1 /* interfaces.h 2 * Definitions for network interfaces and capturing packets 3 * 4 * Yersinia 5 * By David Barroso <tomac@yersinia.net> and Alfredo Andres <aandreswork@hotmail.com> 6 * Copyright 2005-2017 Alfredo Andres and David Barroso 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 2 11 * of the License, or (at your option) any later version. 12 * 13 * This program is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 * GNU General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 21 */ 22 23 #ifndef __INTERFACES_H__ 24 #define __INTERFACES_H__ 25 26 #include <pcap.h> 27 #include <libnet.h> 28 29 #include "protocols.h" 30 #include "thread-util.h" 31 #include "terminal-defs.h" 32 #include "dlist.h" 33 34 #ifndef BPDU_TCN 35 #define BPDU_TCN 0x80 36 #endif 37 38 #define ALL_INTS -1 39 40 /* Max protocol queue size */ 41 #define MAX_QUEUE 5 42 43 #ifndef IFNAMSIZ 44 #define IFNAMSIZ 16 45 #endif 46 47 #define PCAP_DESC 16 48 #define IPADDRSIZ 46 49 50 #define PROMISC 1 51 #define TIMEOUT 500 52 #define FILTER "stp || (udp and (port 1985 or port 68 or port 67)) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2000) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2004) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2003) || arp || (ether[12:2] = 0x8100) || (ether[14]=0xaa and ether[15]=0xaa and ether[0]=0x01 and ether[1]=0x00 and ether[2]=0x0c and ether[3]=0x00 and ether[4]=0x00) || (ether[0]=0x01 and ether[1]=0x80 and ether[2]=0xc2 and ether[12:2] = 0x888e) || mpls" 53 54 /* Fields for recognizing packets */ 55 #define F_ETHERTYPE 1 56 #define F_LLC_SSAP 2 57 #define F_LLC_DSAP 3 58 #define F_LLC_SNAP 4 59 #define F_LLC_CISCO 5 60 #define F_DMAC_1 6 61 #define F_DMAC_2 7 62 #define F_DMAC_3 8 63 #define F_DMAC_4 9 64 #define F_DMAC_5 10 65 #define F_DMAC_6 11 66 #define F_UDP_PORT 12 67 68 #define NO_TIMEOUT 0 69 70 list_t *interfaces; 71 72 struct interface_data { 73 int8_t up; /* is it active? */ 74 char ifname[IFNAMSIZ+1]; /* Interface name */ 75 int iflink; /* Type of data link */ 76 char iflink_name[PCAP_DESC+1]; 77 char iflink_desc[PCAP_DESC+1]; 78 int8_t desc[PCAP_DESC+1]; 79 u_int8_t etheraddr[ETHER_ADDR_LEN]; /* MAC Address */ 80 char ipaddr[IPADDRSIZ+1]; /* IP address */ 81 char netmask[IPADDRSIZ+1]; /* Netmask address */ 82 char broadcast[IPADDRSIZ+1]; /* Broadcast address */ 83 char ptpaddr[IPADDRSIZ+1]; /* Point-to-point (if suitable) */ 84 pcap_t *pcap_handler; /* Libpcap handler */ 85 int pcap_file; /* Libpcap file handler */ 86 libnet_t *libnet_handler; /* Libnet handler */ 87 u_int16_t users; /* number of clients using it */ 88 u_int32_t packets[MAX_PROTOCOLS]; 89 u_int32_t packets_out[MAX_PROTOCOLS]; 90 }; 91 92 struct counter_stats { 93 u_int32_t total_packets; 94 u_int32_t total_packets_out; 95 }; 96 97 98 struct packet_stats { 99 struct counter_stats global_counter; 100 }; 101 102 struct packet_queue { 103 struct pcap_data data[MAX_QUEUE]; 104 pthread_mutex_t mutex; 105 u_int16_t index; 106 }; 107 108 int8_t interfaces_init(THREAD *); 109 int8_t interfaces_init_data(struct interface_data *); 110 int16_t interfaces_enable(char *); 111 int16_t interfaces_get(char *); 112 struct interface_data *interfaces_get_struct(char *); 113 int8_t interfaces_disable(char *); 114 int8_t interfaces_init_pcap(char *); 115 int8_t interfaces_init_libnet(char *); 116 void interfaces_th_pcap_listen(void *); 117 void interfaces_th_pcap_listen_exit(THREAD *); 118 void interfaces_th_pcap_listen_clean(void *); 119 struct interface_data *interfaces_get_packet(list_t *, struct interface_data *, u_int8_t *stop, struct pcap_pkthdr *, u_int8_t *, u_int16_t, time_t); 120 int8_t interfaces_clear_stats(int8_t); 121 int8_t interfaces_destroy(THREAD *); 122 u_int16_t interfaces_update_stats(struct pcap_data *); 123 int8_t interfaces_recognize_packet(u_int8_t *, struct pcap_pkthdr *); 124 int8_t interfaces_pcap_file_open(struct term_node *, u_int8_t, char *, char *); 125 int8_t interfaces_pcap_file_close(struct term_node *, u_int8_t); 126 u_int8_t interfaces_get_last_int(u_int8_t); 127 int interfaces_compare(void *, void *); 128 int16_t interfaces_get_enabled( char *); 129 130 #ifndef HAVE_PCAP_DUMP_FLUSH 131 int8_t pcap_dump_flush(pcap_dumper_t *); 132 #endif 133 134 /* External stuff */ 135 extern pthread_mutex_t mutex_int; 136 extern struct terminals *terms; 137 extern int8_t fatal_error; 138 extern struct packet_queue queue[]; 139 extern struct packet_stats packet_stats; 140 extern struct packet_data packet_data; 141 extern FILE *log_file; 142 extern void thread_error(char *, int8_t); 143 extern int8_t thread_destroy(THREAD *); 144 145 extern struct term_tty *tty_tmp; 146 147 #endif 148 /* vim:set tabstop=4:set expandtab:set shiftwidth=4:set textwidth=120: */ 149