10 #define DEVNAME "eth0"
14 pcap_t *open_pcap(char *device)
17 char errbuf[PCAP_ERRBUF_SIZE];
21 if ( (device = pcap_lookupdev(errbuf)) == NULL)
23 fprintf(stderr, "pcap_lookup: %s\n", errbuf);
28 if ( (pd = pcap_open_live(device, 1500, 1, 500, errbuf)) == NULL)
30 fprintf(stderr, "pcap_open_live: %s\n", errbuf);
37 void showstats(pcap_t *pd)
39 struct pcap_stat stats;
44 if (pcap_stats(pd, &stats) < 0)
46 fprintf(stderr, "cap_stats: %s\n", pcap_geterr(pd));
49 printf("%d packets recieved by filter\n", stats.ps_recv);
50 printf("%d packets dropped by kernel\n", stats.ps_drop);
55 char *next_pcap(pcap_t *pd, struct pcap_pkthdr *hdr)
59 while ( (ptr = (char *)pcap_next(pd, hdr)) == NULL)
66 * This covers stage two of the fast-path, after we've determined its
67 * an incoming RPL frame.
71 void processframe(struct pcap_pkthdr *hdr, char *pkt, char *device)
73 static struct ether_header *ether = NULL;
75 u_int8_t cmpaddr[ETH_ALEN] = {0x10, 0x00, 0x5a, 0x3b, 0x0b, 0x72};
76 u_int8_t cmpaddr[ETH_ALEN] = {0x03, 0x00, 0x02, 0x00, 0x00, 0x00};
78 if ( (!hdr) || (!pkt) )
81 ether = (struct ether_header *)pkt;
83 if (hdr->caplen != hdr->len)
84 fprintf(stderr, "rpld: caplen/len mismatch\n");
87 if ((clientaddr[0] != 0xff) && cmpether(clientaddr, ether->ether_shost))
90 fprintf(stderr, "rpld: got a %sframe from our client\n", (cmpether(multicastaddr, ether->ether_dhost))?"multicast ":"");
91 command = (pkt[19]<<8)+pkt[20];
92 fprintf(stderr, "rpld: command: 0x%04x\n", command);
95 if (command == 0x0001) /* FIND */
96 send_found(link, device);
97 else if (command == 0x0010) /* Send File Request */
98 send_file(link, device);
102 else if (cmpether(multicastaddr, ether->ether_dhost))
104 if (clientaddr[0] != 0xff)
106 /* we're already servicing another client */
107 fprintf(stderr, "rpld: not adding client %s\n", printether(ether->ether_shost));
112 /* we're not busy yet, lets process this one */
113 fprintf(stderr, "rpld: adding client %s\n", printether(ether->ether_shost));
114 memcpy(clientaddr, ether->ether_shost, ETH_ALEN);
118 else if (cmpether(clientaddr, ether->ether_dhost))
120 fprintf(stderr, "rpld: showing outgoing frame...\n");
121 printframe(hdr, pkt);
125 fprintf(stderr, "rpld: uncaught case\n");
128 if (cmpether(cmpaddr, ether->ether_shost) ||
129 cmpether(cmpaddr, ether->ether_dhost) )
131 printf("\n\n%s > ", printether(ether->ether_shost));
132 printf("%s\n", printether(ether->ether_dhost));
135 printf("\aSTATUS CHANGE\n");
137 //pkt = 18; /* skip over ethernet headers */
138 for (i=0;i<hdr->caplen;i+=2)
142 printf("%02x%02x ", pkt[i] &0xff, pkt[i+1] & 0xff);
161 unsigned char channel;
162 unsigned short seqnum;
175 void (*parser)(u_char *data, int len);
180 struct subtype_s subtypes[21];
188 {"Client Ready", NULL},
189 {"Server Ready", NULL},
190 {"Service Request", NULL},
192 {"Rate Information Request", NULL},
193 {"Rate Information", NULL},
194 {"Rate Information Ack", NULL},
195 {"Rate Information Change", NULL},
196 {"Server Pause", NULL},
197 {"Server Resume", NULL},
198 {"Request Personal User Information", NULL},
199 {"Personal User Information", NULL},
200 {"Evil Notification", NULL},
201 {"Migration notice", NULL},
202 {"Message of the Day", NULL},
203 {"Set Privacy Flags", NULL},
204 {"Well Known URL", NULL},
211 {"Request Rights", NULL},
212 {"Rights Information", NULL},
213 {"Set user information", NULL},
214 {"Request User Information", NULL},
215 {"User Information", NULL},
216 {"Watcher Sub Request", NULL},
217 {"Watcher Notification", NULL},
220 {"Buddy List Management", {
223 {"Request Rights", NULL},
224 {"Rights Information", NULL},
226 {"Remove Buddy", NULL},
227 {"Watcher List Query", NULL},
228 {"Watcher List Response", NULL},
229 {"Watcher SubRequest", NULL},
230 {"Watcher Notification", NULL},
231 {"Reject Notification", NULL},
232 {"Oncoming Buddy", NULL},
233 {"Offgoing Buddy", NULL},
239 {"Add ICBM Parameter", NULL},
240 {"Remove ICBM Parameter", NULL},
241 {"Request Parameter Information", NULL},
242 {"Parameter Information", NULL},
243 {"Outgoing Message", NULL},
244 {"Incoming Message", parser_icbm_incoming},
245 {"Evil Request", NULL},
246 {"Evil Reply", NULL},
247 {"Missed Calls", NULL},
248 {"Message Error", NULL},
255 {"Request Ad", NULL},
256 {"Ad Data (GIFs)", NULL},
259 {"Invitation / Client-to-Client", {
262 {"Invite a Friend", NULL},
263 {"Invitation Ack", NULL},
269 {"Information Request", NULL},
270 {"Information Reply", NULL},
271 {"Information Change Request", NULL},
272 {"Information Chat Reply", NULL},
273 {"Account Confirm Request", NULL},
274 {"Account Confirm Reply", NULL},
275 {"Account Delete Request", NULL},
276 {"Account Delete Reply", NULL},
282 {"Display Popup", NULL},
288 {"Request Rights", NULL},
289 {"Rights Response", NULL},
290 {"Set group permission mask", NULL},
291 {"Add permission list entries", NULL},
292 {"Delete permission list entries", NULL},
293 {"Add deny list entries", NULL},
294 {"Delete deny list entries", NULL},
295 {"Server Error", NULL},
301 {"Search Request", NULL},
302 {"Search Response", NULL},
308 {"Set minimum report interval", NULL},
309 {"Report Events", NULL},
315 {"Translate Request", NULL},
316 {"Translate Reply", NULL},
319 {"Chat Navigation", {
322 {"Request rights", NULL},
323 {"Request Exchange Information", NULL},
324 {"Request Room Information", NULL},
325 {"Request Occupant List", NULL},
326 {"Search for Room", NULL},
327 {"Create Room", NULL},
328 {"Navigation Information", NULL},
334 {"Room Information Update", NULL},
335 {"Users Joined", NULL},
336 {"Users Left", NULL},
337 {"Outgoing Message", NULL},
338 {"Incoming Message", NULL},
339 {"Evil Request", NULL},
340 {"Evil Reply", NULL},
341 {"Chat Error", NULL},
349 void detectaim(struct pcap_pkthdr *hdr, char *pkt)
352 struct ether_header *ether = NULL;
353 struct iphdr *ip = NULL;
354 struct tcphdr*tcp= NULL;
355 struct flaphdr *flap = NULL;
356 struct snachdr *snac = NULL;
362 if ( (!hdr) || (!pkt) )
365 if (hdr->caplen != hdr->len)
366 fprintf(stderr, "aimdump: caplen/len mismatch\n");
368 newlen = hdr->caplen;
370 ether = (struct ether_header *)pkt;
373 printf("\n\naimdump: %s > ", printether(ether->ether_shost));
374 printf("%s\n", printether(ether->ether_dhost));
377 pkt += sizeof(struct ether_header); /* skip over ether headers */
378 newlen -= sizeof(struct ether_header);
380 ip = (struct iphdr *)pkt;
381 if (ip->version != 0x4)
382 return; /* ditch non IPv4 packets */
384 newlen -= (ip->ihl)*4;
386 tcp = (struct tcphdr *)pkt;
387 if(!tcp->psh) /* we only want actual data packets */
389 pkt += sizeof(struct tcphdr);
390 newlen -= sizeof(struct tcphdr);
392 flap = (struct flaphdr *)pkt;
394 if (flap->start != 0x2a)
395 return; /* ditch non-FLAP packets */
398 /* TODO: notify user of new connections (SYN) and closed connections (FIN) */
399 printf("\nTCP options: %s %s %s %s %s %s\n\n",
408 flap->seqnum = ntohs(flap->seqnum);
409 flap->len = ntohs(flap->len);
411 snac = (struct snachdr *)(pkt+6);
413 snac->family = ntohs(snac->family);
414 snac->subtype= ntohs(snac->subtype);
415 snac->id = (htons(snac->id & 0x0000ffff)) + (htons(snac->id >>16)<<16);
417 printf("\n--------------------\n");
419 struct in_addr tmpaddr;
420 tmpaddr.s_addr = ip->saddr;
421 printf("%s -> ", inet_ntoa(tmpaddr));
422 tmpaddr.s_addr = ip->daddr;
423 printf("%s\n\n", inet_ntoa(tmpaddr));
426 printf("\tChannel:\t0x%02x\t\tSeqNum:\t0x%04x\n\tLength:\t\t0x%04x\n",
431 /* jump around flap */
435 if ((snac->family == 0x0000) && (snac->subtype == 0x0001))
437 printf("\t\tNo SNAC. ACK only.\n");
443 /* for overrun checking... */
444 for (maxfamily=1;snactypes[maxfamily].family; maxfamily++)
446 if (snac->family <= maxfamily)
448 for (maxsubtype=1;snactypes[snac->family].subtypes[maxsubtype].name; maxsubtype++)
454 printf("\tFamily:\t\t0x%04x (%s)\n",
456 (snac->family > maxfamily)?"Out of Range":snactypes[snac->family].family);
457 printf("\tSubtype:\t0x%04x (%s)\n",
459 (snac->subtype > maxsubtype)?"Out of Range":snactypes[snac->family].subtypes[snac->subtype].name);
460 printf("\tFlags:\t\t0x%02x,0x%02x\tID:\t0x%08lx\n", snac->flags[0], snac->flags[1], snac->id);
462 /* jump around snac */
466 if (snactypes[snac->family].subtypes[snac->subtype].parser)
467 (*(snactypes[snac->family].subtypes[snac->subtype].parser))((u_char *)pkt, newlen);
472 for (i=0;i<newlen;i+=2)
476 printf("%02x%02x ", pkt[i] &0xff, pkt[i+1] & 0xff);
484 int main(int argc, char **argv)
486 struct pcap_pkthdr hdr;
489 if ((pd = open_pcap(NULL)) == NULL)
491 fprintf(stderr, "error in open_pcap\n");
495 signal(SIGINT, sigint);
498 if ((localmac = (u_int8_t *)get_hwaddr(link, DEVNAME, errbuf)) == NULL)
500 fprintf(stderr, "rpld: Unable to get local MAC address, using default\n");
501 localmac = defsource;
504 fprintf(stderr, "rpld: Local MAC Address: %s\n", printether((u_int8_t *)localmac));
508 while ((pkt = next_pcap(pd, &hdr)))
510 detectaim(&hdr, pkt);
511 //printframe(&hdr, pkt);
515 while (pkt = next_pcap(pd, &hdr))
518 * Since this is the fast-path (it gets executed for
519 * EVERY frame that gets captured -- this could be HUGE
520 * on busy 100mb LANs), we need to determine if this frame
521 * needs further processing as fast as possible...
523 etherhdr = (struct ether_header *)pkt;
525 /* this should cover everything */
526 if ( (etherhdr->ether_type == (ETHERTYPE_INCOMING<<8)) ||
527 (etherhdr->ether_type == (ETHERTYPE_FOUND<<8)) ||
528 (etherhdr->ether_type == (ETHERTYPE_DATA<<8)) )
529 processframe(&hdr, pkt, link, DEVNAME);
531 fprintf(stderr, "rpld: skipping ethertype %04x\n", etherhdr->ether_type);