forked from ns1/pktvisor-v1
-
Notifications
You must be signed in to change notification settings - Fork 0
/
dissector.c
132 lines (112 loc) · 2.71 KB
/
dissector.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
/*
* netsniff-ng - the packet sniffing beast
* Copyright 2009, 2010, 2011, 2012 Daniel Borkmann.
* Subject to the GPL, version 2.
*/
#include <stdint.h>
#include <stdlib.h>
#include <unistd.h>
#include "built_in.h"
#include "tprintf.h"
#include "pkt_buff.h"
#include "proto.h"
#include "dissector.h"
#include "dissector_eth.h"
//#include "dissector_80211.h"
#include "dissector_netlink.h"
#include "linktype.h"
int dissector_set_print_type(void *ptr, int type)
{
struct protocol *proto;
for (proto = ptr; proto; proto = proto->next) {
switch (type) {
case PRINT_NORM:
proto->process = proto->print_full;
break;
case PRINT_LESS:
proto->process = proto->print_less;
break;
default:
proto->process = proto->visit;
break;
}
}
return 0;
}
static void dissector_main(struct pkt_buff *pkt, struct protocol *start,
struct protocol *end, void *ctxt)
{
struct protocol *proto;
if (!start)
return;
for (pkt->proto = start; pkt->proto; ) {
if (unlikely(!pkt->proto->process))
break;
proto = pkt->proto;
pkt->proto = NULL;
proto->process(pkt, ctxt);
}
if (end && likely(end->process))
end->process(pkt, ctxt);
}
void dissector_entry_point(uint8_t *packet, size_t len, int linktype, int mode, unsigned char pkttype, void *ctxt)
{
struct protocol *proto_start, *proto_end;
struct pkt_buff *pkt;
/*
* we always at least visit() now
if (mode == PRINT_NONE)
return;
*/
pkt = pkt_alloc(packet, len);
pkt->pkttype = pkttype;
switch (linktype) {
case LINKTYPE_EN10MB:
case ___constant_swab32(LINKTYPE_EN10MB):
proto_start = dissector_get_ethernet_entry_point();
proto_end = dissector_get_ethernet_exit_point();
break;
/*
case LINKTYPE_IEEE802_11:
case ___constant_swab32(LINKTYPE_IEEE802_11):
proto_start = dissector_get_ieee80211_entry_point();
proto_end = dissector_get_ieee80211_exit_point();
break;
*/
case LINKTYPE_NETLINK:
case ___constant_swab32(LINKTYPE_NETLINK):
proto_start = dissector_get_netlink_entry_point();
proto_end = dissector_get_netlink_exit_point();
break;
default:
proto_start = &none_ops;
proto_end = NULL;
break;
};
dissector_main(pkt, proto_start, proto_end, ctxt);
switch (mode) {
case PRINT_HEX:
hex(pkt);
break;
case PRINT_ASCII:
ascii(pkt);
break;
case PRINT_HEX_ASCII:
hex_ascii(pkt);
break;
}
tprintf_flush();
pkt_free(pkt);
}
void dissector_init_all(int fnttype)
{
dissector_init_ethernet(fnttype);
//dissector_init_ieee80211(fnttype);
dissector_init_netlink(fnttype);
}
void dissector_cleanup_all(void)
{
dissector_cleanup_ethernet();
//dissector_cleanup_ieee80211();
dissector_cleanup_netlink();
}