src/pcap.h

   1 /*
   2  * netsniff-ng - the packet sniffing beast
   3  * By Daniel Borkmann <daniel@netsniff-ng.org>
   4  * Copyright 2009, 2010 Daniel Borkmann.
   5  * Copyright 2010 Emmanuel Roullit.
   6  * Subject to the GPL, version 2.
   7  */
   8
   9 #ifndef PCAP_H
  10 #define PCAP_H
  11
  12 #include <unistd.h>
  13 #include <stdint.h>
  14 #include <errno.h>
  15 #include <sys/time.h>
  16 #include <linux/if_packet.h>
  17
  18 #include "built_in.h"
  19 #include "die.h"
  20
  21 #define TCPDUMP_MAGIC              0xa1b2c3d4
  22 #define PCAP_VERSION_MAJOR         2
  23 #define PCAP_VERSION_MINOR         4
  24 #define PCAP_DEFAULT_SNAPSHOT_LEN  65535
  25
  26 #define LINKTYPE_NULL              0   /* BSD loopback encapsulation */
  27 #define LINKTYPE_EN10MB            1   /* Ethernet (10Mb) */
  28 #define LINKTYPE_EN3MB             2   /* Experimental Ethernet (3Mb) */
  29 #define LINKTYPE_AX25              3   /* Amateur Radio AX.25 */
  30 #define LINKTYPE_PRONET            4   /* Proteon ProNET Token Ring */
  31 #define LINKTYPE_CHAOS             5   /* Chaos */
  32 #define LINKTYPE_IEEE802           6   /* 802.5 Token Ring */
  33 #define LINKTYPE_ARCNET            7   /* ARCNET, with BSD-style header */
  34 #define LINKTYPE_SLIP              8   /* Serial Line IP */
  35 #define LINKTYPE_PPP               9   /* Point-to-point Protocol */
  36 #define LINKTYPE_FDDI              10  /* FDDI */
  37
  38 struct pcap_filehdr {
  39         uint32_t magic;
  40         uint16_t version_major;
  41         uint16_t version_minor;
  42         int32_t thiszone;
  43         uint32_t sigfigs;
  44         uint32_t snaplen;
  45         uint32_t linktype;
  46 };
  47
  48 struct pcap_timeval {
  49         int32_t tv_sec;
  50         int32_t tv_usec;
  51 };
  52
  53 struct pcap_nsf_pkthdr {
  54         struct timeval ts;
  55         uint32_t caplen;
  56         uint32_t len;
  57 };
  58
  59 struct pcap_pkthdr {
  60         struct pcap_timeval ts;
  61         uint32_t caplen;
  62         uint32_t len;
  63 };
  64
  65 static inline void tpacket_hdr_to_pcap_pkthdr(struct tpacket_hdr *thdr,
  66                                               struct pcap_pkthdr *phdr)
  67 {
  68         phdr->ts.tv_sec = thdr->tp_sec;
  69         phdr->ts.tv_usec = thdr->tp_usec;
  70         phdr->caplen = thdr->tp_snaplen;
  71         phdr->len = thdr->tp_len;
  72 }
  73
  74 static inline void pcap_pkthdr_to_tpacket_hdr(struct pcap_pkthdr *phdr,
  75                                               struct tpacket_hdr *thdr)
  76 {
  77         thdr->tp_sec = phdr->ts.tv_sec;
  78         thdr->tp_usec = phdr->ts.tv_usec;
  79         thdr->tp_snaplen = phdr->caplen;
  80         thdr->tp_len = phdr->len;
  81 }
  82
  83 enum pcap_ops_groups {
  84         PCAP_OPS_RW = 0,
  85 #define PCAP_OPS_RW PCAP_OPS_RW
  86         PCAP_OPS_SG,
  87 #define PCAP_OPS_SG PCAP_OPS_SG
  88         PCAP_OPS_MMAP,
  89 #define PCAP_OPS_MMAP PCAP_OPS_MMAP
  90         __PCAP_OPS_MAX,
  91 };
  92 #define PCAP_OPS_MAX (__PCAP_OPS_MAX - 1)
  93 #define PCAP_OPS_SIZ (__PCAP_OPS_MAX)
  94
  95 enum pcap_mode {
  96         PCAP_MODE_READ = 0,
  97         PCAP_MODE_WRITE,
  98 };
  99
 100 struct pcap_file_ops {
 101         const char *name;
 102         int (*pull_file_header)(int fd);
 103         int (*push_file_header)(int fd);
 104         int (*prepare_writing_pcap)(int fd);
 105         ssize_t (*write_pcap_pkt)(int fd, struct pcap_pkthdr *hdr,
 106                                   uint8_t *packet, size_t len);
 107         void (*fsync_pcap)(int fd);
 108         int (*prepare_reading_pcap)(int fd);
 109         ssize_t (*read_pcap_pkt)(int fd, struct pcap_pkthdr *hdr,
 110                                  uint8_t *packet, size_t len);
 111         void (*prepare_close_pcap)(int fd, enum pcap_mode mode);
 112 };
 113
 114 extern struct pcap_file_ops *pcap_ops[PCAP_OPS_SIZ];
 115
 116 extern int pcap_ops_group_register(struct pcap_file_ops *ops,
 117                                    enum pcap_ops_groups group);
 118 extern void pcap_ops_group_unregister(enum pcap_ops_groups group);
 119
 120 static inline struct pcap_file_ops *
 121 pcap_ops_group_get(enum pcap_ops_groups group)
 122 {
 123         return pcap_ops[group];
 124 }
 125
 126 static inline void pcap_prepare_header(struct pcap_filehdr *hdr,
 127                                        uint32_t linktype,
 128                                        int32_t thiszone, uint32_t snaplen)
 129 {
 130         hdr->magic = TCPDUMP_MAGIC;
 131         hdr->version_major = PCAP_VERSION_MAJOR;
 132         hdr->version_minor = PCAP_VERSION_MINOR;
 133         hdr->thiszone = thiszone;
 134         hdr->sigfigs = 0;
 135         hdr->snaplen = snaplen;
 136         hdr->linktype = linktype;
 137 }
 138
 139 static inline int pcap_validate_header(struct pcap_filehdr *hdr)
 140 {
 141         if (unlikely(hdr->magic != TCPDUMP_MAGIC ||
 142                      hdr->version_major != PCAP_VERSION_MAJOR ||
 143                      hdr->version_minor != PCAP_VERSION_MINOR ||
 144                      hdr->linktype != LINKTYPE_EN10MB)) {
 145                 /* don't panic, but only whine */
 146                 whine("This file has not a valid pcap header, continuing ..\n");
 147                 return -EINVAL;
 148         }
 149
 150         return 0;
 151 }
 152
 153 extern int init_pcap_mmap(int jumbo_support);
 154 extern int init_pcap_rw(int jumbo_support);
 155 extern int init_pcap_sg(int jumbo_support);
 156
 157 extern void cleanup_pcap_mmap(void);
 158 extern void cleanup_pcap_rw(void);
 159 extern void cleanup_pcap_sg(void);
 160
 161 static inline int init_pcap(int jumbo_support)
 162 {
 163         init_pcap_rw(jumbo_support);
 164         init_pcap_sg(jumbo_support);
 165         init_pcap_mmap(jumbo_support);
 166
 167         return 0;
 168 }
 169
 170 static inline void cleanup_pcap(void)
 171 {
 172         cleanup_pcap_rw();
 173         cleanup_pcap_sg();
 174         cleanup_pcap_mmap();
 175 }
 176
 177 #endif /* PCAP_H */