| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Make the __proto_field_set_bytes() take a const uint8_t *bytes pointer
and also changed all callers accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
If a non-accessible (or non-existing) file is passed to trafgen and the
-p/--cpp option is used, the preprocessor will fail but trafgen will
continue running and producing follow-up errors messages:
cpp: error: foo.conf: No such file or directory
cpp: warning: ‘-x c’ after last input file has no effect
cpp: fatal error: no input files
compilation terminated.
0 packets to schedule
Enabled kernel qdisc bypass
0 bytes in total
Running! Hang up with ^C!
Enabled kernel qdisc bypass
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
TX,V2: 0.50 MiB, 256 Frames, each 2048 Byte allocated
0 packets outgoing
0 bytes outgoing
0 sec, 0 usec on CPU0 (0 packets)
0 sec, 0 usec on CPU1 (0 packets)
To avoid this, check that the file is readable before passing it to the
preprocessor and error out if is not readable.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Protocols are registered early at startup and aren't changed at runtime.
In order to speed up lookup while parsing, store the pointers to the
protocol definitions (struct proto_hdr) in an array, indexed by protocol
id rather than in a linked list.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use a module variable to access the proto context instead of storing a
pointer in every header.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Usually proto fields array are sorted in the same order as the
respective enum. Thus, the id can be used used as an array index for
faster lookup.
Add an explanatory comment and enforce the correspondence of id and
index using bug_on().
This will make csum field calculation a little faster at runtime.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
With libnl being made optional in commits 20a5e15443bf ("netsniff-ng:
Allow to compile without libnl") and c831bcda3e26 ("trafgen: Allow to
compile without libnl"), we can now compile netsniff-ng and trafgen
without libnl being present.
For now we don't consider libnl and libnl-route separately, meaning that
if libnl-route is not present, we disable libnl support entirely.
Also add a configure option to explicitely disable building netsniff-ng
and trafgen with libnl support.
Based on original patch by Vadim Kochan.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
One might not want to install libnl just for sniffing packets, for
example if netsniff-ng will be compiled on embedded or switch system.
Hide libnl dependend code if CONFIG_LIBNL=0.
In case the `--rfraw' option is used, the user will get a panic
message. In case of netlink messages being sniffed, they will not be
dissected.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
trafgen uses libnl only to inject mac80211 frames but
it might be not needed in some embedded or switch environments.
Let's make it possible to disable this feature.
In case the `--rfraw' option is used, the user will get a panic
message.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Make the configure script accept command line options similar to the
autotools generated configure. Implement --disable-geoip and
--disable-zlib and use the to replace the respective DISABLE_* variables
introduced in 0349b93a6689a ("build: configure: Allow to disable support
for libgeoip and zlib").
Also update INSTALL and the travis CI configuration accordingly.
Based on previous work by Vadim Kochan.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Until now headers were used only for packet creation at compile time,
which does not allow to handle dynamic field updates at runtime. To
support dynamic updates, it is necessary to keep the proto_hdr entries
around after packet compilation so we can reference the header fields to
dynamically update.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: Adjust patch description, simplify code]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Using of current_packet() is not possible for dynamically updated fields
so we need to keep the packet index in proto_hdr struct to reference the
correct packet.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Locally administered addresses do not contain an OUI, thus do not try to
resolve it. Instead show "Locally Administered" as the vendor string.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The packets filtered out due to pkt_type are incoming packets
effectively dropped and should be accounted as such.
This patch explicitly accounts for the skipped packets number in
skip_packet() and adds this number to the 'drop' and 'seen'
counters in update_rx_stats().
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The same code for applying dynamic elements to a packet is used for both
slow & fast path modes, so let's move it into one inlined function.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently in receive_to_xmit() pkts_seen is incremented before the
packet type check, but failing the latter will cause the packet to be
ignored, pretty much as if it failed to pass the filter.
This change moves the accunting after the check, as is currently
done in both walk_t3_block() and recv_only_or_dump().
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Paolo Abeni to AUTHORS for commit 81f8c546d90b ("netsniff-ng: Skip
duplicated packets on loopback device").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
When sniffing on the loopback device, each packet will be seen
twice, once per direction. To avoid duplicates, explicitly
skip OUTGOING packets received from loopback, if no packet_type
filter is explicitly set.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Do not use user-provided 'len' field for csum calculation which
is potentially dangerous due to possible read buffer overflows.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: reword commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It is potentially dangerous to use the user specified IHL field for
csum calculation, as it might lead to read buffer overflows.
Instead introduce and use the len field in struct proto_hdr which is
calculated automatically after the header is built.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: reword commit message]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Set default ip proto field to IPPROTO_IPV6(41) if the higher protocol
was specified as ipv6().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating ICMPv4 headers using the 'icmp4()/icmpv4()'
trafgen generation functions.
Fields supported:
type Set type field (default 0: Echo reply)
Supported keywords: echorequest, echoreply
code Set code field (default 0)
csum Set checksum field (calculated by default)
mtu Set mtu field for destination unreachable (default 0)
seq Set sequence field (default 0)
id Set identifier field (default 0)
addr Set redirect address (default 0.0.0.0)
Example (send ping request):
{ icmpv4(echorequest, seq=1, id=1326) }
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tk: squash commits, consistency between functionality and docu]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
After splitting etype & type to different tokens it is possible
to use 'type' for ICMP type field which is used by RFC.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Split [e]type to separate 'type' & 'etype' keywords,
the reason is that 'type' might be used in other protocol
headers (e.g. ICMP).
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add Hisao Tanabe to AUTHORS for commit b0230ce4 ("man: netsniff-ng: Fix
usage example description").
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix the input device name that is used in the description of the usage
example.
Signed-off-by: Hisao Tanabe <xtanabe@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
It might be more understandable to print unsupported
pcap magic number in hexadecimal format.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix warnings such as the following, reported by lintian [1]:
usr/share/man/man8/mausezahn.8.gz 106: warning: macro `'own''' not defined
[1]
https://lintian.debian.org/maintainer/daniel.borkmann@alumni.ethz.ch.html#netsniff-ng
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Update README.devel with information about the Travis CI Coverity
integration.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Move the coverity_scan configuration to the exisint, otherwise the apt
packages won't get installed it seems.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Set up Travis CI integration for Coverity scan according to
https://scan.coverity.com/travis_ci
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The parameters to tpacket_uhdr_vlan_tci() and tpacket_uhdr_vlan_proto()
might be unused, depending on the definition of HAVE_TPACKET3 and
TP_STATUS_VLAN_TPID_VALID. Thus, mark them with __maybe_unused to
prevent -Wunused-parameter warnings.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
setup_ring_layout_generic() takes an "int sock" parameter but never uses
it. Remove it to prevent -Wunused-parameter warnings.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Mark the nf_conntrack_msg_type parameter to flow_dump_cb with
__maybe_unused to prevent a warning when compiling with
-Wunused-parameter.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This fixes the following -Wunused-parameter warning:
ifpps.c: In function ‘on_panic_handler’:
ifpps.c:1128:36: warning: unused parameter ‘arg’ [-Wunused-parameter]
static void on_panic_handler(void *arg)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The only place where flow_list_update_entry() is called passes the
global flow_list anyway, so use the passed argument instead of the
global. This fixes the following -Wunused-parameter warning:
flowtop.c: In function ‘flow_list_update_entry’:
flowtop.c:1438:53: warning: unused parameter ‘fl’ [-Wunused-parameter]
static int flow_list_update_entry(struct flow_list *fl, struct nf_conntrack *ct)
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The WINDOW *screen parameter to draw_help() and draw_footer() is unused,
so remove it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Remove unused "screen" & "line" parameters from draw_flow_entry().
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use mkstemps() to safely create a unique temporary file instead of using
rand() to manually create a (potentially unsafe) temporary filename.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use the mkostemp_or_die() wrapper introduced in commit a87f181bd836
("ioops: Add mkostemp_or_die") to safely create a unique temporary file
instead of using rand() to manually create a (potentially unsafe)
temporary filename.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add a panic()ing wrapper for mkostemp(3). This will be used to safely
create unique temporary files.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating simple ICMPv6 headers using the 'icmp6()/icmpv6()'
trafgen generation function.
Fields supported:
mtype Message type (default: 0)
Supported keywords: echorequest, echoreply
code Code (default: 0)
csum Message checksum (calculated by default)
Examples:
{ eth(), ipv6(daddr=::1), icmpv6(echorequest), 42, 42, 0, 0 }'
If not explicitely specified, the lower header is initialized as Ethernet.
Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Support for generating simple IPv6 headers using the 'ip6()/ipv6()'
trafgen generation function.
Fields supported:
ver|version Version (default: 6)
tc|tclass Traffic class (default: 0)
fl|flow Flow Label (default: 0)
len|length Payload length (calculated by default)
nh|nexthdr Type of next header (default: 0)
hl|hoplimit|ttl Hop Limit, TTL (default: 0)
sa|saddr Source IPv6 address (default: device address)
da|daddr Destination IPv6 address (default: 0:0:0:0:0:0:0:0)
Examples:
{ eth(), ipv6(daddr=1:2:3:4:5:6:7:8) }
{ ipv6(tc=2, hl=3, daddr=::1) }
{ eth(), ipv6(nh=58, sa=2001:db8::, da=::1), 128, 0, 0x52, 0x03, 0, 0, 0, 0 }
If not explicitely specified, the lower header is initialized as Ethernet.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Show how the trafgen header generation functions can make a trafgen
script much more concise by rewritting Jesper's example using these
functions.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In some cases we use panic() in situations where the error could only
happen due to an implementation error. Use bug() there as it is more
applicable, as panic() is mainly used to report system call errors.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
There is no point in outputing the true no-op command, as it will only
clutter the logs.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add another tip how to activate conntrack mechanism by
loading required kernel modules via modprobe. This info
might be used to make these modules load automatically at startup.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Simplify screen refresh logic by removing tricky delay
logic which freezes a little key pressing.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Don't use refresh() & clear() as we draw entire screen
and flows table will be filled with empty rows.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fill table with empty rows while clearing.
It will allow to get rid of clear() & refresh() each time
before print the flows list.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Used new UI table API for flows printing to make it more
generic. Also it will allow to have same code to dump
flows in text mode.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
