| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
If the file that GeoIP mirror addresses are being read from lacks a
terminating newline, then the code that reads them in exhibits an
off-by-one error.
Example of such a file:
$ xxd /etc/netsniff-ng/geoip.conf
00000000: 6765 6f6c 6974 652e 6d61 786d 696e 642e geolite.maxmind.
00000010: 636f 6d com
Fix this by explicitly getting the part of the string before the
newline using `strcspn`.
Signed-off-by: Mandar Gokhale <mandarg@mandarg.com>
|
|
The /etc directory shouldn't contain non-human-readable files.
netsniff-ng (when called with the '-U' option) currently installs the
GeoIP database files to /etc/netsniff-ng by default.
Change this to install them to $(PREFIX)/share/netsniff-ng instead,
which is conformant to the FHS [1].
[1] https://wiki.debian.org/FilesystemHierarchyStandard
Also create the respective directory in the 'make install' target.
Fixes #187
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
GeoIP_record_by_ipnum{,_v6} returns allocated pointer to
GeoIPRecord with allocated city, region & postal_code which is
not freed after the call.
Fixed by xstrdup-ing required GeoIPRecord member (city/region) and
after calling GeoIPRecord_delete to free the geoip record.
Of course it is needed to also free obtained city/region in netsniff-ng,
astraceroute & flowtop tools.
Fixes #169
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Add func to get country code-3 name by IPv4/6 address
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The lines in an HTTP request should all end with \r\n (CRLF) according
to RFC 2616, so use these consistently.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
The end of the buffer might already contain part of the data payload.
Setting the last byte to 0 will thus corrupt the gz file, leading to
failed decompression (or previously, to invalid GeoIP database files).
The NULL-termination is not necessary in this case, so just omit it.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
In case the downloaded gzip file got corrupted somehow, the gzread would
fail, leaving part of the file uninflated and thus leading to a
corrupted GeoIP database. This can in the worst case lead to a crash in
libgeoip which in turn causes netsniff-ng/flowtop/astraceroute to crash.
So better panic() if we fail to uncompress.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
All found using codespell.
s/addres/address/
s/noone/no one/
s/endianess/endianness/
s/Successfull/Successful/
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
I have no enough arguments for this fix but it
fixes the failing of geoip updating.
Seems "shutdown(..)" closes socket too early.
So shutdown(...) is removed and added "Connection: close"
http header which says http server to close connection after
response will be sent.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Fixes the following sparse warnings:
geoip.c:76:30: warning: Using plain integer as NULL pointer
geoip.c:78:30: warning: Using plain integer as NULL pointer
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Change the interface to the geoip_* functions to take a pointer to a
struct sockaddr_in{,6} instead of the struct itself.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Currently, the path to the configuration files is hardcoded to
$PREFIX/etc/netsniff-ng.
If we want to keep the configuration files outside of prefix (e.g.
during development), we need to pass the complete path as specified in
$ETCDIRE (and $ETCDIR respectively, which could e.g. be overriden on the
command line during build install) as a preprocessor define.
This way, we can e.g. install the configuration files to /etc while
installing the binaries in /usr/local with:
$ make PREFIX=/usr/local ETCDIR=/etc
$ make PREFIX=/usr/local ETCDIR=/etc install
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Introduce non-typechecking versions of min_t() and max_t() and use them
where a cast would be needed.
The macros were taken from the Linux Kernel, release under GPL v2.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
array_size() returns size_t, thus make iterator variables comparing
against it size_t too to avoid a warning regarding comparison of
signed/unsigned.
Also cast some ssize_t variables passed to min() for the same reason.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Bail out if it should ever fail. Detected by coverty in the
translate_pcap_to_txf() path.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Finally eliminate xutils.{c,h} and move the rest to epoll2.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Rename xio to ioops (io-ops) and boil its include files down to a
minimum.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Break out all string handling functions and lockme stuff in order
to further eliminate the big code blob in xutils, so that it can
be easier maintained.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
In certain error cases, the file/socket descriptors are not closed
in geoip_get_database(). This was discovered by the coverity scanner.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
When setting a prefix from the build system, also pass this through the
hard coded strings for config file locations in the toolkit, so that the
installed files (which use PREFIX) can be properly found.
Suggested-by: Peter Stuge <peter@stuge.se>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Coverty detected, when we are in an error condition, we do not close
file handles, but just return instead. Thus, reorder statements, so
that file handles are closed for sure.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Make sure raw is null-terminated after we read the buffer that we
receive from the remote end. Detected by coverty scan.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
We decided to get rid of the old Git history and start a new one for
several reasons:
*) Allow / enforce only high-quality commits (which was not the case
for many commits in the history), have a policy that is more close
to the one from the Linux kernel. With high quality commits, we
mean code that is logically split into commits and commit messages
that are signed-off and have a proper subject and message body.
We do not allow automatic Github merges anymore, since they are
total bullshit. However, we will either cherry-pick your patches
or pull them manually.
*) The old archive was about ~27MB for no particular good reason.
This basically derived from the bad decision that also some PDF
files where stored there. From this moment onwards, no binary
objects are allowed to be stored in this repository anymore.
The old archive is not wiped away from the Internet. You will still
be able to find it, e.g. on git.cryptoism.org etc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
