1 /* protocols.h 2 * Definitions for protocol stuff 3 * 4 * Yersinia 5 * By David Barroso <tomac@yersinia.net> and Alfredo Andres <aandreswork@hotmail.com> 6 * Copyright 2005-2017 Alfredo Andres and David Barroso 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 2 11 * of the License, or (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 21 */ 22 23 #ifndef __PROTOCOLS_H__ 24 #define __PROTOCOLS_H__ 25 26 #include <pcap.h> 27 #include <sys/socket.h> 28 #include <net/if.h> 29 30 #ifdef SOLARIS 31 typedef uint32_t u_int32_t; 32 typedef uint16_t u_int16_t; 33 typedef uint8_t u_int8_t; 34 #endif 35 36 37 /* Protocols info */ 38 #define PROTO_ARP 0 39 #define PROTO_CDP 1 40 #define PROTO_DHCP 2 41 #define PROTO_DOT1Q 3 42 #define PROTO_DOT1X 4 43 #define PROTO_DTP 5 44 #define PROTO_HSRP 6 45 #define PROTO_ISL 7 46 #define PROTO_MPLS 8 47 #define PROTO_STP 9 48 #define PROTO_VTP 10 49 50 51 #define MAX_PROTOCOLS 11 52 53 #define PROTO_VISIBLE 1 54 #define PROTO_NOVISIBLE 0 55 56 #define NO_PROTO -1 57 #define COMMON_TLV 69 58 59 /* Read the HGTTG */ 60 #define PROTO_ALL 42 61 #define SNAPLEN 1500 62 63 #define MAX_PROTO_NAME 8 64 #define MAX_PROTO_DESCRIPTION 64 65 66 /* different packets received for stats */ 67 #define MAX_PACKET_STATS 10 68 69 /* Packets minimum size */ 70 #define CDP_MIN_LENGTH LIBNET_CDP_H + LIBNET_802_2SNAP_H + LIBNET_802_3_H 71 #define DHCP_MIN_LENGTH LIBNET_DHCPV4_H + LIBNET_UDP_H + LIBNET_IPV4_H + LIBNET_ETH_H 72 #define DOT1Q_MIN_LENGTH LIBNET_802_1Q_H 73 #define DOT1X_MIN_LENGTH LIBNET_802_1X_H 74 #define DTP_MIN_LENGTH 12 + LIBNET_802_2_H + LIBNET_802_3_H 75 #define HSRP_MIN_LENGTH 20 + LIBNET_UDP_H + LIBNET_IPV4_H + LIBNET_ETH_H 76 #define VTP_MIN_LENGTH 40 + LIBNET_802_2_H + LIBNET_802_3_H 77 #define STP_CONF_MIN_LENGTH LIBNET_STP_CONF_H + LIBNET_802_2_H + LIBNET_802_3_H 78 #define STP_TCN_MIN_LENGTH LIBNET_STP_TCN_H + LIBNET_802_2_H + LIBNET_802_3_H 79 80 81 struct term_node; 82 struct attacks; 83 struct _attack_definition; 84 struct pcap_pkthdr; 85 struct words_array; 86 87 struct pcap_data { 88 struct pcap_pkthdr *header; 89 u_int8_t *packet; 90 char iface[IFNAMSIZ+1]; 91 u_int32_t total; 92 }; 93 94 struct proto_features { 95 int8_t field; 96 u_int32_t value; 97 }; 98 99 /* Parameters field types */ 100 #define FIELD_NONE 0 101 #define FIELD_HEX 1 102 #define FIELD_DEC 2 103 #define FIELD_STR 3 104 #define FIELD_MAC 4 105 #define FIELD_BRIDGEID 5 106 #define FIELD_IP 6 107 #define FIELD_TLV 7 108 #define FIELD_IFACE 8 109 #define FIELD_BYTES 9 110 #define FIELD_ENABLED_IFACE 10 111 #define FIELD_DEFAULT 99 112 #define FIELD_EXTRA 100 113 114 /* struct used for protocol parameters */ 115 struct commands_param { 116 u_int8_t id; /* ID */ 117 char *desc; /* Description */ 118 char *ldesc; /* Long description */ 119 u_int16_t size; /* Size */ 120 u_int8_t type; /* Type */ 121 char *help; /* Help text */ 122 char *param; /* Param text */ 123 u_int16_t size_print; /* Allowed printable size */ 124 u_int8_t row; /* Row where the field is displayed (ncurses and GTK) */ 125 u_int8_t mwindow; /* 1 if appears in mwindow, 0 if not */ 126 int8_t (*filter)(void *, void *, char *); /* Filtering function specific for protocol */ 127 const struct tuple_type_desc *meaning; /* filed value description */ 128 }; 129 130 /* struct used for extra protocol parameters (TLV, VLANS, ...) */ 131 struct commands_param_extra { 132 u_int32_t id; 133 char *desc; /* Description */ 134 char *ldesc; /* Long description */ 135 u_int16_t size; /* Size */ 136 u_int8_t type; /* Type */ 137 char *help; /* Help text */ 138 char *param; /* Param text */ 139 u_int16_t size_print; /* Allowed printable size */ 140 u_int8_t mwindow; /* 1 if appears in mwindow, 0 if not */ 141 const struct tuple_type_desc *meaning; /* field value description */ 142 /* int8_t (*filter)(void *, void *, char *);*/ /* Filtering function specific for protocol */ 143 }; 144 145 /* Struct for the list of extra params */ 146 struct commands_param_extra_item { 147 u_int32_t id; 148 u_int8_t *value; 149 }; 150 151 /* struct needed for giving info about packet fields and 152 * letting the user to choose values when crafting the packet */ 153 struct tuple_type_desc { 154 u_int16_t type; 155 char *desc; 156 }; 157 158 struct tuple_tlv { 159 u_int16_t type; 160 u_int8_t format; 161 }; 162 163 typedef int8_t (*init_attribs_t)(struct term_node *); 164 typedef int8_t (*learn_packet_t)(struct attacks *, char *, u_int8_t *, void *, struct pcap_pkthdr *); 165 typedef char **(*get_printable_packet_t)(struct pcap_data *); 166 typedef char **(*get_printable_store_t)(struct term_node *); 167 typedef int8_t (*load_values_t)(struct pcap_data *, void *); 168 typedef int8_t (*update_field_t)(int8_t, struct term_node *, void *); 169 typedef int8_t (*edit_tlv_t)(struct term_node *, u_int8_t, u_int8_t, u_int16_t, u_int8_t *); 170 typedef int8_t (*init_commands_struct_t)(struct term_node *); 171 typedef int8_t (*end_t)(struct term_node *); 172 typedef void *(*get_extra_field_t)(struct term_node *, void *, u_int8_t); 173 174 175 struct protocol_def { 176 u_int8_t proto; /* Proto id */ 177 char namep[MAX_PROTO_NAME + 1]; /* Proto name */ 178 char description[MAX_PROTO_DESCRIPTION + 1]; /* Proto description */ 179 char name_comm[MAX_PROTO_NAME + 1]; /* Protocol name for CLI interface */ 180 u_int8_t active; /* Active or not */ 181 u_int16_t size; /* Struct size */ 182 init_attribs_t init_attribs; 183 learn_packet_t learn_packet; 184 get_printable_packet_t get_printable_packet; 185 get_printable_store_t get_printable_store; 186 load_values_t load_values; 187 struct _attack_definition *attack_def_list; 188 struct pcap_data stats[MAX_PACKET_STATS]; 189 update_field_t update_field; 190 edit_tlv_t edit_tlv; 191 const struct tuple_type_desc *ttd; 192 struct attack_param *tlv; 193 u_int16_t tlv_params; 194 u_int32_t packets; 195 u_int32_t packets_out; 196 struct proto_features *features; 197 void *default_values; 198 init_commands_struct_t init_commands_struct; /* Function for initialize commands struct */ 199 struct commands_param *parameters; 200 u_int8_t nparams; 201 #ifdef HAVE_REMOTE_ADMIN 202 u_int8_t *params_sort; 203 #endif 204 struct commands_param_extra *extra_parameters; 205 u_int8_t extra_nparams; 206 get_extra_field_t get_extra_field; 207 u_int8_t visible; 208 end_t end; 209 }; 210 211 struct protocol_def protocols[MAX_PROTOCOLS]; 212 213 void protocol_init(void); 214 int8_t protocol_register(u_int8_t, const char *, const char *, const char *, 215 u_int16_t, init_attribs_t, learn_packet_t, 216 get_printable_packet_t, get_printable_store_t, 217 load_values_t, struct _attack_definition *, 218 update_field_t, struct proto_features *, 219 struct commands_param *, u_int8_t, 220 struct commands_param_extra *, u_int8_t, get_extra_field_t, 221 init_commands_struct_t, u_int8_t, end_t); 222 int8_t protocol_register_tlv(u_int8_t, edit_tlv_t, const struct tuple_type_desc *, struct attack_param *, u_int16_t); 223 224 void protocol_register_all(void); 225 void protocol_destroy(void); 226 char **protocol_create_printable(u_int8_t, struct commands_param *); 227 #ifdef HAVE_REMOTE_ADMIN 228 char *protocol_sort_str(char *, char *); 229 void protocol_sort_params(u_int8_t, u_int8_t *, u_int8_t); 230 #endif 231 extern void write_log( u_int16_t mode, char *msg, ... ); 232 233 #endif 234 /* vim:set tabstop=4:set expandtab:set shiftwidth=4:set textwidth=120: */ 235