1 /*
2 rate -- statistic traffic analyzer
3 Copyright (C) 2003 Mateusz 'mteg' Golicz
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18 */
19 #ifdef HAVE_REGEX
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <unistd.h>
23 #include <string.h>
24 #include <sys/types.h>
25 #include <sys/socket.h>
26 #ifdef OPEN_BSD
27 #include <netinet/in_systm.h>
28 #endif
29 #include <netinet/in.h>
30 #include <netinet/ip.h>
31 #include <netinet/tcp.h>
32 #include <sys/timeb.h>
33 #include <signal.h>
34 #include <time.h>
35 #include <pcap.h>
36 #include "lib.h"
37 #ifdef HAVE_REGEX
38 #include <regex.h>
39 #endif
40 #include "iphash.h"
41 #include "protos.h"
42
43 extern int opt_caplen;
44 extern char opt_nul_char;
45
46 static char * opt_extractor = NULL;
47 static char * opt_order = NULL;
48 static int opt_ips = 0;
49
output(struct timeb * now,int miliFromStart,int miliFromLast,unsigned long long totalbytes,unsigned long long totalpackets,unsigned long nowbytes,unsigned long nowpackets)50 static void output(struct timeb * now, int miliFromStart, int miliFromLast,
51 unsigned long long totalbytes, unsigned long long totalpackets,
52 unsigned long nowbytes, unsigned long nowpackets)
53 {
54 }
55
56
57
counter(const unsigned char * data,int caplen,int len)58 static void counter(const unsigned char * data, int caplen, int len)
59 {
60 extractor(data, caplen, opt_nul_char, opt_ips);
61 }
62
help2(void)63 static void help2(void)
64 {
65 printf("\n\nREGEX EXTRACTOR USAGE: ... -E [-o output pattern] [-i] [-e] <pattern>\n");
66 printf(" -i Show packet source/destination IPs.\n");
67 printf(" -e <r> Extract this pattern from packets.\n");
68 printf(" -o <s> Output pattern.\n");
69 }
70
r_extractor_setup(int argc,char ** argv,void (** custom_output)(struct timeb *,int,int,unsigned long long,unsigned long long,unsigned long,unsigned long),void (** custom_counter)(const unsigned char *,int,int))71 void r_extractor_setup(int argc, char ** argv,
72 void (**custom_output)(struct timeb*, int, int, unsigned long long,
73 unsigned long long, unsigned long, unsigned long),
74 void (**custom_counter)(const unsigned char *, int, int))
75 {
76 int c;
77
78 *custom_output = output;
79 *custom_counter = counter;
80 while((c = getopt(argc, argv, "?ho:e:i")) != EOF)
81 {
82 switch(c)
83 {
84 case '?':
85 case 'h':
86 help(argv[0]);
87 help2();
88 exit(0);
89 case 'o':
90 opt_order = strdup(optarg);
91 break;
92 case 'e':
93 opt_extractor = strdup(optarg);
94 break;
95 case 'i':
96 opt_ips = 1;
97 break;
98 }
99 }
100
101 if(argv[optind])
102 {
103 if(opt_extractor)
104 {
105 fprintf(stderr, "Extracting expression already specified: '%s' and '%s'...\n", opt_extractor, argv[optind]);
106 exit(1);
107 }
108 else
109 opt_extractor = argv[optind++];
110 }
111
112
113 if(!opt_extractor)
114 {
115 fprintf(stderr, "-e option was not specified. It is REQUIRED in this mode. Consult %s -E -h\n", argv[0]);
116 exit(1);
117 }
118
119 if(opt_caplen < 1500) opt_caplen = 1500;
120 prepare_extractor(opt_extractor, opt_order, opt_caplen);
121 }
122 #endif
123