summaryrefslogtreecommitdiff
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--noncore/net/wellenreiter/libwellenreiter/source/sniff.cc23
1 files changed, 19 insertions, 4 deletions
diff --git a/noncore/net/wellenreiter/libwellenreiter/source/sniff.cc b/noncore/net/wellenreiter/libwellenreiter/source/sniff.cc
index 81eccab..3c227ab 100644
--- a/noncore/net/wellenreiter/libwellenreiter/source/sniff.cc
+++ b/noncore/net/wellenreiter/libwellenreiter/source/sniff.cc
@@ -1,320 +1,335 @@
1/* 1/*
2 * rfmon mode sniffer 2 * rfmon mode sniffer
3 * 3 *
4 * $Id$ 4 * $Id$
5 */ 5 */
6 6
7#include "sniff.hh" 7#include "sniff.hh"
8#include "ieee802_11.hh" 8#include "ieee802_11.hh"
9#include "extract.hh" 9#include "extract.hh"
10#include "log.hh" 10#include "log.hh"
11#include "proto.hh" 11#include "proto.hh"
12 12
13/* Main function, checks packets */ 13/* Main function, checks packets */
14void process_packets(const struct pcap_pkthdr *pkthdr, const unsigned char *packet, char *guihost, int guiport) 14void process_packets(const struct pcap_pkthdr *pkthdr, const unsigned char *packet, char *guihost, int guiport)
15{ 15{
16 unsigned int caplen = pkthdr->caplen; 16 unsigned int caplen = pkthdr->caplen;
17 unsigned int length = pkthdr->len; 17 unsigned int length = pkthdr->len;
18 u_int16_t fc; 18 u_int16_t fc;
19 unsigned int HEADER_LENGTH; 19 unsigned int HEADER_LENGTH;
20 20
21 /* pinfo holds all interresting information for us */ 21 /* pinfo holds all interresting information for us */
22 struct packetinfo pinfo; 22 struct packetinfo pinfo;
23 struct packetinfo *pinfoptr; 23 struct packetinfo *pinfoptr;
24 24
25 /* wl_network_t will finally be set and send to the ui */ 25 /* wl_network_t will finally be set and send to the ui */
26 wl_network_t wl_net; 26 wl_network_t wl_net;
27 27
28 pinfoptr=&pinfo; 28 pinfoptr=&pinfo;
29 29
30 pinfoptr->isvalid = 0; 30 pinfoptr->isvalid = 0;
31 pinfoptr->pktlen = pkthdr->len; 31 pinfoptr->pktlen = pkthdr->len;
32 32
33 if (caplen < IEEE802_11_FC_LEN) 33 if (caplen < IEEE802_11_FC_LEN)
34 { 34 {
35 /* This is a garbage packet, because is does not long enough 35 /* This is a garbage packet, because is does not long enough
36 to hold a 802.11b header */ 36 to hold a 802.11b header */
37 pinfoptr->isvalid = 0; 37 pinfoptr->isvalid = 0;
38 return; 38 return;
39 } 39 }
40 40
41 /* Gets the framecontrol bits (2bytes long) */ 41 /* Gets the framecontrol bits (2bytes long) */
42 fc = EXTRACT_LE_16BITS(packet); 42 fc = EXTRACT_LE_16BITS(packet);
43 43
44 HEADER_LENGTH = GetHeaderLength(fc); 44 HEADER_LENGTH = GetHeaderLength(fc);
45 45
46 if (caplen < HEADER_LENGTH) 46 if (caplen < HEADER_LENGTH)
47 { 47 {
48 /* This is a garbage packet, because it is not long enough 48 /* This is a garbage packet, because it is not long enough
49 to hold a correct header of its type */ 49 to hold a correct header of its type */
50 pinfoptr->isvalid = 0; 50 pinfoptr->isvalid = 0;
51 return; 51 return;
52 } 52 }
53 53
54 /* Decode 802.11b header out of the packet */ 54 /* Decode 802.11b header out of the packet */
55 if (decode_80211b_hdr(packet,pinfoptr) == 0) 55 if (decode_80211b_hdr(packet,pinfoptr) == 0)
56 { 56 {
57 /* Justification of the ofset to further process the packet */ 57 /* Justification of the ofset to further process the packet */
58 length -= HEADER_LENGTH; 58 length -= HEADER_LENGTH;
59 caplen -= HEADER_LENGTH; 59 caplen -= HEADER_LENGTH;
60 packet += HEADER_LENGTH; 60 packet += HEADER_LENGTH;
61 } 61 }
62 else /* Something is wrong,could not be a correct packet */ 62 else /* Something is wrong,could not be a correct packet */
63 return; 63 return;
64 64
65 switch (FC_TYPE(fc)) 65 switch (FC_TYPE(fc))
66 { 66 {
67 /* Is it a managemnet frame? */ 67 /* Is it a managemnet frame? */
68 case T_MGMT: 68 case T_MGMT:
69 switch (FC_SUBTYPE(fc)) 69 switch (FC_SUBTYPE(fc))
70 { 70 {
71 case ST_BEACON: 71 case ST_BEACON:
72 if (handle_beacon(fc, packet,pinfoptr) ==0) 72 if (handle_beacon(fc, packet,pinfoptr) ==0)
73 { 73 {
74 if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0) 74 if (!strcmp(pinfoptr->desthwaddr,"ff:ff:ff:ff:ff:ff") == 0)
75 { 75 {
76 /* Every beacon must have the broadcast as destination 76 /* Every beacon must have the broadcast as destination
77 so it must be a shitti packet */ 77 so it must be a shitti packet */
78 pinfoptr->isvalid = 0; 78 pinfoptr->isvalid = 0;
79 return; 79 return;
80 } 80 }
81 81
82 if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS) 82 if (pinfoptr->cap_ESS == pinfoptr->cap_IBSS)
83 { 83 {
84 /* Only one of both are possible, so must be 84 /* Only one of both are possible, so must be
85 a noise packet, if this comes up */ 85 a noise packet, if this comes up */
86 pinfoptr->isvalid = 0; 86 pinfoptr->isvalid = 0;
87 return; 87 return;
88 } 88 }
89 if (pinfoptr->channel < 1 || pinfoptr->channel > 14) 89 if (pinfoptr->channel < 1 || pinfoptr->channel > 14)
90 { 90 {
91 /* Only channels between 1 and 14 are possible 91 /* Only channels between 1 and 14 are possible
92 others must be noise packets */ 92 others must be noise packets */
93 pinfoptr->isvalid = 0; 93 pinfoptr->isvalid = 0;
94 return; 94 return;
95 } 95 }
96 96
97 97
98 /* Here should be the infos to the gui issued */ 98 /* Here should be the infos to the gui issued */
99 if (pinfoptr->cap_ESS == 1 &&pinfoptr->cap_IBSS ==0) 99 if (pinfoptr->cap_ESS == 1 &&pinfoptr->cap_IBSS ==0)
100 { 100 {
101 wl_loginfo("Found an access point"); 101 wl_loginfo("Found an access point");
102 wl_net.net_type=1; 102 wl_net.net_type=1;
103 } 103 }
104 else if(pinfoptr->cap_ESS == 0 && pinfoptr->cap_IBSS == 1) 104 else if(pinfoptr->cap_ESS == 0 && pinfoptr->cap_IBSS == 1)
105 { 105 {
106 wl_loginfo("Found an ad-hoc network"); 106 wl_loginfo("Found an ad-hoc network");
107 wl_net.net_type=2; 107 wl_net.net_type=2;
108 } 108 }
109 if (strcmp (pinfoptr->ssid,NONBROADCASTING) ==0) 109 if (strcmp (pinfoptr->ssid,NONBROADCASTING) ==0)
110 { 110 {
111 wl_loginfo("Net is a non-broadcasting network"); 111 wl_loginfo("Net is a non-broadcasting network");
112 } 112 }
113 else 113 else
114 { 114 {
115 wl_loginfo("SSID is: %s", pinfoptr->ssid); 115 wl_loginfo("SSID is: %s", pinfoptr->ssid);
116 // wl_net.bssid=pinfoptr->ssid; 116 // wl_net.bssid=pinfoptr->ssid;
117 } 117 }
118 118
119 wl_loginfo("SSID length is: %d", pinfoptr->ssid_len); 119 wl_loginfo("SSID length is: %d", pinfoptr->ssid_len);
120 wl_net.ssid_len=pinfoptr->ssid_len; 120 wl_net.ssid_len=pinfoptr->ssid_len;
121 121
122 wl_loginfo("Channel is: %d", pinfoptr->channel); 122 wl_loginfo("Channel is: %d", pinfoptr->channel);
123 wl_net.channel=pinfoptr->channel; 123 wl_net.channel=pinfoptr->channel;
124 wl_net.wep=pinfoptr->cap_WEP; 124 wl_net.wep=pinfoptr->cap_WEP;
125 125
126 wl_loginfo("Mac is: %s", pinfoptr->sndhwaddr); 126 wl_loginfo("Mac is: %s", pinfoptr->sndhwaddr);
127 memcpy(wl_net.mac, pinfoptr->sndhwaddr, sizeof(wl_net.mac)-1);; 127 memcpy(wl_net.mac, pinfoptr->sndhwaddr, sizeof(wl_net.mac)-1);;
128 wl_loginfo("SSID is: %s", pinfoptr->ssid); 128 wl_loginfo("SSID is: %s", pinfoptr->ssid);
129 memcpy(wl_net.bssid, pinfoptr->ssid, sizeof(wl_net.bssid)-1); 129 memcpy(wl_net.bssid, pinfoptr->ssid, sizeof(wl_net.bssid)-1);
130 130
131 // printf ("\n\tDest : %s\n",pinfoptr->desthwaddr); 131 // printf ("\n\tDest : %s\n",pinfoptr->desthwaddr);
132 send_network_found((char *)guihost, guiport, &wl_net); 132 send_network_found((char *)guihost, guiport, &wl_net);
133 wl_loginfo("Sent network to GUI '%s:%d'", guihost, guiport); 133 wl_loginfo("Sent network to GUI '%s:%d'", guihost, guiport);
134 } 134 }
135 break; 135 break;
136 default: 136 default:
137 wl_logerr("Unknown IEEE802.11 frame subtype (%d)", FC_SUBTYPE(fc)); 137 wl_logerr("Unknown IEEE802.11 frame subtype (%d)", FC_SUBTYPE(fc));
138 break; 138 break;
139 } /* End of switch over different mgt frame types */ 139 } /* End of switch over different mgt frame types */
140 140
141 break; 141 break;
142 142
143 case T_CTRL: 143 case T_CTRL:
144 wl_loginfo("Received control frame, not implemented yet"); 144 wl_loginfo("Received control frame, not implemented yet");
145 break; 145 break;
146 146
147 case T_DATA: 147 case T_DATA:
148 wl_loginfo("Received date frame, not implemented yet"); 148 wl_loginfo("Received date frame, not implemented yet");
149 break; 149 break;
150 150
151 default: 151 default:
152 wl_logerr("Unknown IEEE802.11 frame type (%d)", FC_TYPE(fc)); 152 wl_logerr("Unknown IEEE802.11 frame type (%d)", FC_TYPE(fc));
153 break; 153 break;
154 } 154 }
155} 155}
156 156
157/* This decodes the 802.11b frame header out of the 802.11b packet 157/* This decodes the 802.11b frame header out of the 802.11b packet
158 all the infos is placed into the packetinfo structure */ 158 all the infos is placed into the packetinfo structure */
159int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo) 159int decode_80211b_hdr(const u_char *p,struct packetinfo *ppinfo)
160{ 160{
161 const struct mgmt_header_t *mgthdr = (const struct mgmt_header_t *) p; 161 const struct mgmt_header_t *mgthdr = (const struct mgmt_header_t *) p;
162 ppinfo->fcsubtype = FC_SUBTYPE(mgthdr->fc); 162 ppinfo->fcsubtype = FC_SUBTYPE(mgthdr->fc);
163 163
164 /* Get the sender, bssid and dest mac address */ 164 /* Get the sender, bssid and dest mac address */
165 etheraddr_string(mgthdr->bssid,ppinfo->bssid); 165 etheraddr_string(mgthdr->bssid,ppinfo->bssid);
166 etheraddr_string(mgthdr->da,ppinfo->desthwaddr); 166 etheraddr_string(mgthdr->da,ppinfo->desthwaddr);
167 etheraddr_string(mgthdr->sa,ppinfo->sndhwaddr); 167 etheraddr_string(mgthdr->sa,ppinfo->sndhwaddr);
168 ppinfo->fc_wep = FC_WEP(mgthdr->fc); 168 ppinfo->fc_wep = FC_WEP(mgthdr->fc);
169 return 0; 169 return 0;
170} 170}
171 171
172 172
173void etheraddr_string(register const u_char *ep, char *text) 173void etheraddr_string(register const u_char *ep, char *text)
174{ 174{
175 static char hex[] = "0123456789abcdef"; 175 static char hex[] = "0123456789abcdef";
176 register unsigned int i, j; 176 register unsigned int i, j;
177 register char *cp; 177 register char *cp;
178 char buf[sizeof("00:00:00:00:00:00")]; 178 char buf[sizeof("00:00:00:00:00:00\0")];
179 cp = buf; 179 cp = buf;
180 if ((j = *ep >> 4) != 0) 180 if ((j = *ep >> 4) != 0)
181 *cp++ = hex[j]; 181 {
182 *cp++ = hex[j];
183 }
184 else
185 {
186 *cp++ = '0';
187 }
182 *cp++ = hex[*ep++ & 0xf]; 188 *cp++ = hex[*ep++ & 0xf];
183 for (i = 5; (int)--i >= 0;) { 189
190 for (i = 5; (int)--i >= 0;)
191 {
184 *cp++ = ':'; 192 *cp++ = ':';
185 if ((j = *ep >> 4) != 0) 193 if ((j = *ep >> 4) != 0)
186 *cp++ = hex[j]; 194 {
195 *cp++ = hex[j];
196 }
197 else
198 {
199 *cp++ = '0';
200 }
201
187 *cp++ = hex[*ep++ & 0xf]; 202 *cp++ = hex[*ep++ & 0xf];
188 } 203 }
189 *cp = '\0'; 204 *cp = '\0';
190 strcpy(text,buf); 205 strcpy(text,buf);
191} 206}
192 207
193/* beacon handler */ 208/* beacon handler */
194int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo) 209int handle_beacon(u_int16_t fc, const u_char *p,struct packetinfo *ppinfo)
195{ 210{
196 struct mgmt_body_t pbody; 211 struct mgmt_body_t pbody;
197 int offset = 0; 212 int offset = 0;
198 213
199 /* Get the static informations out of the packet */ 214 /* Get the static informations out of the packet */
200 memset(&pbody, 0, sizeof(pbody)); 215 memset(&pbody, 0, sizeof(pbody));
201 memcpy(&pbody.timestamp, p, 8); 216 memcpy(&pbody.timestamp, p, 8);
202 offset += 8; 217 offset += 8;
203 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset); 218 pbody.beacon_interval = EXTRACT_LE_16BITS(p+offset);
204 offset += 2; 219 offset += 2;
205 pbody.capability_info = EXTRACT_LE_16BITS(p+offset); 220 pbody.capability_info = EXTRACT_LE_16BITS(p+offset);
