summaryrefslogtreecommitdiff
path: root/libopie2
authormickeyl <mickeyl>2003-04-09 21:37:05 (UTC)
committer mickeyl <mickeyl>2003-04-09 21:37:05 (UTC)
commitb055856776807f0a459a86b1e1f62902d2d3a9c3 (patch) (unidiff)
tree46bee28833c363607d20f4db93eef0166a45852d /libopie2
parentc8401f7ebb9e9314ed48517da38b949c24800c50 (diff)
downloadopie-b055856776807f0a459a86b1e1f62902d2d3a9c3.zip
opie-b055856776807f0a459a86b1e1f62902d2d3a9c3.tar.gz
opie-b055856776807f0a459a86b1e1f62902d2d3a9c3.tar.bz2
implements a statistic interface for OPacketCapturer
Diffstat (limited to 'libopie2') (more/less context) (ignore whitespace changes)
-rw-r--r--libopie2/opienet/opcap.cpp40
-rw-r--r--libopie2/opienet/opcap.h7
2 files changed, 43 insertions, 4 deletions
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index 5c464cf..6a3dc26 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -1,199 +1,213 @@
1/* 1/*
2                 This file is part of the Opie Project 2                 This file is part of the Opie Project
3              Copyright (C) 2003 by the Wellenreiter team: 3              Copyright (C) 2003 by the Wellenreiter team:
4 Martin J. Muench <mjm@remote-exploit.org> 4 Martin J. Muench <mjm@remote-exploit.org>
5 Max Moser <mmo@remote-exploit.org 5 Max Moser <mmo@remote-exploit.org
6 Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de> 6 Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de>
7 =. 7 =.
8 .=l. 8 .=l.
9           .>+-= 9           .>+-=
10 _;:,     .>    :=|. This program is free software; you can 10 _;:,     .>    :=|. This program is free software; you can
11.> <`_,   >  .   <= redistribute it and/or modify it under 11.> <`_,   >  .   <= redistribute it and/or modify it under
12:`=1 )Y*s>-.--   : the terms of the GNU Library General Public 12:`=1 )Y*s>-.--   : the terms of the GNU Library General Public
13.="- .-=="i,     .._ License as published by the Free Software 13.="- .-=="i,     .._ License as published by the Free Software
14 - .   .-<_>     .<> Foundation; either version 2 of the License, 14 - .   .-<_>     .<> Foundation; either version 2 of the License,
15     ._= =}       : or (at your option) any later version. 15     ._= =}       : or (at your option) any later version.
16    .%`+i>       _;_. 16    .%`+i>       _;_.
17    .i_,=:_.      -<s. This program is distributed in the hope that 17    .i_,=:_.      -<s. This program is distributed in the hope that
18     +  .  -:.       = it will be useful, but WITHOUT ANY WARRANTY; 18     +  .  -:.       = it will be useful, but WITHOUT ANY WARRANTY;
19    : ..    .:,     . . . without even the implied warranty of 19    : ..    .:,     . . . without even the implied warranty of
20    =_        +     =;=|` MERCHANTABILITY or FITNESS FOR A 20    =_        +     =;=|` MERCHANTABILITY or FITNESS FOR A
21  _.=:.       :    :=>`: PARTICULAR PURPOSE. See the GNU 21  _.=:.       :    :=>`: PARTICULAR PURPOSE. See the GNU
22..}^=.=       =       ; Library General Public License for more 22..}^=.=       =       ; Library General Public License for more
23++=   -.     .`     .: details. 23++=   -.     .`     .: details.
24 :     =  ...= . :.=- 24 :     =  ...= . :.=-
25 -.   .:....=;==+<; You should have received a copy of the GNU 25 -.   .:....=;==+<; You should have received a copy of the GNU
26  -_. . .   )=.  = Library General Public License along with 26  -_. . .   )=.  = Library General Public License along with
27    --        :-=` this library; see the file COPYING.LIB. 27    --        :-=` this library; see the file COPYING.LIB.
28 If not, write to the Free Software Foundation, 28 If not, write to the Free Software Foundation,
29 Inc., 59 Temple Place - Suite 330, 29 Inc., 59 Temple Place - Suite 330,
30 Boston, MA 02111-1307, USA. 30 Boston, MA 02111-1307, USA.
31 31
32*/ 32*/
33 33
34/* OPIE */ 34/* OPIE */
35 35
36#include <opie2/opcap.h> 36#include <opie2/opcap.h>
37 37
38/* QT */ 38/* QT */
39 39
40#include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects) 40#include <qapplication.h> // don't use oapplication here (will decrease reusability in other projects)
41#include <qsocketnotifier.h> 41#include <qsocketnotifier.h>
42#include <qobjectlist.h>
42 43
43/*====================================================================================== 44/*======================================================================================
44 * OPacket 45 * OPacket
45 *======================================================================================*/ 46 *======================================================================================*/
46 47
47OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent ) 48OPacket::OPacket( int datalink, packetheaderstruct header, const unsigned char* data, QObject* parent )
48 :QObject( parent, "Generic" ), _hdr( header ), _data( data ) 49 :QObject( parent, "Generic" ), _hdr( header ), _data( data )
49{ 50{
50 //qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen ); 51 //qDebug( "OPacket::OPacket(): (Len %d, CapLen %d)" /*, ctime((const time_t*) header.ts.tv_sec)*/, header.len, header.caplen );
51 52
52 _end = (unsigned char*) data + header.len; 53 _end = (unsigned char*) data + header.len;
53 //qDebug( "OPacket::data @ %0x, end @ %0x", data, _end ); 54 //qDebug( "OPacket::data @ %0x, end @ %0x", data, _end );
54 55
55 switch ( datalink ) 56 switch ( datalink )
56 { 57 {
57 case DLT_EN10MB: 58 case DLT_EN10MB:
58 qDebug( "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" ); 59 qDebug( "OPacket::OPacket(): Received Packet. Datalink = ETHERNET" );
59 new OEthernetPacket( _end, (const struct ether_header*) data, this ); 60 new OEthernetPacket( _end, (const struct ether_header*) data, this );
60 break; 61 break;
61 62
62 case DLT_IEEE802_11: 63 case DLT_IEEE802_11:
63 qDebug( "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" ); 64 qDebug( "OPacket::OPacket(): Received Packet. Datalink = IEEE802.11" );
64 new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this ); 65 new OWaveLanPacket( _end, (const struct ieee_802_11_header*) data, this );
65 break; 66 break;
66 67
67 default: 68 default:
68 qWarning( "OPacket::OPacket(): Received Packet over unsupported datalink '%s'!", datalink ); 69 qWarning( "OPacket::OPacket(): Received Packet over unsupported datalink '%s'!", datalink );
69 } 70 }
70} 71}
71 72
72 73
73OPacket::~OPacket() 74OPacket::~OPacket()
74{ 75{
75} 76}
76 77
77 78
78timevalstruct OPacket::timeval() const 79timevalstruct OPacket::timeval() const
79{ 80{
80 return _hdr.ts; 81 return _hdr.ts;
81} 82}
82 83
83 84
84int OPacket::caplen() const 85int OPacket::caplen() const
85{ 86{
86 return _hdr.caplen; 87 return _hdr.caplen;
87} 88}
88 89
89 90
91void OPacket::updateStats( QMap<QString,int>& stats, QObjectList* l )
92{
93 if (!l) return;
94 QObject* o = l->first();
95 while ( o )
96 {
97 stats[o->name()]++;
98 updateStats( stats, const_cast<QObjectList*>( o->children() ) );
99 o = l->next();
100 }
101}
102
103
90QString OPacket::dump( int bpl ) const 104QString OPacket::dump( int bpl ) const
91{ 105{
92 static int index = 0; 106 static int index = 0;
93 index++; 107 index++;
94 int len = _hdr.caplen; 108 int len = _hdr.caplen;
95 QString str; 109 QString str;
96 str.sprintf( "\n<----- Packet #%04d Len = 0x%X (%d) ----->\n\n", index, len, len ); 110 str.sprintf( "\n<----- Packet #%04d Len = 0x%X (%d) ----->\n\n", index, len, len );
97 str.append( "0000: " ); 111 str.append( "0000: " );
98 QString tmp; 112 QString tmp;
99 QString bytes; 113 QString bytes;
100 QString chars; 114 QString chars;
101 115
102 for ( int i = 0; i < len; ++i ) 116 for ( int i = 0; i < len; ++i )
103 { 117 {
104 tmp.sprintf( "%02X ", _data[i] ); bytes.append( tmp ); 118 tmp.sprintf( "%02X ", _data[i] ); bytes.append( tmp );
105 if ( (_data[i] > 31) && (_data[i]<128) ) chars.append( _data[i] ); 119 if ( (_data[i] > 31) && (_data[i]<128) ) chars.append( _data[i] );
106 else chars.append( '.' ); 120 else chars.append( '.' );
107 121
108 if ( !((i+1) % bpl) ) 122 if ( !((i+1) % bpl) )
109 { 123 {
110 str.append( bytes ); 124 str.append( bytes );
111 str.append( ' ' ); 125 str.append( ' ' );
112 str.append( chars ); 126 str.append( chars );
113 str.append( '\n' ); 127 str.append( '\n' );
114 tmp.sprintf( "%04X: ", i+1 ); str.append( tmp ); 128 tmp.sprintf( "%04X: ", i+1 ); str.append( tmp );
115 bytes = ""; 129 bytes = "";
116 chars = ""; 130 chars = "";
117 } 131 }
118 132
119 } 133 }
120 if ( (len % bpl) ) 134 if ( (len % bpl) )
121 { 135 {
122 str.append( bytes.leftJustify( 1 + 3*bpl ) ); 136 str.append( bytes.leftJustify( 1 + 3*bpl ) );
123 str.append( chars ); 137 str.append( chars );
124 } 138 }
125 str.append( '\n' ); 139 str.append( '\n' );
126 return str; 140 return str;
127} 141}
128 142
129 143
130
131int OPacket::len() const 144int OPacket::len() const
132{ 145{
133 return _hdr.len; 146 return _hdr.len;
134} 147}
135 148
149
136/*====================================================================================== 150/*======================================================================================
137 * OEthernetPacket 151 * OEthernetPacket
138 *======================================================================================*/ 152 *======================================================================================*/
139 153
140OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent ) 154OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
141 :QObject( parent, "Ethernet" ), _ether( data ) 155 :QObject( parent, "Ethernet" ), _ether( data )
142 156
143{ 157{
144 158
145 qDebug( "Source = %s", (const char*) sourceAddress().toString() ); 159 qDebug( "Source = %s", (const char*) sourceAddress().toString() );
146 qDebug( "Destination = %s", (const char*) destinationAddress().toString() ); 160 qDebug( "Destination = %s", (const char*) destinationAddress().toString() );
147 161
148 if ( sourceAddress() == OMacAddress::broadcast ) 162 if ( sourceAddress() == OMacAddress::broadcast )
149 qDebug( "Source is broadcast address" ); 163 qDebug( "Source is broadcast address" );
150 if ( destinationAddress() == OMacAddress::broadcast ) 164 if ( destinationAddress() == OMacAddress::broadcast )
151 qDebug( "Destination is broadcast address" ); 165 qDebug( "Destination is broadcast address" );
152 166
153 switch ( type() ) 167 switch ( type() )
154 { 168 {
155 case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break; 169 case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
156 case ETHERTYPE_ARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = ARP" ); break; } 170 case ETHERTYPE_ARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = ARP" ); break; }
157 case ETHERTYPE_REVARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" ); break; } 171 case ETHERTYPE_REVARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" ); break; }
158 default: qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" ); 172 default: qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" );
159 } 173 }
160 174
161} 175}
162 176
163 177
164OEthernetPacket::~OEthernetPacket() 178OEthernetPacket::~OEthernetPacket()
165{ 179{
166} 180}
167 181
168 182
169OMacAddress OEthernetPacket::sourceAddress() const 183OMacAddress OEthernetPacket::sourceAddress() const
170{ 184{
171 return OMacAddress( _ether->ether_shost ); 185 return OMacAddress( _ether->ether_shost );
172} 186}
173 187
174 188
175OMacAddress OEthernetPacket::destinationAddress() const 189OMacAddress OEthernetPacket::destinationAddress() const
176{ 190{
177 return OMacAddress( _ether->ether_dhost ); 191 return OMacAddress( _ether->ether_dhost );
178} 192}
179 193
180int OEthernetPacket::type() const 194int OEthernetPacket::type() const
181{ 195{
182 return ntohs( _ether->ether_type ); 196 return ntohs( _ether->ether_type );
183} 197}
184 198
185 199
186/*====================================================================================== 200/*======================================================================================
187 * OIPPacket 201 * OIPPacket
188 *======================================================================================*/ 202 *======================================================================================*/
189 203
190 204
191OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent ) 205OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
192 :QObject( parent, "IP" ), _iphdr( data ) 206 :QObject( parent, "IP" ), _iphdr( data )
193 207
194{ 208{
195 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." ); 209 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." );
196 210
197 //qDebug( "FromAddress: %s", (const char*) inet_ntoa( *src ) ); 211 //qDebug( "FromAddress: %s", (const char*) inet_ntoa( *src ) );
198 //qDebug( " ToAddress: %s", (const char*) inet_ntoa( *dst ) ); 212 //qDebug( " ToAddress: %s", (const char*) inet_ntoa( *dst ) );
199 213
@@ -711,165 +725,183 @@ OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const st
711 725
712OWaveLanControlPacket::~OWaveLanControlPacket() 726OWaveLanControlPacket::~OWaveLanControlPacket()
713{ 727{
714} 728}
715 729
716 730
717/*====================================================================================== 731/*======================================================================================
718 * OPacketCapturer 732 * OPacketCapturer
719 *======================================================================================*/ 733 *======================================================================================*/
720 734
721OPacketCapturer::OPacketCapturer( QObject* parent, const char* name ) 735OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )
722 :QObject( parent, name ), _name( QString::null ), _open( false ), 736 :QObject( parent, name ), _name( QString::null ), _open( false ),
723 _pch( 0 ), _sn( 0 ) 737 _pch( 0 ), _sn( 0 )
724{ 738{
725} 739}
726 740
727 741
728OPacketCapturer::~OPacketCapturer() 742OPacketCapturer::~OPacketCapturer()
729{ 743{
730 if ( _open ) 744 if ( _open )
731 { 745 {
732 qDebug( "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." ); 746 qDebug( "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." );
733 close(); 747 close();
734 } 748 }
735} 749}
736 750
737 751
738void OPacketCapturer::setBlocking( bool b ) 752void OPacketCapturer::setBlocking( bool b )
739{ 753{
740 if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 ) 754 if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )
741 { 755 {
742 qDebug( "OPacketCapturer::setBlocking(): blocking mode changed successfully." ); 756 qDebug( "OPacketCapturer::setBlocking(): blocking mode changed successfully." );
743 } 757 }
744 else 758 else
745 { 759 {
746 qDebug( "OPacketCapturer::setBlocking(): can't change blocking mode: %s", _errbuf ); 760 qDebug( "OPacketCapturer::setBlocking(): can't change blocking mode: %s", _errbuf );
747 } 761 }
748} 762}
749 763
750 764
751bool OPacketCapturer::blocking() const 765bool OPacketCapturer::blocking() const
752{ 766{
753 int b = pcap_getnonblock( _pch, _errbuf ); 767 int b = pcap_getnonblock( _pch, _errbuf );
754 if ( b == -1 ) 768 if ( b == -1 )
755 { 769 {
756 qDebug( "OPacketCapturer::blocking(): can't get blocking mode: %s", _errbuf ); 770 qDebug( "OPacketCapturer::blocking(): can't get blocking mode: %s", _errbuf );
757 return -1; 771 return -1;
758 } 772 }
759 return !b; 773 return !b;
760} 774}
761 775
762 776
763void OPacketCapturer::close() 777void OPacketCapturer::close()
764{ 778{
765 if ( _open ) 779 if ( _open )
766 { 780 {
767 if ( _sn ) 781 if ( _sn )
768 { 782 {
769 _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) ); 783 _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
770 delete _sn; 784 delete _sn;
771 } 785 }
772 pcap_close( _pch ); 786 pcap_close( _pch );
773 _open = false; 787 _open = false;
774 } 788 }
789
790 qDebug( "OPacketCapturer::close() --- dumping capturing statistics..." );
791 qDebug( "--------------------------------------------------" );
792 for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
793 qDebug( "%s : %d", (const char*) it.key(), it.data() );
794 qDebug( "--------------------------------------------------" );
795
775} 796}
776 797
777 798
778int OPacketCapturer::dataLink() const 799int OPacketCapturer::dataLink() const
779{ 800{
780 return pcap_datalink( _pch ); 801 return pcap_datalink( _pch );
781} 802}
782 803
783 804
784int OPacketCapturer::fileno() const 805int OPacketCapturer::fileno() const
785{ 806{
786 if ( _open ) 807 if ( _open )
787 { 808 {
788 return pcap_fileno( _pch ); 809 return pcap_fileno( _pch );
789 } 810 }
790 else 811 else
791 { 812 {
792 return -1; 813 return -1;
793 } 814 }
794} 815}
795 816
796
797OPacket* OPacketCapturer::next() 817OPacket* OPacketCapturer::next()
798{ 818{
799 packetheaderstruct header; 819 packetheaderstruct header;
