summaryrefslogtreecommitdiff
path: root/libopie2
Unidiff
Diffstat (limited to 'libopie2') (more/less context) (ignore whitespace changes)
-rw-r--r--libopie2/opienet/802_11_user.h47
-rw-r--r--libopie2/opienet/opcap.cpp65
-rw-r--r--libopie2/opienet/opcap.h24
3 files changed, 110 insertions, 26 deletions
diff --git a/libopie2/opienet/802_11_user.h b/libopie2/opienet/802_11_user.h
index cd98503..ad84514 100644
--- a/libopie2/opienet/802_11_user.h
+++ b/libopie2/opienet/802_11_user.h
@@ -42,63 +42,64 @@ struct ieee_802_11_header {
42 // u_int16_tgapLen; 42 // u_int16_tgapLen;
43 // u_int8_tgap[8]; 43 // u_int8_tgap[8];
44}; 44};
45 45
46 46
47struct ieee_802_3_header { 47struct ieee_802_3_header {
48 48
49 u_int16_tstatus; 49 u_int16_tstatus;
50 u_int16_tpayload_length; 50 u_int16_tpayload_length;
51 u_int8_tdst_mac[6]; 51 u_int8_tdst_mac[6];
52 u_int8_tsrc_mac[6]; 52 u_int8_tsrc_mac[6];
53 53
54}; 54};
55 55
56#define P80211_OUI_LEN 3 56#define P80211_OUI_LEN 3
57 57
58struct ieee_802_11_snap_header {
59
60 u_int8_t dsap; /* always 0xAA */
61 u_int8_t ssap; /* always 0xAA */
62 u_int8_t ctrl; /* always 0x03 */
63 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
64
65} __attribute__ ((packed));
66
67#define P80211_LLC_OUI_LEN 3
68
69struct ieee_802_11_802_1H_header {
70
71 u_int8_t dsap;
72 u_int8_t ssap; /* always 0xAA */
73 u_int8_t ctrl; /* always 0x03 */
74 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
75 u_int16_t unknown1; /* packet type ID fields */
76 u_int16_t unknown2; /* here is something like length in some cases */
77} __attribute__ ((packed));
78
79struct ieee_802_11_802_2_header { 58struct ieee_802_11_802_2_header {
80 59
81 u_int8_t dsap; 60 u_int8_t dsap;
82 u_int8_t ssap; /* always 0xAA */ 61 u_int8_t ssap; /* always 0xAA */
83 u_int8_t ctrl; /* always 0x03 */ 62 u_int8_t ctrl; /* always 0x03 */
84 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */ 63 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
85 u_int16_t type; /* packet type ID field */ 64 u_int16_t type; /* packet type ID field */
65};
86 66
87} __attribute__ ((packed)); 67/* See RFC 826 for protocol description. ARP packets are variable
88 68 in size; the arphdr structure defines the fixed-length portion.
69 Protocol type values are the same as those for 10 Mb/s Ethernet.
70 It is followed by the variable-sized fields ar_sha, arp_spa,
71 arp_tha and arp_tpa in that order, according to the lengths
72 specified. Field names used correspond to RFC 826. */
73
74#define ETH_ALEN 6
75
76struct myarphdr
77{
78 unsigned short int ar_hrd; /* Format of hardware address. */
79 unsigned short int ar_pro; /* Format of protocol address. */
80 unsigned char ar_hln; /* Length of hardware address. */
81 unsigned char ar_pln; /* Length of protocol address. */
82 unsigned short int ar_op; /* ARP opcode (command). */
83 /* Ethernet looks like this : This bit is variable sized
84 however... */
85 unsigned char ar_sha[ETH_ALEN]; /* Sender hardware address. */
86 unsigned char ar_sip[4]; /* Sender IP address. */
87 unsigned char ar_tha[ETH_ALEN]; /* Target hardware address. */
88 unsigned char ar_tip[4]; /* Target IP address. */
89};
89 90
90 91
91// following is incoplete and may be incorrect and need reorganization 92// following is incoplete and may be incorrect and need reorganization
92 93
93 #define ieee_802_11_frame_type_Management0x00 94 #define ieee_802_11_frame_type_Management0x00
94 #define ieee_802_11_frame_type_Control 0x01 95 #define ieee_802_11_frame_type_Control 0x01
95 #define ieee_802_11_frame_type_Data 0x10 96 #define ieee_802_11_frame_type_Data 0x10
96 #define ieee_802_11_frame_type_Reserved 0x11 97 #define ieee_802_11_frame_type_Reserved 0x11
97 98
98 #define ieee_802_11_frame_subtype_Association_Req0x0 // Association Request 99 #define ieee_802_11_frame_subtype_Association_Req0x0 // Association Request
99 #define ieee_802_11_frame_subtype_Association_Resp0x1 // Association Response 100 #define ieee_802_11_frame_subtype_Association_Resp0x1 // Association Response
100 #define ieee_802_11_frame_subtype_Reassociation_Req0x2 // Reassociation Request 101 #define ieee_802_11_frame_subtype_Reassociation_Req0x2 // Reassociation Request
101 #define ieee_802_11_frame_subtype_Reassociation_Resp0x3 // Reassociation Response 102 #define ieee_802_11_frame_subtype_Reassociation_Resp0x3 // Reassociation Response
