summaryrefslogtreecommitdiff
path: root/libopie2
Unidiff
Diffstat (limited to 'libopie2') (more/less context) (ignore whitespace changes)
-rw-r--r--libopie2/opienet/802_11_user.h47
-rw-r--r--libopie2/opienet/opcap.cpp65
-rw-r--r--libopie2/opienet/opcap.h24
3 files changed, 110 insertions, 26 deletions
diff --git a/libopie2/opienet/802_11_user.h b/libopie2/opienet/802_11_user.h
index cd98503..ad84514 100644
--- a/libopie2/opienet/802_11_user.h
+++ b/libopie2/opienet/802_11_user.h
@@ -55,27 +55,6 @@ struct ieee_802_3_header {
55 55
56#define P80211_OUI_LEN 3 56#define P80211_OUI_LEN 3
57 57
58struct ieee_802_11_snap_header {
59
60 u_int8_t dsap; /* always 0xAA */
61 u_int8_t ssap; /* always 0xAA */
62 u_int8_t ctrl; /* always 0x03 */
63 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
64
65} __attribute__ ((packed));
66
67#define P80211_LLC_OUI_LEN 3
68
69struct ieee_802_11_802_1H_header {
70
71 u_int8_t dsap;
72 u_int8_t ssap; /* always 0xAA */
73 u_int8_t ctrl; /* always 0x03 */
74 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
75 u_int16_t unknown1; /* packet type ID fields */
76 u_int16_t unknown2; /* here is something like length in some cases */
77} __attribute__ ((packed));
78
79struct ieee_802_11_802_2_header { 58struct ieee_802_11_802_2_header {
80 59
81 u_int8_t dsap; 60 u_int8_t dsap;
@@ -83,9 +62,31 @@ struct ieee_802_11_802_2_header {
83 u_int8_t ctrl; /* always 0x03 */ 62 u_int8_t ctrl; /* always 0x03 */
84 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */ 63 u_int8_t oui[P80211_OUI_LEN]; /* organizational universal id */
85 u_int16_t type; /* packet type ID field */ 64 u_int16_t type; /* packet type ID field */
65};
86 66
87} __attribute__ ((packed)); 67/* See RFC 826 for protocol description. ARP packets are variable
88 68 in size; the arphdr structure defines the fixed-length portion.
69 Protocol type values are the same as those for 10 Mb/s Ethernet.
70 It is followed by the variable-sized fields ar_sha, arp_spa,
71 arp_tha and arp_tpa in that order, according to the lengths
72 specified. Field names used correspond to RFC 826. */
73
74#define ETH_ALEN 6
75
76struct myarphdr
77{
78 unsigned short int ar_hrd; /* Format of hardware address. */
79 unsigned short int ar_pro; /* Format of protocol address. */
80 unsigned char ar_hln; /* Length of hardware address. */
81 unsigned char ar_pln; /* Length of protocol address. */
82 unsigned short int ar_op; /* ARP opcode (command). */
83 /* Ethernet looks like this : This bit is variable sized
84 however... */
85 unsigned char ar_sha[ETH_ALEN]; /* Sender hardware address. */
86 unsigned char ar_sip[4]; /* Sender IP address. */
87 unsigned char ar_tha[ETH_ALEN]; /* Target hardware address. */
88 unsigned char ar_tip[4]; /* Target IP address. */
89};
89 90
90 91
91// following is incoplete and may be incorrect and need reorganization 92// following is incoplete and may be incorrect and need reorganization
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index 675818e..e2ab6d7 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -158,7 +158,6 @@ int OPacket::len() const
158 158
159OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent ) 159OEthernetPacket::OEthernetPacket( const unsigned char* end, const struct ether_header* data, QObject* parent )
160 :QObject( parent, "Ethernet" ), _ether( data ) 160 :QObject( parent, "Ethernet" ), _ether( data )
161
162{ 161{
163 162
164 qDebug( "Source = %s", (const char*) sourceAddress().toString() ); 163 qDebug( "Source = %s", (const char*) sourceAddress().toString() );
@@ -209,7 +208,6 @@ int OEthernetPacket::type() const
209 208
210OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent ) 209OIPPacket::OIPPacket( const unsigned char* end, const struct iphdr* data, QObject* parent )
211 :QObject( parent, "IP" ), _iphdr( data ) 210 :QObject( parent, "IP" ), _iphdr( data )
212
213{ 211{
214 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." ); 212 qDebug( "OIPPacket::OIPPacket(): decoding IP header..." );
215 213
@@ -287,6 +285,66 @@ int OIPPacket::checksum() const
287} 285}
288 286
