diff options
| author |   Laurent Ghigonis <laurent@p1sec.com> | 2012-11-29 18:59:48 +0100 |
|---|---|---|
| committer | Laurent Ghigonis <laurent@p1sec.com> | 2012-11-29 18:59:48 +0100 |
| commit | 6f78c1e2c1fa7a824606fffb3aca05e16c7b9c74 (patch) | |
| tree | 3f803fc77abf3ebf18b54312bf3c2ea36d385295 /libglouglou/libglouglou.h | |
| parent | remove TODO, in README.txt now (diff) | |
| download | glouglou-6f78c1e2c1fa7a824606fffb3aca05e16c7b9c74.tar.xz glouglou-6f78c1e2c1fa7a824606fffb3aca05e16c7b9c74.zip | |
basic process event message handling
Diffstat (limited to 'libglouglou/libglouglou.h')
| -rw-r--r-- | libglouglou/libglouglou.h | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/libglouglou/libglouglou.h b/libglouglou/libglouglou.h index cf73371..04ee779 100644 --- a/libglouglou/libglouglou.h +++ b/libglouglou/libglouglou.h @@ -12,23 +12,27 @@ #define PACKET_VERSION 1 #define PACKET_BUFFER_SIZE 16384 -#define DNSNAME_MAX 20 +#define GG_PKTARG_MAX 30 struct gg_packet { #define PACKET_HEADER_SIZE 2 u_int8_t ver; u_int8_t type; /* XXX nicer way for _SIZE ... ? */ -#define PACKET_TYPE_MIN 0 -#define PACKET_TYPE_MAX 3 -#define PACKET_NEWCONN 0 +#define PACKET_TYPE_MIN 0x00 +#define PACKET_TYPE_MAX 0x11 +#define PACKET_NEWCONN 0x00 #define PACKET_NEWCONN_SIZE (PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.newconn) -#define PACKET_DELCONN 1 +#define PACKET_DELCONN 0x01 #define PACKET_DELCONN_SIZE (PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.delconn) -#define PACKET_DATA 2 +#define PACKET_DATA 0x02 #define PACKET_DATA_SIZE (PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.data) -#define PACKET_NAME 3 -#define PACKET_NAME_SIZE ((PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.name) - DNSNAME_MAX) +#define PACKET_NAME 0x03 +#define PACKET_NAME_SIZE ((PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.name) - GG_PKTARG_MAX) +#define PACKET_PROC_FORK 0x10 +#define PACKET_PROC_FORK_SIZE (PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.proc.ev.fork) +#define PACKET_PROC_EXEC 0x11 +#define PACKET_PROC_EXEC_SIZE ((PACKET_HEADER_SIZE + sizeof((struct gg_packet *)0)->pdat.proc.ev.exec) - GG_PKTARG_MAX) union { struct newconn { @@ -48,8 +52,22 @@ struct gg_packet { struct name { u_int32_t addr; u_int8_t len; - u_char fqdn[DNSNAME_MAX]; + u_char fqdn[GG_PKTARG_MAX]; } name; + struct proc { + u_int32_t pid; + union { + struct fork { + u_int32_t ppid; + u_int32_t cpid; + u_int32_t tgid; + } fork; + struct exec { + u_int8_t cmdlen; + u_char cmd[GG_PKTARG_MAX]; + } exec; + } ev; + } proc; } pdat; #define newconn_id pdat.newconn.id #define newconn_src pdat.newconn.src @@ -62,6 +80,12 @@ struct gg_packet { #define name_addr pdat.name.addr #define name_len pdat.name.len #define name_fqdn pdat.name.fqdn +#define proc_pid pdat.proc.pid +#define proc_fork_ppid pdat.proc.ev.fork.ppid +#define proc_fork_cpid pdat.proc.ev.fork.cpid +#define proc_fork_tgid pdat.proc.ev.fork.tgid +#define proc_exec_cmdlen pdat.proc.ev.exec.cmdlen +#define proc_exec_cmd pdat.proc.ev.exec.cmd }; struct gg_user { |