summaryrefslogtreecommitdiff
path: root/netsniff-ng.c
AgeCommit message (Collapse)AuthorFilesLines
2014-04-30ring: Consistently use size_t to specify ring sizeTobias Klauser1-4/+8
The mm_len member of struct ring is of type size_t, but in the code paths leading to set it, unsigned int is used. In circumstances where unsigned int is 32 bit and size_t is 64 bit, this could lead to an integer overflow, which causes an improper ring size being mmap()'ed in mmap_ring_generic(). In order to prevent this, consistently use size_t to store the ring size, since this is also what mmap() takes as its `length' parameter. This now allows to specify ring sizes larger than 4 GiB for both netsniff-ng and trafgen (fixes #90). Reported-by: Jon Schipp <jonschipp@gmail.com> Reported-by: Michał Purzyński <michalpurzynski1@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-04-30netsniff-ng: Fix whitespacesTobias Klauser1-3/+3
Remove some leading/trailing whitespaces. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-04-28netsniff-ng: Remove locally declared labelsTobias Klauser1-13/+4
These usually only make sense for complex macros which are expanded moree than once. The label for `out' doesn't make sense anyhow as it is declared on function level. Also don't indent the labels, so they're clearer to spot. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-04-12built_in: changed to use RUNTIME_PAGE_SIZE instead of PAGE_SIZEChristian Wiese1-1/+1
References: https://github.com/netsniff-ng/netsniff-ng/commit/453f6eb9d79dd5aa2812ef956b22723f0a493086 https://github.com/netsniff-ng/netsniff-ng/pull/112 Signed-off-by: Christian Wiese <chris@opensde.org> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2014-04-07pcap_io: fill sll when reading pcapDaniel Borkmann1-2/+2
When reading from a pcap in Kuznetsov/netsniff-ng format, we currently do not fill out sll. Do so so that users can see pkttype and the interface. Reported-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2014-02-21netsniff-ng: Exit gracefully for all possible termination signalsTobias Klauser1-0/+4
Handle all termination signals that we're allowed to handle (SIGKILL can't be handled) in order to exit gracefully in any regular termination case. Without this fix, pcap files written by netsniff-ng might be corrupted. Reported-by: Mike Westmacott <mikewestmacott@googlemail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-10-10netsniff-ng: Don't modify optarg/argvTobias Klauser1-2/+0
We shouldn't modify optarg (and thus argv) since it's e.g. used to display the commandline string in `ps'. Since strtoul() reads until it encounters the first non-numeric character and ignores the rest, we can just revert from setting a NULL byte after the numeric part of the string. Reported-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-10-10netsniff-ng: Use strtoul() instead of strtol() for unsigned longTobias Klauser1-4/+4
If setting an unsigned long variable, use strtoul() instead of strtol(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-10-02netsniff-ng: modify mmap option in usage to be grammatically correctJon Schipp1-1/+1
Incorrect usage of "i.e." leads one to believe that replaying is possible only. Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-09-30netsniff-ng: Display pcap I/O method in verbose modeTobias Klauser1-0/+3
If a user accidentially specifies more than one of --mm/--sg/--clrw, the option specified last will be used - as expected from standard command line tools. In order to still prevent users from being confused by this, explicitely display the pcap I/O method used in verbose mode. In order for the output to be more user-friendly, actually write out the method names in const char *pcap_ops_group_to_str, which isn't used anywhere else anyway. Suggested-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-09-02netsniff-ng: Remove unnecessary fmemset() of struct statTobias Klauser1-1/+0
The struct stat is filled by the call to stat(2) in the next line, so there is no need to explicitely set it to 0 before. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-30netsniff-ng: Simplify dump file creation logicTobias Klauser1-9/+5
Instead of using goto, just check stats if stat() returned 0 and used ctx->dump_dir afterwards. This makes the logic a bit easier to follow. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-19netsniff-ng: poll: don't panic on EINTRDaniel Borkmann1-4/+8
When signal occurs, don't panic on EINTR, rather gracefully return. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-08-12netsniff-ng: Check return value of poll()Tobias Klauser1-3/+7
The return value of two calls to poll() are never check, despite the (unlikely) possibility of them returning an error, fix it by checking the return value and panic()ing on error. This issue was discovered using the Coverity scanner. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09dev: Integrate `promisc' module into `dev' moduleTobias Klauser1-5/+5
Since entering/leaving promiscuous mode also is a device specific function and all users of the `promisc' module also use `dev', integrate it there. Also rename the functions to have a `device_' prefix like the other functions in the module. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09netsniff-ng: Fix compiler warningTobias Klauser1-1/+1
Fix the following compiler warning that occurs when building with "-W -Wall -Wextra" by introducing a cast: netsniff-ng.c: In function ‘walk_t3_block’: netsniff-ng.c:841:8: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-09mac80211.c: Remove or mark unused function parametersTobias Klauser1-2/+2
Compiling with "-W -Wall -Wextra" reveals the following warnings in mac80211.c: mac80211.c: In function ‘nl80211_init’: mac80211.c:78:67: warning: unused parameter ‘device’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_wait_handler’: mac80211.c:106:48: warning: unused parameter ‘msg’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_error_handler’: mac80211.c:115:54: warning: unused parameter ‘nla’ [-Wunused-parameter] mac80211.c:117:12: warning: unused parameter ‘arg’ [-Wunused-parameter] mac80211.c: In function ‘nl80211_del_mon_if’: mac80211.c:181:72: warning: unused parameter ‘device’ [-Wunused-parameter] Fix them by either marking them as unused (where we need to conform to library APIs or remove them alltogether (for our own APIs). For the function leave_rfmon_mac80211() the according users (netsniff-ng and trafgen) are also changed. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13pcap_io: Remove unused parameter sll from pcap_pkthdr_to_tpacket_hdr()Tobias Klauser1-3/+2
The sll parameter is not used anywhere in the function, so remove it. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13sparse: netsniff-ng, trafgen: fix remaining time(0) warningsDaniel Borkmann1-2/+2
Those are the last occurences of warnings like: netsniff-ng.c:697:48: warning: Using plain integer as NULL pointer netsniff-ng.c:726:48: warning: Using plain integer as NULL pointer ... Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-12bpf_comp: pass NEED_TCPDUMP_LIKE_FILTER through gccDaniel Borkmann1-2/+0
We have to pass NEED_TCPDUMP_LIKE_FILTER define through gcc as it otherwise is not possible to let the pcap compiler invoke through netsniff-ng, but not through astraceroute. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-11netsniff-ng: fix recognition of -U command line optionDaniel Borkmann1-1/+1
"-U" has been forgotten to add into shortopts. "--update" works as expeceted however. So simply add "U". Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-09configure: fix multiple issues in build configurationDaniel Borkmann1-0/+2
This patch is a bundle of multiple fixes. 1) Fix compilation of astraceroute when HAVE_LIBPCAP=1: astraceroute doesn't need libpcap, so add an additional guard/define to bpf.h and bpf_comp.c and netsniff-ng.c. Also since we generate a config.h file, we do not need to have this additional compile flag anymore. 2) Fix tstamping.{h,c} to use the configure script instead of the Makefile. For doing this, also fix the object inclusion in netsniff-ng/Makefile. Last but not least, rename __WITH_... into HAVE_... as this is more clean. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-09all: show git id in --version informationDaniel Borkmann1-2/+4
In order to be able to better track regressions or to give support, let us track the Git id as well in version information. This makes the ``--version'' switch actually useful. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03netsniff-ng: ctx: init and destruct methods for ctxDaniel Borkmann1-18/+33
Refactor ctx initialization and destruction into separate handlers. That is more clean. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-07-03pcap: invoke dev->type to pcap linktype mapperDaniel Borkmann1-1/+2
Invoke dev->type to pcap linktype mapper in order to write a correct pcap file header for various link types. Also fix two bugs in pcap file header parsing and print a warning with the magic link number in case of an unknown link type. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-25netsniff-ng: tpacketv3: 'fix' packet accounting outputDaniel Borkmann1-2/+2
In netsniff-ng, we use tpacketv3 for capturing-only mode. The issue observed lately is that when using f.e. -n10 or capturing a pcap and then quitting, the pcap or actually seen number of packets are less than what the statistics tell us from getsockopt(2). This is due to the fact that tpacketv3 divides its ring buffer into blocks of frames. Meaning, while we are traversing block n, the kernel already fills up block n+1 and following if new packets arrive. While doing so, it increments packet counters. Thus, when we ^C, we haven't seen those blocks, so the stats tell us mostly a slightly higher result. Fix this by adjusting socket stats printing to this fact. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-14netsniff-ng: Report if HW timestamping is enabledTobias Klauser1-1/+3
Until now we didn't check the return value of set_sockopt_hwtimestamp() and the Coverity scanner complained about it, so use it's return value to report if timstamping is actually enabled in verbose mode. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-06-12ioops: misc: add dup{,2}_or_die to ioopsDaniel Borkmann1-4/+4
Bail out if it should ever fail. Detected by coverty in the translate_pcap_to_txf() path. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-12netsniff-ng: walk_t3_block: prevent fd from double closeDaniel Borkmann1-4/+4
Only close the very first pcap file of multi-pcap files once, and not once during next_multi_pcap_file and once during exit. Discovered by Coverty scanner. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04tstamping: add header file for packet timestampingDaniel Borkmann1-2/+1
Better add a header file for this, so that we do not need to have it in multiple places declared. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: eliminate xutils, move rest to epoll2Daniel Borkmann1-1/+0
Finally eliminate xutils.{c,h} and move the rest to epoll2. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04timer: add time management functionsDaniel Borkmann1-0/+1
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04sig: add signal handling functionsDaniel Borkmann1-0/+1
Add an extra file for signal handling functions. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04sock: add socket management functionsDaniel Borkmann1-0/+1
Remove them from xutils, and add them to socket management. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04proc: move out process specific management functionsDaniel Borkmann1-2/+3
Move them out of xutils, so that we can maintain them separately. Also simplify things a bit. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04privs: move drop_privileges out of xutilsDaniel Borkmann1-0/+1
Again, also to be able to maintain this more easily. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: break out promisc mode functionsDaniel Borkmann1-0/+1
Put them separately for the sake of maintanence. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04irq: rename device_bind_irq_to_cpu to device_set_irq_affinityDaniel Borkmann1-2/+2
This is more appropriate and consistent with other device irq functions. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xio: rename xio to ioops and reduce its includesDaniel Borkmann1-1/+1
Rename xio to ioops (io-ops) and boil its include files down to a minimum. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xio: add ioexact operationsDaniel Borkmann1-4/+1
Break this out so that we only need to have sigint non-static where it is really needed. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-04xutils: break out string handling and lockingDaniel Borkmann1-0/+2
Break out all string handling functions and lockme stuff in order to further eliminate the big code blob in xutils, so that it can be easier maintained. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-03netsniff-ng: v3: fix packet accounting on --numDaniel Borkmann1-7/+8
We need to carry frame_count through multiple calls of walk function to account correctly for --num <pkts>. Also, move socket stats printing into rx ring, since it belongs there. Todo: the kernel socket seems to have a different count that what we see. This needs to be fixed one way or the other. Not yet sure what's causing this. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-06-03irq: break out from xutils and save + restoreDaniel Borkmann1-1/+2
Break out IRQ functionality from xutils, simplify it, and save + restore IRQ affinity list. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31netsniff-ng: minor: update help descriptionDaniel Borkmann1-3/+3
Give -J a lower prio in the help option ranking and state that its only for replay or forwarding. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31netsniff-ng: enable jumbo frames on default in tpacket_v3Daniel Borkmann1-4/+4
Since frames are stored more compressed and contiguous, we can also enable jumbo support in pcap dumps by default, since we have no further restrictions in terms of ring buffer frame size. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31ring: netsniff-ng: migrate capture only to TPACKET_V3Daniel Borkmann1-75/+79
Lets migrate capturing to TPACKET_V3, since it will bring a better performance due to fewer page cache misses caused by a higher density of packets, since now they are contigous placed in the ring buffer. It is said that TPACKET_V3 brings the following benefits: *) ~15 - 20% reduction in CPU-usage *) ~20% increase in packet capture rate *) ~2x increase in packet density *) Port aggregation analysis *) Non static frame size to capture entire packet payload Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-31ring: setup frame structure for v2/v3 in a generic wayDaniel Borkmann1-4/+4
Prepare TPACKET_V3 for allowing to transparently setting up the frame structure such that we do not need to change much in the netsniff-ng/trafgen code. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-30ring: prepare setup_rx_ring_layout for support in v2/v3Daniel Borkmann1-2/+2
Prepare setup_rx_ring_layout for both, v2 and v3. Also do some checks during compile time if offsets stay the same as we operate on different union mappings. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-30netsniff-ng: Add __maybe_unused attribute to timer functionsTobias Klauser1-3/+2
The two functions timer_elapsed() and timer_next_dump() both take an argument which they don't use. Annotate them appropriately using the __maybe_unused attribute. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-23make: include build nameDaniel Borkmann1-1/+1
Include long version string into tools when called with --version. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>