work in progress on gg_sniff

1 files changed, 112 insertions, 0 deletions

diff --git a/gg_sniff/gg_sniff.c b/gg_sniff/gg_sniff.c
new file mode 100644
index 0000000..3b23d34
--- /dev/null
+++ b/gg_sniff/gg_sniff.c
@@ -0,0 +1,112 @@
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#include <sys/ioctl.h>
+
+#include <net/if.h>
+#include <netinet/in.h>
+
+#include <netdb.h>
+#include <pcap.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <err.h>
+#include <errno.h>
+#include <unistd.h>
+#include <signal.h>
+#include <string.h>
+
+#include <libglouglou.h>
+#if defined(__OpenBSD__)
+#include "pcap-int.h"
+#endif
+
+#define GG_SNIFF_USER "_gg_sniff"
+
+int			net_socket;
+
+#if defined(__OPENBSD__)
+void __dead
+#else
+void
+#endif
+usage(void)
+{
+	extern char     *__progname;
+
+	 fprintf(stderr, "usage: %s [-hv]",
+	 	 __progname);
+	 exit(1);
+}
+
+static void
+sig_handler(int sig, short why, void *data)
+{
+	log_info("got signal %d", sig);
+	if (sig == SIGINT || sig == SIGTERM)
+		event_loopexit(NULL);
+}
+
+int
+main(int argc, char **argv)
+{
+  struct event_base *ev_base;
+	struct sockaddr_in	sock_addr;
+	struct event	ev_sigint, ev_sigterm, ev_sigchld, ev_sighup;
+	char errbuf[PCAP_ERRBUF_SIZE];
+	struct bpf_program bprog;
+	pcap_t *pcap;
+	int		loglevel = 0;
+	int		op;
+	int		sock_on = 1;
+
+	if (geteuid() != 0)
+		errx(1, "must be root");
+
+	while ((op = getopt(argc, argv, "hv")) != -1) {
+		switch (op) {
+			case 'h':
+				usage();
+				/* NOTREACHED */
+			case 'v':
+				loglevel++;
+				break;
+			default:
+				usage();
+				/* NOTREACHED */
+		}
+	}
+
+	gg_log_init(GG_SNIFF_LOGFILE, loglevel);
+
+	ev_base = event_base_new();
+
+	ggcli = gg_client_connect();
+
+  ggsniff_pcap_init();
+
+  ggsniff_dns_init();
+
+	signal_set(&ev_sigint, SIGINT, sig_handler, NULL);
+	signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL);
+	signal_set(&ev_sigchld, SIGCHLD, sig_handler, NULL);
+	signal_set(&ev_sighup, SIGHUP, sig_handler, NULL);
+	signal_add(&ev_sigint, NULL);
+	signal_add(&ev_sigterm, NULL);
+	signal_add(&ev_sigchld, NULL);
+	signal_add(&ev_sighup, NULL);
+	signal(SIGPIPE, SIG_IGN);
+
+	droppriv(GG_SNIFF_USER, 1, NULL);
+
+	log_info("entering event loop");
+	event_base_dispatch(ev_base);
+
+  ggsniff_dns_shutdown();
+  ggsniff_pcap_shutdown();
+  gg_client_disconnect(ggcli);
+  
+	log_info("exiting");
+	exit(0);
+}