xX.c 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213
  1. /* $Id$ */
  2. /*
  3. * Copyright (c) 2001-2010 Aaron Turner <aturner at synfin dot net>
  4. * Copyright (c) 2013-2024 Fred Klassen <tcpreplay at appneta dot com> - AppNeta
  5. *
  6. * The Tcpreplay Suite of tools is free software: you can redistribute it
  7. * and/or modify it under the terms of the GNU General Public License as
  8. * published by the Free Software Foundation, either version 3 of the
  9. * License, or with the authors permission any later version.
  10. *
  11. * The Tcpreplay Suite is distributed in the hope that it will be useful,
  12. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. * GNU General Public License for more details.
  15. *
  16. * You should have received a copy of the GNU General Public License
  17. * along with the Tcpreplay Suite. If not, see <http://www.gnu.org/licenses/>.
  18. */
  19. /*
  20. * xX stands for "include or exclude" which is used with the
  21. * -x and -X flags
  22. *
  23. * Functions for use to process args for or check data against in
  24. * tcpreplay/do_packets and tcpprep.
  25. */
  26. #include "defines.h"
  27. #include "config.h"
  28. #include "common.h"
  29. #include <stdlib.h>
  30. /**
  31. * returns the include_exclude_mode on success placing the CIDR or LIST in mybuf
  32. * but on failure, returns xXError
  33. */
  34. int
  35. parse_xX_str(tcpr_xX_t *xX, char *str, tcpr_bpf_t *bpf)
  36. {
  37. int out;
  38. dbgx(1, "Parsing string: %s", str);
  39. dbgx(1, "Switching on: %c", str[0]);
  40. switch (str[0]) {
  41. case 'B': /* both ip's */
  42. str = str + 2;
  43. out = xXBoth;
  44. if (!parse_cidr(&(xX->cidr), str, ","))
  45. return xXError;
  46. break;
  47. case 'D': /* dst ip */
  48. str = str + 2;
  49. out = xXDest;
  50. if (!parse_cidr(&(xX->cidr), str, ","))
  51. return xXError;
  52. break;
  53. case 'E': /* either ip */
  54. str = str + 2;
  55. out = xXEither;
  56. if (!parse_cidr(&(xX->cidr), str, ","))
  57. return xXError;
  58. break;
  59. case 'F': /* bpf filter */
  60. str = str + 2;
  61. out = xXBPF;
  62. bpf->filter = safe_strdup(str);
  63. /*
  64. * note: it's temping to compile the BPF here, but we don't
  65. * yet know what the link type is for the file, so we have
  66. * to compile the BPF once we open the pcap file
  67. */
  68. break;
  69. case 'P': /* packet id */
  70. str = str + 2;
  71. out = xXPacket;
  72. if (!parse_list(&(xX->list), str))
  73. return xXError;
  74. break;
  75. case 'S': /* source ip */
  76. str = str + 2;
  77. out = xXSource;
  78. if (!parse_cidr(&(xX->cidr), str, ","))
  79. return xXError;
  80. break;
  81. default:
  82. errx(-1, "Invalid -%c option: %c", xX->mode, *str);
  83. }
  84. if (xX->mode == 'X') { /* run in exclude mode */
  85. out += xXExclude;
  86. if (bpf->filter != NULL)
  87. err(-1,
  88. "Using a BPF filter with -X doesn't work.\n"
  89. "Try using -xF:\"not <filter>\" instead");
  90. }
  91. xX->mode = out;
  92. return xX->mode;
  93. }
  94. /**
  95. * compare the source/destination IP address according to the mode
  96. * and return 1 if we should send the packet or 0 if not
  97. */
  98. int
  99. process_xX_by_cidr_ipv4(int mode, tcpr_cidr_t *cidr, ipv4_hdr_t *ip_hdr)
  100. {
  101. if (mode & xXExclude) {
  102. /* Exclude mode */
  103. switch (mode ^ xXExclude) {
  104. case xXSource:
  105. /* note: check_ip_cidr() returns TCPR_DIR_C2S for true, TCPR_DIR_S2C for false
  106. * and NOT true/false or 1/0, etc!
  107. */
  108. return check_ip_cidr(cidr, ip_hdr->ip_src.s_addr) ? DONT_SEND : SEND;
  109. case xXDest:
  110. return check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) ? DONT_SEND : SEND;
  111. case xXBoth:
  112. return (check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) && check_ip_cidr(cidr, ip_hdr->ip_src.s_addr))
  113. ? DONT_SEND
  114. : SEND;
  115. case xXEither:
  116. return (check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) || check_ip_cidr(cidr, ip_hdr->ip_src.s_addr))
  117. ? DONT_SEND
  118. : SEND;
  119. }
  120. } else {
  121. /* Include Mode */
  122. switch (mode) {
  123. case xXSource:
  124. return check_ip_cidr(cidr, ip_hdr->ip_src.s_addr) ? SEND : DONT_SEND;
  125. case xXDest:
  126. return check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) ? SEND : DONT_SEND;
  127. case xXBoth:
  128. return (check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) && check_ip_cidr(cidr, ip_hdr->ip_src.s_addr))
  129. ? SEND
  130. : DONT_SEND;
  131. case xXEither:
  132. return (check_ip_cidr(cidr, ip_hdr->ip_dst.s_addr) || check_ip_cidr(cidr, ip_hdr->ip_src.s_addr))
  133. ? SEND
  134. : DONT_SEND;
  135. default:
  136. assert(false);
  137. }
  138. }
  139. /* total failure */
  140. if (mode & xXExclude) {
  141. warn("Unable to determine action in CIDR filter mode. Default: Don't Send.");
  142. return DONT_SEND;
  143. } else {
  144. warn("Unable to determine action in CIDR filter mode. Default: Send.");
  145. return SEND;
  146. }
  147. }
  148. int
  149. process_xX_by_cidr_ipv6(int mode, tcpr_cidr_t *cidr, ipv6_hdr_t *ip6_hdr)
  150. {
  151. if (mode & xXExclude) {
  152. /* Exclude mode */
  153. switch (mode ^ xXExclude) {
  154. case xXSource:
  155. /* note: check_ip_cidr() returns TCPR_DIR_C2S for true, TCPR_DIR_S2C for false
  156. * and NOT true/false or 1/0, etc!
  157. */
  158. return check_ip6_cidr(cidr, &ip6_hdr->ip_src) ? DONT_SEND : SEND;
  159. case xXDest:
  160. return check_ip6_cidr(cidr, &ip6_hdr->ip_dst) ? DONT_SEND : SEND;
  161. case xXBoth:
  162. return (check_ip6_cidr(cidr, &ip6_hdr->ip_dst) && check_ip6_cidr(cidr, &ip6_hdr->ip_src)) ? DONT_SEND
  163. : SEND;
  164. case xXEither:
  165. return (check_ip6_cidr(cidr, &ip6_hdr->ip_dst) || check_ip6_cidr(cidr, &ip6_hdr->ip_src)) ? DONT_SEND
  166. : SEND;
  167. }
  168. } else {
  169. /* Include Mode */
  170. switch (mode) {
  171. case xXSource:
  172. return check_ip6_cidr(cidr, &ip6_hdr->ip_src) ? SEND : DONT_SEND;
  173. case xXDest:
  174. return check_ip6_cidr(cidr, &ip6_hdr->ip_dst) ? SEND : DONT_SEND;
  175. case xXBoth:
  176. return (check_ip6_cidr(cidr, &ip6_hdr->ip_dst) && check_ip6_cidr(cidr, &ip6_hdr->ip_src)) ? SEND
  177. : DONT_SEND;
  178. case xXEither:
  179. return (check_ip6_cidr(cidr, &ip6_hdr->ip_dst) || check_ip6_cidr(cidr, &ip6_hdr->ip_src)) ? SEND
  180. : DONT_SEND;
  181. default:
  182. assert(false);
  183. }
  184. }
  185. /* total failure */
  186. if (mode & xXExclude) {
  187. warn("Unable to determine action in CIDR filter mode. Default: Don't Send.");
  188. return DONT_SEND;
  189. } else {
  190. warn("Unable to determine action in CIDR filter mode. Default: Send.");
  191. return SEND;
  192. }
  193. }