search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bump version
[prads.git] / src / config.c
blobc3a7eb7c9285eff03c2f7e3689e72febae782dba
1 /*
2 ** This file is a part of PRADS.
3 **
4 ** Copyright (C) 2010, Edward Fjellskål <edward.fjellskaal@redpill-linpro.com>
5 ** Copyright (C) 2010, Kacper Wysocki <kacper.wysocki@redpill-linpro.com>
6 ** Adopted from PADS by Matt Shelton
7 ** Copyright (C) 2004 Matt Shelton <matt@mattshelton.com>
8 **
9 ** This program is free software; you can redistribute it and/or modify
10 ** it under the terms of the GNU General Public License as published by
11 ** the Free Software Foundation; either version 2 of the License, or
12 ** (at your option) any later version.
13 **
14 ** This program is distributed in the hope that it will be useful,
15 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
16 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ** GNU General Public License for more details.
18 **
19 ** You should have received a copy of the GNU General Public License
20 ** along with this program; if not, write to the Free Software
21 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 **
23 */
24
25 /* I N C L U D E S *********************************************************/
26 #include "common.h"
27 #include "prads.h"
28 #include "sys_func.h"
29 #include "config.h"
30
31 /* G L O B A L E S *********************************************************/
32 extern globalconfig config;
33
34 /* F U N C T I O N S ********************************************************/
35 void display_config()
36 {
37 printf("[*] OS checks enabled:");
38 if (IS_COSET(&config,CO_SYN)) printf (" SYN");
39 if (IS_COSET(&config,CO_SYNACK)) printf (" SYNACK");
40 if (IS_COSET(&config,CO_RST)) printf (" RST");
41 if (IS_COSET(&config,CO_FIN)) printf (" FIN");
42 if (IS_COSET(&config,CO_ACK)) printf (" ACK");
43 printf("\n");
44
45 printf("[*] Service checks enabled:");
46 if (IS_CSSET(&config,CS_TCP_SERVER)) printf (" TCP-SERVER");
47 if (IS_CSSET(&config,CS_TCP_CLIENT)) printf (" TCP-CLIENT");
48 if (IS_CSSET(&config,CS_UDP_SERVICES)) printf (" UDP-SERVICES");
49 if (IS_CSSET(&config,CS_ICMP)) printf (" ICMP");
50 if (IS_CSSET(&config,CS_ARP)) printf (" ARP");
51 printf("\n");
52
53 return;
54 }
55
56 void free_config()
57 {
58 if (config.dev != NULL) free (config.dev);
59 if (config.cfilter.bf_insns != NULL) free (config.cfilter.bf_insns);
60 // Grr - no nice way to tell if the settings comes from configfile or not :/
61 if (config.pidfile != NULL) free(config.pidfile);
62 if (config.user_name != NULL) free(config.user_name);
63 if (config.group_name != NULL) free(config.group_name);
64 if (config.bpff != NULL) free(config.bpff);
65 }
66
67 void set_default_config_options()
68 {
69 config.ctf |= CO_SYN;
70 config.ctf |= CO_RST;
71 config.ctf |= CO_FIN;
72 config.ctf |= CO_ACK;
73 config.ctf |= CO_SYNACK;
74 //config.ctf |= CO_ICMP;
75 //config.ctf |= CO_UDP;
76 //config.ctf |= CO_OTHER;
77 config.cof |= CS_TCP_SERVER;
78 config.cof |= CS_TCP_CLIENT;
79 config.cof |= CS_UDP_SERVICES;
80 config.dev = strdup("eth0");
81 config.bpff = strdup("");
82 config.dpath = "/tmp";
83 config.pidfile = strdup("prads.pid");
84 config.pidpath = strdup("/var/run");
85 config.assetlog= bfromcstr(LOGDIR PRADS_ASSETLOG);
86 // default source net owns everything
87 config.s_net = "0.0.0.0/0,::/0";
88 config.errbuf[0] = '\0';
89 config.configpath = CONFDIR "";
90 // files should be relative to configpath somehow
91 config.sig_file_syn = CONFDIR "tcp-syn.fp";
92 config.sig_file_synack = CONFDIR "tcp-synack.fp";
93 config.sig_file_ack = CONFDIR "tcp-stray-ack.fp";
94 config.sig_file_fin = CONFDIR "tcp-fin.fp";
95 config.sig_file_rst = CONFDIR "tcp-rst.fp";
96 config.sig_syn = NULL;
97 config.sig_synack = NULL;
98 config.sig_ack = NULL;
99 config.sig_fin = NULL;
100 config.sig_rst = NULL;
101 config.sig_hashsize = 241;
102 // don't chroot by default
103 config.chroot_dir = NULL;
104 }
105
106 void parse_config_file(bstring fname)
107 {
108 FILE *fp;
109 bstring filedata;
110 struct bstrList *lines;
111 int i;
112 vlog(0x3, "config - Processing '%s'.", bdata(fname));
113
114 if ((fp = fopen((char *)bdata(fname), "r")) == NULL) {
115 elog("Unable to open configuration file - %s\n", bdata(fname));
116 return;
117 }
118
119 filedata = bread ((bNread) fread, fp);
120 if ((lines = bsplit(filedata, '\n')) != NULL) {
121 for (i = 0; i < lines->qty; i++) {
122 parse_line(lines->entry[i]);
123 }
124 }
125
126 bdestroy(filedata);
127 bstrListDestroy(lines);
128 fclose(fp);
129 }
130
131 void parse_line (bstring line)
132 {
133 bstring param, value;
134 struct bstrList *list;
135 int i;
136 /* Check to see if this line has something to read. */
137 if (line->data[0] == '\0' || line->data[0] == '#')
138 return;
139
140 /* Check to see if this line has a comment in it. */
141 if ((list = bsplit(line, '#')) != NULL) {
142 if ((bassign(line, list->entry[0])) == -1) {
143 elog("warning: 'bassign' in function 'parse_line' failed.\n");
144 }
145 if (list != NULL)
146 bstrListDestroy(list);
147 }
148
149 /* Separate line into a parameter and a value. */
150 if ((i = bstrchr(line, '=')) == BSTR_ERR)
151 return;
152 if ((param = bmidstr(line, 0, i)) == NULL)
153 return;
154 if ((value = bmidstr(line, i + 1, line->slen - i)) == NULL)
155 return;
156
157 /* Normalize Strings */
158 if ((btolower(param)) != 0)
159 elog("warning: 'btolower' in function 'parse_line' failed.\n");
160 if ((bltrim(value)) != 0)
161 elog("warning: 'bltrim' in function 'parse_line' failed.\n");
162 if ((brtrim(value)) != 0)
163 elog("warning: 'brtrim' in function 'parse_line' failed.\n");
164
165 /* Do something based upon value. */
166 if ((biseqcstr(param, "daemon")) == 1) {
167 /* DAEMON */
168 if (!config.daemon_flag) {
169 if (value->data[0] == '1')
170 config.daemon_flag = 1;
171 else
172 config.daemon_flag = 0;
173 }
174 } else if ((biseqcstr(param, "arp")) == 1) {
175 /* ARP CHECK */
176 if (value->data[0] == '1')
177 config.cof |= CS_ARP;
178 else
179 config.cof &= ~CS_ARP;
180 } else if ((biseqcstr(param, "service_tcp")) == 1) {
181 /* TCP Service check */
182 if (value->data[0] == '1')
183 config.cof |= CS_TCP_SERVER;
184 else
185 config.cof &= ~CS_TCP_SERVER;
186 } else if ((biseqcstr(param, "client_tcp")) == 1) {
187 /* TCP Client check */
188 if (value->data[0] == '1')
189 config.cof |= CS_TCP_CLIENT;
190 else
191 config.cof &= ~CS_TCP_CLIENT;
192 } else if ((biseqcstr(param, "service_udp")) == 1) {
193 /* UPD service and client checks */
194 if (value->data[0] == '1')
195 config.cof |= CS_UDP_SERVICES;
196 else
197 config.cof &= ~CS_UDP_SERVICES;
198 } else if ((biseqcstr(param, "os_icmp")) == 1) {
199 /* ICMP OS Fingerprinting */
200 if (value->data[0] == '1')
201 config.ctf |= CO_ICMP;
202 else
203 config.ctf &= ~CO_ICMP;
204 } else if ((biseqcstr(param, "os_udp")) == 1) {
205 /* UDP OS Fingerprinting */
206 if (value->data[0] == '1')
207 config.ctf |= CO_UDP;
208 else
209 config.ctf &= ~CO_UDP;
210 } else if ((biseqcstr(param, "service_udp")) == 1) {
211 /* UPD service and client checks */
212 if (value->data[0] == '1')
213 config.cof |= CS_UDP_SERVICES;
214 else
215 config.cof &= ~CS_UDP_SERVICES;
216 } else if ((biseqcstr(param, "os_syn_fingerprint")) == 1) {
217 /* TCP SYN OS Fingerprinting */
218 if (value->data[0] == '1')
219 config.ctf |= CO_SYN;
220 else
221 config.ctf &= ~CO_SYN;
222 } else if ((biseqcstr(param, "os_synack_fingerprint")) == 1) {
223 /* TCP SYNACK OS Fingerprinting */
224 if (value->data[0] == '1')
225 config.ctf |= CO_SYNACK;
226 else
227 config.ctf &= ~CO_SYNACK;
228 } else if ((biseqcstr(param, "os_ack_fingerprint")) == 1) {
229 /* TCP Stray ACK OS Fingerprinting */
230 if (value->data[0] == '1')
231 config.ctf |= CO_ACK;
232 else
233 config.ctf &= ~CO_ACK;
234 } else if ((biseqcstr(param, "os_rst_fingerprint")) == 1) {
235 /* TCP RST OS Fingerprinting */
236 if (value->data[0] == '1')
237 config.ctf |= CO_RST;
238 else
239 config.ctf &= ~CO_RST;
240 } else if ((biseqcstr(param, "os_fin_fingerprint")) == 1) {
241 /* TCP FIN OS Fingerprinting */
242 if (value->data[0] == '1')
243 config.ctf |= CO_FIN;
244 else
245 config.ctf &= ~CO_FIN;
246
247 } else if ((biseqcstr(param, "pid_file")) == 1) {
248 /* PID FILE */
249 free(config.pidfile);
250 config.pidfile = bstr2cstr(value, '-');
251 } else if ((biseqcstr(param, "asset_log")) == 1) {
252 /* PRADS ASSET LOG */
253 config.assetlog = bstrcpy(value);
254 } else if ((biseqcstr(param, "sig_file_serv_tcp")) == 1) {
255 /* SIGNATURE FILE */
256 config.sig_file_serv_tcp = bstrcpy(value);
257 } else if ((biseqcstr(param, "sig_file_cli_tcp")) == 1) {
258 /* SIGNATURE FILE */
259 config.sig_file_cli_tcp = bstrcpy(value);
260 } else if ((biseqcstr(param, "sig_file_serv_udp")) == 1) {
261 /* SIGNATURE FILE */
262 config.sig_file_serv_udp = bstrcpy(value);
263 } else if ((biseqcstr(param, "sig_file_cli_udp")) == 1) {
264 /* SIGNATURE FILE */
265 config.sig_file_cli_udp = bstrcpy(value);
266 } else if ((biseqcstr(param, "mac_file")) == 1) {
267 /* MAC / VENDOR RESOLUTION FILE */
268 config.sig_file_mac = bstrcpy(value);
269 } else if ((biseqcstr(param, "output")) == 1) {
270 /* OUTPUT */
271 //conf_module_plugin(value, &activate_output_plugin);
272 } else if ((biseqcstr(param, "user")) == 1) {
273 /* USER */
274 config.user_name = bstr2cstr(value, '-');
275 } else if ((biseqcstr(param, "group")) == 1) {
276 /* GROUP */
277 config.group_name = bstr2cstr(value, '-');
278 } else if ((biseqcstr(param, "interface")) == 1) {
279 /* INTERFACE */
280 free(config.dev);
281 config.dev = bstr2cstr(value, '-');
282 } else if ((biseqcstr(param, "bpfilter")) == 1) {
283 /* FILTER */
284 free(config.bpff);
285 config.bpff = bstr2cstr(value, '-');
286
287 // } else if ((biseqcstr(param, "network")) == 1) {
288 // /* NETWORK */
289 // parse_networks((unsigned char *)bdata(value));
290 // } else if ((biseqcstr(param, "hide_unknowns")) == 1) {
291 // /* UNKNOWN */
292 // if (!config.hide_unknowns) {
293 // if (value->data[0] == '1')
294 // config.hide_unknowns = 1;
295 // else
296 // config.hide_unknowns = 0;
297 // }
298 }
299
300 vlog(0x3,"config - PARAM: |%s| / VALUE: |%s|\n", bdata(param), bdata(value));
301
302 /* Clean Up */
303 if (param != NULL)
304 bdestroy(param);
305 if (value != NULL)
306 bdestroy(value);
307 }
308
309 /* ----------------------------------------------------------
310 * FUNCTION : bltrim
311 * DESCRIPTION : This function will trim the whitespace from
312 * : the left side of a string.
313 * INPUT : 0 - String
314 * ---------------------------------------------------------- */
315 int bltrim (bstring string)
316 {
317 int i;
318 int len = 0;
319
320 /* Find Whitespace */
321 for (i = 0; i < string->slen; i++) {
322 if (string->data[i] == ' ' || string->data[i] == '\t')
323 len++;
324 else
325 break;
326 }
327
328 /* Remove Whitespace */
329 if (len > 0)
330 bdelete(string, 0, len);
331
332 return 0;
333 }
334
335 /* ----------------------------------------------------------
336 * FUNCTION : brtrim
337 * DESCRIPTION : This function will trim the whitespace from
338 * : the right side of a string.
339 * INPUT : 0 - String
340 * ---------------------------------------------------------- */
341 int brtrim (bstring string)
342 {
343 int i;
344 int len = 0;
345
346 /* Find Whitespace */
347 for (i = (string->slen - 1); i > 0; i--) {
348 if (string->data[i] == ' ' || string->data[i] == '\t')
349 len++;
350 else
351 break;
352 }
353
354 /* Remove Whitespace */
355 if (len > 0)
356 bdelete(string, i + 1, len);
357
358 return 0;
359 }
360
PRADS is a Passive Real-time Asset Detection System. It passively listen to network traffic and gathers information on hosts and services it sees on the network.