102 #define ieee_802_11_frame_subtype_Probe_Req 0x4 // Probe Request 103 #define ieee_802_11_frame_subtype_Probe_Req 0x4 // Probe Request
103 #define ieee_802_11_frame_subtype_Probe_Resp 0x5 // Probe Response 104 #define ieee_802_11_frame_subtype_Probe_Resp 0x5 // Probe Response
104 #define ieee_802_11_frame_subtype_Beacon 0x8 // Beacon 105 #define ieee_802_11_frame_subtype_Beacon 0x8 // Beacon
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index 675818e..e2ab6d7 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -145,33 +145,32 @@ QString OPacket::dump( int bpl ) const
145 return str; 145 return str;
146} 146}
147 147
148 148
149int OPacket::len() const 149int OPacket::len() const
150{ 150{
151 return _hdr.len; 151 return _hdr.len;
152} 152}
153 153
154 154
155/*====================================================================================== 155/*======================================================================================
156 * OEthernetPacket 156 * OEthernetPacket
157 *======================================================================================*/ 157 *======================================================================================*/
158 158
159OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent ) 159OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
160 :QObject( parent, "Ethernet" ), _ether( data ) 160 :QObject( parent, "Ethernet" ), _ether( data )
161
162{ 161{
163 162
164 qDebug( "Source = %s", (const char*) sourceAddress().toString() ); 163 qDebug( "Source = %s", (const char*) sourceAddress().toString() );
165 qDebug( "Destination = %s", (const char*) destinationAddress().toString() ); 164 qDebug( "Destination = %s", (const char*) destinationAddress().toString() );
166 165
167 if ( sourceAddress() == OMacAddress::broadcast ) 166 if ( sourceAddress() == OMacAddress::broadcast )
168 qDebug( "Source is broadcast address" ); 167 qDebug( "Source is broadcast address" );
169 if ( destinationAddress() == OMacAddress::broadcast ) 168 if ( destinationAddress() == OMacAddress::broadcast )
170 qDebug( "Destination is broadcast address" ); 169 qDebug( "Destination is broadcast address" );
171 170
172 switch ( type() ) 171 switch ( type() )
173 { 172 {
174 case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break; 173 case ETHERTYPE_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
175 case ETHERTYPE_ARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = ARP" ); break; } 174 case ETHERTYPE_ARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = ARP" ); break; }
176 case ETHERTYPE_REVARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" ); break; } 175 case ETHERTYPE_REVARP: { qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = RARP" ); break; }
177 default: qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" ); 176 default: qDebug( "OPacket::OPacket(): Received Ethernet Packet : Type = UNKNOWN" );
@@ -196,33 +195,32 @@ OMacAddress OEthernetPacket::destinationAddress() const
196 return OMacAddress( _ether->ether_dhost ); 195 return OMacAddress( _ether->ether_dhost );
197} 196}
198 197
199int OEthernetPacket::type() const 198int OEthernetPacket::type() const
200{ 199{
201 return ntohs( _ether->ether_type ); 200 return ntohs( _ether->ether_type );
202} 201}
203 202
204 203
205/*====================================================================================== 204/*======================================================================================
206 * OIPPacket 205 * OIPPacket
207 *======================================================================================*/ 206 *======================================================================================*/
208 207
209 208
210OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent ) 209OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
211 :QObject( parent, "IP" ), _iphdr( data ) 210 :QObject( parent, "IP" ), _iphdr( data )
212
213{ 211{
214 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." ); 212 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." );
215 213
216 //qDebug( "FromAddress: %s", (const char*) inet_ntoa( *src ) ); 214 //qDebug( "FromAddress: %s", (const char*) inet_ntoa( *src ) );
217 //qDebug( " ToAddress: %s", (const char*) inet_ntoa( *dst ) ); 215 //qDebug( " ToAddress: %s", (const char*) inet_ntoa( *dst ) );
218 216
219 qDebug( "FromAddress: %s", (const char*) fromIPAddress().toString() ); 217 qDebug( "FromAddress: %s", (const char*) fromIPAddress().toString() );
