ipft_td.c revision 225736
1/* $FreeBSD: stable/9/contrib/ipfilter/lib/ipft_td.c 170268 2007-06-04 02:54:36Z darrenr $ */ 2 3/* 4 * Copyright (C) 2000-2006 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * $Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp $ 9 */ 10 11/* 12tcpdump -n 13 1400:05:47.816843 128.231.76.76.3291 > 224.2.252.231.36573: udp 36 (encap) 15 16tcpdump -nq 17 1800:33:48.410771 192.73.213.11.1463 > 224.2.248.153.59360: udp 31 (encap) 19 20tcpdump -nqt 21 22128.250.133.13.23 > 128.250.20.20.2419: tcp 27 23 24tcpdump -nqtt 25 26123456789.1234567 128.250.133.13.23 > 128.250.20.20.2419: tcp 27 27 28tcpdump -nqte 29 308:0:20:f:65:f7 0:0:c:1:8a:c5 81: 128.250.133.13.23 > 128.250.20.20.2419: tcp 27 31 32*/ 33 34#include "ipf.h" 35#include "ipt.h" 36 37#ifndef linux 38#include <netinet/ip_var.h> 39#endif 40#include <netinet/tcpip.h> 41 42 43#if !defined(lint) 44static const char sccsid[] = "@(#)ipft_td.c 1.8 2/4/96 (C)1995 Darren Reed"; 45static const char rcsid[] = "@(#)$Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp $"; 46#endif 47 48static int tcpd_open __P((char *)); 49static int tcpd_close __P((void)); 50static int tcpd_readip __P((char *, int, char **, int *)); 51static int count_dots __P((char *)); 52 53struct ipread tcpd = { tcpd_open, tcpd_close, tcpd_readip, 0 }; 54 55static FILE *tfp = NULL; 56static int tfd = -1; 57 58 59static int tcpd_open(fname) 60char *fname; 61{ 62 if (tfd != -1) 63 return tfd; 64 65 if (!strcmp(fname, "-")) { 66 tfd = 0; 67 tfp = stdin; 68 } else { 69 tfd = open(fname, O_RDONLY); 70 tfp = fdopen(tfd, "r"); 71 } 72 return tfd; 73} 74 75 76static int tcpd_close() 77{ 78 (void) fclose(tfp); 79 return close(tfd); 80} 81 82 83static int count_dots(str) 84char *str; 85{ 86 int i = 0; 87 88 while (*str) 89 if (*str++ == '.') 90 i++; 91 return i; 92} 93 94 95static int tcpd_readip(buf, cnt, ifn, dir) 96char *buf, **ifn; 97int cnt, *dir; 98{ 99 struct tcpiphdr pkt; 100 ip_t *ip = (ip_t *)&pkt; 101 char src[32], dst[32], misc[256], time[32], link1[32], link2[32]; 102 char lbuf[160], *s; 103 int n, slen, extra = 0; 104 105 if (!fgets(lbuf, sizeof(lbuf) - 1, tfp)) 106 return 0; 107 108 if ((s = strchr(lbuf, '\n'))) 109 *s = '\0'; 110 lbuf[sizeof(lbuf)-1] = '\0'; 111 112 bzero(&pkt, sizeof(pkt)); 113 114 if ((n = sscanf(lbuf, "%31s > %31s: %255s", src, dst, misc)) != 3) 115 if ((n = sscanf(lbuf, "%31s %31s > %31s: %255s", 116 time, src, dst, misc)) != 4) 117 if ((n = sscanf(lbuf, "%31s %31s: %31s > %31s: %255s", 118 link1, link2, src, dst, misc)) != 5) { 119 n = sscanf(lbuf, 120 "%31s %31s %31s: %31s > %31s: %255s", 121 time, link1, link2, src, dst, misc); 122 if (n != 6) 123 return -1; 124 } 125 126 if (count_dots(dst) == 4) { 127 s = strrchr(src, '.'); 128 *s++ = '\0'; 129 (void) inet_aton(src, &ip->ip_src); 130 pkt.ti_sport = htons(atoi(s)); 131 *--s = '.'; 132 s = strrchr(dst, '.'); 133 134 *s++ = '\0'; 135 (void) inet_aton(src, &ip->ip_dst); 136 pkt.ti_dport = htons(atoi(s)); 137 *--s = '.'; 138 139 } else { 140 (void) inet_aton(src, &ip->ip_src); 141 (void) inet_aton(src, &ip->ip_dst); 142 } 143 ip->ip_len = sizeof(ip_t); 144 IP_HL_A(ip, sizeof(ip_t)); 145 146 s = strtok(misc, " :"); 147 if (s == NULL) 148 return 0; 149 ip->ip_p = getproto(s); 150 151 switch (ip->ip_p) 152 { 153 case IPPROTO_TCP : 154 case IPPROTO_UDP : 155 s = strtok(NULL, " :"); 156 if (s == NULL) 157 return 0; 158 ip->ip_len += atoi(s); 159 if (ip->ip_p == IPPROTO_TCP) 160 extra = sizeof(struct tcphdr); 161 else if (ip->ip_p == IPPROTO_UDP) 162 extra = sizeof(struct udphdr); 163 break; 164#ifdef IGMP 165 case IPPROTO_IGMP : 166 extra = sizeof(struct igmp); 167 break; 168#endif 169 case IPPROTO_ICMP : 170 extra = sizeof(struct icmp); 171 break; 172 default : 173 break; 174 } 175 176 slen = IP_HL(ip) + extra + ip->ip_len; 177 return slen; 178} 179