Commit 449cdb87 authored by Olav Kvittem's avatar Olav Kvittem

removed debug, added -k option for rec_n_print nd rec_to_file

parent e5ae5948
...@@ -45,6 +45,7 @@ ...@@ -45,6 +45,7 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <netinet/ip.h> #include <netinet/ip.h>
#include <netinet/ip6.h>
#include <netinet/udp.h> #include <netinet/udp.h>
#include <limits.h> #include <limits.h>
//#include <pcap.h> //#include <pcap.h>
...@@ -150,11 +151,8 @@ int main(int argc, char **argv) ...@@ -150,11 +151,8 @@ int main(int argc, char **argv)
"This is free software, and you are welcome to redistribute it\n" "This is free software, and you are welcome to redistribute it\n"
"under GNU GENERAL PUBLIC LICENSE Version 2.\n",VERSION); "under GNU GENERAL PUBLIC LICENSE Version 2.\n",VERSION);
struct sockaddr_storage test;
printf("Size of sockaddr_storage: %lu ss_len:%lu \n",sizeof(test),sizeof(test.ss_family));
while((retval >= 0) && while((retval >= 0) &&
((cmd_char = getopt(argc,argv,"Ahvd:p:C:fi:kl:P:n:s:6D:")) != EOF)) ((cmd_char = getopt(argc,argv,"Ahvd:p:C:fi:kl:P:n:s:6D:")) != EOF))
{ {
switch(cmd_char) switch(cmd_char)
{ {
...@@ -1024,17 +1022,29 @@ static int rec_to_file(unsigned short port, unsigned long limit) ...@@ -1024,17 +1022,29 @@ static int rec_to_file(unsigned short port, unsigned long limit)
} }
else else
{ {
if ( opt_pcap || opt_af_packet){ if ( opt_pcap || opt_af_packet){ // raw packets unwrap
if ( opt_pcap) { // ether header if ( opt_pcap) { // ether header
rude_data= (struct udp_data*) (packet + 14) ; // feil : sizeof(struct ether_header); rude_data= (struct udp_data*) (packet + 14) ; // compile error : sizeof(struct ether_header);
memcpy(&time1, &header->ts, sizeof(struct timeval)); memcpy(&time1, &header->ts, sizeof(struct timeval));
} }
unsigned short iphdrlen; unsigned short iphdrlen;
unsigned char prot;
struct iphdr *iph = (struct iphdr*)rude_data; struct iphdr *iph = (struct iphdr*)rude_data;
if ( iph->protocol == 17){ // udp if ( iph->version == 4) {
prot=iph->protocol;
iphdrlen = iph->ihl*4; iphdrlen = iph->ihl*4;
} else if ( iph->version == 6 ) { // ipv6
struct ip6_hdr *ip6h_p = (struct ip6_hdr*)iph;
prot=(unsigned char)ip6h_p->ip6_nxt;
iphdrlen = 40;
} else {
fprintf(stderr, "Unknown ip protocol : %d\n", iph->version);
return(-1);
}
if ( prot == 17){ // udp
struct udphdr *udph = (struct udphdr*)((char*)rude_data + iphdrlen); struct udphdr *udph = (struct udphdr*)((char*)rude_data + iphdrlen);
if ( ntohs(udph->dest) != port) if ( ntohs(udph->dest) != port)
continue; continue;
...@@ -1054,12 +1064,12 @@ static int rec_to_file(unsigned short port, unsigned long limit) ...@@ -1054,12 +1064,12 @@ static int rec_to_file(unsigned short port, unsigned long limit)
if ( opt_ktime) if ( opt_ktime)
ioctl(main_socket, SIOCGSTAMP, &time1); ioctl(main_socket, SIOCGSTAMP, &time1);
else if ( time1.tv_sec == 0) else if ( time1.tv_sec == 0) // if pcap already contains time
gettimeofday(&time1, NULL); gettimeofday(&time1, NULL);
int newseq=ntohl(rude_data->sequence_number); int newseq=ntohl(rude_data->sequence_number);
if ( rude_seq > 0 && newseq != (rude_seq+1) ){ if ( rude_seq > 0 && newseq != (rude_seq+1) ){
fprintf( stderr, "Lost seq : %d - %d\n", rude_seq, newseq-rude_seq-1); RUDEBUG1( "Lost seq : %d - %d\n", rude_seq, newseq-rude_seq-1);
} }
rude_seq=newseq; rude_seq=newseq;
...@@ -1116,7 +1126,7 @@ static int fork_write( ){ ...@@ -1116,7 +1126,7 @@ static int fork_write( ){
exit(1); exit(1);
} }
fcntl(pipefd[1], F_SETPIPE_SZ, 1001001); fcntl(pipefd[1], F_SETPIPE_SZ, 1001001);
fprintf( stderr, "pipe size is : %d\n", fcntl(pipefd[1], F_GETPIPE_SZ) ); RUDEBUG1( "pipe size is : %d\n", fcntl(pipefd[1], F_GETPIPE_SZ) );
child = fork(); child = fork();
if ( child){ // mother process if ( child){ // mother process
...@@ -1151,20 +1161,20 @@ static int output_data(int fd, int flush){ ...@@ -1151,20 +1161,20 @@ static int output_data(int fd, int flush){
if (flush || ochunk >= ochunksize ){ // delay writes until chunksize if (flush || ochunk >= ochunksize ){ // delay writes until chunksize
// return(0);// just to see that write is not the problem ####################### // return(0);// just to see that write is not the problem #######################
if ( ochunk > ochunksize ) ochunk=ochunksize ; if ( ochunk > ochunksize ) ochunk=ochunksize ;
gettimeofday(&tw1, NULL); // gettimeofday(&tw1, NULL);
if ( (result=write(fd, obuffer+odata, ochunk )) > 0 ){ // IO buffer overflow if ( (result=write(fd, obuffer+odata, ochunk )) > 0 ){ // IO buffer overflow
check_response(tw1, "write"); // check_response(tw1, "write");
odata= (odata + result) % obufsize; odata= (odata + result) % obufsize;
written += result; written += result;
RUDEBUG1("odata %lu ofree %d chunk %d result %d\n", odata, ofree, ochunk, (int)result); RUDEBUG1("odata %lu ofree %d chunk %d result %d\n", odata, ofree, ochunk, (int)result);
} else { // I'll be back } else { // I'll be back
check_response(tw1, "error"); // check_response(tw1, "error");
if ( result == EAGAIN || result == EWOULDBLOCK){ if ( result == EAGAIN || result == EWOULDBLOCK){
RUDEBUG1( "Write failed wouldblock: reason %d\n", (int)result); RUDEBUG1( "Write failed wouldblock: reason %d\n", (int)result);
break; // probably hit full ouput buffer break; // probably hit full ouput buffer
} else { } else {
fprintf( stderr, "Write failed : return %d : cause %s\n", (int)result, strerror(errno)); fprintf( stderr, "Write failed : return %d : cause %s\n", (int)result, strerror(errno));
} }
} }
} else { } else {
break; break;
...@@ -1287,7 +1297,11 @@ static int rec_n_print(unsigned short port, unsigned long limit) ...@@ -1287,7 +1297,11 @@ static int rec_n_print(unsigned short port, unsigned long limit)
break; break;
} }
} }
gettimeofday(&time1, NULL); if ( opt_ktime)
ioctl(main_socket, SIOCGSTAMP, &time1);
else if ( time1.tv_sec == 0) // if pcap already contains time
gettimeofday(&time1, NULL);
pkt_count++; pkt_count++;
udp_ptr = (struct udp_data*)buffer; udp_ptr = (struct udp_data*)buffer;
d_add = udp_ptr->dest_addr; d_add = udp_ptr->dest_addr;
...@@ -1296,7 +1310,7 @@ static int rec_n_print(unsigned short port, unsigned long limit) ...@@ -1296,7 +1310,7 @@ static int rec_n_print(unsigned short port, unsigned long limit)
get_str_addr(d_add,str2); get_str_addr(d_add,str2);
printf("ID=%lu SEQ=%lu SRC=%s:%hu DST=%s:%hu " printf("ID=%lu SEQ=%lu SRC=%s:%hu DST=%s:%hu "
"Tx=%lu.%06lu Rx=%ld.%06ld HOPLIMIT=%d SIZE=%ld\n", "Tx=%lu.%06lu Rx=%ld.%06ld SIZE=%ld HOPLIMIT=%d\n",
(unsigned long)ntohl(udp_ptr->flow_id), (unsigned long)ntohl(udp_ptr->flow_id),
(unsigned long)ntohl(udp_ptr->sequence_number), (unsigned long)ntohl(udp_ptr->sequence_number),
str1, ntohs(((struct sockaddr_in *)&src_addr)->sin_port), str2, port, str1, ntohs(((struct sockaddr_in *)&src_addr)->sin_port), str2, port,
......
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
#define PMAXSIZE 32768 /* Maximum accepted UDP-data field/packet size */ #define PMAXSIZE 32768 /* Maximum accepted UDP-data field/packet size */
#define MINDURAT 0.001 /* Minimum allowed flow duration in seconds (float) */ #define MINDURAT 0.001 /* Minimum allowed flow duration in seconds (float) */
#define VERSION "0.8.4" #define VERSION "0.9.0"
/* /*
* Enumeration definition for different (known) flow types * Enumeration definition for different (known) flow types
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment