added udp_headers to protocols.h

additions to top file git-svn-id: file:///home/svn/mapi/trunk@245 8d5bb341-7cf1-0310-8cf6-ba355fef3186

added udp_headers to protocols.h
additions to top file git-svn-id: file:///home/svn/mapi/trunk@245 8d5bb341-7cf1-0310-8cf6-ba355fef3186
cf013663 · 814e1611 · cf013663 · cf013663 · cf013663 · cf013663
Commit cf013663 authored Nov 08, 2005 by
--- a/protocols.h
+++ b/protocols.h
@@ -85,6 +85,13 @@ typedef struct tcp_header
 	u_short urp;          //urgent pointer
 } tcp_header;

+typedef struct udp_header 
+{
+	u_short sport;
+	u_short dport;
+	u_short length;
+	u_short sum;
+} udp_header;
 ////////////////////////////////////////////////////////////////////
 ////////////////////////////////////////////////////////////////////
 ////////////////////////////////////////////////////////////////////

--- a/stdlib/Makefile
+++ b/stdlib/Makefile
@@ -19,7 +19,7 @@ all: $(TARGETS)
 mapidstdflib.o: mapidstdflib.c ../mapidflib.h ../mapi.h
 	$(CC) $(CFLAGS) -c $<

-mapidstdflib.so: mapidstdflib.o pktcounter.o bytecounter.o getres.o strsearch.o bpffilter.o cooking.o ../fhelp.o ../mapiipc.o ../mstring.o ../list.o tobuffer.o tobuffer_all.o to_tcpdump.o sample.o startstop.o hash.o gap.o pktinfo.o res2file.o stats.o binop.o dist.o ../slist.o ../fifo.o ../cbuf.o ../flist.o hashsamp.o threshold.o bucket.o bpf_lib.a libnids.a 
+mapidstdflib.so: mapidstdflib.o pktcounter.o bytecounter.o getres.o strsearch.o bpffilter.o cooking.o top.o ../fhelp.o ../mapiipc.o ../mstring.o ../list.o tobuffer.o tobuffer_all.o to_tcpdump.o sample.o startstop.o hash.o gap.o pktinfo.o res2file.o stats.o binop.o dist.o ../slist.o ../fifo.o ../cbuf.o ../flist.o hashsamp.o threshold.o bucket.o bpf_lib.a libnids.a 
 	$(CC) $(CFLAGS) -shared  -o $@ $^ -lfl -lrt -L.. -L. $(LIB_DIR) -lm -lnet -lpcap
 	cp $@ ..

@@ -47,6 +47,9 @@ bpffilter.o: $(BPF) bpf_lib.a
 cooking.o: cooking.c cooking.h
 	$(CC) $(CFLAGS) -c $<

+top.o: top.c topx.h
+	$(CC) $(CFLAGS) -c $<
+
 to_tcpdump.o: to_tcpdump.c 
 	$(CC) $(CFLAGS) -c $<


--- a/stdlib/top.c
+++ b/stdlib/top.c
@@ -8,12 +8,147 @@
 #include "mapid.h"
 #include "fhelp.h"
 #include "topx.h"
+#include "protocols.h"
+
+struct topx_field {
+	void *pointer;
+	unsigned int len;
+};
+
+void extract_field(struct topx_field *field, unsigned char *dev_pkt,int protocol, int pfield);
+
+void extract_field(struct topx_field *field, unsigned char *dev_pkt,int protocol, int pfield) {
+	
+	ether_header* eth = NULL;
+	ip_header* ip = NULL;
+	tcp_header* tcp = NULL;
+	udp_header* udp = NULL;
+
+	int ether_len = 0, ip_len = 0;
+
+	eth = (ether_header*)dev_pkt;
+	ether_len = sizeof(ether_header);
+	ip = (ip_header*)(dev_pkt + ether_len);
+	ip_len = (ip->ver_ihl & 0xf) * 4;
+
+	switch(protocol) {
+		case TOPX_IP:
+			switch(pfield) {
+				case TOPX_IP_TOS:
+					field->pointer=&(ip->tos);
+					field->len=1;
+					break;
+				case TOPX_IP_LENGTH:
+					field->pointer=&(ip->tlen);
+					field->len=2;
+					break;
+				case TOPX_IP_ID:
+					field->pointer=&(ip->id);
+					field->len=2;
+					break;
+				case TOPX_IP_OFFSET:
+					field->pointer=&(ip->off);
+					field->len=2;
+					break;
+				case TOPX_IP_TTL:
+					field->pointer=&(ip->ttl);
+					field->len=1;
+					break;
+				case TOPX_IP_PROTOCOL:
+					field->pointer=&(ip->ptcl);
+					field->len=1;
+					break;
+				case TOPX_IP_CHECKSUM:
+					field->pointer=&(ip->sum);
+					field->len=2;
+					break;
+				case TOPX_IP_SRCIP:
+					field->pointer=&(ip->saddr);
+					field->len=4;
+					break;
+				case TOPX_IP_DSTIP:
+					field->pointer=&(ip->daddr);
+					field->len=4;
+					break;
+			}
+			break;
+		case TOPX_TCP:
+			tcp = (tcp_header*)(dev_pkt + ether_len + ip_len);
+			//tcp_len = tcp->off * 4;
+			switch(pfield) {
+				case TOPX_TCP_SRCPORT:
+					field->pointer=&(tcp->sport);
+					field->len=2;
+					break;
+				case TOPX_TCP_DSTPORT:
+					field->pointer=&(tcp->dport);
+					field->len=2;
+					break;
+				case TOPX_TCP_SEQ:
+					field->pointer=&(tcp->seq);
+					field->len=4;
+					break;
+				case TOPX_TCP_ACK:
+					field->pointer=&(tcp->ack);
+					field->len=4;
+					break;
+				case TOPX_TCP_FLAGS:
+					field->pointer=&(tcp->flags);
+					field->len=2;
+					break;
+				case TOPX_TCP_WIN:
+					field->pointer=&(tcp->win);
+					field->len=2;
+					break;
+				case TOPX_TCP_CRC:
+					field->pointer=&(tcp->crc);
+					field->len=2;
+					break;
+				case TOPX_TCP_URGENT:
+					field->pointer=&(tcp->urp);
+					field->len=2;
+					break;
+			}
+			break;
+		case TOPX_UDP:
+			udp = (udp_header *)(dev_pkt + ether_len + ip_len);
+			switch(pfield) {
+				case TOPX_UDP_SRCPORT:
+					field->pointer=&(udp->sport);
+					field->len=2;
+					break;
+				case TOPX_UDP_DSTPORT:
+					field->pointer=&(udp->dport);
+					field->len=2;
+					break;
+				case TOPX_UDP_LENGTH:
+					field->pointer=&(udp->length);
+					field->len=2;
+					break;
+				case TOPX_UDP_CHECKSUM:
+					field->pointer=&(udp->sum);
+					field->len=2;
+					break;	
+			}
+		default:
+			break;
+	}
+}

 static int topx_process(mapidflib_function_instance_t *instance,
 			MAPI_UNUSED const unsigned char* dev_pkt,
 			MAPI_UNUSED const unsigned char* link_pkt,
 			MAPI_UNUSED mapid_pkthdr_t* pkt_head)  
 {
+	
+	unsigned char *packet=link_pkt;
+	struct topx_field field;
+	
+	
+	struct topx_data *data=(struct topx_data *)(instance->internal_data);
+	
+	extract_field(&field,packet,data->protocol,data->field);
+	
    return 1;
 }

@@ -25,24 +160,32 @@ static int topx_init(mapidflib_function_instance_t *instance,
 			  MAPI_UNUSED flist_t *flist)
 {
 	mapiFunctArg* fargs;
-	int x,field;
+	int x,protocol,field;
 	
 	//return MFUNCT_INVALID_ARGUMENT_1;
  	fargs=instance->args;
 	x = getargint(&fargs);
+	if(x<0) 
+		x=1;
+
+	protocol = getargint(&fargs);
+	if(protocol!=TOPX_IP &&  protocol!=TOPX_TCP && protocol!=TOPX_UDP)
+		return MFUNCT_INVALID_ARGUMENT_2;
+	
 	field = getargint(&fargs);
 	
 	instance->internal_data = malloc(sizeof(struct topx_data));
 	((struct topx_data *)(instance->internal_data))->x=x;
+	((struct topx_data *)(instance->internal_data))->protocol=protocol;
 	((struct topx_data *)(instance->internal_data))->field=field;
 	return 0;
 }

-static mapidflib_function_def_t finfo={
+static mapidflib_function_def_t topfinfo={
    "", //libname
    "TOP", //name
    "Returns the TOP x values of a field (e.g DST_PORT)\n\tReturn value: x values of variable type according to field applied", //descr
-    "ii", //argdescr
+    "iii", //argdescr
    MAPI_DEVICE_ALL, //devoid
    MAPIRES_SHM, //Use shared memory to return results
    sizeof(unsigned long long), //shm size
@@ -59,10 +202,10 @@ static mapidflib_function_def_t finfo={
    NULL  //client_cleanup
 };

-mapidflib_function_def_t* pktc_get_funct_info();
+mapidflib_function_def_t* topx_get_funct_info();

-mapidflib_function_def_t* pktc_get_funct_info() {
-    return &finfo;
+mapidflib_function_def_t* topx_get_funct_info() {
+    return &topfinfo;
 };



--- a/stdlib/topx.h
+++ b/stdlib/topx.h
 struct topx_data {
 	int x;
+	int protocol;
 	int field;
 };
+
+#define TOPX_IP    1
+#define TOPX_TCP   2
+#define TOPX_UDP   3
+#define TOPX_ICMP  4
+
+typedef enum {
+	TOPX_IP_TOS=1,
+	TOPX_IP_LENGTH,
+	TOPX_IP_ID,
+	TOPX_IP_OFFSET,
+	TOPX_IP_TTL,
+	TOPX_IP_PROTOCOL,
+	TOPX_IP_CHECKSUM,
+	TOPX_IP_SRCIP,
+	TOPX_IP_DSTIP,
+	TOPX_TCP_SRCPORT,
+	TOPX_TCP_DSTPORT,
+	TOPX_TCP_SEQ,
+	TOPX_TCP_ACK,
+	TOPX_TCP_FLAGS,
+ 	TOPX_TCP_WIN,
+	TOPX_TCP_CRC,
+	TOPX_TCP_URGENT,
+	TOPX_UDP_SRCPORT,
+	TOPX_UDP_DSTPORT,
+	TOPX_UDP_LENGTH,
+	TOPX_UDP_CHECKSUM		
+} topxDefs;