3rd-party/libtins
1
0
Fork 0
mirror of https://github.com/mfontanini/libtins synced 2026-01-23 02:35:57 +01:00
Code Issues Releases Wiki Activity

Added FileSniffer class.

Browse Source
This commit is contained in:
Matias Fontanini
2012-09-06 00:37:12 -03:00
parent 3cb6603151
commit 3d2cbf349a
4 changed files with 784 additions and 842 deletions
Download Patch File Download Diff File Expand all files Collapse all files

297
depends.d
View File

@@ -1,65 +1,56 @@
src/arp.o: src/arp.cpp include/arp.h include/pdu.h include/packetsender.h \
include/ipaddress.h include/endianness.h include/small_uint.h \
include/hwaddress.h include/network_interface.h include/ip.h \
include/ethernetII.h include/rawpdu.h include/constants.h
src/arp.o: src/arp.cpp include/arp.h include/pdu.h include/endianness.h \
include/hwaddress.h include/ipaddress.h include/ip.h \
include/small_uint.h include/ethernetII.h include/network_interface.h \
include/rawpdu.h include/constants.h include/network_interface.h
include/arp.h:
include/pdu.h:
include/packetsender.h:
include/ipaddress.h:
include/endianness.h:
include/small_uint.h:
include/hwaddress.h:
include/network_interface.h:
include/ipaddress.h:
include/ip.h:
include/small_uint.h:
include/ethernetII.h:
include/network_interface.h:
include/rawpdu.h:
include/constants.h:
include/network_interface.h:
src/bootp.o: src/bootp.cpp include/bootp.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/ipaddress.h include/hwaddress.h
include/endianness.h include/ipaddress.h include/hwaddress.h
include/bootp.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/ipaddress.h:
include/hwaddress.h:
src/dhcp.o: src/dhcp.cpp include/endianness.h include/small_uint.h \
include/dhcp.h include/bootp.h include/pdu.h include/packetsender.h \
include/endianness.h include/ipaddress.h include/hwaddress.h \
include/ethernetII.h include/network_interface.h
src/dhcp.o: src/dhcp.cpp include/endianness.h include/dhcp.h \
include/bootp.h include/pdu.h include/endianness.h include/ipaddress.h \
include/hwaddress.h include/ethernetII.h include/network_interface.h \
include/ipaddress.h
include/endianness.h:
include/small_uint.h:
include/dhcp.h:
include/bootp.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/ipaddress.h:
@@ -69,178 +60,154 @@ include/hwaddress.h:
include/ethernetII.h:
include/network_interface.h:
src/dns.o: src/dns.cpp include/dns.h include/pdu.h include/packetsender.h \
include/endianness.h include/small_uint.h include/ipaddress.h
include/ipaddress.h:
src/dns.o: src/dns.cpp include/dns.h include/pdu.h include/endianness.h \
include/ipaddress.h
include/dns.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/ipaddress.h:
src/dot11.o: src/dot11.cpp include/dot11.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/network_interface.h include/hwaddress.h include/ipaddress.h \
include/rawpdu.h include/radiotap.h include/sniffer.h \
include/ethernetII.h include/radiotap.h include/rsn_information.h \
include/endianness.h include/hwaddress.h include/small_uint.h \
include/network_interface.h include/ipaddress.h include/rawpdu.h \
include/radiotap.h include/rsn_information.h include/packetsender.h \
include/snap.h
include/dot11.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/hwaddress.h:
include/small_uint.h:
include/network_interface.h:
include/hwaddress.h:
include/ipaddress.h:
include/rawpdu.h:
include/radiotap.h:
include/sniffer.h:
include/ethernetII.h:
include/radiotap.h:
include/rsn_information.h:
include/packetsender.h:
include/snap.h:
src/eapol.o: src/eapol.cpp include/eapol.h include/pdu.h \
include/packetsender.h include/small_uint.h include/endianness.h \
include/dot11.h include/network_interface.h include/hwaddress.h \
include/ipaddress.h include/rsn_information.h
include/small_uint.h include/endianness.h include/dot11.h \
include/hwaddress.h include/network_interface.h include/ipaddress.h \
include/rsn_information.h
include/eapol.h:
include/pdu.h:
include/packetsender.h:
include/small_uint.h:
include/endianness.h:
include/dot11.h:
include/network_interface.h:
include/hwaddress.h:
include/network_interface.h:
include/ipaddress.h:
include/rsn_information.h:
src/ethernetII.o: src/ethernetII.cpp include/ethernetII.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/hwaddress.h include/network_interface.h include/ipaddress.h \
include/rawpdu.h include/ip.h include/arp.h
include/endianness.h include/hwaddress.h include/network_interface.h \
include/ipaddress.h include/packetsender.h include/rawpdu.h include/ip.h \
include/small_uint.h include/arp.h
include/ethernetII.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/hwaddress.h:
include/network_interface.h:
include/ipaddress.h:
include/packetsender.h:
include/rawpdu.h:
include/ip.h:
include/small_uint.h:
include/arp.h:
src/icmp.o: src/icmp.cpp include/icmp.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/rawpdu.h include/utils.h include/ipaddress.h include/hwaddress.h \
include/network_interface.h
include/endianness.h include/rawpdu.h include/utils.h \
include/packetsender.h include/ipaddress.h include/hwaddress.h
include/icmp.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/rawpdu.h:
include/utils.h:
include/packetsender.h:
include/ipaddress.h:
include/hwaddress.h:
include/network_interface.h:
src/ieee802_3.o: src/ieee802_3.cpp include/ieee802_3.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/hwaddress.h include/network_interface.h include/ipaddress.h \
include/llc.h
include/endianness.h include/hwaddress.h include/network_interface.h \
include/ipaddress.h include/packetsender.h include/llc.h
include/ieee802_3.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/hwaddress.h:
include/network_interface.h:
include/ipaddress.h:
include/packetsender.h:
include/llc.h:
src/ipaddress.o: src/ipaddress.cpp include/ipaddress.h \
include/endianness.h include/small_uint.h
include/endianness.h
include/ipaddress.h:
include/endianness.h:
include/small_uint.h:
src/ip.o: src/ip.cpp include/ip.h include/pdu.h include/packetsender.h \
include/small_uint.h include/ipaddress.h include/endianness.h \
include/tcp.h include/udp.h include/icmp.h include/rawpdu.h \
include/utils.h include/hwaddress.h include/network_interface.h \
include/constants.h
src/ip.o: src/ip.cpp include/ip.h include/pdu.h include/small_uint.h \
include/endianness.h include/ipaddress.h include/tcp.h include/udp.h \
include/icmp.h include/rawpdu.h include/utils.h include/packetsender.h \
include/hwaddress.h include/constants.h
include/ip.h:
include/pdu.h:
include/packetsender.h:
include/small_uint.h:
include/ipaddress.h:
include/endianness.h:
include/ipaddress.h:
include/tcp.h:
include/udp.h:
@@ -251,31 +218,26 @@ include/rawpdu.h:
include/utils.h:
include/packetsender.h:
include/hwaddress.h:
include/network_interface.h:
include/constants.h:
src/llc.o: src/llc.cpp include/pdu.h include/packetsender.h include/pdu.h \
include/llc.h include/endianness.h include/small_uint.h include/rawpdu.h
include/pdu.h:
include/packetsender.h:
src/llc.o: src/llc.cpp include/pdu.h include/llc.h include/pdu.h \
include/endianness.h include/rawpdu.h
include/pdu.h:
include/llc.h:
include/endianness.h:
include/pdu.h:
include/small_uint.h:
include/endianness.h:
include/rawpdu.h:
src/network_interface.o: src/network_interface.cpp \
include/network_interface.h include/hwaddress.h include/ipaddress.h \
include/utils.h include/packetsender.h include/pdu.h \
include/network_interface.h include/endianness.h include/small_uint.h
include/utils.h include/packetsender.h include/endianness.h
include/network_interface.h:
@@ -287,55 +249,34 @@ include/utils.h:
include/packetsender.h:
include/pdu.h:
include/network_interface.h:
include/endianness.h:
include/small_uint.h:
src/packetsender.o: src/packetsender.cpp include/packetsender.h \
include/pdu.h include/packetsender.h
include/pdu.h
include/packetsender.h:
include/pdu.h:
include/packetsender.h:
src/pdu.o: src/pdu.cpp include/utils.h include/packetsender.h \
include/pdu.h include/ipaddress.h include/hwaddress.h \
include/network_interface.h include/pdu.h include/rawpdu.h
include/utils.h:
include/packetsender.h:
include/pdu.h:
include/ipaddress.h:
include/hwaddress.h:
include/network_interface.h:
src/pdu.o: src/pdu.cpp include/pdu.h include/rawpdu.h include/pdu.h \
include/packetsender.h
include/pdu.h:
include/rawpdu.h:
include/pdu.h:
include/packetsender.h:
src/radiotap.o: src/radiotap.cpp include/radiotap.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/network_interface.h include/hwaddress.h include/ipaddress.h \
include/dot11.h include/utils.h
include/endianness.h include/network_interface.h include/hwaddress.h \
include/ipaddress.h include/dot11.h include/small_uint.h include/utils.h \
include/packetsender.h
include/radiotap.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/network_interface.h:
include/hwaddress.h:
@@ -344,35 +285,31 @@ include/ipaddress.h:
include/dot11.h:
include/small_uint.h:
include/utils.h:
src/rawpdu.o: src/rawpdu.cpp include/rawpdu.h include/pdu.h \
include/packetsender.h
include/packetsender.h:
src/rawpdu.o: src/rawpdu.cpp include/rawpdu.h include/pdu.h
include/rawpdu.h:
include/pdu.h:
include/packetsender.h:
src/rsn_information.o: src/rsn_information.cpp include/rsn_information.h \
include/endianness.h include/small_uint.h
include/endianness.h
include/rsn_information.h:
include/endianness.h:
include/small_uint.h:
src/snap.o: src/snap.cpp include/snap.h include/pdu.h \
include/packetsender.h include/endianness.h include/small_uint.h \
include/constants.h include/arp.h include/ipaddress.h \
include/hwaddress.h include/network_interface.h include/ip.h \
include/endianness.h include/small_uint.h include/constants.h \
include/arp.h include/hwaddress.h include/ipaddress.h include/ip.h \
include/eapol.h
include/snap.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
@@ -381,32 +318,25 @@ include/constants.h:
include/arp.h:
include/ipaddress.h:
include/hwaddress.h:
include/network_interface.h:
include/ipaddress.h:
include/ip.h:
include/eapol.h:
src/sniffer.o: src/sniffer.cpp include/sniffer.h include/pdu.h \
include/packetsender.h include/ethernetII.h include/endianness.h \
include/small_uint.h include/hwaddress.h include/network_interface.h \
include/ipaddress.h include/radiotap.h
include/ethernetII.h include/endianness.h include/hwaddress.h \
include/network_interface.h include/ipaddress.h include/radiotap.h
include/sniffer.h:
include/pdu.h:
include/packetsender.h:
include/ethernetII.h:
include/endianness.h:
include/small_uint.h:
include/hwaddress.h:
include/network_interface.h:
@@ -414,21 +344,19 @@ include/network_interface.h:
include/ipaddress.h:
include/radiotap.h:
src/tcp.o: src/tcp.cpp include/tcp.h include/pdu.h include/packetsender.h \
include/small_uint.h include/endianness.h include/ip.h \
include/ipaddress.h include/constants.h include/rawpdu.h include/utils.h \
include/hwaddress.h include/network_interface.h
src/tcp.o: src/tcp.cpp include/tcp.h include/pdu.h include/endianness.h \
include/small_uint.h include/ip.h include/ipaddress.h \
include/constants.h include/rawpdu.h include/utils.h \
include/packetsender.h include/hwaddress.h
include/tcp.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/endianness.h:
include/ip.h:
include/ipaddress.h:
@@ -439,21 +367,19 @@ include/rawpdu.h:
include/utils.h:
include/hwaddress.h:
include/packetsender.h:
include/network_interface.h:
include/hwaddress.h:
src/tcp_stream.o: src/tcp_stream.cpp include/rawpdu.h include/pdu.h \
include/packetsender.h include/tcp_stream.h include/sniffer.h \
include/ethernetII.h include/endianness.h include/small_uint.h \
include/hwaddress.h include/network_interface.h include/ipaddress.h \
include/radiotap.h include/tcp.h include/ip.h
include/tcp_stream.h include/sniffer.h include/ethernetII.h \
include/endianness.h include/hwaddress.h include/network_interface.h \
include/ipaddress.h include/radiotap.h include/tcp.h \
include/small_uint.h include/ip.h
include/rawpdu.h:
include/pdu.h:
include/packetsender.h:
include/tcp_stream.h:
include/sniffer.h:
@@ -462,8 +388,6 @@ include/ethernetII.h:
include/endianness.h:
include/small_uint.h:
include/hwaddress.h:
include/network_interface.h:
@@ -474,57 +398,54 @@ include/radiotap.h:
include/tcp.h:
include/small_uint.h:
include/ip.h:
src/udp.o: src/udp.cpp include/udp.h include/pdu.h include/packetsender.h \
include/endianness.h include/small_uint.h include/constants.h \
include/utils.h include/ipaddress.h include/hwaddress.h \
include/network_interface.h include/ip.h include/rawpdu.h
src/udp.o: src/udp.cpp include/udp.h include/pdu.h include/endianness.h \
include/constants.h include/utils.h include/packetsender.h \
include/ipaddress.h include/hwaddress.h include/ip.h \
include/small_uint.h include/rawpdu.h
include/udp.h:
include/pdu.h:
include/packetsender.h:
include/endianness.h:
include/small_uint.h:
include/constants.h:
include/utils.h:
include/packetsender.h:
include/ipaddress.h:
include/hwaddress.h:
include/network_interface.h:
include/ip.h:
include/small_uint.h:
include/rawpdu.h:
src/utils.o: src/utils.cpp include/utils.h include/packetsender.h \
include/pdu.h include/ipaddress.h include/hwaddress.h \
include/network_interface.h include/pdu.h include/ip.h \
include/small_uint.h include/endianness.h include/icmp.h include/arp.h \
include/endianness.h
include/ipaddress.h include/hwaddress.h include/pdu.h include/ip.h \
include/pdu.h include/small_uint.h include/endianness.h include/icmp.h \
include/arp.h include/endianness.h include/network_interface.h
include/utils.h:
include/packetsender.h:
include/pdu.h:
include/ipaddress.h:
include/hwaddress.h:
include/network_interface.h:
include/pdu.h:
include/ip.h:
include/pdu.h:
include/small_uint.h:
include/endianness.h:
@@ -534,3 +455,5 @@ include/icmp.h:
include/arp.h:
include/endianness.h:
include/network_interface.h:

98
include/sniffer.h
View File

@@ -33,32 +33,23 @@
#include "radiotap.h"
namespace Tins {
/**
* \brief Sniffer class can be used to sniff packets using filters.
/**
* \class BaseSniffer
* \brief Base class for sniffers.
*
* This class uses a given filter to sniff packets and allow the user
* to handle them. Each time a filter is set, it's used until a new one
* is set. Both Sniffer::next_packet and Sniffer::sniff_loop have an
* optional filter parameter. If a filter is set using those parameter,
* the previously set filter is freed and the new one is used.
* This class implements the basic sniffing operations. Subclasses
* should only initialize this object using a pcap_t pointer, which
* will be used to extract packets.
*
* Initialization must be done using the BaseSniffer::init method.
*/
class Sniffer {
class BaseSniffer {
public:
/**
* \brief Creates an instance of sniffer.
* \param device The device which will be sniffed.
* \param max_packet_size The maximum packet size to be read.
* \param promisc bool indicating wether to put the interface in promiscuous mode.
* \param filter A capture filter to compile and use for sniffing sessions.(optional);
*/
Sniffer(const std::string &device, unsigned max_packet_size,
bool promisc = false, const std::string &filter = "");
/**
* \brief Sniffer destructor.
* This frees all memory used by the pcap handle.
*/
~Sniffer();
virtual ~BaseSniffer();
/**
* \brief Compiles a filter and uses it to capture one packet.
@@ -105,6 +96,22 @@ namespace Tins {
* \brief Stops sniffing loops.
*/
void stop_sniff();
protected:
/**
* Default constructor.
*/
BaseSniffer();
/**
* \brief Initialices this BaseSniffer.
*
* \param phandle The pcap handle to be used for sniffing.
* \param filter The pcap filter which will be applied to the
* stream.
* \param if_mask The interface's subnet mask. If 0 is provided,
* then some IP broadcast tests won't work correctly.
*/
void init(pcap_t *phandle, const std::string &filter, bpf_u_int32 if_mask);
private:
template<class Functor>
struct LoopData {
@@ -117,27 +124,68 @@ namespace Tins {
: handle(_handle), c_handler(_handler), wired(is_wired) { }
};
Sniffer(const Sniffer&);
Sniffer &operator=(const Sniffer&);
BaseSniffer(const BaseSniffer&);
BaseSniffer &operator=(const BaseSniffer&);
bool compile_set_filter(const std::string &filter, bpf_program &prog);
template<class Functor>
static void callback_handler(u_char *args, const struct pcap_pkthdr *header, const u_char *packet);
pcap_t *handle;
bpf_u_int32 ip, mask;
bpf_u_int32 mask;
bpf_program actual_filter;
bool wired;
};
/**
* \class Sniffer
* \brief Sniffs packets using pcap filters.
*
* This class uses a given filter to sniff packets and allow the user
* to handle them. Each time a filter is set, it's used until a new one
* is set. Both Sniffer::next_packet and Sniffer::sniff_loop have an
* optional filter parameter. If a filter is set using those parameter,
* the previously set filter is freed and the new one is used.
*/
class Sniffer : public BaseSniffer {
public:
/**
* \brief Constructs an instance of Sniffer.
* \param device The device which will be sniffed.
* \param max_packet_size The maximum packet size to be read.
* \param promisc bool indicating wether to put the interface in promiscuous mode.(optional)
* \param filter A capture filter to be used on the sniffing session.(optional);
*/
Sniffer(const std::string &device, unsigned max_packet_size,
bool promisc = false, const std::string &filter = "");
};
/**
* \class FileSniffer
* \brief Parses pcap files and interprets the packets in it.
*
* This class acts exactly in the same way that Sniffer, but reads
* packets from a pcap file instead of an interface.
*/
class FileSniffer : public BaseSniffer {
public:
/**
* \brief Constructs an instance of FileSniffer.
* \param file_name The pcap file which will be parsed.
* \param filter A capture filter to be used on the file.(optional);
*/
FileSniffer(const std::string &file_name, const std::string &filter = "");
};
template<class Functor>
void Tins::Sniffer::sniff_loop(Functor function, uint32_t max_packets) {
void Tins::BaseSniffer::sniff_loop(Functor function, uint32_t max_packets) {
LoopData<Functor> data(handle, function, wired);
pcap_loop(handle, max_packets, &Sniffer::callback_handler<Functor>, (u_char*)&data);
pcap_loop(handle, max_packets, &BaseSniffer::callback_handler<Functor>, (u_char*)&data);
}
template<class Functor>
void Tins::Sniffer::callback_handler(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) {
void Tins::BaseSniffer::callback_handler(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) {
try {
std::auto_ptr<PDU> pdu;
LoopData<Functor> *data = reinterpret_cast<LoopData<Functor>*>(args);

74
src/sniffer.cpp
View File

@@ -19,41 +19,42 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
#include "sniffer.h"
using namespace std;
using std::string;
using std::runtime_error;
Tins::Sniffer::Sniffer(const string &device, unsigned max_packet_size,
bool promisc, const string &filter)
namespace Tins {
BaseSniffer::BaseSniffer() : handle(0), mask(0)
{
char error[PCAP_ERRBUF_SIZE];
if (pcap_lookupnet(device.c_str(), &ip, &mask, error) == -1) {
ip = 0;
mask = 0;
}
handle = pcap_open_live(device.c_str(), max_packet_size, promisc, 0, error);
if(!handle)
throw runtime_error(error);
wired = (pcap_datalink (handle) != DLT_IEEE802_11_RADIO); //better plx
actual_filter.bf_insns = 0;
if(filter.size() && !set_filter(filter))
throw runtime_error("Invalid filter");
}
Tins::Sniffer::~Sniffer() {
BaseSniffer::~BaseSniffer() {
if(actual_filter.bf_insns)
pcap_freecode(&actual_filter);
if(handle)
pcap_close(handle);
}
bool Tins::Sniffer::compile_set_filter(const string &filter, bpf_program &prog) {
return (pcap_compile(handle, &prog, filter.c_str(), 0, ip) != -1 && pcap_setfilter(handle, &prog) != -1);
void BaseSniffer::init(pcap_t *phandle, const std::string &filter,
bpf_u_int32 if_mask)
{
handle = phandle;
mask = if_mask;
wired = (pcap_datalink(handle) != DLT_IEEE802_11_RADIO); //better plx
actual_filter.bf_insns = 0;
if(!filter.empty() && !set_filter(filter))
throw runtime_error("Invalid filter");
}
Tins::PDU *Tins::Sniffer::next_packet() {
bool BaseSniffer::compile_set_filter(const string &filter, bpf_program &prog) {
return (pcap_compile(handle, &prog, filter.c_str(), 0, mask) != -1 && pcap_setfilter(handle, &prog) != -1);
}
PDU *BaseSniffer::next_packet() {
pcap_pkthdr header;
PDU *ret = 0;
while(!ret) {
@@ -73,13 +74,42 @@ Tins::PDU *Tins::Sniffer::next_packet() {
return ret;
}
void Tins::Sniffer::stop_sniff() {
void BaseSniffer::stop_sniff() {
pcap_breakloop(handle);
}
bool Tins::Sniffer::set_filter(const std::string &filter) {
bool BaseSniffer::set_filter(const std::string &filter) {
if(actual_filter.bf_insns)
pcap_freecode(&actual_filter);
return compile_set_filter(filter, actual_filter);
}
// ****************************** Sniffer ******************************
Sniffer::Sniffer(const string &device, unsigned max_packet_size,
bool promisc, const string &filter)
{
char error[PCAP_ERRBUF_SIZE];
bpf_u_int32 ip, if_mask;
if (pcap_lookupnet(device.c_str(), &ip, &if_mask, error) == -1) {
ip = 0;
if_mask = 0;
}
pcap_t *phandle = pcap_open_live(device.c_str(), max_packet_size, promisc, 0, error);
if(!phandle)
throw runtime_error(error);
init(phandle, filter, if_mask);
}
// **************************** FileSniffer ****************************
FileSniffer::FileSniffer(const string &file_name, const string &filter) {
char error[PCAP_ERRBUF_SIZE];
pcap_t *phandle = pcap_open_offline(file_name.c_str(), error);
if(!phandle)
throw std::runtime_error(error);
init(phandle, filter, 0);
}
}

1157
tests/depends.d
View File

File diff suppressed because it is too large Load Diff