dist/ipf/lib/ipft_td.c

   1 /*      $NetBSD$        */
   2
   3 /*
   4  * Copyright (C) 2000-2006 by Darren Reed.
   5  *
   6  * See the IPFILTER.LICENCE file for details on licencing.
   7  *
   8  * Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp
   9  */
  10
  11 /*
  12 tcpdump -n
  13
  14 00:05:47.816843 128.231.76.76.3291 > 224.2.252.231.36573: udp 36 (encap)
  15
  16 tcpdump -nq
  17
  18 00:33:48.410771 192.73.213.11.1463 > 224.2.248.153.59360: udp 31 (encap)
  19
  20 tcpdump -nqt
  21
  22 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  23
  24 tcpdump -nqtt
  25
  26 123456789.1234567 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  27
  28 tcpdump -nqte
  29
  30 8:0:20:f:65:f7 0:0:c:1:8a:c5 81: 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  31
  32 */
  33
  34 #include "ipf.h"
  35 #include "ipt.h"
  36
  37 #ifndef linux
  38 #include <netinet/ip_var.h>
  39 #endif
  40 #include <netinet/tcpip.h>
  41
  42
  43 #if !defined(lint)
  44 static const char sccsid[] = "@(#)ipft_td.c     1.8 2/4/96 (C)1995 Darren Reed";
  45 static const char rcsid[] = "@(#)Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp";
  46 #endif
  47
  48 static  int     tcpd_open __P((char *));
  49 static  int     tcpd_close __P((void));
  50 static  int     tcpd_readip __P((char *, int, char **, int *));
  51 static  int     count_dots __P((char *));
  52
  53 struct  ipread  tcpd = { tcpd_open, tcpd_close, tcpd_readip, 0 };
  54
  55 static  FILE    *tfp = NULL;
  56 static  int     tfd = -1;
  57
  58
  59 static  int     tcpd_open(fname)
  60 char    *fname;
  61 {
  62         if (tfd != -1)
  63                 return tfd;
  64
  65         if (!strcmp(fname, "-")) {
  66                 tfd = 0;
  67                 tfp = stdin;
  68         } else {
  69                 tfd = open(fname, O_RDONLY);
  70                 tfp = fdopen(tfd, "r");
  71         }
  72         return tfd;
  73 }
  74
  75
  76 static  int     tcpd_close()
  77 {
  78         (void) fclose(tfp);
  79         return close(tfd);
  80 }
  81
  82
  83 static  int     count_dots(str)
  84 char    *str;
  85 {
  86         int     i = 0;
  87
  88         while (*str)
  89                 if (*str++ == '.')
  90                         i++;
  91         return i;
  92 }
  93
  94
  95 static  int     tcpd_readip(buf, cnt, ifn, dir)
  96 char    *buf, **ifn;
  97 int     cnt, *dir;
  98 {
  99         struct  tcpiphdr pkt;
 100         ip_t    *ip = (ip_t *)&pkt;
 101         char    src[32], dst[32], misc[256], time[32], link1[32], link2[32];
 102         char    lbuf[160], *s;
 103         int     n, slen, extra = 0;
 104
 105         if (!fgets(lbuf, sizeof(lbuf) - 1, tfp))
 106                 return 0;
 107
 108         if ((s = strchr(lbuf, '\n')))
 109                 *s = '\0';
 110         lbuf[sizeof(lbuf)-1] = '\0';
 111
 112         bzero(&pkt, sizeof(pkt));
 113
 114         if ((n = sscanf(lbuf, "%31s > %31s: %255s", src, dst, misc)) != 3)
 115                 if ((n = sscanf(lbuf, "%31s %31s > %31s: %255s",
 116                                 time, src, dst, misc)) != 4)
 117                         if ((n = sscanf(lbuf, "%31s %31s: %31s > %31s: %255s",
 118                                         link1, link2, src, dst, misc)) != 5) {
 119                                 n = sscanf(lbuf,
 120                                            "%31s %31s %31s: %31s > %31s: %255s",
 121                                            time, link1, link2, src, dst, misc);
 122                                 if (n != 6)
 123                                         return -1;
 124                         }
 125
 126         if (count_dots(dst) == 4) {
 127                 s = strrchr(src, '.');
 128                 *s++ = '\0';
 129                 (void) inet_aton(src, &ip->ip_src);
 130                 pkt.ti_sport = htons(atoi(s));
 131                 *--s = '.';
 132                 s = strrchr(dst, '.');
 133
 134                 *s++ = '\0';
 135                 (void) inet_aton(src, &ip->ip_dst);
 136                 pkt.ti_dport = htons(atoi(s));
 137                 *--s = '.';
 138
 139         } else {
 140                 (void) inet_aton(src, &ip->ip_src);
 141                 (void) inet_aton(src, &ip->ip_dst);
 142         }
 143         ip->ip_len = sizeof(ip_t);
 144         IP_HL_A(ip, sizeof(ip_t));
 145
 146         s = strtok(misc, " :");
 147         if (s == NULL)
 148                 return 0;
 149         ip->ip_p = getproto(s);
 150
 151         switch (ip->ip_p)
 152         {
 153         case IPPROTO_TCP :
 154         case IPPROTO_UDP :
 155                 s = strtok(NULL, " :");
 156                 if (s == NULL)
 157                         return 0;
 158                 ip->ip_len += atoi(s);
 159                 if (ip->ip_p == IPPROTO_TCP)
 160                         extra = sizeof(struct tcphdr);
 161                 else if (ip->ip_p == IPPROTO_UDP)
 162                         extra = sizeof(struct udphdr);
 163                 break;
 164 #ifdef  IGMP
 165         case IPPROTO_IGMP :
 166                 extra = sizeof(struct igmp);
 167                 break;
 168 #endif
 169         case IPPROTO_ICMP :
 170                 extra = sizeof(struct icmp);
 171                 break;
 172         default :
 173                 break;
 174         }
 175
 176         slen = IP_HL(ip) + extra + ip->ip_len;
 177         return slen;
 178 }