forked from osmocom/wireshark
add display of GeoIP latitude/longitude
This is a crude hack, as the current Wireshark interface to GeoIP is not really suitable for reading several values of a single GeoIP database :-( svn path=/trunk/; revision=27365
This commit is contained in:
Ulf Lamping
parent
52c567e2b2
commit
d5d3e1fa92
|
|
@ -142,16 +142,22 @@ static int hf_geoip_city = -1;
|
|||
static int hf_geoip_org = -1;
|
||||
static int hf_geoip_isp = -1;
|
||||
static int hf_geoip_asnum = -1;
|
||||
static int hf_geoip_lat = -1;
|
||||
static int hf_geoip_lon = -1;
|
||||
static int hf_geoip_src_country = -1;
|
||||
static int hf_geoip_src_city = -1;
|
||||
static int hf_geoip_src_org = -1;
|
||||
static int hf_geoip_src_isp = -1;
|
||||
static int hf_geoip_src_asnum = -1;
|
||||
static int hf_geoip_src_lat = -1;
|
||||
static int hf_geoip_src_lon = -1;
|
||||
static int hf_geoip_dst_country = -1;
|
||||
static int hf_geoip_dst_city = -1;
|
||||
static int hf_geoip_dst_org = -1;
|
||||
static int hf_geoip_dst_isp = -1;
|
||||
static int hf_geoip_dst_asnum = -1;
|
||||
static int hf_geoip_dst_lat = -1;
|
||||
static int hf_geoip_dst_lon = -1;
|
||||
#endif /* HAVE_GEOIP */
|
||||
|
||||
static gint ett_ip = -1;
|
||||
|
|
@ -1535,6 +1541,16 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
|
|||
geoip_hf = hf_geoip_asnum;
|
||||
geoip_src_hf = hf_geoip_src_asnum;
|
||||
geoip_dst_hf = hf_geoip_dst_asnum;
|
||||
break;
|
||||
case WS_LAT_FAKE_EDITION:
|
||||
geoip_hf = hf_geoip_lat;
|
||||
geoip_src_hf = hf_geoip_src_lat;
|
||||
geoip_dst_hf = hf_geoip_dst_lat;
|
||||
break;
|
||||
case WS_LON_FAKE_EDITION:
|
||||
geoip_hf = hf_geoip_lon;
|
||||
geoip_src_hf = hf_geoip_src_lon;
|
||||
geoip_dst_hf = hf_geoip_dst_lon;
|
||||
break;
|
||||
default:
|
||||
continue;
|
||||
|
|
@ -1560,8 +1576,8 @@ dissect_ip(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree)
|
|||
PROTO_ITEM_SET_GENERATED(item);
|
||||
PROTO_ITEM_SET_HIDDEN(item);
|
||||
}
|
||||
}
|
||||
}
|
||||
} /* for */
|
||||
} /* switch */
|
||||
#endif /* HAVE_GEOIP */
|
||||
|
||||
if (tree) {
|
||||
|
|
@ -2539,6 +2555,12 @@ proto_register_ip(void)
|
|||
{ &hf_geoip_asnum,
|
||||
{ "Source or Destination GeoIP AS Number", "ip.geoip.asnum", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_lat,
|
||||
{ "Source or Destination GeoIP Latitude", "ip.geoip.lat", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_lon,
|
||||
{ "Source or Destination GeoIP Longitude", "ip.geoip.lon", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_src_country,
|
||||
{ "Source GeoIP Country", "ip.geoip.src_country", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
|
|
@ -2554,6 +2576,12 @@ proto_register_ip(void)
|
|||
{ &hf_geoip_src_asnum,
|
||||
{ "Source GeoIP AS Number", "ip.geoip.src_asnum", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_src_lat,
|
||||
{ "Source GeoIP Latitude", "ip.geoip.src_lat", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_src_lon,
|
||||
{ "Source GeoIP Longitude", "ip.geoip.src_lon", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_dst_country,
|
||||
{ "Destination GeoIP Country", "ip.geoip.dst_country", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
|
|
@ -2569,6 +2597,12 @@ proto_register_ip(void)
|
|||
{ &hf_geoip_dst_asnum,
|
||||
{ "Destination GeoIP AS Number", "ip.geoip.dst_asnum", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_dst_lat,
|
||||
{ "Destination GeoIP Latitude", "ip.geoip.dst_lat", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
{ &hf_geoip_dst_lon,
|
||||
{ "Destination GeoIP Longitude", "ip.geoip.dst_lon", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"", HFILL }},
|
||||
#endif /* HAVE_GEOIP */
|
||||
{ &hf_ip_flags,
|
||||
{ "Flags", "ip.flags", FT_UINT8, BASE_HEX, NULL, 0x0,
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@
|
|||
#include <wsutil/file_util.h>
|
||||
|
||||
/* This needs to match NUM_GEOIP_COLS in hostlist_table.h */
|
||||
#define MAX_GEOIP_DBS 8
|
||||
#define MAX_GEOIP_DBS 13
|
||||
|
||||
/* Column names for each database type */
|
||||
value_string geoip_type_name_vals[] = {
|
||||
|
|
@ -62,6 +62,8 @@ value_string geoip_type_name_vals[] = {
|
|||
{ GEOIP_ASNUM_EDITION, "AS Number" },
|
||||
{ GEOIP_NETSPEED_EDITION, "Speed" },
|
||||
{ GEOIP_DOMAIN_EDITION, "Domain" },
|
||||
{ WS_LAT_FAKE_EDITION, "Latitude" }, /* fake database */
|
||||
{ WS_LON_FAKE_EDITION, "Longitude" }, /* fake database */
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
|
|
@ -159,6 +161,18 @@ geoip_db_init(void) {
|
|||
}
|
||||
}
|
||||
|
||||
/* add fake databases for latitude and longitude (using "City" in reality) */
|
||||
{
|
||||
GeoIP *gi_lat;
|
||||
GeoIP *gi_lon;
|
||||
|
||||
gi_lat = g_malloc(sizeof (GeoIP));
|
||||
gi_lat->databaseType = WS_LAT_FAKE_EDITION;
|
||||
g_array_append_val(geoip_dat_arr, gi_lat);
|
||||
gi_lon = g_malloc(sizeof (GeoIP));
|
||||
gi_lon->databaseType = WS_LON_FAKE_EDITION;
|
||||
g_array_append_val(geoip_dat_arr, gi_lon);
|
||||
}
|
||||
}
|
||||
|
||||
guint
|
||||
|
|
@ -188,6 +202,35 @@ geoip_db_type(guint dbnum) {
|
|||
return -1;
|
||||
}
|
||||
|
||||
int
|
||||
geoip_db_lookup_latlon(guint32 addr, float *lat, float *lon) {
|
||||
GeoIP *gi;
|
||||
GeoIPRecord *gir;
|
||||
guint i;
|
||||
|
||||
for (i = 0; i < geoip_db_num_dbs(); i++) {
|
||||
gi = g_array_index(geoip_dat_arr, GeoIP *, i);
|
||||
if (gi) {
|
||||
switch (gi->databaseType) {
|
||||
case GEOIP_CITY_EDITION_REV0:
|
||||
case GEOIP_CITY_EDITION_REV1:
|
||||
gir = GeoIP_record_by_ipnum(gi, addr);
|
||||
if(gir) {
|
||||
*lat = gir->latitude;
|
||||
*lon = gir->longitude;
|
||||
return 0;
|
||||
}
|
||||
return -1;
|
||||
/*break;*/
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
#define VAL_STR_LEN 100
|
||||
const char *
|
||||
geoip_db_lookup_ipv4(guint dbnum, guint32 addr, char *not_found) {
|
||||
|
|
@ -221,6 +264,34 @@ geoip_db_lookup_ipv4(guint dbnum, guint32 addr, char *not_found) {
|
|||
ret = GeoIP_name_by_ipnum(gi, addr);
|
||||
break;
|
||||
|
||||
case WS_LAT_FAKE_EDITION:
|
||||
{
|
||||
float lat;
|
||||
float lon;
|
||||
char *c;
|
||||
if(geoip_db_lookup_latlon(addr, &lat, &lon) == 0) {
|
||||
g_snprintf(val, VAL_STR_LEN, "%f", lat);
|
||||
c = strchr(val, ',');
|
||||
if (c != NULL) *c = '.';
|
||||
ret = val;
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case WS_LON_FAKE_EDITION:
|
||||
{
|
||||
float lat;
|
||||
float lon;
|
||||
char *c;
|
||||
if(geoip_db_lookup_latlon(addr, &lat, &lon) == 0) {
|
||||
g_snprintf(val, VAL_STR_LEN, "%f", lon);
|
||||
c = strchr(val, ',');
|
||||
if (c != NULL) *c = '.';
|
||||
ret = val;
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,6 +27,13 @@
|
|||
#ifndef __GEOIP_DB_H__
|
||||
#define __GEOIP_DB_H__
|
||||
|
||||
|
||||
/* Fake databases to make lat/lon values available */
|
||||
/* XXX - find a better way to interface */
|
||||
#define WS_LAT_FAKE_EDITION 12
|
||||
#define WS_LON_FAKE_EDITION 13
|
||||
|
||||
|
||||
/**
|
||||
* Init function called from epan.h
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ typedef struct _hostlist_talker_t {
|
|||
|
||||
#define NUM_BUILTIN_COLS 8
|
||||
#ifdef HAVE_GEOIP
|
||||
# define NUM_GEOIP_COLS 8
|
||||
# define NUM_GEOIP_COLS 13
|
||||
#else
|
||||
# define NUM_GEOIP_COLS 0
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in New Issue