search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Reformat README to use Markdown
[prads.git] / src / sys_func.c
blobe0c092df4fb94ec91fefa8abbd87ced118aabece
1 #include "common.h"
2 #include "prads.h"
3 #include "sys_func.h"
4 #include "assets.h"
5 #include "servicefp/servicefp.h"
6 #include "config.h"
7 #include "sig.h"
8 #include "output-plugins/log.h"
9
10 #include <libgen.h> // dirname()
11
12 void free_queue(); // util-cxt.c
13 extern globalconfig config;
14
15 const char *u_ntop(const struct in6_addr ip_addr, int af, char *dest)
16 {
17 if (af == AF_INET) {
18 if (!inet_ntop
19 (AF_INET,
20 &IP4ADDR(&ip_addr),
21 dest, INET_ADDRSTRLEN + 1)) {
22 perror("Something died in inet_ntop");
23 return NULL;
24 }
25 } else if (af == AF_INET6) {
26 if (!inet_ntop(AF_INET6, &ip_addr, dest, INET6_ADDRSTRLEN + 1)) {
27 perror("Something died in inet_ntop");
28 return NULL;
29 }
30 }
31 return dest;
32 }
33 const char *u_ntop_dst(packetinfo *pi, char *dest)
34 {
35 if (pi->af == AF_INET) {
36 if (!inet_ntop
37 (AF_INET,
38 &pi->ip4->ip_dst,
39 dest, INET_ADDRSTRLEN + 1)) {
40 perror("Something died in inet_ntop");
41 return NULL;
42 }
43 } else if (pi->af == AF_INET6) {
44 if (!inet_ntop(AF_INET6, &pi->ip6->ip_dst, dest, INET6_ADDRSTRLEN + 1)) {
45 perror("Something died in inet_ntop");
46 return NULL;
47 }
48 }
49 return dest;
50 }
51
52 const char *u_ntop_src(packetinfo *pi, char *dest)
53 {
54 if (pi->af == AF_INET) {
55 if (!inet_ntop
56 (AF_INET,
57 &pi->ip4->ip_src,
58 dest, INET_ADDRSTRLEN + 1)) {
59 perror("Something died in inet_ntop");
60 return NULL;
61 }
62 } else if (pi->af == AF_INET6) {
63 if (!inet_ntop(AF_INET6, &pi->ip6->ip_src, dest, INET6_ADDRSTRLEN + 1)) {
64 perror("Something died in inet_ntop");
65 return NULL;
66 }
67 }
68 return dest;
69 }
70
71 uint8_t normalize_ttl (uint8_t ttl)
72 {
73 if (ttl > 128) return 255;
74 if (ttl > 64) return 128;
75 if (ttl > 32) return 64;
76 else return 32;
77 }
78
79
80 void unload_tcp_sigs()
81 {
82 if(config.ctf & CO_SYN && config.sig_syn){
83 unload_sigs(config.sig_syn, config.sig_hashsize);
84 }
85 if(config.ctf & CO_SYNACK && config.sig_synack){
86 unload_sigs(config.sig_synack, config.sig_hashsize);
87 }
88 if(config.ctf & CO_ACK && config.sig_ack){
89 unload_sigs(config.sig_ack, config.sig_hashsize);
90 }
91 if(config.ctf & CO_RST && config.sig_rst){
92 unload_sigs(config.sig_rst, config.sig_hashsize);
93 }
94 if(config.ctf & CO_FIN && config.sig_fin){
95 unload_sigs(config.sig_fin, config.sig_hashsize);
96 }
97 }
98
99 void print_pcap_stats()
100 {
101 if (config.handle == NULL) return;
102 if (pcap_stats(config.handle, &config.ps) == -1) {
103 pcap_perror(config.handle, "pcap_stats");
104 return;
105 }
106 olog("-- libpcap:\n");
107 olog("-- Total packets received :%12u\n",config.ps.ps_recv);
108 olog("-- Total packets dropped :%12u\n",config.ps.ps_drop);
109 olog("-- Total packets dropped by Interface :%12u\n",config.ps.ps_ifdrop);
110 }
111
112 int set_chroot(void)
113 {
114 char *absdir;
115 //char *logdir;
116
117 /*
118 * logdir = get_abs_path(logpath);
119 */
120
121 /*
122 * change to the directory
123 */
124 if (chdir(config.chroot_dir) != 0) {
125 elog("set_chroot: Can not chdir to \"%s\": %s\n", config.chroot_dir,
126 strerror(errno));
127 }
128
129 /*
130 * always returns an absolute pathname
131 */
132 absdir = getcwd(NULL, 0);
133
134 /*
135 * make the chroot call
136 */
137 if (chroot(absdir) < 0) {
138 elog("Can not chroot to \"%s\": absolute: %s: %s\n", config.chroot_dir,
139 absdir, strerror(errno));
140 exit(3);
141 }
142
143 if (chdir("/") < 0) {
144 elog("Can not chdir to \"/\" after chroot: %s\n",
145 strerror(errno));
146 exit(3);
147 }
148
149 return 0;
150 }
151
152 int drop_privs(long userid, long groupid)
153 {
154 int i;
155
156 if ((i = setgid(groupid)) < 0) {
157 elog("[!] Unable to set group ID: %s\n", strerror(i));
158 exit(i);
159 }
160
161 endgrent();
162 endpwent();
163
164 if (userid) {
165 if ((i = setuid(userid)) < 0) {
166 elog("[!] Unable to set user ID: %s\n", strerror(i));
167 exit(i);
168 }
169 }
170 return 0;
171 }
172
173 int is_valid_path(const char *path)
174 {
175 char dir[STDBUF];
176 struct stat st;
177
178 if (path == NULL) {
179 return 0;
180 }
181 if (stat(path, &st) == 0) {
182 // path already exists. is it regular and writable?
