pktNet.c

Go to the documentation of this file.

/** \file pktNet.c

  \brief Routines for reading and writing packets to the network.

*/

#include "pkt.h"

/**AutomaticStart*************************************************************/

/*---------------------------------------------------------------------------*/
/* Static function prototypes                                                */
/*---------------------------------------------------------------------------*/


/**AutomaticEnd***************************************************************/


/**
  * \brief  Routine for creating an encapsulation of the libnet
  * data structures.  
  * 
  * If the interface name passed in is null, default to "eth0".
  */

Pkt_LibNet_t *
Pkt_InitLibNet (char *interfaceName)
{
  Pkt_LibNet_t *result;

  result = (Pkt_LibNet_t *) malloc (sizeof (Pkt_LibNet_t));

  result->interfaceName = interfaceName ? strdup (interfaceName) : (char *) "eth0";
  result->errbuf = (char *) malloc (LIBNET_ERRBUF_SIZE * sizeof (char));
  result->l = libnet_init (LIBNET_LINK_ADV, /* injection type */
               result->interfaceName,   /* network interface */
               result->errbuf); /* error buffer */

  if (result->l == NIL (libnet_t))
    {
      fprintf (stderr, "Can not initialize libnet: interface %s"
           "\n\tLibnet error message: %s\n", result->interfaceName,
           result->errbuf);
      exit (-1);
    }

  return result;
}


/**
  * \brief  Finish using a Pkt_LibNet_t struct.
  */

int
Pkt_LibNetFinish (Pkt_LibNet_t * obj)
{
  free (obj->interfaceName);
  free (obj->errbuf);
  libnet_destroy (obj->l);
  return 0;
}


/**
  * \brief  Transmit a raw ethernet frame.
  * 
  * Exits on fail, returns number of bytes written on success.
  */

int
Pkt_EthPktWrite (Pkt_EthernetHdr_t * anEth,
         int anEthLength, Pkt_LibNet_t * aNetObj)
{
  int count;
  Pkt_HTON (anEth);
  count =
    libnet_adv_write_link (aNetObj->l, (u_int8_t *) anEth,
               (u_int32_t) anEthLength);
  if (count == -1)
    {
      // printf("Error in writing packet to network\n");
      return 0;
    }
  // we may not be done with it (eg if it's synthetic traffic
  // we're cycling through, so restore to host order
  Pkt_NTOH (anEth);
  return count;

}


/**
  * \brief Initialize an array of pcap objects, one per array entry
  */

array_t *
Pkt_InitLibPcapArray (array_t * inArray)
{
  array_t *result = array_alloc (Pkt_LibPcap_t *, 0);
  int i;
  for (i = 0; i < array_n (inArray); i++)
    {
      char *ifName = array_fetch (char *, inArray, i);
      Pkt_LibPcap_t *aPcapObj = Pkt_InitLibPcap (ifName);
      array_insert_last (Pkt_LibPcap_t *, result, aPcapObj);
    }
  return result;
}


/**
  * \brief Initialize an array of libnet objects, one per array entry
  */

array_t *
Pkt_InitLibNetArray (array_t * outArray)
{
  array_t *result = array_alloc (Pkt_LibNet_t *, 0);
  int i;
  for (i = 0; i < array_n (outArray); i++)
    {
      char *ifName = array_fetch (char *, outArray, i);
      Pkt_LibNet_t *aLibnetObj = Pkt_InitLibNet (ifName);
      array_insert_last (Pkt_LibNet_t *, result, aLibnetObj);
    }
  return result;
}


/**
  * \brief  Initialize our encapsulation of a pcap_t
  */

Pkt_LibPcap_t *
Pkt_InitLibPcap (char *interfaceName)
{
  Pkt_LibPcap_t *result = (Pkt_LibPcap_t *) malloc (sizeof (Pkt_LibPcap_t));
  pcap_t *p;
  char *device;
  char errbuf[PCAP_ERRBUF_SIZE];
  struct bpf_program filterCode;
  u_int32_t localNet, netmask;
  bzero (errbuf, PCAP_ERRBUF_SIZE);

  device = NIL (char);
  device = interfaceName;

  if (device == NIL (char))
    {
      device = pcap_lookupdev (errbuf);
      if (device == NIL (char))
    {
      fprintf (stderr, "pcap_lookupdev() failed:%s\n", errbuf);
      exit (-1);
    }
    }
  result->interfaceName = device;

