HLBR: packets/packet.c Source File

00001 #include "packet.h"
00002 #include "../engine/hlbr.h"
00003 #include <string.h>
00004 #include <stdio.h>
00005 #include <stdlib.h>
00006 #include "../engine/bits.h"
00007 //#include "../mangle/mangle.h"
00008 
00009 #define DEBUGPATH ;
00010 
00011 /*****************************************
00012 * Includes for all the interface types
00013 * goes here
00014 *****************************************/
00015 #include "packet_linux_raw.h"
00016 #include "packet_obsd_bpf.h"
00017 #include "packet_osx_bpf.h"
00018 #include "packet_tcpdump.h"
00019 #include "packet_solaris_dlpi.h"
00020 
00021 extern GlobalVars Globals;
00022 
00023 int                                     LastFreeSlot;
00024 int                                     LastPendingSlot;
00025 
00026 pthread_mutex_t         PacketMutex;
00027 int                                     PacketLockID=0;
00028 unsigned int            CurPacketNum=0;
00029 
00030 //#define DEBUG
00031 //#define DEBUGPACKETS
00032 //#define DEBUGLOCKS
00033 
00034 /**************************************
00035 * Given the name of a packet type,
00036 * return its ID
00037 **************************************/
00038 int GetPacketTypeByName(char* Name){
00039 
00040         DEBUGPATH;
00041 
00042         if (strcasecmp(Name, "linux_raw")==0){
00043                 return PACKET_TYPE_LINUX_RAW;
00044         }else if (strcasecmp(Name, "pcap")==0){
00045                 return PACKET_TYPE_PCAP;
00046         }else if (strcasecmp(Name, "obsd_bpf")==0){
00047                 return PACKET_TYPE_OBSD_BPF;            
00048         }else if (strcasecmp(Name, "osx_bpf")==0){
00049                 return PACKET_TYPE_OSX_BPF;
00050         }else if (strcasecmp(Name, "tcpdump")==0){
00051                 return PACKET_TYPE_TCPDUMP;             
00052         }else if (strcasecmp(Name, "solaris_dlpi")==0){
00053                 return PACKET_TYPE_SOLARIS_DLPI;                
00054         }
00055 
00056 
00057         return PACKET_TYPE_NONE;
00058 }
00059 
00060 /**************************************
00061 * Given the name of a protocol,
00062 * return its ID
00063 **************************************/
00064 int GetPacketProtoByName(char* Name){
00065 
00066         DEBUGPATH;
00067 
00068         if (strcasecmp(Name, "ethernet")==0){
00069                 return PACKET_PROTO_ETHERNET;
00070         }
00071 
00072         return PACKET_PROTO_NONE;
00073 }
00074 
00075 /**************************************
00076 * Given the name of a role,
00077 * return its ID
00078 **************************************/
00079 int GetPacketRoleByName(char* Name){
00080 
00081         DEBUGPATH;
00082 
00083         if (strcasecmp(Name, "normal")==0){
00084                 return PACKET_ROLE_NORMAL;
00085         }else if (strcasecmp(Name, "external")==0){
00086                 return PACKET_ROLE_EXTERNAL;
00087         }else if (strcasecmp(Name, "internal")==0){
00088                 return PACKET_ROLE_INTERNAL;
00089         }else if (strcasecmp(Name, "honey")==0){
00090                 return PACKET_ROLE_HONEY;
00091         }
00092 
00093         return PACKET_ROLE_NORMAL;
00094 }
00095 
00096 /******************************************
00097 * Sets an interface up for reading/writing
00098 ******************************************/
00099 int OpenInterface(int InterfaceID){
00100         InterfaceRec*   Interface;
00101 
00102         DEBUGPATH;
00103 
00104 #ifdef DEBUG
00105         printf("Opening Interface %s\n",Globals.Interfaces[InterfaceID].Name);
00106 #endif
00107 
00108         Interface=&Globals.Interfaces[InterfaceID];
00109         switch (Interface->Type){
00110 #ifdef _LINUX_  
00111         case PACKET_TYPE_LINUX_RAW:     
00112                 return OpenInterfaceLinuxRaw(InterfaceID);
00113 #endif          
00114 #ifdef _OBSD_   
00115         case PACKET_TYPE_OBSD_BPF:      
00116                 return OpenInterfaceOBSDBPF(InterfaceID);
00117 #endif          
00118 #ifdef _OSX_    
00119         case PACKET_TYPE_OSX_BPF:       
00120                 return OpenInterfaceOSXBPF(InterfaceID);
00121 #endif          
00122         case PACKET_TYPE_TCPDUMP:       
00123                 return OpenInterfaceTCPDump(InterfaceID);
00124 #ifdef _SOLARIS_        
00125         case PACKET_TYPE_SOLARIS_DLPI:  
00126                 return OpenInterfaceSolarisDLPI(InterfaceID);
00127 #endif                          
00128         default:
00129                 printf("Invalid interface type for \"%s\" try specifying type=<type>\n", Interface->Name);
00130                 return FALSE;
00131         }
00132 
00133         return FALSE;
00134 }
00135 
00136 
00137 /******************************************
00138 * Open up all the interfaces
00139 ******************************************/
00140 int OpenInterfaces()
00141 {
00142         int     i;
00143 
00144         DEBUGPATH;
00145 
00146         for (i=0;i<Globals.NumInterfaces;i++)
00147                 if (!OpenInterface(i)) return FALSE;
00148                 
00149         return TRUE;
00150 }
00151 
00152 /******************************************
00153 * Read packet(s) from an interface
00154 * Packets will be put on the pending queue
00155 ******************************************/
00156 int ReadPacket(int InterfaceID)
00157 {
00158         InterfaceRec*   Interface;
00159 
00160         DEBUGPATH;
00161 
00162         Interface=&Globals.Interfaces[InterfaceID];
00163         
00164         switch (Interface->Type){
00165 #ifdef _LINUX_  
00166         case PACKET_TYPE_LINUX_RAW:
00167                 return ReadPacketLinuxRaw(InterfaceID);
00168 #endif
00169 #ifdef _OBSD_           
00170         case PACKET_TYPE_OBSD_BPF:
00171                 return ReadPacketOBSDBPF(InterfaceID);          
00172 #endif          
00173 #ifdef _OSX_            
00174         case PACKET_TYPE_OSX_BPF:
00175                 return ReadPacketOSXBPF(InterfaceID);           
00176 #endif          
00177         case PACKET_TYPE_TCPDUMP:
00178                 return ReadPacketTCPDump(InterfaceID);          
00179 #ifdef _SOLARIS_                
00180         case PACKET_TYPE_SOLARIS_DLPI:
00181                 return ReadPacketSolarisDLPI(InterfaceID);              
00182 #endif          
00183         default:
00184                 printf("ReadPacket: I don't know what type of interface that is (%i)\n", Interface->Type);
00185                 return FALSE;
00186         }
00187 
00188         return FALSE;
00189 }
00190 
00191 /*****************************************************
00192 * Send off the packet
00193 *****************************************************/
00194 int WritePacket(int PacketSlot)
00195 {
00196         InterfaceRec*   Interface;
00197         int                             i;
00198         int                             InterfaceID;
00199         unsigned char*  Packet;
00200         int                             PacketLen;
00201 
00202         DEBUGPATH;
00203 
00204         InterfaceID=Globals.Packets[PacketSlot].TargetInterface;
00205         Packet=Globals.Packets[PacketSlot].RawPacket;
00206         PacketLen=Globals.Packets[PacketSlot].PacketLen;
00207 
00208         if (InterfaceID!=INTERFACE_BROADCAST){
00209                 Interface=&Globals.Interfaces[InterfaceID];
00210 /*      
00211 #ifdef DEBUG
00212                 printf("Applying mangling to non-broadcast packet\n");
00213 #endif  
00214 
00215                 if (!Mangle(PacketSlot, Globals.Packets[PacketSlot].InterfaceNum, InterfaceID)){
00216 #ifdef DEBUG
00217                         printf("Failed to mangle packet\n");
00218 #endif          
00219                         return FALSE;
00220                 }
00221 */      
00222                 switch (Interface->Type){
00223                 case PACKET_TYPE_LINUX_RAW:
00224 #ifdef _LINUX_          
00225 #ifdef DEBUG            
00226                         printf("1Normal: Sending out interface %i(%s)\n",InterfaceID, Globals.Interfaces[InterfaceID].Name);
00227 #endif                  
00228                         return WritePacketLinuxRaw(InterfaceID, Packet, PacketLen);
00229 #endif
00230 #ifdef _OBSD_                   
00231                 case PACKET_TYPE_OBSD_BPF:
00232 #ifdef DEBUG            
00233                         printf("2Normal: Sending out interface %i(%s)\n",InterfaceID, Globals.Interfaces[InterfaceID].Name);
00234 #endif                  
00235                         return WritePacketOBSDBPF(InterfaceID, Packet, PacketLen);                      
00236 #endif                  
00237 #ifdef _OSX_                    
00238                 case PACKET_TYPE_OSX_BPF:
00239 #ifdef DEBUG            
00240                         printf("3Normal: Sending out interface %i(%s)\n",InterfaceID, Globals.Interfaces[InterfaceID].Name);
00241 #endif                  
00242                         return WritePacketOSXBPF(InterfaceID, Packet, PacketLen);                       
00243 #endif                  
00244                 case PACKET_TYPE_TCPDUMP:
00245 #ifdef DEBUG            
00246                         printf("4Normal: Sending out interface %i(%s)\n",InterfaceID, Globals.Interfaces[InterfaceID].Name);
00247 #endif                  
00248                         return WritePacketTCPDump(InterfaceID, Packet, PacketLen);                      
00249 #ifdef _SOLARIS_
00250                 case PACKET_TYPE_SOLARIS_DLPI:
00251 #ifdef DEBUG            
00252                         printf("3Normal: Sending out interface %i(%s)\n",InterfaceID, Globals.Interfaces[InterfaceID].Name);
00253 #endif                  
00254                         return WritePacketSolarisDLPI(InterfaceID, Packet, PacketLen);                  
00255 #endif                                          
00256                 default:
00257                         printf("WritePacket: I don't know what type of interface that is (%i)\n", Interface->Type);
00258                         return FALSE;
00259                 }
00260         }else{
00261                 /*this is a broadcast packet*/
00262                 for (i=0;i<Globals.NumInterfaces;i++){
00263                         if (i!=InterfaceID){
00264                                 Interface=&Globals.Interfaces[i];
00265 /*      
00266 #ifdef DEBUG
00267                                 printf("Applying mangling to broadcast packet\n");
00268 #endif  
00269 
00270                                 if (!Mangle(PacketSlot, Globals.Packets[PacketSlot].InterfaceNum, i)){
00271 #ifdef DEBUG
00272                                         printf("Failed to mangle packet\n");
00273 #endif          
00274                                         break;
00275                                 }
00276 */              
00277                                 switch (Interface->Type){
00278 #ifdef _LINUX_                          
00279                                 case PACKET_TYPE_LINUX_RAW:
00280 #ifdef DEBUG                            
00281                                         printf("Broadcast: Sending out interface %i(%s)\n",i, Globals.Interfaces[i].Name);
00282 #endif                                  
00283                                         WritePacketLinuxRaw(i, Packet, PacketLen);
00284                                         break;  
00285 #endif                                  
00286 #ifdef _OBSD_                                                                   
00287                                 case PACKET_TYPE_OBSD_BPF:
00288 #ifdef DEBUG                            
00289                                         printf("Broadcast: Sending out interface %i(%s)\n",i, Globals.Interfaces[i].Name);
00290 #endif                                  
00291                                         WritePacketOBSDBPF(i, Packet, PacketLen);                                       
00292                                         break;
00293 #endif
00294 #ifdef _OSX_                                                                    
00295                                 case PACKET_TYPE_OSX_BPF:
00296 #ifdef DEBUG                            
00297                                         printf("Broadcast: Sending out interface %i(%s)\n",i, Globals.Interfaces[i].Name);
00298 #endif
00299                                         WritePacketOSXBPF(i, Packet, PacketLen);                                                
00300                                         break;
00301 #endif                                                                          
00302                                 case PACKET_TYPE_TCPDUMP:
00303 #ifdef DEBUG                            
00304                                         printf("Broadcast: Sending out interface %i(%s)\n",i, Globals.Interfaces[i].Name);
00305 #endif                                  
00306                                         WritePacketTCPDump(i, Packet, PacketLen);                                       
00307                                         break;
00308 #ifdef _SOLARIS_
00309                                 case PACKET_TYPE_SOLARIS_DLPI:
00310 #ifdef DEBUG                            
00311                                         printf("Broadcast: Sending out interface %i(%s)\n",i, Globals.Interfaces[i].Name);
00312 #endif
00313                                         WritePacketSolarisDLPI(i, Packet, PacketLen);
00314                                         break;
00315 #endif
00316                                 default:
00317                                         printf("WritePacket2: I don't know what type of interface that is (%i) Interface %i\n", Interface->Type, i);
00318                                         return FALSE;
00319                                 }
00320                         }
00321                 }
00322         }
00323 
00324         return FALSE;
00325 }
00326 
00334 int AddPacketToPending(int PacketSlot)
00335 {
00336         DEBUGPATH;
00337 
00338         hlbr_mutex_lock(&PacketMutex, ADD_PACKET_1, &PacketLockID);
00339         
00340         Globals.Packets[PacketSlot].Status=PACKET_STATUS_PENDING;
00341         LastPendingSlot=PacketSlot;
00342         Globals.PendingCount++;
00343         Globals.AllocatedCount--;
00344         
00345         hlbr_mutex_unlock(&PacketMutex);
00346 
00347         return TRUE;
00348 }
00349 
00350 
00357 int BlockPacket(int PacketSlot)
00358 {
00359         hlbr_mutex_lock(&PacketMutex, POP_PACKET_1, &PacketLockID);
00360         Globals.Packets[PacketSlot].Status = PACKET_STATUS_BLOCKED;
00361         hlbr_mutex_unlock(&PacketMutex);
00362 
00363         return TRUE;
00364 }
00365 
00366 int DropPacket(int PacketSlot)
00367 {
00368         hlbr_mutex_lock(&PacketMutex, POP_PACKET_1, &PacketLockID);
00369         // (taken from action_drop.c)
00370         Globals.Packets[PacketSlot].PassRawPacket = FALSE;
00371         //if (Globals.Packets[PacketSlot].Status == PACKET_STATUS_BLOCKED)
00372         //TCPRemount_unblock(Port->Seqs.queue[i], TRUE);
00373         hlbr_mutex_unlock(&PacketMutex);
00374 
00375         return TRUE;
00376 }
00377 
00378 
00384 int PopFromPending()
00385 {
00386         int             PacketSlot;
00387         int             i;
00388 
00389         DEBUGPATH;
00390         
00391         PacketSlot = PACKET_NONE;
00392         hlbr_mutex_lock(&PacketMutex, POP_PACKET_1, &PacketLockID);
00393         
00394         for (i=0;i<MAX_PACKETS;i++){
00395                 if (Globals.Packets[i].Status==PACKET_STATUS_PENDING){
00396                         Globals.Packets[i].Status=PACKET_STATUS_PROCESSING;
00397                         hlbr_mutex_unlock(&PacketMutex);
00398                         Globals.PendingCount--;
00399                         Globals.ProcessingCount++;
00400                         return i;
00401                 }
00402         }
00403         
00404         hlbr_mutex_unlock(&PacketMutex);
00405         
00406         return PACKET_NONE;
00407 }
00408 
00409 /*******************************************
00410 * Get a packet from the pool
00411 ********************************************/
00412 int GetEmptyPacket(){
00413         PacketRec*      Packet;
00414         int                     i;
00415 
00416         DEBUGPATH;
00417 
00418         hlbr_mutex_lock(&PacketMutex, GET_PACKET_1, &PacketLockID);
00419 
00420         Packet=NULL;
00421         for (i=LastFreeSlot; i<MAX_PACKETS;i++){
00422                 if (Globals.Packets[i].Status==PACKET_STATUS_IDLE){
00423 #ifdef DEBUG
00424                         printf("Found IDLE packet in slot %i\n",i);
00425 #endif          
00426                         Globals.Packets[i].SaveCount=0;
00427                         Globals.Packets[i].Status=PACKET_STATUS_ALLOCATED;
00428                         Packet=&Globals.Packets[i];
00429                         Packet->PacketSlot=i;
00430                         break;
00431                 }
00432         }
00433 
00434         if (!Packet)    
00435         for (i=0; i<LastFreeSlot;i++){
00436                 if (Globals.Packets[i].Status==PACKET_STATUS_IDLE){
00437 #ifdef DEBUG
00438                         printf("Found IDLE packet in slot %i\n",i);
00439 #endif          
00440                         Globals.Packets[i].SaveCount=0;
00441                         Globals.Packets[i].Status=PACKET_STATUS_PENDING;
00442                         Packet=&Globals.Packets[i];
00443                         Packet->PacketSlot=i;
00444                         break;
00445                 }
00446         }
00447 
00448         if (!Packet){
00449 #ifdef DEBUG
00450                 printf("There were no free packets\n");
00451 #endif  
00452                 hlbr_mutex_unlock(&PacketMutex);
00453                 return PACKET_NONE;
00454         }
00455         
00456         /*initialize the packet*/
00457         Packet->PacketLen=0;
00458         memset(Packet->RuleBits, 0xFF, MAX_RULES/8);
00459         Packet->tv.tv_sec=0;
00460         Packet->tv.tv_usec=0;
00461         Packet->NumDecoderData=0;
00462         Packet->PassRawPacket=TRUE;
00463         Packet->PacketNum=CurPacketNum++;
00464         Packet->PacketSlot=i;
00465         Packet->RawPacket=Packet->TypicalPacket;
00466         Packet->LargePacket=FALSE;
00467         
00468         Globals.AllocatedCount++;
00469         Globals.IdleCount--;
00470 
00471         hlbr_mutex_unlock(&PacketMutex);
00472         
00473         return i;       
00474 }
00475 
00476 /************************************
00477 * Return a packet to the pool
00478 * for reuse
00479 ************************************/
00480 void ReturnEmptyPacket(int PacketSlot){
00481         int             i;
00482         PacketRec*      p;
00483         
00484         DEBUGPATH;
00485 
00486         hlbr_mutex_lock(&PacketMutex, RETURN_PACKET_1, &PacketLockID);
00487         
00488         if (Globals.Packets[PacketSlot].SaveCount<1){
00489                 p=&Globals.Packets[PacketSlot];
00490         
00491                 if  (p->LargePacket){
00492                         free(p->RawPacket);
00493                         p->RawPacket=p->TypicalPacket;
00494                         p->LargePacket=FALSE;
00495                 }
00496         
00497                 for (i=0;i<p->NumDecoderData;i++){
00498                         if (p->DecoderInfo[i].Data) free(p->DecoderInfo[i].Data);
00499                         p->DecoderInfo[i].Data=NULL;
00500                 }
00501                 
00502                 switch(Globals.Packets[PacketSlot].Status){
00503                 case PACKET_STATUS_ALLOCATED:
00504                         Globals.AllocatedCount--;
00505                         break;
00506                 case PACKET_STATUS_PROCESSING:
00507                         Globals.ProcessingCount--;
00508                         break;
00509                 }
00510                 Globals.IdleCount++;
00511                 Globals.Packets[PacketSlot].Status=PACKET_STATUS_IDLE;          
00512         }else{
00513                 Globals.Packets[PacketSlot].Status=PACKET_STATUS_SAVED;
00514                 Globals.ProcessingCount--;
00515                 Globals.SavedCount++;
00516         }
00517 
00518         hlbr_mutex_unlock(&PacketMutex);
00519 
00520 #ifdef DEBUG_PACKETS
00521         printf("There are:\n");
00522         printf("  %i Idle\n",Globals.IdleCount);
00523         printf("  %i Pending\n",Globals.PendingCount);
00524         printf("  %i Saved\n",Globals.SavedCount);
00525         printf("  %i Allocated\n",Globals.AllocatedCount);
00526         printf("  %i Processing\n",Globals.ProcessingCount);
00527 #endif  
00528 }
00529 
00530 /************************************
00531 * Start a new dedicated thread to
00532 * read the interface
00533 ************************************/
00534 int StartInterfaceThread(int InterfaceID){
00535         InterfaceRec*   Interface;
00536 
00537         DEBUGPATH;
00538 
00539 #ifndef HAS_THREADS
00540         return FALSE;
00541 #else
00542         Interface=&Globals.Interfaces[InterfaceID];
00543         
00544         switch(Interface->Type){
00545 #ifdef _LINUX_  
00546         case PACKET_TYPE_LINUX_RAW:
00547                 return LoopThreadLinuxRaw(InterfaceID);
00548 #endif
00549 #ifdef _OBSD_           
00550         case PACKET_TYPE_OBSD_BPF:
00551                 return LoopThreadOBSDBPF(InterfaceID);          
00552 #endif
00553 #ifdef _OSX_            
00554         case PACKET_TYPE_OSX_BPF:
00555                 return LoopThreadOSXBPF(InterfaceID);           
00556 #endif
00557         case PACKET_TYPE_TCPDUMP:
00558                 return LoopThreadTCPDump(InterfaceID);          
00559 #ifdef _SOLARIS_                
00560         case PACKET_TYPE_SOLARIS_DLPI:
00561                 return LoopThreadSolarisDLPI(InterfaceID);              
00562 #endif          
00563         default:
00564                 printf("I can't start a thread for that interface type\n");
00565                 return FALSE;
00566         }
00567 
00568         return TRUE;
00569 #endif  
00570 }
00571 
00572 /**********************************************
00573 * Check to see if a rule is still active
00574 **********************************************/
00575 inline int RuleIsActive(int PacketSlot, int RuleNum){
00576         DEBUGPATH;
00577 
00578         return GetBit(Globals.Packets[PacketSlot].RuleBits, Globals.NumRules, RuleNum); 
00579 }
00580 
00581 /**********************************************
00582 * Mark a rule as no longer active
00583 **********************************************/
00584 inline int SetRuleInactive(int PacketSlot, int RuleNum){
00585         DEBUGPATH;
00586         
00587         SetBit(Globals.Packets[PacketSlot].RuleBits, Globals.NumRules, RuleNum, 0);
00588         
00589         return TRUE;
00590 }
00591 
00592 /**********************************************
00593 * Given a name, return the interface ID
00594 **********************************************/
00595 int GetInterfaceByName(char* Name){
00596         int     i;
00597 
00598         DEBUGPATH;
00599 
00600         for (i=0;i<Globals.NumInterfaces;i++){
00601                 if (strcasecmp(Name, Globals.Interfaces[i].Name)==0){
00602                         return i;
00603                 }
00604         }
00605 
00606         return INTERFACE_NONE;
00607 }