289/*====================================================================================== 287/*======================================================================================
288 * OARPPacket
289 *======================================================================================*/
290
291
292OARPPacket::OARPPacket( const unsigned char* end, const struct myarphdr* data, QObject* parent )
293 :QObject( parent, "ARP" ), _arphdr( data )
294{
295 qDebug( "OARPPacket::OARPPacket(): decoding ARP header..." );
296 qDebug( "ARP type seems to be %02d - '%s'", EXTRACT_16BITS( &_arphdr->ar_op ), (const char*) type() );
297 qDebug( "Sender: MAC %s = IP %s", (const char*) senderMacAddress().toString(), (const char*) senderIPV4Address().toString() );
298 qDebug( "Target: MAC %s = IP %s", (const char*) targetMacAddress().toString(), (const char*) targetIPV4Address().toString() );
299}
300
301
302OARPPacket::~OARPPacket()
303{
304}
305
306
307QString OARPPacket::type() const
308{
309 switch ( EXTRACT_16BITS( &_arphdr->ar_op ) )
310 {
311 case 1: return "REQUEST";
312 case 2: return "REPLY";
313 case 3: return "RREQUEST";
314 case 4: return "RREPLY";
315 case 8: return "InREQUEST";
316 case 9: return "InREPLY";
317 case 10: return "NAK";
318 default: qWarning( "OARPPacket::type(): invalid ARP type!" ); return "<unknown>";
319 }
320}
321
322
323QHostAddress OARPPacket::senderIPV4Address() const
324{
325 return EXTRACT_32BITS( &_arphdr->ar_sip );
326}
327
328
329QHostAddress OARPPacket::targetIPV4Address() const
330{
331 return EXTRACT_32BITS( &_arphdr->ar_tip );
332}
333
334
335OMacAddress OARPPacket::senderMacAddress() const
336{
337 return OMacAddress( _arphdr->ar_sha );
338}
339
340
341OMacAddress OARPPacket::targetMacAddress() const
342{
343 return OMacAddress( _arphdr->ar_tha );
344}
345
346
347/*======================================================================================
290 * OUDPPacket 348 * OUDPPacket
291 *======================================================================================*/ 349 *======================================================================================*/
292 350
@@ -730,7 +788,8 @@ OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2
730 switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h 788 switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
731 { 789 {
732 case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break; 790 case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
733 default: qDebug( "OLLCPacket::OLLCPacket(): Unknown Encapsulation Type" ); 791 case ETH_P_ARP: new OARPPacket( end, (const struct myarphdr*) (data+1), this ); break;
792 default: qWarning( "OLLCPacket::OLLCPacket(): Unknown Encapsulation (type=%04X)", EXTRACT_16BITS( &_header->type ) );
734 } 793 }
735 794
736 } 795 }
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index bee0ca0..5a50d9b 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -438,6 +438,30 @@ class OIPPacket : public QObject
438}; 438};
439 439
440/*====================================================================================== 440/*======================================================================================
441 * OARPPacket
442 *======================================================================================*/
443
444class OARPPacket : public QObject
445{
446 Q_OBJECT
447
448 public:
449 OARPPacket( const unsigned char*, const struct myarphdr*, QObject* parent = 0 );
450 virtual ~OARPPacket();
451
452 QHostAddress senderIPV4Address() const;
453 OMacAddress senderMacAddress() const;
454 QHostAddress targetIPV4Address() const;
455 OMacAddress targetMacAddress() const;
456
457 //int type() const;
458 QString type() const;
459
460 private:
461 const struct myarphdr* _arphdr;
462};
463
464/*======================================================================================
441 * OUDPPacket 465 * OUDPPacket
442 *======================================================================================*/ 466 *======================================================================================*/
443 467