Navigation

← Previous Changeset
Next Changeset →

Changeset 574

Timestamp:

06/25/06 00:34:08 (3 years ago)

Author:

common

Message:

nepenthes
- module-honeytrap

minor cleanups, formatting, indenting

Files:

nepenthes/trunk/modules/module-honeytrap/module-honeytrap.cpp (modified) (6 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

nepenthes/trunk/modules/module-honeytrap/module-honeytrap.cpp

r573	r574
249	249	{
250	250	#ifdef HAVE_IPFW
251		if ((m_DivertSocket = socket(PF_INET, SOCK_RAW, IPPROTO_~~DIVERT~~)) == -1)
	251	if ((m_DivertSocket = socket(PF_INET, SOCK_RAW, IPPROTO_IPFW)) == -1)
252	252	{
253	253	logCrit("Could not create divert socket for ipfw %s\n",strerror(errno));
…	…
291	291	}
292	292
293		string bpf_filter_string = "tcp[tcpflags] & tcp-rst != 0 ";
	293	string bpf_filter_string = "tcp[tcpflags] & tcp-rst != 0 and tcp[4:4] = 0 ";
294	294
295	295	pcap_if_t *alldevsp = NULL;
…	…
334	334	logSpam("\t\t\tdstaddr %s\n",inet_ntoa((struct in_addr) &(((struct sockaddr_in *)addr->dstaddr)->sin_addr)));
335	335
336		if (~~bpf_filter_string_addition == ""~~)
	336	if ( bpf_filter_string_addition == "" )
337	337	{
338		bpf_filter_string_addition += string("src host ") +
339		string(inet_ntoa((struct in_addr) &(((struct sockaddr_in *)addr->addr)->sin_addr))) +
340		string(" ");
341		}else
	338	bpf_filter_string_addition += string("src host ") +
	339	string(inet_ntoa((struct in_addr) &(((struct sockaddr_in *)addr->addr)->sin_addr))) +
	340	string(" ");
	341	}
	342	else
342	343	{
343		bpf_filter_string_addition += string("or src host ") +
344		string(inet_ntoa((struct in_addr) &(((struct sockaddr_in *)addr->addr)->sin_addr))) +
345		string(" ");
	344	bpf_filter_string_addition += string("or src host ") +
	345	string(inet_ntoa((struct in_addr) &(((struct sockaddr_in *)addr->addr)->sin_addr))) +
	346	string(" ");
346	347	}
347	348
…	…
391	392	if (bpf_filter_string_addition != "")
392	393	{
393		bpf_filter_string += "and (" + bpf_filter_string_addition + ")";
	394	bpf_filter_string += "and ( " + bpf_filter_string_addition + ")";
394	395	}
395	396
…	…
593	594	if ( ntohl(tcp->th_seq) != 0 )
594	595	return 0;
	596
595	597	logInfo("Got RST packet from localhost:%i %i\n",ntohs(tcp->th_sport),tcp->th_sport);
	598	printIPpacket((unsigned char *)ip,ip->ip_len);
596	599
597	600	Socket *sock = g_Nepenthes->getSocketMgr()->bindTCPSocket(INADDR_ANY,ntohs(tcp->th_sport),600,60);
…	…
832	835	ntohs(ip->ip_len) );
833	836
834		logSpam(" \| ~~%s -->~~ " ,
	837	logSpam(" \|- Source %s \n" ,
835	838	inet_ntoa(ip->ip_src) );
836	839
837		logSpam("%s \n" ,
	840	logSpam(" \|- Destionation %s \n" ,
838	841	inet_ntoa(ip->ip_dst) );
839	842

Navigation

Changeset 574

Legend:

nepenthes/trunk/modules/module-honeytrap/module-honeytrap.cpp

Download in other formats: