Changeset 575
- Timestamp:
- 06/25/06 00:38:14 (3 years ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
nepenthes/trunk/modules/module-honeytrap/Makefile.am
r569 r575 7 7 AM_CPPFLAGS = -I$(top_srcdir)/nepenthes-core/include -I$(top_srcdir)/nepenthes-core/src -pipe -D _GNU_SOURCE -I/usr/include/libipq 8 8 AM_CXXFLAGS = -Wall -Werror 9 AM_LDFLAGS = -lpcap -lipq9 AM_LDFLAGS = -lpcap 10 10 11 11 pkglib_LTLIBRARIES = modulehoneytrap.la nepenthes/trunk/modules/module-honeytrap/module-honeytrap.cpp
r574 r575 31 31 #include <sys/socket.h> 32 32 #include <arpa/inet.h> 33 #include <netpacket/packet.h>33 //#include <netpacket/packet.h> 34 34 #include <net/ethernet.h> /* the L2 protocols */ 35 35 #include <netinet/in.h> … … 356 356 break; 357 357 358 case AF_PACKET:358 // case AF_PACKET: 359 359 /* logSpam("\t\tAF_PACKET\n"); 360 360 logSpam("\t\t\ttype %i %i\n",((struct sockaddr_ll*)addr->addr)->sll_family,AF_PACKET); … … 375 375 376 376 */ 377 break;377 // break; 378 378 379 379 … … 700 700 char buf[2024]; 701 701 702 // bzero(&m_DivertSin,sizeof(struct sockaddr_in)); 703 m_DivertSinLen = sizeof(m_DivertSin); 702 704 if ( (len = recvfrom(m_DivertSocket, buf, sizeof(buf), 0,(struct sockaddr *)&m_DivertSin, &m_DivertSinLen)) == -1 ) 703 705 { … … 706 708 } 707 709 710 711 const struct libnet_ipv4_hdr* ip; 712 713 ip = (struct libnet_ipv4_hdr*)buf; 714 715 int hlen = ip->ip_hl * 4; 716 717 const struct libnet_tcp_hdr* tcp; 718 tcp = (struct libnet_tcp_hdr*) ((u_char *)buf+hlen); 719 720 708 721 // I'll add processing once i have access on a fbsd box with divert sockets enabled 709 logWarn("You are too early, the processing logic for data from divert sockets is a todo"); 710 722 // logWarn("You are too early, the processing logic for data from divert sockets is a todo"); 723 // g_Nepenthes->getUtilities()->hexdump((byte *)buf,len); 724 printIPpacket((unsigned char *)buf,len); 725 726 if ( isPortListening(ntohs(tcp->th_dport),*(uint32_t *)&(ip->ip_dst)) == false ) 727 { 728 logInfo("Connection to unbound port %i requested, binding port\n",ntohs(tcp->th_dport)); 729 730 Socket *sock = g_Nepenthes->getSocketMgr()->bindTCPSocket(INADDR_ANY,ntohs(tcp->th_dport),60,60); 731 if ( sock != NULL ) 732 { 733 734 DialogueFactory *diaf; 735 if ( (diaf = g_Nepenthes->getFactoryMgr()->getFactory("WinNTShell DialogueFactory")) == NULL ) 736 { 737 logCrit("No WinNTShell DialogueFactory availible \n"); 738 return 1; 739 } 740 741 sock->addDialogueFactory(diaf); 742 } 743 } 744 711 745 712 746 if ( sendto(m_DivertSocket, buf, len, 0,(struct sockaddr *)&m_DivertSin, m_DivertSinLen) == -1 ) nepenthes/trunk/modules/module-honeytrap/module-honeytrap.hpp
r573 r575 29 29 30 30 #define HAVE_PCAP 31 #define HAVE_IPQ 31 //#define HAVE_IPQ 32 33 #define HAVE_IPFW 32 34 33 35 #ifdef HAVE_PCAP
