32BITS( &_dhcphdr->yiaddr );
-}
-
-
-QHostAddress ODHCPPacket::serverAddress() const
-{
- return EXTRACT_32BITS( &_dhcphdr->siaddr );
-}
-
-
-QHostAddress ODHCPPacket::relayAddress() const
-{
- return EXTRACT_32BITS( &_dhcphdr->giaddr );
-}
-
-
-OMacAddress ODHCPPacket::clientMacAddress() const
-{
- return OMacAddress( _dhcphdr->chaddr );
-}
-
-
-/*======================================================================================
- * OTCPPacket
- *======================================================================================*/
-
-
-OTCPPacket::OTCPPacket( const unsigned char* end, const struct tcphdr* data, QObject* parent )
- :QObject( parent, "TCP" ), _tcphdr( data )
-
-{
- odebug << "OTCPPacket::OTCPPacket(): decoding TCP header..." << oendl;
-}
-
-
-OTCPPacket::~OTCPPacket()
-{
-}
-
-
-int OTCPPacket::fromPort() const
-{
- return EXTRACT_16BITS( &_tcphdr->source );
-}
-
-
-int OTCPPacket::toPort() const
-{
- return EXTRACT_16BITS( &_tcphdr->dest );
-}
-
-
-int OTCPPacket::seq() const
-{
- return EXTRACT_16BITS( &_tcphdr->seq );
-}
-
-
-int OTCPPacket::ack() const
-{
- return EXTRACT_16BITS( &_tcphdr->ack_seq );
-}
-
-
-int OTCPPacket::window() const
-{
- return EXTRACT_16BITS( &_tcphdr->window );
-}
-
-
-int OTCPPacket::checksum() const
-{
- return EXTRACT_16BITS( &_tcphdr->check );
-}
-
-/*======================================================================================
- * OPrismHeaderPacket
- *======================================================================================*/
-
-
-OPrismHeaderPacket::OPrismHeaderPacket( const unsigned char* end, const struct prism_hdr* data, QObject* parent )
- :QObject( parent, "Prism" ), _header( data )
-
-{
- odebug << "OPrismHeaderPacket::OPrismHeaderPacket(): decoding PRISM header..." << oendl;
-
- odebug << "Signal Strength = " << data->signal.data << oendl;
-
- new OWaveLanPacket( end, (const struct ieee_802_11_header*) (data+1), this );
-}
-
-OPrismHeaderPacket::~OPrismHeaderPacket()
-{
-}
-
-
-unsigned int OPrismHeaderPacket::signalStrength() const
-{
- return _header->signal.data;
-}
-
-/*======================================================================================
- * OWaveLanPacket
- *======================================================================================*/
-
-
-OWaveLanPacket::OWaveLanPacket( const unsigned char* end, const struct ieee_802_11_header* data, QObject* parent )
- :QObject( parent, "802.11" ), _wlanhdr( data )
-
-{
- odebug << "OWaveLanPacket::OWaveLanPacket(): decoding IEEE 802.11 header..." << oendl;
- odebug << "type = " << type() << oendl;
- odebug << "subType = " << subType() << oendl;
- odebug << "duration = " << duration() << oendl;
- odebug << "powermanagement = " << usesPowerManagement() << oendl;
- odebug << "payload is encrypted = " << ( usesWep() ? "yes" : "no" ) << oendl;
- odebug << "MAC1 = " << macAddress1().toString() << oendl;
- odebug << "MAC2 = " << macAddress2().toString() << oendl;
- odebug << "MAC3 = " << macAddress3().toString() << oendl;
- odebug << "MAC4 = " << macAddress4().toString() << oendl;
-
- switch ( type() )
- {
- case T_MGMT: new OWaveLanManagementPacket( end, (const struct ieee_802_11_mgmt_header*) data, this ); break;
- case T_DATA: new OWaveLanDataPacket( end, (const struct ieee_802_11_data_header*) data, this ); break;
- case T_CTRL: new OWaveLanControlPacket( end, (const struct ieee_802_11_control_header*) data, this ); break;
- default: odebug << "OWaveLanPacket::OWaveLanPacket(): Warning: Unknown major type = " << type() << oendl;
- }
-}
-
-OWaveLanPacket::~OWaveLanPacket()
-{
-}
-
-
-int OWaveLanPacket::duration() const
-{
- return _wlanhdr->duration;
-}
-
-
-OMacAddress OWaveLanPacket::macAddress1() const
-{
- return OMacAddress( _wlanhdr->mac1 );
-}
-
-
-OMacAddress OWaveLanPacket::macAddress2() const
-{
- return OMacAddress( _wlanhdr->mac2 );
-}
-
-
-OMacAddress OWaveLanPacket::macAddress3() const
-{
- return OMacAddress( _wlanhdr->mac3 );
-}
-
-
-OMacAddress OWaveLanPacket::macAddress4() const
-{
- return OMacAddress( _wlanhdr->mac4 );
-}
-
-
-int OWaveLanPacket::subType() const
-{
- return FC_SUBTYPE( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-int OWaveLanPacket::type() const
-{
- return FC_TYPE( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-int OWaveLanPacket::version() const
-{
- return FC_VERSION( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-bool OWaveLanPacket::fromDS() const
-{
- return FC_FROM_DS( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-bool OWaveLanPacket::toDS() const
-{
- return FC_TO_DS( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-bool OWaveLanPacket::usesPowerManagement() const
-{
- return FC_POWER_MGMT( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-bool OWaveLanPacket::usesWep() const
-{
- return FC_WEP( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
-}
-
-
-/*======================================================================================
- * OWaveLanManagementPacket
- *======================================================================================*/
-
-OWaveLanManagementPacket::OWaveLanManagementPacket( const unsigned char* end, const struct ieee_802_11_mgmt_header* data, OWaveLanPacket* parent )
- :QObject( parent, "802.11 Management" ), _header( data ),
- _body( (const struct ieee_802_11_mgmt_body*) (data+1) )
-{
- odebug << "OWaveLanManagementPacket::OWaveLanManagementPacket(): decoding frame..." << oendl;
- odebug << "Detected subtype is " << managementType() << oendl;
-
- // grab tagged values
- const unsigned char* ptr = (const unsigned char*) (_body+1);
- while (ptr < end)
- {
- switch ( *ptr )
- {
- case E_SSID: new OWaveLanManagementSSID( end, (struct ssid_t*) ptr, this ); break;
- case E_FH: new OWaveLanManagementFH( end, (struct fh_t*) ptr, this ); break;
- case E_DS: new OWaveLanManagementDS( end, (struct ds_t*) ptr, this ); break;
- case E_RATES: new OWaveLanManagementRates( end, (struct rates_t*) ptr, this ); break;
- case E_CF: new OWaveLanManagementCF( end, (struct cf_t*) ptr, this ); break;
- case E_TIM: new OWaveLanManagementTim( end, (struct tim_t*) ptr, this ); break;
- case E_IBSS: new OWaveLanManagementIBSS( end, (struct ibss_t*) ptr, this ); break;
- case E_CHALLENGE: new OWaveLanManagementChallenge( end, (struct challenge_t*) ptr, this ); break;
- }
- ptr+= ( ( struct ssid_t* ) ptr )->length; // skip length of tagged value
- ptr+= 2; // skip tag ID and length
- }
-}
-
-
-OWaveLanManagementPacket::~OWaveLanManagementPacket()
-{
-}
-
-
-QString OWaveLanManagementPacket::managementType() const
-{
- switch ( FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) )
- {
- case ST_ASSOC_REQUEST: return "AssociationRequest"; break;
- case ST_ASSOC_RESPONSE: return "AssociationResponse"; break;
- case ST_REASSOC_REQUEST: return "ReassociationRequest"; break;
- case ST_REASSOC_RESPONSE: return "ReassociationResponse"; break;
- case ST_PROBE_REQUEST: return "ProbeRequest"; break;
- case ST_PROBE_RESPONSE: return "ProbeResponse"; break;
- case ST_BEACON: return "Beacon"; break;
- case ST_ATIM: return "Atim"; break;
- case ST_DISASSOC: return "Disassociation"; break;
- case ST_AUTH: return "Authentication"; break;
- case ST_DEAUTH: return "Deathentication"; break;
- default:
- qWarning( "OWaveLanManagementPacket::managementType(): unhandled subtype %d", FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) );
- return "Unknown";
- }
-}
-
-
-int OWaveLanManagementPacket::beaconInterval() const
-{
- return EXTRACT_LE_16BITS( &_body->beacon_interval );
-}
-
-
-int OWaveLanManagementPacket::capabilities() const
-{
- return EXTRACT_LE_16BITS( &_body->capability_info );
-}
-
-
-bool OWaveLanManagementPacket::canESS() const
-{
- return CAPABILITY_ESS( EXTRACT_LE_16BITS( &_body->capability_info ) );
-}
-
-
-bool OWaveLanManagementPacket::canIBSS() const
-{
- return CAPABILITY_IBSS( EXTRACT_LE_16BITS( &_body->capability_info ) );
-}
-
-
-bool OWaveLanManagementPacket::canCFP() const
-{
- return CAPABILITY_CFP( EXTRACT_LE_16BITS( &_body->capability_info ) );
-}
-
-
-bool OWaveLanManagementPacket::canCFP_REQ() const
-{
- return CAPABILITY_CFP_REQ( EXTRACT_LE_16BITS( &_body->capability_info ) );
-}
-
-
-bool OWaveLanManagementPacket::canPrivacy() const
-{
- return CAPABILITY_PRIVACY( EXTRACT_LE_16BITS( &_body->capability_info ) );
-}
-
-
-/*======================================================================================
- * OWaveLanManagementSSID
- *======================================================================================*/
-
-OWaveLanManagementSSID::OWaveLanManagementSSID( const unsigned char* end, const struct ssid_t* data, QObject* parent )
- :QObject( parent, "802.11 SSID" ), _data( data )
-{
- odebug << "OWaveLanManagementSSID()" << oendl;
-}
-
-
-OWaveLanManagementSSID::~OWaveLanManagementSSID()
-{
-}
-
-
-QString OWaveLanManagementSSID::ID() const
-{
- int length = _data->length;
- if ( length > 32 ) length = 32;
- char essid[length+1];
- memcpy( &essid, &_data->ssid, length );
- essid[length] = 0x0;
- return essid;
-}
-
-
-/*======================================================================================
- * OWaveLanManagementRates
- *======================================================================================*/
-
-OWaveLanManagementRates::OWaveLanManagementRates( const unsigned char* end, const struct rates_t* data, QObject* parent )
- :QObject( parent, "802.11 Rates" ), _data( data )
-{
- odebug << "OWaveLanManagementRates()" << oendl;
-}
-
-
-OWaveLanManagementRates::~OWaveLanManagementRates()
-{
-}
-
-/*======================================================================================
- * OWaveLanManagementCF
- *======================================================================================*/
-
-OWaveLanManagementCF::OWaveLanManagementCF( const unsigned char* end, const struct cf_t* data, QObject* parent )
- :QObject( parent, "802.11 CF" ), _data( data )
-{
- odebug << "OWaveLanManagementCF()" << oendl;
-}
-
-
-OWaveLanManagementCF::~OWaveLanManagementCF()
-{
-}
-
-/*======================================================================================
- * OWaveLanManagementFH
- *======================================================================================*/
-
-OWaveLanManagementFH::OWaveLanManagementFH( const unsigned char* end, const struct fh_t* data, QObject* parent )
- :QObject( parent, "802.11 FH" ), _data( data )
-{
- odebug << "OWaveLanManagementFH()" << oendl;
-}
-
-
-OWaveLanManagementFH::~OWaveLanManagementFH()
-{
-}
-
-/*======================================================================================
- * OWaveLanManagementDS
- *======================================================================================*/
-
-OWaveLanManagementDS::OWaveLanManagementDS( const unsigned char* end, const struct ds_t* data, QObject* parent )
- :QObject( parent, "802.11 DS" ), _data( data )
-{
- odebug << "OWaveLanManagementDS()" << oendl;
-}
-
-
-OWaveLanManagementDS::~OWaveLanManagementDS()
-{
-}
-
-
-int OWaveLanManagementDS::channel() const
-{
- return _data->channel;
-}
-
-/*======================================================================================
- * OWaveLanManagementTim
- *======================================================================================*/
-
-OWaveLanManagementTim::OWaveLanManagementTim( const unsigned char* end, const struct tim_t* data, QObject* parent )
- :QObject( parent, "802.11 Tim" ), _data( data )
-{
- odebug << "OWaveLanManagementTim()" << oendl;
-}
-
-
-OWaveLanManagementTim::~OWaveLanManagementTim()
-{
-}
-
-/*======================================================================================
- * OWaveLanManagementIBSS
- *======================================================================================*/
-
-OWaveLanManagementIBSS::OWaveLanManagementIBSS( const unsigned char* end, const struct ibss_t* data, QObject* parent )
- :QObject( parent, "802.11 IBSS" ), _data( data )
-{
- odebug << "OWaveLanManagementIBSS()" << oendl;
-}
-
-
-OWaveLanManagementIBSS::~OWaveLanManagementIBSS()
-{
-}
-
-/*======================================================================================
- * OWaveLanManagementChallenge
- *======================================================================================*/
-
-OWaveLanManagementChallenge::OWaveLanManagementChallenge( const unsigned char* end, const struct challenge_t* data, QObject* parent )
- :QObject( parent, "802.11 Challenge" ), _data( data )
-{
- odebug << "OWaveLanManagementChallenge()" << oendl;
-}
-
-
-OWaveLanManagementChallenge::~OWaveLanManagementChallenge()
-{
-}
-
-/*======================================================================================
- * OWaveLanDataPacket
- *======================================================================================*/
-
-OWaveLanDataPacket::OWaveLanDataPacket( const unsigned char* end, const struct ieee_802_11_data_header* data, OWaveLanPacket* parent )
- :QObject( parent, "802.11 Data" ), _header( data )
-{
- odebug << "OWaveLanDataPacket::OWaveLanDataPacket(): decoding frame..." << oendl;
-
- const unsigned char* payload = (const unsigned char*) data + sizeof( struct ieee_802_11_data_header );
-
- #warning The next line works for most cases, but can not be correct generally!
- if (!( ( (OWaveLanPacket*) this->parent())->duration() )) payload -= 6; // compensation for missing last address
-
- new OLLCPacket( end, (const struct ieee_802_11_802_2_header*) payload, this );
-}
-
-
-OWaveLanDataPacket::~OWaveLanDataPacket()
-{
-}
-
-
-/*======================================================================================
- * OLLCPacket
- *======================================================================================*/
-
-OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )
- :QObject( parent, "802.11 LLC" ), _header( data )
-{
- odebug << "OLLCPacket::OLLCPacket(): decoding frame..." << oendl;
-
- if ( !(_header->oui[0] || _header->oui[1] || _header->oui[2]) )
- {
- owarn << "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type = " << EXTRACT_16BITS( &_header->type ) << ")" << oendl;
-
- switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
- {
- case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
- case ETH_P_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
- default: owarn << "OLLCPacket::OLLCPacket(): Unknown Encapsulation type = " << EXTRACT_16BITS( &_header->type ) << oendl;
- }
- }
-}
-
-
-OLLCPacket::~OLLCPacket()
-{
-}
-
-
-/*======================================================================================
- * OWaveLanControlPacket
- *======================================================================================*/
-
-OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )
- :QObject( parent, "802.11 Control" ), _header( data )
-{
- odebug << "OWaveLanControlPacket::OWaveLanDataControl(): decoding frame..." << oendl;
- //TODO: Implement this
-}
-
-
-OWaveLanControlPacket::~OWaveLanControlPacket()
-{
-}
-
-
-/*======================================================================================
- * OPacketCapturer
- *======================================================================================*/
-
-OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )
- :QObject( parent, name ), _name( QString::null ), _open( false ),
- _pch( 0 ), _pcd( 0 ), _sn( 0 )
-{
-}
-
-
-OPacketCapturer::~OPacketCapturer()
-{
- if ( _open )
- {
- odebug << "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." << oendl;
- close();
- }
-}
-
-
-void OPacketCapturer::setBlocking( bool b )
-{
- if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )
- {
- odebug << "OPacketCapturer::setBlocking(): blocking mode changed successfully." << oendl;
- }
- else
- {
- odebug << "OPacketCapturer::setBlocking(): can't change blocking mode: " << _errbuf << oendl;
- }
-}
-
-
-bool OPacketCapturer::blocking() const
-{
- int b = pcap_getnonblock( _pch, _errbuf );
- if ( b == -1 )
- {
- odebug << "OPacketCapturer::blocking(): can't get blocking mode: " << _errbuf << oendl;
- return -1;
- }
- return !b;
-}
-
-
-void OPacketCapturer::closeDumpFile()
-{
- if ( _pcd )
- {
- pcap_dump_close( _pcd );
- _pcd = 0;
- }
- pcap_close( _pch );
-}
-
-
-void OPacketCapturer::close()
-{
- if ( _open )
- {
- if ( _sn )
- {
- _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
- delete _sn;
- }
- closeDumpFile();
- _open = false;
- }
-
- odebug << "OPacketCapturer::close() --- dumping capturing statistics..." << oendl;
- odebug << "--------------------------------------------------" << oendl;
- for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
- odebug << it.key() << " = " << it.data() << oendl;
- odebug << "--------------------------------------------------" << oendl;
-
-}
-
-
-int OPacketCapturer::dataLink() const
-{
- return pcap_datalink( _pch );
-}
-
-
-void OPacketCapturer::dump( OPacket* p )
-{
- if ( !_pcd )
- {
- qWarning( "OPacketCapturer::dump() - cannot dump without open capture file!" );
- return;
- }
- pcap_dump( (u_char*) _pcd, &p->_hdr, p->_data );
-}
-
-
-int OPacketCapturer::fileno() const
-{
- if ( _open )
- {
- return pcap_fileno( _pch );
- }
- else
- {
- return -1;
- }
-}
-
-
-OPacket* OPacketCapturer::next( int time )
-{
- fd_set fds;
- struct timeval tv;
- FD_ZERO( &fds );
- FD_SET( pcap_fileno( _pch ), &fds );
- tv.tv_sec = time / 1000;
- tv.tv_usec = time % 1000;
- int retval = select( pcap_fileno( _pch )+1, &fds, NULL, NULL, &tv);
- if ( retval > 0 ) // clear to read!
- return next();
- else
- return 0;
-}
-
-
-OPacket* OPacketCapturer::next()
-{
- packetheaderstruct header;
- odebug << "==> OPacketCapturer::next()" << oendl;
- const unsigned char* pdata = pcap_next( _pch, &header );
- odebug << "<== OPacketCapturer::next()" << oendl;
-
- if ( pdata && header.len )
- {
- OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
- // packets shouldn't be inserted in the QObject child-parent hierarchy,
- // because due to memory constraints they will be deleted as soon
- // as possible - that is right after they have been processed
- // by emit() [ see below ]
- //TODO: make gathering statistics optional, because it takes time
- p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
- #ifndef NODEBUG
- p->dumpStructure( const_cast<QObjectList*>( p->children() ) );
- #endif
- return p;
- }
- else
- {
- qWarning( "OPacketCapturer::next() - no packet received!" );
- return 0;
- }
-}
-
-
-bool OPacketCapturer::open( const QString& name )
-{
- if ( _open )
- {
- if ( name == _name ) // ignore opening an already openend device
- {
- return true;
- }
- else // close the last opened device
- {
- close();
- }
- }
-
- _name = name;
-
- // open libpcap
- pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] );
-
- if ( !handle )
- {
- owarn << "OPacketCapturer::open(): can't open libpcap with '" << name << "': " << _errbuf << oendl;
- return false;
- }
-
- odebug << "OPacketCapturer::open(): libpcap [" << name << "] opened successfully." << oendl;
- _pch = handle;
- _open = true;
- _stats.clear();
-
- // in case we have an application object, create a socket notifier
- if ( qApp ) //TODO: I don't like this here...
- {
- _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
- connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
- }
-
- return true;
-}
-
-
-bool OPacketCapturer::openDumpFile( const QString& filename )
-{
- pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast<char*>( (const char*) filename ) );
- if ( !dump )
- {
- owarn << "OPacketCapturer::open(): can't open dump with '" << filename << "': " << _errbuf << oendl;
- return false;
- }
- odebug << "OPacketCapturer::open(): dump [" << filename << "] opened successfully." << oendl;
- _pcd = dump;
-
- return true;
-}
-
-
-bool OPacketCapturer::open( const QFile& file )
-{
- QString name = file.name();
-
- if ( _open )
- {
- close();
- if ( name == _name ) // ignore opening an already openend device
- {
- return true;
- }
- else // close the last opened device
- {
- close();
- }
- }
-
- _name = name;
-
- pcap_t* handle = pcap_open_offline( const_cast<char*>( (const char*) name ), &_errbuf[0] );
-
- if ( handle )
- {
- odebug << "OPacketCapturer::open(): libpcap opened successfully." << oendl;
- _pch = handle;
- _open = true;
-
- // in case we have an application object, create a socket notifier
- if ( qApp )
- {
- _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
- connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
- }
-
- return true;
- }
- else
- {
- odebug << "OPacketCapturer::open(): can't open libpcap with '" << name << "': " << _errbuf << oendl;
- return false;
- }
-
-}
-
-
-bool OPacketCapturer::isOpen() const
-{
- return _open;
-}
-
-
-void OPacketCapturer::readyToReceive()
-{
- odebug << "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" << oendl;
- OPacket* p = next();
- emit receivedPacket( p );
- // emit is synchronous - packet has been dealt with, now it's safe to delete
- delete p;
-}
-
-
-const QMap<QString,int>& OPacketCapturer::statistics() const
-{
- return _stats;
-}
-
-
-int OPacketCapturer::snapShot() const
-{
- return pcap_snapshot( _pch );
-}
-
-
-bool OPacketCapturer::swapped() const
-{
- return pcap_is_swapped( _pch );
-}
-
-
-QString OPacketCapturer::version() const
-{
- return QString().sprintf( "%s.%s", pcap_major_version( _pch ), pcap_minor_version( _pch ) );
-}
-
-
+/*
+ � � � � � � � � This file is part of the Opie Project
+� � � � � � � Copyright (C) 2003 by Michael 'Mickey' Lauer <mickey@Vanille.de>
+ =.
+ .=l.
+� � � � � �.>+-=
+�_;:, � � .> � �:=|. This program is free software; you can
+.> <`_, � > �. � <= redistribute it and/or modify it under
+:`=1 )Y*s>-.-- � : the terms of the GNU Library General Public
+.="- .-=="i, � � .._ License as published by the Free Software
+�- . � .-<_> � � .<> Foundation; either version 2 of the License,
+� � �._= =} � � � : or (at your option) any later version.
+� � .%`+i> � � � _;_.
+� � .i_,=:_. � � �-<s. This program is distributed in the hope that
+� � �+ �. �-:. � � � = it will be useful, but WITHOUT ANY WARRANTY;
+� � : .. � �.:, � � . . . without even the implied warranty of
+� � =_ � � � �+ � � =;=|` MERCHANTABILITY or FITNESS FOR A
+� _.=:. � � � : � �:=>`: PARTICULAR PURPOSE. See the GNU
+..}^=.= � � � = � � � ; Library General Public License for more
+++= � -. � � .` � � .: details.
+�: � � = �...= . :.=-
+�-. � .:....=;==+<; You should have received a copy of the GNU
+� -_. . . � )=. �= Library General Public License along with
+� � -- � � � �:-=` this library; see the file COPYING.LIB.
+ If not, write to the Free Software Foundation,
+ Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+*/
+
+/* OPIE */
+#include <opie2/opcap.h>
+#include <opie2/odebug.h>
+
+/* QT */
+#include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects)
+#include <qsocketnotifier.h>
+#include <qobjectlist.h>
+
+/* SYSTEM */
+#include <sys/time.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+/* LOCAL */
+#include "udp_ports.h"
+
+/*======================================================================================
+ * OPacket
+ *======================================================================================*/
+
+OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent )
+ :QObject( parent, "Generic" ), _hdr( header ), _data( data )
+{
+ //qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen );
+
+ _end = (unsigned char*) data + header.len;
+ //qDebug( "OPacket::data @ %0x, end @ %0x", data, _end );
+
+ switch ( datalink )
+ {
+ case DLT_EN10MB:
+ odebug << "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" << oendl;
+ new OEthernetPacket( _end, (const struct ether_header*) data, this );
+ break;
+
+ case DLT_IEEE802_11:
+ odebug << "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" << oendl;
+ new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this );
+ break;
+
+ case DLT_PRISM_HEADER:
+ odebug << "OPacket::OPacket(): Received Packet. Datalink = PRISM_HEADER" << oendl;
+ new OPrismHeaderPacket( _end, (const struct prism_hdr*) (unsigned char*) data, this );
+ break;
+
+ default:
+ owarn << "OPacket::OPacket(): Received Packet over unsupported datalink, type " << datalink << "!" << oendl;
+ }
+}
+
+
+OPacket::~OPacket()
+{
+}
+
+
+timevalstruct OPacket::timeval() const
+{
+ return _hdr.ts;
+}
+
+
+int OPacket::caplen() const
+{
+ return _hdr.caplen;
+}
+
+
+void OPacket::updateStats( QMap<QString,int>& stats, QObjectList* l )
+{
+ if (!l) return;
+ QObject* o = l->first();
+ while ( o )
+ {
+ stats[o->name()]++;
+ updateStats( stats, const_cast<QObjectList*>( o->children() ) );
+ o = l->next();
+ }
+}
+
+
+void OPacket::dumpStructure( QObjectList* l )
+{
+ QString packetString( "[ |" + _dumpStructure( l ) + " ]" );
+ odebug << "OPacket::dumpStructure: " << packetString << oendl;
+}
+
+
+QString OPacket::_dumpStructure( QObjectList* l )
+{
+ if (!l) return QString::null;
+ QObject* o = l->first();
+ QString str(" ");
+
+ while ( o )
+ {
+ str.append( o->name() );
+ str.append( " |" );
+ str += _dumpStructure( const_cast<QObjectList*>( o->children() ) );
+ o = l->next();
+ }
+ return str;
+}
+
+QString OPacket::dump( int bpl ) const
+{
+ static int index = 0;
+ index++;
+ int len = _hdr.caplen;
+ QString str;
+ str.sprintf( "\n<----- Packet #%04d Len = 0x%X (%d) ----->\n\n", index, len, len );
+ str.append( "0000: " );
+ QString tmp;
+ QString bytes;
+ QString chars;
+
+ for ( int i = 0; i < len; ++i )
+ {
+ tmp.sprintf( "%02X ", _data[i] ); bytes.append( tmp );
+ if ( (_data[i] > 31) && (_data[i]<128) ) chars.append( _data[i] );
+ else chars.append( '.' );
+
+ if ( !((i+1) % bpl) )
+ {
+ str.append( bytes );
+ str.append( ' ' );
+ str.append( chars );
+ str.append( '\n' );
+ tmp.sprintf( "%04X: ", i+1 ); str.append( tmp );
+ bytes = "";
+ chars = "";
+ }
+
+ }
+ if ( (len % bpl) )
+ {
+ str.append( bytes.leftJustify( 1 + 3*bpl ) );
+ str.append( chars );
+ }
+ str.append( '\n' );
+ return str;
+}
+
+
+int OPacket::len() const
+{
+ return _hdr.len;
+}
+
+
+/*======================================================================================
+ * OEthernetPacket
+ *======================================================================================*/
+
+OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
+ :QObject( parent, "Ethernet" ), _ether( data )
+{
+
+ odebug << "Source = " << sourceAddress().toString();
+ odebug << "Destination = " << destinationAddress().toString();
+
+ if ( sourceAddress() == OMacAddress::broadcast )
+ odebug << "Source is broadcast address" << oendl;
+ if ( destinationAddress() == OMacAddress::broadcast )
+ odebug << "Destination is broadcast address" << oendl;
+
+ switch ( type() )
+ {
+ case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
+ case ETHERTYPE_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
+ case ETHERTYPE_REVARP: { odebug << "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" << oendl; break; }
+ default: odebug << "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" << oendl;
+ }
+
+}
+
+
+OEthernetPacket::~OEthernetPacket()
+{
+}
+
+
+OMacAddress OEthernetPacket::sourceAddress() const
+{
+ return OMacAddress( _ether->ether_shost );
+}
+
+
+OMacAddress OEthernetPacket::destinationAddress() const
+{
+ return OMacAddress( _ether->ether_dhost );
+}
+
+int OEthernetPacket::type() const
+{
+ return ntohs( _ether->ether_type );
+}
+
+
+/*======================================================================================
+ * OIPPacket
+ *======================================================================================*/
+
+
+OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
+ :QObject( parent, "IP" ), _iphdr( data )
+{
+ odebug << "OIPPacket::OIPPacket(): decoding IP header..." << oendl;
+
+ odebug << "FromAddress = " << fromIPAddress().toString() << oendl;
+ odebug << " toAddress = " << toIPAddress().toString() << oendl;
+
+ switch ( protocol() )
+ {
+ case IPPROTO_UDP: new OUDPPacket( end, (const struct udphdr*) (data+1), this ); break;
+ case IPPROTO_TCP: new OTCPPacket( end, (const struct tcphdr*) (data+1), this ); break;
+ default: odebug << "OIPPacket::OIPPacket(): unknown IP protocol, type = " << protocol() << oendl;
+ }
+
+}
+
+OIPPacket::~OIPPacket()
+{
+}
+
+
+QHostAddress OIPPacket::fromIPAddress() const
+{
+ return EXTRACT_32BITS( &_iphdr->saddr );
+}
+
+
+QHostAddress OIPPacket::toIPAddress() const
+{
+ return EXTRACT_32BITS( &_iphdr->saddr );
+}
+
+
+int OIPPacket::tos() const
+{
+ return _iphdr->tos;
+}
+
+
+int OIPPacket::len() const
+{
+ return EXTRACT_16BITS( &_iphdr->tot_len );
+}
+
+
+int OIPPacket::id() const
+{
+ return EXTRACT_16BITS( &_iphdr->id );
+}
+
+
+int OIPPacket::offset() const
+{
+ return EXTRACT_16BITS( &_iphdr->frag_off );
+}
+
+
+int OIPPacket::ttl() const
+{
+ return _iphdr->ttl;
+}
+
+
+int OIPPacket::protocol() const
+{
+ return _iphdr->protocol;
+}
+
+
+int OIPPacket::checksum() const
+{
+ return EXTRACT_16BITS( &_iphdr->check );
+}
+
+/*======================================================================================
+ * OARPPacket
+ *======================================================================================*/
+
+
+OARPPacket::OARPPacket( const unsigned char* end, const struct myarphdr* data, QObject* parent )
+ :QObject( parent, "ARP" ), _arphdr( data )
+{
+ odebug << "OARPPacket::OARPPacket(): decoding ARP header..." << oendl;
+ odebug << "ARP type seems to be " << EXTRACT_16BITS( &_arphdr->ar_op ) << " = " << type() << oendl;
+ odebug << "Sender: MAC " << senderMacAddress().toString() << " = IP " << senderIPV4Address().toString() << oendl;
+ odebug << "Target: MAC " << targetMacAddress().toString() << " = IP " << targetIPV4Address().toString() << oendl;
+}
+
+
+OARPPacket::~OARPPacket()
+{
+}
+
+
+QString OARPPacket::type() const
+{
+ switch ( EXTRACT_16BITS( &_arphdr->ar_op ) )
+ {
+ case 1: return "REQUEST";
+ case 2: return "REPLY";
+ case 3: return "RREQUEST";
+ case 4: return "RREPLY";
+ case 8: return "InREQUEST";
+ case 9: return "InREPLY";
+ case 10: return "NAK";
+ default: owarn << "OARPPacket::type(): invalid ARP type!" << oendl; return "<unknown>";
+ }
+}
+
+
+QHostAddress OARPPacket::senderIPV4Address() const
+{
+ return EXTRACT_32BITS( &_arphdr->ar_sip );
+}
+
+
+QHostAddress OARPPacket::targetIPV4Address() const
+{
+ return EXTRACT_32BITS( &_arphdr->ar_tip );
+}
+
+
+OMacAddress OARPPacket::senderMacAddress() const
+{
+ return OMacAddress( _arphdr->ar_sha );
+}
+
+
+OMacAddress OARPPacket::targetMacAddress() const
+{
+ return OMacAddress( _arphdr->ar_tha );
+}
+
+
+/*======================================================================================
+ * OUDPPacket
+ *======================================================================================*/
+
+
+OUDPPacket::OUDPPacket( const unsigned char* end, const struct udphdr* data, QObject* parent )
+ :QObject( parent, "UDP" ), _udphdr( data )
+
+{
+ odebug << "OUDPPacket::OUDPPacket(): decoding UDP header..." << oendl;
+ odebug << "fromPort = " << fromPort() << oendl;
+ odebug << " toPort = " << toPort() << oendl;
+
+ // TODO: Make this a case or a hash if we know more udp protocols
+
+ if ( fromPort() == UDP_PORT_BOOTPS || fromPort() == UDP_PORT_BOOTPC ||
+ toPort() == UDP_PORT_BOOTPS || toPort() == UDP_PORT_BOOTPC )
+ {
+ odebug << "seems to be part of a DHCP conversation => creating DHCP packet." << oendl;
+ new ODHCPPacket( end, (const struct dhcp_packet*) (data+1), this );
+ }
+}
+
+
+OUDPPacket::~OUDPPacket()
+{
+}
+
+
+int OUDPPacket::fromPort() const
+{
+ return EXTRACT_16BITS( &_udphdr->source );
+}
+
+
+int OUDPPacket::toPort() const
+{
+ return EXTRACT_16BITS( &_udphdr->dest );
+}
+
+
+int OUDPPacket::length() const
+{
+ return EXTRACT_16BITS( &_udphdr->len );
+}
+
+
+int OUDPPacket::checksum() const
+{
+ return EXTRACT_16BITS( &_udphdr->check );
+}
+
+
+/*======================================================================================
+ * ODHCPPacket
+ *======================================================================================*/
+
+
+ODHCPPacket::ODHCPPacket( const unsigned char* end, const struct dhcp_packet* data, QObject* parent )
+ :QObject( parent, "DHCP" ), _dhcphdr( data )
+
+{
+ odebug << "ODHCPPacket::ODHCPPacket(): decoding DHCP information..." << oendl;
+ odebug << "DHCP opcode seems to be " << _dhcphdr->op << ": " << ( isRequest() ? "REQUEST" : "REPLY" ) << oendl;
+ odebug << "clientAddress = " << clientAddress().toString() << oendl;
+ odebug << " yourAddress = " << yourAddress().toString() << oendl;
+ odebug << "serverAddress = " << serverAddress().toString() << oendl;
+ odebug << " relayAddress = " << relayAddress().toString() << oendl;
+ odebug << "parsing DHCP options..." << oendl;
+
+ _type = 0;
+
+ const unsigned char* option = &_dhcphdr->options[4];
+ char tag = -1;
+ char len = -1;
+
+ while ( ( tag = *option++ ) != -1 /* end of option field */ )
+ {
+ len = *option++;
+ odebug << "recognized DHCP option #" << tag << ", length " << len << oendl;
+
+ if ( tag == DHO_DHCP_MESSAGE_TYPE )
+ _type = *option;
+
+ option += len;
+ if ( option >= end )
+ {
+ owarn << "DHCP parsing ERROR: sanity check says the packet is at its end!" << oendl;
+ break;
+ }
+ }
+
+ odebug << "DHCP type seems to be << " << type() << oendl;
+}
+
+
+ODHCPPacket::~ODHCPPacket()
+{
+}
+
+
+bool ODHCPPacket::isRequest() const
+{
+ return ( _dhcphdr->op == 01 );
+}
+
+
+bool ODHCPPacket::isReply() const
+{
+ return ( _dhcphdr->op == 02 );
+}
+
+
+QString ODHCPPacket::type() const
+{
+ switch ( _type )
+ {
+ case 1: return "DISCOVER";
+ case 2: return "OFFER";
+ case 3: return "REQUEST";
+ case 4: return "DECLINE";
+ case 5: return "ACK";
+ case 6: return "NAK";
+ case 7: return "RELEASE";
+ case 8: return "INFORM";
+ default: owarn << "ODHCPPacket::type(): invalid DHCP type " << _dhcphdr->op << oendl; return "<unknown>";
+ }
+}
+
+
+QHostAddress ODHCPPacket::clientAddress() const
+{
+ return EXTRACT_32BITS( &_dhcphdr->ciaddr );
+}
+
+
+QHostAddress ODHCPPacket::yourAddress() const
+{
+ return EXTRACT_32BITS( &_dhcphdr->yiaddr );
+}
+
+
+QHostAddress ODHCPPacket::serverAddress() const
+{
+ return EXTRACT_32BITS( &_dhcphdr->siaddr );
+}
+
+
+QHostAddress ODHCPPacket::relayAddress() const
+{
+ return EXTRACT_32BITS( &_dhcphdr->giaddr );
+}
+
+
+OMacAddress ODHCPPacket::clientMacAddress() const
+{
+ return OMacAddress( _dhcphdr->chaddr );
+}
+
+
+/*======================================================================================
+ * OTCPPacket
+ *======================================================================================*/
+
+
+OTCPPacket::OTCPPacket( const unsigned char* end, const struct tcphdr* data, QObject* parent )
+ :QObject( parent, "TCP" ), _tcphdr( data )
+
+{
+ odebug << "OTCPPacket::OTCPPacket(): decoding TCP header..." << oendl;
+}
+
+
+OTCPPacket::~OTCPPacket()
+{
+}
+
+
+int OTCPPacket::fromPort() const
+{
+ return EXTRACT_16BITS( &_tcphdr->source );
+}
+
+
+int OTCPPacket::toPort() const
+{
+ return EXTRACT_16BITS( &_tcphdr->dest );
+}
+
+
+int OTCPPacket::seq() const
+{
+ return EXTRACT_16BITS( &_tcphdr->seq );
+}
+
+
+int OTCPPacket::ack() const
+{
+ return EXTRACT_16BITS( &_tcphdr->ack_seq );
+}
+
+
+int OTCPPacket::window() const
+{
+ return EXTRACT_16BITS( &_tcphdr->window );
+}
+
+
+int OTCPPacket::checksum() const
+{
+ return EXTRACT_16BITS( &_tcphdr->check );
+}
+
+/*======================================================================================
+ * OPrismHeaderPacket
+ *======================================================================================*/
+
+
+OPrismHeaderPacket::OPrismHeaderPacket( const unsigned char* end, const struct prism_hdr* data, QObject* parent )
+ :QObject( parent, "Prism" ), _header( data )
+
+{
+ odebug << "OPrismHeaderPacket::OPrismHeaderPacket(): decoding PRISM header..." << oendl;
+
+ odebug << "Signal Strength = " << data->signal.data << oendl;
+
+ new OWaveLanPacket( end, (const struct ieee_802_11_header*) (data+1), this );
+}
+
+OPrismHeaderPacket::~OPrismHeaderPacket()
+{
+}
+
+
+unsigned int OPrismHeaderPacket::signalStrength() const
+{
+ return _header->signal.data;
+}
+
+/*======================================================================================
+ * OWaveLanPacket
+ *======================================================================================*/
+
+
+OWaveLanPacket::OWaveLanPacket( const unsigned char* end, const struct ieee_802_11_header* data, QObject* parent )
+ :QObject( parent, "802.11" ), _wlanhdr( data )
+
+{
+ odebug << "OWaveLanPacket::OWaveLanPacket(): decoding IEEE 802.11 header..." << oendl;
+ odebug << "type = " << type() << oendl;
+ odebug << "subType = " << subType() << oendl;
+ odebug << "duration = " << duration() << oendl;
+ odebug << "powermanagement = " << usesPowerManagement() << oendl;
+ odebug << "payload is encrypted = " << ( usesWep() ? "yes" : "no" ) << oendl;
+ odebug << "MAC1 = " << macAddress1().toString() << oendl;
+ odebug << "MAC2 = " << macAddress2().toString() << oendl;
+ odebug << "MAC3 = " << macAddress3().toString() << oendl;
+ odebug << "MAC4 = " << macAddress4().toString() << oendl;
+
+ switch ( type() )
+ {
+ case T_MGMT: new OWaveLanManagementPacket( end, (const struct ieee_802_11_mgmt_header*) data, this ); break;
+ case T_DATA: new OWaveLanDataPacket( end, (const struct ieee_802_11_data_header*) data, this ); break;
+ case T_CTRL: new OWaveLanControlPacket( end, (const struct ieee_802_11_control_header*) data, this ); break;
+ default: odebug << "OWaveLanPacket::OWaveLanPacket(): Warning: Unknown major type = " << type() << oendl;
+ }
+}
+
+OWaveLanPacket::~OWaveLanPacket()
+{
+}
+
+
+int OWaveLanPacket::duration() const
+{
+ return _wlanhdr->duration;
+}
+
+
+OMacAddress OWaveLanPacket::macAddress1() const
+{
+ return OMacAddress( _wlanhdr->mac1 );
+}
+
+
+OMacAddress OWaveLanPacket::macAddress2() const
+{
+ return OMacAddress( _wlanhdr->mac2 );
+}
+
+
+OMacAddress OWaveLanPacket::macAddress3() const
+{
+ return OMacAddress( _wlanhdr->mac3 );
+}
+
+
+OMacAddress OWaveLanPacket::macAddress4() const
+{
+ return OMacAddress( _wlanhdr->mac4 );
+}
+
+
+int OWaveLanPacket::subType() const
+{
+ return FC_SUBTYPE( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+int OWaveLanPacket::type() const
+{
+ return FC_TYPE( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+int OWaveLanPacket::version() const
+{
+ return FC_VERSION( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+bool OWaveLanPacket::fromDS() const
+{
+ return FC_FROM_DS( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+bool OWaveLanPacket::toDS() const
+{
+ return FC_TO_DS( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+bool OWaveLanPacket::usesPowerManagement() const
+{
+ return FC_POWER_MGMT( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+bool OWaveLanPacket::usesWep() const
+{
+ return FC_WEP( EXTRACT_LE_16BITS( &_wlanhdr->frame_control ) );
+}
+
+
+/*======================================================================================
+ * OWaveLanManagementPacket
+ *======================================================================================*/
+
+OWaveLanManagementPacket::OWaveLanManagementPacket( const unsigned char* end, const struct ieee_802_11_mgmt_header* data, OWaveLanPacket* parent )
+ :QObject( parent, "802.11 Management" ), _header( data ),
+ _body( (const struct ieee_802_11_mgmt_body*) (data+1) )
+{
+ odebug << "OWaveLanManagementPacket::OWaveLanManagementPacket(): decoding frame..." << oendl;
+ odebug << "Detected subtype is " << managementType() << oendl;
+
+ // grab tagged values
+ const unsigned char* ptr = (const unsigned char*) (_body+1);
+ while (ptr < end)
+ {
+ switch ( *ptr )
+ {
+ case E_SSID: new OWaveLanManagementSSID( end, (struct ssid_t*) ptr, this ); break;
+ case E_FH: new OWaveLanManagementFH( end, (struct fh_t*) ptr, this ); break;
+ case E_DS: new OWaveLanManagementDS( end, (struct ds_t*) ptr, this ); break;
+ case E_RATES: new OWaveLanManagementRates( end, (struct rates_t*) ptr, this ); break;
+ case E_CF: new OWaveLanManagementCF( end, (struct cf_t*) ptr, this ); break;
+ case E_TIM: new OWaveLanManagementTim( end, (struct tim_t*) ptr, this ); break;
+ case E_IBSS: new OWaveLanManagementIBSS( end, (struct ibss_t*) ptr, this ); break;
+ case E_CHALLENGE: new OWaveLanManagementChallenge( end, (struct challenge_t*) ptr, this ); break;
+ }
+ ptr+= ( ( struct ssid_t* ) ptr )->length; // skip length of tagged value
+ ptr+= 2; // skip tag ID and length
+ }
+}
+
+
+OWaveLanManagementPacket::~OWaveLanManagementPacket()
+{
+}
+
+
+QString OWaveLanManagementPacket::managementType() const
+{
+ switch ( FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) )
+ {
+ case ST_ASSOC_REQUEST: return "AssociationRequest"; break;
+ case ST_ASSOC_RESPONSE: return "AssociationResponse"; break;
+ case ST_REASSOC_REQUEST: return "ReassociationRequest"; break;
+ case ST_REASSOC_RESPONSE: return "ReassociationResponse"; break;
+ case ST_PROBE_REQUEST: return "ProbeRequest"; break;
+ case ST_PROBE_RESPONSE: return "ProbeResponse"; break;
+ case ST_BEACON: return "Beacon"; break;
+ case ST_ATIM: return "Atim"; break;
+ case ST_DISASSOC: return "Disassociation"; break;
+ case ST_AUTH: return "Authentication"; break;
+ case ST_DEAUTH: return "Deathentication"; break;
+ default: owarn << "OWaveLanManagementPacket::managementType(): unhandled subtype " << FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) << oendl; return "Unknown";
+ }
+}
+
+
+int OWaveLanManagementPacket::beaconInterval() const
+{
+ return EXTRACT_LE_16BITS( &_body->beacon_interval );
+}
+
+
+int OWaveLanManagementPacket::capabilities() const
+{
+ return EXTRACT_LE_16BITS( &_body->capability_info );
+}
+
+
+bool OWaveLanManagementPacket::canESS() const
+{
+ return CAPABILITY_ESS( EXTRACT_LE_16BITS( &_body->capability_info ) );
+}
+
+
+bool OWaveLanManagementPacket::canIBSS() const
+{
+ return CAPABILITY_IBSS( EXTRACT_LE_16BITS( &_body->capability_info ) );
+}
+
+
+bool OWaveLanManagementPacket::canCFP() const
+{
+ return CAPABILITY_CFP( EXTRACT_LE_16BITS( &_body->capability_info ) );
+}
+
+
+bool OWaveLanManagementPacket::canCFP_REQ() const
+{
+ return CAPABILITY_CFP_REQ( EXTRACT_LE_16BITS( &_body->capability_info ) );
+}
+
+
+bool OWaveLanManagementPacket::canPrivacy() const
+{
+ return CAPABILITY_PRIVACY( EXTRACT_LE_16BITS( &_body->capability_info ) );
+}
+
+
+/*======================================================================================
+ * OWaveLanManagementSSID
+ *======================================================================================*/
+
+OWaveLanManagementSSID::OWaveLanManagementSSID( const unsigned char* end, const struct ssid_t* data, QObject* parent )
+ :QObject( parent, "802.11 SSID" ), _data( data )
+{
+ odebug << "OWaveLanManagementSSID()" << oendl;
+}
+
+
+OWaveLanManagementSSID::~OWaveLanManagementSSID()
+{
+}
+
+
+QString OWaveLanManagementSSID::ID() const
+{
+ int length = _data->length;
+ if ( length > 32 ) length = 32;
+ char essid[length+1];
+ memcpy( &essid, &_data->ssid, length );
+ essid[length] = 0x0;
+ return essid;
+}
+
+
+/*======================================================================================
+ * OWaveLanManagementRates
+ *======================================================================================*/
+
+OWaveLanManagementRates::OWaveLanManagementRates( const unsigned char* end, const struct rates_t* data, QObject* parent )
+ :QObject( parent, "802.11 Rates" ), _data( data )
+{
+ odebug << "OWaveLanManagementRates()" << oendl;
+}
+
+
+OWaveLanManagementRates::~OWaveLanManagementRates()
+{
+}
+
+/*======================================================================================
+ * OWaveLanManagementCF
+ *======================================================================================*/
+
+OWaveLanManagementCF::OWaveLanManagementCF( const unsigned char* end, const struct cf_t* data, QObject* parent )
+ :QObject( parent, "802.11 CF" ), _data( data )
+{
+ odebug << "OWaveLanManagementCF()" << oendl;
+}
+
+
+OWaveLanManagementCF::~OWaveLanManagementCF()
+{
+}
+
+/*======================================================================================
+ * OWaveLanManagementFH
+ *======================================================================================*/
+
+OWaveLanManagementFH::OWaveLanManagementFH( const unsigned char* end, const struct fh_t* data, QObject* parent )
+ :QObject( parent, "802.11 FH" ), _data( data )
+{
+ odebug << "OWaveLanManagementFH()" << oendl;
+}
+
+
+OWaveLanManagementFH::~OWaveLanManagementFH()
+{
+}
+
+/*======================================================================================
+ * OWaveLanManagementDS
+ *======================================================================================*/
+
+OWaveLanManagementDS::OWaveLanManagementDS( const unsigned char* end, const struct ds_t* data, QObject* parent )
+ :QObject( parent, "802.11 DS" ), _data( data )
+{
+ odebug << "OWaveLanManagementDS()" << oendl;
+}
+
+
+OWaveLanManagementDS::~OWaveLanManagementDS()
+{
+}
+
+
+int OWaveLanManagementDS::channel() const
+{
+ return _data->channel;
+}
+
+/*======================================================================================
+ * OWaveLanManagementTim
+ *======================================================================================*/
+
+OWaveLanManagementTim::OWaveLanManagementTim( const unsigned char* end, const struct tim_t* data, QObject* parent )
+ :QObject( parent, "802.11 Tim" ), _data( data )
+{
+ odebug << "OWaveLanManagementTim()" << oendl;
+}
+
+
+OWaveLanManagementTim::~OWaveLanManagementTim()
+{
+}
+
+/*======================================================================================
+ * OWaveLanManagementIBSS
+ *======================================================================================*/
+
+OWaveLanManagementIBSS::OWaveLanManagementIBSS( const unsigned char* end, const struct ibss_t* data, QObject* parent )
+ :QObject( parent, "802.11 IBSS" ), _data( data )
+{
+ odebug << "OWaveLanManagementIBSS()" << oendl;
+}
+
+
+OWaveLanManagementIBSS::~OWaveLanManagementIBSS()
+{
+}
+
+/*======================================================================================
+ * OWaveLanManagementChallenge
+ *======================================================================================*/
+
+OWaveLanManagementChallenge::OWaveLanManagementChallenge( const unsigned char* end, const struct challenge_t* data, QObject* parent )
+ :QObject( parent, "802.11 Challenge" ), _data( data )
+{
+ odebug << "OWaveLanManagementChallenge()" << oendl;
+}
+
+
+OWaveLanManagementChallenge::~OWaveLanManagementChallenge()
+{
+}
+
+/*======================================================================================
+ * OWaveLanDataPacket
+ *======================================================================================*/
+
+OWaveLanDataPacket::OWaveLanDataPacket( const unsigned char* end, const struct ieee_802_11_data_header* data, OWaveLanPacket* parent )
+ :QObject( parent, "802.11 Data" ), _header( data )
+{
+ odebug << "OWaveLanDataPacket::OWaveLanDataPacket(): decoding frame..." << oendl;
+
+ const unsigned char* payload = (const unsigned char*) data + sizeof( struct ieee_802_11_data_header );
+
+ #warning The next line works for most cases, but can not be correct generally!
+ if (!( ( (OWaveLanPacket*) this->parent())->duration() )) payload -= 6; // compensation for missing last address
+
+ new OLLCPacket( end, (const struct ieee_802_11_802_2_header*) payload, this );
+}
+
+
+OWaveLanDataPacket::~OWaveLanDataPacket()
+{
+}
+
+
+/*======================================================================================
+ * OLLCPacket
+ *======================================================================================*/
+
+OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )
+ :QObject( parent, "802.11 LLC" ), _header( data )
+{
+ odebug << "OLLCPacket::OLLCPacket(): decoding frame..." << oendl;
+
+ if ( !(_header->oui[0] || _header->oui[1] || _header->oui[2]) )
+ {
+ owarn << "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type = " << EXTRACT_16BITS( &_header->type ) << ")" << oendl;
+
+ switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
+ {
+ case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
+ case ETH_P_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
+ default: owarn << "OLLCPacket::OLLCPacket(): Unknown Encapsulation type = " << EXTRACT_16BITS( &_header->type ) << oendl;
+ }
+ }
+}
+
+
+OLLCPacket::~OLLCPacket()
+{
+}
+
+
+/*======================================================================================
+ * OWaveLanControlPacket
+ *======================================================================================*/
+
+OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )
+ :QObject( parent, "802.11 Control" ), _header( data )
+{
+ odebug << "OWaveLanControlPacket::OWaveLanDataControl(): decoding frame..." << oendl;
+ odebug << "Detected subtype is " << controlType() << oendl;
+}
+
+
+OWaveLanControlPacket::~OWaveLanControlPacket()
+{
+}
+
+
+QString OWaveLanControlPacket::controlType() const
+{
+ switch ( FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) )
+ {
+ case CTRL_PS_POLL: return "PowerSavePoll"; break;
+ case CTRL_RTS: return "RequestToSend"; break;
+ case CTRL_CTS: return "ClearToSend"; break;
+ case CTRL_ACK: return "Acknowledge"; break;
+ case CTRL_CF_END: return "ContentionFreeEnd"; break;
+ case CTRL_END_ACK: return "AcknowledgeEnd"; break;
+ default:
+ owarn << "OWaveLanControlPacket::managementType(): unhandled subtype " << FC_SUBTYPE( EXTRACT_LE_16BITS( &_header->fc ) ) << oendl;
+ return "Unknown";
+ }
+}
+
+
+/*======================================================================================
+ * OPacketCapturer
+ *======================================================================================*/
+
+OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )
+ :QObject( parent, name ), _name( QString::null ), _open( false ), _pch( 0 ), _pcd( 0 ), _sn( 0 )
+{
+}
+
+
+OPacketCapturer::~OPacketCapturer()
+{
+ if ( _open )
+ {
+ odebug << "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." << oendl;
+ close();
+ }
+}
+
+
+void OPacketCapturer::setBlocking( bool b )
+{
+ if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )
+ {
+ odebug << "OPacketCapturer::setBlocking(): blocking mode changed successfully." << oendl;
+ }
+ else
+ {
+ odebug << "OPacketCapturer::setBlocking(): can't change blocking mode: " << _errbuf << oendl;
+ }
+}
+
+
+bool OPacketCapturer::blocking() const
+{
+ int b = pcap_getnonblock( _pch, _errbuf );
+ if ( b == -1 )
+ {
+ odebug << "OPacketCapturer::blocking(): can't get blocking mode: " << _errbuf << oendl;
+ return -1;
+ }
+ return !b;
+}
+
+
+void OPacketCapturer::closeDumpFile()
+{
+ if ( _pcd )
+ {
+ pcap_dump_close( _pcd );
+ _pcd = 0;
+ }
+ pcap_close( _pch );
+}
+
+
+void OPacketCapturer::close()
+{
+ if ( _open )
+ {
+ if ( _sn )
+ {
+ _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
+ delete _sn;
+ }
+ closeDumpFile();
+ _open = false;
+ }
+
+ odebug << "OPacketCapturer::close() --- dumping capturing statistics..." << oendl;
+ odebug << "--------------------------------------------------" << oendl;
+ for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
+ odebug << it.key() << " = " << it.data() << oendl;
+ odebug << "--------------------------------------------------" << oendl;
+
+}
+
+
+int OPacketCapturer::dataLink() const
+{
+ return pcap_datalink( _pch );
+}
+
+
+void OPacketCapturer::dump( OPacket* p )
+{
+ if ( !_pcd )
+ {
+ owarn << "OPacketCapturer::dump() - cannot dump without open capture file!" << oendl;
+ return;
+ }
+ pcap_dump( (u_char*) _pcd, &p->_hdr, p->_data );
+}
+
+
+int OPacketCapturer::fileno() const
+{
+ if ( _open )
+ {
+ return pcap_fileno( _pch );
+ }
+ else
+ {
+ return -1;
+ }
+}
+
+
+OPacket* OPacketCapturer::next( int time )
+{
+ fd_set fds;
+ struct timeval tv;
+ FD_ZERO( &fds );
+ FD_SET( pcap_fileno( _pch ), &fds );
+ tv.tv_sec = time / 1000;
+ tv.tv_usec = time % 1000;
+ int retval = select( pcap_fileno( _pch )+1, &fds, NULL, NULL, &tv);
+ if ( retval > 0 ) // clear to read!
+ return next();
+ else
+ return 0;
+}
+
+
+OPacket* OPacketCapturer::next()
+{
+ packetheaderstruct header;
+ odebug << "==> OPacketCapturer::next()" << oendl;
+ const unsigned char* pdata = pcap_next( _pch, &header );
+ odebug << "<== OPacketCapturer::next()" << oendl;
+
+ if ( pdata && header.len )
+ {
+ OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
+ // packets shouldn't be inserted in the QObject child-parent hierarchy,
+ // because due to memory constraints they will be deleted as soon
+ // as possible - that is right after they have been processed
+ // by emit() [ see below ]
+ //TODO: make gathering statistics optional, because it takes time
+ p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
+ #ifndef NODEBUG
+ p->dumpStructure( const_cast<QObjectList*>( p->children() ) );
+ #endif
+ return p;
+ }
+ else
+ {
+ owarn << "OPacketCapturer::next() - no packet received!" << oendl;
+ return 0;
+ }
+}
+
+
+bool OPacketCapturer::open( const QString& name )
+{
+ if ( _open )
+ {
+ if ( name == _name ) // ignore opening an already openend device
+ {
+ return true;
+ }
+ else // close the last opened device
+ {
+ close();
+ }
+ }
+
+ _name = name;
+
+ // open libpcap
+ pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] );
+
+ if ( !handle )
+ {
+ owarn << "OPacketCapturer::open(): can't open libpcap with '" << name << "': " << _errbuf << oendl;
+ return false;
+ }
+
+ odebug << "OPacketCapturer::open(): libpcap [" << name << "] opened successfully." << oendl;
+ _pch = handle;
+ _open = true;
+ _stats.clear();
+
+ // in case we have an application object, create a socket notifier
+ if ( qApp ) //TODO: I don't like this here...
+ {
+ _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
+ connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
+ }
+
+ return true;
+}
+
+
+bool OPacketCapturer::openDumpFile( const QString& filename )
+{
+ pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast<char*>( (const char*) filename ) );
+ if ( !dump )
+ {
+ owarn << "OPacketCapturer::open(): can't open dump with '" << filename << "': " << _errbuf << oendl;
+ return false;
+ }
+ odebug << "OPacketCapturer::open(): dump [" << filename << "] opened successfully." << oendl;
+ _pcd = dump;
+
+ return true;
+}
+
+
+bool OPacketCapturer::open( const QFile& file )
+{
+ QString name = file.name();
+
+ if ( _open )
+ {
+ close();
+ if ( name == _name ) // ignore opening an already openend device
+ {
+ return true;
+ }
+ else // close the last opened device
+ {
+ close();
+ }
+ }
+
+ _name = name;
+
+ pcap_t* handle = pcap_open_offline( const_cast<char*>( (const char*) name ), &_errbuf[0] );
+
+ if ( handle )
+ {
+ odebug << "OPacketCapturer::open(): libpcap opened successfully." << oendl;
+ _pch = handle;
+ _open = true;
+
+ // in case we have an application object, create a socket notifier
+ if ( qApp )
+ {
+ _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
+ connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
+ }
+
+ return true;
+ }
+ else
+ {
+ odebug << "OPacketCapturer::open(): can't open libpcap with '" << name << "': " << _errbuf << oendl;
+ return false;
+ }
+
+}
+
+
+bool OPacketCapturer::isOpen() const
+{
+ return _open;
+}
+
+
+void OPacketCapturer::readyToReceive()
+{
+ odebug << "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" << oendl;
+ OPacket* p = next();
+ emit receivedPacket( p );
+ // emit is synchronous - packet has been dealt with, now it's safe to delete
+ delete p;
+}
+
+
+const QMap<QString,int>& OPacketCapturer::statistics() const
+{
+ return _stats;
+}
+
+
+int OPacketCapturer::snapShot() const
+{
+ return pcap_snapshot( _pch );
+}
+
+
+bool OPacketCapturer::swapped() const
+{
+ return pcap_is_swapped( _pch );
+}
+
+
+QString OPacketCapturer::version() const
+{
+ return QString().sprintf( "%s.%s", pcap_major_version( _pch ), pcap_minor_version( _pch ) );
+}
+
+
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index 497fd6b..b373c56 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -1,664 +1,666 @@
/*
� � � � � � � � This file is part of the Opie Project
� � � � � � � Copyright (C) 2003 by Michael 'Mickey' Lauer <mickey@Vanille.de>
=.
.=l.
� � � � � �.>+-=
�_;:, � � .> � �:=|. This program is free software; you can
.> <`_, � > �. � <= redistribute it and/or modify it under
:`=1 )Y*s>-.-- � : the terms of the GNU Library General Public
.="- .-=="i, � � .._ License as published by the Free Software
�- . � .-<_> � � .<> Foundation; either version 2 of the License,
� � �._= =} � � � : or (at your option) any later version.
� � .%`+i> � � � _;_.
� � .i_,=:_. � � �-<s. This program is distributed in the hope that
� � �+ �. �-:. � � � = it will be useful, but WITHOUT ANY WARRANTY;
� � : .. � �.:, � � . . . without even the implied warranty of
� � =_ � � � �+ � � =;=|` MERCHANTABILITY or FITNESS FOR A
� _.=:. � � � : � �:=>`: PARTICULAR PURPOSE. See the GNU
..}^=.= � � � = � � � ; Library General Public License for more
++= � -. � � .` � � .: details.
�: � � = �...= . :.=-
�-. � .:....=;==+<; You should have received a copy of the GNU
� -_. . . � )=. �= Library General Public License along with
� � -- � � � �:-=` this library; see the file COPYING.LIB.
If not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
#ifndef OPCAP_H
#define OPCAP_H
/* LINUX */
extern "C" // work around a bpf/pcap conflict in recent headers
{
#include <pcap.h>
}
#include <netinet/ether.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
#include <netinet/tcp.h>
#include <time.h>
/* QT */
#include <qevent.h>
#include <qfile.h>
#include <qhostaddress.h>
#include <qobject.h>
#include <qstring.h>
#include <qmap.h>
/* OPIE */
#include <opie2/onetutils.h>
/* Custom Network Includes */
#include "802_11_user.h"
#include "dhcp.h"
/* TYPEDEFS */
typedef struct timeval timevalstruct;
typedef struct pcap_pkthdr packetheaderstruct;
/* FORWARDS */
class OPacketCapturer;
class QSocketNotifier;
/*======================================================================================
* OPacket - A frame on the wire
*======================================================================================*/
/** @brief A class representing a data frame on the wire.
*
* The whole family of the packet classes are used when capturing frames from a network.
* Most standard network protocols in use share a common architecture, which mostly is
* a packet header and then the packet payload. In layered architectures, each lower layer
* encapsulates data from its upper layer - that is it
* treats the data from its upper layer as payload and prepends an own header to the packet,
* which - again - is treated as the payload for the layer below. The figure below is an
* example for how such a data frame is composed out of packets, e.g. when sending a mail.
*
* <pre>
* | User Data | == Mail Data
* | SMTP Header | User Data | == SMTP
* | TCP Header | SMTP Header | User Data | == TCP
* | IP Header | TCP Header | SMTP Header | User Data | == IP
* | MAC Header | IP Header | TCP Header | SMTP Header | User Data | == MAC
*
* </pre>
*
* The example is trimmed for simplicity, because the MAC (Medium Access Control) layer
* also contains a few more levels of encapsulation.
* Since the type of the payload is more or less independent from the encapsulating protocol,
* the header must be inspected before attempting to decode the payload. Hence, the
* encapsulation level varies and can't be deduced without actually looking into the packets.
*
* For actually working with captured frames, it's useful to identify the packets via names and
* insert them into a parent/child - relationship based on the encapsulation. This is why
* all packet classes derive from QObject. The amount of overhead caused by the QObject is
* not a problem in this case, because we're talking about a theoratical maximum of about
* 10 packets per captured frame. We need to stuff them into a searchable list anyway and the
* QObject also cares about destroying the sub-, (child-) packets.
*
* This enables us to perform a simple look for packets of a certain type:
* @code
* OPacketCapturer* pcap = new OPacketCapturer();
* pcap->open( "eth0" );
* OPacket* p = pcap->next();
* OIPPacket* ip = (OIPPacket*) p->child( "IP" ); // returns 0, if no such child exists
* odebug << "got ip packet from " << ip->fromIPAddress().toString() << " to " << ip->toIPAddress().toString() << oendl;
*
*/
class OPacket : public QObject
{
Q_OBJECT
friend class OPacketCapturer;
public:
OPacket( int datalink, packetheaderstruct, const unsigned char*, QObject* parent );
virtual ~OPacket();
timevalstruct timeval() const;
int caplen() const;
int len() const;
QString dump( int = 32 ) const;
void updateStats( QMap<QString,int>&, QObjectList* );
private:
void dumpStructure( QObjectList* );
QString _dumpStructure( QObjectList* );
private:
const packetheaderstruct _hdr; // pcap packet header
const unsigned char* _data; // pcap packet data
const unsigned char* _end; // end of pcap packet data
};
/*======================================================================================
* OEthernetPacket - DLT_EN10MB frame
*======================================================================================*/
class OEthernetPacket : public QObject
{
Q_OBJECT
public:
OEthernetPacket( const unsigned char*, const struct ether_header*, QObject* parent = 0 );
virtual ~OEthernetPacket();
OMacAddress sourceAddress() const;
OMacAddress destinationAddress() const;
int type() const;
private:
const struct ether_header* _ether;
};
/*======================================================================================
* OPrismHeaderPacket - DLT_PRISM_HEADER frame
*======================================================================================*/
class OPrismHeaderPacket : public QObject
{
Q_OBJECT
public:
OPrismHeaderPacket( const unsigned char*, const struct prism_hdr*, QObject* parent = 0 );
virtual ~OPrismHeaderPacket();
unsigned int signalStrength() const;
private:
const struct prism_hdr* _header;
};
/*======================================================================================
* OWaveLanPacket - DLT_IEEE802_11 frame
*======================================================================================*/
class OWaveLanPacket : public QObject
{
Q_OBJECT
public:
OWaveLanPacket( const unsigned char*, const struct ieee_802_11_header*, QObject* parent = 0 );
virtual ~OWaveLanPacket();
int duration() const;
bool fromDS() const;
bool toDS() const;
virtual OMacAddress macAddress1() const;
virtual OMacAddress macAddress2() const;
virtual OMacAddress macAddress3() const;
virtual OMacAddress macAddress4() const;
bool usesPowerManagement() const;
int type() const;
int subType() const;
int version() const;
bool usesWep() const;
private:
const struct ieee_802_11_header* _wlanhdr;
};
/*======================================================================================
* OWaveLanManagementPacket - type: management (T_MGMT)
*======================================================================================*/
class OWaveLanManagementPacket : public QObject
{
Q_OBJECT
public:
OWaveLanManagementPacket( const unsigned char*, const struct ieee_802_11_mgmt_header*, OWaveLanPacket* parent = 0 );
virtual ~OWaveLanManagementPacket();
QString managementType() const;
int beaconInterval() const;
int capabilities() const; // generic
bool canESS() const;
bool canIBSS() const;
bool canCFP() const;
bool canCFP_REQ() const;
bool canPrivacy() const;
private:
const struct ieee_802_11_mgmt_header* _header;
const struct ieee_802_11_mgmt_body* _body;
};
/*======================================================================================
* OWaveLanManagementSSID
*======================================================================================*/
class OWaveLanManagementSSID : public QObject
{
Q_OBJECT
public:
OWaveLanManagementSSID( const unsigned char*, const struct ssid_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementSSID();
QString ID() const;
private:
const struct ssid_t* _data;
};
/*======================================================================================
* OWaveLanManagementRates
*======================================================================================*/
class OWaveLanManagementRates : public QObject
{
Q_OBJECT
public:
OWaveLanManagementRates( const unsigned char*, const struct rates_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementRates();
private:
const struct rates_t* _data;
};
/*======================================================================================
* OWaveLanManagementCF
*======================================================================================*/
class OWaveLanManagementCF : public QObject
{
Q_OBJECT
public:
OWaveLanManagementCF( const unsigned char*, const struct cf_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementCF();
private:
const struct cf_t* _data;
};
/*======================================================================================
* OWaveLanManagementFH
*======================================================================================*/
class OWaveLanManagementFH : public QObject
{
Q_OBJECT
public:
OWaveLanManagementFH( const unsigned char*, const struct fh_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementFH();
private:
const struct fh_t* _data;
};
/*======================================================================================
* OWaveLanManagementDS
*======================================================================================*/
class OWaveLanManagementDS : public QObject
{
Q_OBJECT
public:
OWaveLanManagementDS( const unsigned char*, const struct ds_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementDS();
int channel() const;
private:
const struct ds_t* _data;
};
/*======================================================================================
* OWaveLanManagementTim
*======================================================================================*/
class OWaveLanManagementTim : public QObject
{
Q_OBJECT
public:
OWaveLanManagementTim( const unsigned char*, const struct tim_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementTim();
private:
const struct tim_t* _data;
};
/*======================================================================================
* OWaveLanManagementIBSS
*======================================================================================*/
class OWaveLanManagementIBSS : public QObject
{
Q_OBJECT
public:
OWaveLanManagementIBSS( const unsigned char*, const struct ibss_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementIBSS();
private:
const struct ibss_t* _data;
};
/*======================================================================================
* OWaveLanManagementChallenge
*======================================================================================*/
class OWaveLanManagementChallenge : public QObject
{
Q_OBJECT
public:
OWaveLanManagementChallenge( const unsigned char*, const struct challenge_t*, QObject* parent = 0 );
virtual ~OWaveLanManagementChallenge();
private:
const struct challenge_t* _data;
};
/*======================================================================================
* OWaveLanDataPacket - type: data (T_DATA)
*======================================================================================*/
class OWaveLanDataPacket : public QObject
{
Q_OBJECT
public:
OWaveLanDataPacket( const unsigned char*, const struct ieee_802_11_data_header*, OWaveLanPacket* parent = 0 );
virtual ~OWaveLanDataPacket();
private:
const struct ieee_802_11_data_header* _header;
};
/*======================================================================================
* OWaveLanControlPacket - type: control (T_CTRL)
*======================================================================================*/
class OWaveLanControlPacket : public QObject
{
Q_OBJECT
public:
OWaveLanControlPacket( const unsigned char*, const struct ieee_802_11_control_header*, OWaveLanPacket* parent = 0 );
virtual ~OWaveLanControlPacket();
+ QString controlType() const;
+
private:
const struct ieee_802_11_control_header* _header;
};
/*======================================================================================
* OLLCPacket - IEEE 802.2 Link Level Control
*======================================================================================*/
class OLLCPacket : public QObject
{
Q_OBJECT
public:
OLLCPacket( const unsigned char*, const struct ieee_802_11_802_2_header* data, QObject* parent = 0 );
virtual ~OLLCPacket();
private:
const struct ieee_802_11_802_2_header* _header;
};
/*======================================================================================
* OIPPacket
*======================================================================================*/
class OIPPacket : public QObject
{
Q_OBJECT
public:
OIPPacket( const unsigned char*, const struct iphdr*, QObject* parent = 0 );
virtual ~OIPPacket();
QHostAddress fromIPAddress() const;
QHostAddress toIPAddress() const;
int tos() const;
int len() const;
int id() const;
int offset() const;
int ttl() const;
int protocol() const;
int checksum() const;
private:
const struct iphdr* _iphdr;
};
/*======================================================================================
* OARPPacket
*======================================================================================*/
class OARPPacket : public QObject
{
Q_OBJECT
public:
OARPPacket( const unsigned char*, const struct myarphdr*, QObject* parent = 0 );
virtual ~OARPPacket();
QHostAddress senderIPV4Address() const;
OMacAddress senderMacAddress() const;
QHostAddress targetIPV4Address() const;
OMacAddress targetMacAddress() const;
//int type() const;
QString type() const;
private:
const struct myarphdr* _arphdr;
};
/*======================================================================================
* OUDPPacket
*======================================================================================*/
class OUDPPacket : public QObject
{
Q_OBJECT
public:
OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 );
virtual ~OUDPPacket();
int fromPort() const;
int toPort() const;
int length() const;
int checksum() const;
private:
const struct udphdr* _udphdr;
};
/*======================================================================================
* ODHCPPacket
*======================================================================================*/
class ODHCPPacket : public QObject
{
Q_OBJECT
public:
ODHCPPacket( const unsigned char*, const struct dhcp_packet*, QObject* parent = 0 );
virtual ~ODHCPPacket();
QHostAddress clientAddress() const;
QHostAddress yourAddress() const;
QHostAddress serverAddress() const;
QHostAddress relayAddress() const;
OMacAddress clientMacAddress() const;
bool isRequest() const;
bool isReply() const;
QString type() const;
private:
const struct dhcp_packet* _dhcphdr;
unsigned char _type;
};
/*======================================================================================
* OTCPPacket
*======================================================================================*/
class OTCPPacket : public QObject
{
Q_OBJECT
public:
OTCPPacket( const unsigned char*, const struct tcphdr*, QObject* parent = 0 );
virtual ~OTCPPacket();
int fromPort() const;
int toPort() const;
int seq() const;
int ack() const;
int window() const;
int checksum() const;
private:
const struct tcphdr* _tcphdr;
};
/*======================================================================================
* OPacketCapturer
*======================================================================================*/
/**
* @brief A class based wrapper for network packet capturing.
*
* This class is the base of a high-level interface to the well known packet capturing
* library libpcap.
* @see http://tcpdump.org
*/
class OPacketCapturer : public QObject
{
Q_OBJECT
public:
/**
* Constructor.
*/
OPacketCapturer( QObject* parent = 0, const char* name = 0 );
/**
* Destructor.
*/
~OPacketCapturer();
/**
* Set the packet capturer to use blocking or non-blocking IO. This can be useful when
* not using the socket notifier, e.g. without an application object.
*/
void setBlocking( bool );
/**
* @returns true if the packet capturer uses blocking IO calls.
*/
bool blocking() const;
/**
* Close the packet capturer. This is automatically done in the destructor.
*/
void close();
/**
* Close the output capture file.
*/
void closeDumpFile();
/**
* @returns the data link type.
* @see <pcap.h> for possible values.
*/
int dataLink() const;
/**
* Dump a packet to the output capture file.
*/
void dump( OPacket* );
/**
* @returns the file descriptor of the packet capturer. This is only useful, if
* not using the socket notifier, e.g. without an application object.
*/
int fileno() const;
/**
* @returns the next @ref OPacket from the packet capturer.
* @note If blocking mode is true then this call might block.
*/
OPacket* next();
/**
* @returns the next @ref OPacket from the packet capturer, if
* one arrives within @a time milliseconds.
*/
OPacket* next( int time );
/**
* Open the packet capturer to capture packets in live-mode from @a interface.
*/
bool open( const QString& interface );
/**
* Open the packet capturer to capture packets in offline-mode from @a file.
*/
bool open( const QFile& file );
/**
* Open a prerecorded tcpdump compatible capture file for use with @ref dump()
*/
bool openDumpFile( const QString& filename );
/**
* @returns true if the packet capturer is open
*/
bool isOpen() const;
/**
* @returns the snapshot length of this packet capturer
*/
int snapShot() const;
/**
* @returns true if the input capture file has a different byte-order
* than the byte-order of the running system.
*/
bool swapped() const;
/**
* @returns the libpcap version string used to write the input capture file.
*/
QString version() const;
/**
* @returns the packet statistic database.
* @see QMap
*/
const QMap<QString,int>& statistics() const;
signals:
/**
* This signal is emitted, when a packet has been received.
*/
void receivedPacket( OPacket* );
protected slots:
void readyToReceive();
protected:
QString _name; // devicename
bool _open; // check this before doing pcap calls
pcap_t* _pch; // pcap library handle
pcap_dumper_t* _pcd; // pcap dumper handle
QSocketNotifier* _sn; // socket notifier for main loop
mutable char _errbuf[PCAP_ERRBUF_SIZE]; // holds error strings from libpcap
QMap<QString, int> _stats; // statistics;
};
#endif // OPCAP_H