From 3bff46661db0f0eb4cf2bd54b1fd6182231f3c98 Mon Sep 17 00:00:00 2001
From: Laurent Ghigonis <laurent@p1sec.com>
Date: Sat, 15 Dec 2012 07:19:54 +0100
Subject: add -a option to gg_sniff (Active), where gg_sniff uses dns
 functionnality of libggnet_dns and send glouglou PACKET_NAME to glougloud

---
 gg_sniff/gg_sniff.c |  8 ++++++--
 gg_sniff/gg_sniff.h |  2 +-
 gg_sniff/pcap.c     | 23 ++++++++++++++++++++++-
 3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/gg_sniff/gg_sniff.c b/gg_sniff/gg_sniff.c
index 0714fdd..656c38c 100644
--- a/gg_sniff/gg_sniff.c
+++ b/gg_sniff/gg_sniff.c
@@ -63,14 +63,18 @@ main(int argc, char **argv)
 	int ggserv_port = GLOUGLOU_PROBE_DEFAULT_PORT;
 	int pcap_init = 0;
 	int loglevel = 0;
+	int active = 0;
 	int retval = -1;
 	int op;
 
 	if (geteuid() != 0)
 		errx(1, "must be root");
 
-	while ((op = getopt(argc, argv, "hi:v")) != -1) {
+	while ((op = getopt(argc, argv, "ahi:v")) != -1) {
 		switch (op) {
+      case 'a':
+        active = 1;
+        break;
 			case 'h':
 				usage();
 				/* NOTREACHED */
@@ -106,7 +110,7 @@ main(int argc, char **argv)
 	ggcli = gg_client_connect(_ev_base, ggserv_ip, ggserv_port, NULL, NULL, NULL);
 	if (!ggcli)
 	  goto quit;
-  pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface);
+  pcap_init = ggsniff_pcap_init(_ev_base, ggcli, net, iface, active);
 	if (!pcap_init)
 	  goto quit;
 
diff --git a/gg_sniff/gg_sniff.h b/gg_sniff/gg_sniff.h
index 799da2d..f848c88 100644
--- a/gg_sniff/gg_sniff.h
+++ b/gg_sniff/gg_sniff.h
@@ -1,5 +1,5 @@
 /* pcap.c */
 
 int ggsniff_pcap_init(struct event_base *, struct gg_client *,
-                      struct ggnet *, char *);
+                      struct ggnet *, char *, int);
 void ggsniff_pcap_shutdown(void);
diff --git a/gg_sniff/pcap.c b/gg_sniff/pcap.c
index 02735c8..fd9470f 100644
--- a/gg_sniff/pcap.c
+++ b/gg_sniff/pcap.c
@@ -80,6 +80,7 @@ static void         phandler_sll(u_char *,
 #endif
 static void         cb_pcap(int, short, void *);
 static void         cb_conntimer(int, short, void *);
+static void         cb_nodename(struct ggnet *, struct ggnet_node *);
 
 static struct phandler phandlers[] = {
   { phandler_ether, DLT_EN10MB },
@@ -97,7 +98,7 @@ static struct _cap_t _cap;
 
 int
 ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
-                  struct ggnet *net, char *iface)
+                  struct ggnet *net, char *iface, int active)
 {
 	char errbuf[PCAP_ERRBUF_SIZE];
 	struct bpf_program bprog;
@@ -136,6 +137,9 @@ ggsniff_pcap_init(struct event_base *ev_base, struct gg_client *ggcli,
 	if (evtimer_add(_cap.conntimer_ev, &_cap.conntimer_tv) == -1)
 		gg_log_fatal("user: event_add conntimer failed: %s", strerror(errno));
 
+  if (active)
+    ggnet_set_dns(net, 1, ev_base, cb_nodename);
+
   _cap.ggcli = ggcli;
   _cap.net = net;
 
@@ -327,6 +331,23 @@ cb_conntimer(int fd, short why, void *data)
 		gg_log_fatal("user: event_add conntimer failed : %s", strerror(errno));
 }
 
+static void
+cb_nodename(struct ggnet *net, struct ggnet_node *n)
+{
+  struct gg_packet pkt;
+  int len;
+
+  len = strnlen(n->fqdn, GGNET_DNSNAME_MAX);
+  if (len > 0) {
+    pkt.ver = PACKET_VERSION;
+    pkt.type = PACKET_NAME;
+    pkt.name_addr = n->addr.s_addr;
+    pkt.name_len = len;
+    strncpy((char *)pkt.name_fqdn, n->fqdn, sizeof(pkt.name_fqdn));
+    gg_client_send(_cap.ggcli, &pkt);
+  }
+}
+
 /*
  * Parse an IP packet and descide what to do with it.
  * 'ip' is a pointer the the captured IP packet
-- 
cgit v1.2.3-59-g8ed1b