Context Navigation

CaNA.c @ 156

Revision 156, 29.3 KB (checked in by andreu, 11 years ago)
CaNA tool for renetcol

Rev	Line
[156]	1	/*
	2	* File: CaNA.c
	3	*
	4	* Authors: ANDREU Francois-Xavier
	5	*
	6	* Copyright (C) 2011 GIP RENATER
	7	*
	8	* CaNA : Catalyst for NetFlow Analyser
	9	*/
	10
	11	/ This file is part of renetcol.*
	12	*
	13	* renetcol is free software; you can redistribute it and/or modify
	14	* it under the terms of the GNU General Public License as published by
	15	* the Free Software Foundation; either version 2 of the License, or
	16	* (at your option) any later version.
	17	*
	18	* renetcol is distributed in the hope that it will be useful,
	19	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	20	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	21	* GNU General Public License for more details.
	22	*
	23	* You should have received a copy of the GNU General Public License
	24	* along with renetcol; if not, write to the Free Software
	25	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	26	*/
	27
	28	/ Compilation with : gcc -o cana cana.c*
	29	*/
	30
	31	#include "CaNA.h"
	32
	33	char *myFilterFileName;
	34
	35	static int inputSock;
	36	static int sockNamelg;
	37	static int inputSock2;
	38	static int sockNameFromlg;
	39	static int rcv;
	40	static int sockBufSize = SOCKET_BUFFER_SIZE;
	41	static unsigned short receptPort = RECEPTION_PORT;
	42	static char *receptAddress = RECEPTION_ADDRESS;
	43	static struct sockaddr_in name;
	44	static struct sockaddr_in name2;
	45	static struct sockaddr_in fromName;
	46	DatagramPtr pcktPtr;
	47	static unsigned char *ptr_buffer;
	48
	49	int add_entry(u32 adIPS, FilterPtr ptrFilter)
	50	{
	51	ENTRY input;
	52	char *ptrstradIP;
	53	char stradIP[20];
	54
	55	fprintf(stderr, "in add_entry\n");
	56
	57	ptrstradIP = &stradIP[0];
	58	sprintf(ptrstradIP,"%d",adIPS);
	59
	60	fprintf(stderr, "string IP : %s\n", ptrstradIP);
	61
	62	input.key = strdup(ptrstradIP);
	63	fprintf(stderr, "after key\n");
	64	input . data = ptrFilter;
	65	fprintf(stderr, "after data\n");
	66	if (hsearch(input, ENTER) == NULL){
	67	perror("hsearch");
	68	exit(1);
	69	}
	70	return 1;
	71	}
	72
	73	int getFilters(char *filename)
	74	{
	75	FILE *configFile;
	76	s8 line[1024];
	77	s32 cptLine = 0;
	78	s32 nbR = 0;
	79	s32 nbFilters = 0;
	80	s8 tadS[16];
	81	s8 tadS1[16];
	82	s8 tadD1[16];
	83	s8 tnbfilters[2];
	84	s8 tadD2[16];
	85	s8 tadD3[16];
	86	s8 tadS2[16];
	87	s8 tadS3[16];
	88	s8 tadD4[16];
	89	s8 tadS4[16];
	90	s8 tadD5[16];
	91	s8 tadS5[16];
	92	s8 tadD6[16];
	93	s8 tadS6[16];
	94	s8 tportS[6];
	95	s8 tportD1[6];
	96	s8 tportD2[6];
	97	s8 tportD3[6];
	98	s8 tportD4[6];
	99	s8 tportD5[6];
	100	s8 tportD6[6];
	101	s32 ind = 0;
	102	unsigned short n0, n1, n2, n3;
	103	s8 bufferUnsignedShort4[4];
	104	u32 adS;
	105	u32 adS1;
	106	u32 adS2;
	107	u32 adS3;
	108	u32 adS4;
	109	u32 adS5;
	110	u32 adS6;
	111	u32 adD1;
	112	u32 adD2;
	113	u32 adD3;
	114	u32 adD4;
	115	u32 adD5;
	116	u32 adD6;
	117
	118	if (!(configFile = fopen(filename, "r"))) {
	119	fprintf (stderr, "error during file \"%s\" opening\n", filename);
	120	exit(1);
	121	}
	122	cptLine=0;
	123	while ( fgets(line, 1024, configFile) != 0) {
	124	if ( strspn(line, "#") == 0 ) {
	125	if (sscanf(line, "%s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s\n",
	126	tadS,
	127	tportS,
	128	tnbfilters,
	129	tadS1,
	130	tadD1,
	131	tportD1,
	132	tadS2,
	133	tadD2,
	134	tportD2,
	135	tadS3,
	136	tadD3,
	137	tportD3,
	138	tadS4,
	139	tadD4,
	140	tportD4,
	141	tadS5,
	142	tadD5,
	143	tportD5,
	144	tadS6,
	145	tadD6,
	146	tportD6) == 0) {
	147	fprintf(stderr, "Error in file %s, line %d\n", filename, cptLine);
	148	exit(1);
	149	}
	150	cptLine++;
	151	nbFilters = atoi(tnbfilters);
	152	fprintf(stderr, "tnbfilters %s %d nbFilters %d\n",tnbfilters,atoi(tnbfilters), nbFilters);
	153	if (sscanf(tadS,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	154	fprintf(stderr, "IP Source error in file %s, line %d\n",filename, cptLine);
	155	exit(1);
	156	}
	157	bufferUnsignedShort4[3] = (s8)n0;
	158	bufferUnsignedShort4[2] = (s8)n1;
	159	bufferUnsignedShort4[1] = (s8)n2;
	160	bufferUnsignedShort4[0] = (s8)n3;
	161	adS = ((u32)&bufferUnsignedShort4);
	162	fprintf(stderr, "First IP Address OK line %d\n", cptLine);
	163	if ( nbFilters >= 1 ) {
	164	if (sscanf(tadS1,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	165	fprintf(stderr, "First filter, new source IP Address error in file %s, line %d\n",filename, cptLine);
	166	exit(1);
	167	};
	168	bufferUnsignedShort4[3] = (s8)n0;
	169	bufferUnsignedShort4[2] = (s8)n1;
	170	bufferUnsignedShort4[1] = (s8)n2;
	171	bufferUnsignedShort4[0] = (s8)n3;
	172	adS1 = ((u32)&bufferUnsignedShort4);
	173	if (sscanf(tadD1,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	174	fprintf(stderr, "First filter, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	175	exit(1);
	176	};
	177	bufferUnsignedShort4[3] = (s8)n0;
	178	bufferUnsignedShort4[2] = (s8)n1;
	179	bufferUnsignedShort4[1] = (s8)n2;
	180	bufferUnsignedShort4[0] = (s8)n3;
	181	adD1 = ((u32)&bufferUnsignedShort4);
	182	fprintf(stderr, "First filter : address destination OK %d\n", cptLine);
	183	}
	184	if ( nbFilters >= 2 ) {
	185	if (sscanf(tadS2,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	186	fprintf(stderr, "Second filter, new source IP Address error in file %s, line %d\n",filename, cptLine);
	187	exit(1);
	188	};
	189	bufferUnsignedShort4[3] = (s8)n0;
	190	bufferUnsignedShort4[2] = (s8)n1;
	191	bufferUnsignedShort4[1] = (s8)n2;
	192	bufferUnsignedShort4[0] = (s8)n3;
	193	adS2 = ((u32)&bufferUnsignedShort4);
	194	if (sscanf(tadD2,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	195	fprintf(stderr, "Second filter, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	196	exit(1);
	197	};
	198	bufferUnsignedShort4[3] = (s8)n0;
	199	bufferUnsignedShort4[2] = (s8)n1;
	200	bufferUnsignedShort4[1] = (s8)n2;
	201	bufferUnsignedShort4[0] = (s8)n3;
	202	adD2 = ((u32)&bufferUnsignedShort4);
	203	fprintf(stderr, "Second filter : address destination OK %d\n", cptLine);
	204	}
	205	if ( nbFilters >= 3 ) {
	206	if (sscanf(tadS3,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	207	fprintf(stderr, "Third filter, new source IP Address error in file %s, line %d\n",filename, cptLine);
	208	exit(1);
	209	};
	210	bufferUnsignedShort4[3] = (s8)n0;
	211	bufferUnsignedShort4[2] = (s8)n1;
	212	bufferUnsignedShort4[1] = (s8)n2;
	213	bufferUnsignedShort4[0] = (s8)n3;
	214	adS3 = ((u32)&bufferUnsignedShort4);
	215	if (sscanf(tadD3,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	216	fprintf(stderr, "Third filter, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	217	exit(1);
	218	};
	219	bufferUnsignedShort4[3] = (s8)n0;
	220	bufferUnsignedShort4[2] = (s8)n1;
	221	bufferUnsignedShort4[1] = (s8)n2;
	222	bufferUnsignedShort4[0] = (s8)n3;
	223	adD3 = ((u32)&bufferUnsignedShort4);
	224	fprintf(stderr, "Third filter : address destination OK %d\n", cptLine);
	225	}
	226	if ( nbFilters >= 4 ) {
	227	if (sscanf(tadS4,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	228	fprintf(stderr, "Third filter, new source IP Address error in file %s, line %d\n",filename, cptLine);
	229	exit(1);
	230	};
	231	bufferUnsignedShort4[3] = (s8)n0;
	232	bufferUnsignedShort4[2] = (s8)n1;
	233	bufferUnsignedShort4[1] = (s8)n2;
	234	bufferUnsignedShort4[0] = (s8)n3;
	235	adS4 = ((u32)&bufferUnsignedShort4);
	236	if (sscanf(tadD4,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	237	fprintf(stderr, "Third filter, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	238	exit(1);
	239	};
	240	bufferUnsignedShort4[3] = (s8)n0;
	241	bufferUnsignedShort4[2] = (s8)n1;
	242	bufferUnsignedShort4[1] = (s8)n2;
	243	bufferUnsignedShort4[0] = (s8)n3;
	244	adD4 = ((u32)&bufferUnsignedShort4);
	245	fprintf(stderr, "Third filter : address destination OK %d\n", cptLine);
	246	}
	247	if ( nbFilters >= 5 ) {
	248	if (sscanf(tadS5,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	249	fprintf(stderr, "Third filter, new source IP Address error in file %s, line %d\n",filename, cptLine);
	250	exit(1);
	251	};
	252	bufferUnsignedShort4[3] = (s8)n0;
	253	bufferUnsignedShort4[2] = (s8)n1;
	254	bufferUnsignedShort4[1] = (s8)n2;
	255	bufferUnsignedShort4[0] = (s8)n3;
	256	adS5 = ((u32)&bufferUnsignedShort4);
	257	if (sscanf(tadD5,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	258	fprintf(stderr, "Third filter, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	259	exit(1);
	260	};
	261	bufferUnsignedShort4[3] = (s8)n0;
	262	bufferUnsignedShort4[2] = (s8)n1;
	263	bufferUnsignedShort4[1] = (s8)n2;
	264	bufferUnsignedShort4[0] = (s8)n3;
	265	adD5 = ((u32)&bufferUnsignedShort4);
	266	fprintf(stderr, "Third filter : address destination OK %d\n", cptLine);
	267	}
	268	if ( nbFilters >= 6 ) {
	269	if (sscanf(tadS6,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	270	fprintf(stderr, "filter six, new source IP Address error in file %s, line %d\n",filename, cptLine);
	271	exit(1);
	272	};
	273	bufferUnsignedShort4[3] = (s8)n0;
	274	bufferUnsignedShort4[2] = (s8)n1;
	275	bufferUnsignedShort4[1] = (s8)n2;
	276	bufferUnsignedShort4[0] = (s8)n3;
	277	adS6 = ((u32)&bufferUnsignedShort4);
	278	if (sscanf(tadD6,"%hu.%hu.%hu.%hu",&n0,&n1,&n2,&n3) == 0){
	279	fprintf(stderr, "filter six, new Destination IP Address error in file %s, line %d\n",filename, cptLine);
	280	exit(1);
	281	};
	282	bufferUnsignedShort4[3] = (s8)n0;
	283	bufferUnsignedShort4[2] = (s8)n1;
	284	bufferUnsignedShort4[1] = (s8)n2;
	285	bufferUnsignedShort4[0] = (s8)n3;
	286	adD6 = ((u32)&bufferUnsignedShort4);
	287	fprintf(stderr, "filter six: address destination OK %d\n", cptLine);
	288	}
	289	if ( nbFilters > 6) {
	290	fprintf(stderr, " More than 6 filters is not allowed in this version, file %s, line %d\n",filename, cptLine);
	291	exit(1);
	292	}
	293	FilterPtr tmp = (FilterPtr) malloc(sizeof(struct Filter));
	294	tmp->nb_filters = nbFilters;
	295	tmp->new_router_ip = adS1;
	296	tmp->new_destination_ip = adD1;
	297	//tmp->new_dest_udp_port = (u8) atoi(tportD1);
	298	tmp->new_dest_udp_port = (u16) atoi(tportD1);
	299	tmp->second_router_ip = adS2;
	300	tmp->second_destination_ip = adD2;
	301	tmp->second_dest_udp_port = (u16) atoi(tportD2);
	302	tmp->third_router_ip = adS3;
	303	tmp->third_destination_ip = adD3;
	304	tmp->third_dest_udp_port = (u16) atoi(tportD3);
	305	tmp->fourth_router_ip = adS4;
	306	tmp->fourth_destination_ip = adD4;
	307	tmp->fourth_dest_udp_port = (u16) atoi(tportD4);
	308	tmp->five_router_ip = adS5;
	309	tmp->five_destination_ip = adD5;
	310	tmp->five_dest_udp_port = (u16) atoi(tportD5);
	311	tmp->six_router_ip = adS6;
	312	tmp->six_destination_ip = adD6;
	313	tmp->six_dest_udp_port = (u16) atoi(tportD6);
	314	if (add_entry(adS,tmp)!=1){
	315	fprintf(stderr, "problem in add entry in hash table\n");
	316	exit(1);
	317	}else{
	318	fprintf(stderr, "add entry OK in hash table\n");
	319	}
	320
	321	}
	322	}
	323	if( fclose(configFile) != 0) {
	324	return (-1);
	325	} else {
	326	return nbR;
	327	}
	328	}
	329
	330
	331	/*
	332	* get IP Header
	333	*/
	334	unsigned short
	335	getIpHeader(unsigned char *buf)
	336	{
	337	unsigned char buffer2[2];
	338	unsigned char buffer4[4];
	339	unsigned short offset = 0;
	340	pcktPtr->ipH->versionAndLength = (unsigned short)*(buf);
	341	pcktPtr->ipH->tos = (unsigned short)*(buf+offset+1);
	342	buffer2[1]= *(buf+offset+2);
	343	buffer2[0]= *(buf+offset+3);
	344	pcktPtr->ipH->length = ((unsigned* short*)&buffer2);
	345	buffer2[1]= *(buf+offset+4);
	346	buffer2[0]= *(buf+offset+5);
	347	pcktPtr->ipH->ident = ((unsigned* short*)&buffer2);
	348	pcktPtr->ipH->flagsAndOffset = (unsigned short)(*(buf+offset+7));
	349	pcktPtr->ipH->ttl = (unsigned short)*(buf+offset+8);
	350	pcktPtr->ipH->protocol = (unsigned short)*(buf+offset+9);
	351	buffer2[1]= *(buf+offset+10);
	352	buffer2[0]= *(buf+offset+11);
	353	pcktPtr->ipH->checksum = ((unsigned* short*)(&buffer2));
	354	buffer4[3] = *(buf+offset+12)&0xff;
	355	buffer4[2] = *(buf+offset+13)&0xff;
	356	buffer4[1] = *(buf+offset+14)&0xff;
	357	buffer4[0] = *(buf+offset+15)&0xff;
	358	pcktPtr->ipH->srcAdd = ((unsigned* long*)(&buffer4));
	359	buffer4[3] = *(buf+offset+16)&0xff;
	360	buffer4[2] = *(buf+offset+17)&0xff;
	361	buffer4[1] = *(buf+offset+18)&0xff;
	362	buffer4[0] = *(buf+offset+19)&0xff;
	363	pcktPtr->ipH->dstAdd = ((unsigned* long*)(&buffer4));
	364	return(0);
	365	}
	366
	367	/*
	368	* few check on IP Header
	369	*/
	370	unsigned short
	371	checkIpHeader(DatagramPtr pP)
	372	{
	373	if ((pP->ipH->versionAndLength>>4) != 4)
	374	{
	375	syslog(LOG_INFO,"IP version not 4 (%d)", (pP->ipH->versionAndLength>>4));
	376	return(1);
	377	}
	378	/ if (pckt.ipH.length_entete != 5) /
	379	/ { /
	380	/ syslog(LOG_INFO,"IHL != 5 (%d)", pckt.ipH.versionAndLength); /
	381	/ return(1); /
	382	/ } /
	383	if (pP->ipH->tos != 0)
	384	{
	385	syslog(LOG_INFO,"TOS(%d) != 0",
	386	pP->ipH->tos);
	387	}
	388	if (pP->ipH->length > 1492)
	389	{
	390	syslog(LOG_INFO,"IP packet length > 1492 (%d)",
	391	pP->ipH->length);
	392	return(1);
	393	}
	394	if (pP->ipH->protocol != 17)
	395	{
	396	syslog(LOG_INFO,"Not UDP protocol (%u)",pP->ipH->protocol);
	397	return(1);
	398	}
	399	return(0);
	400	}
	401
	402
	403	/*
	404	* get UDP Header
	405	*/
	406	unsigned short
	407	getUdpHeader(DatagramPtr pckt, unsigned char * buf)
	408	{
	409	unsigned char buffer2[2];
	410	unsigned short offset = 20;
	411	buffer2[1]= *(buf+offset+0);
	412	buffer2[0]= *(buf+offset+1);
	413	pckt->udp_header->srcPort = ((unsigned* short*)&buffer2);
	414	buffer2[1]= *(buf+offset+2);
	415	buffer2[0]= *(buf+offset+3);
	416	pckt->udp_header->dstPort = ((unsigned* short*)&buffer2);
	417	buffer2[1]= *(buf+offset+4);
	418	buffer2[0]= *(buf+offset+5);
	419	pckt->udp_header->length = ((unsigned* short*)&buffer2);
	420	buffer2[1]= *(buf+offset+6);
	421	buffer2[0]= *(buf+offset+7);
	422	pckt->udp_header->checksum = ((unsigned* short*)&buffer2);
	423	return(0);
	424	}
	425
	426
	427	/*
	428	* few check on UDP Header
	429	*/
	430	unsigned short
	431	checkUdpHeader(DatagramPtr pckt, int regRouter, unsigned short receptPort )
	432	{
	433	if(pckt->udp_header->dstPort != receptPort)
	434	{
	435	if (regRouter == 0){
	436	syslog(LOG_INFO,"Wrong destination port (%u)",
	437	pckt->udp_header->dstPort);
	438	return (1);
	439	}
	440	return (1);
	441	}else{
	442	if (regRouter == 2)
	443	{
	444	syslog(LOG_INFO,"Router Address not registered : %lu.%lu.%lu.%lu)",
	445	(pckt->ipH->srcAdd>>24),
	446	(pckt->ipH->srcAdd<<8>>24),
	447	(pckt->ipH->srcAdd<<16>>24),
	448	(pckt->ipH->srcAdd<<24>>24));
	449	return (1);
	450	}
	451	return (0);
	452	}
	453	/ if(pckt->udp_header->length > 1472) /
	454	/ { /
	455	/ syslog(LOG_INFO,"UDP length > 1472"); /
	456	/ return(1); /
	457	/ } /
	458	return(0);
	459	}
	460
	461
	462
	463	short
	464	initSocket()
	465	{
	466	inputSock = socket(AF_INET, SOCK_RAW, IPPROTO_UDP);
	467	if (inputSock < 0)
	468	{
	469	syslog(LOG_ERR,"socket : %s", strerror(errno));
	470	exit(1);
	471	}
	472	memset((void)&name, 0, sizeof*(name));
	473	name.sin_family = AF_INET;
	474	name.sin_addr.s_addr = htonl(INADDR_ANY);
	475	if (name.sin_addr.s_addr == INADDR_NONE){
	476	syslog(LOG_ERR, " INADDR_NONE ");
	477	exit(1);
	478	}
	479	name.sin_port = htons(receptPort);
	480	if (bind(inputSock,(struct sockaddr )(&name), sizeof*(name)) < 0)
	481	{
	482	syslog(LOG_ERR, "bind : %s", strerror(errno));
	483	exit(1);
	484	}
	485	sockNamelg = sizeof(name);
	486	if (getsockname(inputSock, (struct sockaddr *) (&name),
	487	(socklen_t *)&sockNamelg) < 0)
	488	{
	489	syslog(LOG_ERR, "getsockname: %s", strerror(errno));
	490	exit(1);
	491	}
	492	/ Here socket DGRAM creation, only to not have a unreachable service /
	493	/ message in return /
	494	inputSock2 = socket(AF_INET, SOCK_DGRAM, 0);
	495	if (inputSock2 < 0)
	496	{
	497	syslog(LOG_ERR,"socket : %s", strerror(errno));
	498	exit(1);
	499	}
	500	memset((void)&name, 0, sizeof*(name));
	501	name2.sin_family = AF_INET;
	502	name2.sin_addr.s_addr = htonl(INADDR_ANY);
	503	if (name2.sin_addr.s_addr == INADDR_NONE){
	504	syslog(LOG_ERR, " INADDR_NONE ");
	505	exit(1);
	506	}
	507	name2.sin_port = htons(receptPort);
	508	if (bind(inputSock2,(struct sockaddr )(&name2), sizeof*(name2)) < 0)
	509	{
	510	syslog(LOG_ERR, "bind : %s", strerror(errno));
	511	exit(1);
	512	}
	513	sockNamelg = sizeof(name2);
	514	if (getsockname(inputSock2, (struct sockaddr *) (&name2),
	515	(socklen_t *)&sockNamelg) < 0)
	516	{
	517	syslog(LOG_ERR, "getsockname: %s", strerror(errno));
	518	exit(1);
	519	}
	520	return(0);
	521	}
	522
	523	u16 in_cksum(u16 *addr, u32 length)
	524	{
	525	u32 conv = length;
	526	u32 sum = 0;
	527	u16 *paddr = addr;
	528	u16 res = 0;
	529
	530	while (conv > 1) {
	531	sum += *paddr++;
	532	conv -= 2;
	533	}
	534	if (conv == 1) {
	535	(unsigned* char ) (&res) = (unsigned char *) paddr;
	536	sum += res;
	537	}
	538	sum = (sum >> 16) + (sum & 0xFFFF);
	539	sum += (sum >> 16);
	540	res = ~sum;
	541	return (res);
	542	}
	543
	544	u16 udp_checksum(u32 src, u32 dst, u16 *addr, u32 length)
	545	{
	546	struct toCkSum_UdpHeader buffer;
	547
	548	memset(&buffer, 0, sizeof(buffer));
	549	buffer.srcIP.s_addr = src;
	550	buffer.dstIP.s_addr = dst;
	551	buffer.padding = 0;
	552	buffer.protocol = IPPROTO_UDP;
	553	buffer.udp_length = htons(length);
	554	memcpy(&(buffer.udp), addr, length);
	555	return in_cksum((u16 *)&buffer, 12 + length);
	556	}
	557
	558	/*
	559	* socketReading
	560	*/
	561	short
	562	socketReading()
	563	{
	564	/ input udp raw socket declarations /
	565	static s16 sockLg;
	566	static char *ptrstradIP;
	567	static char stradIP[20];
	568	ENTRY input;
	569	ENTRY * finded;
	570	/ output udp raw socket declarations /
	571	static struct ip ip;
	572	static struct udphdr udp;
	573	static u32 sd;
	574	const u32 opt = 1;
	575	static struct sockaddr_in sin;
	576	static u_char *packet;
	577	static char *myoffset;
	578
	579	sockNameFromlg = sizeof(fromName);
	580	rcv = recvfrom(inputSock, ptr_buffer, sockBufSize, 0,
	581	(struct sockaddr *)(&fromName),
	582	(socklen_t *)&sockNameFromlg);
	583	sockLg = rcv;
	584	if (sockLg < 0) {
	585	syslog(LOG_ERR,"recvfrom : %s", strerror(errno));
	586	exit(1);
	587	}
	588	if (sockLg == 0) {
	589	syslog(LOG_ERR,"recvfrom : %s", strerror(errno));
	590	exit(1);
	591	}
	592	getIpHeader(ptr_buffer);
	593	checkIpHeader(pcktPtr);
	594	ptrstradIP = &stradIP[0];
	595	sprintf(ptrstradIP,"%d",pcktPtr->ipH->srcAdd);
	596	input.key = ptrstradIP;
	597	if ( (finded = hsearch(input,FIND)) == NULL) {
	598	fprintf(stderr,"!");
	599	} else {
	600	//fprintf(stderr,".");
	601	/ HERE we will send new Packets from new sources (spoofing) to new destinations /
	602	if ( ((FilterPtr)finded->data)->nb_filters >= 1 ) {
	603	//fprintf(stderr," %d ", ((FilterPtr)finded->data)->nb_filters);
	604	packet = (u_char *)malloc(pcktPtr->ipH->length);
	605	ip.ip_hl = 0x5;
	606	ip.ip_v = 0x4;
	607	ip.ip_tos = 0x0;
	608	ip.ip_len = pcktPtr->ipH->length;/60;/
	609	ip.ip_id = pcktPtr->ipH->ident;
	610	ip.ip_off = 0x0;
	611	ip.ip_ttl = 64;
	612	ip.ip_p = IPPROTO_UDP;
	613	ip.ip_sum = 0x0;
	614	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->new_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	615	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->new_destination_ip);/inet_addr("192.168.0.1");/
	616	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	617	memcpy(packet, &ip, sizeof(ip));
	618	udp.source = htons(6604);
	619	udp.dest = htons(((FilterPtr)finded->data)->new_dest_udp_port);
	620	udp.len = htons(pcktPtr->ipH->length-20);
	621	udp.check = 0;
	622	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	623	memcpy(packet+20, &udp, sizeof(udp));
	624
	625	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	626	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	627	perror("raw socket");
	628	exit(1);
	629	}
	630
	631	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	632	perror("setsockopt");
	633	exit(1);
	634	}
	635	memset(&sin, 0, sizeof(sin));
	636	sin.sin_family = AF_INET;
	637	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	638
	639	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	640	perror("sendto");
	641	exit(1);
	642	}
	643	close(sd);
	644	free(packet);
	645	packet = NULL;
	646	}
	647	if ( ((FilterPtr)finded->data)->nb_filters >= 2 ) {
	648	packet = (u_char *)malloc(pcktPtr->ipH->length);
	649	ip.ip_hl = 0x5;
	650	ip.ip_v = 0x4;
	651	ip.ip_tos = 0x0;
	652	ip.ip_len = pcktPtr->ipH->length;/60;/
	653	ip.ip_id = pcktPtr->ipH->ident;
	654	ip.ip_off = 0x0;
	655	ip.ip_ttl = 64;
	656	ip.ip_p = IPPROTO_UDP;
	657	ip.ip_sum = 0x0;
	658	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->second_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	659	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->second_destination_ip);/inet_addr("192.168.0.1");/
	660	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	661	memcpy(packet, &ip, sizeof(ip));
	662	udp.source = htons(6604);
	663	udp.dest = htons(((FilterPtr)finded->data)->second_dest_udp_port);
	664	udp.len = htons(pcktPtr->ipH->length-20);
	665	udp.check = 0;
	666	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	667	memcpy(packet+20, &udp, sizeof(udp));
	668
	669	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	670	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	671	perror("raw socket");
	672	exit(1);
	673	}
	674
	675	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	676	perror("setsockopt");
	677	exit(1);
	678	}
	679	memset(&sin, 0, sizeof(sin));
	680	sin.sin_family = AF_INET;
	681	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	682
	683	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	684	perror("sendto");
	685	exit(1);
	686	}
	687	close(sd);
	688	free(packet);
	689	packet = NULL;
	690	}
	691	if ( ((FilterPtr)finded->data)->nb_filters >= 3 ) {
	692	packet = (u_char *)malloc(pcktPtr->ipH->length);
	693	ip.ip_hl = 0x5;
	694	ip.ip_v = 0x4;
	695	ip.ip_tos = 0x0;
	696	ip.ip_len = pcktPtr->ipH->length;/60;/
	697	ip.ip_id = pcktPtr->ipH->ident;
	698	ip.ip_off = 0x0;
	699	ip.ip_ttl = 64;
	700	ip.ip_p = IPPROTO_UDP;
	701	ip.ip_sum = 0x0;
	702	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->third_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	703	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->third_destination_ip);/inet_addr("192.168.0.1");/
	704	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	705	memcpy(packet, &ip, sizeof(ip));
	706	udp.source = htons(6604);
	707	udp.dest = htons(((FilterPtr)finded->data)->third_dest_udp_port);
	708	udp.len = htons(pcktPtr->ipH->length-20);
	709	udp.check = 0;
	710	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	711	memcpy(packet+20, &udp, sizeof(udp));
	712
	713	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	714	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	715	perror("raw socket");
	716	exit(1);
	717	}
	718
	719	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	720	perror("setsockopt");
	721	exit(1);
	722	}
	723	memset(&sin, 0, sizeof(sin));
	724	sin.sin_family = AF_INET;
	725	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	726
	727	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	728	perror("sendto");
	729	exit(1);
	730	}
	731	close(sd);
	732	free(packet);
	733	packet = NULL;
	734	}
	735	if ( ((FilterPtr)finded->data)->nb_filters >= 4 ) {
	736	packet = (u_char *)malloc(pcktPtr->ipH->length);
	737	ip.ip_hl = 0x5;
	738	ip.ip_v = 0x4;
	739	ip.ip_tos = 0x0;
	740	ip.ip_len = pcktPtr->ipH->length;/60;/
	741	ip.ip_id = pcktPtr->ipH->ident;
	742	ip.ip_off = 0x0;
	743	ip.ip_ttl = 64;
	744	ip.ip_p = IPPROTO_UDP;
	745	ip.ip_sum = 0x0;
	746	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->fourth_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	747	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->fourth_destination_ip);/inet_addr("192.168.0.1");/
	748	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	749	memcpy(packet, &ip, sizeof(ip));
	750	udp.source = htons(6604);
	751	udp.dest = htons(((FilterPtr)finded->data)->fourth_dest_udp_port);
	752	udp.len = htons(pcktPtr->ipH->length-20);
	753	udp.check = 0;
	754	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	755	memcpy(packet+20, &udp, sizeof(udp));
	756
	757	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	758	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	759	perror("raw socket");
	760	exit(1);
	761	}
	762
	763	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	764	perror("setsockopt");
	765	exit(1);
	766	}
	767	memset(&sin, 0, sizeof(sin));
	768	sin.sin_family = AF_INET;
	769	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	770
	771	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	772	perror("sendto");
	773	exit(1);
	774	}
	775	close(sd);
	776	free(packet);
	777	packet = NULL;
	778	}
	779	if ( ((FilterPtr)finded->data)->nb_filters >= 5 ) {
	780	packet = (u_char *)malloc(pcktPtr->ipH->length);
	781	ip.ip_hl = 0x5;
	782	ip.ip_v = 0x4;
	783	ip.ip_tos = 0x0;
	784	ip.ip_len = pcktPtr->ipH->length;/60;/
	785	ip.ip_id = pcktPtr->ipH->ident;
	786	ip.ip_off = 0x0;
	787	ip.ip_ttl = 64;
	788	ip.ip_p = IPPROTO_UDP;
	789	ip.ip_sum = 0x0;
	790	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->five_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	791	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->five_destination_ip);/inet_addr("192.168.0.1");/
	792	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	793	memcpy(packet, &ip, sizeof(ip));
	794	udp.source = htons(6604);
	795	udp.dest = htons(((FilterPtr)finded->data)->five_dest_udp_port);
	796	udp.len = htons(pcktPtr->ipH->length-20);
	797	udp.check = 0;
	798	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	799	memcpy(packet+20, &udp, sizeof(udp));
	800
	801	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	802	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	803	perror("raw socket");
	804	exit(1);
	805	}
	806
	807	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	808	perror("setsockopt");
	809	exit(1);
	810	}
	811	memset(&sin, 0, sizeof(sin));
	812	sin.sin_family = AF_INET;
	813	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	814
	815	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	816	perror("sendto");
	817	exit(1);
	818	}
	819	close(sd);
	820	free(packet);
	821	packet = NULL;
	822	}
	823	if ( ((FilterPtr)finded->data)->nb_filters == 6 ) {
	824	packet = (u_char *)malloc(pcktPtr->ipH->length);
	825	ip.ip_hl = 0x5;
	826	ip.ip_v = 0x4;
	827	ip.ip_tos = 0x0;
	828	ip.ip_len = pcktPtr->ipH->length;/60;/
	829	ip.ip_id = pcktPtr->ipH->ident;
	830	ip.ip_off = 0x0;
	831	ip.ip_ttl = 64;
	832	ip.ip_p = IPPROTO_UDP;
	833	ip.ip_sum = 0x0;
	834	ip.ip_src.s_addr = htonl(((FilterPtr)finded->data)->six_router_ip);/htonl(pcktPtr->ipH->srcAdd);/
	835	ip.ip_dst.s_addr = htonl(((FilterPtr)finded->data)->six_destination_ip);/inet_addr("192.168.0.1");/
	836	ip.ip_sum = in_cksum((u16 )&ip, sizeof*(ip));
	837	memcpy(packet, &ip, sizeof(ip));
	838	udp.source = htons(6604);
	839	udp.dest = htons(((FilterPtr)finded->data)->six_dest_udp_port);
	840	udp.len = htons(pcktPtr->ipH->length-20);
	841	udp.check = 0;
	842	udp.check = udp_checksum(ip.ip_src.s_addr, ip.ip_dst.s_addr, (u16 )&udp, sizeof*(udp));
	843	memcpy(packet+20, &udp, sizeof(udp));
	844
	845	memcpy(packet+28, (ptr_buffer+28), (pcktPtr->ipH->length)-28);
	846	if ((sd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {
	847	perror("raw socket");
	848	exit(1);
	849	}
	850
	851	if (setsockopt(sd, IPPROTO_IP, IP_HDRINCL, &opt, sizeof(opt)) < 0) {
	852	perror("setsockopt");
	853	exit(1);
	854	}
	855	memset(&sin, 0, sizeof(sin));
	856	sin.sin_family = AF_INET;
	857	sin.sin_addr.s_addr = ip.ip_dst.s_addr;
	858
	859	if (sendto(sd, packet, pcktPtr->ipH->length, 0, (struct sockaddr )&sin, sizeof(struct* sockaddr)) < 0) {
	860	perror("sendto");
	861	exit(1);
	862	}
	863	close(sd);
	864	free(packet);
	865	packet = NULL;
	866	}
	867	}
	868	return(0);
	869	}
	870
	871	int
	872	main (int argc, char *argv[])
	873	{
	874	if ( argc != 2) {
	875	fprintf (stderr,
	876	"%s: Usage: %s <filter file name>\n exp: %s /tmp/routers_filters.txt\n",
	877	argv[0], argv[0], argv[0]);
	878	exit(1);
	879	}
	880
	881	/ hashtable creation /
	882	if (hcreate(NB_ENTRY) == 0){
	883	perror("hcreate");
	884	exit(1);
	885	}
	886
	887	/ configuration file reading /
	888	myFilterFileName = argv[1];
	889	if (getFilters(myFilterFileName)==-1)
	890	{
	891	fprintf (stderr, "error in reading your file :\"%s\" \n", myFilterFileName);
	892	exit(1);
	893	};
	894
	895	pcktPtr = (DatagramPtr) malloc(sizeof(struct Datagram));
	896	if (pcktPtr==NULL) {
	897	fprintf(stderr, "ERROR in struct Datagram allocation\n");
	898	exit(1);
	899	} else {
	900	pcktPtr->ipH = (IpHeaderPtr) malloc(sizeof(struct IpHeader));
	901	pcktPtr->udp_header = (UdpHeaderPtr) malloc(sizeof(struct UdpHeader));
	902	}
	903	if (! (ptr_buffer = malloc(sockBufSize)))
	904	{
	905	printf("ERROR during socket buffer allocation\n");
	906	exit(2);
	907	}
	908
	909	/ socket raw /
	910	initSocket();
	911	do {
	912	socketReading();
	913	} while(1);
	914
	915
	916	/ end /
	917	hdestroy();
	918	exit(1);
	919	}

Note: See TracBrowser for help on using the browser.

Context Navigation

root/trunk/tool/CaNA.c @ 156

Download in other formats: