Cross Reference: /freebsd-11.0-release/contrib/ipfilter/ipsd/sbpf.c

Deleted Added

sdiff udiff text old ( 53024 ) new ( 80486 )

full compact

1/*
2 * (C)opyright 1995-1998 Darren Reed. (from tcplog)
3 *

4 * Redistribution and use in source and binary forms are permitted
5 * provided that this notice is preserved and due credit is given
6 * to the original author and the contributors.

4 * See the IPFILTER.LICENCE file for details on licencing.

5 *
6 */
7#include <stdio.h>
8#include <netdb.h>
9#include <ctype.h>
10#include <signal.h>
11#include <errno.h>
12#include <sys/types.h>
13#include <sys/param.h>
14#include <sys/mbuf.h>
15#include <sys/time.h>
16#include <sys/timeb.h>
17#include <sys/socket.h>
18#include <sys/file.h>
19#include <sys/ioctl.h>
20#if BSD < 199103
21#include <sys/fcntlcom.h>
22#endif
23#include <sys/dir.h>
24#include <net/bpf.h>
25
26#include <net/if.h>
27#include <netinet/in.h>
28#include <netinet/in_systm.h>
29#include <netinet/ip.h>
30#include <netinet/if_ether.h>
31#include <netinet/ip_var.h>
32#include <netinet/udp.h>
33#include <netinet/udp_var.h>
34#include <netinet/tcp.h>
35#include <netinet/tcpip.h>
36#include "ip_compat.h"
37
38#ifndef lint
39static char sbpf[] = "@(#)sbpf.c 1.2 12/3/95 (C)1995 Darren Reed";
40#endif
41
42/*
43(000) ldh [12]
44(001) jeq #0x800 jt 2 jf 5
45(002) ldb [23]
46(003) jeq #0x6 jt 4 jf 5
47(004) ret #68
48(005) ret #0
49*/
50struct bpf_insn filter[] = {
51/* 0. */ { BPF_LD|BPF_H|BPF_ABS, 0, 0, 12 },
52/* 1. */ { BPF_JMP|BPF_JEQ, 0, 3, 0x0800 },
53/* 2. */ { BPF_LD|BPF_B|BPF_ABS, 0, 0, 23 },
54/* 3. */ { BPF_JMP|BPF_JEQ, 0, 1, 0x06 },
55/* 4. */ { BPF_RET, 0, 0, 68 },
56/* 5. */ { BPF_RET, 0, 0, 0 }
57};
58/*
59 * the code herein is dervied from libpcap.
60 */
61static u_char *buf = NULL;
62static u_int bufsize = 32768, timeout = 1;
63
64
65int ack_recv(ep)
66char *ep;
67{
68 struct tcpiphdr tip;
69 tcphdr_t *tcp;
70 ip_t *ip;
71
72 ip = (ip_t *)&tip;
73 tcp = (tcphdr_t *)(ip + 1);
74 bcopy(ep + 14, (char *)ip, sizeof(*ip));
75 bcopy(ep + 14 + (ip->ip_hl << 2), (char *)tcp, sizeof(*tcp));
76 if (ip->ip_p != IPPROTO_TCP && ip->ip_p != IPPROTO_UDP)
77 return -1;
78 if (ip->ip_p & 0x1fff != 0)
79 return 0;
80 if (0 == detect(ip, tcp))
81 return 1;
82 return 0;
83}
84
85
86int readloop(fd, port, dst)
87int fd, port;
88struct in_addr dst;
89{
90 register u_char *bp, *cp, *bufend;
91 register struct bpf_hdr *bh;
92 register int cc;
93 time_t in = time(NULL);
94 int done = 0;
95
96 while ((cc = read(fd, buf, bufsize)) >= 0) {
97 if (!cc && (time(NULL) - in) > timeout)
98 return done;
99 bp = buf;
100 bufend = buf + cc;
101 /*
102 * loop through each snapshot in the chunk
103 */
104 while (bp < bufend) {
105 bh = (struct bpf_hdr *)bp;
106 cp = bp + bh->bh_hdrlen;
107 done += ack_recv(cp);
108 bp += BPF_WORDALIGN(bh->bh_caplen + bh->bh_hdrlen);
109 }
110 return done;
111 }
112 perror("read");
113 exit(-1);
114}
115
116int initdevice(device, tout)
117char *device;
118int tout;
119{
120 struct bpf_program prog;
121 struct bpf_version bv;
122 struct timeval to;
123 struct ifreq ifr;
124 char bpfname[16];
125 int fd, i;
126
127 for (i = 0; i < 16; i++)
128 {
129 (void) sprintf(bpfname, "/dev/bpf%d", i);
130 if ((fd = open(bpfname, O_RDWR)) >= 0)
131 break;
132 }
133 if (i == 16)
134 {
135 fprintf(stderr, "no bpf devices available as /dev/bpfxx\n");
136 return -1;
137 }
138
139 if (ioctl(fd, BIOCVERSION, (caddr_t)&bv) < 0)
140 {
141 perror("BIOCVERSION");
142 return -1;
143 }
144 if (bv.bv_major != BPF_MAJOR_VERSION ||
145 bv.bv_minor < BPF_MINOR_VERSION)
146 {
147 fprintf(stderr, "kernel bpf (v%d.%d) filter out of date:\n",
148 bv.bv_major, bv.bv_minor);
149 fprintf(stderr, "current version: %d.%d\n",
150 BPF_MAJOR_VERSION, BPF_MINOR_VERSION);
151 return -1;
152 }
153
154 (void) strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
155 if (ioctl(fd, BIOCSETIF, &ifr) == -1)
156 {
157 fprintf(stderr, "%s(%d):", ifr.ifr_name, fd);
158 perror("BIOCSETIF");
159 exit(1);
160 }
161 /*
162 * set the timeout
163 */
164 timeout = tout;
165 to.tv_sec = 1;
166 to.tv_usec = 0;
167 if (ioctl(fd, BIOCSRTIMEOUT, (caddr_t)&to) == -1)
168 {
169 perror("BIOCSRTIMEOUT");
170 exit(-1);
171 }
172 /*
173 * get kernel buffer size
174 */
175 if (ioctl(fd, BIOCSBLEN, &bufsize) == -1)
176 perror("BIOCSBLEN");
177 if (ioctl(fd, BIOCGBLEN, &bufsize) == -1)
178 {
179 perror("BIOCGBLEN");
180 exit(-1);
181 }
182 printf("BPF buffer size: %d\n", bufsize);
183 buf = (u_char*)malloc(bufsize);
184
185 prog.bf_len = sizeof(filter) / sizeof(struct bpf_insn);
186 prog.bf_insns = filter;
187 if (ioctl(fd, BIOCSETF, (caddr_t)&prog) == -1)
188 {
189 perror("BIOCSETF");
190 exit(-1);
191 }
192 (void) ioctl(fd, BIOCFLUSH, 0);
193 return fd;
194}