1 /* tcp-portmon.c - libtcp-portmon hooks
3 * Copyright (C) 2008 Phil Sutter <Phil@nwl.cc>
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "tcp-portmon.h"
22 #include "libtcp-portmon.h"
24 static tcp_port_monitor_collection_t *pmc = NULL;
25 static tcp_port_monitor_args_t pma;
27 int tcp_portmon_init(const char *arg, struct tcp_port_monitor_data *pmd)
29 int argc, port_begin, port_end, item, connection_index;
32 memset(itembuf, 0, sizeof(itembuf));
34 /* massive argument checking */
36 CRIT_ERR("tcp_portmon: needs arguments");
38 argc = sscanf(arg, "%d %d %31s %d", &port_begin, &port_end, itembuf,
40 if ((argc != 3) && (argc != 4)) {
41 CRIT_ERR("tcp_portmon: requires 3 or 4 arguments");
43 if ((port_begin < 1) || (port_begin > 65535) || (port_end < 1)
44 || (port_end > 65535)) {
45 CRIT_ERR("tcp_portmon: port values must be from 1 to 65535");
47 if (port_begin > port_end) {
48 CRIT_ERR("tcp_portmon: starting port must be <= ending port");
50 if (strncmp(itembuf, "count", 31) == EQUAL) {
52 } else if (strncmp(itembuf, "rip", 31) == EQUAL) {
54 } else if (strncmp(itembuf, "rhost", 31) == EQUAL) {
56 } else if (strncmp(itembuf, "rport", 31) == EQUAL) {
58 } else if (strncmp(itembuf, "rservice", 31) == EQUAL) {
60 } else if (strncmp(itembuf, "lip", 31) == EQUAL) {
62 } else if (strncmp(itembuf, "lhost", 31) == EQUAL) {
64 } else if (strncmp(itembuf, "lport", 31) == EQUAL) {
66 } else if (strncmp(itembuf, "lservice", 31) == EQUAL) {
69 CRIT_ERR("tcp_portmon: invalid item specified");
71 if ((argc == 3) && (item != COUNT)) {
72 CRIT_ERR("tcp_portmon: 3 argument form valid only for \"count\" "
75 if ((argc == 4) && (connection_index < 0)) {
76 CRIT_ERR("tcp_portmon: connection index must be non-negative");
78 /* ok, args looks good. save the text object data */
79 pmd->port_range_begin = (in_port_t) port_begin;
80 pmd->port_range_end = (in_port_t) port_end;
82 pmd->connection_index = connection_index;
84 /* if the port monitor collection hasn't been created,
85 * we must create it */
87 pmc = create_tcp_port_monitor_collection();
89 CRIT_ERR("tcp_portmon: unable to create port monitor "
94 /* if a port monitor for this port does not exist,
95 * create one and add it to the collection */
96 if (find_tcp_port_monitor(pmc, port_begin, port_end) == NULL) {
97 tcp_port_monitor_t *p_monitor = create_tcp_port_monitor(port_begin,
101 CRIT_ERR("tcp_portmon: unable to create port monitor");
103 /* add the newly created monitor to the collection */
104 if (insert_tcp_port_monitor_into_collection(pmc, p_monitor) != 0) {
105 CRIT_ERR("tcp_portmon: unable to add port monitor to "
112 int tcp_portmon_action(char *p, int p_max_size, struct tcp_port_monitor_data *pmd)
114 tcp_port_monitor_t *p_monitor;
116 /* grab a pointer to this port monitor */
117 p_monitor = find_tcp_port_monitor(pmc, pmd->port_range_begin,
118 pmd->port_range_end);
121 snprintf(p, p_max_size, "monitor not found");
125 /* now grab the text of interest */
126 if (peek_tcp_port_monitor(p_monitor, pmd->item,
127 pmd->connection_index, p, p_max_size) != 0) {
128 snprintf(p, p_max_size, "monitor peek error");
134 int tcp_portmon_update(void)
136 update_tcp_port_monitor_collection(pmc);
140 int tcp_portmon_clear(void)
142 destroy_tcp_port_monitor_collection(pmc);
147 int tcp_portmon_set_max_connections(int max)
150 pma.max_port_monitor_connections =
151 MAX_PORT_MONITOR_CONNECTIONS_DEFAULT;
153 pma.max_port_monitor_connections = max;
155 return (max < 0) ? 1 : 0;