2 * pcap-dag.c: Packet capture interface for Endace DAG card.
4 * The functionality of this code attempts to mimic that of pcap-linux as much
5 * as possible. This code is compiled in several different ways depending on
6 * whether DAG_ONLY and HAVE_DAG_API are defined. If HAVE_DAG_API is not
7 * defined it should not get compiled in, otherwise if DAG_ONLY is defined then
8 * the 'dag_' function calls are renamed to 'pcap_' equivalents. If DAG_ONLY
9 * is not defined then nothing is altered - the dag_ functions will be
10 * called as required from their pcap-linux/bpf equivalents.
12 * Author: Richard Littin, Sean Irvine ({richard,sean}@reeltwo.com)
15 * 2003 May - Jesper Peterson <support@endace.com>
16 * Code shuffled around to suit fad-xxx.c structure
17 * Added atexit() handler to stop DAG if application is too lazy
18 * 2003 September - Koryn Grant <koryn@endace.com>
19 * Added support for nonblocking operation.
20 * Added support for processing more than a single packet in pcap_dispatch().
21 * Fixed bug in loss counter code.
22 * Improved portability of loss counter code (e.g. use UINT_MAX instead of 0xffff).
23 * Removed unused local variables.
24 * Added required headers (ctype.h, limits.h, unistd.h, netinet/in.h).
25 * 2003 October - Koryn Grant <koryn@endace.com.>
26 * Changed semantics to match those of standard pcap on linux.
27 * - packets rejected by the filter are not counted.
31 static const char rcsid[] _U_ =
32 "@(#) $Header: /tcpdump/master/libpcap/pcap-dag.c,v 1.10.2.4 2003/11/21 10:20:45 guy Exp $ (LBL)";
39 #include <sys/param.h> /* optionally get BSD define */
48 #include <netinet/in.h>
50 #include <sys/socket.h>
51 #include <sys/types.h>
54 struct mbuf; /* Squelch compiler warnings on some platforms for */
55 struct rtentry; /* declarations in <net/if.h> */
61 #define MIN_DAG_SNAPLEN 12
62 #define MAX_DAG_SNAPLEN 2040
63 #define ATM_SNAPLEN 48
65 typedef struct pcap_dag_node {
66 struct pcap_dag_node *next;
71 static pcap_dag_node_t *pcap_dags = NULL;
72 static int atexit_handler_installed = 0;
73 static const unsigned short endian_test_word = 0x0100;
75 #define IS_BIGENDIAN() (*((unsigned char *)&endian_test_word))
78 * Swap byte ordering of unsigned long long timestamp on a big endian
81 #define SWAP_TS(ull) ((ull & 0xff00000000000000LL) >> 56) | \
82 ((ull & 0x00ff000000000000LL) >> 40) | \
83 ((ull & 0x0000ff0000000000LL) >> 24) | \
84 ((ull & 0x000000ff00000000LL) >> 8) | \
85 ((ull & 0x00000000ff000000LL) << 8) | \
86 ((ull & 0x0000000000ff0000LL) << 24) | \
87 ((ull & 0x000000000000ff00LL) << 40) | \
88 ((ull & 0x00000000000000ffLL) << 56)
92 /* This code is required when compiling for a DAG device only. */
95 /* Replace dag function names with pcap equivalent. */
96 #define dag_open_live pcap_open_live
97 #define dag_platform_finddevs pcap_platform_finddevs
100 static int dag_setfilter(pcap_t *p, struct bpf_program *fp);
101 static int dag_stats(pcap_t *p, struct pcap_stat *ps);
102 static int dag_set_datalink(pcap_t *p, int dlt);
103 static int dag_get_datalink(pcap_t *p);
104 static int dag_setnonblock(pcap_t *p, int nonblock, char *errbuf);
106 static void delete_pcap_dag(pcap_t *p) {
107 pcap_dag_node_t *curr = NULL, *prev = NULL;
109 for (prev = NULL, curr = pcap_dags;
110 curr != NULL && curr->p != p;
111 prev = curr, curr = curr->next) {
115 if (curr != NULL && curr->p == p) {
117 prev->next = curr->next;
119 pcap_dags = curr->next;
125 * Performs a graceful shutdown of the DAG card, frees dynamic memory held
126 * in the pcap_t structure, and closes the file descriptor for the DAG card.
129 static void dag_platform_close(pcap_t *p) {
132 if (p != NULL && p->md.device != NULL) {
133 if(dag_stop(p->fd) < 0)
134 fprintf(stderr,"dag_stop %s: %s\n", p->md.device, strerror(errno));
135 if(dag_close(p->fd) < 0)
136 fprintf(stderr,"dag_close %s: %s\n", p->md.device, strerror(errno));
142 if(dag_stop(p->fd) < 0)
143 fprintf(stderr,"dag_stop: %s\n", strerror(errno));
144 if(dag_close(p->fd) < 0)
145 fprintf(stderr,"dag_close: %s\n", strerror(errno));
149 /* Note: don't need to call close(p->fd) here as dag_close(p->fd) does this. */
152 static void atexit_handler(void) {
153 while (pcap_dags != NULL) {
154 if (pcap_dags->pid == getpid()) {
155 dag_platform_close(pcap_dags->p);
157 delete_pcap_dag(pcap_dags->p);
162 static int new_pcap_dag(pcap_t *p) {
163 pcap_dag_node_t *node = NULL;
165 if ((node = malloc(sizeof(pcap_dag_node_t))) == NULL) {
169 if (!atexit_handler_installed) {
170 atexit(atexit_handler);
171 atexit_handler_installed = 1;
174 node->next = pcap_dags;
176 node->pid = getpid();
184 * Read at most max_packets from the capture stream and call the callback
185 * for each of them. Returns the number of packets handled, -1 if an
186 * error occured, or -2 if we were told to break out of the loop.
188 static int dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user) {
189 unsigned int processed = 0;
190 int flags = p->md.dag_offset_flags;
191 unsigned int nonblocking = flags & DAGF_NONBLOCK;
195 /* Get the next bufferful of packets (if necessary). */
196 while (p->md.dag_mem_top - p->md.dag_mem_bottom < dag_record_size) {
199 * Has "pcap_breakloop()" been called?
203 * Yes - clear the flag that indicates that
204 * it has, and return -2 to indicate that
205 * we were told to break out of the loop.
211 p->md.dag_mem_top = dag_offset(p->fd, &(p->md.dag_mem_bottom), flags);
212 if ((p->md.dag_mem_top - p->md.dag_mem_bottom < dag_record_size) && nonblocking)
214 /* Pcap is configured to process only available packets, and there aren't any. */
219 /* Process the packets. */
220 while (p->md.dag_mem_top - p->md.dag_mem_bottom >= dag_record_size) {
222 unsigned short packet_len = 0;
224 struct pcap_pkthdr pcap_header;
226 dag_record_t *header = (dag_record_t *)(p->md.dag_mem_base + p->md.dag_mem_bottom);
227 u_char *dp = ((u_char *)header) + dag_record_size;
231 * Has "pcap_breakloop()" been called?
235 * Yes - clear the flag that indicates that
236 * it has, and return -2 to indicate that
237 * we were told to break out of the loop.
249 rlen = ntohs(header->rlen);
251 p->md.dag_mem_bottom += rlen;
253 switch(header->type) {
255 packet_len = ATM_SNAPLEN;
256 caplen = ATM_SNAPLEN;
263 packet_len = header->wlen;
267 packet_len = ntohs(header->wlen);
269 packet_len -= (p->md.dag_fcs_bits >> 3);
270 caplen = rlen - dag_record_size - 2;
271 if (caplen > packet_len)
281 packet_len = header->wlen;
285 packet_len = ntohs(header->wlen);
287 packet_len -= (p->md.dag_fcs_bits >> 3);
288 caplen = rlen - dag_record_size;
289 if (caplen > packet_len)
296 if (caplen > p->snapshot)
297 caplen = p->snapshot;
299 /* Count lost packets. */
301 if (p->md.stat.ps_drop > (UINT_MAX - header->lctr)) {
302 p->md.stat.ps_drop = UINT_MAX;
304 p->md.stat.ps_drop += header->lctr;
308 /* Run the packet filter if there is one. */
309 if ((p->fcode.bf_insns == NULL) || bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen)) {
311 /* convert between timestamp formats */
312 register unsigned long long ts;
316 ts = SWAP_TS(header->ts);
323 pcap_header.ts.tv_sec = ts >> 32;
324 ts = (ts & 0xffffffffULL) * 1000000;
325 ts += 0x80000000; /* rounding */
326 pcap_header.ts.tv_usec = ts >> 32;
327 if (pcap_header.ts.tv_usec >= 1000000) {
328 pcap_header.ts.tv_usec -= 1000000;
329 pcap_header.ts.tv_sec++;
332 /* Fill in our own header data */
333 pcap_header.caplen = caplen;
334 pcap_header.len = packet_len;
336 /* Count the packet. */
337 p->md.stat.ps_recv++;
339 /* Call the user supplied callback function */
340 callback(user, &pcap_header, dp);
342 /* Only count packets that pass the filter, for consistency with standard Linux behaviour. */
344 if (processed == cnt)
346 /* Reached the user-specified limit. */
352 if (nonblocking || processed)
362 * Get a handle for a live capture from the given DAG device. Passing a NULL
363 * device will result in a failure. The promisc flag is ignored because DAG
364 * cards are always promiscuous. The to_ms parameter is also ignored as it is
365 * not supported in hardware.
369 pcap_t *dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf) {
370 char conf[30]; /* dag configure string */
375 if (device == NULL) {
376 snprintf(ebuf, PCAP_ERRBUF_SIZE, "device is NULL: %s", pcap_strerror(errno));
379 /* Allocate a handle for this session. */
381 handle = malloc(sizeof(*handle));
382 if (handle == NULL) {
383 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc %s: %s", device, pcap_strerror(errno));
387 /* Initialize some components of the pcap structure. */
389 memset(handle, 0, sizeof(*handle));
391 if (strstr(device, "/dev") == NULL) {
392 char * newDev = (char *)malloc(strlen(device) + 6);
394 strcat(newDev, "/dev/");
395 strcat(newDev,device);
398 device = strdup(device);
401 if (device == NULL) {
402 snprintf(ebuf, PCAP_ERRBUF_SIZE, "str_dup: %s\n", pcap_strerror(errno));
406 /* setup device parameters */
407 if((handle->fd = dag_open((char *)device)) < 0) {
408 snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_open %s: %s", device, pcap_strerror(errno));
412 /* set the card snap length to the specified snaplen parameter */
413 if (snaplen == 0 || snaplen > MAX_DAG_SNAPLEN) {
414 snaplen = MAX_DAG_SNAPLEN;
415 } else if (snaplen < MIN_DAG_SNAPLEN) {
416 snaplen = MIN_DAG_SNAPLEN;
418 /* snap len has to be a multiple of 4 */
419 snprintf(conf, 30, "varlen slen=%d", (snaplen + 3) & ~3);
421 fprintf(stderr, "Configuring DAG with '%s'.\n", conf);
422 if(dag_configure(handle->fd, conf) < 0) {
423 snprintf(ebuf, PCAP_ERRBUF_SIZE,"dag_configure %s: %s\n", device, pcap_strerror(errno));
427 if((handle->md.dag_mem_base = dag_mmap(handle->fd)) == MAP_FAILED) {
428 snprintf(ebuf, PCAP_ERRBUF_SIZE,"dag_mmap %s: %s\n", device, pcap_strerror(errno));
432 if(dag_start(handle->fd) < 0) {
433 snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_start %s: %s\n", device, pcap_strerror(errno));
438 * Important! You have to ensure bottom is properly
439 * initialized to zero on startup, it won't give you
440 * a compiler warning if you make this mistake!
442 handle->md.dag_mem_bottom = 0;
443 handle->md.dag_mem_top = 0;
445 /* TODO: query the card */
446 handle->md.dag_fcs_bits = 32;
447 if ((s = getenv("ERF_FCS_BITS")) != NULL) {
448 if ((n = atoi(s)) == 0 || n == 16|| n == 32) {
449 handle->md.dag_fcs_bits = n;
451 snprintf(ebuf, PCAP_ERRBUF_SIZE,
452 "pcap_open_live %s: bad ERF_FCS_BITS value (%d) in environment\n", device, n);
457 handle->snapshot = snaplen;
458 /*handle->md.timeout = to_ms; */
460 if ((handle->linktype = dag_get_datalink(handle)) < 0) {
461 snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_get_linktype %s: unknown linktype\n", device);
467 if (new_pcap_dag(handle) < 0) {
468 snprintf(ebuf, PCAP_ERRBUF_SIZE, "new_pcap_dag %s: %s\n", device, pcap_strerror(errno));
473 * "select()" and "poll()" don't (yet) work on DAG device descriptors.
475 handle->selectable_fd = -1;
478 handle->md.device = (char *)device;
480 free((char *)device);
484 handle->read_op = dag_read;
485 handle->setfilter_op = dag_setfilter;
486 handle->set_datalink_op = dag_set_datalink;
487 handle->getnonblock_op = pcap_getnonblock_fd;
488 handle->setnonblock_op = dag_setnonblock;
489 handle->stats_op = dag_stats;
490 handle->close_op = dag_platform_close;
495 if (device != NULL) {
496 free((char *)device);
498 if (handle != NULL) {
505 static int dag_stats(pcap_t *p, struct pcap_stat *ps) {
506 /* This needs to be filled out correctly. Hopefully a dagapi call will
507 provide all necessary information.
509 /*p->md.stat.ps_recv = 0;*/
510 /*p->md.stat.ps_drop = 0;*/
518 * Get from "/proc/dag" all interfaces listed there; if they're
519 * already in the list of interfaces we have, that won't add another
520 * instance, but if they're not, that'll add them.
522 * We don't bother getting any addresses for them.
524 * We also don't fail if we couldn't open "/proc/dag"; we just leave
525 * the list of interfaces as is.
528 dag_platform_finddevs(pcap_if_t **devlistp, char *errbuf)
534 char name[512]; /* XXX - pick a size */
538 /* Quick exit if /proc/dag not readable */
539 proc_dag_f = fopen("/proc/dag", "r");
540 if (proc_dag_f == NULL)
543 char dev[16] = "dagx";
545 for (i = '0'; ret == 0 && i <= '9'; i++) {
547 if (pcap_add_if(devlistp, dev, 0, NULL, errbuf) == -1) {
559 fgets(linebuf, sizeof linebuf, proc_dag_f) != NULL; linenum++) {
562 * Skip the first two lines - they're headers.
569 if (*p == '\0' || *p == '\n' || *p != 'D')
570 continue; /* not a Dag line */
573 * Get the interface name.
576 while (*p != '\0' && *p != ':') {
578 *q++ = tolower(*p++);
585 * Add an entry for this interface, with no addresses.
587 p[strlen(p) - 1] = '\0'; /* get rid of \n */
588 if (pcap_add_if(devlistp, name, 0, strdup(p + 2), errbuf) == -1) {
598 * Well, we didn't fail for any other reason; did we
599 * fail due to an error reading the file?
601 if (ferror(proc_dag_f)) {
602 (void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
603 "Error reading /proc/dag: %s",
604 pcap_strerror(errno));
609 (void)fclose(proc_dag_f);
614 * Installs the given bpf filter program in the given pcap structure. There is
615 * no attempt to store the filter in kernel memory as that is not supported
618 static int dag_setfilter(pcap_t *p, struct bpf_program *fp) {
622 strncpy(p->errbuf, "setfilter: No filter specified",
627 /* Make our private copy of the filter */
629 if (install_bpf_program(p, fp) < 0) {
630 snprintf(p->errbuf, sizeof(p->errbuf),
631 "malloc: %s", pcap_strerror(errno));
641 dag_set_datalink(pcap_t *p, int dlt)
647 dag_setnonblock(pcap_t *p, int nonblock, char *errbuf)
650 * Set non-blocking mode on the FD.
651 * XXX - is that necessary? If not, don't bother calling it,
652 * and have a "dag_getnonblock()" function that looks at
653 * "p->md.dag_offset_flags".
655 if (pcap_setnonblock_fd(p, nonblock, errbuf) < 0)
659 p->md.dag_offset_flags |= DAGF_NONBLOCK;
661 p->md.dag_offset_flags &= ~DAGF_NONBLOCK;
667 dag_get_datalink(pcap_t *p)
671 /* Check the type through a dagapi call.
673 switch(dag_linktype(p->fd)) {
674 case TYPE_HDLC_POS: {
675 dag_record_t *record;
677 /* peek at the first available record to see if it is PPP */
678 while ((p->md.dag_mem_top - p->md.dag_mem_bottom) < (dag_record_size + 4)) {
679 p->md.dag_mem_top = dag_offset(p->fd, &(p->md.dag_mem_bottom), 0);
681 record = (dag_record_t *)(p->md.dag_mem_base + p->md.dag_mem_bottom);
683 if ((ntohl(record->rec.pos.hdlc) & 0xffff0000) == 0xff030000) {
684 linktype = DLT_PPP_SERIAL;
685 fprintf(stderr, "Set DAG linktype to %d (DLT_PPP_SERIAL)\n", linktype);
687 linktype = DLT_CHDLC;
688 fprintf(stderr, "Set DAG linktype to %d (DLT_CHDLC)\n", linktype);
693 linktype = DLT_EN10MB;
694 fprintf(stderr, "Set DAG linktype to %d (DLT_EN10MB)\n", linktype);
697 linktype = DLT_ATM_RFC1483;
698 fprintf(stderr, "Set DAG linktype to %d (DLT_ATM_RFC1483)\n", linktype);
702 fprintf(stderr, "Set DAG linktype to %d (DLT_NULL)\n", linktype);
705 fprintf(stderr, "Unknown DAG linktype %d\n", dag_linktype(p->fd));
projects / dragonfly.git / blob