📄 ipa_ctl.c
字号:
Header_t *pheader;
IP_MAC_NAME_t *plist, *pnode;
int i;
int pos;
char *buf;
int ret;
int ipListLen;
pheader = (Header_t *)resp;
pheader->buflen = htonl(sizeof(Header_t));
*resplen = sizeof(Header_t);
pnode = (IP_MAC_NAME_t *)(reqBuf+sizeof(Header_t));
ret = comReadShfn(gd_IP_LIST_file, 0, 4, (char *)&ipListLen) ;
if (ret < 0)
{
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comReadShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 1;
}
if (ipListLen > 0)
{
plist = (IP_MAC_NAME_t *)calloc(sizeof(IP_MAC_NAME_t), ipListLen);
if (plist == NULL)
{
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "calloc() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return -1;
}
ret = comReadShfn(gd_IP_LIST_file, 4, ipListLen*sizeof(IP_MAC_NAME_t), (char *)plist);
if (ret < 0)
{
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comReadShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return -1;
}
for (i=0; i<ipListLen; i++)
{
//printf("plist[i].ip[%s] pnode->ip[%s]\n", plist[i].ip, pnode->ip);
if ( (strcmp(plist[i].mac, pnode->mac) == 0) ||
(strcmp(plist[i].ip, pnode->ip) == 0) )
{
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "The MAC or IP Had exist in ip list, can not twice!\n");
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 0;
}
}
free(plist);
}
fSemSetPlus(gd_semfd, 0);
ret = comWriteShfn(gd_IP_LIST_file, 4+ipListLen*sizeof(IP_MAC_NAME_t), (char *)pnode, sizeof(IP_MAC_NAME_t)) ;
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comWriteShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 0;
}
ipListLen ++;
ret = comWriteShfn(gd_IP_LIST_file, 0, (char *)&ipListLen, 4);
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
return -1;
}
fSemSetSub(gd_semfd, 0);
pheader->code = htonl(0);
return 0;
}
int deal_delete_ip_list(char *reqBuf, int requestlen, char *resp, int *resplen)
{
Header_t *pheader;
IP_MAC_NAME_t *plist, *pnode;
int i, ret;
int pos;
char *buf;
int ipListLen;
pheader = (Header_t *)resp;
pheader->buflen = htonl(sizeof(Header_t));
*resplen = sizeof(Header_t);
pnode = (IP_MAC_NAME_t *)(reqBuf+sizeof(Header_t));
ret = comReadShfn(gd_IP_LIST_file, 0, 4, (char *)&ipListLen) ;
if (ret < 0)
{
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comReadShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 1;
}
//ip list is empty
if (ipListLen < 1)
{
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "The ip list is empty, can not delete any <ip mac user>!\n");
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
pheader->code = htonl(2);
*resplen = pos;
return 1;
}
plist = (IP_MAC_NAME_t *)calloc(sizeof(IP_MAC_NAME_t), ipListLen);
if (plist == NULL)
{
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "calloc() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return -1;
}
ret = comReadShfn(gd_IP_LIST_file, 4, ipListLen*sizeof(IP_MAC_NAME_t), (char *)plist);
if (ret < 0)
{
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comReadShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return -1;
}
for (i=0; i<ipListLen; i++)
{
//printf("strcmp(plist[%d].mac[%s] pnode->mac[%s]\n", i, plist[i].mac, pnode->mac);
if (strcmp(plist[i].ip, pnode->ip) == 0)
{
break;
}
}
if (i == ipListLen)
{
free(plist);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "Can not find ip[%s] in the ip list!\n", pnode->ip);
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
pheader->code = htonl(2);
*resplen = pos;
return 1;
}
fSemSetPlus(gd_semfd, 0);
ret = comMkShfn(gd_IP_LIST_file, 4, 1);
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comMkShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 1;
}
i = ipListLen - 1;
ret = comWriteShfn(gd_IP_LIST_file, 0, (char *)&i, 4) ;
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "comWriteShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 1;
}
for (i=0; i<ipListLen; i++)
{
if (strcmp(plist[i].ip, pnode->ip) == 0) continue;
ret = appendWriteShfn(gd_IP_LIST_file, (char *)(plist+i), sizeof(IP_MAC_NAME_t));
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
free(plist);
pheader->code = htonl(1);
pos = sizeof(Header_t);
buf = resp + pos;
sprintf(buf, "appendWriteShfn() fail [%s]!\n", strerror(errno));
pos += strlen(buf);
pos ++;
pheader->buflen = htonl(pos);
*resplen = pos;
return 1;
}
}
free(plist);
fSemSetSub(gd_semfd, 0);
pheader->code = htonl(0);
return 0;
}
void deal_reset_tcp(char *reqBuf, int requestlen, char *resp, int *resplen)
{
Header_t reqheader;
Header_t *pheader;
REQUEST_RESET_TCP_t *prequest_reset_tcp;
prequest_reset_tcp = (REQUEST_RESET_TCP_t *)(reqBuf+sizeof(Header_t));
send_reset( &(prequest_reset_tcp->srcmac), &(prequest_reset_tcp->srcip), prequest_reset_tcp->sport,
&(prequest_reset_tcp->destmac), &(prequest_reset_tcp->destip), prequest_reset_tcp->dport,
prequest_reset_tcp->seqnum, prequest_reset_tcp->win );
pheader = (Header_t *)resp;
pheader->buflen = htonl(sizeof(Header_t));
pheader->code = htonl(0);
*resplen = sizeof(Header_t);
return;
}
void onquitIPA(int sig)
{
int i;
for (i=0; i<gd_ipaworksvrchildpidarrdim; i++)
{
kill(gd_ipaworksvrchildpidarr[i], 15);
printf("Child process %d is stoped.\n", gd_ipaworksvrchildpidarr[i]);
}
printf("Parent process %d is stoped.\n", getpid());
exit(0);
}
int init_m_pcap()
{
char killip[17];
char *device = NULL;
int inum;
int i = 0;
int ret;
char errbuf[PCAP_ERRBUF_SIZE];
char *localIP;
// declare a bpf_program struct which is to be filled later by
// pcap_compile().
struct bpf_program fp;
// Both netp and maskp are bpf_u_int32 pointers.
// The Subnet Mask
bpf_u_int32 maskp;
// The Network Number
bpf_u_int32 netp;
struct in_addr in;
char url[256];
unsigned char bmac[6];
char *human_filter = "tcp[13] & 8 != 0";
init_chex2char();
memset(gd_winupdateip, 0, sizeof(gd_winupdateip));
ret = getWinUpdateip(gd_ipa_conf.WINDOWSUPDATE_ADDRESS, gd_winupdateip);
//if (ret < 0) exit(9);
device = gd_SNIFFER_dev;
if(pcap_lookupnet(device, &netp, &maskp, errbuf) == -1)
{
printf("%s: Error - pcap_lookupnet() %s'\n", PACKAGE, errbuf);
logit(gd_SYS_LOG_FILE, "%s: Error - pcap_lookupnet() %s'\n", PACKAGE, errbuf);
exit(9);
}
if((gd_adhandle = pcap_open_live(device, BUFSIZ, 1, 0, errbuf)) == NULL)
{
printf("%s: Error - pcap_open_live() %s'\n", PACKAGE, errbuf);
logit(gd_SYS_LOG_FILE, "%s: Error - pcap_open_live() %s'\n", PACKAGE, errbuf);
exit(9);
}
if(pcap_compile(gd_adhandle, &fp, human_filter, 0, netp) == -1)
{
printf("%s: Error - pcap_compile()'\n", PACKAGE);
logit(gd_SYS_LOG_FILE, "%s: Error - pcap_compile()'\n", PACKAGE);
exit(9);
}
if(pcap_setfilter(gd_adhandle, &fp) == -1)
{
printf("%s: Error - pcap_setfilter()'\n", PACKAGE);
logit(gd_SYS_LOG_FILE, "%s: Error - pcap_setfilter()'\n", PACKAGE);
exit(9);
}
pcap_freecode(&fp);
comSleep(100);
strcpy(killip, "127.0.0.1" );
gd_sockToKill = connectTCP(killip, getenv("IPA_SERVICE_PORT"));
if (gd_sockToKill < 0)
{
printf("%s: Error - connectTCP()'\n", strerror(errno));
logit(gd_SYS_LOG_FILE, "%s: Error - connectTCP(%s, %s)'\n", strerror(errno), killip, getenv("IPA_SERVICE_PORT"));
exit(9);
}
pcap_loop(gd_adhandle, -1, packet_handler, NULL);
pcap_close(gd_adhandle);
return 0;
}
// CALLBACK function...called for each received packet
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
int ret;
u_int ip_len;
mac_address_t *srcmac;
mac_address_t *destmac;
ip_header_t *iph;
tcp_header_t *tcph;
char reqbuf[1024];
char outbuf[256];
int reqlen, i, outlen;
Header_t *reqheader;
REQUEST_RESET_TCP_t *prequest_reset_tcp;
IP_MAC_NAME_t *pwhite_list;
IP_MAC_NAME_t *pip_list;
unsigned int t2;
int b1, b2, b3, b4;
char saddr[16];
char saddr1[16];
t2 = time(0);
//printf("t2[%d] - gd_last_time[%d] = [%d]\n", t2, gd_last_time, t2 - gd_last_time);
if ((t2 - gd_last_time) > 5)
{
fSemSetPlus(gd_semfd, 0);
if (gd_white_list_len > 0)
{
free(gd_white_ip_mac);
gd_white_list_len = 0;
}
ret = comReadShfn(gd_WHITE_LIST_file, 0, 4, (char *)&gd_white_list_len) ;
if (ret < 0)
{
fSemSetSub(gd_semfd, 0);
return;
}
if (gd_white_list_len > 0)
{
pwhite_list = (IP_MAC_NAME_t *)calloc(sizeof(IP_MAC_NAME_t), gd_white_list_len);
if (pwhite_list == NULL)
{
fSemSetSub(gd_semfd, 0);
return;
}
ret = comReadShfn(gd_WHITE_LIST_file, 4, gd_white_list_len*sizeof(IP_MAC_NAME_t), (char *)pwhite_list) ;
if (ret < 0)
{
free(pwhite_list);
fSemSetSub(gd_semfd, 0);
return;
}
gd_white_ip_mac = (IP_MAC_t *)calloc(sizeof(IP_MAC_t), gd_white_list_len);
if (gd_white_ip_mac == NULL)
{
free(pwhite_list);
fSemSetSub(gd_semfd, 0);
return;
}
//printf("\n");
for (i=0; i<gd_white_list_len; i++)
{
//printf("WHITE i[%d] ip[%s] mac[%s]\n", i, pwhite_list[i].ip, pwhite_list[i].mac);
charMac2binMac(pwhite_list[i].mac, gd_white_ip_mac[i].mac);
gd_white_ip_mac[i].ip = inet_addr(pwhite_list[i].ip);
}
//printf("\n");
free(pwhite_list);
}
fSemSetSub(gd_semfd, 0);
gd_last_time = t2;
}
t2 = time(0);
//printf("t2[%d] - gd_last_ip_time[%d] = [%d]\n", t2, gd_last_ip_time, t2 - gd_last_ip_time);
if ((t2 - gd_last_ip_time) > 8)
{
fSemSetPlus(gd_semfd, 1);
if (gd_ip_list_len > 0)
{
free(gd_ip_mac);
gd_ip_list_len = 0;
}
ret = comReadShfn(gd_IP_LIST_file, 0, 4, (char *)&gd_ip_list_len) ;
if (ret < 0)
{
fSemSetSub(gd_semfd, 1);
return;
}
if (gd_ip_list_len > 0)
{
pip_list = (IP_MAC_NAME_t *)calloc(sizeof(IP_MAC_NAME_t), gd_ip_list_len);
if (pip_list == NULL)
{
fSemSetSub(gd_semfd, 1);
return;
}
ret = comReadShfn(gd_IP_LIST_file, 4, gd_ip_list_len*sizeof(IP_MAC_NAME_t), (char *)pip_list) ;
if (ret < 0)
{
free(pip_list);
fSemSetSub(gd_semfd, 1);
return;
}
gd_ip_mac = (IP_MAC_t *)calloc(sizeof(IP_MAC_t), gd_ip_list_len);
if (gd_ip_mac == NULL)
{
free(pip_list);
fSemSetSub(gd_semfd, 1);
return;
}
//printf("\n");
for (i=0; i<gd_ip_list_len; i++)
{
//printf("IP i[%d] ip[%s] mac[%s]\n", i, pip_list[i].ip, pip_list[i].mac);
charMac2binMac(pip_list[i].mac, gd_ip_mac[i].mac);
gd_ip_mac[i].ip = inet_addr(pip_list[i].ip);
}
//printf("\n");
free(pip_list);
}
fSemSetSub(gd_semfd, 1);
gd_last_ip_time = t2;
}
destmac = (mac_address_t *)pkt_data;
srcmac = (mac_address_t *)(pkt_data + 6);
iph = (ip_header_t *) (pkt_data + 14);
m_inet_ntoa((u_int *)&iph->saddr, saddr);
m_inet_ntoa((u_int *)&iph->daddr, saddr1);
// if (gd_log_level > 2)
// logit(gd_SYS_LOG_FILE, "Source Addr[%s] Dest Addr[%s] proto[0x%02x]\n", saddr, saddr1, iph->proto);
//if (strcmp(saddr, "192.0.0.1") != 0)
//{
//printf("srcaddr[%s]\t", saddr);
//printf("descaddr[%s] proto[0x%02x]\n", saddr1, iph->proto);
//}
if( iph->proto == 0x06 ) // TCP PACKETS
{
ip_len = (iph->ver_ihl & 0xf) * 4;
tcph = (tcp_header_t *)(pkt_data + 14 + ip_len);
//printf("tcph->dport[%d][%d]\n", ntohl(tcph->dport), tcph->dport);
//if (tcph->dport == htons(10001) )
//{
//printf("c seqnum[%u]\t", ntohl(tcph->seqnum));
//printf("c acknum[%u]\t", ntohl(tcph->acknum));
//printf("c win [%u][%u][%u]\n", ntohs(tcph->win), htonl(ntohl(tcph->acknum) + ntohs(tcph->win) - 2), htonl(ntohl(tcph->acknum) + ntohs(tcph->win) - 2) + htonl(0x1));
//printf("c flags[%u]\t", tcph->flags);
//printf("\n");
//}
//if (tcph->sport == htons(10001) )
//{
//printf("s seqnum[%u]\t", ntohl(tcph->seqnum));
//printf("s acknum[%u]\t", ntohl(tcph->acknum));
//printf("s win [%u][%u][%u]\n", ntohs(tcph->win), htonl(ntohl(tcph->acknum) + ntohs(tcph->win) - 2), htonl(ntohl(tcph->acknum) + ntohs(tcph->win) - 2) + htonl(0x1));
//printf("s flags[%u]\t", tcph->flags);
//printf("\n");
//}
//
//return;
// 已经是终止报
if( tcph->flags == 0x04 ) return ;
//
//if (is_for_myself(iptoUINT( &iph->saddr ), iptoUINT( &iph->daddr )) == 1) return;
if( is_in_reset_port_list(tcph->dport) == 0) return;
if (is_win_update(iptoUINT( &iph->saddr ), iptoUINT( &iph->daddr )) == 1) return;
b1 = is_in_white_list(iptoUINT( &iph->saddr ), (char *)srcmac);
b2 = is_in_ip_list(iptoUINT( &iph->saddr ), (char *)srcmac);
b3 = is_in_white_list(iptoUINT( &iph->daddr ), (char *)destmac);
b4 = is_in_ip_list(iptoUINT( &iph->daddr ), (char *)destmac);
//printf("b1[%d] b2[%d] b3[%d] b4[%d]\n", b1, b2, b3, b4);
if ( ( b1 == 1) || (b2 == 1) || (b3 == 1) || (b4 == 1) ) return;
//(is_in_inner_net_or_in(iptoUINT( &iph->saddr ), iptoUINT( &iph->daddr )) == 1) return;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -