Navigation

← Previous Changeset
Next Changeset →

Changeset 1625

Timestamp:

05/28/08 21:32:07 (3 months ago)

Author:

till

Message:

honeytrap
- reworked NFQ stream monitor hooking to prevent unbinding errors
- hex2bin tool: Command line switch for byte order swapping added

Files:

honeytrap/trunk/ChangeLog (modified) (1 diff)
honeytrap/trunk/src/ctrl.c (modified) (2 diffs)
honeytrap/trunk/src/nfqmon.c (modified) (2 diffs)
honeytrap/trunk/src/nfqmon.h (modified) (1 diff)
honeytrap/trunk/tools/hex2bin.c (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeytrap/trunk/ChangeLog

r1567	r1625
4	4	- Fix: Improper logging of IP address pairs
5	5	- Nebula submission plugin
	6	- reworked NFQ stream monitor hooking to prevent unbinding errors
	7	- hex2bin tool: Command line switch for byte order swapping added
6	8	Version 1.0.0
7	9	- Improved configure script

honeytrap/trunk/src/ctrl.c

r1404	r1625
23	23	#include "honeytrap.h"
24	24	#include "logging.h"
	25	#include "nfqmon.h"
25	26	#include "pcapmon.h"
26	27	#include "plugin.h"
…	…
59	60	void clean_exit(int status) {
60	61	#ifdef USE_PCAP_MON
61		/* free bpf filter string */
	62	// free bpf filter string
	63	logmsg(LOG_DEBUG, 1, "Freeing BPF filter string.\n");
62	64	free(bpf_filter_string);
	65	#endif
	66	#ifdef USE_NFQ_MON
	67	// unhook from netfilter-queue
	68	if (h) {
	69	logmsg(LOG_DEBUG, 1, "Destroying NFQ handle.\n");
	70	if (qh && nfq_destroy_queue(qh) != 0) {
	71	logmsg(LOG_ERR, 1, "Error - Could not destroy NFQ handle: %m.\n");
	72	}
	73
	74	logmsg(LOG_DEBUG, 1, "Unhooking NFQ connection monitor.\n");
	75	if (nfq_close(h) != 0) {
	76	logmsg(LOG_ERR, 1, "Error - Could not close NFQ connection monitor: %m.\n");
	77	}
	78	}
63	79	#endif
64	80

honeytrap/trunk/src/nfqmon.c

r1361	r1625
144	144
145	145	int start_nfq_mon(void) {
146		~~struct nfq_handle *h;~~
147	146	struct nfnl_handle *nh;
148	147	int nfq_fd, rv;
…	…
163	162	}
164	163
165		if (nfq_unbind_pf(h, AF_INET) < 0) {
166		logmsg(LOG_ERR, 1, "Error - Could not unbind existing NFQ handle: %m.\n");
167		logmsg(LOG_ERR, 1, "Do you have root privileges?\n");
168		clean_exit(EXIT_FAILURE);
169		}
	164	if (nfq_unbind_pf(h, AF_INET) < 0)
	165	logmsg(LOG_WARN, 1, "Warning - Could not unbind existing NFQ handle: %m.\n");
170	166
171	167	if (nfq_bind_pf(h, AF_INET) < 0) {
172	168	logmsg(LOG_ERR, 1, "Error - Could not bind existing NFQ handle: %m.\n");
	169	logmsg(LOG_ERR, 1, "Do you have root privileges?\n");
	170
	171	h = NULL;
173	172	clean_exit(EXIT_FAILURE);
174	173	}

honeytrap/trunk/src/nfqmon.h

r1131 r1625

20 20
21 21 int id;
22 struct nfq_handle *h;
22 23 struct nfq_q_handle *qh;
23 24

honeytrap/trunk/tools/hex2bin.c

r1279	r1625
1	1	/* hex2bin.c
2		* Copyright (C) 2006-2007 Tillmann Werner <tillmann.werner@gmx.de>
	2	* Copyright (C) 2006-2008 Tillmann Werner <tillmann.werner@gmx.de>
3	3	*
4	4	* This file is free software; as a special exception the author gives
…	…
18	18	*/
19	19
	20	#include <errno.h>
	21	#include <stdio.h>
20	22	#include <stdlib.h>
21		~~#include <stdio.h>~~
22	23	#include <string.h>
23		#include <~~errno~~.h>
	24	#include <unistd.h>
24	25
25	26	int main(int argc, char *argv[]) {
26		u_char chr;
27		int retval;
	27	char option;
	28	u_char buf[4];
	29	unsigned int chr[2];
	30	int swap, retval;
28	31	FILE *file;
29	32
30		if (argc < 2) {
31		fprintf(stderr, "Error - No filename given.\n");
32		exit(1);
	33	swap = 0;
	34
	35	// process args
	36	while((option = getopt(argc, argv, "sh?")) > 0) {
	37	switch(option) {
	38	case 's':
	39	swap = 1;
	40	break;
	41	case 'h':
	42	case '?':
	43	default:
	44	printf("Usage: %s [-s] file (-s swaps byte order)\n", argv[0]);
	45	exit(EXIT_SUCCESS);
	46	}
33	47	}
34	48
35		/* open file */
36		if ((file = fopen(argv[1], "r")) == NULL) {
	49	// open file
	50	if (argc - optind < 1) {
	51	fprintf(stderr, "Error - No filename given.\n");
	52	exit(EXIT_FAILURE);
	53	}
	54	if ((file = fopen(argv[optind++], "r")) == NULL) {
37	55	fprintf(stderr, "Error - Unable to open file: %s.\n", strerror(errno));
38		exit(1);
	56	exit(EXIT_FAILURE);
39	57	}
40	58
	59	// process data
41	60	errno = 0;
42		while((retval = fscanf(file, "%2x", &chr)) > 0) fprintf(stdout, "%c", chr);
43		if ((retval = EOF) && errno) fprintf(stderr, "Error - Unable to read from file: %s.\n", strerror(errno));
	61	for (;;) switch ((retval = fread(&buf, 2, 2, file))) {
	62	case 0:
	63	fclose(file);
	64	if ((retval = EOF) && errno) {
	65	fprintf(stderr, "Error - Unable to read from file: %s.\n", strerror(errno));
	66	exit(EXIT_FAILURE);
	67	}
	68	exit(EXIT_SUCCESS);
	69	case 1:
	70	sscanf((char *) buf, "%2x", &chr[0]);
	71	fprintf(stdout, "%c", chr[0]);
	72	break;
	73	case 2:
	74	sscanf((char *) buf, "%2x%2x", &chr[0], &chr[1]);
	75	fprintf(stdout, "%c%c", swap ? chr[1] : chr[0], swap ? chr[0] : chr[1]);
	76	break;
	77	}
44	78
45		fclose(file);
46		return(0);
	79	exit(EXIT_SUCCESS); // never reached
47	80	}

r1131	r1625
20	20
21	21	int id;
	22	struct nfq_handle *h;
22	23	struct nfq_q_handle *qh;
23	24