1 #ifndef SANCP_H 2 #include "sancp.h" 3 #endif 4 #define GVARS_H 5 6 #include "pcapFileHandle.h" 7 #include "outputFileHandle.h" 8 #include "MemoryPool.h" 9 10 #define HASH_KEYS 1211 11 #define MAX_IP_PROTO 256 12 13 typedef u_int bpf_u_int32; 14 typedef struct pcap pcap_t; 15 16 /* Modifications to this statement can cause alignment problems with fmtnames[] in sancp.cc */ 17 /* Make certain all id's are represented in the same order (as strings) in fmtnames[] */ 18 /* 'null' is a place holder - in the list for field 0 */ 19 20 enum id {null,sancp_id,start_time_gmt,start_time_local,stop_time_gmt,stop_time_local,erased_time_gmt,erased_time_local,eth_proto_hex,eth_proto,ip_proto,src_ip_decimal,src_ip_dotted,src_port,dst_ip_decimal,dst_ip_dotted,dst_port,duration,timeout,src_pkts,dst_pkts,src_bytes,dst_bytes,sflags_hex,sflags,sflags_1,sflags_2,sflags_U,sflags_A,sflags_P,sflags_R,sflags_S,sflags_F,dflags_hex,dflags,dflags_1,dflags_2,dflags_U,dflags_A,dflags_P,dflags_R,dflags_S,dflags_F,cflags_hex,cflags,cflags_DA,cflags_SA,cflags_DR,cflags_SR,cflags_DF,cflags_SF,ip_len_s,ip_ttl_s,ip_df_s,tcp_wss_s,tcp_mss_s,tcp_wscale_s,tcp_sack_ok_s,tcp_nop_s,ip_len_d,ip_ttl_d,ip_df_d,tcp_wss_d,tcp_mss_d,tcp_wscale_d,tcp_sack_ok_d,tcp_nop_d,total_bytes,collect,collected,climit,tcplag,pcap,realtime,stats,reversed,hash,rid,rgid,node,zone,status,retro,src_mac,dst_mac }; 21 22 struct cnx_queue { 23 struct cnx *head; 24 struct cnx *tail; 25 }; 26 27 struct pcap_pkthdr { 28 struct timeval ts; /* time stamp */ 29 bpf_u_int32 caplen; /* length of portion present */ 30 bpf_u_int32 len; /* length this packet (off wire) */ 31 }; 32 33 34 struct gvars 35 { 36 outputFileHandle *sdF; // global stdout filehandle 37 pcapFileHandle *pfH; // global pcap filehandle 38 outputFileHandle *rfH; // global realtimes filehandle 39 outputFileHandle *sfH; // global stats filehandle 40 fileHandle *cfH; // global .cid filehandle 41 fileHandle *bfH; // global bpf filehandle 42 pcapFileHandle *rpfH; // global raw pcap filehandle 43 int log_facility; 44 u_int8_t node_id; 45 char *username; 46 char *groupname; 47 char *pcap_fname; 48 char *realtime_fname; 49 char *stats_fname; 50 char *bpf_fname; 51 char *bpf_filter; 52 char *config_file; 53 char *input_filename; // pcap -Input- filename [see: -r] 54 char *log_directory; 55 char *default_device; 56 struct timeval timeptr;/// 57 struct timeval timelast;/// 58 struct acl *acl_head; //*acl_tail; 59 struct acl *tacl_head; //*acl_tail; 60 struct vars *var_head; //*acl_tail; 61 struct cnx *cnx_head[HASH_KEYS]; //*cnx_head; 62 struct cnx *cnx_tail[HASH_KEYS]; //*cnx_tail; 63 CMemoryPool *cnx_pool;// 64 CMemoryPool *acl_pool;// 65 struct t_ports *ports[MAX_IP_PROTO]; 66 struct t_ports *tports[MAX_IP_PROTO]; 67 struct cnx_queue expired_cnxs; 68 time_t lastrun;// 69 time_t start_time;// 70 time_t restart_time;// 71 u_int32_t pkts_in, pkts_out, bytes_in, bytes_out; // 72 unsigned long uid; 73 unsigned long gid; 74 u_int16_t default_flush_interval; 75 u_int16_t default_expire_interval; 76 u_int16_t default_timeout; 77 u_int64_t default_limit; 78 u_int16_t default_tcplag; 79 u_int32_t default_ctr; 80 u_int16_t default_node; 81 u_int16_t default_zone; 82 u_int32_t default_rgid; 83 u_int8_t default_status; 84 u_int32_t default_rid; 85 u_int16_t smode:4,rmode:4,pmode:4,enable_cid:1,burst_mode:1,print_schemas:1; 86 u_int64_t cnx_id; 87 u_int8_t daemon_mode:1, uselocaltime:1, strip_80211:1, pcap_raw:1, \ 88 log_icmp_type_code:1, human_readable:1, pcap_shift:2; 89 u_int8_t console_mode:1, cmdl_stats_action:1, cmdl_pcap_action:1, \ 90 cmdl_realtimes_action:1, use_pcap_time:1, shift:1; 91 char *realtime_fmt; 92 char realtime_delimiter; 93 char realtime_eor; 94 int realtime_fmt_len; 95 char *stats_fmt; 96 char stats_delimiter; 97 char stats_eor; 98 int stats_fmt_len; 99 char *stdout_fmt; 100 char stdout_delimiter; 101 char stdout_eor; 102 int stdout_fmt_len; 103 pcap_t *ph; // pcap handle 104 struct pcap_pkthdr *g_pkthdr;// 105 }; 106 107