Annotation of embedaddon/ipguard/ipguard.c, revision 1.1.1.1.2.1

1.1       misho       1: /*  ipguard.c
                      2:  *
                      3:  * Copyright (c) 2010 SeaD <sead at deep.perm.ru>
                      4:  *
                      5:  * Redistribution and use in source and binary forms, with or without
                      6:  * modification, are permitted provided that the following conditions
                      7:  * are met:
                      8:  * 1. Redistributions of source code must retain the above copyright
                      9:  *    notice, this list of conditions and the following disclaimer.
                     10:  * 2. Redistributions in binary form must reproduce the above copyright
                     11:  *    notice, this list of conditions and the following disclaimer in the
                     12:  *    documentation and/or other materials provided with the distribution.
                     13:  *
                     14:  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
                     15:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
                     16:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
                     17:  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
                     18:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
                     19:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
                     20:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
                     21:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
                     22:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
                     23:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
                     24:  * SUCH DAMAGE.
                     25:  *
                     26:  *  $Id: ipguard.c,v 1.18 2010/07/12 03:46:36 sead Exp $
                     27:  *
                     28:  */
                     29: 
                     30: #include "ipguard.h"
                     31: 
                     32: void usage(char *name) {
                     33:     fprintf(stdout, "%s v%s (c) %s <%s>\n\n", NAME, VERSION, AUTHOR, MAIL);
                     34:     fprintf(stdout, "usage: %s [-h] [-ajgrxziovd]\n", name);
                     35:     fprintf(stdout, "    [-f ethers] [-l log] [-p pid] [-m mac] [-c filter] [-u seconds] [-k seconds]\n");
                     36:     fprintf(stdout, "    [-n fakes] [-t mseconds] [-b buf] [-s user] <iface>\n\n");
                     37: }
                     38: 
                     39: void help(void) {
                     40:     fprintf(stdout, "available options:\n");
                     41:     fprintf(stdout, "    -f | -e <ethers>    ethers file (" ETHERSFILE ")\n");
                     42:     fprintf(stdout, "    -l <log>            log file (" LOGNAME "_<iface>.log)\n");
                     43:     fprintf(stdout, "    -p <pid>            pid file (" PIDNAME "_<iface>.pid)\n");
                     44:     fprintf(stdout, "    -m <mac>            fake mac (" FAKEMAC ")\n");
                     45:     fprintf(stdout, "    -c <filter>         pcap expression (none)\n");
                     46:     fprintf(stdout, "    -u <seconds>        update ethers interval (%d)\n", ETHERSTO);
                     47:     fprintf(stdout, "    -k <seconds>        fake regenerate time (%d)\n", FAKEREGEN);
                     48:     fprintf(stdout, "    -n <fakes>          fake replies number (%d)\n", FAKENUM);
                     49:     fprintf(stdout, "    -t <mseconds>       time between fakes (%d)\n", FAKETIME);
                     50:     fprintf(stdout, "    -b <buf>            mac-ip buffer size (%d)\n", BUFSIZE);
                     51:     fprintf(stdout, "    -s <user>           set user (none)\n");
                     52:     fprintf(stdout, "    -a                  no address substitution\n");
                     53:     fprintf(stdout, "    -j                  disable first mac-ip\n");
                     54:     fprintf(stdout, "    -g                  default to grant\n");
                     55:     fprintf(stdout, "    -r                  read only\n");
                     56:     fprintf(stdout, "    -x                  duplex mode\n");
                     57:     fprintf(stdout, "    -z                  fix by broadcast\n");
                     58:     fprintf(stdout, "    -i                  hidden mode\n");
                     59:     fprintf(stdout, "    -o                  promiscuous mode\n");
                     60:     fprintf(stdout, "    -v                  be verbose\n");
                     61:     fprintf(stdout, "    -d[d[d]]            don't fork [debug [more]]\n");
                     62:     fprintf(stdout, "    -h                  this help\n");
                     63: }
                     64: 
                     65: int main(int argc, char *argv[]) {
                     66:     extern char *optarg;
                     67:     extern int optind;
                     68:     int n;
                     69: 
