4 * Copyright (C) 2000-2006 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
8 * $Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp $
14 00:05:47.816843 128.231.76.76.3291 > 224.2.252.231.36573: udp 36 (encap)
18 00:33:48.410771 192.73.213.11.1463 > 224.2.248.153.59360: udp 31 (encap)
22 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
26 123456789.1234567 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
30 8:0:20:f:65:f7 0:0:c:1:8a:c5 81: 128.250.133.13.23 > 128.250.20.20.2419: tcp 27
38 #include <netinet/ip_var.h>
40 #include <netinet/tcpip.h>
44 static const char sccsid[] = "@(#)ipft_td.c 1.8 2/4/96 (C)1995 Darren Reed";
45 static const char rcsid[] = "@(#)$Id: ipft_td.c,v 1.15.2.2 2006/06/16 17:21:03 darrenr Exp $";
48 static int tcpd_open __P((char *));
49 static int tcpd_close __P((void));
50 static int tcpd_readip __P((char *, int, char **, int *));
51 static int count_dots __P((char *));
53 struct ipread tcpd = { tcpd_open, tcpd_close, tcpd_readip, 0 };
55 static FILE *tfp = NULL;
59 static int tcpd_open(fname)
65 if (!strcmp(fname, "-")) {
69 tfd = open(fname, O_RDONLY);
70 tfp = fdopen(tfd, "r");
76 static int tcpd_close()
83 static int count_dots(str)
95 static int tcpd_readip(buf, cnt, ifn, dir)
100 ip_t *ip = (ip_t *)&pkt;
101 char src[32], dst[32], misc[256], time[32], link1[32], link2[32];
103 int n, slen, extra = 0;
105 if (!fgets(lbuf, sizeof(lbuf) - 1, tfp))
108 if ((s = strchr(lbuf, '\n')))
110 lbuf[sizeof(lbuf)-1] = '\0';
112 bzero(&pkt, sizeof(pkt));
114 if ((n = sscanf(lbuf, "%31s > %31s: %255s", src, dst, misc)) != 3)
115 if ((n = sscanf(lbuf, "%31s %31s > %31s: %255s",
116 time, src, dst, misc)) != 4)
117 if ((n = sscanf(lbuf, "%31s %31s: %31s > %31s: %255s",
118 link1, link2, src, dst, misc)) != 5) {
120 "%31s %31s %31s: %31s > %31s: %255s",
121 time, link1, link2, src, dst, misc);
126 if (count_dots(dst) == 4) {
127 s = strrchr(src, '.');
129 (void) inet_aton(src, &ip->ip_src);
130 pkt.ti_sport = htons(atoi(s));
132 s = strrchr(dst, '.');
135 (void) inet_aton(src, &ip->ip_dst);
136 pkt.ti_dport = htons(atoi(s));
140 (void) inet_aton(src, &ip->ip_src);
141 (void) inet_aton(src, &ip->ip_dst);
143 ip->ip_len = sizeof(ip_t);
144 IP_HL_A(ip, sizeof(ip_t));
146 s = strtok(misc, " :");
149 ip->ip_p = getproto(s);
155 s = strtok(NULL, " :");
158 ip->ip_len += atoi(s);
159 if (ip->ip_p == IPPROTO_TCP)
160 extra = sizeof(struct tcphdr);
161 else if (ip->ip_p == IPPROTO_UDP)
162 extra = sizeof(struct udphdr);
166 extra = sizeof(struct igmp);
170 extra = sizeof(struct icmp);
176 slen = IP_HL(ip) + extra + ip->ip_len;