diff options
| author | yangwei <[email protected]> | 2021-09-24 14:23:54 +0800 |
|---|---|---|
| committer | yangwei <[email protected]> | 2021-09-24 14:23:54 +0800 |
| commit | 453d33171739e9978f4fad0eab07a16f7240b55c (patch) | |
| tree | 0adb4f6ceae306a53a7d03946f8f60cd9bac0e70 /src/tcpdump.c | |
| parent | ca549c5d44f61de1eb5bf7422b5af84493c50d32 (diff) | |
🐞 fix(print_packt and dump_packet): 读包模式下开启-g,对v4和v6头同时进行bpfv1.0.10
Diffstat (limited to 'src/tcpdump.c')
| -rw-r--r-- | src/tcpdump.c | 110 |
1 files changed, 53 insertions, 57 deletions
diff --git a/src/tcpdump.c b/src/tcpdump.c index 13a4cf3..84b9a80 100644 --- a/src/tcpdump.c +++ b/src/tcpdump.c @@ -3077,48 +3077,44 @@ dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) static void MESA_dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *raw_pkt) { - //char modify_pkt_buf[2048]; - int inner_pkt_len; - + int ipv4_inner_pkt_len; + int ipv6_inner_pkt_len; + + int bpf_match_ipv4 = 0, bpf_match_ipv6 = 0; + ++packets_captured; ++infodelay; - //memcpy(modify_pkt_buf, raw_pkt, h->caplen >= 2048? 2048:h->caplen); - //inner_pkt_len = MESA_dump_seek_to_inner(modify_pkt_buf, h->caplen); - //if(inner_pkt_len < 0){ - // return; - //} struct mesa_ip4_hdr *ip4hdr_greedy; struct mesa_ip6_hdr *ip6hdr_greedy; - const unsigned char *inner_iphdr = NULL; + const unsigned char *ipv4_inner_iphdr = NULL; + const unsigned char *ipv6_inner_iphdr = NULL; ip4hdr_greedy = (struct mesa_ip4_hdr *)MESA_jump_layer_greedy(raw_pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V4); if(ip4hdr_greedy) { - inner_iphdr = (const unsigned char *)ip4hdr_greedy; - inner_pkt_len = h->caplen - ((const u_char *)ip4hdr_greedy - raw_pkt) ; + ipv4_inner_iphdr = (const unsigned char *)ip4hdr_greedy; + ipv4_inner_pkt_len = h->caplen - ((const u_char *)ip4hdr_greedy - raw_pkt) ; } - else - { - ip6hdr_greedy = (struct mesa_ip6_hdr *)MESA_jump_layer_greedy(raw_pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V6); - if(ip6hdr_greedy) - { - inner_iphdr = (const unsigned char *)ip6hdr_greedy; - inner_pkt_len = h->caplen - ((const u_char *)ip6hdr_greedy - raw_pkt); - } - else - { - return; - } - - } - + ip6hdr_greedy = (struct mesa_ip6_hdr *)MESA_jump_layer_greedy(raw_pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V6); + if(ip6hdr_greedy) + { + ipv6_inner_iphdr = (const unsigned char *)ip6hdr_greedy; + ipv6_inner_pkt_len = h->caplen - ((const u_char *)ip6hdr_greedy - raw_pkt); + } - if(has_bpf_filter_flag != 0){ - if(0 == bpf_filter(fcode.bf_insns, - (const unsigned char *)inner_iphdr, inner_pkt_len, inner_pkt_len)){ - return; - } - } + if (has_bpf_filter_flag != 0) + { + if (ip4hdr_greedy) + { + bpf_match_ipv4 = bpf_filter(fcode.bf_insns, (const unsigned char *)ipv4_inner_iphdr, ipv4_inner_pkt_len, ipv4_inner_pkt_len); + } + if (ip6hdr_greedy) + { + bpf_match_ipv6 = bpf_filter(fcode.bf_insns, (const unsigned char *)ipv6_inner_iphdr, ipv6_inner_pkt_len, ipv6_inner_pkt_len); + } + if (bpf_match_ipv4 == 0 && bpf_match_ipv6 == 0) + return; + } /* -w参数要存储包, 实际存储的包还是用原始报文, 只是BPF用内层过滤 */ pcap_dump(user, h, raw_pkt); @@ -3163,8 +3159,6 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) static void MESA_dump_print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *pkt) { - int inner_pkt_len; - #if 0 /* 此函数仅用于tcpdump屏幕打印, 直接修改pkt原始包, 避免再copy一次, 节约点CPU */ inner_pkt_len = MESA_dump_seek_to_inner(pkt, h->caplen); @@ -3183,38 +3177,40 @@ MESA_dump_print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char * ((struct pcap_pkthdr *)h)->caplen = (unsigned int)inner_pkt_len; ((struct pcap_pkthdr *)h)->len = (unsigned int)inner_pkt_len; #else + int ipv4_inner_pkt_len; + int ipv6_inner_pkt_len; + + int bpf_match_ipv4 = 0, bpf_match_ipv6 = 0; struct mesa_ip4_hdr *ip4hdr_greedy; struct mesa_ip6_hdr *ip6hdr_greedy; - const unsigned char *inner_iphdr = NULL; + const unsigned char *ipv4_inner_iphdr = NULL; + const unsigned char *ipv6_inner_iphdr = NULL; ip4hdr_greedy = (struct mesa_ip4_hdr *)MESA_jump_layer_greedy(pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V4); if(ip4hdr_greedy) { - inner_iphdr = (const unsigned char *)ip4hdr_greedy; - inner_pkt_len = h->caplen - ((const unsigned char *)ip4hdr_greedy - pkt); + ipv4_inner_iphdr = (const unsigned char *)ip4hdr_greedy; + ipv4_inner_pkt_len = h->caplen - ((const unsigned char *)ip4hdr_greedy - pkt); } - else + ip6hdr_greedy = (struct mesa_ip6_hdr *)MESA_jump_layer_greedy(pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V6); + if (ip6hdr_greedy) { - ip6hdr_greedy = (struct mesa_ip6_hdr *)MESA_jump_layer_greedy(pkt, ADDR_TYPE_MAC, __ADDR_TYPE_IP_PAIR_V6); - if(ip6hdr_greedy) - { - inner_iphdr = (const unsigned char *)ip6hdr_greedy; - inner_pkt_len = h->caplen - ((const unsigned char *)ip6hdr_greedy - pkt); - } - else - { - return; - } - + ipv6_inner_iphdr = (const unsigned char *)ip6hdr_greedy; + ipv6_inner_pkt_len = h->caplen - ((const unsigned char *)ip6hdr_greedy - pkt); } - if (has_bpf_filter_flag != 0) - { - if (0 == bpf_filter(fcode.bf_insns, - (const unsigned char *)inner_iphdr, inner_pkt_len, inner_pkt_len)) - { - return; - } - } + if (has_bpf_filter_flag != 0) + { + if (ip4hdr_greedy) + { + bpf_match_ipv4 = bpf_filter(fcode.bf_insns, (const unsigned char *)ipv4_inner_iphdr, ipv4_inner_pkt_len, ipv4_inner_pkt_len); + } + if (ip6hdr_greedy) + { + bpf_match_ipv6 = bpf_filter(fcode.bf_insns, (const unsigned char *)ipv6_inner_iphdr, ipv6_inner_pkt_len, ipv6_inner_pkt_len); + } + if (bpf_match_ipv4 == 0 && bpf_match_ipv6 == 0) + return; + } #endif print_packet(user, h, pkt); |