dect
/
libpcap
Archived
13
0
Fork 0

From Gilbert Hoyek <gil_hoyek@hotmail.com>: support for capturing SS7

traffic on Intel Septel cards, and for filtering on SS7 MTP3 fields.

Clean up indentation.
This commit is contained in:
guy 2005-06-20 21:27:07 +00:00
parent b1a06c1017
commit a0a4852137
15 changed files with 1840 additions and 592 deletions

View File

@ -33,6 +33,7 @@ Additional people who have contributed patches:
Erik de Castro Lopo <erik.de.castro.lopo@sensorynetworks.com>
Franz Schaefer <schaefer@mond.at>
Gianluca Varenni <varenni@netgroup-serv.polito.it>
Gilbert Hoyek <gil_hoyek@hotmail.com>
Gisle Vanem <giva@bgnett.no>
Graeme Hewson <ghewson@cix.compulink.co.uk>
Greg Stark <gsstark@mit.edu>

3
FILES
View File

@ -12,6 +12,7 @@ README.dag
README.hpux
README.linux
README.macosx
README.septel
README.tru64
README.Win32
SUNOS4/nit_if.o.sparc
@ -87,6 +88,8 @@ pcap-nit.h
pcap-null.c
pcap-pf.c
pcap-pf.h
pcap-septel.c
pcap-septel.h
pcap-stdinc.h
pcap-snit.c
pcap-snoop.c

View File

@ -1,4 +1,4 @@
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.12 2004-12-18 08:52:08 guy Exp $ (LBL)
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.13 2005-06-20 21:27:08 guy Exp $ (LBL)
To build libpcap, run "./configure" (a shell script). The configure
script will determine your system attributes and generate an
@ -308,6 +308,7 @@ README.dag - notes on using libpcap to capture on Endace DAG devices
README.hpux - notes on using libpcap on HP-UX
README.linux - notes on using libpcap on Linux
README.macosx - notes on using libpcap on Mac OS X
README.septel - notes on using libpcap to capture on Intel/Septel devices
README.tru64 - notes on using libpcap on Digital/Tru64 UNIX
README.Win32 - notes on using libpcap on Win32 systems (with WinPcap)
SUNOS4 - pre-SunOS 4.1 replacement kernel nit modules
@ -363,6 +364,8 @@ pcap-nit.h - SunOS Network Interface Tap definitions
pcap-null.c - dummy monitor support (allows offline use of libpcap)
pcap-pf.c - Ultrix and Digital/Tru64 UNIX Packet Filter support
pcap-pf.h - Ultrix and Digital/Tru64 UNIX Packet Filter definitions
pcap-septel.c - INTEL/Septel device capture support
pcap-septel.h - INTEL/Septel device capture support
pcap-stdinc.h - includes and #defines for compiling on Win32 systems
pcap-snit.c - SunOS 4.x STREAMS-based Network Interface Tap support
pcap-snoop.c - IRIX Snoop network monitoring support

50
README.septel Normal file
View File

@ -0,0 +1,50 @@
The following instructions apply if you have a Linux platform and want
libpcap to support the Septel range of passive network monitoring cards
from Intel (http://www.intel.com)
1) Install and build the Septel software distribution by following the
instructions supplied with that package.
2) Configure libcap. To allow the 'configure' script to locate the Septel
software distribution use the '--with-septel' option:
./configure --with-septel=DIR
where DIR is the root of the Septel software distribution, for example
/var/src/septel.
By default (if you write only ./configure --with-septel) it takes
./../septel as argument for DIR.
If the Septel software is correctly detected 'configure' will
report:
checking whether we have Septel API... yes
If 'configure' reports that there is no Septel API, the directory may have been
incorrectly specified or the Septel software was not built before configuring
libpcap.
See also the libpcap INSTALL.txt file for further libpcap configuration
options.
Building libpcap at this stage will include support for both the native
packet capture stream and for capturing from Septel cards. To build
libpcap with only Septel support specify the capture type as 'septel'
when configuring libpcap:
./configure --with-septel=DIR --with-pcap=septel
Applications built with libpcap configured in this way will only detect Septel
cards and will not capture from the native OS packet stream.
Note: As mentioned in pcap-septel.c we should first edit the system.txt
file to change the user part example (UPE) module id to 0xdd instead of
0x2d for technical reason. So this change in system.txt is crutial and
things will go wrong if it's not done. System.txt along with config.txt
are configuration files that are edited by the user before running the
gctload program that uses these files for initialising modules and
configuring parameters.
----------------------------------------------------------------------
for more information please contact me : gil_hoyek@hotmail.com

View File

@ -53,6 +53,9 @@
/* define if you have a /proc/net/dev */
#undef HAVE_PROC_NET_DEV
/* define if you have a Septel API */
#undef HAVE_SEPTEL_API
/* Define to 1 if you have the `snprintf' function. */
#undef HAVE_SNPRINTF

1175
configure vendored

File diff suppressed because it is too large Load Diff

View File

@ -1,4 +1,4 @@
dnl @(#) $Header: /tcpdump/master/libpcap/configure.in,v 1.124 2005-04-23 22:43:15 guy Exp $ (LBL)
dnl @(#) $Header: /tcpdump/master/libpcap/configure.in,v 1.125 2005-06-20 21:27:08 guy Exp $ (LBL)
dnl
dnl Copyright (c) 1994, 1995, 1996, 1997
dnl The Regents of the University of California. All rights reserved.
@ -6,7 +6,7 @@ dnl
dnl Process this file with autoconf to produce a configure script.
dnl
AC_REVISION($Revision: 1.124 $)
AC_REVISION($Revision: 1.125 $)
AC_PREREQ(2.50)
AC_INIT(pcap.c)
@ -368,6 +368,10 @@ dag)
V_DEFS="$V_DEFS -DDAG_ONLY"
;;
septel)
V_DEFS="$V_DEFS -DSEPTEL_ONLY"
;;
null)
AC_MSG_WARN(cannot determine packet capture interface)
AC_MSG_WARN((see the INSTALL doc for more info))
@ -426,8 +430,8 @@ AC_ARG_WITH([dag-libraries], [ --with-dag-libraries=DIR Endace DAG library dir
case "$V_PCAP" in
linux|bpf|dag)
#
# We support the DAG API on Linux or BSD, or if we're building a
# DAG-only libpcap.
# We support the DAG API if we're on Linux or BSD, or if we're
# building a DAG-only libpcap.
#
;;
*)
@ -478,17 +482,12 @@ if test $ac_cv_lbl_dag_api = yes; then
AC_MSG_CHECKING([dagapi.o])
dagapi_obj=no
if test -r $dag_tools_dir/dagapi.o; then
# 2.4.x.
dagapi_obj=$dag_tools_dir/dagapi.o
elif test -r $dag_lib_dir/dagapi.o; then
# 2.5.x.
dagapi_obj=$dag_lib_dir/dagapi.o
elif test -r $dag_lib_dir/libdag.a; then
# 2.5.x.
ar x $dag_lib_dir/libdag.a dagapi.o
if test -r ./dagapi.o; then
@ -509,17 +508,12 @@ if test $ac_cv_lbl_dag_api = yes; then
AC_MSG_CHECKING([dagopts.o])
dagopts_obj=no
if test -r $dag_tools_dir/dagopts.o; then
# 2.4.x.
dagopts_obj=$dag_tools_dir/dagopts.o
elif test -r $dag_lib_dir/dagopts.o; then
# 2.5.x.
dagopts_obj=$dag_lib_dir/dagopts.o
elif test -r $dag_lib_dir/libdag.a; then
# 2.5.x.
ar x $dag_lib_dir/libdag.a dagopts.o
if test -r ./dagopts.o; then
@ -536,19 +530,14 @@ if test $ac_cv_lbl_dag_api = yes; then
fi
if test $ac_cv_lbl_dag_api = yes; then
# Under 2.5.x only we need to add dagreg.o.
if test -r $dag_include_dir/dagreg.h; then
AC_MSG_CHECKING([dagreg.o])
dagreg_obj=no
if test -r $dag_lib_dir/dagreg.o; then
# Object file is ready and waiting.
dagreg_obj=$dag_lib_dir/dagreg.o
elif test -r $dag_lib_dir/libdag.a; then
# Extract from libdag.a.
ar x $dag_lib_dir/libdag.a dagreg.o
if test -r ./dagreg.o; then
@ -566,7 +555,6 @@ if test $ac_cv_lbl_dag_api = yes; then
fi
if test $ac_cv_lbl_dag_api = yes; then
V_INCLS="$V_INCLS -I$dag_include_dir"
V_LIBS="$V_LIBS $dagapi_obj $dagopts_obj $dagreg_obj"
if test $V_PCAP != dag ; then
@ -574,7 +562,8 @@ if test $ac_cv_lbl_dag_api = yes; then
fi
# See if we can find a general version string.
# Don't need to save and restore LIBS to prevent -ldag being included if there's a found-action (arg 3).
# Don't need to save and restore LIBS to prevent -ldag being
# included if there's a found-action (arg 3).
saved_ldflags=$LDFLAGS
LDFLAGS="-L$dag_lib_dir"
AC_CHECK_LIB([dag], [dag_attach_stream], [dag_version="2.5.x"], [dag_version="2.4.x"])
@ -596,11 +585,94 @@ if test $ac_cv_lbl_dag_api = no; then
fi
if test "$V_PCAP" = dag; then
# User requested "dag" capture type but the DAG API wasn't found.
# User requested "dag" capture type but the DAG API wasn't
# found.
AC_MSG_ERROR([Specifying the capture type as "dag" requires the DAG API to be present; use the --with-dag options to specify the location. (Try "./configure --help" for more information.)])
fi
fi
AC_ARG_WITH(septel, [ --with-septel[=DIR] include Septel support (located in directory DIR, if supplied). [default=yes, on Linux, if present]],
[
if test "$withval" = no
then
want_septel=no
elif test "$withval" = yes
then
want_septel=yes
septel_root=
else
want_septel=yes
septel_root=$withval
fi
],[
#
# Use Septel API if present, otherwise don't
#
want_septel=ifpresent
septel_root=./../septel
])
ac_cv_lbl_septel_api=no
case "$V_PCAP" in
linux|septel)
#
# We support the Septel API if we're on Linux, or if we're building
# a Septel-only libpcap.
#
;;
*)
#
# If the user explicitly requested Septel, tell them it's not
# supported.
#
# If they expressed no preference, don't include it.
#
if test $want_septel = yes; then
AC_MSG_ERROR(Septel support only available with 'linux' and 'septel' packet capture types)
elif test $want_septel = yes; then
want_septel=no
fi
;;
esac
if test "$with_septel" != no; then
AC_MSG_CHECKING(whether we have Septel API)
if test -z "$septel_root"; then
septel_root=$srcdir/../septel
fi
septel_tools_dir="$septel_root"
septel_include_dir="$septel_root/INC"
DEF="-DHAVE_SEPTEL_API"
ac_cv_lbl_septel_api=no
if test -r "$septel_include_dir/msg.h"; then
V_INCLS="$V_INCLS -I$septel_include_dir"
V_DEFS="$V_DEFS $DEF"
V_LIBS="$V_LIBS $septel_tools_dir/asciibin.o $septel_tools_dir/bit2byte.o $septel_tools_dir/confirm.o $septel_tools_dir/fmtmsg.o $septel_tools_dir/gct_unix.o $septel_tools_dir/hqueue.o $septel_tools_dir/ident.o $septel_tools_dir/mem.o $septel_tools_dir/pack.o $septel_tools_dir/parse.o $septel_tools_dir/pool.o $septel_tools_dir/sdlsig.o $septel_tools_dir/strtonum.o $septel_tools_dir/timer.o $septel_tools_dir/trace.o "
if test "$V_PCAP" != septel ; then
SSRC="pcap-septel.c"
fi
ac_cv_lbl_septel_api=yes
fi
AC_MSG_RESULT($ac_cv_lbl_septel_api)
if test $ac_cv_lbl_septel_api = no; then
if test "$want_septel" = yes; then
AC_MSG_ERROR(Septel API not found under directory $septel_root; use --without-septel)
fi
else
AC_DEFINE(HAVE_SEPTEL_API, 1, [define if you have a Septel API])
fi
fi
if test "$V_PCAP" = septel -a "$ac_cv_lbl_septel_api" = no; then
AC_MSG_ERROR(Specifying the capture type as 'septel' requires the Septel API to be present; use --with-septel=DIR)
fi
AC_LBL_LEX_AND_YACC(V_LEX, V_YACC, pcap_)
if test "$V_LEX" = lex ; then

105
gencode.c
View File

@ -21,7 +21,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.248 2005-06-06 14:10:58 hannes Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.249 2005-06-20 21:27:08 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -717,6 +717,14 @@ static u_int off_vpi;
static u_int off_vci;
static u_int off_proto;
/*
* These are offsets for the MTP3 fields.
*/
static u_int off_sio;
static u_int off_opc;
static u_int off_dpc;
static u_int off_sls;
/*
* This is the offset of the first byte after the ATM pseudo_header,
* or -1 if there is no ATM pseudo-header.
@ -770,6 +778,11 @@ init_linktype(p)
off_proto = -1;
off_payload = -1;
off_sio = -1;
off_opc = -1;
off_dpc = -1;
off_sls = -1;
/*
* Also assume it's not 802.11 with a fixed-length radio header.
*/
@ -1157,6 +1170,16 @@ init_linktype(p)
off_nl_nosnap = -1; /* no 802.2 LLC */
return;
case DLT_MTP2:
off_sio = 3;
off_opc = 4;
off_dpc = 4;
off_sls = 7;
off_linktype = -1;
off_nl = -1;
off_nl_nosnap = -1;
return;
#ifdef DLT_PFSYNC
case DLT_PFSYNC:
off_linktype = -1;
@ -6442,6 +6465,86 @@ gen_atmtype_abbrev(type)
return b1;
}
struct block *
gen_mtp3field_code(mtp3field, jvalue, jtype, reverse)
int mtp3field;
bpf_u_int32 jvalue;
bpf_u_int32 jtype;
int reverse;
{
struct block *b0;
bpf_u_int32 val1 , val2 , val3;
switch (mtp3field) {
case M_SIO:
if (off_sio == (u_int)-1)
abort();
/* sio coded on 1 byte so max value 255 */
if(jvalue > 255)
bpf_error("sio value %u too big; max value = 255",
jvalue);
b0 = gen_ncmp(OR_PACKET, off_sio, BPF_B, 0xffffffff,
(u_int)jtype, reverse, (u_int)jvalue);
break;
case M_OPC:
if (off_opc == (u_int)-1)
abort();
/* opc coded on 14 bits so max value 16383 */
if (jvalue > 16383)
bpf_error("opc value %u too big; max value = 16383",
jvalue);
/* the following instructions are made to convert jvalue
* to the form used to write opc in an ss7 message*/
val1 = jvalue & 0x00003c00;
val1 = val1 >>10;
val2 = jvalue & 0x000003fc;
val2 = val2 <<6;
val3 = jvalue & 0x00000003;
val3 = val3 <<22;
jvalue = val1 + val2 + val3;
b0 = gen_ncmp(OR_PACKET, off_opc, BPF_W, 0x00c0ff0f,
(u_int)jtype, reverse, (u_int)jvalue);
break;
case M_DPC:
if (off_dpc == (u_int)-1)
abort();
/* dpc coded on 14 bits so max value 16383 */
if (jvalue > 16383)
bpf_error("dpc value %u too big; max value = 16383",
jvalue);
/* the following instructions are made to convert jvalue
* to the forme used to write dpc in an ss7 message*/
val1 = jvalue & 0x000000ff;
val1 = val1 << 24;
val2 = jvalue & 0x00003f00;
val2 = val2 << 8;
jvalue = val1 + val2;
b0 = gen_ncmp(OR_PACKET, off_dpc, BPF_W, 0xff3f0000,
(u_int)jtype, reverse, (u_int)jvalue);
break;
case M_SLS:
if (off_sls == (u_int)-1)
abort();
/* sls coded on 4 bits so max value 15 */
if (jvalue > 15)
bpf_error("sls value %u too big; max value = 15",
jvalue);
/* the following instruction is made to convert jvalue
* to the forme used to write sls in an ss7 message*/
jvalue = jvalue << 4;
b0 = gen_ncmp(OR_PACKET, off_sls, BPF_B, 0xf0,
(u_int)jtype,reverse, (u_int)jvalue);
break;
default:
abort();
}
return b0;
}
static struct block *
gen_msg_abbrev(type)

View File

@ -18,7 +18,7 @@
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.64 2005-05-02 21:13:08 guy Exp $ (LBL)
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.65 2005-06-20 21:27:09 guy Exp $ (LBL)
*/
/*
@ -173,6 +173,13 @@
end-to-end circuits, ILMI circuits or
connection signalling circuit. */
/*MTP3 field types */
#define M_SIO 1
#define M_OPC 2
#define M_DPC 3
#define M_SLS 4
struct slist;
struct stmt {
@ -286,6 +293,8 @@ struct block *gen_atmfield_code(int atmfield, bpf_int32 jvalue, bpf_u_int32 jtyp
struct block *gen_atmtype_abbrev(int type);
struct block *gen_atmmulti_abbrev(int type);
struct block *gen_mtp3field_code(int mtp3field, bpf_u_int32 jvalue, bpf_u_int32 jtype, int reverse);
struct block *gen_pf_ifname(const char *);
struct block *gen_pf_rnr(int);
struct block *gen_pf_srnr(int);

View File

@ -22,7 +22,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.89 2005-05-02 21:13:09 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.90 2005-06-20 21:27:09 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -97,6 +97,7 @@ pcap_parse()
struct {
struct qual q;
int atmfieldtype;
int mtp3fieldtype;
struct block *b;
} blk;
struct block *rblk;
@ -112,6 +113,9 @@ pcap_parse()
%type <i> atmtype atmmultitype
%type <blk> atmfield
%type <blk> atmfieldvalue atmvalue atmlistvalue
%type <blk> mtp3field
%type <blk> mtp3fieldvalue mtp3value mtp3listvalue
%token DST SRC HOST GATEWAY
%token NET NETMASK PORT PORTRANGE LESS GREATER PROTO PROTOCHAIN CBYTE
@ -135,6 +139,7 @@ pcap_parse()
%token OAM OAMF4 CONNECTMSG METACONNECT
%token VPI VCI
%token RADIO
%token SIO OPC DPC SLS
%type <s> ID
%type <e> EID
@ -255,6 +260,7 @@ rterm: head id { $$ = $2; }
| atmtype { $$.b = gen_atmtype_abbrev($1); $$.q = qerr; }
| atmmultitype { $$.b = gen_atmmulti_abbrev($1); $$.q = qerr; }
| atmfield atmvalue { $$.b = $2.b; $$.q = qerr; }
| mtp3field mtp3value { $$.b = $2.b; $$.q = qerr; }
;
/* protocol level qualifiers */
pqual: pname
@ -430,4 +436,27 @@ atmfieldvalue: NUM {
atmlistvalue: atmfieldvalue
| atmlistvalue or atmfieldvalue { gen_or($1.b, $3.b); $$ = $3; }
;
/* MTP3 field types quantifier */
mtp3field: SIO { $$.mtp3fieldtype = M_SIO; }
| OPC { $$.mtp3fieldtype = M_OPC; }
| DPC { $$.mtp3fieldtype = M_DPC; }
| SLS { $$.mtp3fieldtype = M_SLS; }
;
mtp3value: mtp3fieldvalue
| relop NUM { $$.b = gen_mtp3field_code($<blk>0.mtp3fieldtype, (u_int)$2, (u_int)$1, 0); }
| irelop NUM { $$.b = gen_mtp3field_code($<blk>0.mtp3fieldtype, (u_int)$2, (u_int)$1, 1); }
| paren mtp3listvalue ')' { $$.b = $2.b; $$.q = qerr; }
;
mtp3fieldvalue: NUM {
$$.mtp3fieldtype = $<blk>0.mtp3fieldtype;
if ($$.mtp3fieldtype == M_SIO ||
$$.mtp3fieldtype == M_OPC ||
$$.mtp3fieldtype == M_DPC ||
$$.mtp3fieldtype == M_SLS )
$$.b = gen_mtp3field_code($$.mtp3fieldtype, (u_int) $1, BPF_JEQ, 0);
}
;
mtp3listvalue: mtp3fieldvalue
| mtp3listvalue or mtp3fieldvalue { gen_or($1.b, $3.b); $$ = $3; }
;
%%

5
inet.c
View File

@ -34,7 +34,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.66 2005-02-10 19:38:06 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.67 2005-06-20 21:27:10 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -538,6 +538,9 @@ pcap_lookupnet(device, netp, maskp, errbuf)
if (!device || strcmp(device, "any") == 0
#ifdef HAVE_DAG_API
|| strstr(device, "dag") != NULL
#endif
#ifdef HAVE_SEPTEL_API
|| strstr(device, "septel") != NULL
#endif
) {
*netp = *maskp = 0;

View File

@ -27,7 +27,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-linux.c,v 1.111 2005-05-03 18:53:59 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-linux.c,v 1.112 2005-06-20 21:27:10 guy Exp $ (LBL)";
#endif
/*
@ -84,6 +84,10 @@ static const char rcsid[] _U_ =
#include "pcap-dag.h"
#endif /* HAVE_DAG_API */
#ifdef HAVE_SEPTEL_API
#include "pcap-septel.h"
#endif /* HAVE_SEPTEL_API */
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
@ -245,6 +249,12 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
}
#endif /* HAVE_DAG_API */
#ifdef HAVE_SEPTEL_API
if (strstr(device, "septel")) {
return septel_open_live(device, snaplen, promisc, to_ms, ebuf);
}
#endif /* HAVE_SEPTEL_API */
/* Allocate a handle for this session. */
handle = malloc(sizeof(*handle));
@ -855,6 +865,11 @@ pcap_platform_finddevs(pcap_if_t **alldevsp, char *errbuf)
return (-1);
#endif /* HAVE_DAG_API */
#ifdef HAVE_SEPTEL_API
if (septel_platform_finddevs(alldevsp, errbuf) < 0)
return (-1);
#endif /* HAVE_SEPTEL_API */
return (0);
}

