1 files changed, 99 insertions, 0 deletions
diff --git a/src/firemon/arp.c b/src/firemon/arp.c
new file mode 100644
index 000000000..71beb0630
--- /dev/null
+++ b/src/firemon/arp.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include "firemon.h"
+#define MAXBUF 4096
+static void print_arp(const char *fname) {
+        FILE *fp = fopen(fname, "r");
+        if (!fp)
+                return;
+        
+        printf("  ARP Table:\n");
+        char buf[MAXBUF];
+        while (fgets(buf, MAXBUF, fp)) {
+                // remove blanks, \n
+                char *ptr = buf;
+                while (*ptr == ' ' || *ptr == '\t')
+                        ptr++;
+                char *start = ptr;
+                if (*start == '\0')
+                        continue;
+                ptr = strchr(ptr, '\n');
+                if (ptr)
+                        *ptr = '\0';
+                // remove table header
+                //IP address       HW type     Flags       HW address            Mask     Device
+                if (strncmp(start, "IP address", 10) == 0)
+                        continue;
+                // extract data
+                char ip[64];
+                char type[64];
+                char flags[64];
+                char mac[64];
+                char mask[64];
+                char device[64];
+                int rv = sscanf(start, "%s %s %s %s %s %s\n", ip, type, flags, mac, mask, device);
+                if (rv != 6)
+                        continue;
+                
+                // destination ip
+                unsigned a, b, c, d;
+                if (sscanf(ip, "%u.%u.%u.%u", &a, &b, &c, &d) != 4 || a > 255 || b > 255 || c > 255 || d > 255)
+                        continue;
+                uint32_t destip = a * 0x1000000 + b * 0x10000 + c * 0x100 + d;
+                if (strcmp(flags, "0x0") == 0)
+                        printf("     %d.%d.%d.%d dev %s FAILED\n",
+                                PRINT_IP(destip), device);
+                else
+                        printf("     %d.%d.%d.%d dev %s lladdr %s REACHABLE\n",
+                                PRINT_IP(destip), device, mac);
+        }
+        
+        fclose(fp);
+}
+void arp(pid_t pid) {
+        if (getuid() == 0)
+                firemon_drop_privs();
+        
+        pid_read(pid);
+        
+        // print processes
+        int i;
+        for (i = 0; i < max_pids; i++) {
+                if (pids[i].level == 1) {
+                        pid_print_list(i, 0);
+                        int child = find_child(i);
+                        if (child != -1) {
+                                char *fname;
+                                if (asprintf(&fname, "/proc/%d/net/arp", child) == -1)
+                                        errExit("asprintf");
+                                print_arp(fname);
+                                free(fname);
+                                printf("\n");
+                        }
+                }
+        }
+}

diff --git a/src/firemon/arp.c b/src/firemon/arp.c new file mode 100644 index 000000000..71beb0630 --- /dev/null +++ b/src/firemon/arp.c
@@ -0,0 +1,99 @@
	1	/*
	2	* Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20	#include "firemon.h"
	21	#define MAXBUF 4096
	22
	23	static void print_arp(const char *fname) {
	24	FILE *fp = fopen(fname, "r");
	25	if (!fp)
	26	return;
	27
	28	printf(" ARP Table:\n");
	29	char buf[MAXBUF];
	30	while (fgets(buf, MAXBUF, fp)) {
	31	// remove blanks, \n
	32	char *ptr = buf;
	33	while (ptr == ' ' \|\| ptr == '\t')
	34	ptr++;
	35	char *start = ptr;
	36	if (*start == '\0')
	37	continue;
	38	ptr = strchr(ptr, '\n');
	39	if (ptr)
	40	*ptr = '\0';
	41
	42	// remove table header
	43	//IP address HW type Flags HW address Mask Device
	44	if (strncmp(start, "IP address", 10) == 0)
	45	continue;
	46
	47	// extract data
	48	char ip[64];
	49	char type[64];
	50	char flags[64];
	51	char mac[64];
	52	char mask[64];
	53	char device[64];
	54	int rv = sscanf(start, "%s %s %s %s %s %s\n", ip, type, flags, mac, mask, device);
	55	if (rv != 6)
	56	continue;
	57
	58	// destination ip
	59	unsigned a, b, c, d;
	60	if (sscanf(ip, "%u.%u.%u.%u", &a, &b, &c, &d) != 4 \|\| a > 255 \|\| b > 255 \|\| c > 255 \|\| d > 255)
	61	continue;
	62	uint32_t destip = a * 0x1000000 + b * 0x10000 + c * 0x100 + d;
	63	if (strcmp(flags, "0x0") == 0)
	64	printf(" %d.%d.%d.%d dev %s FAILED\n",
	65	PRINT_IP(destip), device);
	66	else
	67	printf(" %d.%d.%d.%d dev %s lladdr %s REACHABLE\n",
	68	PRINT_IP(destip), device, mac);
	69	}
	70
	71	fclose(fp);
	72
	73	}
	74
	75	void arp(pid_t pid) {
	76	if (getuid() == 0)
	77	firemon_drop_privs();
	78
	79	pid_read(pid);
	80
	81	// print processes
	82	int i;
	83	for (i = 0; i < max_pids; i++) {
	84	if (pids[i].level == 1) {
	85	pid_print_list(i, 0);
	86	int child = find_child(i);
	87	if (child != -1) {
	88	char *fname;
	89	if (asprintf(&fname, "/proc/%d/net/arp", child) == -1)
	90	errExit("asprintf");
	91	print_arp(fname);
	92	free(fname);
	93	printf("\n");
	94	}
	95	}
	96	}
	97	}
	98
	99