HLBR: decoders/decode_tcp_stream.c Source File

00001 #include "decode_tcp_stream.h"
00002 #include "decode_tcp.h"
00003 #include "../packets/packet.h"
00004 #include "../engine/session.h"
00005 #include <stdio.h>
00006 #include <stdlib.h>
00007 #include <netinet/in.h>
00008 
00009 #define DEBUG
00010 
00011 extern GlobalVars       Globals;
00012 
00013 int     TCPDecoderID;
00014 
00015 /***************************************
00016 * Apply the tcp stream decoding
00017 ****************************************/
00018 void* DecodeTCPStream(int PacketSlot){
00019         TCPStreamData*  data;
00020         TCPData*                tcp_data;
00021         SessionRec*             session;
00022         PacketRec*              p;
00023         
00024         
00025 #ifdef DEBUGPATH
00026         printf("In DecodeTCPStream\n");
00027 #endif
00028 
00029 #ifdef DEBUG
00030         printf("Decoding TCP Stream\n");
00031 #endif
00032 
00033         p=&Globals.Packets[PacketSlot];
00034 
00035         if (!GetDataByID(PacketSlot, TCPDecoderID, (void**)&tcp_data)){
00036                 printf("Failed to get TCP header data\n");
00037                 return NULL;
00038         }
00039                 
00040         data=malloc(sizeof(TCPStreamData));
00041         data->SPort=ntohs(tcp_data->Header->source);
00042         data->DPort=ntohs(tcp_data->Header->dest);
00043         
00044         session=GetSession(p->PacketSlot);
00045         if (!session){
00046                 printf("Couldn't get session\n");
00047                 return NULL;
00048         }
00049 
00050 #ifdef DEBUG    
00051         if (session->PacketCount==1){
00052                 printf("+++++++++++++++++++++First Packet in the TCP session\n");
00053                 if (!(tcp_data->Header->syn && !tcp_data->Header->ack && !tcp_data->Header->rst)){
00054                         printf("^^^^^^^^^^^^^^^^^^^^^^Session didn't begin with a SYN\n");      
00055                         if (tcp_data->Header->syn)printf("S"); else printf("*");
00056                         if (tcp_data->Header->ack)printf("A"); else printf("*");
00057                         if (tcp_data->Header->rst)printf("R"); else printf("*");
00058                         printf("\n");
00059                 }
00060         }else{
00061                 printf("Packet count is %u\n",session->PacketCount);
00062         }
00063 #endif  
00064         
00065         
00066 #ifdef DEBUG
00067         printf("TCP Stream %u->%u\n",ntohs(tcp_data->Header->source), ntohs(tcp_data->Header->dest)); 
00068 #endif  
00069 
00070         return data;
00071 }
00072 
00073 /*************************************
00074 * Set up the decoder
00075 *************************************/
00076 int InitDecoderTCPStream(){
00077         int DecoderID;
00078 
00079 #ifdef DEBUGPATH
00080         printf("In InitDecoderTCPStream\n");
00081 #endif
00082         
00083         if ((DecoderID=CreateDecoder("TCPStream"))==DECODER_NONE){
00084 #ifdef DEBUG
00085                 printf("Couldn't Allocate TCPStream Decoder\n");
00086 #endif  
00087                 return FALSE;
00088         }
00089         
00090         Globals.Decoders[DecoderID].DecodeFunc=DecodeTCPStream;
00091         if (!DecoderAddDecoder(GetDecoderByName("TCP"), DecoderID)){
00092                 printf("Failed to Bind TCP Stream Decoder to TCP Decoder\n");
00093                 return FALSE;
00094         }
00095 
00096         TCPDecoderID=GetDecoderByName("TCP");
00097 
00098         return TRUE;
00099 }