206 offset += 2; 221 offset += 2;
207 222
208 /* Gets the different flags out of the capabilities */ 223 /* Gets the different flags out of the capabilities */
209 ppinfo->cap_ESS = CAPABILITY_ESS(pbody.capability_info); 224 ppinfo->cap_ESS = CAPABILITY_ESS(pbody.capability_info);
210 ppinfo->cap_IBSS = CAPABILITY_IBSS(pbody.capability_info); 225 ppinfo->cap_IBSS = CAPABILITY_IBSS(pbody.capability_info);
211 ppinfo->cap_WEP = CAPABILITY_PRIVACY(pbody.capability_info); 226 ppinfo->cap_WEP = CAPABILITY_PRIVACY(pbody.capability_info);
212 227
213 /* Gets the tagged elements out of the packets */ 228 /* Gets the tagged elements out of the packets */
214 while (offset + 1 < ppinfo->pktlen) 229 while (offset + 1 < ppinfo->pktlen)
215 { 230 {
216 switch (*(p + offset)) 231 switch (*(p + offset))
217 { 232 {
218 case E_SSID: 233 case E_SSID:
219 memcpy(&(pbody.ssid),p+offset,2); offset += 2; 234 memcpy(&(pbody.ssid),p+offset,2); offset += 2;
220 if (pbody.ssid.length > 0) 235 if (pbody.ssid.length > 0)
221 { 236 {
222 memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length; 237 memcpy(&(pbody.ssid.ssid),p+offset,pbody.ssid.length); offset += pbody.ssid.length;
223 pbody.ssid.ssid[pbody.ssid.length]='\0'; 238 pbody.ssid.ssid[pbody.ssid.length]='\0';
224 if (strcmp((char *)pbody.ssid.ssid,"")==0) 239 if (strcmp((char *)pbody.ssid.ssid,"")==0)
225 memcpy(ppinfo->ssid, NONBROADCASTING, sizeof(ppinfo->ssid)); 240 memcpy(ppinfo->ssid, NONBROADCASTING, sizeof(ppinfo->ssid));
226 else 241 else
227 memcpy(ppinfo->ssid, pbody.ssid.ssid, sizeof(ppinfo->ssid)); 242 memcpy(ppinfo->ssid, pbody.ssid.ssid, sizeof(ppinfo->ssid));
228 ppinfo->ssid_len = pbody.ssid.length; 243 ppinfo->ssid_len = pbody.ssid.length;
229 } 244 }
230 break; 245 break;
231 246
232 case E_CHALLENGE: 247 case E_CHALLENGE:
233 memcpy(&(pbody.challenge),p+offset,2); offset += 2; 248 memcpy(&(pbody.challenge),p+offset,2); offset += 2;
234 if (pbody.challenge.length > 0) 249 if (pbody.challenge.length > 0)
235 { 250 {
236 memcpy(&(pbody.challenge.text),p+offset,pbody.challenge.length); offset += pbody.challenge.length; 251 memcpy(&(pbody.challenge.text),p+offset,pbody.challenge.length); offset += pbody.challenge.length;
237 pbody.challenge.text[pbody.challenge.length]='\0'; 252 pbody.challenge.text[pbody.challenge.length]='\0';
238 } 253 }
239 break; 254 break;
240 case E_RATES: 255 case E_RATES:
241 memcpy(&(pbody.rates),p+offset,2); offset += 2; 256 memcpy(&(pbody.rates),p+offset,2); offset += 2;
242 if (pbody.rates.length > 0) 257 if (pbody.rates.length > 0)
243 { 258 {
244 memcpy(&(pbody.rates.rate),p+offset,pbody.rates.length); offset += pbody.rates.length; 259 memcpy(&(pbody.rates.rate),p+offset,pbody.rates.length); offset += pbody.rates.length;
245 } 260 }
246 break; 261 break;
247 case E_DS: 262 case E_DS:
248 memcpy(&(pbody.ds),p+offset,3); offset +=3; 263 memcpy(&(pbody.ds),p+offset,3); offset +=3;
