Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
rude
rude
Commits
449cdb87
Commit
449cdb87
authored
Jul 09, 2015
by
Olav Kvittem
Browse files
removed debug, added -k option for rec_n_print nd rec_to_file
parent
e5ae5948
Changes
2
Hide whitespace changes
Inline
Side-by-side
crude/main.c
View file @
449cdb87
...
...
@@ -45,6 +45,7 @@
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip6.h>
#include <netinet/udp.h>
#include <limits.h>
//#include <pcap.h>
...
...
@@ -150,11 +151,8 @@ int main(int argc, char **argv)
"This is free software, and you are welcome to redistribute it
\n
"
"under GNU GENERAL PUBLIC LICENSE Version 2.
\n
"
,
VERSION
);
struct
sockaddr_storage
test
;
printf
(
"Size of sockaddr_storage: %lu ss_len:%lu
\n
"
,
sizeof
(
test
),
sizeof
(
test
.
ss_family
));
while
((
retval
>=
0
)
&&
((
cmd_char
=
getopt
(
argc
,
argv
,
"Ahvd:p:C:fi:kl:P:n:s:6D:"
))
!=
EOF
))
((
cmd_char
=
getopt
(
argc
,
argv
,
"Ahvd:p:C:fi:kl:P:n:s:6D:"
))
!=
EOF
))
{
switch
(
cmd_char
)
{
...
...
@@ -1024,17 +1022,29 @@ static int rec_to_file(unsigned short port, unsigned long limit)
}
else
{
if
(
opt_pcap
||
opt_af_packet
){
if
(
opt_pcap
||
opt_af_packet
){
// raw packets unwrap
if
(
opt_pcap
)
{
// ether header
rude_data
=
(
struct
udp_data
*
)
(
packet
+
14
)
;
//
feil
: sizeof(struct ether_header);
rude_data
=
(
struct
udp_data
*
)
(
packet
+
14
)
;
//
compile error
: sizeof(struct ether_header);
memcpy
(
&
time1
,
&
header
->
ts
,
sizeof
(
struct
timeval
));
}
unsigned
short
iphdrlen
;
unsigned
char
prot
;
struct
iphdr
*
iph
=
(
struct
iphdr
*
)
rude_data
;
if
(
iph
->
protocol
==
17
){
// udp
if
(
iph
->
version
==
4
)
{
prot
=
iph
->
protocol
;
iphdrlen
=
iph
->
ihl
*
4
;
}
else
if
(
iph
->
version
==
6
)
{
// ipv6
struct
ip6_hdr
*
ip6h_p
=
(
struct
ip6_hdr
*
)
iph
;
prot
=
(
unsigned
char
)
ip6h_p
->
ip6_nxt
;
iphdrlen
=
40
;
}
else
{
fprintf
(
stderr
,
"Unknown ip protocol : %d
\n
"
,
iph
->
version
);
return
(
-
1
);
}
if
(
prot
==
17
){
// udp
struct
udphdr
*
udph
=
(
struct
udphdr
*
)((
char
*
)
rude_data
+
iphdrlen
);
if
(
ntohs
(
udph
->
dest
)
!=
port
)
continue
;
...
...
@@ -1054,12 +1064,12 @@ static int rec_to_file(unsigned short port, unsigned long limit)
if
(
opt_ktime
)
ioctl
(
main_socket
,
SIOCGSTAMP
,
&
time1
);
else
if
(
time1
.
tv_sec
==
0
)
else
if
(
time1
.
tv_sec
==
0
)
// if pcap already contains time
gettimeofday
(
&
time1
,
NULL
);
int
newseq
=
ntohl
(
rude_data
->
sequence_number
);
if
(
rude_seq
>
0
&&
newseq
!=
(
rude_seq
+
1
)
){
fprintf
(
stderr
,
"Lost seq : %d - %d
\n
"
,
rude_seq
,
newseq
-
rude_seq
-
1
);
RUDEBUG1
(
"Lost seq : %d - %d
\n
"
,
rude_seq
,
newseq
-
rude_seq
-
1
);
}
rude_seq
=
newseq
;
...
...
@@ -1116,7 +1126,7 @@ static int fork_write( ){
exit
(
1
);
}
fcntl
(
pipefd
[
1
],
F_SETPIPE_SZ
,
1001001
);
fprintf
(
stderr
,
"pipe size is : %d
\n
"
,
fcntl
(
pipefd
[
1
],
F_GETPIPE_SZ
)
);
RUDEBUG1
(
"pipe size is : %d
\n
"
,
fcntl
(
pipefd
[
1
],
F_GETPIPE_SZ
)
);
child
=
fork
();
if
(
child
){
// mother process
...
...
@@ -1151,20 +1161,20 @@ static int output_data(int fd, int flush){
if
(
flush
||
ochunk
>=
ochunksize
){
// delay writes until chunksize
// return(0);// just to see that write is not the problem #######################
if
(
ochunk
>
ochunksize
)
ochunk
=
ochunksize
;
gettimeofday
(
&
tw1
,
NULL
);
//
gettimeofday(&tw1, NULL);
if
(
(
result
=
write
(
fd
,
obuffer
+
odata
,
ochunk
))
>
0
){
// IO buffer overflow
check_response
(
tw1
,
"write"
);
odata
=
(
odata
+
result
)
%
obufsize
;
written
+=
result
;
RUDEBUG1
(
"odata %lu ofree %d chunk %d result %d
\n
"
,
odata
,
ofree
,
ochunk
,
(
int
)
result
);
//
check_response(tw1, "write");
odata
=
(
odata
+
result
)
%
obufsize
;
written
+=
result
;
RUDEBUG1
(
"odata %lu ofree %d chunk %d result %d
\n
"
,
odata
,
ofree
,
ochunk
,
(
int
)
result
);
}
else
{
// I'll be back
check_response
(
tw1
,
"error"
);
if
(
result
==
EAGAIN
||
result
==
EWOULDBLOCK
){
RUDEBUG1
(
"Write failed wouldblock: reason %d
\n
"
,
(
int
)
result
);
break
;
// probably hit full ouput buffer
}
else
{
fprintf
(
stderr
,
"Write failed : return %d : cause %s
\n
"
,
(
int
)
result
,
strerror
(
errno
));
}
//
check_response(tw1, "error");
if
(
result
==
EAGAIN
||
result
==
EWOULDBLOCK
){
RUDEBUG1
(
"Write failed wouldblock: reason %d
\n
"
,
(
int
)
result
);
break
;
// probably hit full ouput buffer
}
else
{
fprintf
(
stderr
,
"Write failed : return %d : cause %s
\n
"
,
(
int
)
result
,
strerror
(
errno
));
}
}
}
else
{
break
;
...
...
@@ -1287,7 +1297,11 @@ static int rec_n_print(unsigned short port, unsigned long limit)
break
;
}
}
gettimeofday
(
&
time1
,
NULL
);
if
(
opt_ktime
)
ioctl
(
main_socket
,
SIOCGSTAMP
,
&
time1
);
else
if
(
time1
.
tv_sec
==
0
)
// if pcap already contains time
gettimeofday
(
&
time1
,
NULL
);
pkt_count
++
;
udp_ptr
=
(
struct
udp_data
*
)
buffer
;
d_add
=
udp_ptr
->
dest_addr
;
...
...
@@ -1296,7 +1310,7 @@ static int rec_n_print(unsigned short port, unsigned long limit)
get_str_addr
(
d_add
,
str2
);
printf
(
"ID=%lu SEQ=%lu SRC=%s:%hu DST=%s:%hu "
"Tx=%lu.%06lu Rx=%ld.%06ld HOPLIMIT=%d
SIZE=%ld
\n
"
,
"Tx=%lu.%06lu Rx=%ld.%06ld
SIZE=%ld
HOPLIMIT=%d
\n
"
,
(
unsigned
long
)
ntohl
(
udp_ptr
->
flow_id
),
(
unsigned
long
)
ntohl
(
udp_ptr
->
sequence_number
),
str1
,
ntohs
(((
struct
sockaddr_in
*
)
&
src_addr
)
->
sin_port
),
str2
,
port
,
...
...
include/rude.h
View file @
449cdb87
...
...
@@ -35,7 +35,7 @@
#define PMAXSIZE 32768
/* Maximum accepted UDP-data field/packet size */
#define MINDURAT 0.001
/* Minimum allowed flow duration in seconds (float) */
#define VERSION "0.
8.4
"
#define VERSION "0.
9.0
"
/*
* Enumeration definition for different (known) flow types
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment