1998-09-16 02:39:15 +00:00
|
|
|
/* resolv.c
|
|
|
|
|
* Routines for network object lookup
|
|
|
|
|
*
|
2001-03-31 22:53:09 +00:00
|
|
|
* $Id: resolv.c,v 1.6 2001/03/31 22:53:09 hagbard Exp $
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* Laurent Deniel <deniel@worldnet.fr>
|
|
|
|
|
*
|
|
|
|
|
* Ethereal - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@zing.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
# include "config.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
1998-12-17 05:42:33 +00:00
|
|
|
#include <stdlib.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <string.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
|
|
|
|
|
#ifndef WIN32
|
|
|
|
|
#ifndef AVOID_DNS_TIMEOUT
|
|
|
|
|
#define AVOID_DNS_TIMEOUT
|
|
|
|
|
#endif
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_UNISTD_H
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <unistd.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
#ifdef HAVE_SYS_TYPES_H
|
|
|
|
|
# include <sys/types.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_NETINET_IN_H
|
|
|
|
|
# include <netinet/in.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_NETDB_H
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <netdb.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
2000-01-10 17:33:17 +00:00
|
|
|
#ifdef HAVE_ARPA_INET_H
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
#include <arpa/inet.h>
|
2000-01-10 17:33:17 +00:00
|
|
|
#endif
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <signal.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
|
|
|
|
|
#ifdef HAVE_SYS_SOCKET_H
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <sys/socket.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
|
|
|
|
# include <setjmp.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
Apparently, on systems with glibc 2.2, "inet_aton()" is declared in
<arpa/inet.h>, but is, in some fashion, declared differently from the
way we declare it in "inet_v6defs.h", but "inet_ntop()" isn't defined,
so we include "inet_v6defs.h" in "inet_pton.c", which causes
"inet_pton.c" not to compile as we get a collision between the two
declarations.
Move the declaration of "inet_aton()" to "inet_aton.h", define
"NEED_INET_ATON_H" iff we didn't find "inet_aton()" in the system
libraries, and include "inet_aton.h" in the callers of "inet_aton()" iff
"NEED_INET_ATON_H" is defined, so that it doesn't get declared by us if
"inet_aton()" is defined by a system library (which hopefully means it's
declared in <arpa/inet.h> instead).
svn path=/trunk/; revision=2137
2000-07-14 07:11:53 +00:00
|
|
|
#ifdef NEED_INET_ATON_H
|
|
|
|
|
# include "inet_aton.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
1999-10-14 06:55:11 +00:00
|
|
|
#ifdef NEED_INET_V6DEFS_H
|
|
|
|
|
# include "inet_v6defs.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#include "packet.h"
|
1999-03-28 18:32:03 +00:00
|
|
|
#include "packet-ipv6.h"
|
1999-11-21 16:32:23 +00:00
|
|
|
#include "packet-ipx.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
#include "resolv.h"
|
2001-03-31 22:53:09 +00:00
|
|
|
#include "filesystem.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
|
Give libethereal its own configuration file, and have that configuration
file, rather than the top-level Ethereal configuration file, check for
"inet_aton()", "inet_pton()", and "inet_ntop()". Then make its
Makefile.am include the appropriate object files if necessary.
Otherwise, they don't get built and put into libethereal, and therefore
attempts to link with anything in libethereal that uses them fail on
platforms that lack ethem, causing the build to fail.
That means a bunch of things need to be fixed to cope with libethereal
having its own "config.h" file; this means removing the include of
"config.h" from some libethereal header files. Move the definitions of
the path names used only by "resolv.c" to "resolv.c" from "resolv.h" (so
"resolv.h" doesn't need "config.h", define HAVE_PLUGINS in the configure
script (so we don't have to include it in "plugins.h" to check whether
HAVE_DLFCN_H is defined).
Unfortunately, stuff outside libethereal needs to know PLUGIN_DIR; for
now, define that in the top-level configuration file, and have Ethereal
and Tethereal pass it as an argument to "epan_init()" - that should be
cleaned up at some point.
Remove from the top-level configure script checks for things used only
in libethereal.
svn path=/trunk/; revision=2498
2000-10-16 23:18:05 +00:00
|
|
|
#define EPATH_ETHERS "/etc/ethers"
|
|
|
|
|
#define EPATH_IPXNETS "/etc/ipxnets"
|
|
|
|
|
#define EPATH_MANUF DATAFILE_DIR "/manuf"
|
|
|
|
|
#define EPATH_PERSONAL_ETHERS ".ethereal/ethers" /* with "$HOME/" prefix */
|
|
|
|
|
#define EPATH_PERSONAL_IPXNETS ".ethereal/ipxnets" /* with "$HOME/" prefix */
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
#define MAXMANUFLEN 9 /* max vendor name length with ending '\0' */
|
|
|
|
|
#define HASHETHSIZE 1024
|
1998-09-16 02:39:15 +00:00
|
|
|
#define HASHHOSTSIZE 1024
|
1999-11-21 16:32:23 +00:00
|
|
|
#define HASHIPXNETSIZE 256
|
1998-09-25 23:24:07 +00:00
|
|
|
#define HASHMANUFSIZE 256
|
1998-09-16 02:39:15 +00:00
|
|
|
#define HASHPORTSIZE 256
|
|
|
|
|
|
|
|
|
|
/* hash table used for host and port lookup */
|
|
|
|
|
|
|
|
|
|
typedef struct hashname {
|
|
|
|
|
u_int addr;
|
|
|
|
|
u_char name[MAXNAMELEN];
|
2000-08-10 20:09:29 +00:00
|
|
|
gboolean is_dummy_entry; /* name is IP address in dot format */
|
1998-09-16 02:39:15 +00:00
|
|
|
struct hashname *next;
|
|
|
|
|
} hashname_t;
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* hash table used for IPX network lookup */
|
|
|
|
|
|
|
|
|
|
typedef struct hashname hashipxnet_t;
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* hash tables used for ethernet and manufacturer lookup */
|
|
|
|
|
|
|
|
|
|
typedef struct hashmanuf {
|
|
|
|
|
u_char addr[3];
|
|
|
|
|
char name[MAXMANUFLEN];
|
|
|
|
|
struct hashmanuf *next;
|
|
|
|
|
} hashmanuf_t;
|
|
|
|
|
|
|
|
|
|
typedef struct hashether {
|
|
|
|
|
u_char addr[6];
|
|
|
|
|
char name[MAXNAMELEN];
|
2000-08-10 20:09:29 +00:00
|
|
|
gboolean is_dummy_entry; /* not a complete entry */
|
1998-09-25 23:24:07 +00:00
|
|
|
struct hashether *next;
|
|
|
|
|
} hashether_t;
|
|
|
|
|
|
|
|
|
|
/* internal ethernet type */
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
typedef struct _ether
|
|
|
|
|
{
|
|
|
|
|
u_char addr[6];
|
|
|
|
|
char name[MAXNAMELEN];
|
|
|
|
|
} ether_t;
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* internal ipxnet type */
|
|
|
|
|
|
|
|
|
|
typedef struct _ipxnet
|
|
|
|
|
{
|
|
|
|
|
u_int addr;
|
|
|
|
|
char name[MAXNAMELEN];
|
|
|
|
|
} ipxnet_t;
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
static hashname_t *host_table[HASHHOSTSIZE];
|
|
|
|
|
static hashname_t *udp_port_table[HASHPORTSIZE];
|
|
|
|
|
static hashname_t *tcp_port_table[HASHPORTSIZE];
|
2000-08-19 08:26:04 +00:00
|
|
|
static hashname_t *sctp_port_table[HASHPORTSIZE];
|
1998-09-25 23:24:07 +00:00
|
|
|
static hashether_t *eth_table[HASHETHSIZE];
|
|
|
|
|
static hashmanuf_t *manuf_table[HASHMANUFSIZE];
|
1999-11-21 16:32:23 +00:00
|
|
|
static hashipxnet_t *ipxnet_table[HASHIPXNETSIZE];
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
static int eth_resolution_initialized = 0;
|
1999-11-21 16:32:23 +00:00
|
|
|
static int ipxnet_resolution_initialized = 0;
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Global variables (can be changed in GUI sections)
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
int g_resolving_actif = 1; /* routines are active by default */
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
gchar *g_ethers_path = EPATH_ETHERS;
|
|
|
|
|
gchar *g_pethers_path = NULL; /* "$HOME"/EPATH_PERSONAL_ETHERS */
|
1999-11-21 16:32:23 +00:00
|
|
|
gchar *g_ipxnets_path = EPATH_IPXNETS;
|
|
|
|
|
gchar *g_pipxnets_path = NULL; /* "$HOME"/EPATH_PERSONAL_IPXNETS */
|
1998-09-25 23:24:07 +00:00
|
|
|
gchar *g_manuf_path = EPATH_MANUF; /* may only be changed before the */
|
|
|
|
|
/* first resolving call */
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/*
|
|
|
|
|
* Local function definitions
|
|
|
|
|
*/
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
static u_char *serv_name_lookup(u_int port, port_type proto)
|
1998-09-16 02:39:15 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
hashname_t *tp;
|
|
|
|
|
hashname_t **table;
|
|
|
|
|
char *serv_proto = NULL;
|
|
|
|
|
struct servent *servp;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
switch(proto) {
|
2000-08-19 08:26:04 +00:00
|
|
|
case PT_UDP:
|
1998-09-16 02:39:15 +00:00
|
|
|
table = udp_port_table;
|
|
|
|
|
serv_proto = "udp";
|
|
|
|
|
break;
|
2000-08-19 08:26:04 +00:00
|
|
|
case PT_TCP:
|
1998-09-16 02:39:15 +00:00
|
|
|
table = tcp_port_table;
|
|
|
|
|
serv_proto = "tcp";
|
|
|
|
|
break;
|
2000-08-19 08:26:04 +00:00
|
|
|
case PT_SCTP:
|
|
|
|
|
table = sctp_port_table;
|
|
|
|
|
serv_proto = "sctp";
|
|
|
|
|
break;
|
1998-09-16 02:39:15 +00:00
|
|
|
default:
|
|
|
|
|
/* not yet implemented */
|
|
|
|
|
return NULL;
|
|
|
|
|
/*NOTREACHED*/
|
|
|
|
|
break;
|
|
|
|
|
} /* proto */
|
|
|
|
|
|
|
|
|
|
i = port & (HASHPORTSIZE - 1);
|
|
|
|
|
tp = table[ i & (HASHPORTSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ i & (HASHPORTSIZE - 1)] =
|
|
|
|
|
(hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if( tp->addr == port ) {
|
|
|
|
|
return tp->name;
|
|
|
|
|
}
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* fill in a new entry */
|
|
|
|
|
tp->addr = port;
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
2000-08-10 22:35:30 +00:00
|
|
|
if (!g_resolving_actif ||
|
|
|
|
|
(servp = getservbyport(htons(port), serv_proto)) == NULL) {
|
1998-09-16 02:39:15 +00:00
|
|
|
/* unknown port */
|
|
|
|
|
sprintf(tp->name, "%d", port);
|
|
|
|
|
} else {
|
|
|
|
|
strncpy(tp->name, servp->s_name, MAXNAMELEN);
|
1998-09-25 23:24:07 +00:00
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (tp->name);
|
|
|
|
|
|
|
|
|
|
} /* serv_name_lookup */
|
|
|
|
|
|
|
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
|
|
|
|
|
1999-09-18 16:01:52 +00:00
|
|
|
#define DNS_TIMEOUT 2 /* max sec per call */
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
jmp_buf hostname_env;
|
|
|
|
|
|
|
|
|
|
static void abort_network_query(int sig)
|
|
|
|
|
{
|
|
|
|
|
longjmp(hostname_env, 1);
|
|
|
|
|
}
|
|
|
|
|
#endif /* AVOID_DNS_TIMEOUT */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
static u_char *host_name_lookup(u_int addr, gboolean *found)
|
1998-09-16 02:39:15 +00:00
|
|
|
{
|
|
|
|
|
|
1998-09-27 22:12:47 +00:00
|
|
|
hashname_t * volatile tp;
|
1998-09-16 02:39:15 +00:00
|
|
|
hashname_t **table = host_table;
|
|
|
|
|
struct hostent *hostp;
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
*found = TRUE;
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
tp = table[ addr & (HASHHOSTSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ addr & (HASHHOSTSIZE - 1)] =
|
|
|
|
|
(hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if( tp->addr == addr ) {
|
2000-08-10 20:09:29 +00:00
|
|
|
if (tp->is_dummy_entry)
|
|
|
|
|
*found = FALSE;
|
1998-09-16 02:39:15 +00:00
|
|
|
return tp->name;
|
|
|
|
|
}
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* fill in a new entry */
|
|
|
|
|
tp->addr = addr;
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
2000-08-10 22:35:30 +00:00
|
|
|
if (g_resolving_actif) {
|
1998-09-16 02:39:15 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
1998-09-25 23:24:07 +00:00
|
|
|
|
2000-08-10 22:35:30 +00:00
|
|
|
/* Quick hack to avoid DNS/YP timeout */
|
1998-09-25 23:24:07 +00:00
|
|
|
|
2000-08-10 22:35:30 +00:00
|
|
|
if (!setjmp(hostname_env)) {
|
|
|
|
|
signal(SIGALRM, abort_network_query);
|
|
|
|
|
alarm(DNS_TIMEOUT);
|
1998-09-16 02:39:15 +00:00
|
|
|
#endif
|
2000-08-10 22:35:30 +00:00
|
|
|
hostp = gethostbyaddr((char *)&addr, 4, AF_INET);
|
1998-09-16 02:39:15 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
2000-08-10 22:35:30 +00:00
|
|
|
alarm(0);
|
1998-09-16 02:39:15 +00:00
|
|
|
#endif
|
2000-08-10 22:35:30 +00:00
|
|
|
if (hostp != NULL) {
|
|
|
|
|
strncpy(tp->name, hostp->h_name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
tp->is_dummy_entry = FALSE;
|
|
|
|
|
return tp->name;
|
|
|
|
|
}
|
1998-09-16 02:39:15 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
2000-08-10 22:35:30 +00:00
|
|
|
}
|
1998-09-16 02:39:15 +00:00
|
|
|
#endif
|
2000-08-10 22:35:30 +00:00
|
|
|
}
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
/* unknown host or DNS timeout */
|
|
|
|
|
|
2001-01-09 09:57:06 +00:00
|
|
|
ip_to_str_buf((guint8 *)&addr, tp->name);
|
2000-08-10 20:09:29 +00:00
|
|
|
tp->is_dummy_entry = TRUE;
|
|
|
|
|
*found = FALSE;
|
1998-09-25 23:24:07 +00:00
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
return (tp->name);
|
|
|
|
|
|
|
|
|
|
} /* host_name_lookup */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
static u_char *host_name_lookup6(struct e_in6_addr *addr, gboolean *found)
|
1999-03-28 18:32:03 +00:00
|
|
|
{
|
|
|
|
|
static u_char name[MAXNAMELEN];
|
|
|
|
|
#ifdef INET6
|
|
|
|
|
struct hostent *hostp;
|
2000-08-10 22:35:30 +00:00
|
|
|
|
|
|
|
|
if (g_resolving_actif) {
|
1999-03-28 18:32:03 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
|
|
|
|
|
2000-08-10 22:35:30 +00:00
|
|
|
/* Quick hack to avoid DNS/YP timeout */
|
|
|
|
|
|
|
|
|
|
if (!setjmp(hostname_env)) {
|
|
|
|
|
signal(SIGALRM, abort_network_query);
|
|
|
|
|
alarm(DNS_TIMEOUT);
|
1999-03-28 18:32:03 +00:00
|
|
|
#endif /* AVOID_DNS_TIMEOUT */
|
2000-08-10 22:35:30 +00:00
|
|
|
hostp = gethostbyaddr((char *)addr, sizeof(*addr), AF_INET6);
|
1999-03-28 18:32:03 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
2000-08-10 22:35:30 +00:00
|
|
|
alarm(0);
|
1999-03-28 18:32:03 +00:00
|
|
|
#endif
|
2000-08-10 22:35:30 +00:00
|
|
|
if (hostp != NULL) {
|
|
|
|
|
strncpy(name, hostp->h_name, MAXNAMELEN);
|
|
|
|
|
name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
*found = TRUE;
|
|
|
|
|
return name;
|
|
|
|
|
}
|
1999-03-28 18:32:03 +00:00
|
|
|
#ifdef AVOID_DNS_TIMEOUT
|
2000-08-10 22:35:30 +00:00
|
|
|
}
|
1999-03-28 18:32:03 +00:00
|
|
|
#endif
|
2000-08-10 22:35:30 +00:00
|
|
|
}
|
1999-03-28 18:32:03 +00:00
|
|
|
|
|
|
|
|
/* unknown host or DNS timeout */
|
|
|
|
|
#endif /* INET6 */
|
2000-08-10 20:09:29 +00:00
|
|
|
*found = FALSE;
|
1999-03-28 18:32:03 +00:00
|
|
|
sprintf(name, "%s", ip6_to_str(addr));
|
|
|
|
|
return (name);
|
|
|
|
|
}
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/*
|
|
|
|
|
* Miscellaneous functions
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
static int fgetline(char **buf, int *size, FILE *fp)
|
|
|
|
|
{
|
|
|
|
|
int len;
|
|
|
|
|
int c;
|
|
|
|
|
|
|
|
|
|
if (fp == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (*buf == NULL) {
|
|
|
|
|
if (*size == 0)
|
|
|
|
|
*size = BUFSIZ;
|
|
|
|
|
|
|
|
|
|
if ((*buf = g_malloc(*size)) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (feof(fp))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
len = 0;
|
|
|
|
|
while ((c = getc(fp)) != EOF && c != '\n') {
|
|
|
|
|
if (len+1 >= *size) {
|
|
|
|
|
if ((*buf = g_realloc(*buf, *size += BUFSIZ)) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
(*buf)[len++] = c;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (len == 0 && c == EOF)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
(*buf)[len] = '\0';
|
|
|
|
|
|
|
|
|
|
return len;
|
|
|
|
|
|
|
|
|
|
} /* fgetline */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Ethernet / manufacturer resolution
|
|
|
|
|
*
|
|
|
|
|
* The following functions implement ethernet address resolution and
|
|
|
|
|
* ethers files parsing (see ethers(4)).
|
|
|
|
|
*
|
|
|
|
|
* /etc/manuf has the same format as ethers(4) except that names are
|
|
|
|
|
* truncated to MAXMANUFLEN-1 characters and that an address contains
|
|
|
|
|
* only 3 bytes (instead of 6).
|
|
|
|
|
*
|
|
|
|
|
* Notes:
|
|
|
|
|
*
|
|
|
|
|
* I decide to not use the existing functions (see ethers(3) on some
|
|
|
|
|
* operating systems) for the following reasons:
|
|
|
|
|
* - performance gains (use of hash tables and some other enhancements),
|
|
|
|
|
* - use of two ethers files (system-wide and per user),
|
|
|
|
|
* - avoid the use of NIS maps,
|
|
|
|
|
* - lack of these functions on some systems.
|
|
|
|
|
*
|
|
|
|
|
* So the following functions do _not_ behave as the standard ones.
|
|
|
|
|
*
|
|
|
|
|
* -- Laurent.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int parse_ether_line(char *line, ether_t *eth, int six_bytes)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* See man ethers(4) for /etc/ethers file format
|
|
|
|
|
* (not available on all systems).
|
1999-11-21 16:32:23 +00:00
|
|
|
* We allow both ethernet address separators (':' and '-'),
|
|
|
|
|
* as well as Ethereal's '.' separator.
|
1998-09-25 23:24:07 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
gchar *cp;
|
|
|
|
|
int a0, a1, a2, a3, a4, a5;
|
|
|
|
|
|
|
|
|
|
if ((cp = strchr(line, '#')))
|
|
|
|
|
*cp = '\0';
|
|
|
|
|
|
|
|
|
|
if ((cp = strtok(line, " \t\n")) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (six_bytes) {
|
|
|
|
|
if (sscanf(cp, "%x:%x:%x:%x:%x:%x", &a0, &a1, &a2, &a3, &a4, &a5) != 6) {
|
1999-11-20 03:39:27 +00:00
|
|
|
if (sscanf(cp, "%x-%x-%x-%x-%x-%x", &a0, &a1, &a2, &a3, &a4, &a5) != 6) {
|
|
|
|
|
if (sscanf(cp, "%x.%x.%x.%x.%x.%x", &a0, &a1, &a2, &a3, &a4, &a5) != 6)
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
1998-09-25 23:24:07 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (sscanf(cp, "%x:%x:%x", &a0, &a1, &a2) != 3) {
|
1999-11-20 03:39:27 +00:00
|
|
|
if (sscanf(cp, "%x-%x-%x", &a0, &a1, &a2) != 3) {
|
|
|
|
|
if (sscanf(cp, "%x.%x.%x", &a0, &a1, &a2) != 3)
|
1998-09-25 23:24:07 +00:00
|
|
|
return -1;
|
1999-11-20 03:39:27 +00:00
|
|
|
}
|
1998-09-25 23:24:07 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((cp = strtok(NULL, " \t\n")) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
eth->addr[0] = a0;
|
|
|
|
|
eth->addr[1] = a1;
|
|
|
|
|
eth->addr[2] = a2;
|
|
|
|
|
if (six_bytes) {
|
|
|
|
|
eth->addr[3] = a3;
|
|
|
|
|
eth->addr[4] = a4;
|
|
|
|
|
eth->addr[5] = a5;
|
|
|
|
|
} else {
|
|
|
|
|
eth->addr[3] = 0;
|
|
|
|
|
eth->addr[4] = 0;
|
|
|
|
|
eth->addr[5] = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
strncpy(eth->name, cp, MAXNAMELEN);
|
|
|
|
|
eth->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
} /* parse_ether_line */
|
|
|
|
|
|
|
|
|
|
static FILE *eth_p = NULL;
|
|
|
|
|
|
|
|
|
|
static void set_ethent(char *path)
|
|
|
|
|
{
|
|
|
|
|
if (eth_p)
|
|
|
|
|
rewind(eth_p);
|
|
|
|
|
else
|
|
|
|
|
eth_p = fopen(path, "r");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void end_ethent(void)
|
|
|
|
|
{
|
|
|
|
|
if (eth_p) {
|
|
|
|
|
fclose(eth_p);
|
|
|
|
|
eth_p = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static ether_t *get_ethent(int six_bytes)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
static ether_t eth;
|
|
|
|
|
static int size = 0;
|
|
|
|
|
static char *buf = NULL;
|
|
|
|
|
|
|
|
|
|
if (eth_p == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
while (fgetline(&buf, &size, eth_p) >= 0) {
|
|
|
|
|
if (parse_ether_line(buf, ð, six_bytes) == 0) {
|
|
|
|
|
return ð
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
} /* get_ethent */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
static ether_t *get_ethbyname(const u_char *name)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
ether_t *eth;
|
|
|
|
|
|
|
|
|
|
set_ethent(g_ethers_path);
|
|
|
|
|
|
|
|
|
|
while ((eth = get_ethent(1)) && strncmp(name, eth->name, MAXNAMELEN) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
if (eth == NULL) {
|
|
|
|
|
end_ethent();
|
|
|
|
|
|
|
|
|
|
set_ethent(g_pethers_path);
|
|
|
|
|
|
|
|
|
|
while ((eth = get_ethent(1)) && strncmp(name, eth->name, MAXNAMELEN) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
end_ethent();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return eth;
|
|
|
|
|
|
|
|
|
|
} /* get_ethbyname */
|
|
|
|
|
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
static ether_t *get_ethbyaddr(const u_char *addr)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
ether_t *eth;
|
|
|
|
|
|
|
|
|
|
set_ethent(g_ethers_path);
|
|
|
|
|
|
|
|
|
|
while ((eth = get_ethent(1)) && memcmp(addr, eth->addr, 6) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
if (eth == NULL) {
|
|
|
|
|
end_ethent();
|
|
|
|
|
|
|
|
|
|
set_ethent(g_pethers_path);
|
|
|
|
|
|
|
|
|
|
while ((eth = get_ethent(1)) && memcmp(addr, eth->addr, 6) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
end_ethent();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return eth;
|
|
|
|
|
|
|
|
|
|
} /* get_ethbyaddr */
|
|
|
|
|
|
|
|
|
|
static void add_manuf_name(u_char *addr, u_char *name)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
hashmanuf_t *tp;
|
|
|
|
|
hashmanuf_t **table = manuf_table;
|
|
|
|
|
|
|
|
|
|
tp = table[ ((int)addr[2]) & (HASHMANUFSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ ((int)addr[2]) & (HASHMANUFSIZE - 1)] =
|
|
|
|
|
(hashmanuf_t *)g_malloc(sizeof(hashmanuf_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashmanuf_t *)g_malloc(sizeof(hashmanuf_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memcpy(tp->addr, addr, sizeof(tp->addr));
|
|
|
|
|
strncpy(tp->name, name, MAXMANUFLEN);
|
|
|
|
|
tp->name[MAXMANUFLEN-1] = '\0';
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
|
|
|
|
} /* add_manuf_name */
|
|
|
|
|
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
static hashmanuf_t *manuf_name_lookup(const u_char *addr)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
hashmanuf_t *tp;
|
|
|
|
|
hashmanuf_t **table = manuf_table;
|
|
|
|
|
|
|
|
|
|
tp = table[ ((int)addr[2]) & (HASHMANUFSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
while(tp != NULL) {
|
|
|
|
|
if (memcmp(tp->addr, addr, sizeof(tp->addr)) == 0) {
|
|
|
|
|
return tp;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
} /* manuf_name_lookup */
|
|
|
|
|
|
1999-11-20 05:35:15 +00:00
|
|
|
static void initialize_ethers(void)
|
|
|
|
|
{
|
|
|
|
|
ether_t *eth;
|
|
|
|
|
|
|
|
|
|
/* Set g_pethers_path here, but don't actually do anything
|
|
|
|
|
* with it. It's used in get_ethbyname() and get_ethbyaddr()
|
|
|
|
|
*/
|
|
|
|
|
if (g_pethers_path == NULL) {
|
2000-01-29 16:41:28 +00:00
|
|
|
g_pethers_path = g_malloc(strlen(get_home_dir()) +
|
1999-11-20 05:35:15 +00:00
|
|
|
strlen(EPATH_PERSONAL_ETHERS) + 2);
|
|
|
|
|
sprintf(g_pethers_path, "%s/%s",
|
2000-01-29 16:41:28 +00:00
|
|
|
get_home_dir(), EPATH_PERSONAL_ETHERS);
|
1999-11-20 05:35:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* manuf hash table initialization */
|
|
|
|
|
|
|
|
|
|
set_ethent(g_manuf_path);
|
|
|
|
|
|
|
|
|
|
while ((eth = get_ethent(0))) {
|
|
|
|
|
add_manuf_name(eth->addr, eth->name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
end_ethent();
|
|
|
|
|
|
|
|
|
|
} /* initialize_ethers */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
static hashether_t *add_eth_name(const u_char *addr, const u_char *name)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
hashether_t *tp;
|
|
|
|
|
hashether_t **table = eth_table;
|
|
|
|
|
int i,j;
|
|
|
|
|
|
|
|
|
|
j = (addr[2] << 8) | addr[3];
|
|
|
|
|
i = (addr[4] << 8) | addr[5];
|
|
|
|
|
|
|
|
|
|
tp = table[ (i ^ j) & (HASHETHSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ (i ^ j) & (HASHETHSIZE - 1)] =
|
|
|
|
|
(hashether_t *)g_malloc(sizeof(hashether_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
2000-08-10 20:09:29 +00:00
|
|
|
if (memcmp(tp->addr, addr, sizeof(tp->addr)) == 0) {
|
|
|
|
|
/* address already known */
|
|
|
|
|
if (!tp->is_dummy_entry) {
|
|
|
|
|
return tp;
|
|
|
|
|
} else {
|
|
|
|
|
/* replace this dummy (manuf) entry with a real name */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
1998-09-25 23:24:07 +00:00
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashether_t *)g_malloc(sizeof(hashether_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memcpy(tp->addr, addr, sizeof(tp->addr));
|
|
|
|
|
strncpy(tp->name, name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
tp->next = NULL;
|
2000-08-10 20:09:29 +00:00
|
|
|
tp->is_dummy_entry = FALSE;
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
return tp;
|
|
|
|
|
|
|
|
|
|
} /* add_eth_name */
|
|
|
|
|
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
static u_char *eth_name_lookup(const u_char *addr)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
hashmanuf_t *manufp;
|
|
|
|
|
hashether_t *tp;
|
|
|
|
|
hashether_t **table = eth_table;
|
|
|
|
|
ether_t *eth;
|
|
|
|
|
int i,j;
|
|
|
|
|
|
|
|
|
|
j = (addr[2] << 8) | addr[3];
|
|
|
|
|
i = (addr[4] << 8) | addr[5];
|
|
|
|
|
|
|
|
|
|
tp = table[ (i ^ j) & (HASHETHSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ (i ^ j) & (HASHETHSIZE - 1)] =
|
|
|
|
|
(hashether_t *)g_malloc(sizeof(hashether_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if (memcmp(tp->addr, addr, sizeof(tp->addr)) == 0) {
|
|
|
|
|
return tp->name;
|
|
|
|
|
}
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashether_t *)g_malloc(sizeof(hashether_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* fill in a new entry */
|
|
|
|
|
|
|
|
|
|
memcpy(tp->addr, addr, sizeof(tp->addr));
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
|
|
|
|
if ( (eth = get_ethbyaddr(addr)) == NULL) {
|
|
|
|
|
/* unknown name */
|
|
|
|
|
|
|
|
|
|
if ((manufp = manuf_name_lookup(addr)) == NULL)
|
|
|
|
|
sprintf(tp->name, "%s", ether_to_str((guint8 *)addr));
|
|
|
|
|
else
|
|
|
|
|
sprintf(tp->name, "%s_%02x:%02x:%02x",
|
|
|
|
|
manufp->name, addr[3], addr[4], addr[5]);
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
tp->is_dummy_entry = TRUE;
|
1999-11-20 05:35:15 +00:00
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
} else {
|
|
|
|
|
strncpy(tp->name, eth->name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
2000-08-10 20:09:29 +00:00
|
|
|
tp->is_dummy_entry = FALSE;
|
1998-09-25 23:24:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (tp->name);
|
|
|
|
|
|
|
|
|
|
} /* eth_name_lookup */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
static u_char *eth_addr_lookup(const u_char *name)
|
1999-11-20 05:35:15 +00:00
|
|
|
{
|
1999-11-21 16:32:23 +00:00
|
|
|
ether_t *eth;
|
1999-11-20 05:35:15 +00:00
|
|
|
hashether_t *tp;
|
|
|
|
|
hashether_t **table = eth_table;
|
1999-11-21 16:32:23 +00:00
|
|
|
int i;
|
1999-11-20 05:35:15 +00:00
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* to be optimized (hash table from name to addr) */
|
|
|
|
|
for (i = 0; i < HASHETHSIZE; i++) {
|
|
|
|
|
tp = table[i];
|
|
|
|
|
while (tp) {
|
|
|
|
|
if (strcmp(tp->name, name) == 0)
|
|
|
|
|
return tp->addr;
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* not in hash table : performs a file lookup */
|
|
|
|
|
|
|
|
|
|
if ((eth = get_ethbyname(name)) == NULL)
|
1999-11-20 05:35:15 +00:00
|
|
|
return NULL;
|
1999-11-21 16:32:23 +00:00
|
|
|
|
|
|
|
|
/* add new entry in hash table */
|
|
|
|
|
|
|
|
|
|
tp = add_eth_name(eth->addr, name);
|
|
|
|
|
|
|
|
|
|
return tp->addr;
|
|
|
|
|
|
|
|
|
|
} /* eth_addr_lookup */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* IPXNETS */
|
|
|
|
|
static int parse_ipxnets_line(char *line, ipxnet_t *ipxnet)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* We allow three address separators (':', '-', and '.'),
|
|
|
|
|
* as well as no separators
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
gchar *cp;
|
|
|
|
|
guint32 a, a0, a1, a2, a3;
|
|
|
|
|
gboolean found_single_number = FALSE;
|
|
|
|
|
|
|
|
|
|
if ((cp = strchr(line, '#')))
|
|
|
|
|
*cp = '\0';
|
1999-11-20 05:35:15 +00:00
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
if ((cp = strtok(line, " \t\n")) == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Either fill a0,a1,a2,a3 and found_single_number is FALSE,
|
|
|
|
|
* fill a and found_single_number is TRUE,
|
|
|
|
|
* or return -1
|
|
|
|
|
*/
|
|
|
|
|
if (sscanf(cp, "%x:%x:%x:%x", &a0, &a1, &a2, &a3) != 4) {
|
|
|
|
|
if (sscanf(cp, "%x-%x-%x-%x", &a0, &a1, &a2, &a3) != 4) {
|
|
|
|
|
if (sscanf(cp, "%x.%x.%x.%x", &a0, &a1, &a2, &a3) != 4) {
|
|
|
|
|
if (sscanf(cp, "%x", &a) == 1) {
|
|
|
|
|
found_single_number = TRUE;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
1999-11-20 05:35:15 +00:00
|
|
|
}
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
if ((cp = strtok(NULL, " \t\n")) == NULL)
|
|
|
|
|
return -1;
|
1999-11-20 05:35:15 +00:00
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
if (found_single_number) {
|
|
|
|
|
ipxnet->addr = a;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
ipxnet->addr = (a0 << 24) | (a1 << 16) | (a2 << 8) | a3;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
strncpy(ipxnet->name, cp, MAXNAMELEN);
|
|
|
|
|
ipxnet->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
} /* parse_ipxnets_line */
|
|
|
|
|
|
|
|
|
|
static FILE *ipxnet_p = NULL;
|
|
|
|
|
|
|
|
|
|
static void set_ipxnetent(char *path)
|
|
|
|
|
{
|
|
|
|
|
if (ipxnet_p)
|
|
|
|
|
rewind(ipxnet_p);
|
|
|
|
|
else
|
|
|
|
|
ipxnet_p = fopen(path, "r");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void end_ipxnetent(void)
|
|
|
|
|
{
|
|
|
|
|
if (ipxnet_p) {
|
|
|
|
|
fclose(ipxnet_p);
|
|
|
|
|
ipxnet_p = NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static ipxnet_t *get_ipxnetent(void)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
static ipxnet_t ipxnet;
|
|
|
|
|
static int size = 0;
|
|
|
|
|
static char *buf = NULL;
|
|
|
|
|
|
|
|
|
|
if (ipxnet_p == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
while (fgetline(&buf, &size, ipxnet_p) >= 0) {
|
|
|
|
|
if (parse_ipxnets_line(buf, &ipxnet) == 0) {
|
|
|
|
|
return &ipxnet;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
} /* get_ipxnetent */
|
|
|
|
|
|
|
|
|
|
static ipxnet_t *get_ipxnetbyname(u_char *name)
|
|
|
|
|
{
|
|
|
|
|
ipxnet_t *ipxnet;
|
|
|
|
|
|
|
|
|
|
set_ipxnetent(g_ipxnets_path);
|
|
|
|
|
|
|
|
|
|
while ((ipxnet = get_ipxnetent()) && strncmp(name, ipxnet->name, MAXNAMELEN) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
if (ipxnet == NULL) {
|
|
|
|
|
end_ipxnetent();
|
|
|
|
|
|
|
|
|
|
set_ipxnetent(g_pipxnets_path);
|
|
|
|
|
|
|
|
|
|
while ((ipxnet = get_ipxnetent()) && strncmp(name, ipxnet->name, MAXNAMELEN) != 0)
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
end_ipxnetent();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ipxnet;
|
|
|
|
|
|
|
|
|
|
} /* get_ipxnetbyname */
|
|
|
|
|
|
|
|
|
|
static ipxnet_t *get_ipxnetbyaddr(guint32 addr)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
ipxnet_t *ipxnet;
|
|
|
|
|
|
|
|
|
|
set_ipxnetent(g_ipxnets_path);
|
|
|
|
|
|
|
|
|
|
while ((ipxnet = get_ipxnetent()) && (addr != ipxnet->addr) ) ;
|
|
|
|
|
|
|
|
|
|
if (ipxnet == NULL) {
|
|
|
|
|
end_ipxnetent();
|
|
|
|
|
|
|
|
|
|
set_ipxnetent(g_pipxnets_path);
|
|
|
|
|
|
|
|
|
|
while ((ipxnet = get_ipxnetent()) && (addr != ipxnet->addr) )
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
end_ipxnetent();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ipxnet;
|
|
|
|
|
|
|
|
|
|
} /* get_ipxnetbyaddr */
|
|
|
|
|
|
|
|
|
|
static void initialize_ipxnets(void)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
/* Set g_pipxnets_path here, but don't actually do anything
|
|
|
|
|
* with it. It's used in get_ipxnetbyname() and get_ipxnetbyaddr()
|
|
|
|
|
*/
|
|
|
|
|
if (g_pipxnets_path == NULL) {
|
2000-01-29 16:41:28 +00:00
|
|
|
g_pipxnets_path = g_malloc(strlen(get_home_dir()) +
|
1999-11-21 16:32:23 +00:00
|
|
|
strlen(EPATH_PERSONAL_IPXNETS) + 2);
|
|
|
|
|
sprintf(g_pipxnets_path, "%s/%s",
|
2000-01-29 16:41:28 +00:00
|
|
|
get_home_dir(), EPATH_PERSONAL_IPXNETS);
|
1999-11-21 16:32:23 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} /* initialize_ipxnets */
|
|
|
|
|
|
|
|
|
|
static hashipxnet_t *add_ipxnet_name(u_int addr, u_char *name)
|
|
|
|
|
{
|
|
|
|
|
hashipxnet_t *tp;
|
|
|
|
|
hashipxnet_t **table = ipxnet_table;
|
|
|
|
|
|
|
|
|
|
/* XXX - check goodness of hash function */
|
|
|
|
|
|
|
|
|
|
tp = table[ addr & (HASHIPXNETSIZE - 1)];
|
1999-11-20 05:35:15 +00:00
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
1999-11-21 16:32:23 +00:00
|
|
|
tp = table[ addr & (HASHIPXNETSIZE - 1)] =
|
|
|
|
|
(hashipxnet_t *)g_malloc(sizeof(hashipxnet_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashipxnet_t *)g_malloc(sizeof(hashipxnet_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
1999-11-20 05:35:15 +00:00
|
|
|
}
|
1999-11-21 16:32:23 +00:00
|
|
|
|
|
|
|
|
tp->addr = addr;
|
|
|
|
|
strncpy(tp->name, name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
|
|
|
|
return tp;
|
|
|
|
|
|
|
|
|
|
} /* add_ipxnet_name */
|
|
|
|
|
|
|
|
|
|
static u_char *ipxnet_name_lookup(const u_int addr)
|
|
|
|
|
{
|
|
|
|
|
hashipxnet_t *tp;
|
|
|
|
|
hashipxnet_t **table = ipxnet_table;
|
|
|
|
|
ipxnet_t *ipxnet;
|
|
|
|
|
|
|
|
|
|
tp = table[ addr & (HASHIPXNETSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ addr & (HASHIPXNETSIZE - 1)] =
|
|
|
|
|
(hashipxnet_t *)g_malloc(sizeof(hashipxnet_t));
|
|
|
|
|
} else {
|
1999-11-20 05:35:15 +00:00
|
|
|
while(1) {
|
1999-11-21 16:32:23 +00:00
|
|
|
if (tp->addr == addr) {
|
|
|
|
|
return tp->name;
|
1999-11-20 05:35:15 +00:00
|
|
|
}
|
|
|
|
|
if (tp->next == NULL) {
|
1999-11-21 16:32:23 +00:00
|
|
|
tp->next = (hashipxnet_t *)g_malloc(sizeof(hashipxnet_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
1999-11-20 05:35:15 +00:00
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
1999-11-21 16:32:23 +00:00
|
|
|
|
|
|
|
|
/* fill in a new entry */
|
1999-11-20 05:35:15 +00:00
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
tp->addr = addr;
|
|
|
|
|
tp->next = NULL;
|
|
|
|
|
|
|
|
|
|
if ( (ipxnet = get_ipxnetbyaddr(addr)) == NULL) {
|
|
|
|
|
/* unknown name */
|
|
|
|
|
sprintf(tp->name, "%X", addr);
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
strncpy(tp->name, ipxnet->name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (tp->name);
|
|
|
|
|
|
|
|
|
|
} /* ipxnet_name_lookup */
|
|
|
|
|
|
|
|
|
|
static u_int ipxnet_addr_lookup(u_char *name, gboolean *success)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
1999-11-21 16:32:23 +00:00
|
|
|
ipxnet_t *ipxnet;
|
|
|
|
|
hashipxnet_t *tp;
|
|
|
|
|
hashipxnet_t **table = ipxnet_table;
|
1998-09-25 23:24:07 +00:00
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
/* to be optimized (hash table from name to addr) */
|
1999-11-21 16:32:23 +00:00
|
|
|
for (i = 0; i < HASHIPXNETSIZE; i++) {
|
1998-09-25 23:24:07 +00:00
|
|
|
tp = table[i];
|
|
|
|
|
while (tp) {
|
|
|
|
|
if (strcmp(tp->name, name) == 0)
|
|
|
|
|
return tp->addr;
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* not in hash table : performs a file lookup */
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
if ((ipxnet = get_ipxnetbyname(name)) == NULL) {
|
|
|
|
|
*success = FALSE;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
/* add new entry in hash table */
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
tp = add_ipxnet_name(ipxnet->addr, name);
|
1998-09-25 23:24:07 +00:00
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
*success = TRUE;
|
1998-09-25 23:24:07 +00:00
|
|
|
return tp->addr;
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
} /* ipxnet_addr_lookup */
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* External Functions
|
|
|
|
|
*/
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
extern u_char *get_hostname(u_int addr)
|
|
|
|
|
{
|
2000-08-10 20:09:29 +00:00
|
|
|
gboolean found;
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
if (!g_resolving_actif)
|
|
|
|
|
return ip_to_str((guint8 *)&addr);
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
return host_name_lookup(addr, &found);
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
1999-03-28 18:32:03 +00:00
|
|
|
extern gchar *get_hostname6(struct e_in6_addr *addr)
|
|
|
|
|
{
|
2000-08-10 20:09:29 +00:00
|
|
|
gboolean found;
|
|
|
|
|
|
1999-03-28 18:32:03 +00:00
|
|
|
#ifdef INET6
|
|
|
|
|
if (!g_resolving_actif)
|
|
|
|
|
return ip6_to_str(addr);
|
|
|
|
|
if (IN6_IS_ADDR_LINKLOCAL(addr) || IN6_IS_ADDR_MULTICAST(addr))
|
|
|
|
|
return ip6_to_str(addr);
|
|
|
|
|
#endif
|
2000-08-10 20:09:29 +00:00
|
|
|
|
|
|
|
|
return host_name_lookup6(addr, &found);
|
1999-03-28 18:32:03 +00:00
|
|
|
}
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
extern void add_host_name(u_int addr, u_char *name)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
hashname_t *tp;
|
|
|
|
|
hashname_t **table = host_table;
|
|
|
|
|
|
|
|
|
|
tp = table[ addr & (HASHHOSTSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
tp = table[ addr & (HASHHOSTSIZE - 1)] =
|
|
|
|
|
(hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
} else {
|
|
|
|
|
while(1) {
|
2000-08-10 20:09:29 +00:00
|
|
|
if (tp->addr == addr) {
|
2000-08-08 16:21:24 +00:00
|
|
|
/* address already known */
|
2000-08-10 20:09:29 +00:00
|
|
|
if (!tp->is_dummy_entry) {
|
|
|
|
|
return;
|
|
|
|
|
} else {
|
|
|
|
|
/* replace this dummy entry with the new one */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2000-08-08 16:21:24 +00:00
|
|
|
}
|
1998-09-25 23:24:07 +00:00
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
tp->next = (hashname_t *)g_malloc(sizeof(hashname_t));
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
strncpy(tp->name, name, MAXNAMELEN);
|
|
|
|
|
tp->name[MAXNAMELEN-1] = '\0';
|
|
|
|
|
tp->addr = addr;
|
|
|
|
|
tp->next = NULL;
|
2000-08-10 20:09:29 +00:00
|
|
|
tp->is_dummy_entry = FALSE;
|
1998-09-25 23:24:07 +00:00
|
|
|
|
|
|
|
|
} /* add_host_name */
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
extern u_char *get_udp_port(u_int port)
|
|
|
|
|
{
|
|
|
|
|
static gchar str[3][MAXNAMELEN];
|
|
|
|
|
static gchar *cur;
|
|
|
|
|
|
|
|
|
|
if (!g_resolving_actif) {
|
|
|
|
|
if (cur == &str[0][0]) {
|
|
|
|
|
cur = &str[1][0];
|
|
|
|
|
} else if (cur == &str[1][0]) {
|
|
|
|
|
cur = &str[2][0];
|
|
|
|
|
} else {
|
|
|
|
|
cur = &str[0][0];
|
|
|
|
|
}
|
2000-08-19 08:26:04 +00:00
|
|
|
sprintf(cur, "%u", port);
|
1998-09-16 02:39:15 +00:00
|
|
|
return cur;
|
|
|
|
|
}
|
|
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
return serv_name_lookup(port, PT_UDP);
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
} /* get_udp_port */
|
|
|
|
|
|
|
|
|
|
extern u_char *get_tcp_port(u_int port)
|
|
|
|
|
{
|
|
|
|
|
static gchar str[3][MAXNAMELEN];
|
|
|
|
|
static gchar *cur;
|
|
|
|
|
|
|
|
|
|
if (!g_resolving_actif) {
|
|
|
|
|
if (cur == &str[0][0]) {
|
|
|
|
|
cur = &str[1][0];
|
|
|
|
|
} else if (cur == &str[1][0]) {
|
|
|
|
|
cur = &str[2][0];
|
|
|
|
|
} else {
|
|
|
|
|
cur = &str[0][0];
|
|
|
|
|
}
|
2000-08-19 08:26:04 +00:00
|
|
|
sprintf(cur, "%u", port);
|
1998-09-16 02:39:15 +00:00
|
|
|
return cur;
|
|
|
|
|
}
|
|
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
return serv_name_lookup(port, PT_TCP);
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
} /* get_tcp_port */
|
|
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
extern u_char *get_sctp_port(u_int port)
|
|
|
|
|
{
|
|
|
|
|
static gchar str[3][MAXNAMELEN];
|
|
|
|
|
static gchar *cur;
|
|
|
|
|
|
|
|
|
|
if (!g_resolving_actif) {
|
|
|
|
|
if (cur == &str[0][0]) {
|
|
|
|
|
cur = &str[1][0];
|
|
|
|
|
} else if (cur == &str[1][0]) {
|
|
|
|
|
cur = &str[2][0];
|
|
|
|
|
} else {
|
|
|
|
|
cur = &str[0][0];
|
|
|
|
|
}
|
|
|
|
|
sprintf(cur, "%u", port);
|
|
|
|
|
return cur;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return serv_name_lookup(port, PT_SCTP);
|
|
|
|
|
|
|
|
|
|
} /* get_sctp_port */
|
|
|
|
|
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
extern u_char *get_ether_name(const u_char *addr)
|
1998-09-25 23:24:07 +00:00
|
|
|
{
|
|
|
|
|
if (!g_resolving_actif)
|
|
|
|
|
return ether_to_str((guint8 *)addr);
|
|
|
|
|
|
|
|
|
|
if (!eth_resolution_initialized) {
|
|
|
|
|
initialize_ethers();
|
|
|
|
|
eth_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return eth_name_lookup(addr);
|
|
|
|
|
|
|
|
|
|
} /* get_ether_name */
|
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* Look for an ether name in the hash, and return it if found.
|
|
|
|
|
* If it's not found, simply return NULL. We DO NOT make a new
|
|
|
|
|
* hash entry for it with the hex digits turned into a string.
|
|
|
|
|
*/
|
|
|
|
|
u_char *get_ether_name_if_known(const u_char *addr)
|
|
|
|
|
{
|
|
|
|
|
hashether_t *tp;
|
|
|
|
|
hashether_t **table = eth_table;
|
|
|
|
|
int i,j;
|
|
|
|
|
|
|
|
|
|
/* Initialize ether structs if we're the first
|
|
|
|
|
* ether-related function called */
|
|
|
|
|
if (!g_resolving_actif)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
if (!eth_resolution_initialized) {
|
|
|
|
|
initialize_ethers();
|
|
|
|
|
eth_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
j = (addr[2] << 8) | addr[3];
|
|
|
|
|
i = (addr[4] << 8) | addr[5];
|
|
|
|
|
|
|
|
|
|
tp = table[ (i ^ j) & (HASHETHSIZE - 1)];
|
|
|
|
|
|
|
|
|
|
if( tp == NULL ) {
|
|
|
|
|
/* Hash key not found in table.
|
|
|
|
|
* Force a lookup (and a hash entry) for addr, then call
|
|
|
|
|
* myself. I plan on not getting into an infinite loop because
|
|
|
|
|
* eth_name_lookup() is guaranteed to make a hashtable entry,
|
|
|
|
|
* so when I call myself again, I can never get into this
|
|
|
|
|
* block of code again. Knock on wood...
|
|
|
|
|
*/
|
|
|
|
|
(void) eth_name_lookup(addr);
|
|
|
|
|
return get_ether_name_if_known(addr); /* a well-placed goto would suffice */
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
while(1) {
|
|
|
|
|
if (memcmp(tp->addr, addr, sizeof(tp->addr)) == 0) {
|
2000-08-10 20:09:29 +00:00
|
|
|
if (!tp->is_dummy_entry) {
|
1999-11-21 16:32:23 +00:00
|
|
|
/* A name was found, and its origin is an ethers file */
|
|
|
|
|
return tp->name;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
/* A name was found, but it was created, not found in a file */
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (tp->next == NULL) {
|
|
|
|
|
/* Read my reason above for why I'm sure I can't get into an infinite loop */
|
|
|
|
|
(void) eth_name_lookup(addr);
|
|
|
|
|
return get_ether_name_if_known(addr); /* a well-placed goto would suffice */
|
|
|
|
|
}
|
|
|
|
|
tp = tp->next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
extern u_char *get_ether_addr(u_char *name)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
/* force resolution (do not check g_resolving_actif) */
|
|
|
|
|
|
|
|
|
|
if (!eth_resolution_initialized) {
|
|
|
|
|
initialize_ethers();
|
|
|
|
|
eth_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return eth_addr_lookup(name);
|
|
|
|
|
|
|
|
|
|
} /* get_ether_addr */
|
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
extern void add_ether_byip(u_int ip, const u_char *eth)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
u_char *host;
|
|
|
|
|
gboolean found;
|
|
|
|
|
|
|
|
|
|
/* first check that IP address can be resolved */
|
|
|
|
|
|
|
|
|
|
if ((host = host_name_lookup(ip, &found)) == NULL)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
/* ok, we can add this entry in the ethers hashtable */
|
|
|
|
|
|
|
|
|
|
if (found)
|
|
|
|
|
add_eth_name(eth, host);
|
|
|
|
|
|
|
|
|
|
} /* add_ether_byip */
|
1999-11-21 16:32:23 +00:00
|
|
|
|
|
|
|
|
extern u_char *get_ipxnet_name(const guint32 addr)
|
|
|
|
|
{
|
1999-11-22 06:03:46 +00:00
|
|
|
|
|
|
|
|
if (!g_resolving_actif) {
|
|
|
|
|
return ipxnet_to_str_punct(addr, '\0');
|
|
|
|
|
}
|
1999-11-21 16:32:23 +00:00
|
|
|
|
|
|
|
|
if (!ipxnet_resolution_initialized) {
|
|
|
|
|
initialize_ipxnets();
|
|
|
|
|
ipxnet_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ipxnet_name_lookup(addr);
|
|
|
|
|
|
|
|
|
|
} /* get_ipxnet_name */
|
|
|
|
|
|
|
|
|
|
extern guint32 get_ipxnet_addr(u_char *name, gboolean *known)
|
|
|
|
|
{
|
|
|
|
|
guint32 addr;
|
|
|
|
|
gboolean success;
|
|
|
|
|
|
|
|
|
|
/* force resolution (do not check g_resolving_actif) */
|
|
|
|
|
|
|
|
|
|
if (!ipxnet_resolution_initialized) {
|
|
|
|
|
initialize_ipxnets();
|
|
|
|
|
ipxnet_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
addr = ipxnet_addr_lookup(name, &success);
|
|
|
|
|
|
|
|
|
|
*known = success;
|
|
|
|
|
return addr;
|
|
|
|
|
|
|
|
|
|
} /* get_ipxnet_addr */
|
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
extern u_char *get_manuf_name(u_char *addr)
|
|
|
|
|
{
|
|
|
|
|
static gchar str[3][MAXMANUFLEN];
|
|
|
|
|
static gchar *cur;
|
|
|
|
|
hashmanuf_t *manufp;
|
|
|
|
|
|
|
|
|
|
if (g_resolving_actif && !eth_resolution_initialized) {
|
|
|
|
|
initialize_ethers();
|
|
|
|
|
eth_resolution_initialized = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!g_resolving_actif || ((manufp = manuf_name_lookup(addr)) == NULL)) {
|
|
|
|
|
if (cur == &str[0][0]) {
|
|
|
|
|
cur = &str[1][0];
|
|
|
|
|
} else if (cur == &str[1][0]) {
|
|
|
|
|
cur = &str[2][0];
|
|
|
|
|
} else {
|
|
|
|
|
cur = &str[0][0];
|
|
|
|
|
}
|
|
|
|
|
sprintf(cur, "%02x:%02x:%02x", addr[0], addr[1], addr[2]);
|
|
|
|
|
return cur;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return manufp->name;
|
|
|
|
|
|
|
|
|
|
} /* get_manuf_name */
|
1999-07-07 22:52:57 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
/* Translate a string, assumed either to be a dotted-quad IP address or
|
|
|
|
|
* a host name, to a numeric IP address. Return TRUE if we succeed and
|
|
|
|
|
* set "*addrp" to that numeric IP address; return FALSE if we fail.
|
1999-07-07 22:52:57 +00:00
|
|
|
* Used more in the dfilter parser rather than in packet dissectors */
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
gboolean get_host_ipaddr(const char *host, guint32 *addrp)
|
1999-07-07 22:52:57 +00:00
|
|
|
{
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
struct in_addr ipaddr;
|
|
|
|
|
struct hostent *hp;
|
1999-07-07 22:52:57 +00:00
|
|
|
|
1999-10-14 05:41:33 +00:00
|
|
|
/*
|
|
|
|
|
* don't change it to inet_pton(AF_INET), they are not 100% compatible.
|
|
|
|
|
* inet_pton(AF_INET) does not support hexadecimal notation nor
|
|
|
|
|
* less-than-4 octet notation.
|
|
|
|
|
*/
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
if (!inet_aton(host, &ipaddr)) {
|
|
|
|
|
/* It's not a valid dotted-quad IP address; is it a valid
|
|
|
|
|
* host name? */
|
|
|
|
|
hp = gethostbyname(host);
|
1999-07-07 22:52:57 +00:00
|
|
|
if (hp == NULL) {
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
/* No. */
|
|
|
|
|
return FALSE;
|
2000-11-19 19:45:54 +00:00
|
|
|
/* Apparently, some versions of gethostbyaddr can
|
|
|
|
|
* return IPv6 addresses. */
|
|
|
|
|
} else if (hp->h_length <= sizeof (struct in_addr)) {
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
memcpy(&ipaddr, hp->h_addr, hp->h_length);
|
2000-11-19 19:45:54 +00:00
|
|
|
} else {
|
|
|
|
|
return FALSE;
|
1999-07-07 22:52:57 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
*addrp = ntohl(ipaddr.s_addr);
|
|
|
|
|
return TRUE;
|
1999-07-07 22:52:57 +00:00
|
|
|
}
|
1999-10-14 05:41:33 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Translate IPv6 numeric address or FQDN hostname, into binary IPv6 address.
|
|
|
|
|
* Return TRUE if we succeed and set "*addrp" to that numeric IP address;
|
|
|
|
|
* return FALSE if we fail.
|
|
|
|
|
*/
|
|
|
|
|
gboolean get_host_ipaddr6(const char *host, struct e_in6_addr *addrp)
|
|
|
|
|
{
|
|
|
|
|
struct hostent *hp;
|
|
|
|
|
|
|
|
|
|
if (inet_pton(AF_INET6, host, addrp) == 1)
|
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
|
|
/* try FQDN */
|
|
|
|
|
#ifdef HAVE_GETHOSTBYNAME2
|
|
|
|
|
hp = gethostbyname2(host, AF_INET6);
|
|
|
|
|
#else
|
|
|
|
|
hp = NULL;
|
|
|
|
|
#endif
|
|
|
|
|
if (hp != NULL && hp->h_length == sizeof(struct e_in6_addr)) {
|
|
|
|
|
memcpy(addrp, hp->h_addr, hp->h_length);
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|