183 if (!S_ISREG(st.st_mode) || access(path, W_OK) != -1) {
184 return 1;
185 }
186 }
187
188 strcpy(dir, path);
189 dirname(dir);
190
191 if (stat(dir, &st) != 0) {
192 return 0;
193 }
194 if (!S_ISDIR(st.st_mode) || access(dir, W_OK) == -1) {
195 return 0;
196 }
197 return 1;
198 }
199
200 int touch_pid_file(const char *path, long uid, long gid)
201 {
202 int fd, rc;
203 fd = open(path, O_CREAT, 0664);
204 if(fd)
205 rc = fchown(fd, uid, gid);
206 close(fd);
207 if(rc || !fd) {
208 elog("Failed to create pid file '%s', %d\n", path,rc);
209 return 666;
210 }
211 return 0;
212 }
213
214 long get_gid(const char *group_name)
215 {
216 char *endptr;
217 struct group *gr;
218
219 if(!group_name) return 0;
220 if (!isdigit(group_name[0])) {
221 gr = getgrnam(group_name);
222 if(!gr){
223 elog("ERROR: couldn't get ID for group %s, group does not exist.\n", group_name);
224 return 0;
225 }
226 return gr->gr_gid;
227 }
228 return strtoul(group_name, &endptr, 10);
229 }
230
231 long get_uid(const char *user_name, int *out_gid)
232 {
233 char *endptr;
234 struct passwd *pw;
235 if(!user_name) return 0;
236 if (isdigit(user_name[0]) == 0) {
237 pw = getpwnam(user_name);
238 if (pw != NULL) {
239 if (out_gid)
240 if(*out_gid == 0)
241 *out_gid = pw->pw_gid;
242 return pw->pw_uid;
243 }
244 }
245
246 return strtoul(config.user_name, &endptr, 10);
247 }
248
249 int create_pid_file(const char *path)
250 {
251 char pid_buffer[12];
252 struct flock lock;
253 int rval;
254 int fd;
255
256 if (!path) {
257 path = config.pidfile;
258 }
259 if (!is_valid_path(path)) {
260 printf("PID path \"%s\" aint writable", path);
261 }
262
263 if ((fd = open(path, O_CREAT | O_WRONLY,
264 S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) == -1) {
265 return ERROR;
266 }
267
268 /*
269 * pid file locking
270 */
271 lock.l_type = F_WRLCK;
272 lock.l_start = 0;
273 lock.l_whence = SEEK_SET;
274 lock.l_len = 0;
275
276 if (fcntl(fd, F_SETLK, &lock) == -1) {
277 if (errno == EACCES || errno == EAGAIN) {
278 rval = errno;
279 } else {
280 rval = ERROR;
281 }
282 close(fd);
283 return rval;
284 }
285 snprintf(pid_buffer, sizeof(pid_buffer), "%d\n", (int)getpid());
286 if (ftruncate(fd, 0) != 0) {
287 return errno;
288 }
289 if (write(fd, pid_buffer, strlen(pid_buffer)) == -1) {
290 return errno;
291 }
292 return SUCCESS;
293 }
294
295 int daemonize()
296 {
297 pid_t pid;
298 int fd;
299
300 pid = fork();
301
302 if (pid > 0) {
303 exit(0); /* parent */
304 }
305
306 if (pid < 0) {
307 return ERROR;
308 }
309
310 /*
311 * new process group
312 */
313 setsid();
314
315 /*
316 * close file handles
317 */
318 if ((fd = open("/dev/null", O_RDWR)) >= 0) {
319 dup2(fd, 0);
320 dup2(fd, 1);
321 dup2(fd, 2);
322 if (fd > 2) {
323 close(fd);
324 }
325 }
326
327 return SUCCESS;
328 }
329
330 char *hex2mac(const uint8_t *mac)
331 {
332
333 static char buf[32];
334
335 snprintf(buf, sizeof(buf), "%02X:%02X:%02X:%02X:%02X:%02X",
336 (mac[0] & 0xFF), (mac[1] & 0xFF), (mac[2] & 0xFF),
337 (mac[3] & 0xFF), (mac[4] & 0xFF), (mac[5] & 0xFF));
338
339 return buf;
340 }
341
342
PRADS is a Passive Real-time Asset Detection System. It passively listen to network traffic and gathers information on hosts and services it sees on the network.