Correct PPTP server firewall rules chain.
[tomato/davidwu.git] / release / src / router / cyassl / sslSniffer / sslSnifferTest / snifftest.c
blobf63f84c694df282850e674ffeb92b00a4199332f
1 /* snifftest.c */
3 #ifdef _WIN32
4 #define CYASSL_SNIFFER
5 #endif
7 #ifndef CYASSL_SNIFFER
9 /* blank build */
10 #include <stdio.h>
11 int main()
13 printf("do ./configure --enable-sniffer to enable build support\n");
14 return 0;
17 #else
18 /* do a full build */
20 #ifdef _MSC_VER
21 /* builds on *nix too, for scanf device and port */
22 #define _CRT_SECURE_NO_WARNINGS
23 #endif
25 #include <pcap/pcap.h> /* pcap stuff */
26 #include <stdio.h> /* printf */
27 #include <stdlib.h> /* EXIT_SUCCESS */
28 #include <signal.h> /* signal */
30 #include "sniffer.h"
33 #ifndef _WIN32
34 #include <arpa/inet.h>
35 #endif
37 typedef unsigned char byte;
39 enum {
40 ETHER_IF_FRAME_LEN = 14, /* ethernet interface frame length */
41 LOCAL_IF_FRAME_LEN = 4, /* localhost interface frame length */
45 pcap_t* pcap = 0;
46 pcap_if_t *alldevs;
48 static void sig_handler(const int sig)
50 printf("SIGINT handled.\n");
51 if (pcap)
52 pcap_close(pcap);
53 pcap_freealldevs(alldevs);
54 #ifndef _WIN32
55 ssl_FreeSniffer();
56 #endif
57 exit(EXIT_SUCCESS);
61 void err_sys(const char* msg)
63 fprintf(stderr, "%s\n", msg);
64 exit(EXIT_FAILURE);
68 #ifdef _WIN32
69 #define SNPRINTF _snprintf
70 #else
71 #define SNPRINTF snprintf
72 #endif
75 char* iptos(unsigned int addr)
77 static char output[32];
78 byte *p = (byte*)&addr;
80 SNPRINTF(output, sizeof(output), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
82 return output;
86 int main(int argc, char** argv)
88 int ret;
89 int inum;
90 int port;
91 int i = 0;
92 char err[PCAP_ERRBUF_SIZE];
93 char filter[32];
94 char loopback = 0;
95 char *server = NULL;
96 struct bpf_program fp;
97 pcap_if_t *d;
98 pcap_addr_t *a;
100 signal(SIGINT, sig_handler);
102 #ifndef _WIN32
103 ssl_InitSniffer();
104 #endif
105 ssl_Trace("./tracefile.txt", err);
107 if (pcap_findalldevs(&alldevs, err) == -1)
108 err_sys("Error in pcap_findalldevs");
110 for (d = alldevs; d; d=d->next) {
111 printf("%d. %s", ++i, d->name);
112 if (d->description)
113 printf(" (%s)\n", d->description);
114 else
115 printf(" (No description available)\n");
118 if (i == 0)
119 err_sys("No interfaces found! Make sure pcap or WinPcap is installed "
120 "correctly and you have sufficient permissions");
122 printf("Enter the interface number (1-%d): ", i);
123 scanf("%d", &inum);
125 if (inum < 1 || inum > i)
126 err_sys("Interface number out of range");
128 /* Jump to the selected adapter */
129 for (d = alldevs, i = 0; i < inum - 1; d = d->next, i++);
131 pcap = pcap_create(d->name, err);
133 if (pcap == NULL) printf("pcap_create failed %s\n", err);
135 if (d->flags & PCAP_IF_LOOPBACK)
136 loopback = 1;
138 /* get an IPv4 address */
139 for (a = d->addresses; a; a = a->next) {
140 switch(a->addr->sa_family)
142 case AF_INET:
143 server =iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr);
144 printf("server = %s\n", server);
145 break;
148 if (server == NULL)
149 err_sys("Unable to get device IPv4 address");
151 ret = pcap_set_snaplen(pcap, 65536);
152 if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap));
154 ret = pcap_set_timeout(pcap, 1000);
155 if (ret != 0) printf("pcap_set_timeout failed %s\n", pcap_geterr(pcap));
157 ret = pcap_set_buffer_size(pcap, 1000000);
158 if (ret != 0)
159 printf("pcap_set_buffer_size failed %s\n", pcap_geterr(pcap));
161 ret = pcap_set_promisc(pcap, 1);
162 if (ret != 0) printf("pcap_set_promisc failed %s\n", pcap_geterr(pcap));
165 ret = pcap_activate(pcap);
166 if (ret != 0) printf("pcap_activate failed %s\n", pcap_geterr(pcap));
168 printf("Enter the port to scan: ");
169 scanf("%d", &port);
171 SNPRINTF(filter, sizeof(filter), "tcp and port %d", port);
173 ret = pcap_compile(pcap, &fp, filter, 0, 0);
174 if (ret != 0) printf("pcap_compile failed %s\n", pcap_geterr(pcap));
176 ret = pcap_setfilter(pcap, &fp);
177 if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
179 ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem",
180 FILETYPE_PEM, NULL, err);
181 if (ret != 0)
182 err_sys(err);
184 while (1) {
185 struct pcap_pkthdr header;
186 const unsigned char* packet = pcap_next(pcap, &header);
187 if (packet) {
189 byte data[65535];
191 if (header.caplen > 40) { /* min ip(20) + min tcp(20) */
192 int frame = ETHER_IF_FRAME_LEN;
193 if (loopback)
194 frame = LOCAL_IF_FRAME_LEN;
195 packet += frame;
196 header.caplen -= frame;
198 else
199 continue;
201 ret = ssl_DecodePacket(packet, header.caplen, data, err);
202 if (ret < 0)
203 printf("ssl_Decode ret = %d, %s\n", ret, err);
204 if (ret > 0) {
205 data[ret] = 0;
206 printf("SSL App Data:%s\n", data);
211 return 0;
214 #endif /* full build */