249 ppinfo->channel = pbody.ds.channel; 264 ppinfo->channel = pbody.ds.channel;
250 break; 265 break;
251 case E_CF: 266 case E_CF:
252 memcpy(&(pbody.cf),p+offset,8); offset +=8; 267 memcpy(&(pbody.cf),p+offset,8); offset +=8;
253 break; 268 break;
254 case E_TIM: 269 case E_TIM:
255 memcpy(&(pbody.tim),p+offset,2); offset +=2; 270 memcpy(&(pbody.tim),p+offset,2); offset +=2;
256 memcpy(&(pbody.tim.count),p+offset,3); offset +=3; 271 memcpy(&(pbody.tim.count),p+offset,3); offset +=3;
257 if ((pbody.tim.length -3) > 0) 272 if ((pbody.tim.length -3) > 0)
258 { 273 {
259 memcpy((pbody.tim.bitmap),p+(pbody.tim.length -3),(pbody.tim.length -3)); 274 memcpy((pbody.tim.bitmap),p+(pbody.tim.length -3),(pbody.tim.length -3));
260 offset += pbody.tim.length -3; 275 offset += pbody.tim.length -3;
261 } 276 }
262 break; 277 break;
263 default: 278 default:
264 279
265 offset+= *(p+offset+1) + 2; 280 offset+= *(p+offset+1) + 2;
266 break; 281 break;
267 } /* end of switch*/ 282 } /* end of switch*/
268 } /* end of for loop */ 283 } /* end of for loop */
269 return 0; 284 return 0;
270 285
271} /* End of handle_beacon */ 286} /* End of handle_beacon */
272 287
273 288
274int GetHeaderLength(u_int16_t fc) 289int GetHeaderLength(u_int16_t fc)
275{ 290{
276 int iLength=0; 291 int iLength=0;
277 292
278 switch (FC_TYPE(fc)) 293 switch (FC_TYPE(fc))
279 { 294 {
280 case T_MGMT: 295 case T_MGMT:
281 iLength = MGMT_HEADER_LEN; 296 iLength = MGMT_HEADER_LEN;
282 break; 297 break;
283 case T_CTRL: 298 case T_CTRL:
284 switch (FC_SUBTYPE(fc)) 299 switch (FC_SUBTYPE(fc))
285 { 300 {
286 case CTRL_PS_POLL: 301 case CTRL_PS_POLL:
287 iLength = CTRL_PS_POLL_LEN; 302 iLength = CTRL_PS_POLL_LEN;
288 break; 303 break;
289 case CTRL_RTS: 304 case CTRL_RTS:
290 iLength = CTRL_RTS_LEN; 305 iLength = CTRL_RTS_LEN;
291 break; 306 break;
292 case CTRL_CTS: 307 case CTRL_CTS:
293 iLength = CTRL_CTS_LEN; 308 iLength = CTRL_CTS_LEN;
294 break; 309 break;
295 case CTRL_ACK: 310 case CTRL_ACK:
296 iLength = CTRL_ACK_LEN; 311 iLength = CTRL_ACK_LEN;
297 break; 312 break;
298 case CTRL_CF_END: 313 case CTRL_CF_END:
299 iLength = CTRL_END_LEN; 314 iLength = CTRL_END_LEN;
300 break; 315 break;
301 case CTRL_END_ACK: 316 case CTRL_END_ACK:
302 iLength = CTRL_END_ACK_LEN; 317 iLength = CTRL_END_ACK_LEN;
303 break; 318 break;
304 default: 319 default:
305 iLength = 0; 320 iLength = 0;
306 break; 321 break;
307 } 322 }
308 break; 323 break;
309 case T_DATA: 324 case T_DATA:
310 if (FC_TO_DS(fc) && FC_FROM_DS(fc)) 325 if (FC_TO_DS(fc) && FC_FROM_DS(fc))
311 iLength = 30; 326 iLength = 30;
312 else 327 else
313 iLength = 24; 328 iLength = 24;
314 break; 329 break;
315 default: 330 default:
316 wl_logerr("unknown IEEE802.11 frame type (%d)", FC_TYPE(fc)); 331 wl_logerr("unknown IEEE802.11 frame type (%d)", FC_TYPE(fc));
317 break; 332 break;
318 } 333 }
319 return iLength; 334 return iLength;
320} 335}