src/pcap.h

   1 /*
   2  * netsniff-ng - the packet sniffing beast
   3  * By Daniel Borkmann <daniel@netsniff-ng.org>
   4  * Copyright 2009, 2010 Daniel Borkmann.
   5  * Copyright 2010 Emmanuel Roullit.
   6  * Subject to the GPL, version 2.
   7  */
   8
   9 #ifndef PCAP_H
  10 #define PCAP_H
  11
  12 #include <unistd.h>
  13 #include <stdint.h>
  14 #include <errno.h>
  15 #include <sys/time.h>
  16 #include <linux/if_packet.h>
  17
  18 #include "built_in.h"
  19 #include "die.h"
  20
  21 #define TCPDUMP_MAGIC              0xa1b2c3d4
  22 #define PCAP_VERSION_MAJOR         2
  23 #define PCAP_VERSION_MINOR         4
  24 #define PCAP_DEFAULT_SNAPSHOT_LEN  65535
  25
  26 #define LINKTYPE_NULL              0   /* BSD loopback encapsulation */
  27 #define LINKTYPE_EN10MB            1   /* Ethernet (10Mb) */
  28 #define LINKTYPE_EN3MB             2   /* Experimental Ethernet (3Mb) */
  29 #define LINKTYPE_AX25              3   /* Amateur Radio AX.25 */
  30 #define LINKTYPE_PRONET            4   /* Proteon ProNET Token Ring */
  31 #define LINKTYPE_CHAOS             5   /* Chaos */
  32 #define LINKTYPE_IEEE802           6   /* 802.5 Token Ring */
  33 #define LINKTYPE_ARCNET            7   /* ARCNET, with BSD-style header */
  34 #define LINKTYPE_SLIP              8   /* Serial Line IP */
  35 #define LINKTYPE_PPP               9   /* Point-to-point Protocol */
  36 #define LINKTYPE_FDDI              10  /* FDDI */
  37 #define LINKTYPE_IEEE802_11        105  /* IEEE 802.11 wireless */
  38
  39 struct pcap_filehdr {
  40         uint32_t magic;
  41         uint16_t version_major;
  42         uint16_t version_minor;
  43         int32_t thiszone;
  44         uint32_t sigfigs;
  45         uint32_t snaplen;
  46         uint32_t linktype;
  47 };
  48
  49 struct pcap_timeval {
  50         int32_t tv_sec;
  51         int32_t tv_usec;
  52 };
  53
  54 struct pcap_nsf_pkthdr {
  55         struct timeval ts;
  56         uint32_t caplen;
  57         uint32_t len;
  58 };
  59
  60 struct pcap_pkthdr {
  61         struct pcap_timeval ts;
  62         uint32_t caplen;
  63         uint32_t len;
  64 };
  65
  66 static inline void tpacket_hdr_to_pcap_pkthdr(struct tpacket_hdr *thdr,
  67                                               struct pcap_pkthdr *phdr)
  68 {
  69         phdr->ts.tv_sec = thdr->tp_sec;
  70         phdr->ts.tv_usec = thdr->tp_usec;
  71         phdr->caplen = thdr->tp_snaplen;
  72         phdr->len = thdr->tp_len;
  73 }
  74
  75 static inline void pcap_pkthdr_to_tpacket_hdr(struct pcap_pkthdr *phdr,
  76                                               struct tpacket_hdr *thdr)
  77 {
  78         thdr->tp_sec = phdr->ts.tv_sec;
  79         thdr->tp_usec = phdr->ts.tv_usec;
  80         thdr->tp_snaplen = phdr->caplen;
  81         thdr->tp_len = phdr->len;
  82 }
  83
  84 enum pcap_ops_groups {
  85         PCAP_OPS_RW = 0,
  86 #define PCAP_OPS_RW PCAP_OPS_RW
  87         PCAP_OPS_SG,
  88 #define PCAP_OPS_SG PCAP_OPS_SG
  89         PCAP_OPS_MMAP,
  90 #define PCAP_OPS_MMAP PCAP_OPS_MMAP
  91         __PCAP_OPS_MAX,
  92 };
  93 #define PCAP_OPS_MAX (__PCAP_OPS_MAX - 1)
  94 #define PCAP_OPS_SIZ (__PCAP_OPS_MAX)
  95
  96 enum pcap_mode {
  97         PCAP_MODE_READ = 0,
  98         PCAP_MODE_WRITE,
  99 };
 100
 101 struct pcap_file_ops {
 102         const char *name;
 103         int (*pull_file_header)(int fd, uint32_t *linktype);
 104         int (*push_file_header)(int fd, uint32_t linktype);
 105         int (*prepare_writing_pcap)(int fd);
 106         ssize_t (*write_pcap_pkt)(int fd, struct pcap_pkthdr *hdr,
 107                                   uint8_t *packet, size_t len);
 108         void (*fsync_pcap)(int fd);
 109         int (*prepare_reading_pcap)(int fd);
 110         ssize_t (*read_pcap_pkt)(int fd, struct pcap_pkthdr *hdr,
 111                                  uint8_t *packet, size_t len);
 112         void (*prepare_close_pcap)(int fd, enum pcap_mode mode);
 113 };
 114
 115 extern struct pcap_file_ops *pcap_ops[PCAP_OPS_SIZ];
 116
 117 extern int pcap_ops_group_register(struct pcap_file_ops *ops,
 118                                    enum pcap_ops_groups group);
 119 extern void pcap_ops_group_unregister(enum pcap_ops_groups group);
 120
 121 static inline struct pcap_file_ops *
 122 pcap_ops_group_get(enum pcap_ops_groups group)
 123 {
 124         return pcap_ops[group];
 125 }
 126
 127 static inline void pcap_prepare_header(struct pcap_filehdr *hdr,
 128                                        uint32_t linktype,
 129                                        int32_t thiszone, uint32_t snaplen)
 130 {
 131         hdr->magic = TCPDUMP_MAGIC;
 132         hdr->version_major = PCAP_VERSION_MAJOR;
 133         hdr->version_minor = PCAP_VERSION_MINOR;
 134         hdr->thiszone = thiszone;
 135         hdr->sigfigs = 0;
 136         hdr->snaplen = snaplen;
 137         hdr->linktype = linktype;
 138 }
 139
 140 static inline void pcap_validate_header(struct pcap_filehdr *hdr)
 141 {
 142         if (unlikely(hdr->magic != TCPDUMP_MAGIC ||
 143                      hdr->version_major != PCAP_VERSION_MAJOR ||
 144                      hdr->version_minor != PCAP_VERSION_MINOR ||
 145                      (hdr->linktype != LINKTYPE_EN10MB &&
 146                      hdr->linktype != LINKTYPE_IEEE802_11)))
 147                 panic("This file has not a valid pcap header\n");
 148 }
 149
 150 extern int init_pcap_mmap(int jumbo_support);
 151 extern int init_pcap_rw(int jumbo_support);
 152 extern int init_pcap_sg(int jumbo_support);
 153
 154 extern void cleanup_pcap_mmap(void);
 155 extern void cleanup_pcap_rw(void);
 156 extern void cleanup_pcap_sg(void);
 157
 158 static inline int init_pcap(int jumbo_support)
 159 {
 160         init_pcap_rw(jumbo_support);
 161         init_pcap_sg(jumbo_support);
 162         init_pcap_mmap(jumbo_support);
 163
 164         return 0;
 165 }
 166
 167 static inline void cleanup_pcap(void)
 168 {
 169         cleanup_pcap_rw();
 170         cleanup_pcap_sg();
 171         cleanup_pcap_mmap();
 172 }
 173
 174 #endif /* PCAP_H */