Annotation of embedaddon/ipguard/ipguard.c, revision 1.1.1.1.4.1

1.1       misho       1: /*  ipguard.c
                      2:  *
                      3:  * Copyright (c) 2010 SeaD <sead at deep.perm.ru>
                      4:  *
                      5:  * Redistribution and use in source and binary forms, with or without
                      6:  * modification, are permitted provided that the following conditions
                      7:  * are met:
                      8:  * 1. Redistributions of source code must retain the above copyright
                      9:  *    notice, this list of conditions and the following disclaimer.
                     10:  * 2. Redistributions in binary form must reproduce the above copyright
                     11:  *    notice, this list of conditions and the following disclaimer in the
                     12:  *    documentation and/or other materials provided with the distribution.
                     13:  *
                     14:  * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
                     15:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
                     16:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
                     17:  * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
                     18:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
                     19:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
                     20:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
                     21:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
                     22:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
                     23:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
                     24:  * SUCH DAMAGE.
                     25:  *
1.1.1.1.4.1! misho      26:  *  $Id: ipguard.c,v 1.1.1.1 2012/02/21 21:59:41 misho Exp $
1.1       misho      27:  *
                     28:  */
                     29: 
                     30: #include "ipguard.h"
                     31: 
1.1.1.1.4.1! misho      32: 
        !            33: char iface[IFNAMSIZ];
        !            34: char ethers_name[PATH_MAX];
        !            35: char log_name[PATH_MAX];
        !            36: char pid_name[PATH_MAX];
        !            37: char fmac[18];
        !            38: char pcapf[PCAPFSIZ];
        !            39: char suser[MAXLOGNAME];
        !            40: int ethers_update;
        !            41: int fake_regen;
        !            42: int fake_num;
        !            43: int fake_time;
        !            44: int buffer_num;
        !            45: int addr_nosubst;
        !            46: int nofirst;
        !            47: int grant;
        !            48: int read_only;
        !            49: int duplex;
        !            50: int fixbc;
        !            51: int hidden;
        !            52: int promisc;
        !            53: int debug;
        !            54: int verbose;
        !            55: 
        !            56: unsigned int all, good, grat, wgrat, zmac, zip, bad, bmac, bsip, btip,
        !            57:     bnew, bgrat, mymac, fake, pfake, nzh, nbe, mis;
        !            58: char pfmac[18];
        !            59: char s[128+1];
        !            60: 
        !            61: 
1.1       misho      62: void usage(char *name) {
                     63:     fprintf(stdout, "%s v%s (c) %s <%s>\n\n", NAME, VERSION, AUTHOR, MAIL);
                     64:     fprintf(stdout, "usage: %s [-h] [-ajgrxziovd]\n", name);
                     65:     fprintf(stdout, "    [-f ethers] [-l log] [-p pid] [-m mac] [-c filter] [-u seconds] [-k seconds]\n");
                     66:     fprintf(stdout, "    [-n fakes] [-t mseconds] [-b buf] [-s user] <iface>\n\n");
                     67: }
                     68: 
                     69: void help(void) {
                     70:     fprintf(stdout, "available options:\n");
                     71:     fprintf(stdout, "    -f | -e <ethers>    ethers file (" ETHERSFILE ")\n");
                     72:     fprintf(stdout, "    -l <log>            log file (" LOGNAME "_<iface>.log)\n");
                     73:     fprintf(stdout, "    -p <pid>            pid file (" PIDNAME "_<iface>.pid)\n");
                     74:     fprintf(stdout, "    -m <mac>            fake mac (" FAKEMAC ")\n");
                     75:     fprintf(stdout, "    -c <filter>         pcap expression (none)\n");
                     76:     fprintf(stdout, "    -u <seconds>        update ethers interval (%d)\n", ETHERSTO);
                     77:     fprintf(stdout, "    -k <seconds>        fake regenerate time (%d)\n", FAKEREGEN);
                     78:     fprintf(stdout, "    -n <fakes>          fake replies number (%d)\n", FAKENUM);
                     79:     fprintf(stdout, "    -t <mseconds>       time between fakes (%d)\n", FAKETIME);
                     80:     fprintf(stdout, "    -b <buf>            mac-ip buffer size (%d)\n", BUFSIZE);
                     81:     fprintf(stdout, "    -s <user>           set user (none)\n");
                     82:     fprintf(stdout, "    -a                  no address substitution\n");
                     83:     fprintf(stdout, "    -j                  disable first mac-ip\n");
                     84:     fprintf(stdout, "    -g                  default to grant\n");
                     85:     fprintf(stdout, "    -r                  read only\n");
                     86:     fprintf(stdout, "    -x                  duplex mode\n");
                     87:     fprintf(stdout, "    -z                  fix by broadcast\n");
                     88:     fprintf(stdout, "    -i                  hidden mode\n");
                     89:     fprintf(stdout, "    -o                  promiscuous mode\n");
                     90:     fprintf(stdout, "    -v                  be verbose\n");
                     91:     fprintf(stdout, "    -d[d[d]]            don't fork [debug [more]]\n");
                     92:     fprintf(stdout, "    -h                  this help\n");
                     93: }
                     94: 
                     95: int main(int argc, char *argv[]) {
                     96:     extern char *optarg;
                     97:     extern int optind;
                     98:     int n;
                     99: 
                    100:     if (getuid()) {
                    101:         fprintf(stderr, "error: must be run as root to init libnet\n");
                    102:         exit(EXIT_FAILURE);
                    103:     }
                    104: 
                    105:     srand((unsigned int) getpid());
                    106: 
                    107:     iface[0] = fmac[0] = pfmac[0] = pcapf[0] = log_name[0] = pid_name[0] = suser[0] = '\0';
                    108:     strncpy(ethers_name, ETHERSFILE, PATH_MAX);
                    109:     strncpy(fmac, FAKEMAC, 18);
                    110:     ethers_update = ETHERSTO;
                    111:     fake_regen = FAKEREGEN;
                    112:     fake_num = FAKENUM;
                    113:     fake_time = FAKETIME;
                    114:     buffer_num = BUFSIZE;
                    115:     addr_nosubst = nofirst = grant = read_only = duplex = fixbc = hidden =
                    116:         promisc = debug = verbose = 0;
                    117: 
                    118:     all = good = grat = wgrat = zmac = zip = bad = bmac = bsip =
                    119:         btip = bnew = bgrat = mymac = fake = pfake = nzh = nbe = mis = 0;
                    120: 
                    121:     /*  Still unused letters: q:w:y and all of figures ;)
                    122:     */
                    123: 
                    124:     while ((n = getopt(argc, argv, "f:e:l:p:m:c:s:u:k:n:t:b:ajgrxziovdh")) != EOF) {
                    125:         switch (n) {
                    126:             case 'f':
                    127:             case 'e': strncpy(ethers_name, optarg, PATH_MAX); break;
                    128:             case 'l': strncpy(log_name, optarg, PATH_MAX); break;
                    129:             case 'p': strncpy(pid_name, optarg, PATH_MAX); break;
                    130:             case 'm': strncpy(fmac, optarg, 18); break;
                    131:             case 'c': strncpy(pcapf, optarg, PCAPFSIZ); break;
                    132:             case 's': strncpy(suser, optarg, MAXLOGNAME); break;
                    133:             case 'u': ethers_update = atoi(optarg); break;
                    134:             case 'k': fake_regen = atoi(optarg); break;
                    135:             case 'n': fake_num = atoi(optarg); break;
                    136:             case 't': fake_time = atoi(optarg); break;
                    137:             case 'b': buffer_num = atoi(optarg); break;
                    138:             case 'a': addr_nosubst++; break;
                    139:             case 'j': nofirst++; break;
                    140:             case 'g': grant++; break;
                    141:             case 'r': read_only++; break;
                    142:             case 'x': duplex++; break;
                    143:             case 'z': fixbc++; break;
                    144:             case 'i': hidden++; break;
                    145:             case 'o': promisc++; break;
                    146:             case 'v': verbose++; break;
                    147:             case 'd': debug++; break;
                    148:             case 'h': usage(argv[0]); help(); exit(EXIT_SUCCESS);
                    149:             default: usage(argv[0]); exit(EXIT_FAILURE);
                    150:         }
                    151:     }
                    152:     if (argc > optind) { strncpy(iface, argv[optind], IFNAMSIZ); }
                    153:     else { usage(argv[0]); exit(EXIT_FAILURE); }
                    154: 
                    155:     if (!log_name[0]) snprintf(log_name, PATH_MAX, "%s_%s.log", LOGNAME, iface);
                    156:     if (!pid_name[0]) snprintf(pid_name, PATH_MAX, "%s_%s.pid", PIDNAME, iface);
                    157: 
                    158:     if (!pcapf[0]) strncpy(pcapf, "arp", 3);
                    159:     else { pcapf[PCAPFSIZ-10] = '\0'; strncat(pcapf, " and arp", 8); }
                    160: 
                    161:     log_open();
                    162: 
                    163:     if (verbose) { log_str(NOTICE, "Starting", argv[0]); }
                    164: 
                    165:     if (debug > 1) {
                    166:         fprintf(stderr, "PARAMS:");
                    167:         for (n = 1; n < argc; n++) fprintf(stderr, " %s", argv[n]);
                    168:         fprintf(stderr, "\n");
                    169:         fprintf(stderr, "PCAP FILTER: %s\n", pcapf);
                    170:     }
                    171: 
                    172:     if (!debug) daemonize();
                    173:     pid_creat();
                    174:     packet_init(iface);
                    175:     if (suser[0]) set_user();
                    176:     sig_init();
                    177: 
                    178:     while (1) packet_recv();
                    179: 
                    180:     exit_ipguard(EXIT_SUCCESS);
                    181:     return 0;
                    182: }

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>