  /// \todo had 1500, leads to hangs?
  /// should be 1518, leaves 1500 for ip
  int snaplen = 1540;       // max ether frame size
  int promisc = 1;      // capture all packets seen on interface
  int timeout = -1;     // in milliseconds

  // from manpage for pcap_open_live:
  /* pcap_t *pcap_open_live(const char *device, int snaplen, int promisc, 
     int to_ms, char *errbuf)

     pcap_open_live()  is used to obtain a packet capture descriptor to look
     work  device  to  open;  on  Linux systems with 2.2 or later kernels, a
     device argument of "any" or NULL can be used to  capture  packets  from
     all  interfaces.  snaplen specifies the maximum number of bytes to cap-
     ture.  If this value is less than the size of a  packet  that  is  cap-
     tured, only the first snaplen bytes of that packet will be captured and
     provided as packet data.  A value of 65535  should  be  sufficient,  on
     most  if  not  all networks, to capture all the data available from the
     packet.  promisc specifies if the interface is to be put into promiscu-
     ous  mode.   (Note  that even if this parameter is false, the interface
     could well be in promiscuous mode for some  other  reason.)   For  now,
     this  doesn’t work on the "any" device; if an argument of "any" or NULL
     is supplied, the promisc flag is ignored.   to_ms  specifies  the  read
     timeout  in milliseconds.  The read timeout is used to arrange that the
     read not necessarily return immediately when a packet is seen, but that
     it  wait for some amount of time to allow more packets to arrive and to
     read multiple packets from the OS kernel in  one  operation.   Not  all
     platforms  support  a  read  timeout; on platforms that don’t, the read
     timeout is ignored.  A zero value for to_ms , on platforms that support
     a read timeout, will cause a read to wait forever to allow enough pack-
     ets to arrive, with no timeout.  On linux systems, using a mmap  shared
     memory ring buffer, the to_ms takes on these specific meanings:

     With  a  positive timeout a read will return if either, enough polls
     have been called to exhaust the timeout value based  on  the  packet
     time, or the timeout expires and no packets have been received.

     With  a zero timeout, a read will never return.  The timeout is con-
     sidered infinite.  Of course callbacks will continue for each packet
     that  arrives.  The PCAP_TIMEOUT environment variable can be used to
     signal an error of ETIMEDOUT which will cause the read to terminate.
     A nice clean way to quit at a certain time in a script.

     With  a  value  of -1, the read will return if either, there were no
     packets on the ring, or the packets that have  been  queued  on  the
     ring have all been processed.  This is essentially non-blocking.
   */



  p = pcap_open_live (device, snaplen, promisc, timeout, errbuf);
  if (p == NIL (pcap_t))
    {
      fprintf (stderr, "pcap_open_live() failed:%s\n", errbuf);
      exit (-1);
    }

  if (pcap_lookupnet (device, &localNet, &netmask, errbuf) == -1)
    {
      fprintf (stderr, "pcap_lookupnet() failed (no IP stack?):%s\n"
           "Using default 255.255.255.255\n", errbuf);
      localNet = ~0x0;
      netmask = ~0x0;
    }
  result->localNet = localNet;
  result->netmask = netmask;

  /// \todo had ip in filter before
  /// char *filter = "ip";
  char *filter = "";
  if (pcap_compile (p, &filterCode, filter, 1, netmask) == -1)
    {
      fprintf (stderr, "pcap_compile() failed:%s\n", errbuf);
      exit (-1);
    }

  if (pcap_setfilter (p, &filterCode) == -1)
    {
      fprintf (stderr, "pcap_setfilter() failed:%s\n", errbuf);
      exit (-1);
    }
  result->filterCode = filterCode;

  // AA: added to set direction
  pcap_setdirection (p, PCAP_D_IN);

  result->p = p;

  return result;
}


/** \brief  Finish using a Pkt_LibPcap_t struct. */

int
Pkt_LibPcapFinish (Pkt_LibPcap_t * obj)
{
  pcap_close (obj->p);
  free (obj);
  return 0;
}