1 /* tcp-portmon.c - libtcp-portmon hooks
3 * Copyright (C) 2008 Phil Sutter <Phil@nwl.cc>
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "tcp-portmon.h"
23 #include "libtcp-portmon.h"
25 static tcp_port_monitor_collection_t *pmc = NULL;
26 static tcp_port_monitor_args_t pma;
28 int tcp_portmon_init(const char *arg, struct tcp_port_monitor_data *pmd)
30 int argc, port_begin, port_end, item, connection_index;
33 memset(itembuf, 0, sizeof(itembuf));
35 /* massive argument checking */
37 CRIT_ERR("tcp_portmon: needs arguments");
39 argc = sscanf(arg, "%d %d %31s %d", &port_begin, &port_end, itembuf,
41 if ((argc != 3) && (argc != 4)) {
42 CRIT_ERR("tcp_portmon: requires 3 or 4 arguments");
44 if ((port_begin < 1) || (port_begin > 65535) || (port_end < 1)
45 || (port_end > 65535)) {
46 CRIT_ERR("tcp_portmon: port values must be from 1 to 65535");
48 if (port_begin > port_end) {
49 CRIT_ERR("tcp_portmon: starting port must be <= ending port");
51 if (strncmp(itembuf, "count", 31) == EQUAL) {
53 } else if (strncmp(itembuf, "rip", 31) == EQUAL) {
55 } else if (strncmp(itembuf, "rhost", 31) == EQUAL) {
57 } else if (strncmp(itembuf, "rport", 31) == EQUAL) {
59 } else if (strncmp(itembuf, "rservice", 31) == EQUAL) {
61 } else if (strncmp(itembuf, "lip", 31) == EQUAL) {
63 } else if (strncmp(itembuf, "lhost", 31) == EQUAL) {
65 } else if (strncmp(itembuf, "lport", 31) == EQUAL) {
67 } else if (strncmp(itembuf, "lservice", 31) == EQUAL) {
70 CRIT_ERR("tcp_portmon: invalid item specified");
72 if ((argc == 3) && (item != COUNT)) {
73 CRIT_ERR("tcp_portmon: 3 argument form valid only for \"count\" "
76 if ((argc == 4) && (connection_index < 0)) {
77 CRIT_ERR("tcp_portmon: connection index must be non-negative");
79 /* ok, args looks good. save the text object data */
80 pmd->port_range_begin = (in_port_t) port_begin;
81 pmd->port_range_end = (in_port_t) port_end;
83 pmd->connection_index = connection_index;
85 /* if the port monitor collection hasn't been created,
86 * we must create it */
88 pmc = create_tcp_port_monitor_collection();
90 CRIT_ERR("tcp_portmon: unable to create port monitor "
95 /* if a port monitor for this port does not exist,
96 * create one and add it to the collection */
97 if (find_tcp_port_monitor(pmc, port_begin, port_end) == NULL) {
98 tcp_port_monitor_t *p_monitor = create_tcp_port_monitor(port_begin,
102 CRIT_ERR("tcp_portmon: unable to create port monitor");
104 /* add the newly created monitor to the collection */
105 if (insert_tcp_port_monitor_into_collection(pmc, p_monitor) != 0) {
106 CRIT_ERR("tcp_portmon: unable to add port monitor to "
113 int tcp_portmon_action(char *p, int p_max_size, struct tcp_port_monitor_data *pmd)
115 tcp_port_monitor_t *p_monitor;
117 /* grab a pointer to this port monitor */
118 p_monitor = find_tcp_port_monitor(pmc, pmd->port_range_begin,
119 pmd->port_range_end);
122 snprintf(p, p_max_size, "monitor not found");
126 /* now grab the text of interest */
127 if (peek_tcp_port_monitor(p_monitor, pmd->item,
128 pmd->connection_index, p, p_max_size) != 0) {
129 snprintf(p, p_max_size, "monitor peek error");
135 int tcp_portmon_update(void)
137 update_tcp_port_monitor_collection(pmc);
141 int tcp_portmon_clear(void)
143 destroy_tcp_port_monitor_collection(pmc);
148 int tcp_portmon_set_max_connections(int max)
151 pma.max_port_monitor_connections =
152 MAX_PORT_MONITOR_CONNECTIONS_DEFAULT;
154 pma.max_port_monitor_connections = max;
156 return (max < 0) ? 1 : 0;