2021-11-26 03:31:05 +00:00
|
|
|
/** @file
|
2018-02-09 01:20:26 +00:00
|
|
|
* Maxmind database support
|
|
|
|
|
*
|
|
|
|
|
* Copyright 2018, Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
*
|
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
|
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __MAXMIND_DB_H__
|
|
|
|
|
#define __MAXMIND_DB_H__
|
|
|
|
|
|
|
|
|
|
#include <epan/prefs.h>
|
2019-02-09 22:25:17 +00:00
|
|
|
#include <wsutil/inet_ipv4.h>
|
|
|
|
|
#include <wsutil/inet_ipv6.h>
|
2018-02-09 01:20:26 +00:00
|
|
|
#include "ws_symbol_export.h"
|
|
|
|
|
|
2021-03-16 09:36:10 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
typedef struct _mmdb_lookup_t {
|
|
|
|
|
gboolean found;
|
|
|
|
|
const char *country;
|
2018-03-10 17:18:03 +00:00
|
|
|
const char *country_iso;
|
2018-02-09 01:20:26 +00:00
|
|
|
const char *city;
|
2018-03-10 18:23:17 +00:00
|
|
|
guint32 as_number;
|
2018-02-09 01:20:26 +00:00
|
|
|
const char *as_org;
|
|
|
|
|
double latitude;
|
|
|
|
|
double longitude;
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
guint16 accuracy; /** Accuracy radius in kilometers. */
|
2018-02-09 01:20:26 +00:00
|
|
|
} mmdb_lookup_t;
|
|
|
|
|
|
|
|
|
|
/**
|
2018-03-15 16:44:58 +00:00
|
|
|
* Init / reset function called from prefs_reset
|
2018-02-09 01:20:26 +00:00
|
|
|
*/
|
|
|
|
|
WS_DLL_LOCAL void maxmind_db_pref_init(module_t *nameres);
|
|
|
|
|
|
|
|
|
|
/**
|
2018-03-15 16:44:58 +00:00
|
|
|
* Cleanup function called from prefs_cleanup
|
2018-02-09 01:20:26 +00:00
|
|
|
*/
|
|
|
|
|
WS_DLL_LOCAL void maxmind_db_pref_cleanup(void);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Look up an IPv4 address in a database
|
|
|
|
|
*
|
|
|
|
|
* @param addr IPv4 address to look up
|
|
|
|
|
*
|
|
|
|
|
* @return The database entry if found, else NULL.
|
|
|
|
|
*/
|
2019-02-09 22:25:17 +00:00
|
|
|
WS_DLL_PUBLIC WS_RETNONNULL const mmdb_lookup_t *maxmind_db_lookup_ipv4(const ws_in4_addr *addr);
|
2018-02-09 01:20:26 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Look up an IPv6 address in a database
|
|
|
|
|
*
|
|
|
|
|
* @param addr IPv6 address to look up
|
|
|
|
|
*
|
|
|
|
|
* @return The database entry if found, else NULL.
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC WS_RETNONNULL const mmdb_lookup_t *maxmind_db_lookup_ipv6(const ws_in6_addr *addr);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get all configured paths
|
|
|
|
|
*
|
|
|
|
|
* @return String with all paths separated by a path separator
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC gchar *maxmind_db_get_paths(void);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Process outstanding requests.
|
|
|
|
|
*
|
|
|
|
|
* @return True if any new addresses were resolved.
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_LOCAL gboolean maxmind_db_lookup_process(void);
|
|
|
|
|
|
Re-implement "Map" feature for Endpoints
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
2019-02-09 23:19:54 +00:00
|
|
|
/**
|
|
|
|
|
* Checks whether the lookup result was successful and has valid coordinates.
|
|
|
|
|
*/
|
|
|
|
|
static inline gboolean maxmind_db_has_coords(const mmdb_lookup_t *result)
|
|
|
|
|
{
|
|
|
|
|
return result && result->found &&
|
|
|
|
|
result->longitude != DBL_MAX && result->latitude != DBL_MAX;
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-07 21:21:42 +00:00
|
|
|
/**
|
|
|
|
|
* Select whether lookups should be performed synchronously.
|
|
|
|
|
* Default is asynchronous lookups.
|
|
|
|
|
*
|
|
|
|
|
* @param synchronous Whether maxmind lookups should be synchronous.
|
|
|
|
|
*
|
|
|
|
|
* XXX - if we ever have per-session host name etc. information, we
|
|
|
|
|
* should probably have the "resolve synchronously or asynchronously"
|
|
|
|
|
* flag be per-session, set with an epan API.
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC void maxmind_db_set_synchrony(gboolean synchronous);
|
|
|
|
|
|
2018-02-09 01:20:26 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
|
|
|
|
#endif /* __MAXMIND_DB_H__ */
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Editor modelines
|
|
|
|
|
*
|
|
|
|
|
* Local Variables:
|
|
|
|
|
* c-basic-offset: 4
|
|
|
|
|
* tab-width: 8
|
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
|
* End:
|
|
|
|
|
*
|
|
|
|
|
* ex: set shiftwidth=4 tabstop=8 expandtab:
|
|
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
|
|
|
|
*/
|