318
pcap-septel.c Normal file
View File

@ -0,0 +1,318 @@
/*
* pcap-septel.c: Packet capture interface for Intel/Septel card.
*
* The functionality of this code attempts to mimic that of pcap-linux as much
* as possible. This code is compiled in several different ways depending on
* whether SEPTEL_ONLY and HAVE_SEPTEL_API are defined. If HAVE_SEPTEL_API is
* not defined it should not get compiled in, otherwise if SEPTEL_ONLY is
* defined then the 'septel_' function calls are renamed to 'pcap_'
* equivalents. If SEPTEL_ONLY is not defined then nothing is altered - the
* septel_ functions will be called as required from their
* pcap-linux/equivalents.
*
* Authors: Gilbert HOYEK (gil_hoyek@hotmail.com), Elias M. KHOURY
* (+961 3 485243)
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-septel.c,v 1.1 2005-06-20 21:27:10 guy Exp $";
#endif
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <sys/param.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "pcap-int.h"
#include <ctype.h>
#include <netinet/in.h>
#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <unistd.h>
#ifdef HAVE_SEPTEL_API
#include <msg.h>
#include <ss7_inc.h>
#include <sysgct.h>
#include <pack.h>
#include <system.h>
#endif /* HAVE_SEPTEL_API */
#ifdef SEPTEL_ONLY
/* This code is required when compiling for a DAG device only. */
#include "pcap-septel.h"
/* Replace dag function names with pcap equivalent. */
#define septel_open_live pcap_open_live
#define septel_platform_finddevs pcap_platform_finddevs
#endif /* SEPTEL_ONLY */
static int septel_setfilter(pcap_t *p, struct bpf_program *fp);
static int septel_stats(pcap_t *p, struct pcap_stat *ps);
static int septel_set_datalink(pcap_t *p, int dlt);
static int septel_get_datalink(pcap_t *p);
static int septel_setnonblock(pcap_t *p, int nonblock, char *errbuf);
static void septel_platform_close(pcap_t *p) {
}
/*
* Read at most max_packets from the capture queue and call the callback
* for each of them. Returns the number of packets handled, -1 if an
* error occured, or -2 if we were told to break out of the loop.
*/
static int septel_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user) {
HDR *h;
MSG *m;
int processed = 0 ;
int t = 0 ;
/* identifier for the message queue of the module(upe) from which we are capturing
* packets.These IDs are defined in system.txt . By default it is set to 0x2d
* so change it to 0xdd for technical reason and therefore the module id for upe becomes:
* LOCAL 0xdd * upe - Example user part task */
unsigned int id = 0xdd;
/* process the packets */
do {
unsigned short packet_len = 0;
int caplen = 0;
int counter = 0;
struct pcap_pkthdr pcap_header;
u_char *dp ;
dp = malloc(320); /* 320 = size of param area */
/*
* Has "pcap_breakloop()" been called?
*/
loop:
if (p->break_loop) {
/*
* Yes - clear the flag that indicates that
* it has, and return -2 to indicate that
* we were told to break out of the loop.
*/
p->break_loop = 0;
return -2;
}
/*repeat until a packet is read
*a NULL message means :
* when no packet is in queue or all packets in queue already read */
do {
/* receive packet in non-blocking mode
* GCT_grab is defined in the septel library software */
h = GCT_grab(id);
m = (MSG*)h;
/* a couter is added here to avoid an infinite loop
* that will cause our capture program GUI to freeze while waiting for a packet*/
counter++ ;
}
while ((m == NULL)&& (counter< 100)) ;
if (m != NULL) {
t = h->type ;
/* catch only messages with type = 0xcf00 or 0x8f01 corrsponding to ss7 messages*/
if ((t != 0xcf00) && (t != 0x8f01)) {
relm(h);
goto loop ;
}
dp = get_param(m);/* get pointer to MSG parameter area (m->param) */
packet_len = m->len;
caplen = p->snapshot ;
if (caplen > packet_len) {
caplen = packet_len;
}
/* Run the packet filter if there is one. */
if ((p->fcode.bf_insns == NULL) || bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen)) {
/* get a time stamp , consisting of :
*
* pcap_header.ts.tv_sec:
* ----------------------
* a UNIX format time-in-seconds when he packet was captured,
* i.e. the number of seconds since Epoch time (January 1,1970, 00:00:00 GMT)
*
* pcap_header.ts.tv_usec :
* ------------------------
* the number of microseconds since that second
* when the packet was captured
*/
(void)gettimeofday(&pcap_header.ts, NULL);
/* Fill in our own header data */
pcap_header.caplen = caplen;
pcap_header.len = packet_len;
/* Count the packet. */
p->md.stat.ps_recv++;
/* Call the user supplied callback function */
callback(user, &pcap_header, dp);
processed++ ;
}
/* after being processed the packet must be
*released in order to receive another one */
relm(h);
}else
processed++;
}
while (processed < cnt ) ;
return processed ;
}
/*
* Get a handle for a live capture from the given Septel device. Always pass a NULL device
* The promisc flag is ignored because Septel cards have built-in tracing.
* The to_ms parameter is also ignored as it is
* not supported in hardware.
*
* See also pcap(3).
*/
pcap_t *septel_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf) {
pcap_t *handle;
handle = malloc(sizeof(*handle));
if (handle == NULL) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc %s: %s", device, pcap_strerror(errno));
return NULL;
}
/* Initialize some components of the pcap structure. */
memset(handle, 0, sizeof(*handle));
handle->snapshot = snaplen;
if ((handle->linktype = septel_get_datalink(handle)) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "septel_get_linktype %s: unknown linktype\n", device);
goto fail;
}
handle->bufsize = 0;
/*
* "select()" and "poll()" don't work on Septel queues
*/
handle->selectable_fd = -1;
handle->read_op = septel_read;
handle->setfilter_op = septel_setfilter;
handle->set_datalink_op = septel_set_datalink;
handle->getnonblock_op = pcap_getnonblock_fd;
handle->setnonblock_op = septel_setnonblock;
handle->stats_op = septel_stats;
handle->close_op = septel_platform_close;
return handle;
fail:
if (handle != NULL) {
free(handle);
}
return NULL;
}
static int septel_stats(pcap_t *p, struct pcap_stat *ps) {
/*p->md.stat.ps_recv = 0;*/
/*p->md.stat.ps_drop = 0;*/
*ps = p->md.stat;
return 0;
}
int
septel_platform_finddevs(pcap_if_t **devlistp, char *errbuf)
{
unsigned char *p;
const char description[512]= "Intel/Septel device";
char name[512]="septel" ;
int ret = 0;
pcap_add_if(devlistp,name,0,description,errbuf);
return (ret);
}
/*
* Installs the given bpf filter program in the given pcap structure. There is
* no attempt to store the filter in kernel memory as that is not supported
* with SEPTEL cards.
*/
static int septel_setfilter(pcap_t *p, struct bpf_program *fp) {
if (!p)
return -1;
if (!fp) {
strncpy(p->errbuf, "setfilter: No filter specified",
sizeof(p->errbuf));
return -1;
}
/* Make our private copy of the filter */
if (install_bpf_program(p, fp) < 0) {
snprintf(p->errbuf, sizeof(p->errbuf),
"malloc: %s", pcap_strerror(errno));
return -1;
}
p->md.use_bpf = 0;
return (0);
}
static int
septel_set_datalink(pcap_t *p, int dlt)
{
return (0);
}
static int
septel_setnonblock(pcap_t *p, int nonblock, char *errbuf)
{
return (0);
}
static int
septel_get_datalink(pcap_t *p)
{
int linktype = -1;
return DLT_MTP2;
}

15
pcap-septel.h Normal file
View File

@ -0,0 +1,15 @@
/*
* pcap-septel.c: Packet capture interface for Intel Septel card
*
* The functionality of this code attempts to mimic that of pcap-linux as much
* as possible. This code is only needed when compiling in the Intel/Septel
* card code at the same time as another type of device.
*
* Authors: Gilbert HOYEK (gil_hoyek@hotmail.com), Elias M. KHOURY
* (+961 3 485343);
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-septel.h,v 1.1 2005-06-20 21:27:10 guy Exp $
*/
pcap_t *septel_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf);

View File

@ -22,7 +22,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/scanner.l,v 1.101 2005-05-02 21:13:09 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/scanner.l,v 1.102 2005-06-20 21:27:11 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -286,6 +286,11 @@ srnr|subrulenum return PF_SRNR;
reason return PF_REASON;
action return PF_ACTION;
sio return SIO;
opc return OPC;
dpc return DPC;
sls return SLS;
[ \r\n\t] ;
[+\-*/:\[\]!<>()&|=] return yytext[0];
">=" return GEQ;