"Fossies" - the Fresh Open Source Software Archive

Member "ettercap-0.8.3.1/src/ec_sniff_bridge.c" (1 Aug 2020, 5926 Bytes) of package /linux/privat/ettercap-0.8.3.1.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "ec_sniff_bridge.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 0.8.3_vs_0.8.3.1.

    1 /*
    2     ettercap -- bridged sniffing method module
    3 
    4     Copyright (C) ALoR & NaGA
    5 
    6     This program is free software; you can redistribute it and/or modify
    7     it under the terms of the GNU General Public License as published by
    8     the Free Software Foundation; either version 2 of the License, or
    9     (at your option) any later version.
   10 
   11     This program is distributed in the hope that it will be useful,
   12     but WITHOUT ANY WARRANTY; without even the implied warranty of
   13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   14     GNU General Public License for more details.
   15 
   16     You should have received a copy of the GNU General Public License
   17     along with this program; if not, write to the Free Software
   18     Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
   19 
   20 */
   21 
   22 #include <ec.h>
   23 #include <ec_capture.h>
   24 #include <ec_send.h>
   25 #include <ec_threads.h>
   26 #include <ec_conntrack.h>
   27 
   28 struct origin_mac_table {
   29    u_int8 mac[MEDIA_ADDR_LEN];
   30    LIST_ENTRY(origin_mac_table) next;
   31 };
   32 
   33 static LIST_HEAD(, origin_mac_table) iface_origin_table;
   34 static LIST_HEAD(, origin_mac_table) bridge_origin_table;
   35 
   36 /* proto */
   37 void start_bridge_sniff(void);
   38 void stop_bridge_sniff(void);
   39 void forward_bridge_sniff(struct packet_object *po);
   40 void bridge_check_forwarded(struct packet_object *po);
   41 void bridge_set_forwardable(struct packet_object *po);
   42 
   43 /*******************************************/
   44 
   45 void start_bridge_sniff(void)
   46 {
   47    DEBUG_MSG("start_bridge_sniff");
   48    
   49    if (EC_GBL_SNIFF->active == 1) {
   50       USER_MSG("Bridged sniffing already started...\n");
   51       return;
   52    }
   53    
   54    USER_MSG("Starting Bridged sniffing...\n\n");
   55    
   56    /* create the timeouter thread */
   57    if (!EC_GBL_OPTIONS->read) { 
   58       pthread_t pid;
   59       
   60       pid = ec_thread_getpid("timer");
   61       if (pthread_equal(pid, ec_thread_getpid(NULL)))
   62          ec_thread_new("timer", "conntrack timeouter", &conntrack_timeouter, NULL);
   63    }
   64 
   65    /* create the thread for packet capture */
   66    capture_start(EC_GBL_IFACE);
   67    
   68    /* create the thread for packet capture on the bridged interface */
   69    capture_start(EC_GBL_BRIDGE);
   70 
   71    EC_GBL_SNIFF->active = 1;
   72 }
   73 
   74 /*
   75  * kill the capturing threads, but leave untouched the others
   76  */
   77 void stop_bridge_sniff(void)
   78 {
   79    DEBUG_MSG("stop_bridge_sniff");
   80    
   81    if (EC_GBL_SNIFF->active == 0) {
   82       USER_MSG("Bridged sniffing is not running...\n");
   83       return;
   84    }
   85   
   86    /* kill it */
   87    capture_stop(EC_GBL_IFACE);
   88    capture_stop(EC_GBL_BRIDGE);
   89 
   90    USER_MSG("Bridged sniffing was stopped.\n");
   91 
   92    EC_GBL_SNIFF->active = 0;
   93 }
   94 
   95 
   96 void forward_bridge_sniff(struct packet_object *po)
   97 {
   98    /* don't forward dropped packets */
   99    if (po->flags & PO_DROPPED)
  100       return;
  101 
  102    /*
  103     * If the filters modified the packet len
  104     * recalculate it (only if some L3 decoder parsed it).
  105     */
  106    if (po->fwd_packet)
  107       po->len = po->L2.len + po->fwd_len;
  108          
  109    /* 
  110     * send the packet to the other interface.
