Commit 53760662 authored by 's avatar
Browse files

Fixed some bugs and made better use of libnids in cooking function.



git-svn-id: file:///home/svn/mapi/trunk@392 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent 510fe967
This diff is collapsed.
......@@ -10,6 +10,7 @@ struct cooking_data
{
int threshold;
int timeout;
int ret_once;
int id;
mapid_pkthdr_t *mod_pkt_head;
......
......@@ -117,10 +117,11 @@ static void nids_syslog(int type, int errnum, struct ip *iph, void *data)
strcpy(saddr, int_ntoa(iph->ip_src.s_addr));
strcpy(daddr, int_ntoa(iph->ip_dst.s_addr));
if (errnum != NIDS_WARN_TCP_HDR)
syslog(nids_params.syslog_level,
;
/* syslog(nids_params.syslog_level,
"%s,from %s:%hu to %s:%hu\n", nids_warnings[errnum],
saddr, ntohs(((struct tcphdr *) data)->th_sport), daddr,
ntohs(((struct tcphdr *) data)->th_dport));
ntohs(((struct tcphdr *) data)->th_dport)); */
else
syslog(nids_params.syslog_level, "%s,from %s to %s\n",
nids_warnings[errnum], saddr, daddr);
......@@ -526,8 +527,8 @@ int nids_mapi_init(pcap_t *d,int ltype,int id)
init_procs(id);
tcp_init(nids_params.n_tcp_streams,id);
ip_frag_init(nids_params.n_hosts,id);
nids_params.scan_num_hosts = 0;
nids_params.scan_num_ports = 0;
nids_params.scan_num_hosts = 0;
nids_params.scan_num_ports = 0;
scan_init();
return 1;
}
......
......@@ -57,8 +57,6 @@ struct half_stream
char collect_urg;
char *data;
char *reassembled_data;
// int read;
int offset;
int count;
int count_new;
......@@ -80,8 +78,9 @@ struct half_stream
struct skbuff *list;
struct skbuff *listtail;
int read;
int total_read;
// int read;
// int total_read;
int discard;
int pkt_count;
flist_t *headers;
};
......@@ -100,8 +99,8 @@ struct tcp_stream
struct tcp_stream *prev_time;
int read;
struct tcp_stream *next_free;
int client_reassembly_limit;
int server_reassembly_limit;
// int client_reassembly_limit;
// int server_reassembly_limit;
void *flow;
};
......
......@@ -57,6 +57,8 @@ static int max_stream;
static struct tcp_stream *tcp_latest[MAX_LIBNIDS_INSTANCES], *tcp_oldest[MAX_LIBNIDS_INSTANCES];
static struct tcp_stream *free_streams[MAX_LIBNIDS_INSTANCES];
static struct ip *ugly_iphdr;
static struct tcp_stream *tcp2free[MAX_LIBNIDS_INSTANCES];
static void purge_queue(struct half_stream * h)
{
......@@ -576,6 +578,12 @@ void process_tcp(u_char * data, int skblen,int id)
struct tcp_stream *a_tcp;
struct half_stream *snd, *rcv;
//vpappas
if (tcp2free[id]) {
free_tcp(tcp2free[id], id);
tcp2free[id] = NULL;
}
ugly_iphdr = this_iphdr;
iplen = ntohs(this_iphdr->ip_len);
if ((unsigned)iplen < 4 * this_iphdr->ip_hl + sizeof(struct tcphdr)) {
......@@ -615,6 +623,7 @@ void process_tcp(u_char * data, int skblen,int id)
!(this_tcphdr->th_flags & TH_ACK) &&
!(this_tcphdr->th_flags & TH_RST))
add_new_tcp(this_tcphdr, this_iphdr,id);
//fprintf(stderr, "libnids: added stream: %p\n", find_stream(this_tcphdr, this_iphdr, &from_client,id));
return;
}
if (from_client) {
......@@ -660,7 +669,7 @@ void process_tcp(u_char * data, int skblen,int id)
for (i = a_tcp->listeners; i; i = i->next)
(i->item) (a_tcp, &i->data);
}
free_tcp(a_tcp,id);
tcp2free[id] = a_tcp; //free_tcp(a_tcp,id);
return;
}
......@@ -718,7 +727,7 @@ void process_tcp(u_char * data, int skblen,int id)
}
}
if (!a_tcp->listeners) {
free_tcp(a_tcp,id);
tcp2free[id] = a_tcp; //free_tcp(a_tcp,id);
return;
}
a_tcp->nids_state = NIDS_DATA;
......@@ -737,7 +746,7 @@ void process_tcp(u_char * data, int skblen,int id)
a_tcp->nids_state = NIDS_CLOSE;
for (i = a_tcp->listeners; i; i = i->next)
(i->item) (a_tcp, &i->data);
free_tcp(a_tcp,id);
tcp2free[id] = a_tcp; //free_tcp(a_tcp,id);
return;
}
}
......@@ -749,7 +758,7 @@ void process_tcp(u_char * data, int skblen,int id)
if (rcv->rmem_alloc > 65535)
prune_queue(rcv, this_tcphdr);
if (!a_tcp->listeners)
free_tcp(a_tcp,id);
tcp2free[id] = a_tcp; //free_tcp(a_tcp,id);
}
void
......@@ -792,7 +801,9 @@ int tcp_init(int size,int id)
streams_pool[id][i].client.headers = NULL;
streams_pool[id][i].server.headers = NULL;
streams_pool[id][i].next_free = &(streams_pool[id][i + 1]);
streams_pool[id][i].flow = NULL;
}
tcp2free[id] = NULL; //vpappas
streams_pool[id][max_stream].next_free = 0;
free_streams[id] = streams_pool[id];
......
......@@ -5,6 +5,10 @@
#include <errno.h>
#include <sys/sem.h>
#include <errno.h>
#include <signal.h>
#include <sys/mman.h>
#include "debug.h"
#include "mapidflib.h"
#include "mapidlib.h"
......@@ -12,7 +16,7 @@
#include "mapid.h"
#include "fhelp.h"
#define NUM_PKTS 5000 //Number of packets stored in buffer
#define NUM_PKTS 50 //Number of packets stored in buffer
typedef struct to_buffer {
unsigned long read_ptr; //Pointer to the last packet that was read
......@@ -30,7 +34,7 @@ static int toba_instance(mapidflib_function_instance_t *instance,
MAPI_UNUSED int fd,
MAPI_UNUSED mapidflib_flow_mod_t *flow_mod)
{
instance->def->shm_size= sizeof(to_buffer_t)+NUM_PKTS*(sizeof(struct mapid_pkthdr)+instance->hwinfo->cap_length);
instance->def->shm_size= sizeof(to_buffer_t)+NUM_PKTS*(sizeof(struct mapid_pkthdr)+instance->hwinfo->cap_length);
return 0;
};
......@@ -43,23 +47,23 @@ static int toba_init(mapidflib_function_instance_t *instance,
mbuf=instance->result.data;
mbuf->buf=(char*)instance->result.data+sizeof(to_buffer_t);
//adding semaphore
if((ret=fhlp_create_semaphore(&mbuf->sem,2))!=0) {
DEBUG_CMD(printf("Error initializing semaphore: %d\n",ret));
return ret;
}
mbuf->read_ptr=0;
mbuf->next_read_ptr=0;
mbuf->write_ptr=0;
mbuf->bufsize=NUM_PKTS*(sizeof(struct mapid_pkthdr)+instance->hwinfo->cap_length);
mbuf->bufsize=instance->def->shm_size; //because hwinfo->caplen might have been changed by cook_init
mbuf->cap_length=instance->hwinfo->cap_length;
mbuf->last_pkt=0;
mbuf->read=0;
mbuf->written=0;
return 0;
}
......@@ -70,7 +74,6 @@ static int toba_process(mapidflib_function_instance_t *instance,
{
to_buffer_t *mbuf=instance->result.data;
unsigned new_write=0, new_next_write;
//struct mapid_pkthdr* write_hdr;
char* write; //Pointer to memory where packet will be written;
struct sembuf sem_add={0,1,IPC_NOWAIT};
struct sembuf sem_wait_add={1,1,IPC_NOWAIT};
......@@ -120,16 +123,13 @@ static int toba_process(mapidflib_function_instance_t *instance,
}
else {
(*(unsigned long*)(mbuf->buf + mbuf->write_ptr)) = new_write;
// printf("newwrite: %5ld nxtwrite: %5ld read: %5ld size: %5ld pkts written: %5lld pkts read : %5lld\n",new_write, new_next_write,
// mbuf->read_ptr,pkt_head->caplen+20,mbuf->written, mbuf->read);
//Enough space in buffer for the new packet
write = mbuf->buf + new_write;
memcpy(write, pkt_head, sizeof(struct mapid_pkthdr));
write += sizeof(struct mapid_pkthdr);
memcpy(write, pkt, pkt_head->caplen);
mbuf->written++;
if(semop(mbuf->sem.id,&sem_add,1)==-1)
{
//error....
......@@ -138,9 +138,9 @@ static int toba_process(mapidflib_function_instance_t *instance,
return MFUNCT_SEM_ERROR;
/* should be handled in some way */
}
mbuf->write_ptr=new_next_write;
}
return 1;
}
......@@ -187,7 +187,7 @@ static int toba_client_read_result(mapidflib_function_instance_t *instance,mapi_
argument.val = 1;
//wait for packet(semaphore blocks when no packets ware ready in the buffer)
condid=semget(tb->sem.key,1,IPC_CREAT|0660);
if((errno=semop(condid,&sem_sub,1))==-1)
{
//error....
......@@ -197,22 +197,14 @@ static int toba_client_read_result(mapidflib_function_instance_t *instance,mapi_
return MAPI_SEM_ERR;
}
tb->read++;
tb->read_ptr = *(unsigned long*)(buf + tb->next_read_ptr);
pkt=(struct mapipkt*)(buf+tb->read_ptr);
// printf("read: %ld pkt_size=%d ",tb->read_ptr,pkt->caplen);
tb->next_read_ptr = tb->read_ptr + pkt->caplen + sizeof(struct mapid_pkthdr);
// fprintf(stderr, "read : %6ld, next read : %6ld, pkt read : %6lld\n", tb->read_ptr, tb->next_read_ptr, tb->read);
//if(tb->next_read_ptr+tb->cap_length>tb->bufsize)
//tb->next_read_ptr=0;
res->res=pkt;
res->size=pkt->caplen+sizeof(struct mapid_pkthdr);
//printf("next read: %ld write_ptr: %ld\n",tb->next_read_ptr,tb->write_ptr);
semop(condid,&sem_wait_sub,1);
return 0;
}
......@@ -226,7 +218,7 @@ static mapidflib_function_def_t finfo={
MAPIRES_SHM,
0, //shm size. Set by instance
0, //modifies_pkts
0, //filters packets
0, //filters packets
MAPIOPT_NONE, //Optimization
toba_instance,
toba_init,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment