1 /*-
2  * Copyright (c) 2004 Lev Walkin <vlm@lionet.info>.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24  * SUCH DAMAGE.
25  *
26  * $Id: psrc.h,v 1.11 2005/07/07 05:54:53 vlm Exp $
27  */
28 #ifndef	__PSRC_H__
29 #define	__PSRC_H__
30 
31 #include "headers.h"
32 #include "genhash.h"
33 
34 typedef struct packet_source_s {
35 
36 	enum {
37 		IFACE_UNKNOWN,
38 		IFACE_DYNAMIC,	/* BPF or PCAP, with dynamic name (ppp*) */
39 		IFACE_BPF,	/* Berkeley Packet Filter */
40 		IFACE_PCAP,	/* libpcap */
41 		IFACE_FILE,	/* PCAP file */
42 		IFACE_ULOG,	/* Linux iptables' ULOG */
43 		IFACE_IPQ,	/* Linux iptables' IPQ */
44 		IFACE_DIVERT,	/* BSD ipfw(8) divert(4) */
45 		IFACE_TEE,	/* BSD ipfw(8) tee */
46 	} iface_type;
47 
48 	enum {
49 		PST_INVALID,	/* Not initialized */
50 		PST_EMBRYONIC,	/* Interface name is set */
51 		PST_READY,	/* Ready for operation */
52 		PST_FINISHED,	/* Interface has ceased to exist */
53 	} state;
54 
55 	/*
56 	 * Interface properties.
57 	 */
58 	char	ifName[IFNAMSIZ];
59 	int	ifIndex;	/* Assigned internal (SNMP) index */
60 #define	IFINDEX_DIVERT_MASK	0x00010000
61 #define	IFINDEX_TEE_MASK	0x00020000
62 
63 	unsigned int dlt;	/* Data Link Type */
64 	char *custom_filter;	/* pcap filter */
65 	enum {
66 		IFLAG_NONE	= 0x00,
67 		IFLAG_INONLY	= 0x01,	/* Incoming only */
68 		IFLAG_PROMISC	= 0x02,	/* Enable promiscuous mode */
69 		IFLAG_NF_SAMPLED= 0x04,	/* Enable NetFlow sampling mode */
70 		IFLAG_NF_DISABLE= 0x08,	/* Disable NetFlow */
71 		IFLAG_RSH_EXTRA	= 0x10,	/* Enable RSH extra info */
72 		IFLAG_LARGE_CAP = 0x20,	/* Large capture length (BPF/PCAP) */
73 		IFLAGS_STRICT	= 0x80,	/* Do not alter flags (internal) */
74 	} iflags;
75 
76 	/*
77 	 * Declare source-dependent interface descriptors.
78 	 */
79 
80 	union {
81 		struct {
82 			char *name;
83 			pcap_t *dev;
84 		} file;
85 #ifdef	PSRC_pcap
86 		struct {
87 			pcap_t *dev;
88 			pthread_mutex_t dev_mutex;
89 		} pcap;
90 #endif
91 #ifdef  PSRC_ulog
92 		struct {
93 			struct	sockaddr_nl	peer;
94 			uint32_t 		groupmask;
95 			char *uName;	/* ulog-specific ifName */
96 		} ulog;
97 #endif
98 #ifdef	PSRC_ipq
99 		struct {
100 			struct sockaddr_nl	local;
101 			struct sockaddr_nl	peer;
102 		} ipq;
103 #endif
104 #ifdef  IPPROTO_DIVERT
105 		struct {
106 			int			port;
107 		} divert;
108 #endif  /* IPPROTO_DIVERT */
109 		struct {
110 			genhash_t		*already_got;
111 		} dynamic;
112 	} iface;
113 
114 	int	fd;	/* File descriptor, if applicable */
115 	char	*buf;
116 	size_t	bufsize;
117 
118 	void	*(*process_ptr)(void *);  /* pointer to capture function */
119 	void	(*print_stats)(FILE *, struct packet_source_s *);
120 
121 	/*
122 	 * Run-time variables.
123 	 */
124 	pthread_t 	thid;
125 
126 	/*
127 	 * Statistics
128 	 */
129 	long long bytes_prev;    /* Bytes per previous second, estimated */
130 	long long bytes_cur;     /* Current bytecount */
131 	long long packets_prev;  /* Packets per previous second, est. */
132 	long long packets_cur;   /* Current packets count */
133 
134 	long long bytes_lp;	/* Bytes per long period */
135 	long long bps_lp;	/* Bytes per second per long period */
136 
137 	long long packets_lp;	/* Packets per long period */
138 	long long pps_lp;	/* Bytes per second per long period */
139 
140 	double avg_period;	/* Averaging period, seconds */
141 
142 	unsigned int sample_count;	/* NetFlow sampling-mode counter */
143 
144 	/*
145 	 * Internal stuff.
146 	 */
147 	struct packet_source_s *next;
148 } packet_source_t;
149 
150 packet_source_t *create_packet_source(char *ifname, int iflags, char *filter);
151 int init_packet_source(packet_source_t *, int retry_mode);
152 void destroy_packet_source(packet_source_t *ps);
153 
154 const char *IFNameBySource(void *psrc);
155 
156 #endif	/* __PSRC_H__ */
157