aboutsummaryrefslogtreecommitdiffstats
path: root/gg_sniff
diff options
context:
space:
mode:
authorLaurent Ghigonis <laurent@p1sec.com>2012-12-15 07:19:54 +0100
committerLaurent Ghigonis <laurent@p1sec.com>2012-12-15 07:21:22 +0100
commit3bff46661db0f0eb4cf2bd54b1fd6182231f3c98 (patch)
tree1b2cafa9334c9b0baabd79656485691f76e2439f /gg_sniff
parentfix dns resolving: evdns eats network byte order ! (diff)
downloadglouglou-3bff46661db0f0eb4cf2bd54b1fd6182231f3c98.tar.xz
glouglou-3bff46661db0f0eb4cf2bd54b1fd6182231f3c98.zip
add -a option to gg_sniff (Active), where gg_sniff uses dns functionnality of
libggnet_dns and send glouglou PACKET_NAME to glougloud
Diffstat (limited to 'gg_sniff')
-rw-r--r--gg_sniff/gg_sniff.c8
-rw-r--r--gg_sniff/gg_sniff.h2
-rw-r--r--gg_sniff/pcap.c23
3 files changed, 29 insertions, 4 deletions
diff --git a/gg_sniff/gg_sniff.c b/gg_sniff/gg_sniff.c
index 0714fdd..656c38c 100644
--- a/gg_sniff/gg_sniff.c
+++ b/gg_sniff/gg_sniff.c
@@ -63,14 +63,18 @@ main(int argc, char **argv)
int ggserv_port = GLOUGLOU_PROBE_DEFAULT_PORT;
int pcap_init = 0;
int loglevel = 0;
+ int active = 0;
int retval = -1;
int op;
if (geteuid() != 0)
errx(1, "must be root");
- while ((op = getopt(argc, argv, "hi:v")) != -1) {
+ while ((op = getopt(argc, argv, "ahi:v")) != -1) {
switch (op) {
+ case 'a':
+ active = 1;
+ break;
case 'h':
usage();
/* NOTREACHED */
@@ -106,7 +110,7 @@ main(int argc, char **argv)
ggcli = gg_client_connect(_ev_base, ggserv_ip, ggserv_port, NULL, NULL, NULL);
if (!ggcli)
goto quit;
- pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface);
+ pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface, active);
if (!pcap_init)
goto quit;
diff --git a/gg_sniff/gg_sniff.h b/gg_sniff/gg_sniff.h
index 799da2d..f848c88 100644
--- a/gg_sniff/gg_sniff.h
+++ b/gg_sniff/gg_sniff.h
@@ -1,5 +1,5 @@
/* pcap.c */
int ggsniff_pcap_init(struct event_base *, struct gg_client *,
- struct ggnet *, char *);
+ struct ggnet *, char *, int);
void ggsniff_pcap_shutdown(void);
diff --git a/gg_sniff/pcap.c b/gg_sniff/pcap.c
index 02735c8..fd9470f 100644
--- a/gg_sniff/pcap.c
+++ b/gg_sniff/pcap.c
@@ -80,6 +80,7 @@ static void phandler_sll(u_char *,
#endif
static void cb_pcap(int, short, void *);
static void cb_conntimer(int, short, void *);
+static void cb_nodename(struct ggnet *, struct ggnet_node *);
static struct phandler phandlers[] = {
{ phandler_ether, DLT_EN10MB },
@@ -97,7 +98,7 @@ static struct _cap_t _cap;
int
ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
- struct ggnet *net, char *iface)
+ struct ggnet *net, char *iface, int active)
{
char errbuf[PCAP_ERRBUF_SIZE];
struct bpf_program bprog;
@@ -136,6 +137,9 @@ ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
if (evtimer_add(_cap.conntimer_ev, &_cap.conntimer_tv) == -1)
gg_log_fatal("user: event_add conntimer failed: %s", strerror(errno));
+ if (active)
+ ggnet_set_dns(net, 1, ev_base, cb_nodename);
+
_cap.ggcli = ggcli;
_cap.net = net;
@@ -327,6 +331,23 @@ cb_conntimer(int fd, short why, void *data)
gg_log_fatal("user: event_add conntimer failed : %s", strerror(errno));
}
+static void
+cb_nodename(struct ggnet *net, struct ggnet_node *n)
+{
+ struct gg_packet pkt;
+ int len;
+
+ len = strnlen(n->fqdn, GGNET_DNSNAME_MAX);
+ if (len > 0) {
+ pkt.ver = PACKET_VERSION;
+ pkt.type = PACKET_NAME;
+ pkt.name_addr = n->addr.s_addr;
+ pkt.name_len = len;
+ strncpy((char *)pkt.name_fqdn, n->fqdn, sizeof(pkt.name_fqdn));
+ gg_client_send(_cap.ggcli, &pkt);
+ }
+}
+
/*
* Parse an IP packet and descide what to do with it.
* 'ip' is a pointer the the captured IP packet