"Fossies" - the Fresh Open Source Software Archive

Member "snort3_extra-3.1.51.0/src/codecs/cd_wlan/cd_wlan.cc" (20 Dec 2022, 5636 Bytes) of package /linux/misc/snort3_extra-3.1.51.0.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "cd_wlan.cc" see the Fossies "Dox" file reference documentation. 
    1 //--------------------------------------------------------------------------
    2 // Copyright (C) 2014-2022 Cisco and/or its affiliates. All rights reserved.
    3 // Copyright (C) 2002-2013 Sourcefire, Inc.
    4 //
    5 // This program is free software; you can redistribute it and/or modify it
    6 // under the terms of the GNU General Public License Version 2 as published
    7 // by the Free Software Foundation.  You may not use, modify or distribute
    8 // this program under any other version of the GNU General Public License.
    9 //
   10 // This program is distributed in the hope that it will be useful, but
   11 // WITHOUT ANY WARRANTY; without even the implied warranty of
   12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   13 // General Public License for more details.
   14 //
   15 // You should have received a copy of the GNU General Public License along
   16 // with this program; if not, write to the Free Software Foundation, Inc.,
   17 // 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
   18 //--------------------------------------------------------------------------
   19 // cd_wlan.cc author Josh Rosenbaum <jrosenba@cisco.com>
   20 
   21 #include <daq_dlt.h>
   22 
   23 #include "codecs/codec_module.h"
   24 #include "framework/codec.h"
   25 #include "log/text_log.h"
   26 #include "protocols/wlan.h"
   27 
   28 using namespace snort;
   29 
   30 #define CD_WLAN_NAME "wlan"
   31 #define CD_WLAN_HELP_STR "support for wireless local area network protocol"
   32 #define CD_WLAN_HELP ADD_DLT(CD_WLAN_HELP_STR, DLT_IEEE802_11)
   33 
   34 namespace
   35 {
   36 static const RuleMap wlan_rules[] =
   37 {
   38     { DECODE_BAD_80211_ETHLLC, "bad 802.11 LLC header" },
   39     { DECODE_BAD_80211_OTHER, "bad 802.11 extra LLC info" },
   40     { 0, nullptr }
   41 };
   42 
   43 class WlanCodecModule : public BaseCodecModule
   44 {
   45 public:
   46     WlanCodecModule() : BaseCodecModule(CD_WLAN_NAME, CD_WLAN_HELP) { }
   47 
   48     const RuleMap* get_rules() const override
   49     { return wlan_rules; }
   50 };
   51 
   52 class WlanCodec : public Codec
   53 {
   54 public:
   55     WlanCodec() : Codec(CD_WLAN_NAME) { }
   56 
   57     bool decode(const RawData&, CodecData&, DecodeData&) override;
   58     void get_data_link_type(std::vector<int>&) override;
   59     void get_protocol_ids(std::vector<ProtocolId>& v) override;
   60     void log(TextLog* const, const uint8_t* pkt, const uint16_t len) override;
   61 };
   62 
   63 #define MINIMAL_IEEE80211_HEADER_LEN    10    /* Ack frames and others */
   64 #define IEEE802_11_DATA_HDR_LEN         24    /* Header for data packets */
   65 } // namespace
   66 
   67 void WlanCodec::get_data_link_type(std::vector<int>& v)
   68 { v.push_back(DLT_IEEE802_11); }
   69 
   70 void WlanCodec::get_protocol_ids(std::vector<ProtocolId>& v)
   71 { v.push_back(ProtocolId::ETHERNET_802_11); }
   72 
   73 bool WlanCodec::decode(const RawData& raw, CodecData& codec, DecodeData&)
   74 {
   75     if (raw.len < MINIMAL_IEEE80211_HEADER_LEN)
   76         return false;
   77 
   78     /* lay the wireless structure over the packet data */
   79     const wlan::WifiHdr* wifih = reinterpret_cast<const wlan::WifiHdr*>(raw.data);
   80 
   81     /* determine frame type */
   82     switch (wifih->frame_control & 0x00ff)
   83     {
   84     /* management frames */
   85     case WLAN_TYPE_MGMT_ASREQ:
   86     case WLAN_TYPE_MGMT_ASRES:
   87     case WLAN_TYPE_MGMT_REREQ:
   88     case WLAN_TYPE_MGMT_RERES:
   89     case WLAN_TYPE_MGMT_PRREQ:
   90     case WLAN_TYPE_MGMT_PRRES:
   91     case WLAN_TYPE_MGMT_BEACON:
   92     case WLAN_TYPE_MGMT_ATIM:
   93     case WLAN_TYPE_MGMT_DIS:
   94     case WLAN_TYPE_MGMT_AUTH:
   95     case WLAN_TYPE_MGMT_DEAUTH:
   96         break;
   97 
   98     /* Control frames */
   99     case WLAN_TYPE_CONT_PS:
  100     case WLAN_TYPE_CONT_RTS:
  101     case WLAN_TYPE_CONT_CTS:
  102     case WLAN_TYPE_CONT_ACK:
  103     case WLAN_TYPE_CONT_CFE:
  104     case WLAN_TYPE_CONT_CFACK:
  105         break;
  106     /* Data packets without data */
  107     case WLAN_TYPE_DATA_NULL:
  108     case WLAN_TYPE_DATA_CFACK:
  109     case WLAN_TYPE_DATA_CFPL:
  110     case WLAN_TYPE_DATA_ACKPL:
  111 
  112         break;
  113     case WLAN_TYPE_DATA_DTCFACK:
  114     case WLAN_TYPE_DATA_DTCFPL:
  115     case WLAN_TYPE_DATA_DTACKPL:
  116     case WLAN_TYPE_DATA_DATA:
  117     {
  118         codec.lyr_len = IEEE802_11_DATA_HDR_LEN;
  119         codec.next_prot_id = ProtocolId::ETHERNET_LLC;
  120 
  121         break;
  122     }
  123     default:
  124         break;
  125     }
  126 
  127     return true;
  128 }
  129 
  130 void WlanCodec::log(TextLog* const text_log, const uint8_t* raw_pkt,
  131     const uint16_t /*lyr_len*/)
  132 {
  133     const wlan::WifiHdr* wifih = reinterpret_cast<const wlan::WifiHdr*>(raw_pkt);
  134 
  135     /* src addr */
  136     TextLog_Print(text_log, "addr1(%02X:%02X:%02X:%02X:%02X:%02X) -> ",
  137         wifih->addr1[0], wifih->addr1[1], wifih->addr1[2],
  138         wifih->addr1[3], wifih->addr1[4], wifih->addr1[5]);
  139 
  140     /* dest addr */
  141     TextLog_Print(text_log, "%02X:%02X:%02X:%02X:%02X:%02X)",
  142         wifih->addr2[0], wifih->addr2[1], wifih->addr2[2],
  143         wifih->addr2[3], wifih->addr2[4], wifih->addr2[5]);
  144 
  145     TextLog_NewLine(text_log);
  146     TextLog_Putc(text_log, '\t');
  147     TextLog_Print(text_log, "frame_control:%02x  duration_id:%02x  "
  148         "seq_control:%02x", ntohs(wifih->frame_control),
  149         ntohs(wifih->duration_id), ntohs(wifih->seq_control));
  150 }
  151 
  152 //-------------------------------------------------------------------------
  153 // api
  154 //-------------------------------------------------------------------------
  155 
  156 static Module* mod_ctor()
  157 { return new WlanCodecModule; }
  158 
  159 static void mod_dtor(Module* m)
  160 { delete m; }
  161 
  162 static Codec* ctor(Module*)
  163 { return new WlanCodec(); }
  164 
  165 static void dtor(Codec* cd)
  166 { delete cd; }
  167 
  168 static const CodecApi wlan_api =
  169 {
  170     {
  171         PT_CODEC,
  172         sizeof(CodecApi),
  173         CDAPI_VERSION,
  174         0,
  175         API_RESERVED,
  176         API_OPTIONS,
  177         CD_WLAN_NAME,
  178         CD_WLAN_HELP,
  179         mod_ctor,
  180         mod_dtor
  181     },
  182     nullptr,
  183     nullptr,
  184     nullptr,
  185     nullptr,
  186     ctor,
  187     dtor,
  188 };
  189 
  190 SO_PUBLIC const BaseApi* snort_plugins[] =
  191 {
  192     &wlan_api.base,
  193     nullptr
  194 };