#include #include #include #include #include #ifndef OS_SPECIFIC_DEBUG #define OS_SPECIFIC_DEBUG 0 #endif #include "../os_frame_funcs.h" // This is the header used for all versions // of OS specific drivers. #include "logging.h" eth_t *eth = NULL; char *dev_to_use = NULL; pcap_t *pcap_descr = NULL; eth_addr_t source_mac; eth_addr_t dest_mac; char *src_interface=NULL; const u_char *packet_ptr=NULL; int more_frames_avail=0; int sleepable = 1; // By default, allow sleeping. const struct pcap_pkthdr *packet_header; // // packet_catch() - Deals with any frames that come in, and pass the filter. // pcap_handler packet_catch(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) { // A better way to do this would be to copy the contents of the packet to our // buffer. (Assuming we can determine the size of the source buffer.) // It would get rid of some compiler warnings. packet_header = header; packet_ptr = packet; return 0; } void done_with_current_frame() { // We don't need anything here... But, OS specific handlers may need something. } // // allow_sleep -- should we allow get_frame to sleep at all? // void allow_sleep(int yesno) { sleepable = yesno; } // // more_frames() -- returns 1 if there are more frames to process. // int more_frames() { if (sleepable == 0) return 1; // If we can sleep, always say there are more // frames. return more_frames_avail; } // // get_frame(int u_sec) -- returns a pointer to a frame if there is one. // NULL if there isn't. u_sec is how long to sleep before returning. // char *get_frame(int u_sec) { int pcap_ret_val=0; usleep(u_sec); pcap_ret_val = pcap_dispatch(pcap_descr, 1, (pcap_handler)packet_catch, NULL); if (pcap_ret_val == 1) { more_frames_avail = 1; return (char *) packet_ptr; } else { more_frames_avail = 0; return NULL; } } // Return a pointer to the frame we are working against. char *get_working_frame() { return (char *)packet_ptr; } // // setup_pcap() - Returns a handle to a pcap descr. NULL is there is an // error. On error, there is a message in pcapErr. // pcap_t *setup_pcap(int buf_size, int timeout, char pcapErr[PCAP_ERRBUF_SIZE]) { char pcap_err[PCAP_ERRBUF_SIZE]; //pcap error buffer pcap_t *pcap_descr = NULL; //pcap connection bpf_u_int32 pcap_maskp; //subnet mask bpf_u_int32 pcap_netp; //??? char pcap_filter[100]; //filter space struct bpf_program pcap_fp; //hold the compiled filter. char *errbuf=NULL; //Buffer to catch our error. char *pcap_compile_error = "Error running pcap compile!"; char *pcap_filter_error = "Error setting filter!"; pcap_lookupnet(dev_to_use, &pcap_netp, &pcap_maskp, pcap_err); /* We need to be in promisc mode to grab stuff that "isn't for us" */ pcap_descr = pcap_open_live(dev_to_use, buf_size, 1, timeout, pcap_err); if (pcap_descr == NULL) { #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "pcap_open_live(): %s\n",pcap_err); #endif return NULL; } sprintf(pcap_filter, "ether dst %s or ether dst 01:80:c2:00:00:03 and ether proto 0x888e", eth_ntoa(&source_mac)); #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "PCAP Filter : %s\n",pcap_filter); #endif if (pcap_compile(pcap_descr, &pcap_fp, pcap_filter, 0, pcap_netp) == -1) { xlogf(DEBUG_NORMAL, "Error : %s\n", pcap_compile_error); return NULL; } if (pcap_setfilter(pcap_descr, &pcap_fp) == -1) { xlogf(DEBUG_NORMAL, "Error : %s\n", pcap_filter_error); return NULL; } #ifndef __OpenBSD__ if (pcap_setnonblock(pcap_descr, 1, errbuf) == -1) { // If we can't go in to non-blocking mode, the timers that determine // if we are on a port that isn't smart enough to authenticate will // break. However, this shouldn't break the program. It will // just take longer to determine that there isn't anything there. xlogf(DEBUG_NORMAL, "Couldn't go in to non-blocking state, timers won't work!\n"); xlogf(DEBUG_NORMAL, "Recieved error : %s\n",errbuf); } #endif return pcap_descr; } // // initalize_frame_funcs() -- If it returns NULL everything is fine. // If not, the resulting pointer has an error message. // char *initalize_frame_funcs(char *device, int buf_size, int timeout) { char *temp = NULL; //This will hold some temporary values. char pcap_err[PCAP_ERRBUF_SIZE]; char *error_pcap_failure = "Couldn't set up PCAP."; #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Initalizing Frame handler (generic)\n"); #endif if (device == NULL) { temp = pcap_lookupdev(pcap_err); if (temp == NULL) { temp = (char *)malloc(sizeof(pcap_err)); strncpy(temp, pcap_err, sizeof(pcap_err)); return temp; } } else { temp = device; } #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Using interface : %s\n", temp); #endif // Stash a copy of the device name. dev_to_use = (char *)malloc(strlen(temp)+1); strncpy(dev_to_use, temp, strlen(temp)+1); // +1 to pick up the null. if ((eth = eth_open(dev_to_use)) == NULL) return ("Couldn't open device"); // Get the Mac address. if (eth_get(eth, &source_mac) < 0) return ("Couldn't get MAC address"); #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Got MAC address of %s\n", eth_ntoa(&source_mac)); #endif if ((pcap_descr = setup_pcap(buf_size, timeout, pcap_err)) == NULL) { return error_pcap_failure; } return NULL; } // Return a pointer to the device name in use. char *get_dev_name() { return dev_to_use; } // // get_src_mac() - Return a pointer to a copy of the MAC address. // u_char *get_src_mac() { eth_addr_t *ret_mac=NULL; ret_mac = (eth_addr_t *)malloc(ETH_ADDR_LEN); //Size of MAC address. memcpy(ret_mac, &source_mac, ETH_ADDR_LEN); #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Source MAC address is %s\n", eth_ntoa(&source_mac)); //Sanity check our return value: xlogf(DEBUG_EVERYTHING, "Return MAC address is %s\n", eth_ntoa(ret_mac)); #endif return (u_char *)ret_mac; } u_char *get_dst_mac() { eth_addr_t *ret_mac=NULL; ret_mac = (eth_addr_t *)malloc(ETH_ADDR_LEN); //Size of MAC address. memcpy(ret_mac, &dest_mac, ETH_ADDR_LEN); #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Destination MAC address is %s\n", eth_ntoa(&dest_mac)); //Sanity check our return value: xlogf(DEBUG_EVERYTHING, "Return MAC address is %s\n", eth_ntoa(ret_mac)); #endif return (u_char *)ret_mac; } // Send a frame. char *send_frame(u_char *frame_ptr, int frame_size) { #if OS_SPECIFIC_DEBUG struct eth_hdr *eth_hdr = (struct eth_hdr *)frame_ptr; xlogf(DEBUG_EVERYTHING, "Sending frame with size of %d.\n",frame_size); xlogf(DEBUG_EVERYTHING, "(Send Frame)Sending to %s\n", eth_ntoa(ð_hdr->eth_dst)); xlogf(DEBUG_EVERYTHING, "Source address from frame is %s", eth_ntoa(ð_hdr->eth_src)); xlogf(DEBUG_EVERYTHING, "Destination address from frame is %s", eth_ntoa(ð_hdr->eth_dst)); xlogf(DEBUG_EVERYTHING, "Frame type is : %x\n", ntohs(eth_hdr->eth_type)); #endif if (eth_send(eth, frame_ptr, frame_size) < 0) { #if OS_SPECIFIC_DEBUG xlogf(DEBUG_EVERYTHING, "Write error in send_frame()\n"); #endif return ("Error sending frame"); } return NULL; } int shutdown_frame_funcs() { if (dev_to_use != NULL) { free(dev_to_use); dev_to_use = NULL; } // Shutdown libdnet if (eth != NULL) { eth = eth_close(eth); } // Shutdown PCAP if (pcap_descr != NULL) { pcap_close(pcap_descr); if (pcap_descr != NULL) { free(pcap_descr); pcap_descr = NULL; } } return 0; }