                     70:     if (getuid()) {
                     71:         fprintf(stderr, "error: must be run as root to init libnet\n");
                     72:         exit(EXIT_FAILURE);
                     73:     }
                     74: 
                     75:     srand((unsigned int) getpid());
                     76: 
                     77:     iface[0] = fmac[0] = pfmac[0] = pcapf[0] = log_name[0] = pid_name[0] = suser[0] = '\0';
                     78:     strncpy(ethers_name, ETHERSFILE, PATH_MAX);
                     79:     strncpy(fmac, FAKEMAC, 18);
                     80:     ethers_update = ETHERSTO;
                     81:     fake_regen = FAKEREGEN;
                     82:     fake_num = FAKENUM;
                     83:     fake_time = FAKETIME;
                     84:     buffer_num = BUFSIZE;
                     85:     addr_nosubst = nofirst = grant = read_only = duplex = fixbc = hidden =
                     86:         promisc = debug = verbose = 0;
                     87: 
                     88:     all = good = grat = wgrat = zmac = zip = bad = bmac = bsip =
                     89:         btip = bnew = bgrat = mymac = fake = pfake = nzh = nbe = mis = 0;
                     90: 
                     91:     /*  Still unused letters: q:w:y and all of figures ;)
                     92:     */
                     93: 
                     94:     while ((n = getopt(argc, argv, "f:e:l:p:m:c:s:u:k:n:t:b:ajgrxziovdh")) != EOF) {
                     95:         switch (n) {
                     96:             case 'f':
                     97:             case 'e': strncpy(ethers_name, optarg, PATH_MAX); break;
                     98:             case 'l': strncpy(log_name, optarg, PATH_MAX); break;
                     99:             case 'p': strncpy(pid_name, optarg, PATH_MAX); break;
                    100:             case 'm': strncpy(fmac, optarg, 18); break;
                    101:             case 'c': strncpy(pcapf, optarg, PCAPFSIZ); break;
                    102:             case 's': strncpy(suser, optarg, MAXLOGNAME); break;
                    103:             case 'u': ethers_update = atoi(optarg); break;
                    104:             case 'k': fake_regen = atoi(optarg); break;
                    105:             case 'n': fake_num = atoi(optarg); break;
                    106:             case 't': fake_time = atoi(optarg); break;
                    107:             case 'b': buffer_num = atoi(optarg); break;
                    108:             case 'a': addr_nosubst++; break;
                    109:             case 'j': nofirst++; break;
                    110:             case 'g': grant++; break;
                    111:             case 'r': read_only++; break;
                    112:             case 'x': duplex++; break;
                    113:             case 'z': fixbc++; break;
                    114:             case 'i': hidden++; break;
                    115:             case 'o': promisc++; break;
                    116:             case 'v': verbose++; break;
                    117:             case 'd': debug++; break;
                    118:             case 'h': usage(argv[0]); help(); exit(EXIT_SUCCESS);
                    119:             default: usage(argv[0]); exit(EXIT_FAILURE);
                    120:         }
                    121:     }
                    122:     if (argc > optind) { strncpy(iface, argv[optind], IFNAMSIZ); }
                    123:     else { usage(argv[0]); exit(EXIT_FAILURE); }
                    124: 
                    125:     if (!log_name[0]) snprintf(log_name, PATH_MAX, "%s_%s.log", LOGNAME, iface);
                    126:     if (!pid_name[0]) snprintf(pid_name, PATH_MAX, "%s_%s.pid", PIDNAME, iface);
                    127: 
                    128:     if (!pcapf[0]) strncpy(pcapf, "arp", 3);
                    129:     else { pcapf[PCAPFSIZ-10] = '\0'; strncat(pcapf, " and arp", 8); }
                    130: 
                    131:     log_open();
                    132: 
                    133:     if (verbose) { log_str(NOTICE, "Starting", argv[0]); }
                    134: 
                    135:     if (debug > 1) {
                    136:         fprintf(stderr, "PARAMS:");
                    137:         for (n = 1; n < argc; n++) fprintf(stderr, " %s", argv[n]);
                    138:         fprintf(stderr, "\n");
                    139:         fprintf(stderr, "PCAP FILTER: %s\n", pcapf);
                    140:     }
                    141: 
                    142:     if (!debug) daemonize();
                    143:     pid_creat();
                    144:     packet_init(iface);
                    145:     if (suser[0]) set_user();
                    146:     sig_init();
                    147: 
                    148:     while (1) packet_recv();
                    149: 
                    150:     exit_ipguard(EXIT_SUCCESS);
                    151:     return 0;
                    152: }

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>