1 /* -*- mode: c; c-basic-offset: 4; tab-width: 4; indent-tabs-mode: t -*-
2 * vim: ts=4 sw=4 noet ai cindent syntax=c
4 * tcp-portmon.c - libtcp-portmon hooks
6 * Copyright (C) 2008 Phil Sutter <Phil@nwl.cc>
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "tcp-portmon.h"
24 #include "text_object.h"
25 #include "libtcp-portmon.h"
27 static tcp_port_monitor_collection_t *pmc = NULL;
28 static tcp_port_monitor_args_t pma;
30 int tcp_portmon_init(struct text_object *obj, const char *arg)
32 int argc, port_begin, port_end, item, connection_index;
34 struct tcp_port_monitor_data *pmd;
36 memset(itembuf, 0, sizeof(itembuf));
38 /* massive argument checking */
39 argc = sscanf(arg, "%d %d %31s %d", &port_begin, &port_end, itembuf,
41 if ((argc != 3) && (argc != 4)) {
42 CRIT_ERR(NULL, NULL, "tcp_portmon: requires 3 or 4 arguments");
44 if ((port_begin < 1) || (port_begin > 65535) || (port_end < 1)
45 || (port_end > 65535)) {
46 CRIT_ERR(NULL, NULL, "tcp_portmon: port values must be from 1 to 65535");
48 if (port_begin > port_end) {
49 CRIT_ERR(NULL, NULL, "tcp_portmon: starting port must be <= ending port");
51 if (strncmp(itembuf, "count", 31) == EQUAL) {
53 } else if (strncmp(itembuf, "rip", 31) == EQUAL) {
55 } else if (strncmp(itembuf, "rhost", 31) == EQUAL) {
57 } else if (strncmp(itembuf, "rport", 31) == EQUAL) {
59 } else if (strncmp(itembuf, "rservice", 31) == EQUAL) {
61 } else if (strncmp(itembuf, "lip", 31) == EQUAL) {
63 } else if (strncmp(itembuf, "lhost", 31) == EQUAL) {
65 } else if (strncmp(itembuf, "lport", 31) == EQUAL) {
67 } else if (strncmp(itembuf, "lservice", 31) == EQUAL) {
70 CRIT_ERR(NULL, NULL, "tcp_portmon: invalid item specified");
72 if ((argc == 3) && (item != COUNT)) {
73 CRIT_ERR(NULL, NULL, "tcp_portmon: 3 argument form valid only for \"count\" "
76 if ((argc == 4) && (connection_index < 0)) {
77 CRIT_ERR(NULL, NULL, "tcp_portmon: connection index must be non-negative");
79 /* ok, args looks good. save the text object data */
80 pmd = malloc(sizeof(struct tcp_port_monitor_data));
81 memset(pmd, 0, sizeof(struct tcp_port_monitor_data));
82 pmd->port_range_begin = (in_port_t) port_begin;
83 pmd->port_range_end = (in_port_t) port_end;
85 pmd->connection_index = connection_index;
86 obj->data.opaque = pmd;
88 /* if the port monitor collection hasn't been created,
89 * we must create it */
91 pmc = create_tcp_port_monitor_collection();
93 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to create port monitor "
98 /* if a port monitor for this port does not exist,
99 * create one and add it to the collection */
100 if (find_tcp_port_monitor(pmc, port_begin, port_end) == NULL) {
101 tcp_port_monitor_t *p_monitor = create_tcp_port_monitor(port_begin,
105 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to create port monitor");
107 /* add the newly created monitor to the collection */
108 if (insert_tcp_port_monitor_into_collection(pmc, p_monitor) != 0) {
109 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to add port monitor to "
116 int tcp_portmon_action(struct text_object *obj, char *p, int p_max_size)
118 struct tcp_port_monitor_data *pmd = obj->data.opaque;
119 tcp_port_monitor_t *p_monitor;
124 /* grab a pointer to this port monitor */
125 p_monitor = find_tcp_port_monitor(pmc, pmd->port_range_begin,
126 pmd->port_range_end);
129 snprintf(p, p_max_size, "monitor not found");
133 /* now grab the text of interest */
134 if (peek_tcp_port_monitor(p_monitor, pmd->item,
135 pmd->connection_index, p, p_max_size) != 0) {
136 snprintf(p, p_max_size, "monitor peek error");
142 int tcp_portmon_update(void)
144 update_tcp_port_monitor_collection(pmc);
148 int tcp_portmon_clear(void)
150 destroy_tcp_port_monitor_collection(pmc);
155 int tcp_portmon_set_max_connections(int max)
158 pma.max_port_monitor_connections =
159 MAX_PORT_MONITOR_CONNECTIONS_DEFAULT;
161 pma.max_port_monitor_connections = max;
163 return (max < 0) ? 1 : 0;
166 void tcp_portmon_free(struct text_object *obj)
168 if (obj->data.opaque) {
169 free(obj->data.opaque);
170 obj->data.opaque = NULL;