capture_packet.c File Reference
#include "capture_packet.h"#include "../misc/bpf_share.h"#include "../misc/pcap_openvas.h"#include <arpa/inet.h>#include <glib.h>#include <netinet/ip.h>#include <pcap.h>#include <sys/param.h>
Include dependency graph for capture_packet.c:
Go to the source code of this file.
Functions | |
| int | islocalhost (struct in_addr *) |
| Tests whether a packet sent to IP is LIKELY to route through the kernel localhost interface. | |
| int | init_capture_device (struct in_addr src, struct in_addr dest, char *filter) |
| Set up the pcap filter, and select the correct interface. | |
| char * | capture_next_frame (int bpf, int timeout, int *sz, int dl_layer_only) |
| Capture a link layer frame. | |
| struct ip * | capture_next_packet (int bpf, int timeout, int *sz) |
| int | init_v6_capture_device (struct in6_addr src, struct in6_addr dest, char *filter) |
| struct ip6_hdr * | capture_next_v6_packet (int bpf, int timeout, int *sz) |
Function Documentation
◆ capture_next_frame()
| char * capture_next_frame | ( | int | bpf, |
| int | timeout, | ||
| int * | sz, | ||
| int | dl_layer_only ) |
Capture a link layer frame.
- Parameters
-
[in] bpf bpf handler [in] timeout the timeout [out] sz size of the frame, -1 if no frame was received. [in] dl_layer_only If the answer should include the payload.
- Returns
- the link layer frame.
Definition at line 96 of file capture_packet.c.
97{
99 int dl_len;
100 char *frame = NULL;
101 char *ret = NULL;
103 struct timezone tz;
104
105 if (bpf < 0)
106 return NULL;
107
109 memset (&past, '\0', sizeof (past));
110 memset (&now, '\0', sizeof (now));
111 gettimeofday (&then, &tz);
112 for (;;)
113 {
114 memcpy (&past, &then, sizeof (then));
116 if (frame != NULL)
117 break;
118 gettimeofday (&now, &tz);
119
120 if (now.tv_usec < past.tv_usec)
121 {
122 past.tv_sec++;
123 now.tv_usec += 1000000;
124 }
125
126 if (timeout > 0)
127 {
128 if ((now.tv_sec - past.tv_sec) >= timeout)
129 break;
130 }
131 else
132 break;
133 }
134
135 if (frame != NULL)
136 {
137 if (dl_layer_only == 1)
138 {
139 ret = g_malloc0 (dl_len);
140 memcpy (ret, frame, dl_len);
141 if (sz != NULL)
142 *sz = dl_len;
143 }
144 else
145 {
146 ret = g_malloc0 (len);
147 memcpy (ret, frame, len);
148 if (sz != NULL)
149 *sz = len;
150 }
151 }
152
153 return ret;
154}
References bpf_datalink(), bpf_next(), get_datalink_size(), len, and timeval().
Referenced by send_frame().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ capture_next_packet()
| struct ip * capture_next_packet | ( | int | bpf, |
| int | timeout, | ||
| int * | sz ) |
Definition at line 157 of file capture_packet.c.
158{
160 int dl_len;
161 char *packet = NULL;
162 char *ret = NULL;
164 struct timezone tz;
165
166 if (bpf < 0)
167 return NULL;
168
170 memset (&past, '\0', sizeof (past));
171 memset (&now, '\0', sizeof (now));
172 gettimeofday (&then, &tz);
173 for (;;)
174 {
175 memcpy (&past, &then, sizeof (then));
177 if (packet != NULL)
178 break;
179 gettimeofday (&now, &tz);
180
181 if (now.tv_usec < past.tv_usec)
182 {
183 past.tv_sec++;
184 now.tv_usec += 1000000;
185 }
186
187 if (timeout > 0)
188 {
189 if ((now.tv_sec - past.tv_sec) >= timeout)
190 break;
191 }
192 else
193 break;
194 }
195
196 if (packet != NULL)
197 {
198 struct ip *ip;
199
200 ip = (struct ip *) (packet + dl_len);
201#ifdef BSD_BYTE_ORDERING
202 ip->ip_len = ntohs (ip->ip_len);
203 ip->ip_off = ntohs (ip->ip_off);
204#endif
205 ip->ip_id = ntohs (ip->ip_id);
206 ret = g_malloc0 (len - dl_len);
207 memcpy (ret, ip, len - dl_len);
208 if (sz != NULL)
209 *sz = len - dl_len;
210 }
211 return ((struct ip *) ret);
212}
References bpf_datalink(), bpf_next(), get_datalink_size(), len, and timeval().
Referenced by nasl_send_packet().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ capture_next_v6_packet()
| struct ip6_hdr * capture_next_v6_packet | ( | int | bpf, |
| int | timeout, | ||
| int * | sz ) |
Definition at line 271 of file capture_packet.c.
272{
274 int dl_len;
275 char *packet = NULL;
276 char *ret = NULL;
278 struct timezone tz;
279
280 if (bpf < 0)
281 return NULL;
282
284 memset (&past, '\0', sizeof (past));
285 memset (&now, '\0', sizeof (now));
286 gettimeofday (&then, &tz);
287
288 for (;;)
289 {
290 memcpy (&past, &then, sizeof (then));
292
293 if (packet != NULL)
294 break;
295
296 gettimeofday (&now, &tz);
297 if (now.tv_usec < past.tv_usec)
298 {
299 past.tv_sec++;
300 now.tv_usec += 1000000;
301 }
302
303 if (timeout > 0)
304 {
305 if ((now.tv_sec - past.tv_sec) >= timeout)
306 break;
307 }
308 else
309 break;
310 }
311
312 if (packet != NULL)
313 {
314 struct ip6_hdr *ip6;
315 ip6 = (struct ip6_hdr *) (packet + dl_len);
316#ifdef BSD_BYTE_ORDERING
317 ip6->ip6_plen = ntohs (ip6->ip6_plen);
318#endif
319 ret = g_malloc0 (len - dl_len);
320 memcpy (ret, ip6, len - dl_len);
321 if (sz != NULL)
322 *sz = len - dl_len;
323 }
324
325 return ((struct ip6_hdr *) ret);
326}
References bpf_datalink(), bpf_next(), get_datalink_size(), len, and timeval().
Referenced by nasl_send_v6packet().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ init_capture_device()
| int init_capture_device | ( | struct in_addr | src, |
| struct in_addr | dest, | ||
| char * | filter ) |
Set up the pcap filter, and select the correct interface.
The filter will be changed only if this is necessary
Definition at line 31 of file capture_packet.c.
32{
33 int ret = -1;
34 char *interface = NULL;
35 char *a_dst, *a_src;
36 char errbuf[PCAP_ERRBUF_SIZE];
37 int free_filter = 0;
38 pcap_if_t *alldevsp = NULL; /* list of capture devices */
39
40 a_src = g_strdup (inet_ntoa (src));
41 a_dst = g_strdup (inet_ntoa (dest));
42
43 if ((filter == NULL) || (filter[0] == '\0') || (filter[0] == '0'))
44 {
45 filter = g_malloc0 (256);
46 free_filter = 1;
48 snprintf (filter, 256, "ip and (src host %s and dst host %s)", a_src,
49 a_dst);
50 }
51 else
52 {
54 filter = g_strdup (filter);
55 else
56 filter = g_malloc0 (1);
57 free_filter = 1;
58 }
59
60 g_free (a_dst);
61 g_free (a_src);
62
64 {
65 ret = bpf_open_live (interface, filter);
66 }
67 else
68 {
69 if (pcap_findalldevs (&alldevsp, errbuf) < 0)
70 g_message ("Error for pcap_findalldevs(): %s", errbuf);
71 if (alldevsp != NULL)
73 ret = bpf_open_live (interface, filter);
74 }
75
76 if (free_filter != 0)
77 g_free (filter);
78
79 if (alldevsp != NULL)
80 pcap_freealldevs (alldevsp);
81
82 return ret;
83}
int islocalhost(struct in_addr *addr)
Tests whether a packet sent to IP is LIKELY to route through the kernel localhost interface.
