]> git.stg.codes - stg.git/blob - projects/stargazer/plugins/capture/ipq_linux/ipq_cap.cpp
Members initialization order fixed in PostgreSQL storage plugin
[stg.git] / projects / stargazer / plugins / capture / ipq_linux / ipq_cap.cpp
1 /*
2  *    This program is free software; you can redistribute it and/or modify
3  *    it under the terms of the GNU General Public License as published by
4  *    the Free Software Foundation; either version 2 of the License, or
5  *    (at your option) any later version.
6  *
7  *    This program is distributed in the hope that it will be useful,
8  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
9  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
10  *    GNU General Public License for more details.
11  *
12  *    You should have received a copy of the GNU General Public License
13  *    along with this program; if not, write to the Free Software
14  *    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
15  */
16
17 /*
18 * Author : Boris Mikhailenko <stg34@stargazer.dp.ua>
19 */
20
21 #include <signal.h>
22 #include <cerrno>
23 #include <netinet/in.h>
24 #include <linux/netfilter.h>
25
26 #include "stg/raw_ip_packet.h"
27 #include "stg/traffcounter.h"
28 #include "ipq_cap.h"
29
30 extern "C"
31 {
32 #include "libipq.h"
33 }
34
35 class IPQ_CAP_CREATOR {
36 private:
37     IPQ_CAP * ic;
38
39 public:
40     IPQ_CAP_CREATOR()
41         : ic(new IPQ_CAP())
42         {
43         }
44     ~IPQ_CAP_CREATOR()
45         {
46         delete ic;
47         }
48
49     IPQ_CAP * GetCapturer()
50         {
51         return ic;
52         }
53 };
54 //-----------------------------------------------------------------------------
55 //-----------------------------------------------------------------------------
56 //-----------------------------------------------------------------------------
57 IPQ_CAP_CREATOR icc;
58 //-----------------------------------------------------------------------------
59 //-----------------------------------------------------------------------------
60 //-----------------------------------------------------------------------------
61 PLUGIN * GetPlugin()
62 {
63 return icc.GetCapturer();
64 }
65 //-----------------------------------------------------------------------------
66 //-----------------------------------------------------------------------------
67 //-----------------------------------------------------------------------------
68 const std::string IPQ_CAP::GetVersion() const
69 {
70 return "ipq_cap v.1.2";
71 }
72 //-----------------------------------------------------------------------------
73 IPQ_CAP::IPQ_CAP()
74     : ipq_h(NULL),
75       nonstop(false),
76       isRunning(false),
77       capSock(-1),
78       traffCnt(NULL)
79 {
80 memset(buf, 0, BUFSIZE);
81 }
82 //-----------------------------------------------------------------------------
83 int IPQ_CAP::Start()
84 {
85 if (isRunning)
86     return 0;
87 if (IPQCapOpen() < 0)
88     {
89     errorStr = "Cannot open socket!";
90     printfd(__FILE__, "Cannot open socket\n");
91     return -1;
92     }
93 nonstop = true;
94 if (pthread_create(&thread, NULL, Run, this) == 0)
95     {
96     return 0;
97     }
98 errorStr = "Cannot create thread.";
99 printfd(__FILE__, "Cannot create thread\n");
100 return -1;
101 }
102 //-----------------------------------------------------------------------------
103 int IPQ_CAP::Stop()
104 {
105 if (!isRunning)
106     return 0;
107 nonstop = false;
108 //5 seconds to thread stops itself
109 for (int i = 0; i < 25; i++)
110     {
111     if (!isRunning)
112         break;
113     usleep(200000);
114     }
115 //after 5 seconds waiting thread still running. now killing it
116 if (isRunning)
117     {
118     if (pthread_kill(thread, SIGINT))
119         {
120         errorStr = "Cannot kill thread.";
121         return -1;
122         }
123     for (int i = 0; i < 25 && isRunning; ++i)
124         {
125         usleep(200000);
126         }
127     if (isRunning)
128         {
129         printfd(__FILE__, "Thread not stopped\n");
130         }
131     else
132         {
133         pthread_join(thread, NULL);
134         }
135     }
136 IPQCapClose();
137 return 0;
138 }
139 //-----------------------------------------------------------------------------
140 void * IPQ_CAP::Run(void * d)
141 {
142 RAW_PACKET raw_packet;
143
144 IPQ_CAP * dc = (IPQ_CAP *)d;
145 dc->isRunning = true;
146 memset(&raw_packet, 0, sizeof(raw_packet));
147 raw_packet.dataLen = -1;
148 while (dc->nonstop)
149     {
150     int status = dc->IPQCapRead(&raw_packet, 68);
151     if (status == -1 ||
152         status == -2 ||
153         status == -3 ||
154         status == -4)
155         continue;
156     dc->traffCnt->Process(raw_packet);
157     }
158 dc->isRunning = false;
159 return NULL;
160 }
161 //-----------------------------------------------------------------------------
162 int IPQ_CAP::IPQCapOpen()
163 {
164 ipq_h = ipq_create_handle(0, PF_INET);
165 if (ipq_h == NULL)
166     {
167     ipq_destroy_handle(ipq_h);
168     errorStr = "Cannot create ipq handle!";
169     return -1;
170     }
171 int status = ipq_set_mode(ipq_h, IPQ_COPY_PACKET, PAYLOAD_LEN);
172 if (status < 0)
173     {
174     ipq_destroy_handle(ipq_h);
175     errorStr = "Cannot set IPQ_COPY_PACKET mode!";
176     return -1;
177     }
178 return 0;
179 }
180 //-----------------------------------------------------------------------------
181 int IPQ_CAP::IPQCapClose()
182 {
183 ipq_destroy_handle(ipq_h);
184 return 0;
185 }
186 //-----------------------------------------------------------------------------
187 int IPQ_CAP::IPQCapRead(void * buffer, int blen)
188 {
189 memset(buf, 0, BUFSIZE);
190 int status = ipq_read(ipq_h, buf, BUFSIZE, 1);
191 if (status == 0)
192     return -4;
193 if (errno == EINTR)
194     return -3;
195 if (status < 0)
196     return -1;
197 if (ipq_message_type(buf) != IPQM_PACKET)
198     return -2;
199 static ipq_packet_msg_t * m = ipq_get_packet(buf);
200 memcpy(buffer, m->payload, blen);
201 ipq_set_verdict(ipq_h, m->packet_id, NF_ACCEPT, 0, NULL);
202 return 0;
203 }
204 //-----------------------------------------------------------------------------