"Fossies" - the Fresh Open Source Software Archive

Member "scanlogd-2.2.8/in_nids.c" (10 Mar 2021, 1770 Bytes) of package /linux/misc/scanlogd-2.2.8.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "in_nids.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 2.2.7_vs_2.2.8.

    1 #define _BSD_SOURCE
    2 #define _DEFAULT_SOURCE
    3 #include <stdio.h>
    4 #include <sys/types.h>
    5 #include <netinet/in_systm.h>
    6 #include <netinet/in.h>
    7 #include <netinet/ip.h>
    8 #include <netinet/tcp.h>
    9 
   10 #include <nids.h>
   11 
   12 #include "params.h"
   13 #include "in.h"
   14 
   15 #if !SCANLOGD_PROMISC
   16 #if !(defined(NIDS_MAJOR) && (NIDS_MAJOR > 1 || NIDS_MINOR >= 14))
   17 #warning "SCANLOGD_PROMISC is 0, but your libnids will set PROMISC anyway"
   18 #endif
   19 #endif
   20 
   21 static void (*scanlogd_process_packet)(struct header *packet, int size);
   22 
   23 static void nids_process_packet(struct ip *packet)
   24 {
   25 /* Sanity check to make sure we calculate the packet size correctly.  We
   26  * don't expect any fragments here since libnids should have defragmented
   27  * stuff for us; this is for testing with nids_register_ip_frag(). */
   28     if (packet->ip_off & htons(IP_MF | IP_OFFMASK))
   29         return;
   30 
   31     scanlogd_process_packet((struct header *)packet,
   32         (unsigned int)ntohs(packet->ip_len));
   33 }
   34 
   35 static void dummy_syslog(int type, int errnum, struct ip *iph, void *data)
   36 {
   37 }
   38 
   39 int in_init(void)
   40 {
   41 #ifdef SCANLOGD_DEVICE
   42     nids_params.device = SCANLOGD_DEVICE;
   43 #endif
   44 
   45 #if defined(NIDS_MAJOR) && (NIDS_MAJOR > 1 || NIDS_MINOR >= 14)
   46     nids_params.n_tcp_streams = 0;
   47 #else
   48     nids_params.n_tcp_streams = 1;
   49 #endif
   50     nids_params.n_hosts = HASH_SIZE;
   51     nids_params.syslog = dummy_syslog;
   52     nids_params.scan_num_hosts = 0;
   53     nids_params.pcap_filter = SCANLOGD_PCAP_FILTER;
   54 #if defined(NIDS_MAJOR) && (NIDS_MAJOR > 1 || NIDS_MINOR >= 14)
   55     nids_params.promisc = SCANLOGD_PROMISC;
   56 #endif
   57 
   58     if (!nids_init()) {
   59         fprintf(stderr, "nids_init: %s\n", nids_errbuf);
   60         return 1;
   61     }
   62 
   63     return 0;
   64 }
   65 
   66 void in_run(void (*process_packet)(struct header *packet, int size))
   67 {
   68     scanlogd_process_packet = process_packet;
   69     nids_register_ip(nids_process_packet);
   70 
   71     nids_run();
   72 }