Age | Commit message (Collapse) | Author | Files | Lines |
|
Added dissector_sll.c which uses sockaddr_ll to lookup & print
higher L3 layer protocol.
This dissector is mapped by LINKTYPE_LINUX_SLL link type.
Sample output of dissected Netlink & Ethernet packets.
Truncated manually some longer lines by "...":
> nlmon0 20 1434193547s.717131169ns #6
[ Linux "cooked" Pkt Type 4 (outgoing), If Type 824 (netlink), Addr Len 0, Src (), Proto 0x0 ]
[ NLMSG Family 0 (routing), Len 20, Type 0x0003 (DONE)...
> wlp3s0 52 1434194181s.436224709ns #9
[ Linux "cooked" Pkt Type 4 (outgoing), If Type 1 (ether), Addr Len 6, Src (XX:XX:XX:XX:XX:XX), Proto 0x800 ]
[ IPv4 Addr (XXX.XXX.XXX.XXX => 212.42.76.253), Proto (6), TTL (64), TOS (0), ...
), CSum (0x1ef5) is ok ]
[ Geo (local => Ukraine) ]
[ TCP Port (45849 => 443 (https)), SN (0x1744209), AN (0x46ca9611), DataOff (8) ...
[ Chr .....w.Rj).. ]
[ Hex XX XX XX XX XX XX XX XX XX XX XX XX ]
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Move device string convertions funcs (device_type2str, device_addr2str)
from proto_nlmsg.c to dev.c to use them in other modules.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[ dbkm: minor stylistic fixes ]
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
If the ioctl() fails, the socket still needs to be closed instead of
returning directly.
This issue was discovered using the Coverity scanner.
Fixes: f43bbe9 ("mac80211: Check existence of generated monX device")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Commit f43bbe9e895a ("mac80211: Check existence of generated monX
device") broke starting netsniff-ng w/o any arguments, that is,
sniffing on "any" device. The test in device_ifindex() should be
index < 0.
Fixes: f43bbe9e895a ("mac80211: Check existence of generated monX device")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Fix then case when netsniff-ng fails if there is already an existing
monX device while generating one.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Since entering/leaving promiscuous mode also is a device specific
function and all users of the `promisc' module also use `dev', integrate
it there. Also rename the functions to have a `device_' prefix like the
other functions in the module.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
We don't return negative values and the MTU is supposed to be the
(maximum) length of a packet, thus make it of type size_t. Most of the
users in the code store it in size_t already anyway.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The parameter `ifname' to device_up_and_running() is never modified
inside the function, thus mark it as const.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Use ARPHRD_ETHER for the "any" device, so that when typing "netsniff-ng"
without any arguments, ethernet is assumed.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add a device_type() method to get the assigned dev->type from the
kernel, and add support for automatic selection of the correct pcap
file header's linktype. This needs to be integrated into the core
code though.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Mark them as what is to be most expected.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Simplify code a bit and mark error paths unlikely.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
If we fail to find the ifindex of a given device, bail out.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Finally eliminate xutils.{c,h} and move the rest to epoll2.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Same here as usual, break out link functions from xutils.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Remove them from xutils, and add them to socket management.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Move those functions out so that they can be more easily maintained
in its separate file.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|