diff --git a/connection.cpp b/connection.cpp index 582938d..32f4af6 100644 --- a/connection.cpp +++ b/connection.cpp @@ -100,6 +100,11 @@ void Connection::add (Packet * packet) } } +/* finds connection to which this packet belongs. + * a packet belongs to a connection if it matches + * to its reference packet */ +/* the incoming and outgoing streams of a connection + * are 2 sepetate 'connections' in nethogs. */ Connection * findConnection (Packet * packet) { ConnList * current = connections; diff --git a/nethogs.cpp b/nethogs.cpp index 2a5cb5c..4c0bee9 100644 --- a/nethogs.cpp +++ b/nethogs.cpp @@ -50,20 +50,22 @@ void process (u_char * args, const struct pcap_pkthdr * header, const u_char * m return; Connection * connection = findConnection(packet); + if (connection != NULL) { + /* add packet to the connection */ connection->add(packet); - return; + } else { + /* else: unknown connection, create new */ + connection = new Connection (packet); + Process * process = getProcess(connection, currentdevice); } - connection = new Connection (packet); - Process * process = getProcess(connection, currentdevice); + if (needrefresh) { do_refresh(); needrefresh = false; } - - return; } void quit_cb (int i) diff --git a/nethogs.h b/nethogs.h index 2b38d5e..5cffe48 100644 --- a/nethogs.h +++ b/nethogs.h @@ -19,7 +19,7 @@ #define NEEDROOT 1 #endif -#define DEBUG 0 +#define DEBUG 1 #define PROGNAME_WIDTH 27 diff --git a/packet.cpp b/packet.cpp index 2501f07..05afc20 100644 --- a/packet.cpp +++ b/packet.cpp @@ -107,7 +107,7 @@ Packet * getPacket (const struct pcap_pkthdr * header, const u_char * packet) if (ethernet->ether_type != 8) { #if DEBUG - cerr << "Dropped non-ip packet of type " << ethernet->ether_type << endl; + std::cerr << "Dropped non-ip packet of type " << ethernet->ether_type << std::endl; #endif return NULL; } @@ -116,7 +116,7 @@ Packet * getPacket (const struct pcap_pkthdr * header, const u_char * packet) if (ip->ip_p != 6) { #if DEBUG - cerr << "Dropped non-tcp packet of type " << (int)(ip->ip_p) << endl; + std::cerr << "Dropped non-tcp packet of type " << (int)(ip->ip_p) << std::endl; #endif return NULL; } @@ -166,8 +166,11 @@ char * Packet::gethashstring () return retval; } +/* 2 packets match if they have the same + * source and destination ports and IP's, + * or inverted. */ bool Packet::match (Packet * other) { - return ((sport == other->sport) && (dport == other->dport) - && (sameinaddr(sip, other->sip)) && (sameinaddr(dip, other->dip))); + return (sport == other->sport) && (dport == other->dport) + && (sameinaddr(sip, other->sip)) && (sameinaddr(dip, other->dip)); } diff --git a/process.cpp b/process.cpp index fefe5c1..1cda073 100644 --- a/process.cpp +++ b/process.cpp @@ -439,6 +439,12 @@ Process * getProcess (unsigned long inode, char * devicename) return newproc; } +/* Used when a new connection is encountered. Finds corresponding + * process and adds the connection. If the connection doesn't belong + * to any known process, the process list is updated and a new process + * is made. If no process can be found even then, it's added to the + * 'unknown' process. + */ Process * getProcess (Connection * connection, char * devicename) { ProcList * curproc = processes; @@ -446,7 +452,7 @@ Process * getProcess (Connection * connection, char * devicename) // see if we already know the inode for this connection if (DEBUG) { - std::cout << "Connection reference packet found at "; + std::cout << "New connection reference packet.. "; std::cout << connection->refpacket << std::endl; } @@ -456,14 +462,14 @@ Process * getProcess (Connection * connection, char * devicename) { // no? refresh and check conn/inode table #if DEBUG - cerr << "Not in table, refreshing it.\n"; + std::cerr << "Not in table, refreshing table from /proc/net/tcp.\n"; #endif refreshconninode(); inode = (unsigned long *) conninode->get(connection->refpacket->gethashstring()); if (inode == NULL) { #if DEBUG - //cerr << connection->refpacket->gethashstring() << " STILL not in table - dropping\n"; + std::cerr << connection->refpacket->gethashstring() << " STILL not in table - dropping\n"; #endif return NULL; }