800 qDebug( "==> OPacketCapturer::next()" ); 820 qDebug( "==> OPacketCapturer::next()" );
801 const unsigned char* pdata = pcap_next( _pch, &header ); 821 const unsigned char* pdata = pcap_next( _pch, &header );
802 qDebug( "<== OPacketCapturer::next()" ); 822 qDebug( "<== OPacketCapturer::next()" );
803 823
804 if ( header.len ) 824 if ( header.len )
805 { 825 {
806 return new OPacket( dataLink(), header, pdata, 0 ); 826 OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
807 // packets shouldn't be inserted in the QObject child-parent hierarchy, 827 // packets shouldn't be inserted in the QObject child-parent hierarchy,
808 // because due to memory constraints they will be deleted as soon 828 // because due to memory constraints they will be deleted as soon
809 // as possible - that is right after they have been processed 829 // as possible - that is right after they have been processed
810 // by emit() [ see below ] 830 // by emit() [ see below ]
831
832 //TODO: make gathering statistics optional, because it takes time
833 p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
834
835 return p;
811 } 836 }
812 else 837 else
813 { 838 {
814 return 0; 839 return 0;
815 } 840 }
816} 841}
817 842
818 843
819bool OPacketCapturer::open( const QString& name ) 844bool OPacketCapturer::open( const QString& name )
820{ 845{
821 if ( _open ) 846 if ( _open )
822 { 847 {
823 if ( name == _name ) // ignore opening an already openend device 848 if ( name == _name ) // ignore opening an already openend device
824 { 849 {
825 return true; 850 return true;
826 } 851 }
827 else // close the last opened device 852 else // close the last opened device
828 { 853 {
829 close(); 854 close();
830 } 855 }
831 } 856 }
832 857
833 _name = name; 858 _name = name;
834 859
835 pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] ); 860 pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] );
836 861
837 if ( handle ) 862 if ( handle )
838 { 863 {
839 qDebug( "OPacketCapturer::open(): libpcap opened successfully." ); 864 qDebug( "OPacketCapturer::open(): libpcap opened successfully." );
840 _pch = handle; 865 _pch = handle;
841 _open = true; 866 _open = true;
867 _stats.clear();
842 868
843 // in case we have an application object, create a socket notifier 869 // in case we have an application object, create a socket notifier
844 if ( qApp ) 870 if ( qApp )
845 { 871 {
846 _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read ); 872 _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
847 connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) ); 873 connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
848 } 874 }
849 875
850 return true; 876 return true;
851 } 877 }
852 else 878 else
853 { 879 {
854 qDebug( "OPacketCapturer::open(): can't open libpcap: %s", _errbuf ); 880 qDebug( "OPacketCapturer::open(): can't open libpcap: %s", _errbuf );
855 return false; 881 return false;
856 } 882 }
857 883
858} 884}
859 885
860 886
861bool OPacketCapturer::isOpen() const 887bool OPacketCapturer::isOpen() const
862{ 888{
863 return _open; 889 return _open;
864} 890}
865 891
866 892
867void OPacketCapturer::readyToReceive() 893void OPacketCapturer::readyToReceive()
868{ 894{
869 qDebug( "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(...)'" ); 895 qDebug( "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" );
870 OPacket* p = next(); 896 OPacket* p = next();
871 emit receivedPacket( p ); 897 emit receivedPacket( p );
872 // emit is synchronous - packet has been dealt with, now it's safe to delete 898 // emit is synchronous - packet has been dealt with, now it's safe to delete
873 delete p; 899 delete p;
874} 900}
875 901
902
903const QMap<QString,int>& OPacketCapturer::statistics() const
904{
905 return _stats;
906}
907
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index ddef278..c9b0624 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -1,146 +1,150 @@
1/* 1/*
2                 This file is part of the Opie Project 2                 This file is part of the Opie Project
3              Copyright (C) 2003 by the Wellenreiter team: 3              Copyright (C) 2003 by the Wellenreiter team:
4 Martin J. Muench <mjm@remote-exploit.org> 4 Martin J. Muench <mjm@remote-exploit.org>
5 Max Moser <mmo@remote-exploit.org 5 Max Moser <mmo@remote-exploit.org
6 Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de> 6 Michael 'Mickey' Lauer <mickey@tm.informatik.uni-frankfurt.de>
7 =. 7 =.
8 .=l. 8 .=l.
9           .>+-= 9           .>+-=
10 _;:,     .>    :=|. This program is free software; you can 10 _;:,     .>    :=|. This program is free software; you can
11.> <`_,   >  .   <= redistribute it and/or modify it under 11.> <`_,   >  .   <= redistribute it and/or modify it under
12:`=1 )Y*s>-.--   : the terms of the GNU Library General Public 12:`=1 )Y*s>-.--   : the terms of the GNU Library General Public
13.="- .-=="i,     .._ License as published by the Free Software 13.="- .-=="i,     .._ License as published by the Free Software
14 - .   .-<_>     .<> Foundation; either version 2 of the License, 14 - .   .-<_>     .<> Foundation; either version 2 of the License,
15     ._= =}       : or (at your option) any later version. 15     ._= =}       : or (at your option) any later version.
16    .%`+i>       _;_. 16    .%`+i>       _;_.
17    .i_,=:_.      -<s. This program is distributed in the hope that 17    .i_,=:_.      -<s. This program is distributed in the hope that
18     +  .  -:.       = it will be useful, but WITHOUT ANY WARRANTY; 18     +  .  -:.       = it will be useful, but WITHOUT ANY WARRANTY;
19    : ..    .:,     . . . without even the implied warranty of 19    : ..    .:,     . . . without even the implied warranty of
20    =_        +     =;=|` MERCHANTABILITY or FITNESS FOR A 20    =_        +     =;=|` MERCHANTABILITY or FITNESS FOR A
21  _.=:.       :    :=>`: PARTICULAR PURPOSE. See the GNU 21  _.=:.       :    :=>`: PARTICULAR PURPOSE. See the GNU
22..}^=.=       =       ; Library General Public License for more 22..}^=.=       =       ; Library General Public License for more
23++=   -.     .`     .: details. 23++=   -.     .`     .: details.
24 :     =  ...= . :.=- 24 :     =  ...= . :.=-
25 -.   .:....=;==+<; You should have received a copy of the GNU 25 -.   .:....=;==+<; You should have received a copy of the GNU
26  -_. . .   )=.  = Library General Public License along with 26  -_. . .   )=.  = Library General Public License along with
27    --        :-=` this library; see the file COPYING.LIB. 27    --        :-=` this library; see the file COPYING.LIB.
28 If not, write to the Free Software Foundation, 28 If not, write to the Free Software Foundation,
29 Inc., 59 Temple Place - Suite 330, 29 Inc., 59 Temple Place - Suite 330,
30 Boston, MA 02111-1307, USA. 30 Boston, MA 02111-1307, USA.
31 31
32*/ 32*/
33 33
34#ifndef OPCAP_H 34#ifndef OPCAP_H
35#define OPCAP_H 35#define OPCAP_H
36 36
37/* LINUX */ 37/* LINUX */
38extern "C" // work around a bpf/pcap conflict in recent headers 38extern "C" // work around a bpf/pcap conflict in recent headers
39{ 39{
40 #include <pcap.h> 40 #include <pcap.h>
41} 41}
42#include <netinet/ether.h> 42#include <netinet/ether.h>
43#include <netinet/ip.h> 43#include <netinet/ip.h>
44#include <netinet/udp.h> 44#include <netinet/udp.h>
45#include <netinet/tcp.h> 45#include <netinet/tcp.h>
46#include <time.h> 46#include <time.h>
47 47
48/* QT */ 48/* QT */
49#include <qevent.h>
49#include <qhostaddress.h> 50#include <qhostaddress.h>
50#include <qobject.h> 51#include <qobject.h>
51#include <qstring.h> 52#include <qstring.h>
53#include <qmap.h>
52 54
53/* OPIE */ 55/* OPIE */
54#include <opie2/onetutils.h> 56#include <opie2/onetutils.h>
55#include "802_11_user.h" 57#include "802_11_user.h"
56 58
57/* TYPEDEFS */ 59/* TYPEDEFS */
58typedef struct timeval timevalstruct; 60typedef struct timeval timevalstruct;
59typedef struct pcap_pkthdr packetheaderstruct; 61typedef struct pcap_pkthdr packetheaderstruct;
60 62
61/* FORWARDS */ 63/* FORWARDS */
62class OPacketCapturer; 64class OPacketCapturer;
63class QSocketNotifier; 65class QSocketNotifier;
64 66
65/*====================================================================================== 67/*======================================================================================
66 * OPacket - A frame on the wire 68 * OPacket - A frame on the wire
67 *======================================================================================*/ 69 *======================================================================================*/
68 70
69class OPacket : public QObject 71class OPacket : public QObject
70{ 72{
71 Q_OBJECT 73 Q_OBJECT
72 74
73 public: 75 public:
74 OPacket( int datalink, packetheaderstruct, const unsigned char*, QObject* parent ); 76 OPacket( int datalink, packetheaderstruct, const unsigned char*, QObject* parent );
75 virtual ~OPacket(); 77 virtual ~OPacket();
76 78
77 timevalstruct timeval() const; 79 timevalstruct timeval() const;
78 80
79 int caplen() const; 81 int caplen() const;
80 int len() const; 82 int len() const;
81 QString dump( int = 32 ) const; 83 QString dump( int = 32 ) const;
82 84
85 void updateStats( QMap<QString,int>&, QObjectList* );
86
83 private: 87 private:
84 const packetheaderstruct _hdr; // pcap packet header 88 const packetheaderstruct _hdr; // pcap packet header
85 const unsigned char* _data; // pcap packet data 89 const unsigned char* _data; // pcap packet data
86 const unsigned char* _end; // end of pcap packet data 90 const unsigned char* _end; // end of pcap packet data
87}; 91};
88 92
89/*====================================================================================== 93/*======================================================================================
90 * OEthernetPacket - DLT_EN10MB frame 94 * OEthernetPacket - DLT_EN10MB frame
91 *======================================================================================*/ 95 *======================================================================================*/
92 96
93class OEthernetPacket : public QObject 97class OEthernetPacket : public QObject
94{ 98{
95 Q_OBJECT 99 Q_OBJECT
96 100
97 public: 101 public:
98 OEthernetPacket( const unsigned char*, const struct ether_header*, QObject* parent = 0 ); 102 OEthernetPacket( const unsigned char*, const struct ether_header*, QObject* parent = 0 );
99 virtual ~OEthernetPacket(); 103 virtual ~OEthernetPacket();
100 104
101 OMacAddress sourceAddress() const; 105 OMacAddress sourceAddress() const;
102 OMacAddress destinationAddress() const; 106 OMacAddress destinationAddress() const;
103 int type() const; 107 int type() const;
104 108
105 private: 109 private:
106 const struct ether_header* _ether; 110 const struct ether_header* _ether;
107}; 111};
108 112
109 113
110/*====================================================================================== 114/*======================================================================================
111 * OWaveLanPacket - DLT_IEEE802_11 frame 115 * OWaveLanPacket - DLT_IEEE802_11 frame
112 *======================================================================================*/ 116 *======================================================================================*/
113 117
114class OWaveLanPacket : public QObject 118class OWaveLanPacket : public QObject
115{ 119{
116 Q_OBJECT 120 Q_OBJECT
117 121
118 public: 122 public:
119 OWaveLanPacket( const unsigned char*, const struct ieee_802_11_header*, QObject* parent = 0 ); 123 OWaveLanPacket( const unsigned char*, const struct ieee_802_11_header*, QObject* parent = 0 );
120 virtual ~OWaveLanPacket(); 124 virtual ~OWaveLanPacket();
121 125
122 int duration() const; 126 int duration() const;
123 bool fromDS() const; 127 bool fromDS() const;
124 bool toDS() const; 128 bool toDS() const;
125 virtual OMacAddress macAddress1() const; 129 virtual OMacAddress macAddress1() const;
126 virtual OMacAddress macAddress2() const; 130 virtual OMacAddress macAddress2() const;
127 virtual OMacAddress macAddress3() const; 131 virtual OMacAddress macAddress3() const;
128 virtual OMacAddress macAddress4() const; 132 virtual OMacAddress macAddress4() const;
129 bool usesPowerManagement() const; 133 bool usesPowerManagement() const;
130 int type() const; 134 int type() const;
131 int subType() const; 135 int subType() const;
132 int version() const; 136 int version() const;
133 bool usesWep() const; 137 bool usesWep() const;
134 138
135 private: 139 private:
136 const struct ieee_802_11_header* _wlanhdr; 140 const struct ieee_802_11_header* _wlanhdr;
137}; 141};
138 142
139 143
140/*====================================================================================== 144/*======================================================================================
141 * OWaveLanManagementPacket - type: management (T_MGMT) 145 * OWaveLanManagementPacket - type: management (T_MGMT)
142 *======================================================================================*/ 146 *======================================================================================*/
143 147
144class OWaveLanManagementPacket : public QObject 148class OWaveLanManagementPacket : public QObject
145{ 149{
146 Q_OBJECT 150 Q_OBJECT
@@ -373,80 +377,83 @@ class OIPPacket : public QObject
373 const struct iphdr* _iphdr; 377 const struct iphdr* _iphdr;
374}; 378};
375 379
376/*====================================================================================== 380/*======================================================================================
377 * OUDPPacket 381 * OUDPPacket
378 *======================================================================================*/ 382 *======================================================================================*/
379 383
380class OUDPPacket : public QObject 384class OUDPPacket : public QObject
381{ 385{
382 Q_OBJECT 386 Q_OBJECT
383 387
384 public: 388 public:
385 OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 ); 389 OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 );
386 virtual ~OUDPPacket(); 390 virtual ~OUDPPacket();
387 391
388 int fromPort() const; 392 int fromPort() const;
389 int toPort() const; 393 int toPort() const;
390 394
391 private: 395 private:
392 const struct udphdr* _udphdr; 396 const struct udphdr* _udphdr;
393}; 397};
394 398
395/*====================================================================================== 399/*======================================================================================
396 * OTCPPacket 400 * OTCPPacket
397 *======================================================================================*/ 401 *======================================================================================*/
398 402
399class OTCPPacket : public QObject 403class OTCPPacket : public QObject
400{ 404{
401 Q_OBJECT 405 Q_OBJECT
402 406
403 public: 407 public:
404 OTCPPacket( const unsigned char*, const struct tcphdr*, QObject* parent = 0 ); 408 OTCPPacket( const unsigned char*, const struct tcphdr*, QObject* parent = 0 );
405 virtual ~OTCPPacket(); 409 virtual ~OTCPPacket();
406 410
407 int fromPort() const; 411 int fromPort() const;
408 int toPort() const; 412 int toPort() const;
409 413
410 private: 414 private:
411 const struct tcphdr* _tcphdr; 415 const struct tcphdr* _tcphdr;
412}; 416};
413 417
414 418
415/*====================================================================================== 419/*======================================================================================
416 * OPacketCapturer 420 * OPacketCapturer
417 *======================================================================================*/ 421 *======================================================================================*/
418 422
419class OPacketCapturer : public QObject 423class OPacketCapturer : public QObject
420{ 424{
421 Q_OBJECT 425 Q_OBJECT
422 426
423 public: 427 public:
424 OPacketCapturer( QObject* parent = 0, const char* name = 0 ); 428 OPacketCapturer( QObject* parent = 0, const char* name = 0 );
425 ~OPacketCapturer(); 429 ~OPacketCapturer();
426 430
427 void setBlocking( bool ); 431 void setBlocking( bool );
428 bool blocking() const; 432 bool blocking() const;
429 433
430 void close(); 434 void close();
431 int dataLink() const; 435 int dataLink() const;
432 int fileno() const; 436 int fileno() const;
433 OPacket* next(); 437 OPacket* next();
434 bool open( const QString& name ); 438 bool open( const QString& name );
435 bool isOpen() const; 439 bool isOpen() const;
436 440
441 const QMap<QString,int>& statistics() const;
442
437 signals: 443 signals:
438 void receivedPacket( OPacket* ); 444 void receivedPacket( OPacket* );
439 445
440 protected slots: 446 protected slots:
441 void readyToReceive(); 447 void readyToReceive();
442 448
443 protected: 449 protected:
444 QString _name; // devicename 450 QString _name; // devicename
445 bool _open; // check this before doing pcap calls 451 bool _open; // check this before doing pcap calls
446 pcap_t* _pch; // pcap library handle 452 pcap_t* _pch; // pcap library handle
447 QSocketNotifier* _sn; // socket notifier for main loop 453 QSocketNotifier* _sn; // socket notifier for main loop
448 mutable char _errbuf[PCAP_ERRBUF_SIZE]; 454 mutable char _errbuf[PCAP_ERRBUF_SIZE];
455 QMap<QString, int> _stats; // statistics;
449}; 456};
450 457
451#endif // OPCAP_H 458#endif // OPCAP_H
452 459