1 /* interfaces.h
2  * Definitions for network interfaces and capturing packets
3  *
4  * Yersinia
5  * By David Barroso <tomac@yersinia.net> and Alfredo Andres <aandreswork@hotmail.com>
6  * Copyright 2005-2017 Alfredo Andres and David Barroso
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * as published by the Free Software Foundation; either version 2
11  * of the License, or (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
21  */
22 
23 #ifndef __INTERFACES_H__
24 #define __INTERFACES_H__
25 
26 #include <pcap.h>
27 #include <libnet.h>
28 
29 #include "protocols.h"
30 #include "thread-util.h"
31 #include "terminal-defs.h"
32 #include "dlist.h"
33 
34 #ifndef BPDU_TCN
35 #define BPDU_TCN  0x80
36 #endif
37 
38 #define ALL_INTS -1
39 
40 /* Max protocol queue size */
41 #define MAX_QUEUE 5
42 
43 #ifndef IFNAMSIZ
44 #define IFNAMSIZ 16
45 #endif
46 
47 #define PCAP_DESC 16
48 #define IPADDRSIZ 46
49 
50 #define PROMISC   1
51 #define TIMEOUT   500
52 #define FILTER    "stp || (udp and (port 1985 or port 68 or port 67)) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2000) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2004) || (ether host 01:00:0c:cc:cc:cc and ether[20:2] = 0x2003) || arp || (ether[12:2] = 0x8100) || (ether[14]=0xaa and ether[15]=0xaa and ether[0]=0x01 and ether[1]=0x00 and ether[2]=0x0c and ether[3]=0x00 and ether[4]=0x00) || (ether[0]=0x01 and ether[1]=0x80 and ether[2]=0xc2 and ether[12:2] = 0x888e) || mpls"
53 
54 /* Fields for recognizing packets */
55 #define F_ETHERTYPE 1
56 #define F_LLC_SSAP  2
57 #define F_LLC_DSAP  3
58 #define F_LLC_SNAP  4
59 #define F_LLC_CISCO 5
60 #define F_DMAC_1    6
61 #define F_DMAC_2    7
62 #define F_DMAC_3    8
63 #define F_DMAC_4    9
64 #define F_DMAC_5    10
65 #define F_DMAC_6    11
66 #define F_UDP_PORT  12
67 
68 #define NO_TIMEOUT  0
69 
70 list_t *interfaces;
71 
72 struct interface_data {
73        int8_t   up;                  /* is it active? */
74        char     ifname[IFNAMSIZ+1];  /* Interface name */
75        int      iflink;               /* Type of data link */
76        char     iflink_name[PCAP_DESC+1];
77        char     iflink_desc[PCAP_DESC+1];
78        int8_t   desc[PCAP_DESC+1];
79        u_int8_t etheraddr[ETHER_ADDR_LEN]; /* MAC Address */
80        char     ipaddr[IPADDRSIZ+1];    /* IP address */
81        char     netmask[IPADDRSIZ+1];   /* Netmask address */
82        char     broadcast[IPADDRSIZ+1]; /* Broadcast address */
83        char     ptpaddr[IPADDRSIZ+1];   /* Point-to-point (if suitable) */
84        pcap_t  *pcap_handler;     /* Libpcap handler */
85        int      pcap_file;            /* Libpcap file handler */
86        libnet_t *libnet_handler; /* Libnet handler */
87        u_int16_t users;            /* number of clients using it */
88        u_int32_t packets[MAX_PROTOCOLS];
89        u_int32_t packets_out[MAX_PROTOCOLS];
90 };
91 
92 struct counter_stats {
93        u_int32_t total_packets;
94        u_int32_t total_packets_out;
95 };
96 
97 
98 struct packet_stats {
99        struct counter_stats global_counter;
100 };
101 
102 struct packet_queue {
103        struct pcap_data data[MAX_QUEUE];
104        pthread_mutex_t mutex;
105        u_int16_t index;
106 };
107 
108 int8_t  interfaces_init(THREAD *);
109 int8_t  interfaces_init_data(struct interface_data *);
110 int16_t interfaces_enable(char *);
111 int16_t interfaces_get(char *);
112 struct  interface_data *interfaces_get_struct(char *);
113 int8_t  interfaces_disable(char *);
114 int8_t  interfaces_init_pcap(char *);
115 int8_t  interfaces_init_libnet(char *);
116 void    interfaces_th_pcap_listen(void *);
117 void    interfaces_th_pcap_listen_exit(THREAD *);
118 void    interfaces_th_pcap_listen_clean(void *);
119 struct  interface_data *interfaces_get_packet(list_t *, struct interface_data *, u_int8_t *stop, struct pcap_pkthdr *, u_int8_t *, u_int16_t, time_t);
120 int8_t  interfaces_clear_stats(int8_t);
121 int8_t  interfaces_destroy(THREAD *);
122 u_int16_t interfaces_update_stats(struct pcap_data *);
123 int8_t    interfaces_recognize_packet(u_int8_t *, struct pcap_pkthdr *);
124 int8_t    interfaces_pcap_file_open(struct term_node *, u_int8_t, char *, char *);
125 int8_t    interfaces_pcap_file_close(struct term_node *, u_int8_t);
126 u_int8_t  interfaces_get_last_int(u_int8_t);
127 int       interfaces_compare(void *, void *);
128 int16_t   interfaces_get_enabled( char *);
129 
130 #ifndef HAVE_PCAP_DUMP_FLUSH
131 int8_t  pcap_dump_flush(pcap_dumper_t *);
132 #endif
133 
134 /* External stuff */
135 extern pthread_mutex_t mutex_int;
136 extern struct  terminals *terms;
137 extern int8_t  fatal_error;
138 extern struct  packet_queue queue[];
139 extern struct  packet_stats packet_stats;
140 extern struct  packet_data packet_data;
141 extern FILE   *log_file;
142 extern void    thread_error(char *, int8_t);
143 extern int8_t  thread_destroy(THREAD *);
144 
145 extern struct term_tty *tty_tmp;
146 
147 #endif
148 /* vim:set tabstop=4:set expandtab:set shiftwidth=4:set textwidth=120: */
149