xref: /illumos-gate/usr/src/cmd/ipf/lib/common/ipft_sn.c (revision 7c478bd9)
1*7c478bd9Sstevel@tonic-gate /*
2*7c478bd9Sstevel@tonic-gate  * Copyright (C) 1993-2001 by Darren Reed.
3*7c478bd9Sstevel@tonic-gate  *
4*7c478bd9Sstevel@tonic-gate  * See the IPFILTER.LICENCE file for details on licencing.
5*7c478bd9Sstevel@tonic-gate  *
6*7c478bd9Sstevel@tonic-gate  * $Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp $
7*7c478bd9Sstevel@tonic-gate  */
8*7c478bd9Sstevel@tonic-gate 
9*7c478bd9Sstevel@tonic-gate /*
10*7c478bd9Sstevel@tonic-gate  * Written to comply with the recent RFC 1761 from Sun.
11*7c478bd9Sstevel@tonic-gate  */
12*7c478bd9Sstevel@tonic-gate #include "ipf.h"
13*7c478bd9Sstevel@tonic-gate #include "snoop.h"
14*7c478bd9Sstevel@tonic-gate #include "ipt.h"
15*7c478bd9Sstevel@tonic-gate 
16*7c478bd9Sstevel@tonic-gate #if !defined(lint)
17*7c478bd9Sstevel@tonic-gate static const char rcsid[] = "@(#)$Id: ipft_sn.c,v 1.7 2003/02/16 02:32:36 darrenr Exp $";
18*7c478bd9Sstevel@tonic-gate #endif
19*7c478bd9Sstevel@tonic-gate 
20*7c478bd9Sstevel@tonic-gate struct	llc	{
21*7c478bd9Sstevel@tonic-gate 	int	lc_sz;	/* LLC header length */
22*7c478bd9Sstevel@tonic-gate 	int	lc_to;	/* LLC Type offset */
23*7c478bd9Sstevel@tonic-gate 	int	lc_tl;	/* LLC Type length */
24*7c478bd9Sstevel@tonic-gate };
25*7c478bd9Sstevel@tonic-gate 
26*7c478bd9Sstevel@tonic-gate /*
27*7c478bd9Sstevel@tonic-gate  * While many of these maybe the same, some do have different header formats
28*7c478bd9Sstevel@tonic-gate  * which make this useful.
29*7c478bd9Sstevel@tonic-gate  */
30*7c478bd9Sstevel@tonic-gate static	struct	llc	llcs[SDL_MAX+1] = {
31*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_8023 */
32*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_8024 */
33*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_8025 */
34*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_8026 */
35*7c478bd9Sstevel@tonic-gate 	{ 14, 12, 2 },	/* SDL_ETHER */
36*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_HDLC */
37*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_CHSYNC */
38*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_IBMCC */
39*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_FDDI */
40*7c478bd9Sstevel@tonic-gate 	{ 0, 0, 0 },	/* SDL_OTHER */
41*7c478bd9Sstevel@tonic-gate };
42*7c478bd9Sstevel@tonic-gate 
43*7c478bd9Sstevel@tonic-gate static	int	snoop_open __P((char *));
44*7c478bd9Sstevel@tonic-gate static	int	snoop_close __P((void));
45*7c478bd9Sstevel@tonic-gate static	int	snoop_readip __P((char *, int, char **, int *));
46*7c478bd9Sstevel@tonic-gate 
47*7c478bd9Sstevel@tonic-gate static	int	sfd = -1, s_type = -1;
48*7c478bd9Sstevel@tonic-gate static	int	snoop_read_rec __P((struct snooppkt *));
49*7c478bd9Sstevel@tonic-gate 
50*7c478bd9Sstevel@tonic-gate struct	ipread	snoop = { snoop_open, snoop_close, snoop_readip, 0 };
51*7c478bd9Sstevel@tonic-gate 
52*7c478bd9Sstevel@tonic-gate 
snoop_open(fname)53*7c478bd9Sstevel@tonic-gate static	int	snoop_open(fname)
54*7c478bd9Sstevel@tonic-gate char	*fname;
55*7c478bd9Sstevel@tonic-gate {
56*7c478bd9Sstevel@tonic-gate 	struct	snoophdr sh;
57*7c478bd9Sstevel@tonic-gate 	int	fd;
58*7c478bd9Sstevel@tonic-gate 	int s_v;
59*7c478bd9Sstevel@tonic-gate 
60*7c478bd9Sstevel@tonic-gate 	if (sfd != -1)
61*7c478bd9Sstevel@tonic-gate 		return sfd;
62*7c478bd9Sstevel@tonic-gate 
63*7c478bd9Sstevel@tonic-gate 	if (!strcmp(fname, "-"))
64*7c478bd9Sstevel@tonic-gate 		fd = 0;
65*7c478bd9Sstevel@tonic-gate 	else if ((fd = open(fname, O_RDONLY)) == -1)
66*7c478bd9Sstevel@tonic-gate 		return -1;
67*7c478bd9Sstevel@tonic-gate 
68*7c478bd9Sstevel@tonic-gate 	if (read(fd, (char *)&sh, sizeof(sh)) != sizeof(sh))
69*7c478bd9Sstevel@tonic-gate 		return -2;
70*7c478bd9Sstevel@tonic-gate 
71*7c478bd9Sstevel@tonic-gate 	s_v = (int)ntohl(sh.s_v);
72*7c478bd9Sstevel@tonic-gate 	s_type = (int)ntohl(sh.s_type);
73*7c478bd9Sstevel@tonic-gate 
74*7c478bd9Sstevel@tonic-gate 	if (s_v != SNOOP_VERSION ||
75*7c478bd9Sstevel@tonic-gate 	    s_type < 0 || s_type > SDL_MAX) {
76*7c478bd9Sstevel@tonic-gate 		(void) close(fd);
77*7c478bd9Sstevel@tonic-gate 		return -2;
78*7c478bd9Sstevel@tonic-gate 	}
79*7c478bd9Sstevel@tonic-gate 
80*7c478bd9Sstevel@tonic-gate 	sfd = fd;
81*7c478bd9Sstevel@tonic-gate 	printf("opened snoop file %s:\n", fname);
82*7c478bd9Sstevel@tonic-gate 	printf("\tid: %8.8s version: %d type: %d\n", sh.s_id, s_v, s_type);
83*7c478bd9Sstevel@tonic-gate 
84*7c478bd9Sstevel@tonic-gate 	return fd;
85*7c478bd9Sstevel@tonic-gate }
86*7c478bd9Sstevel@tonic-gate 
87*7c478bd9Sstevel@tonic-gate 
snoop_close()88*7c478bd9Sstevel@tonic-gate static	int	snoop_close()
89*7c478bd9Sstevel@tonic-gate {
90*7c478bd9Sstevel@tonic-gate 	return close(sfd);
91*7c478bd9Sstevel@tonic-gate }
92*7c478bd9Sstevel@tonic-gate 
93*7c478bd9Sstevel@tonic-gate 
94*7c478bd9Sstevel@tonic-gate /*
95*7c478bd9Sstevel@tonic-gate  * read in the header (and validate) which should be the first record
96*7c478bd9Sstevel@tonic-gate  * in a snoop file.
97*7c478bd9Sstevel@tonic-gate  */
snoop_read_rec(rec)98*7c478bd9Sstevel@tonic-gate static	int	snoop_read_rec(rec)
99*7c478bd9Sstevel@tonic-gate struct	snooppkt *rec;
100*7c478bd9Sstevel@tonic-gate {
101*7c478bd9Sstevel@tonic-gate 	int	n, plen, ilen;
102*7c478bd9Sstevel@tonic-gate 
103*7c478bd9Sstevel@tonic-gate 	if (read(sfd, (char *)rec, sizeof(*rec)) != sizeof(*rec))
104*7c478bd9Sstevel@tonic-gate 		return -2;
105*7c478bd9Sstevel@tonic-gate 
106*7c478bd9Sstevel@tonic-gate 	ilen = (int)ntohl(rec->sp_ilen);
107*7c478bd9Sstevel@tonic-gate 	plen = (int)ntohl(rec->sp_plen);
108*7c478bd9Sstevel@tonic-gate 	if (ilen > plen || plen < sizeof(*rec))
109*7c478bd9Sstevel@tonic-gate 		return -2;
110*7c478bd9Sstevel@tonic-gate 
111*7c478bd9Sstevel@tonic-gate 	plen -= sizeof(*rec);
112*7c478bd9Sstevel@tonic-gate 	n = MIN(plen, ilen);
113*7c478bd9Sstevel@tonic-gate 	if (!n || n < 0)
114*7c478bd9Sstevel@tonic-gate 		return -3;
115*7c478bd9Sstevel@tonic-gate 
116*7c478bd9Sstevel@tonic-gate 	return plen;
117*7c478bd9Sstevel@tonic-gate }
118*7c478bd9Sstevel@tonic-gate 
119*7c478bd9Sstevel@tonic-gate 
120*7c478bd9Sstevel@tonic-gate #ifdef	notyet
121*7c478bd9Sstevel@tonic-gate /*
122*7c478bd9Sstevel@tonic-gate  * read an entire snoop packet record.  only the data part is copied into
123*7c478bd9Sstevel@tonic-gate  * the available buffer, with the number of bytes copied returned.
124*7c478bd9Sstevel@tonic-gate  */
snoop_read(buf,cnt)125*7c478bd9Sstevel@tonic-gate static	int	snoop_read(buf, cnt)
126*7c478bd9Sstevel@tonic-gate char	*buf;
127*7c478bd9Sstevel@tonic-gate int	cnt;
128*7c478bd9Sstevel@tonic-gate {
129*7c478bd9Sstevel@tonic-gate 	struct	snooppkt rec;
130*7c478bd9Sstevel@tonic-gate 	static	char	*bufp = NULL;
131*7c478bd9Sstevel@tonic-gate 	int	i, n;
132*7c478bd9Sstevel@tonic-gate 
133*7c478bd9Sstevel@tonic-gate 	if ((i = snoop_read_rec(&rec)) <= 0)
134*7c478bd9Sstevel@tonic-gate 		return i;
135*7c478bd9Sstevel@tonic-gate 
136*7c478bd9Sstevel@tonic-gate 	if (!bufp)
137*7c478bd9Sstevel@tonic-gate 		bufp = malloc(i);
138*7c478bd9Sstevel@tonic-gate 	else
139*7c478bd9Sstevel@tonic-gate 		bufp = realloc(bufp, i);
140*7c478bd9Sstevel@tonic-gate 
141*7c478bd9Sstevel@tonic-gate 	if (read(sfd, bufp, i) != i)
142*7c478bd9Sstevel@tonic-gate 		return -2;
143*7c478bd9Sstevel@tonic-gate 
144*7c478bd9Sstevel@tonic-gate 	n = MIN(i, cnt);
145*7c478bd9Sstevel@tonic-gate 	bcopy(bufp, buf, n);
146*7c478bd9Sstevel@tonic-gate 	return n;
147*7c478bd9Sstevel@tonic-gate }
148*7c478bd9Sstevel@tonic-gate #endif
149*7c478bd9Sstevel@tonic-gate 
150*7c478bd9Sstevel@tonic-gate 
151*7c478bd9Sstevel@tonic-gate /*
152*7c478bd9Sstevel@tonic-gate  * return only an IP packet read into buf
153*7c478bd9Sstevel@tonic-gate  */
snoop_readip(buf,cnt,ifn,dir)154*7c478bd9Sstevel@tonic-gate static	int	snoop_readip(buf, cnt, ifn, dir)
155*7c478bd9Sstevel@tonic-gate char	*buf, **ifn;
156*7c478bd9Sstevel@tonic-gate int	cnt, *dir;
157*7c478bd9Sstevel@tonic-gate {
158*7c478bd9Sstevel@tonic-gate 	static	char	*bufp = NULL;
159*7c478bd9Sstevel@tonic-gate 	struct	snooppkt rec;
160*7c478bd9Sstevel@tonic-gate 	struct	llc	*l;
161*7c478bd9Sstevel@tonic-gate 	char	ty[4], *s;
162*7c478bd9Sstevel@tonic-gate 	int	i, n;
163*7c478bd9Sstevel@tonic-gate 
164*7c478bd9Sstevel@tonic-gate 	do {
165*7c478bd9Sstevel@tonic-gate 		if ((i = snoop_read_rec(&rec)) <= 0)
166*7c478bd9Sstevel@tonic-gate 			return i;
167*7c478bd9Sstevel@tonic-gate 
168*7c478bd9Sstevel@tonic-gate 		if (!bufp)
169*7c478bd9Sstevel@tonic-gate 			bufp = malloc(i);
170*7c478bd9Sstevel@tonic-gate 		else
171*7c478bd9Sstevel@tonic-gate 			bufp = realloc(bufp, i);
172*7c478bd9Sstevel@tonic-gate 		s = bufp;
173*7c478bd9Sstevel@tonic-gate 
174*7c478bd9Sstevel@tonic-gate 		if (read(sfd, s, i) != i)
175*7c478bd9Sstevel@tonic-gate 			return -2;
176*7c478bd9Sstevel@tonic-gate 
177*7c478bd9Sstevel@tonic-gate 		l = &llcs[s_type];
178*7c478bd9Sstevel@tonic-gate 		i -= l->lc_to;
179*7c478bd9Sstevel@tonic-gate 		s += l->lc_to;
180*7c478bd9Sstevel@tonic-gate 		/*
181*7c478bd9Sstevel@tonic-gate 		 * XXX - bogus assumption here on the part of the time field
182*7c478bd9Sstevel@tonic-gate 		 * that it won't be greater than 4 bytes and the 1st two will
183*7c478bd9Sstevel@tonic-gate 		 * have the values 8 and 0 for IP.  Should be a table of
184*7c478bd9Sstevel@tonic-gate 		 * these too somewhere.  Really only works for SDL_ETHER.
185*7c478bd9Sstevel@tonic-gate 		 */
186*7c478bd9Sstevel@tonic-gate 		bcopy(s, ty, l->lc_tl);
187*7c478bd9Sstevel@tonic-gate 	} while (ty[0] != 0x8 && ty[1] != 0);
188*7c478bd9Sstevel@tonic-gate 
189*7c478bd9Sstevel@tonic-gate 	i -= l->lc_tl;
190*7c478bd9Sstevel@tonic-gate 	s += l->lc_tl;
191*7c478bd9Sstevel@tonic-gate 	n = MIN(i, cnt);
192*7c478bd9Sstevel@tonic-gate 	bcopy(s, buf, n);
193*7c478bd9Sstevel@tonic-gate 
194*7c478bd9Sstevel@tonic-gate 	return n;
195*7c478bd9Sstevel@tonic-gate }
196