working new interface
This commit is contained in:
Zakir Durumeric
@ -80,6 +80,9 @@ int fds_get_index_by_name(fielddefset_t *fds, char *name)
|
||||
|
||||
void fs_free(fieldset_t *fs)
|
||||
{
|
||||
if (!fs) {
|
||||
return;
|
||||
}
|
||||
for (int i=0; i < fs->len; i++) {
|
||||
field_t *f = &(fs->fields[i]);
|
||||
if (f->free_) {
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
|
||||
static FILE *file = NULL;
|
||||
|
||||
int csv_init(struct state_conf *conf, fielddefset_t *fds)
|
||||
int csv_init(struct state_conf *conf, char **fields, int fieldlens)
|
||||
{
|
||||
assert(conf);
|
||||
if (conf->output_filename) {
|
||||
@ -34,15 +34,18 @@ int csv_init(struct state_conf *conf, fielddefset_t *fds)
|
||||
conf->output_filename);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
log_warn("csv", "no output file selected. "
|
||||
"no results will be provided.");
|
||||
}
|
||||
if (fieldlens > 1 && file) {
|
||||
for (int i=0; i < fieldlens; i++) {
|
||||
if (i) {
|
||||
fprintf(file, ", ");
|
||||
}
|
||||
fprintf(file, "%s", fields[i]);
|
||||
}
|
||||
}
|
||||
//// add output headers
|
||||
(void)fds;
|
||||
//for (int i=0; i < fds->len; i++) {
|
||||
// if (i) {
|
||||
// fprintf(file, ", ");
|
||||
// }
|
||||
// fprintf(file, "%s", fds->fielddefs[i].name);
|
||||
//}
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
@ -66,6 +69,9 @@ static void hex_encode(FILE *f, unsigned char* readbuf, size_t len)
|
||||
|
||||
int csv_process(fieldset_t *fs)
|
||||
{
|
||||
if (!file) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
for (int i=0; i < fs->len; i++) {
|
||||
field_t *f = &(fs->fields[i]);
|
||||
if (i) {
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
#include "../fieldset.h"
|
||||
|
||||
// called at scanner initialization
|
||||
typedef int (*output_init_cb)(struct state_conf *, fielddefset_t *fds);
|
||||
typedef int (*output_init_cb)(struct state_conf *, char **fields, int fieldslen);
|
||||
|
||||
// called on packet receipt
|
||||
typedef int (*output_packet_cb)(fieldset_t *fs);
|
||||
|
||||
26
src/recv.c
26
src/recv.c
@ -119,13 +119,20 @@ void packet_cb(u_char __attribute__((__unused__)) *user,
|
||||
} else {
|
||||
zrecv.failure_total++;
|
||||
}
|
||||
|
||||
fieldset_t *o = NULL;
|
||||
// we need to translate the data provided by the probe module
|
||||
// into a fieldset that can be used by the output module
|
||||
fieldset_t *o = translate_fieldset(fs, &zconf.fsconf.translation);
|
||||
if (!is_success && zconf.filter_unsuccessful) {
|
||||
goto cleanup;
|
||||
}
|
||||
if (is_repeat && zconf.filter_duplicates) {
|
||||
goto cleanup;
|
||||
}
|
||||
o = translate_fieldset(fs, &zconf.fsconf.translation);
|
||||
if (zconf.output_module && zconf.output_module->process_ip) {
|
||||
zconf.output_module->process_ip(o);
|
||||
}
|
||||
cleanup:
|
||||
fs_free(fs);
|
||||
free(o);
|
||||
if (zconf.output_module && zconf.output_module->update
|
||||
@ -158,14 +165,14 @@ int recv_run(pthread_mutex_t *recv_ready_mutex)
|
||||
num_src_ports = zconf.source_port_last - zconf.source_port_first + 1;
|
||||
ip_seen = calloc(IP_SEEN_SIZE, sizeof(uint64_t));
|
||||
if (!ip_seen) {
|
||||
log_fatal("recv", "couldn't allocate address bitmap");
|
||||
log_fatal("recv", "could not allocate address bitmap");
|
||||
}
|
||||
log_debug("recv", "using dev %s", zconf.iface);
|
||||
char errbuf[PCAP_ERRBUF_SIZE];
|
||||
pc = pcap_open_live(zconf.iface, zconf.probe_module->pcap_snaplen,
|
||||
PCAP_PROMISC, PCAP_TIMEOUT, errbuf);
|
||||
if (pc == NULL) {
|
||||
log_fatal("recv", "couldn't open device %s: %s",
|
||||
log_fatal("recv", "could not open device %s: %s",
|
||||
zconf.iface, errbuf);
|
||||
}
|
||||
struct bpf_program bpf;
|
||||
@ -176,6 +183,17 @@ int recv_run(pthread_mutex_t *recv_ready_mutex)
|
||||
log_fatal("recv", "couldn't install filter");
|
||||
}
|
||||
log_debug("recv", "receiver ready");
|
||||
if (zconf.filter_duplicates) {
|
||||
log_debug("recv", "duplicate responses will be excluded from output");
|
||||
} else {
|
||||
log_debug("recv", "duplicate responses will be included in output");
|
||||
}
|
||||
if (zconf.filter_unsuccessful) {
|
||||
log_debug("recv", "unsuccessful responses will be excluded from output");
|
||||
} else {
|
||||
log_debug("recv", "unsuccessful responses will be included in output");
|
||||
}
|
||||
|
||||
pthread_mutex_lock(recv_ready_mutex);
|
||||
zconf.recv_ready = 1;
|
||||
pthread_mutex_unlock(recv_ready_mutex);
|
||||
|
||||
@ -44,6 +44,8 @@ struct state_conf zconf = {
|
||||
.dryrun = 0,
|
||||
.quiet = 0,
|
||||
.summary = 0,
|
||||
.filter_duplicates = 0,
|
||||
.filter_unsuccessful = 0,
|
||||
.recv_ready = 0,
|
||||
};
|
||||
|
||||
|
||||
@ -83,6 +83,8 @@ struct state_conf {
|
||||
int dryrun;
|
||||
int summary;
|
||||
int quiet;
|
||||
int filter_duplicates;
|
||||
int filter_unsuccessful;
|
||||
int recv_ready;
|
||||
};
|
||||
extern struct state_conf zconf;
|
||||
|
||||
42
src/zmap.c
42
src/zmap.c
@ -211,7 +211,8 @@ static void start_zmap(void)
|
||||
|
||||
// initialization
|
||||
if (zconf.output_module && zconf.output_module->init) {
|
||||
zconf.output_module->init(&zconf, &zconf.fsconf.outdefs);
|
||||
zconf.output_module->init(&zconf, zconf.output_fields,
|
||||
zconf.output_fields_len);
|
||||
}
|
||||
if (send_init()) {
|
||||
exit(EXIT_FAILURE);
|
||||
@ -376,11 +377,38 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
// parse the provided probe and output module s.t. that we can support
|
||||
// other command-line helpers (e.g. probe help)
|
||||
zconf.output_module = get_output_module_by_name(args.output_module_arg);
|
||||
if (!zconf.output_module) {
|
||||
fprintf(stderr, "%s: specified output module (%s) does not exist\n",
|
||||
CMDLINE_PARSER_PACKAGE, args.output_module_arg);
|
||||
exit(EXIT_FAILURE);
|
||||
if (!args.output_module_given) {
|
||||
zconf.output_module = get_output_module_by_name("csv");
|
||||
zconf.raw_output_fields = (char*) "saddr";
|
||||
zconf.filter_duplicates = 1;
|
||||
zconf.filter_unsuccessful = 1;
|
||||
} else if (!strcmp(args.output_module_arg, "simple_file")) {
|
||||
log_warn("zmap", "the simple_file output interface has been deprecated and "
|
||||
"will be removed in the future. Users should use the csv "
|
||||
"output module. Newer scan options such as output-fields "
|
||||
"are not supported with this output module.");
|
||||
zconf.output_module = get_output_module_by_name("csv");
|
||||
zconf.raw_output_fields = (char*) "saddr";
|
||||
zconf.filter_duplicates = 1;
|
||||
zconf.filter_unsuccessful = 1;
|
||||
} else if (!strcmp(args.output_module_arg, "extended_file")) {
|
||||
log_warn("zmap", "the extended_file output interface has been deprecated and "
|
||||
"will be removed in the future. Users should use the csv "
|
||||
"output module. Newer scan options such as output-fields "
|
||||
"are not supported with this output module.");
|
||||
zconf.output_module = get_output_module_by_name("csv");
|
||||
zconf.raw_output_fields = (char*) "classification, saddr, "
|
||||
"daddr, sport, dport, "
|
||||
"seqnum, acknum, cooldown, "
|
||||
"repeat, timstamp-str";
|
||||
zconf.filter_duplicates = 0;
|
||||
} else {
|
||||
zconf.output_module = get_output_module_by_name(args.output_module_arg);
|
||||
if (!zconf.output_module) {
|
||||
fprintf(stderr, "%s: specified output module (%s) does not exist\n",
|
||||
CMDLINE_PARSER_PACKAGE, args.output_module_arg);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
zconf.probe_module = get_probe_module_by_name(args.probe_module_arg);
|
||||
if (!zconf.probe_module) {
|
||||
@ -424,7 +452,7 @@ int main(int argc, char *argv[])
|
||||
// process the list of requested output fields.
|
||||
if (args.output_fields_given) {
|
||||
zconf.raw_output_fields = args.output_fields_arg;
|
||||
} else {
|
||||
} else if (!zconf.raw_output_fields) {
|
||||
zconf.raw_output_fields = (char*) "saddr";
|
||||
}
|
||||
split_string(zconf.raw_output_fields, &(zconf.output_fields_len),
|
||||
|
||||
Reference in New Issue
Block a user