aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLaurent Ghigonis <laurent@p1sec.com>2012-11-30 14:45:19 +0100
committerLaurent Ghigonis <laurent@p1sec.com>2012-11-30 14:45:19 +0100
commit628f25a6d10e50db012f8b28870669dfc10f6a28 (patch)
tree311067af36ef04bfa5becfc9da975e7cc7d99cb3
parentfix indent (diff)
downloadglouglou-628f25a6d10e50db012f8b28870669dfc10f6a28.tar.xz
glouglou-628f25a6d10e50db012f8b28870669dfc10f6a28.zip
handle loglevel by passing one or multiple -v.
by default, do not print anything else than errors
-rw-r--r--gg_trackproc/gg_trackproc.c112
1 files changed, 75 insertions, 37 deletions
diff --git a/gg_trackproc/gg_trackproc.c b/gg_trackproc/gg_trackproc.c
index 3e694f7..e261b2f 100644
--- a/gg_trackproc/gg_trackproc.c
+++ b/gg_trackproc/gg_trackproc.c
@@ -28,6 +28,8 @@
struct gg_client *ggcli;
struct event_base *ev_base;
+int loglevel = 0;
+
static char*
get_current_date() {
time_t ts;
@@ -157,8 +159,9 @@ void cb_nl(evutil_socket_t fd, short what, void *arg)
rc = recv(fd, &nlcn_msg, sizeof(nlcn_msg), 0);
if (rc == 0) {
/* shutdown? */
- printf("%s: stop listening to netlink events\n",
- get_current_date());
+ if (loglevel)
+ printf("%s: stop listening to netlink events\n",
+ get_current_date());
event_base_loopexit(ev_base, NULL);
return;
} else if (rc == -1) {
@@ -175,8 +178,9 @@ void cb_nl(evutil_socket_t fd, short what, void *arg)
switch (nlcn_msg.proc_ev.what) {
case PROC_EVENT_NONE:
/* XXX what is this event for ?
- * printf("%s: start listening to netlink events...\n",
- * get_current_date()); */
+ * if (loglevel)
+ * printf("%s: start listening to netlink events...\n",
+ * get_current_date()); */
break;
case PROC_EVENT_FORK:
@@ -184,18 +188,20 @@ void cb_nl(evutil_socket_t fd, short what, void *arg)
&cmd);
if (nlcn_msg.proc_ev.event_data.fork.child_tgid
!= nlcn_msg.proc_ev.event_data.fork.child_pid)
- printf("%s: fork %s %d -> %d tid %d\n",
- get_current_date(),
- cmd,
- nlcn_msg.proc_ev.event_data.fork.parent_pid,
- nlcn_msg.proc_ev.event_data.fork.child_pid,
- nlcn_msg.proc_ev.event_data.fork.child_tgid);
+ if (loglevel)
+ printf("%s: fork %s %d -> %d tid %d\n",
+ get_current_date(),
+ cmd,
+ nlcn_msg.proc_ev.event_data.fork.parent_pid,
+ nlcn_msg.proc_ev.event_data.fork.child_pid,
+ nlcn_msg.proc_ev.event_data.fork.child_tgid);
else
- printf("%s: fork %s %d -> %d\n",
- get_current_date(),
- cmd,
- nlcn_msg.proc_ev.event_data.fork.parent_pid,
- nlcn_msg.proc_ev.event_data.fork.child_pid);
+ if (loglevel)
+ printf("%s: fork %s %d -> %d\n",
+ get_current_date(),
+ cmd,
+ nlcn_msg.proc_ev.event_data.fork.parent_pid,
+ nlcn_msg.proc_ev.event_data.fork.child_pid);
pkt.type = PACKET_FORK;
pkt.fork_pid = nlcn_msg.proc_ev.event_data.fork.parent_pid;
pkt.fork_ppid = nlcn_msg.proc_ev.event_data.fork.parent_pid;
@@ -206,10 +212,11 @@ void cb_nl(evutil_socket_t fd, short what, void *arg)
case PROC_EVENT_EXEC:
get_proc_infos(nlcn_msg.proc_ev.event_data.exec.process_pid,
&cmd);
- printf("%s: exec %d -> %s\n",
- get_current_date(),
- nlcn_msg.proc_ev.event_data.exec.process_pid,
- cmd);
+ if (loglevel)
+ printf("%s: exec %d -> %s\n",
+ get_current_date(),
+ nlcn_msg.proc_ev.event_data.exec.process_pid,
+ cmd);
pkt.type = PACKET_EXEC;
pkt.exec_pid = nlcn_msg.proc_ev.event_data.fork.parent_pid;
pkt.exec_cmdlen = strnlen(cmd, GG_PKTARG_MAX);
@@ -217,30 +224,34 @@ void cb_nl(evutil_socket_t fd, short what, void *arg)
break;
#if 0
case PROC_EVENT_UID:
- printf("uid change: tid=%d pid=%d from %d to %d\n",
- nlcn_msg.proc_ev.event_data.id.process_pid,
- nlcn_msg.proc_ev.event_data.id.process_tgid,
- nlcn_msg.proc_ev.event_data.id.r.ruid,
- nlcn_msg.proc_ev.event_data.id.e.euid);
+ if (loglevel)
+ printf("uid change: tid=%d pid=%d from %d to %d\n",
+ nlcn_msg.proc_ev.event_data.id.process_pid,
+ nlcn_msg.proc_ev.event_data.id.process_tgid,
+ nlcn_msg.proc_ev.event_data.id.r.ruid,
+ nlcn_msg.proc_ev.event_data.id.e.euid);
break;
case PROC_EVENT_GID:
- printf("gid change: tid=%d pid=%d from %d to %d\n",
- nlcn_msg.proc_ev.event_data.id.process_pid,
- nlcn_msg.proc_ev.event_data.id.process_tgid,
- nlcn_msg.proc_ev.event_data.id.r.rgid,
- nlcn_msg.proc_ev.event_data.id.e.egid);
+ if (loglevel)
+ printf("gid change: tid=%d pid=%d from %d to %d\n",
+ nlcn_msg.proc_ev.event_data.id.process_pid,
+ nlcn_msg.proc_ev.event_data.id.process_tgid,
+ nlcn_msg.proc_ev.event_data.id.r.rgid,
+ nlcn_msg.proc_ev.event_data.id.e.egid);
break;
case PROC_EVENT_EXIT:
- printf("exit: tid=%d pid=%d exit_code=%d\n",
- nlcn_msg.proc_ev.event_data.exit.process_pid,
- nlcn_msg.proc_ev.event_data.exit.process_tgid,
- nlcn_msg.proc_ev.event_data.exit.exit_code);
+ if (loglevel)
+ printf("exit: tid=%d pid=%d exit_code=%d\n",
+ nlcn_msg.proc_ev.event_data.exit.process_pid,
+ nlcn_msg.proc_ev.event_data.exit.process_tgid,
+ nlcn_msg.proc_ev.event_data.exit.exit_code);
break;
default:
- printf("unhandled proc event\n");
+ if (loglevel)
+ printf("unhandled proc event\n");
break;
#endif
}
@@ -254,16 +265,43 @@ static void on_sigint(int unused)
event_base_loopexit(ev_base, NULL);
}
-int main(int argc, const char *argv[])
+#if defined(__OPENBSD__)
+void __dead
+#else
+void
+#endif
+usage(void)
+{
+ extern char *__progname;
+
+ fprintf(stderr, "usage: %s [-vi]", __progname);
+ exit(1);
+}
+
+int main(int argc, char **argv)
{
struct event *ev_nl;
int nl_sock;
int rc = EXIT_SUCCESS;
-
+ int op;
+
+ while ((op = getopt(argc, argv, "hv")) != -1) {
+ switch (op) {
+ case 'h':
+ usage();
+ /* NOTREACHED */
+ case 'v':
+ loglevel++;
+ break;
+ default:
+ usage();
+ /* NOTREACHED */
+ }
+ }
signal(SIGINT, &on_sigint);
siginterrupt(SIGINT, true);
- // XXX parse -v gg_verbosity_set(2);
+ gg_verbosity_set(loglevel);
ev_base = event_base_new();
ggcli = gg_client_connect(ev_base, "127.0.0.1", GLOUGLOU_PROBE_DEFAULT_PORT,