Logo Search packages:      
Sourcecode: nepenthes version File versions  Download package

bool SocketManager::Init (  )  [virtual]

check config values

Returns:
true on success, else false

Implements nepenthes::Manager.

Definition at line 105 of file SocketManager.cpp.

References nepenthes::Nepenthes::getConfig().

Referenced by nepenthes::Nepenthes::run().

{
    try {
        m_UseRawSockets = m_Nepenthes->getConfig()->getValInt("nepenthes.socketmanager.use_rawsockets");
        if (m_UseRawSockets)
        {
            logInfo("%s","Using Rawsockets\n");
        }
    } catch ( ... ) {
        logCrit("%s","Could not find nepenthes.socketmanager.use_rawsockets in config file, assuming no\n");
    }


      try {
            m_BindAddress = inet_addr(m_Nepenthes->getConfig()->getValString("nepenthes.socketmanager.bind_address"));
            if (m_BindAddress != INADDR_ANY)
            {
                  logInfo("Using %s as bind_address for all connections\n", inet_ntoa(*(struct in_addr *)&m_BindAddress));
            }
      } catch ( ... ) {
            logCrit("%s","Could not find nepenthes.socketmanager.bind_address in config file, assuming no\n");
      }


#ifdef WIN32
      WORD wVersionRequested;
      WSADATA wsaData;
      int32_t err;
 
      wVersionRequested = MAKEWORD( 2, 2 );
 
      err = WSAStartup( wVersionRequested, &wsaData );
      if ( err != 0 ) {
            /* Tell the user that we could not find a usable */
            /* WinSock DLL.                                  */
            logCrit("%s\n","Could not find good Windows Socket dll");
            return false;
      }else
      {
            logDebug("%s\n","WSAStartup worked");
      }
#endif



    if (m_UseRawSockets == true)
    {
#ifdef WIN32
        // win32 raw socket interface lookup & adding here
        SOCKET sd = WSASocket(AF_INET, SOCK_DGRAM, 0, 0, 0, 0);
        if (sd == SOCKET_ERROR)
        {
            logCrit("Failed to get a socket. Error %i\n", WSAGetLastError());
            return false;
        }

        INTERFACE_INFO InterfaceList[20];
        uint32_t nBytesReturned;
        if (WSAIoctl(sd, SIO_GET_INTERFACE_LIST, 0, 0, &InterfaceList,
                     sizeof(InterfaceList), &nBytesReturned, 0, 0) == SOCKET_ERROR)
        {
            logCrit("Failed calling WSAIoctl: error %i\n",WSAGetLastError());
            return false;
        }

        int32_t nNumInterfaces = nBytesReturned / sizeof(INTERFACE_INFO);
        logDebug("There are %i interfaces \n",nNumInterfaces);
        int32_t i;
        for (i = 0; i < nNumInterfaces; ++i)
        {
            logDebug("Interface %i \n", i);

            u_long nFlags = InterfaceList[i].iiFlags;
            if (nFlags & IFF_UP) 
                logDebug("Iface is %s\n","up");
            else                 
                logDebug("Iface is %s\n","down");



            sockaddr_in *pAddress;
            pAddress = (sockaddr_in *) & (InterfaceList[i].iiAddress);
            logDebug("\tip %s\n",inet_ntoa(pAddress->sin_addr));

            pAddress = (sockaddr_in *) & (InterfaceList[i].iiBroadcastAddress);
            logDebug("\tbcast %s\n",inet_ntoa(pAddress->sin_addr));

            pAddress = (sockaddr_in *) & (InterfaceList[i].iiNetmask);
            logDebug("\tnetmask %s\n",inet_ntoa(pAddress->sin_addr));

            if (nFlags & IFF_POINTTOPOINT) 
                logDebug("%s\n","\tis point-to-point");
            if (nFlags & IFF_LOOPBACK)     
                logDebug("%s\n","\tis a loopback iface");
            

            string features = "";
            
            if (nFlags & IFF_BROADCAST) 
                features += "bcast ";
            if (nFlags & IFF_MULTICAST)
                features +=  "multicast ";
            logDebug("\tFeatures: %s \n", features.c_str());
        }


        for (i = 0; i < nNumInterfaces; ++i)
        {

            sockaddr_in *pAddress;
            pAddress = (sockaddr_in *) & (InterfaceList[i].iiAddress);

            RAWSocketListener *sock = new RAWSocketListener(m_Nepenthes,*(uint32_t *)&(pAddress->sin_addr));
            if ( sock->Init() == true )
            {
                m_Sockets.push_back(sock);
            } else
            {
                return false;
            }

        }
#else
            FILE *f = fopen(PROC_NET_DEV,"r");
            if (f== NULL)
            {
                  logCrit("Could not open %s \n",PROC_NET_DEV);
                  return false;
            }
            char line[512];
            memset(line,0,512);
            bool ifaceline=false;

            list <string> interfaces;

            while (fgets(line,512,f) != NULL)
            {
                  if (ifaceline)
                  {
//                      printf("proc line is '%s' \n",line);
                        char *ifacestopp=line;
                        char *ifacestart=line;
                        while(*ifacestopp != ':')
                              ifacestopp++;

                        while (*ifacestart == ' ')
                              ifacestart++;

                        logSpam("iface %.*s \n",ifacestopp-ifacestart,ifacestart);

                interfaces.push_back(string(ifacestart,ifacestopp-ifacestart));

                  }else
                  if (strstr(line,"bytes") != NULL)
                  {
                        ifaceline = true;
                  }

                  

                  memset(line,0,512);
            }
        fclose(f);

            list<string>::iterator it;

            for (it=interfaces.begin();it!= interfaces.end();it++)
            {
                  logDebug("Interface %s is availible for sniffing\n",it->c_str());
            }

            for ( it=interfaces.begin();it!= interfaces.end();it++ )
            {
                  if (strstr(it->c_str(),"eth") == NULL)
                  {
                        logDebug("No sniffing on %s\n",it->c_str());
                        continue;
                  }


                  struct ifreq ifr;
                  memset(&ifr,0,sizeof(struct ifreq));
//                struct ifconf ifc;

                  uint32_t localip=0;
                  int32_t fd = socket(AF_INET, SOCK_DGRAM, 0);
                  if ( fd >= 0 )
                  {
                        strcpy(ifr.ifr_name, it->c_str());
                        ifr.ifr_addr.sa_family = AF_INET;
                        if ( ioctl(fd, SIOCGIFADDR, &ifr) == 0 )
                        {
                              struct sockaddr_in *ssin;
                              ssin = (struct sockaddr_in *) &ifr.ifr_addr;
                              logSpam("Interface %s has ip %s \n",it->c_str(),inet_ntoa(*(in_addr *)&ssin->sin_addr.s_addr));

                              localip = ssin->sin_addr.s_addr;

/*                    logSpam("Interface %s has ip %s \n",it->c_str(),inet_ntoa(*(in_addr *)&ifr.ifr_addr));
                              strcpy(ifr.ifr_name, it->c_str());
                              if ( ioctl(fd, SIOCGIFDSTADDR, &ifr) >= 0 )
                                    logSpam("Interface %s has ... %s \n",it->c_str(),inet_ntoa(*(in_addr *)&ifr.ifr_dstaddr));

                              strcpy(ifr.ifr_name, it->c_str());
                              if ( ioctl(fd, SIOCGIFBRDADDR, &ifr) >= 0 )
                                    logSpam("Interface %s has ... %s \n",it->c_str(),inet_ntoa(*(in_addr *)&ifr.ifr_broadaddr));

                              strcpy(ifr.ifr_name, it->c_str());
                              if ( ioctl(fd, SIOCGIFNETMASK, &ifr) >= 0 )
                                    logSpam("Interface %s has ... %s \n",it->c_str(),inet_ntoa(*(in_addr *)&ifr.ifr_netmask));
*/                            
                        } 
//                      else
//                            memset(&ife->addr, 0, sizeof(struct sockaddr));
                  }


                  RAWSocketListener *sock;
                  sock = new RAWSocketListener(m_Nepenthes,(char *)it->c_str(), localip, IPPROTO_TCP);
                  if ( sock->Init() == true )
                  {
                        m_Sockets.push_back(sock);
                  } else
                  {
                        return false;
                  }
                  
/*                sock = new RAWSocketListener(m_Nepenthes,(char *)it->c_str(), IPPROTO_UDP);
                  if ( sock->Init() == true )
                  {
                        m_Sockets.push_back(sock);
                  } else
                  {
                        return false;
                  }
*/                
            }
            interfaces.clear();
#endif
            
      }
      return true;
}


Generated by  Doxygen 1.6.0   Back to index