FOSS/nethogs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

unknown udp added...

Browse Source
This commit is contained in:
PAVAN
2018-05-15 18:56:52 +05:30
parent 33fab67135
commit 9baa4aaf34
7 changed files with 115 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
src/connection.cpp
View File

@@ -34,6 +34,7 @@
#include "process.h" #include "process.h"
ConnList *connections = NULL; ConnList *connections = NULL;
extern Process *unknownudp;
void PackList::add(Packet *p) { void PackList::add(Packet *p) {
if (content == NULL) { if (content == NULL) {
@@ -151,32 +152,76 @@ void Connection::add(Packet *packet) {
} }
} }
Connection *findConnectionWithMatchingSource(Packet *packet) { Connection *findConnectionWithMatchingSource(Packet *packet, short int packettype) {
assert(packet->Outgoing()); assert(packet->Outgoing());
ConnList *current = connections; switch(packettype)
while (current != NULL) { {
/* the reference packet is always outgoing */ case IPPROTO_TCP:
if (packet->matchSource(current->getVal()->refpacket)) { { //std::cout<<"hell.......o"<<std::endl;
return current->getVal(); ConnList *current = connections;
} while (current != NULL) {
/* the reference packet is always outgoing */
if (packet->matchSource(current->getVal()->refpacket)) {
return current->getVal();
}
current = current->getNext();
}
return NULL;
}
break;
case IPPROTO_UDP:
{
ConnList *current = unknownudp->connections;
while (current != NULL) {
/* the reference packet is always outgoing */
if (packet->matchSource(current->getVal()->refpacket)) {
return current->getVal();
}
current = current->getNext();
}
return NULL;
}
break;
current = current->getNext();
} }
return NULL;
} }
Connection *findConnectionWithMatchingRefpacketOrSource(Packet *packet) { Connection *findConnectionWithMatchingRefpacketOrSource(Packet *packet, short int packettype) {
ConnList *current = connections;
while (current != NULL) { switch(packettype)
/* the reference packet is always *outgoing* */ {
if (packet->match(current->getVal()->refpacket)) { case IPPROTO_TCP:
return current->getVal(); { ConnList *current = connections;
} while (current != NULL) {
/* the reference packet is always *outgoing* */
if (packet->match(current->getVal()->refpacket)) {
return current->getVal();
}
current = current->getNext(); current = current->getNext();
}
}
break;
case IPPROTO_UDP:
{ ConnList *current = unknownudp->connections;
while (current != NULL) {
/* the reference packet is always *outgoing* */
if (packet->match(current->getVal()->refpacket)) {
return current->getVal();
}
current = current->getNext();
}
}
break;
} }
return findConnectionWithMatchingSource(packet);
return findConnectionWithMatchingSource(packet, packettype);
} }
/* /*
@@ -184,13 +229,13 @@ Connection *findConnectionWithMatchingRefpacketOrSource(Packet *packet) {
* a packet belongs to a connection if it matches * a packet belongs to a connection if it matches
* to its reference packet * to its reference packet
*/ */
Connection *findConnection(Packet *packet) { Connection *findConnection(Packet *packet, short int packettype) {
if (packet->Outgoing()) if (packet->Outgoing())
return findConnectionWithMatchingRefpacketOrSource(packet); return findConnectionWithMatchingRefpacketOrSource(packet, packettype);
else { else {
Packet *invertedPacket = packet->newInverted(); Packet *invertedPacket = packet->newInverted();
Connection *result = Connection *result =
findConnectionWithMatchingRefpacketOrSource(invertedPacket); findConnectionWithMatchingRefpacketOrSource(invertedPacket, packettype);
delete invertedPacket; delete invertedPacket;
return result; return result;

2
src/connection.h
View File

@@ -101,6 +101,6 @@ private:
/* Find the connection this packet belongs to */ /* Find the connection this packet belongs to */
/* (the calling code may free the packet afterwards) */ /* (the calling code may free the packet afterwards) */
Connection *findConnection(Packet *packet); Connection *findConnection(Packet *packet, short int packettype);
#endif #endif

27
src/decpcap.c
View File

@@ -32,7 +32,7 @@
#include "decpcap.h" #include "decpcap.h"
#define DP_DEBUG 0 #define DP_DEBUG 0
bool catchall = false;
/* functions to set up a handle (which is basically just a pcap handle) */ /* functions to set up a handle (which is basically just a pcap handle) */
struct dp_handle *dp_fillhandle(pcap_t *phandle) { struct dp_handle *dp_fillhandle(pcap_t *phandle) {
@@ -139,6 +139,20 @@ void dp_parse_tcp(struct dp_handle *handle, const dp_header *header,
// TODO: maybe `pass on' payload to lower-level protocol parsing // TODO: maybe `pass on' payload to lower-level protocol parsing
} }
void dp_parse_udp(struct dp_handle *handle, const dp_header *header,
const u_char *packet) {
// const struct tcphdr * tcp = (struct tcphdr *) packet;
// u_char * payload = (u_char *) packet + sizeof (struct tcphdr);
if (handle->callback[dp_packet_udp] != NULL) {
int done =
(handle->callback[dp_packet_udp])(handle->userdata, header, packet);
if (done)
return;
}
// TODO: maybe `pass on' payload to lower-level protocol parsing
}
void dp_parse_ip(struct dp_handle *handle, const dp_header *header, void dp_parse_ip(struct dp_handle *handle, const dp_header *header,
const u_char *packet) { const u_char *packet) {
const struct ip *ip = (struct ip *)packet; const struct ip *ip = (struct ip *)packet;
@@ -157,6 +171,11 @@ void dp_parse_ip(struct dp_handle *handle, const dp_header *header,
case IPPROTO_TCP: case IPPROTO_TCP:
dp_parse_tcp(handle, header, payload); dp_parse_tcp(handle, header, payload);
break; break;
case IPPROTO_UDP:
if(catchall)
dp_parse_udp(handle, header, payload);
//fprintf(stdout, "udp packet...................\n");
break;
default: default:
// TODO: maybe support for non-tcp IP packets // TODO: maybe support for non-tcp IP packets
break; break;
@@ -178,6 +197,11 @@ void dp_parse_ip6(struct dp_handle *handle, const dp_header *header,
case IPPROTO_TCP: case IPPROTO_TCP:
dp_parse_tcp(handle, header, payload); dp_parse_tcp(handle, header, payload);
break; break;
case IPPROTO_UDP:
if(catchall)
dp_parse_udp(handle, header, payload);
//fprintf(stdout, "udp packet...................\n");
break;
default: default:
// TODO: maybe support for non-tcp ipv6 packets // TODO: maybe support for non-tcp ipv6 packets
break; break;
@@ -195,6 +219,7 @@ void dp_parse_ethernet(struct dp_handle *handle, const dp_header *header,
int done = (handle->callback[dp_packet_ethernet])(handle->userdata, header, int done = (handle->callback[dp_packet_ethernet])(handle->userdata, header,
packet); packet);
/* return if handle decides we're done */ /* return if handle decides we're done */
if (done) if (done)
return; return;

3
src/decpcap.h
View File

@@ -25,9 +25,10 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <pcap.h> #include <pcap.h>
#include <stdbool.h>
#define DP_ERRBUF_SIZE PCAP_ERRBUF_SIZE #define DP_ERRBUF_SIZE PCAP_ERRBUF_SIZE
extern bool catchall;
/* definitions */ /* definitions */
enum dp_packet_type { enum dp_packet_type {

9
src/main.cpp
View File

@@ -27,7 +27,7 @@ static void help(bool iserror) {
// output << "usage: nethogs [-V] [-b] [-d seconds] [-t] [-p] [-f (eth|ppp))] // output << "usage: nethogs [-V] [-b] [-d seconds] [-t] [-p] [-f (eth|ppp))]
// [device [device [device ...]]]\n"; // [device [device [device ...]]]\n";
output << "usage: nethogs [-V] [-h] [-b] [-d seconds] [-v mode] [-c count] " output << "usage: nethogs [-V] [-h] [-b] [-d seconds] [-v mode] [-c count] "
"[-t] [-p] [-s] [-a] [-l] [-f filter] " "[-t] [-p] [-s] [-a] [-l] [-f filter] [-C catchall]"
"[device [device [device ...]]]\n"; "[device [device [device ...]]]\n";
output << " -V : prints version.\n"; output << " -V : prints version.\n";
output << " -h : prints this help.\n"; output << " -h : prints this help.\n";
@@ -54,6 +54,7 @@ static void help(bool iserror) {
output << " s: sort by SENT traffic\n"; output << " s: sort by SENT traffic\n";
output << " r: sort by RECEIVE traffic\n"; output << " r: sort by RECEIVE traffic\n";
output << " l: display command line\n"; output << " l: display command line\n";
output << " C: capture all packets\n";
output << " m: switch between total (KB, B, MB) and KB/s mode\n"; output << " m: switch between total (KB, B, MB) and KB/s mode\n";
} }
@@ -139,7 +140,7 @@ int main(int argc, char **argv) {
char *filter = NULL; char *filter = NULL;
int opt; int opt;
while ((opt = getopt(argc, argv, "Vhbtpsd:v:c:laf:")) != -1) { while ((opt = getopt(argc, argv, "Vhbtpsd:v:c:laf:C")) != -1) {
switch (opt) { switch (opt) {
case 'V': case 'V':
versiondisplay(); versiondisplay();
@@ -178,12 +179,16 @@ int main(int argc, char **argv) {
case 'f': case 'f':
filter = optarg; filter = optarg;
break; break;
case 'C':
catchall = true;
break;
default: default:
help(true); help(true);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }
process_init();
device *devices = get_devices(argc - optind, argv + optind, all); device *devices = get_devices(argc - optind, argv + optind, all);
if (devices == NULL) if (devices == NULL)
forceExit(false, "No devices to monitor. Use '-a' to allow monitoring " forceExit(false, "No devices to monitor. Use '-a' to allow monitoring "

8
src/nethogs.cpp
View File

@@ -63,7 +63,6 @@ bool showcommandline = false;
// viewMode: kb/s or total // viewMode: kb/s or total
int viewMode = VIEWMODE_KBPS; int viewMode = VIEWMODE_KBPS;
const char version[] = " version " VERSION; const char version[] = " version " VERSION;
timeval curtime; timeval curtime;
bool local_addr::contains(const in_addr_t &n_addr) { bool local_addr::contains(const in_addr_t &n_addr) {
@@ -143,7 +142,7 @@ int process_tcp(u_char *userdata, const dp_header *header,
return true; return true;
} }
Connection *connection = findConnection(packet); Connection *connection = findConnection(packet, IPPROTO_TCP);
if (connection != NULL) { if (connection != NULL) {
/* add packet to the connection */ /* add packet to the connection */
@@ -195,7 +194,7 @@ int process_udp(u_char *userdata, const dp_header *header,
// if (DEBUG) // if (DEBUG)
// std::cout << "Got packet from " << packet->gethashstring() << std::endl; // std::cout << "Got packet from " << packet->gethashstring() << std::endl;
Connection *connection = findConnection(packet); Connection *connection = findConnection(packet, IPPROTO_UDP);
if (connection != NULL) { if (connection != NULL) {
/* add packet to the connection */ /* add packet to the connection */
@@ -203,7 +202,8 @@ int process_udp(u_char *userdata, const dp_header *header,
} else { } else {
/* else: unknown connection, create new */ /* else: unknown connection, create new */
connection = new Connection(packet); connection = new Connection(packet);
getProcess(connection, args->device); unknownudp->connections = new ConnList(connection, unknownudp->connections);
//getProcess(connection, args->device);
} }
delete packet; delete packet;

14
src/process.cpp
View File

@@ -41,7 +41,7 @@
#include "conninode.h" #include "conninode.h"
extern timeval curtime; extern timeval curtime;
extern bool catchall;
/* /*
* connection-inode table. takes information from /proc/net/tcp. * connection-inode table. takes information from /proc/net/tcp.
* key contains source ip, source port, destination ip, destination * key contains source ip, source port, destination ip, destination
@@ -72,11 +72,15 @@ float tokbps(u_int64_t bytes) { return (((double)bytes) / PERIOD) / 1024; }
void process_init() { void process_init() {
unknowntcp = new Process(0, "", "unknown TCP"); unknowntcp = new Process(0, "", "unknown TCP");
// unknownudp = new Process (0, "", "unknown UDP");
// unknownip = new Process (0, "", "unknown IP");
processes = new ProcList(unknowntcp, NULL); processes = new ProcList(unknowntcp, NULL);
// processes = new ProcList (unknownudp, processes);
// processes = new ProcList (unknownip, processes); if(catchall)
{
unknownudp = new Process (0, "", "unknown UDP");
processes = new ProcList (unknownudp, processes);
// unknownip = new Process (0, "", "unknown IP");
// processes = new ProcList (unknownip, processes);
}
} }
int Process::getLastPacket() { int Process::getLastPacket() {