info_elements: add some more PCAPs, 802.11 bugfixing
[netsniff-ng.git] / src / syslog.c
blobc8fac9b6a0285d4a9cb7dd560143a22d81efaee5
1 /*
2 * Mausezahn - A fast versatile traffic generator
3 * Copyright (C) 2008,2009 Herbert Haas
4 *
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License version 2 as published by the
7 * Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
12 * details.
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, see http://www.gnu.org/licenses/gpl-2.0.html
20 #include "mz.h"
21 #include "cli.h"
23 #define MZ_SYSLOG_HELP \
24 "| Syslog type: Send (traditional) Syslog packets via UDP.\n" \
25 "|\n" \
26 "| Parameters:\n" \
27 "|\n" \
28 "| severity, sev 0-7 .... Severity level from Emergency (0) to Debug (7)\n" \
29 "| facility, fac 0-23 .... Facility number\n" \
30 "|\n" \
31 "| time hh:mm:ss .... Local time, 24-hour format\n" \
32 "| month, mon Mmm .... Current month, 1-12\n" \
33 "| day dd .... Current day, 0-31\n" \
34 "|\n" \
35 "| host max 314 bytes .... Name or IP Address of sending host\n" \
36 "|\n" \
37 "| Defaults:\n" \
38 "|\n" \
39 "| Per default the severity \"Warning\" (4), the facility \"Security\" (4), and the\n" \
40 "| current time stamp is used. If no host is given, host is set to \"MZ\"\n" \
41 "|\n" \
42 "| You can define the Syslog message itself using the -P flag. For example:\n" \
43 "|\n" \
44 "| mz eth0 -t syslog sev=3 -P \"You have been mausezahned.\"\n" \
45 "|\n" \
46 "| By the way, mz (by intention) does not check if your timestamp is valid according\n" \
47 "| calendar rules. It is generally recommended to follow the Darwin Era Calendar ;-)\n" \
48 "|\n"
52 // RFC 3164 states that a Syslog message consists of three parts: PRI, HEADER, and MSG.
53 //
54 // 1) PRI: contains facility(f) and severity(s), using the syntax "<N>" where N = f * 8 + s
55 //
56 // 2) HEADER: contains a timestamp and a sender-ID (name or IP), for example "May 25 23:42:42 Mausezahnhost"
57 // Note that instead of leading zeroes a space must be used for the day e. g. "May 5".
58 // However leading zeroes are required for hour, minutes, seconds, e. g. "01:05:09"
59 //
60 // 3) MSG: consists of TAG and CONTENT field. The TAG identifies the program or process and
61 // must not exceed 32 characters. Typically the TAG and the CONTENT fields are delimited
62 // via either a "[", or a colon (:) or a space. The CONTENT field is a simple text.
63 //
64 // EXAMPLE from RFC 3164:
65 //
66 // <34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8
67 //
68 // EXAMPLE from Cisco Router:
69 //
70 // *Mar 23 13:45:08.727: %ENVMON-3-FAN_FAILED: Fan 2 not rotating
71 //
74 int create_syslog_packet()
76 unsigned int pri, sev, fac, day, curday, mon, curmon;
77 char lt[8], host[314];
78 char *Months[12] =
79 { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
82 time_t curtime;
83 struct tm curtime_broken;
84 char argval[MAX_PAYLOAD_SIZE];
85 int ca=0, aa;
87 aa=number_of_args(tx.arg_string);
89 if ( (getarg(tx.arg_string,"help", NULL)==1) && (mode==SYSLOG) )
91 ca++; // counts each argument
92 if (mz_port)
94 cli_print(gcli, "%s", MZ_SYSLOG_HELP);
95 return -1;
97 else
99 fprintf(stderr,"\n"
100 MAUSEZAHN_VERSION
101 "\n%s", MZ_SYSLOG_HELP);
103 exit(0);
108 if ( (getarg(tx.arg_string,"severity", argval)==1) ||
109 (getarg(tx.arg_string,"sev", argval)==1) )
111 ca++; // counts each argument
112 sev = (unsigned int) str2int(argval);
114 else
116 sev = 4;
119 if ( (getarg(tx.arg_string,"facility", argval)==1) ||
120 (getarg(tx.arg_string,"fac", argval)==1) )
122 ca++; // counts each argument
123 fac = (unsigned int) str2int(argval);
125 else
127 fac = 4;
131 time(&curtime);
132 localtime_r (&curtime, &curtime_broken);
136 if (getarg(tx.arg_string,"time", argval)==1)
138 ca++; // counts each argument
139 strncpy(lt,argval,8);
140 // TODO: check if specified timestamp has valid format, e. g. 15:03:22
142 else
144 timestamp_hms (lt);
149 curmon = curtime_broken.tm_mon; // Note that Jan = 0, ..., Dec = 11 !!!
151 if ( (getarg(tx.arg_string,"month", argval)==1) ||
152 (getarg(tx.arg_string,"mon", argval)==1) )
154 ca++; // counts each argument
155 mon = (unsigned int) str2int(argval);
156 if ( (mon<1) || (mon>12) )
158 fprintf(stderr, " mz/syslog: Invalid month; will use current month (%i)!\n", curmon+1);
159 mon = curmon;
162 else
164 mon = curmon;
167 curday = curtime_broken.tm_mday;
169 if (getarg(tx.arg_string,"day", argval)==1)
171 ca++; // counts each argument
172 day = (unsigned int) str2int(argval);
173 if ( (day<1) || (day>31) )
175 fprintf(stderr, " mz/syslog: Invalid day; will use current day(%i)!\n", curday);
176 day = curday;
179 else
181 day = curday;
185 if (getarg(tx.arg_string,"host", argval)==1)
187 ca++; // counts each argument
188 strncpy(host,argval,314); // 314 is just an arbitrary number ;-)
190 else
192 strcpy(host, "MZ42");
196 // CHECK SURPLUS ARGUMENTS
197 if (aa!=ca) {
198 fprintf(stderr, "WARNING: %i unmatched arguments within argument string!\n", aa-ca);
202 // Now put everything together:
204 // Again the EXAMPLE from RFC 3164:
206 // <34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8
210 pri = 8*fac+sev;
212 sprintf((char*) tx.udp_payload, "<%d>%s %2i %s %s ",
213 pri,
214 Months[mon],
215 day,
217 host);
219 if (tx.ascii) // ASCII PAYLOAD overrides hex payload
221 strncat((char *)tx.udp_payload, (char *)tx.ascii_payload, 2048);
222 tx.ascii=0; // avoid that 'create_udp_packet' overwrites this!
224 else
226 strcat((char *)tx.udp_payload, "%MZSYS-42-CRN: Main reactor exceeded critical temperature!");
230 tx.udp_payload_s = strlen((char *)tx.udp_payload);
232 tx.dp = 514;
233 tx.sp = 514;
235 tx.udp_len = 8 + tx.udp_payload_s;
237 if (verbose)
239 fprintf(stderr, "Syslog: %s\n", tx.udp_payload);
243 return 0;