contrib/ipfilter/ipft_td.c

   1 /*
   2  * Copyright (C) 1993-2001 by Darren Reed.
   3  *
   4  * See the IPFILTER.LICENCE file for details on licencing.
   5  */
   6
   7 /*
   8 tcpdump -n
   9
  10 00:05:47.816843 128.231.76.76.3291 > 224.2.252.231.36573: udp 36 (encap)
  11
  12 tcpdump -nq
  13
  14 00:33:48.410771 192.73.213.11.1463 > 224.2.248.153.59360: udp 31 (encap)
  15
  16 tcpdump -nqt
  17
  18 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  19
  20 tcpdump -nqtt
  21
  22 123456789.1234567 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  23
  24 tcpdump -nqte
  25
  26 8:0:20:f:65:f7 0:0:c:1:8a:c5 81: 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
  27
  28 */
  29 #if defined(__sgi) && (IRIX > 602)
  30 # include <sys/ptimers.h>
  31 #endif
  32 #include <stdio.h>
  33 #include <string.h>
  34 #if !defined(__SVR4) && !defined(__GNUC__)
  35 #include <strings.h>
  36 #endif
  37 #include <sys/types.h>
  38 #include <sys/param.h>
  39 #include <sys/time.h>
  40 #include <stdlib.h>
  41 #include <unistd.h>
  42 #include <stddef.h>
  43 #include <sys/socket.h>
  44 #include <sys/ioctl.h>
  45 #include <netinet/in.h>
  46 #include <arpa/inet.h>
  47 #include <netinet/in_systm.h>
  48 #ifndef linux
  49 #include <netinet/ip_var.h>
  50 #endif
  51 #include <netinet/ip.h>
  52 #include <netinet/tcp.h>
  53 #include <netinet/udp.h>
  54 #include <netinet/ip_icmp.h>
  55 #include <net/if.h>
  56 #include <netdb.h>
  57 #include "ip_compat.h"
  58 #include <netinet/tcpip.h>
  59 #include "ipf.h"
  60 #include "ipt.h"
  61
  62 #if !defined(lint)
  63 static const char sccsid[] = "@(#)ipft_td.c     1.8 2/4/96 (C)1995 Darren Reed";
  64 static const char rcsid[] = "@(#)$Id: ipft_td.c,v 2.2.2.6 2003/05/31 02:13:04 darrenr Exp $";
  65 #endif
  66
  67 static  int     tcpd_open __P((char *));
  68 static  int     tcpd_close __P((void));
  69 static  int     tcpd_readip __P((char *, int, char **, int *));
  70 static  int     count_dots __P((char *));
  71
  72 struct  ipread  tcpd = { tcpd_open, tcpd_close, tcpd_readip };
  73
  74 static  FILE    *tfp = NULL;
  75 static  int     tfd = -1;
  76
  77
  78 static  int     tcpd_open(fname)
  79 char    *fname;
  80 {
  81         if (tfd != -1)
  82                 return tfd;
  83
  84         if (!strcmp(fname, "-")) {
  85                 tfd = 0;
  86                 tfp = stdin;
  87         } else {
  88                 tfd = open(fname, O_RDONLY);
  89                 tfp = fdopen(tfd, "r");
  90         }
  91         return tfd;
  92 }
  93
  94
  95 static  int     tcpd_close()
  96 {
  97         (void) fclose(tfp);
  98         return close(tfd);
  99 }
 100
 101
 102 static  int     count_dots(str)
 103 char    *str;
 104 {
 105         int     i = 0;
 106
 107         while (*str)
 108                 if (*str++ == '.')
 109                         i++;
 110         return i;
 111 }
 112
 113
 114 static  int     tcpd_readip(buf, cnt, ifn, dir)
 115 char    *buf, **ifn;
 116 int     cnt, *dir;
 117 {
 118         struct  tcpiphdr pkt;
 119         ip_t    *ip = (ip_t *)&pkt;
 120         struct  protoent *p;
 121         char    src[32], dst[32], misc[256], time[32], link1[32], link2[32];
 122         char    lbuf[160], *s;
 123         int     n, slen, extra = 0;
 124
 125         if (!fgets(lbuf, sizeof(lbuf) - 1, tfp))
 126                 return 0;
 127
 128         if ((s = strchr(lbuf, '\n')))
 129                 *s = '\0';
 130         lbuf[sizeof(lbuf)-1] = '\0';
 131
 132         bzero(&pkt, sizeof(pkt));
 133
 134         if ((n = sscanf(lbuf, "%31s > %31s: %255s", src, dst, misc)) != 3)
 135                 if ((n = sscanf(lbuf, "%31s %31s > %31s: %255s",
 136                                 time, src, dst, misc)) != 4)
 137                         if ((n = sscanf(lbuf, "%31s %31s: %31s > %31s: %255s",
 138                                         link1, link2, src, dst, misc)) != 5) {
 139                                 n = sscanf(lbuf,
 140                                            "%31s %31s %31s: %31s > %31s: %255s",
 141                                            time, link1, link2, src, dst, misc);
 142                                 if (n != 6)
 143                                         return -1;
 144                         }
 145
 146         if (count_dots(dst) == 4) {
 147                 s = strrchr(src, '.');
 148                 *s++ = '\0';
 149                 (void) inet_aton(src, &ip->ip_src);
 150                 pkt.ti_sport = htons(atoi(s));
 151                 *--s = '.';
 152                 s = strrchr(dst, '.');
 153
 154                 *s++ = '\0';
 155                 (void) inet_aton(src, &ip->ip_dst);
 156                 pkt.ti_dport = htons(atoi(s));
 157                 *--s = '.';
 158
 159         } else {
 160                 (void) inet_aton(src, &ip->ip_src);
 161                 (void) inet_aton(src, &ip->ip_dst);
 162         }
 163         ip->ip_len = ip->ip_hl = (unsigned)sizeof(ip_t);
 164
 165         s = strtok(misc, " :");
 166         if ((p = getprotobyname(s))) {
 167                 ip->ip_p = p->p_proto;
 168
 169                 switch (p->p_proto) {
 170                 case IPPROTO_TCP :
 171                 case IPPROTO_UDP :
 172                         s = strtok(NULL, " :");
 173                         ip->ip_len += atoi(s);
 174                         if (p->p_proto == IPPROTO_TCP)
 175                                 extra = sizeof(struct tcphdr);
 176                         else if (p->p_proto == IPPROTO_UDP)
 177                                 extra = sizeof(struct udphdr);
 178                         break;
 179 #ifdef  IGMP
 180                 case IPPROTO_IGMP :
 181                         extra = sizeof(struct igmp);
 182                         break;
 183 #endif
 184                 case IPPROTO_ICMP :
 185                         extra = sizeof(struct icmp);
 186                         break;
 187                 default :
 188                         break;
 189                 }
 190         }
 191         slen = ip->ip_hl + extra + ip->ip_len;
 192         return slen;
 193 }