#include <net/if.h>
#include <netinet/in.h>
#include <arpa/inet.h>
-
-#include <errno.h>
#include <fcntl.h>
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <signal.h>
#include <unistd.h>
-#include "ether_cap.h"
+#include <cerrno>
+#include <cstdio>
+#include <cstring>
+#include <cstdlib>
+#include <csignal>
+
#include "stg/common.h"
#include "stg/raw_ip_packet.h"
#include "stg/traffcounter.h"
+#include "stg/plugin_creator.h"
-//#define CAP_DEBUG 1
-//-----------------------------------------------------------------------------
-
-//-----------------------------------------------------------------------------
-class BPF_CAP_CREATOR {
-private:
- BPF_CAP * bpfc;
+#include "ether_cap.h"
-public:
- BPF_CAP_CREATOR()
- : bpfc(new BPF_CAP())
- {
- }
- ~BPF_CAP_CREATOR()
- {
- delete bpfc;
- }
+//#define CAP_DEBUG 1
- BPF_CAP * GetCapturer()
- {
- return bpfc;
- }
-};
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
-BPF_CAP_CREATOR bcc;
+namespace
+{
+PLUGIN_CREATOR<BPF_CAP> bcc;
+}
+
+extern "C" PLUGIN * GetPlugin();
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
PLUGIN * GetPlugin()
{
-return bcc.GetCapturer();
+return bcc.GetPlugin();
}
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
int BPF_CAP_SETTINGS::ParseSettings(const MODULE_SETTINGS & s)
{
-std::string ifaces;
-
iface.erase(iface.begin(), iface.end());
if (s.moduleParams.empty())
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
//-----------------------------------------------------------------------------
-const std::string BPF_CAP::GetVersion() const
+std::string BPF_CAP::GetVersion() const
{
-return "bpf_cap v.1.0";
+return "cap_bpf v.1.0";
}
//-----------------------------------------------------------------------------
BPF_CAP::BPF_CAP()
- : nonstop(false),
+ : capSettings(),
+ errorStr(),
+ bpfData(),
+ polld(),
+ thread(),
+ nonstop(false),
isRunning(false),
capSock(-1),
- traffCnt(NULL)
+ settings(),
+ traffCnt(NULL),
+ logger(GetPluginLogger(GetStgLogger(), "cap_bpf"))
{
}
//-----------------------------------------------------------------------------
nonstop = true;
-if (pthread_create(&thread, NULL, Run, this) == 0)
+if (pthread_create(&thread, NULL, Run, this))
{
- return 0;
+ errorStr = "Cannot create thread.";
+ logger("Cannot create thread.");
+ printfd(__FILE__, "Cannot create thread\n");
+ return -1;
}
-errorStr = "Cannot create thread.";
-printfd(__FILE__, "Cannot create thread\n");
-return -1;
+return 0;
}
//-----------------------------------------------------------------------------
int BPF_CAP::Stop()
if (!isRunning)
break;
- usleep(200000);
+ struct timespec ts = {0, 200000000};
+ nanosleep(&ts, NULL);
}
//after 5 seconds waiting thread still running. now killing it
if (pthread_kill(thread, SIGINT))
{
errorStr = "Cannot kill thread.";
+ logger("Cannot send signal to thread.");
printfd(__FILE__, "Cannot kill thread\n");
return -1;
}
//-----------------------------------------------------------------------------
void * BPF_CAP::Run(void * d)
{
-BPF_CAP * dc = (BPF_CAP *)d;
+sigset_t signalSet;
+sigfillset(&signalSet);
+pthread_sigmask(SIG_BLOCK, &signalSet, NULL);
+
+BPF_CAP * dc = static_cast<BPF_CAP *>(d);
dc->isRunning = true;
uint8_t hdr[96]; //68 + 14 + 4(size) + 9(SYS_IFACE) + 1(align to 4) = 96
while (dc->nonstop)
{
- dc->BPFCapRead((char*)&hdr, 68 + 14, &iface);
+ if (dc->BPFCapRead((char*)&hdr, 68 + 14, &iface))
+ continue;
if (!(hdr[12] == 0x8 && hdr[13] == 0x0))
- {
continue;
- }
dc->traffCnt->Process(*rpp);
}
if (bd->fd < 0)
{
errorStr = "Can't capture packets. Open bpf device for " + bd->iface + " error.";
+ logger("Cannot open device for interface '%s': %s", bd->iface.c_str(), strerror(errno));
printfd(__FILE__, "Cannot open BPF device\n");
return -1;
}
if (ioctl(bd->fd, BIOCSBLEN, (caddr_t)&l) < 0)
{
errorStr = bd->iface + " BIOCSBLEN " + std::string(strerror(errno));
+ logger("ioctl (BIOCSBLEN) error for interface '%s': %s", bd->iface.c_str(), strerror(errno));
printfd(__FILE__, "ioctl failed: '%s'\n", errorStr.c_str());
return -1;
}
if (ioctl(bd->fd, BIOCSETIF, (caddr_t)&ifr) < 0)
{
errorStr = bd->iface + " BIOCSETIF " + std::string(strerror(errno));
+ logger("ioctl (BIOCSETIF) error for interface '%s': %s", bd->iface.c_str(), strerror(errno));
printfd(__FILE__, "ioctl failed: '%s'\n", errorStr.c_str());
return -1;
}
if (ioctl(bd->fd, BIOCIMMEDIATE, &im) < 0)
{
errorStr = bd->iface + " BIOCIMMEDIATE " + std::string(strerror(errno));
+ logger("ioctl (BIOCIMMEDIATE) error for interface '%s': %s", bd->iface.c_str(), strerror(errno));
printfd(__FILE__, "ioctl failed: '%s'\n", errorStr.c_str());
return -1;
}
{
if (polld[i].revents & POLLIN)
{
- BPFCapRead(buffer, blen, capIface, &bpfData[i]);
+ if (BPFCapRead(buffer, blen, capIface, &bpfData[i]))
+ {
+ polld[i].revents = 0;
+ continue;
+ }
polld[i].revents = 0;
return 0;
}
}
-return 0;
+return -1;
}
//-----------------------------------------------------------------------------
int BPF_CAP::BPFCapRead(char * buffer, int blen, char **, BPF_DATA * bd)
bd->r = read(bd->fd, bd->buffer, BUFF_LEN);
if (bd->r < 0)
{
- //printfd(__FILE__, " error read\n");
- usleep(20000);
+ logger("read error: %s", strerror(errno));
+ struct timespec ts = {0, 20000000};
+ nanosleep(&ts, NULL);
+ return -1;
}
bd->p = bd->buffer;