diff options
| author | zhuzhenjun <[email protected]> | 2023-10-23 14:54:19 +0800 |
|---|---|---|
| committer | zhuzhenjun <[email protected]> | 2023-10-23 14:57:38 +0800 |
| commit | e80ae01d6826e5bc30cf8229f7d8c8cfcf29466e (patch) | |
| tree | cf7a43ba5617e872410b216f71f83e0a4afa2621 /example | |
| parent | 50e455bf8e3e24d579ee60cf242c45ac7b9f5eb3 (diff) | |
test: show prefilter stats8-p0f
Diffstat (limited to 'example')
| -rw-r--r-- | example/osfp_example.c | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/example/osfp_example.c b/example/osfp_example.c index a9b3017..7924e73 100644 --- a/example/osfp_example.c +++ b/example/osfp_example.c @@ -431,7 +431,7 @@ const char *PrintInet(int af, const void *src, char *dst, socklen_t size) void example_detect(struct osfp_db *osfp_db, Packet *p) { int ret; - char str_buf[1024] = ""; + char str_buf[2048] = ""; //unsigned char *iph = (unsigned char *)(p->iph != NULL ? (void *)p->iph : (void *)p->ip6h); struct iphdr *iph; struct ip6_hdr *ip6h; @@ -449,14 +449,19 @@ void example_detect(struct osfp_db *osfp_db, Packet *p) struct osfp_fingerprint fp = {0}; + if (iph) { + osfp_fingerprinting((unsigned char*)iph, (unsigned char*)tcph, tcph_len, &fp, 4); + } else if (ip6h) { + osfp_fingerprinting((unsigned char*)iph, (unsigned char*)tcph, tcph_len, &fp, 6); + } else { + goto exit; + } osfp_profile_get_cycle(c1); if (iph) { result = osfp_ipv4_identify(osfp_db, iph, tcph, tcph_len); - osfp_fingerprinting(iph, tcph, tcph_len, &fp, 4); } else if (ip6h) { result = osfp_ipv6_identify(osfp_db, ip6h, tcph, tcph_len); - osfp_fingerprinting(iph, tcph, tcph_len, &fp, 6); } else { goto exit; } @@ -475,15 +480,20 @@ void example_detect(struct osfp_db *osfp_db, Packet *p) char *json = osfp_result_score_detail_export(result); - osfp_fingerprint_to_json_buf(&fp, str_buf, 2048, 0); - printf("%s\n", str_buf); - - if (1) { + if (debug_enable) { + if (p->tcph->ack) { + printf("--------------------------- SYN/ACK\n"); + } else { + printf("--------------------------- SYN\n"); + } + osfp_fingerprint_to_json_buf(&fp, str_buf, 2048, 0); + printf("%s\n", str_buf); printf("Example ipv4 header detect: --------------------------\n"); printf("Connection info: %s:%d -> %s:%d\n", p->srcip, p->sp, p->dstip, p->dp); printf("Most likely os class: %s\n", osfp_result_os_name_get(result)); printf("Details:\n"); printf("%s\n", json); + fflush(stdout); } exit: @@ -510,11 +520,6 @@ void process_packet(char *user, struct pcap_pkthdr *h, u_char *pkt) goto exit; } - if (p->tcph->ack) { - printf("--------------------------- SYN/ACK\n"); - } else { - printf("--------------------------- SYN\n"); - } if (p->iph) { PrintInet(AF_INET, (const void *)&(p->src.addr_data32[0]), p->srcip, sizeof(p->srcip)); @@ -555,6 +560,8 @@ static void signal_handler(int signum) printf("%s: %u\n", osfp_os_class_id_to_name(i), result_os_count[i]); } + fflush(stdout); + exit(0); } |