Definition pcap.c:271
char * routethrough(struct in_addr *dest, struct in_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition pcap.c:1070
References bpf_open_live(), islocalhost(), name, and routethrough().
Referenced by nasl_send_packet(), nasl_tcp_ping(), and send_frame().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ init_v6_capture_device()
| int init_v6_capture_device | ( | struct in6_addr | src, |
| struct in6_addr | dest, | ||
| char * | filter ) |
Definition at line 215 of file capture_packet.c.
216{
217 int ret = -1;
218 char *interface = NULL;
219 char *a_dst, *a_src;
220 int free_filter = 0;
222 char errbuf[PCAP_ERRBUF_SIZE];
223 pcap_if_t *alldevsp = NULL; /* list of capture devices */
224
225 a_src = g_strdup (inet_ntop (AF_INET6, &src, name, INET6_ADDRSTRLEN));
226 a_dst = g_strdup (inet_ntop (AF_INET6, &dest, name, INET6_ADDRSTRLEN));
227
228 if ((filter == NULL) || (filter[0] == '\0') || (filter[0] == '0'))
229 {
230 filter = g_malloc0 (256);
231 free_filter = 1;
233 snprintf (filter, 256, "ip and (src host %s and dst host %s", a_src,
234 a_dst);
235 }
236 else
237 {
239 filter = g_strdup (filter);
240 else
241 filter = g_malloc0 (1);
242 free_filter = 1;
243 }
244
245 g_free (a_dst);
246 g_free (a_src);
247
249 {
250 ret = bpf_open_live (interface, filter);
251 }
252 else
253 {
254 if (pcap_findalldevs (&alldevsp, errbuf) < 0)
255 g_message ("Error for pcap_findalldevs(): %s", errbuf);
256 if (alldevsp != NULL)
258 ret = bpf_open_live (interface, filter);
259 }
260
261 if (free_filter != 0)
262 g_free (filter);
263
264 if (alldevsp != NULL)
265 pcap_freealldevs (alldevsp);
266
267 return ret;
268}
int v6_islocalhost(struct in6_addr *addr)
Tests whether a packet sent to IP is LIKELY to route through the kernel localhost interface.
Definition pcap.c:234
char * v6_routethrough(struct in6_addr *dest, struct in6_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
Definition pcap.c:851
References bpf_open_live(), name, v6_islocalhost(), and v6_routethrough().
Referenced by nasl_send_v6packet(), nasl_tcp_v6_ping(), and send_frame().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ islocalhost()
|
extern |
Tests whether a packet sent to IP is LIKELY to route through the kernel localhost interface.
Definition at line 271 of file pcap.c.
272{
273 char dev[128];
274
275 if (addr == NULL)
276 return -1;
277
278 /* If it is 0.0.0.0 or starts with 127.0.0.1 then it is
279 probably localhost */
280 if ((addr->s_addr & htonl (0xFF000000)) == htonl (0x7F000000))
281 return 1;
282
283 if (!addr->s_addr)
284 return 1;
285
286 /* If it is the same addy as a local interface, then it is
287 probably localhost */
288
290 return 1;
291
292 /* OK, so to a first approximation, this addy is probably not
293 localhost */
294 return 0;
295}
static int ipaddr2devname(char *dev, int sz, struct in_addr *addr)
Definition pcap.c:207
References interface_info::addr, and ipaddr2devname().
Referenced by Ensure(), init_capture_device(), nasl_send_packet(), nasl_tcp_ping(), openvas_routethrough(), plugin_run_synscan(), and routethrough().
Here is the call graph for this function:
Here is the caller graph for this function:
