1 /* 2 * Copyright (c) 2003 Can Erkin Acar 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #ifndef _PRIVSEP_H_ 18 #define _PRIVSEP_H_ 19 20 #include <pcap-int.h> 21 22 #define TCPDUMP_MAGIC 0xa1b2c3d4 23 24 enum cmd_types { 25 PRIV_OPEN_BPF, /* open a bpf descriptor */ 26 PRIV_OPEN_DUMP, /* open dump file for reading */ 27 PRIV_OPEN_PFOSFP, /* open pf.os(5) fingerprint db for reading */ 28 PRIV_OPEN_OUTPUT, /* open output file */ 29 PRIV_SETFILTER, /* set a bpf read filter */ 30 PRIV_GETHOSTBYADDR, /* resolve numeric address into hostname */ 31 PRIV_ETHER_NTOHOST, /* translate ethernet address into host name */ 32 PRIV_GETRPCBYNUMBER, /* translate rpc number into name */ 33 PRIV_GETSERVENTRIES, /* get the service entries table */ 34 PRIV_GETPROTOENTRIES, /* get the ip protocol entries table */ 35 PRIV_LOCALTIME, /* return localtime */ 36 PRIV_INIT_DONE, /* signal that the initialization is done */ 37 PRIV_PCAP_STATS /* get pcap_stats() results */ 38 }; 39 40 struct ether_addr; 41 42 /* Privilege separation */ 43 int priv_init(int, char **); 44 __dead void priv_exec(int, char **); 45 void priv_init_done(void); 46 47 int setfilter(int, int, char *); 48 int pcap_live(const char *, int, int, u_int, u_int, u_int); 49 50 struct bpf_program *priv_pcap_setfilter(pcap_t *, int, u_int32_t); 51 pcap_t *priv_pcap_live(const char *, int, int, int, char *, u_int, 52 u_int, u_int); 53 pcap_t *priv_pcap_offline(const char *, char *); 54 55 size_t priv_gethostbyaddr(char *, size_t, int, char *, size_t); 56 size_t priv_ether_ntohost(char *, size_t, struct ether_addr *); 57 size_t priv_getrpcbynumber(int, char *, size_t); 58 59 struct tm *priv_localtime(const time_t *); 60 61 /* Start getting service entries */ 62 void priv_getserventries(void); 63 64 /* Retrieve a single service entry, should be called repeatedly after 65 calling priv_getserventries() until it returns zero */ 66 size_t priv_getserventry(char *, size_t, int *, char *, size_t); 67 68 /* Start getting ip protocol entries */ 69 void priv_getprotoentries(void); 70 71 /* Retrieve a single protocol entry, should be called repeatedly after 72 calling priv_getprotoentries() until it returns zero */ 73 size_t priv_getprotoentry(char *, size_t, int *); 74 75 /* Retrieve pf.os(5) fingerprints file descriptor */ 76 int priv_open_pfosfp(); 77 78 /* Return the pcap statistics upon completion */ 79 int priv_pcap_stats(struct pcap_stat *); 80 81 pcap_dumper_t *priv_pcap_dump_open(pcap_t *, char *); 82 83 /* File descriptor send/recv */ 84 void send_fd(int, int); 85 int receive_fd(int); 86 87 /* communications over the channel */ 88 int may_read(int, void *, size_t); 89 void must_read(int, void *, size_t); 90 void must_write(int, const void *, size_t); 91 size_t read_block(int, char *, size_t, const char *); 92 size_t read_string(int, char *, size_t, const char *); 93 void write_block(int, size_t, const char *); 94 void write_command(int, int); 95 void write_string(int, const char *); 96 void write_zero(int); 97 98 extern int priv_fd; 99 100 #endif 101