220 qDebug( " toAddress: %s", (const char*) toIPAddress().toString() ); 218 qDebug( " toAddress: %s", (const char*) toIPAddress().toString() );
221 219
222 switch ( protocol() ) 220 switch ( protocol() )
223 { 221 {
224 case IPPROTO_UDP: new OUDPPacket( end, (const struct udphdr*) (data+1), this ); break; 222 case IPPROTO_UDP: new OUDPPacket( end, (const struct udphdr*) (data+1), this ); break;
225 case IPPROTO_TCP: new OTCPPacket( end, (const struct tcphdr*) (data+1), this ); break; 223 case IPPROTO_TCP: new OTCPPacket( end, (const struct tcphdr*) (data+1), this ); break;
226 default: qDebug( "OIPPacket::OIPPacket(): unknown IP protocol type = %d", protocol() ); 224 default: qDebug( "OIPPacket::OIPPacket(): unknown IP protocol type = %d", protocol() );
227 } 225 }
228 226
@@ -274,32 +272,92 @@ int OIPPacket::ttl() const
274 return _iphdr->ttl; 272 return _iphdr->ttl;
275} 273}
276 274
277 275
278int OIPPacket::protocol() const 276int OIPPacket::protocol() const
279{ 277{
280 return _iphdr->protocol; 278 return _iphdr->protocol;
281} 279}
282 280
283 281
284int OIPPacket::checksum() const 282int OIPPacket::checksum() const
285{ 283{
286 return EXTRACT_16BITS( &_iphdr->check ); 284 return EXTRACT_16BITS( &_iphdr->check );
287} 285}
288 286
289/*====================================================================================== 287/*======================================================================================
288 * OARPPacket
289 *======================================================================================*/
290
291
292OARPPacket::OARPPacket( const unsigned char* end, const struct myarphdr* data, QObject* parent )
293 :QObject( parent, "ARP" ), _arphdr( data )
294{
295 qDebug( "OARPPacket::OARPPacket(): decoding ARP header..." );
296 qDebug( "ARP type seems to be %02d - '%s'", EXTRACT_16BITS( &_arphdr->ar_op ), (const char*) type() );
297 qDebug( "Sender: MAC %s = IP %s", (const char*) senderMacAddress().toString(), (const char*) senderIPV4Address().toString() );
298 qDebug( "Target: MAC %s = IP %s", (const char*) targetMacAddress().toString(), (const char*) targetIPV4Address().toString() );
299}
300
301
302OARPPacket::~OARPPacket()
303{
304}
305
306
307QString OARPPacket::type() const
308{
309 switch ( EXTRACT_16BITS( &_arphdr->ar_op ) )
310 {
311 case 1: return "REQUEST";
312 case 2: return "REPLY";
313 case 3: return "RREQUEST";
314 case 4: return "RREPLY";
315 case 8: return "InREQUEST";
316 case 9: return "InREPLY";
317 case 10: return "NAK";
318 default: qWarning( "OARPPacket::type(): invalid ARP type!" ); return "<unknown>";
319 }
320}
321
322
323QHostAddress OARPPacket::senderIPV4Address() const
324{
325 return EXTRACT_32BITS( &_arphdr->ar_sip );
326}
327
328
329QHostAddress OARPPacket::targetIPV4Address() const
330{
331 return EXTRACT_32BITS( &_arphdr->ar_tip );
332}
333
334
335OMacAddress OARPPacket::senderMacAddress() const
336{
337 return OMacAddress( _arphdr->ar_sha );
338}
339
340
341OMacAddress OARPPacket::targetMacAddress() const
342{
343 return OMacAddress( _arphdr->ar_tha );
344}
345
346
347/*======================================================================================
290 * OUDPPacket 348 * OUDPPacket
291 *======================================================================================*/ 349 *======================================================================================*/
292 350
293 351
294OUDPPacket::OUDPPacket( const unsigned char* end, const struct udphdr* data, QObject* parent ) 352OUDPPacket::OUDPPacket( const unsigned char* end, const struct udphdr* data, QObject* parent )
295 :QObject( parent, "UDP" ), _udphdr( data ) 353 :QObject( parent, "UDP" ), _udphdr( data )
296 354
297{ 355{
298 qDebug( "OUDPPacket::OUDPPacket(): decoding UDP header..." ); 356 qDebug( "OUDPPacket::OUDPPacket(): decoding UDP header..." );
299} 357}
300 358
301OUDPPacket::~OUDPPacket() 359OUDPPacket::~OUDPPacket()
302{ 360{
303} 361}
304 362
305 363
@@ -717,33 +775,34 @@ OWaveLanDataPacket::~OWaveLanDataPacket()
717/*====================================================================================== 775/*======================================================================================
718 * OLLCPacket 776 * OLLCPacket
719 *======================================================================================*/ 777 *======================================================================================*/
720 778
721OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent ) 779OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )
722 :QObject( parent, "802.11 LLC" ), _header( data ) 780 :QObject( parent, "802.11 LLC" ), _header( data )
723{ 781{
724 qDebug( "OLLCPacket::OLLCPacket(): decoding frame..." ); 782 qDebug( "OLLCPacket::OLLCPacket(): decoding frame..." );
725 783
726 if ( !(_header->oui[0] || _header->oui[1] || _header->oui[2]) ) 784 if ( !(_header->oui[0] || _header->oui[1] || _header->oui[2]) )
727 { 785 {
728 qDebug( "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type=%04X)", EXTRACT_16BITS( &_header->type ) ); 786 qDebug( "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type=%04X)", EXTRACT_16BITS( &_header->type ) );
729 787
730 switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h 788 switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
731 { 789 {
732 case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break; 790 case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
733 default: qDebug( "OLLCPacket::OLLCPacket(): Unknown Encapsulation Type" ); 791 case ETH_P_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
792 default: qWarning( "OLLCPacket::OLLCPacket(): Unknown Encapsulation (type=%04X)", EXTRACT_16BITS( &_header->type ) );
734 } 793 }
735 794
736 } 795 }
737} 796}
738 797
739 798
740OLLCPacket::~OLLCPacket() 799OLLCPacket::~OLLCPacket()
741{ 800{
742} 801}
743 802
744 803
745/*====================================================================================== 804/*======================================================================================
746 * OWaveLanControlPacket 805 * OWaveLanControlPacket
747 *======================================================================================*/ 806 *======================================================================================*/
748 807
749OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent ) 808OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index bee0ca0..5a50d9b 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -425,32 +425,56 @@ class OIPPacket : public QObject
425 QHostAddress fromIPAddress() const; 425 QHostAddress fromIPAddress() const;
426 QHostAddress toIPAddress() const; 426 QHostAddress toIPAddress() const;
427 427
428 int tos() const; 428 int tos() const;
429 int len() const; 429 int len() const;
430 int id() const; 430 int id() const;
431 int offset() const; 431 int offset() const;
432 int ttl() const; 432 int ttl() const;
433 int protocol() const; 433 int protocol() const;
434 int checksum() const; 434 int checksum() const;
435 435
436 private: 436 private:
437 const struct iphdr* _iphdr; 437 const struct iphdr* _iphdr;
438}; 438};
439 439
440/*====================================================================================== 440/*======================================================================================
441 * OARPPacket
442 *======================================================================================*/
443
444class OARPPacket : public QObject
445{
446 Q_OBJECT
447
448 public:
449 OARPPacket( const unsigned char*, const struct myarphdr*, QObject* parent = 0 );
450 virtual ~OARPPacket();
451
452 QHostAddress senderIPV4Address() const;
453 OMacAddress senderMacAddress() const;
454 QHostAddress targetIPV4Address() const;
455 OMacAddress targetMacAddress() const;
456
457 //int type() const;
458 QString type() const;
459
460 private:
461 const struct myarphdr* _arphdr;
462};
463
464/*======================================================================================
441 * OUDPPacket 465 * OUDPPacket
442 *======================================================================================*/ 466 *======================================================================================*/
443 467
444class OUDPPacket : public QObject 468class OUDPPacket : public QObject
445{ 469{
446 Q_OBJECT 470 Q_OBJECT
447 471
448 public: 472 public:
449 OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 ); 473 OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 );
450 virtual ~OUDPPacket(); 474 virtual ~OUDPPacket();
451 475
452 int fromPort() const; 476 int fromPort() const;
453 int toPort() const; 477 int toPort() const;
454 478
455 private: 479 private:
456 const struct udphdr* _udphdr; 480 const struct udphdr* _udphdr;