Commit 3ec862fc authored by 's avatar
Browse files

lala



git-svn-id: file:///home/svn/mapi/trunk@258 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent de828ad3
...@@ -22,18 +22,18 @@ static int trackftp_init(mapidflib_function_instance_t *instance, ...@@ -22,18 +22,18 @@ static int trackftp_init(mapidflib_function_instance_t *instance,
/* /*
* Initialise list of filters, counters. * Initialise list of filters, counters.
*/ */
//list_init(filters, NULL);
instance->internal_data = malloc(sizeof(track_ftp_results)); instance->internal_data = malloc(sizeof(track_ftp_results));
((track_ftp_results *)(instance->internal_data))->total_byte_count=0; ((track_ftp_results *)(instance->internal_data))->total_byte_count=0;
((track_ftp_results *)(instance->internal_data))->total_pkt_count=0; ((track_ftp_results *)(instance->internal_data))->total_pkt_count=0;
((track_ftp_results *)(instance->internal_data))->filters=malloc(sizeof(flist_t)); ((track_ftp_results *)(instance->internal_data))->filters=malloc(sizeof(flist_t));
flist_init(((track_ftp_results *)(instance->internal_data))->filters); flist_init((flist_t *)((track_ftp_results *)(instance->internal_data))->filters);
return 0; return 0;
} }
void add_to_list(flist_t *list,unsigned int address1,unsigned short port1,unsigned int address2,unsigned short port2) { void add_to_list(flist_t *list, unsigned int address1, unsigned short port1,
unsigned int address2, unsigned short port2)
{
struct extract_filter *newnode; struct extract_filter *newnode;
newnode=malloc(sizeof(struct extract_filter)); newnode=malloc(sizeof(struct extract_filter));
...@@ -47,11 +47,6 @@ void add_to_list(flist_t *list,unsigned int address1,unsigned short port1,unsign ...@@ -47,11 +47,6 @@ void add_to_list(flist_t *list,unsigned int address1,unsigned short port1,unsign
int extract_ports(char *payload,int len,struct extract_res *res) { int extract_ports(char *payload,int len,struct extract_res *res) {
int i=0; int i=0;
/*printf("-----------\n");
for(i=0;i<len;i++)
printf("%c",payload[i]);
printf("\n\n");
*/
unsigned char *ptr,*tmp; unsigned char *ptr,*tmp;
unsigned char address[4]; unsigned char address[4];
unsigned char port[2]; unsigned char port[2];
...@@ -106,24 +101,27 @@ static int trackftp_process(mapidflib_function_instance_t *instance, ...@@ -106,24 +101,27 @@ static int trackftp_process(mapidflib_function_instance_t *instance,
/* /*
* Process is as follows: * Process is as follows:
* 1. If packet's src/dst port == 21, then.. * 1. If packet's src/dst port == 21, then..
* a. Increase counters, * a. Increase counters if we have any..
* b. If packet implies the start of a transfer, add a filter to the list. * b. If packet implies the start of a transfer, add a filter to the list.
* c. Let the packet through.
* 2. If packet's src/dst port and src/dst hostname match those in the list.. * 2. If packet's src/dst port and src/dst hostname match those in the list..
* a. Increase counters. * a. Increase counters (optional)..
* b. If packet implies the end of a transfer, remove filter from list. * b. If packet implies the end of a transfer, remove filter from list.
*/ */
ether_header *eth = NULL; ether_header *eth = NULL;
ip_header *ip = NULL; ip_header *ip = NULL;
tcp_header *tcp = NULL; tcp_header *tcp = NULL;
udp_header *udp = NULL; udp_header *udp = NULL;
int ether_len = 0, ip_len = 0, tcp_len = 0; int ether_len = 0, ip_len = 0, tcp_len = 0;
unsigned int src_ip,dst_ip; unsigned int src_ip, dst_ip;
unsigned short dst_port, src_port; unsigned short dst_port, src_port;
struct extract_res res; struct extract_res res;
unsigned char *payload; unsigned char *payload;
int len; int len; // Payload length.
// Temporaries.
flist_node_t *node; flist_node_t *node;
struct extract_filter *filter; struct extract_filter *filter;
...@@ -153,8 +151,8 @@ static int trackftp_process(mapidflib_function_instance_t *instance, ...@@ -153,8 +151,8 @@ static int trackftp_process(mapidflib_function_instance_t *instance,
data->total_byte_count += pkt_head->wlen; data->total_byte_count += pkt_head->wlen;
payload = link_pkt + ether_len + ip_len + tcp_len; payload = link_pkt + ether_len + ip_len + tcp_len;
len = pkt_head->wlen - (payload-link_pkt); len = pkt_head->wlen - (payload-link_pkt);
//printf("FTP Packet with payload len: %d\n",len);
if(len>4 && extract_ports(payload,len,&res)){ if(len > 4 && extract_ports(payload,len,&res)){
if(res.method==METHOD_PORT) { if(res.method==METHOD_PORT) {
add_to_list(data->filters,res.address,res.port,dst_ip,ntohs(20)); add_to_list(data->filters,res.address,res.port,dst_ip,ntohs(20));
} }
...@@ -168,13 +166,18 @@ static int trackftp_process(mapidflib_function_instance_t *instance, ...@@ -168,13 +166,18 @@ static int trackftp_process(mapidflib_function_instance_t *instance,
node=flist_head(data->filters); node=flist_head(data->filters);
while(node) { while(node) {
filter=flist_data(node); filter=flist_data(node);
//printf("Packet:: %u,%d -> %u,%d Filter:: %u,%d -> %u,%d \n",src_ip,tcp->sport,dst_ip,tcp->dport,filter->address1,filter->port1,filter->address2,filter->port2);
if( if(
(src_ip==filter->address1 && dst_ip==filter->address2 && tcp->sport==filter->port1 && tcp->dport==filter->port2) (src_ip==filter->address1 && dst_ip==filter->address2 && tcp->sport==filter->port1 && tcp->dport==filter->port2)
||(src_ip==filter->address2 && dst_ip==filter->address1 && tcp->sport==filter->port2 && tcp->dport==filter->port1)) { ||(src_ip==filter->address2 && dst_ip==filter->address1 && tcp->sport==filter->port2 && tcp->dport==filter->port1))
//printf("Match!!!!!!!!\n"); {
// Match!
data->total_pkt_count++; data->total_pkt_count++;
data->total_byte_count += pkt_head->wlen; data->total_byte_count += pkt_head->wlen;
/*
* TODO: If the packet terminates the connection, remove the filter from the list.
*/
return 1; return 1;
} }
......
...@@ -25,4 +25,5 @@ struct extract_filter { ...@@ -25,4 +25,5 @@ struct extract_filter {
}; };
int extract_ports(char *, int, struct extract_res *); int extract_ports(char *, int, struct extract_res *);
void add_to_list(flist_t *, unsigned int, unsigned short, unsigned int, unsigned short);
#endif #endif
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment