Changeset 98

Show
Ignore:
Timestamp:
24.11.2002 20:44:49 (6 years ago)
Author:
tibob
Message:

- read data from file
- documentation

Location:
trunk
Files:
6 modified

Legend:

Unmodified
Added
Removed

  • trunk/INSTALL

    r48 r98  
    2323 
    2424        ./configure --prefix=/usr --mandir=/usr/share/man --sysconfdir=/etc 
     25 
     26Configure options 
     27----------------- 
     28--enable-debug-messages         For debug propose, enable debug messages. 
     29        This has a performance cost, so don't use it if not needed. 
     30--enable-ip-check               Check IP packets transmitted by libpcap for 
     31        validity : Version is 4, Length >= 5 and checksum is correct. This has 
     32        a performance cost and on some systems where IP packets are corrupt, 
     33        you may not want this option. When used with --enable-debug-messages, 
     34        ipfm will print a warning when dropping a packet. 
     35        Corrupt packets have been encountered on FreeBSD 4.4 + 3com or Intel 
     36        cards. 
    2537 
    2638Notes 
     
    51635. You must be root ... 
    5264  * to install ipfm packages (.rpm and .deb) 
    53   * to run ipfm 
     65  * to run ipfm (except when using a tcpdump raw log file) 
    5466 
    5567For any questions, remarks, requests, you can join us at ipfm@via.ecp.fr 

  • trunk/TODO

    r97 r98  
    22- RedHat pcap problem 
    33- CPU optimisations in lists (Filter and Data) 
    4 - use a pcap filter to select IP packets (integrate patch from Brieuc and do a non regression test) 
    54- if no packets are received, ipfm does not dump its files. 
    65- ./configure lex and yacc checks do not work as expected (if no yacc or bison is present, does not stop ./configure) 
    7 - add an ipfm.conf option to read packets from a file (to test IPFM without beeing root). 
    8 - document ./configure options in INSTALL 
    96- indication of time of dump in the dump itself (add a comment) 
    107 

  • trunk/doc/ipfm.man

    r78 r98  
    3131] [-h][--help] [-n][--nodaemon] [\-p 
    3232.I pid-file 
    33 ][--pid 
     33] [--pid 
    3434.I pid-file 
     35] [-r 
     36.I file 
     37] [--readfrom 
     38.I file 
    3539] 
    3640 
     
    4549 
    4650.B 
    47 ipfm is developed under Linux libc6 (Debian sid). 
     51ipfm is developed under Linux libc6 (Debian woody and sid). 
    4852 
    4953It was reported to work under Linux libc5 (slackware) and libc6 (RedHat, 
     
    6973.IR __PIDFILE 
    7074is used. 
     75.IP "-r file, --readfrom file" 
     76.I file 
     77is a raw tcpdump log file (créated by using tcpdump -w). When using this option, IPFM will ignore the "device" keyword in the configuration file, read the packets from 
     78.I file 
     79, dump logs and exit. 
    7180 
    7281.SH SIGNALS 

  • trunk/source/init.c

    r83 r98  
    6565extern int line; 
    6666extern char *device; 
    67 extern struct OptionsType Options; 
    6867extern FILE *yyin; 
    6968extern int yyfailed; 
     
    7473  printf("ipfm version %s\n\n", VERSION); 
    7574#ifdef __OS_LINUX__ 
    76   printf("\t-n, --nodaemon:\tdo not run as a daemon\n"); 
     75  printf("\t-n, --nodaemon:\t\tdo not run as a daemon\n"); 
    7776  printf("\t-c <file>, --config <file>:\tspecify an alternate configuration file\n"); 
    78   printf("\t-h, --help:\tdisplay this help and exit\n"); 
     77  printf("\t-h, --help:\t\tdisplay this help and exit\n"); 
    7978  printf("\t-p <file>, --pid <file>:\tspecify an alternate pid file\n"); 
     79  printf("\t-r <file>, --readfrom <file>:\tread packets from file (tcpdump raw format)\n"); 
    8080#else 
    8181  printf("\t-n:\tdo not run as a daemon\n"); 
     
    8383  printf("\t-h:\tdisplay this help and exit\n"); 
    8484  printf("\t-p <file>:\tspecify an alternate pid file\n"); 
     85  printf("\t-r <file>:\tread packets from file (tcpdump raw format)\n"); 
    8586#endif /* __OS_LINUX__ */ 
    8687  printf("\nPlease report bugs to ipfm@via.ecp.fr\n"); 
     
    100101    { "nodaemon", 0, &run_as_daemon, 0 }, 
    101102    { "pidfile", 1, NULL, 0 }, 
     103    { "readfrom", 1, NULL, 0 }, 
    102104    { NULL, 0, NULL, 0 } 
    103105  }; 
     
    106108  Options.ConfigFile = NULL; 
    107109  Options.PidFile = NULL; 
    108  
    109 #ifdef __OS_LINUX__ 
    110   while (EOF != (ch = getopt_long(argc, argv, "hnc:p:", long_options, 
     110  Options.ReadFromFile = NULL; 
     111 
     112#ifdef __OS_LINUX__ 
     113  while (EOF != (ch = getopt_long(argc, argv, "hnc:p:r:", long_options, 
    111114                                 &option_index))) { 
    112115#else 
    113   while (EOF != (ch = getopt(argc, argv, "hnc:p:"))) { 
     116  while (EOF != (ch = getopt(argc, argv, "hnc:p:r:"))) { 
    114117#endif /* __OS_LINUX__ */ 
    115118    switch(ch) {           
     
    129132      case 3: 
    130133        Options.PidFile = xstrdup(optarg); 
     134        break; 
     135      case 4: 
     136        Options.ReadFromFile = xstrdup(optarg); 
    131137        break; 
    132138      } 
     
    142148      Options.PidFile = xstrdup(optarg); 
    143149      break; 
     150    case 'r': 
     151      Options.ReadFromFile = xstrdup(optarg); 
     152      break;       
    144153    case 'h': 
    145154    case '?': 

  • trunk/source/init.h

    r75 r98  
    2828  char *ConfigFile; 
    2929  char *PidFile; 
     30  char *ReadFromFile; 
    3031}; 
    3132 

  • trunk/source/pcap.c

    r96 r98  
    4949extern int promisc; 
    5050extern char *device; 
     51extern struct OptionsType Options; 
    5152 
    5253/* Global variable. This forbids to open 2 pcap descriptors. */ 
     
    108109  } 
    109110 
    110   pcap_global_descriptor = pcap_open_live(device, SNAPLEN, promisc, 0, errbuf); 
     111  if (Options.ReadFromFile == NULL) { 
     112    pcap_global_descriptor = pcap_open_live(device, SNAPLEN, promisc, 
     113                                            0, errbuf); 
     114  } else { 
     115    pcap_global_descriptor = pcap_open_offline(Options.ReadFromFile, errbuf); 
     116  } 
     117 
    111118  if (NULL == pcap_global_descriptor) { 
    112119    fprintf(stderr, "[pcap] error opening pcap: %s\n", errbuf); 
     
    244251 
    245252  if (NULL == pcap_global_descriptor) { 
    246     fprintf(stderr, "[pcap] Can't read non-opened pcap descriptor"); 
     253    fprintf(stderr, "[pcap] Can't read non-opened pcap descriptor\n"); 
    247254  } 
    248255 
     
    252259    if (NULL == packet) { 
    253260      /* if pcap_next returns, there is an error on the link, so we close it and try to reopen it */ 
    254       DEBUG_MSG("pcap_next returned a null pointer [%s]\n", pcap_geterr(pcap_global_descriptor)); 
     261      DEBUG_MSG("pcap_next returned a null pointer [errormessage : %s]\n", pcap_geterr(pcap_global_descriptor)); 
     262      if (Options.ReadFromFile != NULL) { 
     263        /* we reached the end of the file ; dump and exit. */ 
     264        struct AllLogsType *pTempLog; 
     265 
     266        for (pTempLog = pAllLogs; 
     267             NULL != pTempLog; 
     268             pTempLog = pTempLog->Next) { 
     269          data_dump(pTempLog); 
     270          data_clear(pTempLog); 
     271        } 
     272        Exit(0); 
     273      } 
    255274      closepcap(); 
    256275      sleep(2); 
     
    266285    if ( ((struct ip *) packet)->ip_hl < 5 || ((struct ip *) packet)->ip_v != 4 || iphdr_chksum(packet, ((struct ip *) packet)->ip_hl) != 0 ) { 
    267286      /* Not an IP packet */ 
    268       DEBUG_MSG("getnextippkt : dropped a malformed IP packet"); 
     287      DEBUG_MSG("getnextippkt : dropped a malformed IP packet\n"); 
    269288      continue; 
    270289    }