tcpflow  1.6.1
About: tcpflow is a TCP/IP packet demultiplexer that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
  Fossies Dox: tcpflow-1.6.1.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

scan_tcpdemux.cpp
Go to the documentation of this file.
1 /**
2  * tcp demultiplixier scanner.
3  *
4  * We have a single global tcpdemultiplixer because it needs to manage
5  * a global resource --- the maximum number of open files. We get the
6  * singleton instance and put it in the user argument of the global
7  * callback array. We could have designed the callback system to take
8  * an instance which is subclassed from an abstract superclass, but
9  * that would require a virtual function resolution on every function
10  * call, whereas here we simply have a function call with two
11  * arguments (which is faster, but less safe.)
12  */
13 
14 #include "config.h"
15 #include "tcpflow.h"
16 #include "tcpip.h"
17 #include "tcpdemux.h"
18 #include <iostream>
19 #include <sys/types.h>
20 #include "bulk_extractor_i.h"
21 
22 
23 /** callback called by process_packet()
24  */
25 static void packet_handler(void *user,const be13::packet_info &pi)
26 {
27  reinterpret_cast<tcpdemux *>(user)->process_pkt(pi);
28 }
29 
30 extern "C"
31 void scan_tcpdemux(const class scanner_params &sp,const recursion_control_block &rcb)
32 {
33 
35  std::cerr << "scan_tcpdemux requires sp version " << scanner_params::CURRENT_SP_VERSION << "; "
36  << "got version " << sp.sp_version << "\n";
37  exit(1);
38  }
39 
41  sp.info->name = "tcpdemux";
42  sp.info->author= "Simson Garfinkel";
45 
46  sp.info->get_config("tcp_timeout",&tcpdemux::getInstance()->tcp_timeout,"Timeout for TCP connections");
47  sp.info->get_config("tcp_cmd",&tcpdemux::getInstance()->tcp_cmd,"Command to execute on each TCP flow");
48  sp.info->get_config("tcp_alert_fd",&tcpdemux::getInstance()->tcp_alert_fd,"File descriptor to send information about completed TCP flows");
49 
50  return; /* No feature files created */
51  }
52 
54  static const std::string hash0("<hashdigest type='TCPDEMUX'>");
55  static const std::string hash1("</hashdigest>");
56  return;
57  }
58 }
static tcpdemux * getInstance()
Definition: tcpdemux.cpp:103
std::string name
static const int CURRENT_SP_VERSION
virtual void get_config(const scanner_info::config_t &c, const std::string &name, std::string *val, const std::string &help)
Definition: plugin.cpp:415
packet_callback_t * packet_cb
std::string author
scanner_info * info
const int sp_version
const phase_t phase
static void packet_handler(void *user, const be13::packet_info &pi)
void scan_tcpdemux(const class scanner_params &sp, const recursion_control_block &rcb)