| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Extended struct proto_hdr with 'index' field which is used for faster
lookup of lower header without doing a loop.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use same function to calculate csum for packet_update and for
packet_finish events.
Allow update csum if one of the ICMPv6 fields was changed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Update csum if any of the ICMPv4 field was changed.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Handle 'field_changed' callback to check if IPv4 csum is needed to be
recalculated, if so - update it on 'packet_update' event.
Added 'is_csum_valid' to proto_hdr struct to check if csum needs to be
updated.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add dynamic proto field function which can generate random value in
specified range (default 0 - MAX_UINT32).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Implement incrementing of proto field at runtime with min & max
parameters, by default if the 'min' parameter is not specified then
original value is used. For fields which len is greater than 4 - last 4
bytes are incremented as 4 byte value (this trick is used to increment
MAC/IPv6 addresses).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add basic infrastructure for update proto field value at runtime by
dynamic field function.
Extended 'struct packet_dyn' with proto fields which has dynamically
changing values at runtime.
Added 'field_changed' callback for proto header which may be used for
check if csum updating is needed. This callback is called after field
was changed at runtime.
Added 'packet_update' callback to let proto header know when to apply
final proto header changes at runtime (e.g. - csum update).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Check device argument by valid ifindex instead of guessing it by
different device name prefixes like "eth", "ath", "ens", "enp".
Use __device_ifindex(...) function for this, which needs to
add few more dependencies like sock.o, link.o to the Makefile for
mausezahn.
Closes #159
Suggested-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add new '--sysconfdir=PREFIX' option to control installation of
config files, files will be installed into PREFIX/etc path.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add new --prefix=PREFIX configure commandline option to specify
installation directory for binaries.
Add additional check in 'Cmds' file if --prefix was specified
from 'configure' script, in that case required installation path
components will be created automatically as it is done for
'make PREFIX=...' option.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Really ui_table_row_print(x) no more prints anything, it
just sets column value in a row.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add left/right scrolling for flows list table to make
possible see all the columns with a smaller display size.
Handle 'Left' & 'Right' keypress to scroll left or right.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Render each column to the ncurses raw buffer first, this buffer
contains ncurses {char:attr} elements which will be printed
to the screen after ui_table_row_show() will
be called (at the end of columns rendering by flowtop).
The reason of this change is to have easy way to
make horizontal scrolling over this buffer.
Approach is used from the 'htop' tool.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Even though it's very unlikely we ever read zero values from the cpu
lines in /proc/stat, we should still protect against division by zero.
Detected using UBSan.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Assign the pointer to the lower layer header on declaration instead of a
separate line.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add '--enable-debug' option to enable debugging symbols, the reason is
to simplify it by ./configure it once and do not execute 'make DEBUG=1'
each time for a long debug session.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently struct proto_hdr is used twofold:
1) Statically define protocol behavior, i.e. all the *_hdr definitions in
trafgen_l{2,3,4}.c which map a protocol id/layer to a set of callback
functions.
2) For each packet created at parse time the struct is memcpy()'ed
(including all the static information from 1) and then used to store
dynamic information at parse/run time.
Thus, struct proto_hdr members such as the proto id, layer and the
pointers callback functions get copied for each created packet (in
addition to the other fields which get changed during parsing). Also,
static/dynamic information get mixed and we e.g. can't make the protocol
definitions const to ensure they'll not get changed by mistake.
Rather than copying the struct proto_hdr for every packet, clearly
separate the two purposes defined above by splitting struct proto_hdr
into two structs:
1) struct proto_ops for the static (const) protocol behavior definition
2) struct proto_hdr (reduced) for dynamic information
struct proto_hdr keeps a pointer to the corresponding proto_ops instance
and uses it to execute the corresponding callbacks.
Reference: https://groups.google.com/forum/#!msg/netsniff-ng/20RvwJdh50Y/eMkbmKSaBgAJ
Acked-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move colorize_xxx macroes to colors.h, the reason is to have one file
for coloring stuff and have less files in the source tree.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Follow common coding style and use:
switch (...)
instead of:
switch(...)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Disable all optimizations with the GCC -O0 switch. Only explicitely
enable additional optimization options for non-debug builds.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make the __proto_field_set_bytes() take a const uint8_t *bytes pointer
and also changed all callers accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If a non-accessible (or non-existing) file is passed to trafgen and the
-p/--cpp option is used, the preprocessor will fail but trafgen will
continue running and producing follow-up errors messages:
cpp: error: foo.conf: No such file or directory
cpp: warning: ā-x cā after last input file has no effect
cpp: fatal error: no input files
compilation terminated.
0 packets to schedule
Enabled kernel qdisc bypass
0 bytes in total
Running! Hang up with ^C!
Enabled kernel qdisc bypass
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
0 packets outgoing
0 bytes outgoing
0 sec, 0 usec on CPU0 (0 packets)
0 sec, 0 usec on CPU1 (0 packets)
To avoid this, check that the file is readable before passing it to the
preprocessor and error out if is not readable.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Protocols are registered early at startup and aren't changed at runtime.
In order to speed up lookup while parsing, store the pointers to the
protocol definitions (struct proto_hdr) in an array, indexed by protocol
id rather than in a linked list.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use a module variable to access the proto context instead of storing a
pointer in every header.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Usually proto fields array are sorted in the same order as the
respective enum. Thus, the id can be used used as an array index for
faster lookup.
Add an explanatory comment and enforce the correspondence of id and
index using bug_on().
This will make csum field calculation a little faster at runtime.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
With libnl being made optional in commits 20a5e15443bf ("netsniff-ng:
Allow to compile without libnl") and c831bcda3e26 ("trafgen: Allow to
compile without libnl"), we can now compile netsniff-ng and trafgen
without libnl being present.
For now we don't consider libnl and libnl-route separately, meaning that
if libnl-route is not present, we disable libnl support entirely.
Also add a configure option to explicitely disable building netsniff-ng
and trafgen with libnl support.
Based on original patch by Vadim Kochan.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
One might not want to install libnl just for sniffing packets, for
example if netsniff-ng will be compiled on embedded or switch system.
Hide libnl dependend code if CONFIG_LIBNL=0.
In case the `--rfraw' option is used, the user will get a panic
message. In case of netlink messages being sniffed, they will not be
dissected.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
trafgen uses libnl only to inject mac80211 frames but
it might be not needed in some embedded or switch environments.
Let's make it possible to disable this feature.
In case the `--rfraw' option is used, the user will get a panic
message.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make the configure script accept command line options similar to the
autotools generated configure. Implement --disable-geoip and
--disable-zlib and use the to replace the respective DISABLE_* variables
introduced in 0349b93a6689a ("build: configure: Allow to disable support
for libgeoip and zlib").
Also update INSTALL and the travis CI configuration accordingly.
Based on previous work by Vadim Kochan.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Until now headers were used only for packet creation at compile time,
which does not allow to handle dynamic field updates at runtime. To
support dynamic updates, it is necessary to keep the proto_hdr entries
around after packet compilation so we can reference the header fields to
dynamically update.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Adjust patch description, simplify code]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Using of current_packet() is not possible for dynamically updated fields
so we need to keep the packet index in proto_hdr struct to reference the
correct packet.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Locally administered addresses do not contain an OUI, thus do not try to
resolve it. Instead show "Locally Administered" as the vendor string.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The packets filtered out due to pkt_type are incoming packets
effectively dropped and should be accounted as such.
This patch explicitly accounts for the skipped packets number in
skip_packet() and adds this number to the 'drop' and 'seen'
counters in update_rx_stats().
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The same code for applying dynamic elements to a packet is used for both
slow & fast path modes, so let's move it into one inlined function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently in receive_to_xmit() pkts_seen is incremented before the
packet type check, but failing the latter will cause the packet to be
ignored, pretty much as if it failed to pass the filter.
This change moves the accunting after the check, as is currently
done in both walk_t3_block() and recv_only_or_dump().
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Paolo Abeni to AUTHORS for commit 81f8c546d90b ("netsniff-ng: Skip
duplicated packets on loopback device").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
When sniffing on the loopback device, each packet will be seen
twice, once per direction. To avoid duplicates, explicitly
skip OUTGOING packets received from loopback, if no packet_type
filter is explicitly set.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not use user-provided 'len' field for csum calculation which
is potentially dangerous due to possible read buffer overflows.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: reword commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is potentially dangerous to use the user specified IHL field for
csum calculation, as it might lead to read buffer overflows.
Instead introduce and use the len field in struct proto_hdr which is
calculated automatically after the header is built.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: reword commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Set default ip proto field to IPPROTO_IPV6(41) if the higher protocol
was specified as ipv6().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating ICMPv4 headers using the 'icmp4()/icmpv4()'
trafgen generation functions.
Fields supported:
type Set type field (default 0: Echo reply)
Supported keywords: echorequest, echoreply
code Set code field (default 0)
csum Set checksum field (calculated by default)
mtu Set mtu field for destination unreachable (default 0)
seq Set sequence field (default 0)
id Set identifier field (default 0)
addr Set redirect address (default 0.0.0.0)
Example (send ping request):
{ icmpv4(echorequest, seq=1, id=1326) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: squash commits, consistency between functionality and docu]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
After splitting etype & type to different tokens it is possible
to use 'type' for ICMP type field which is used by RFC.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Split [e]type to separate 'type' & 'etype' keywords,
the reason is that 'type' might be used in other protocol
headers (e.g. ICMP).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Hisao Tanabe to AUTHORS for commit b0230ce4 ("man: netsniff-ng: Fix
usage example description").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix the input device name that is used in the description of the usage
example.
Signed-off-by: Hisao Tanabe <xtanabe@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It might be more understandable to print unsupported
pcap magic number in hexadecimal format.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix warnings such as the following, reported by lintian [1]:
usr/share/man/man8/mausezahn.8.gz 106: warning: macro `'own''' not defined
[1]
https://lintian.debian.org/maintainer/daniel.borkmann@alumni.ethz.ch.html#netsniff-ng
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Update README.devel with information about the Travis CI Coverity
integration.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move the coverity_scan configuration to the exisint, otherwise the apt
packages won't get installed it seems.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Set up Travis CI integration for Coverity scan according to
https://scan.coverity.com/travis_ci
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