  111     * the socket was opened during the initialization
  112     * phase (parameters parsing) by bridge_init()
  113     */
  114    if (po->flags & PO_FROMIFACE)
  115       send_to_bridge(po);
  116    else if (po->flags & PO_FROMBRIDGE)
  117       send_to_L2(po);
  118    
  119 }
  120 
  121 /*
  122  * keep a list of source mac addresses for each interface.
  123  * each list will contain mac address coming form an host connected
  124  * on the iface.
  125  * we can determine if a packet is forwarded or not searching it in
  126  * the lists.
  127  */
  128 void bridge_check_forwarded(struct packet_object *po)
  129 {
  130    struct origin_mac_table *omt;
  131    u_char tmp[MAX_ASCII_ADDR_LEN];
  132 
  133    /* avoid gcc complaining for unused var */
  134    (void)tmp;
  135    
  136    if (po->flags & PO_FROMIFACE) {
  137       /* search the mac in the iface table */
  138       LIST_FOREACH(omt, &iface_origin_table, next)
  139          if (!memcmp(omt->mac, po->L2.src, MEDIA_ADDR_LEN))
  140             return;
  141 
  142       /* 
  143        * now search it in the opposite table
  144        * if it was registered there, the packet is forwarded
  145        */
  146       LIST_FOREACH(omt, &bridge_origin_table, next)
  147          if (!memcmp(omt->mac, po->L2.src, MEDIA_ADDR_LEN)) {
  148             po->flags |= PO_FORWARDED;
  149             return;
  150          }
  151    }
  152          
  153    if (po->flags & PO_FROMBRIDGE) {
  154       /* search the mac in the bridge table */
  155       LIST_FOREACH(omt, &bridge_origin_table, next)
  156          if (!memcmp(omt->mac, po->L2.src, MEDIA_ADDR_LEN))
  157             return;
  158       
  159       /* 
  160        * now search it in the opposite table
  161        * if it was registered there, the packet is forwarded
  162        */
  163       LIST_FOREACH(omt, &iface_origin_table, next)
  164          if (!memcmp(omt->mac, po->L2.src, MEDIA_ADDR_LEN)) {
  165             po->flags |= PO_FORWARDED;
  166             return;
  167          }
  168    }
  169 
  170 
  171    /* allocate a new entry for the newly discovered mac address */
  172    SAFE_CALLOC(omt, 1, sizeof(struct origin_mac_table));
  173 
  174    memcpy(omt->mac, po->L2.src, MEDIA_ADDR_LEN);
  175 
  176    /* insert the new mac address in the proper list */
  177    if (po->flags & PO_FROMIFACE) {
  178       DEBUG_MSG("Added the mac [%s] to IFACE table", mac_addr_ntoa(po->L2.src, tmp));
  179       LIST_INSERT_HEAD(&iface_origin_table, omt, next);
  180    }
  181    
  182    if (po->flags & PO_FROMBRIDGE) {
  183       DEBUG_MSG("Added the mac [%s] to BRIDGE table", mac_addr_ntoa(po->L2.src, tmp));
  184       LIST_INSERT_HEAD(&bridge_origin_table, omt, next);
  185    }
  186 }
  187 
  188 /* 
  189  * in bridged sniffing all the packet must be forwarded
  190  * on the other iface
  191  */
  192 void bridge_set_forwardable(struct packet_object *po)
  193 {
  194    /* If for us on the iface */
  195    if ( !memcmp(EC_GBL_IFACE->mac, po->L2.src, MEDIA_ADDR_LEN) || !memcmp(EC_GBL_IFACE->mac, po->L2.dst, MEDIA_ADDR_LEN) )
  196       return;
  197 
  198    /* If for us on the bridge */
  199    if ( !memcmp(EC_GBL_BRIDGE->mac, po->L2.src, MEDIA_ADDR_LEN) || !memcmp(EC_GBL_BRIDGE->mac, po->L2.dst, MEDIA_ADDR_LEN) )
  200       return;
  201 
  202    /* in bridged sniffing all the packet have to be forwarded */      
  203    po->flags |= PO_FORWARDABLE;
  204 }
  205 
  206 
  207 
  208 /* EOF */
  209 
  210 // vim:ts=3:expandtab
  211