From 281d236835e546a71b96da4045b4998752f89eba Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sun, 16 Jan 2022 08:53:39 -0500 Subject: more on nettrace --- src/fnettrace/fnettrace.h | 1 - src/fnettrace/hostnames.c | 12 ++---- src/fnettrace/main.c | 49 +++++++--------------- src/fnettrace/radix.c | 104 +++++----------------------------------------- src/fnettrace/radix.h | 15 +------ 5 files changed, 29 insertions(+), 152 deletions(-) (limited to 'src/fnettrace') diff --git a/src/fnettrace/fnettrace.h b/src/fnettrace/fnettrace.h index 50c538a71..59b9618a9 100644 --- a/src/fnettrace/fnettrace.h +++ b/src/fnettrace/fnettrace.h @@ -62,6 +62,5 @@ void logprintf(char* fmt, ...); extern int geoip_calls; void load_hostnames(const char *fname); char* retrieve_hostname(uint32_t ip); -void build_list(const char *fname); #endif \ No newline at end of file diff --git a/src/fnettrace/hostnames.c b/src/fnettrace/hostnames.c index 5422166e6..dd92070bf 100644 --- a/src/fnettrace/hostnames.c +++ b/src/fnettrace/hostnames.c @@ -29,7 +29,7 @@ char *retrieve_hostname(uint32_t ip) { if (geoip_not_found) return NULL; geoip_calls++; - + char *rv = NULL; char *cmd; if (asprintf(&cmd, "/usr/bin/geoiplookup %d.%d.%d.%d", PRINT_IP(ip)) == -1) @@ -46,7 +46,7 @@ char *retrieve_hostname(uint32_t ip) { ptr = buf + 22; if (*ptr == ' ' && *(ptr + 3) == ',' && *(ptr + 4) == ' ') { rv = ptr + 5; - radix_add(ip, 0xffffffff, ptr + 5); + rv = radix_add(ip, 0xffffffff, rv); } } } @@ -55,7 +55,7 @@ char *retrieve_hostname(uint32_t ip) { } else geoip_not_found = 1; - + free(cmd); return NULL; @@ -122,9 +122,3 @@ errexit: exit(1); } -void build_list(const char *fname) { - assert(fname); - load_hostnames(fname); - radix_build_list(); -} - diff --git a/src/fnettrace/main.c b/src/fnettrace/main.c index 352d61bbd..d5772328c 100644 --- a/src/fnettrace/main.c +++ b/src/fnettrace/main.c @@ -29,7 +29,6 @@ typedef struct hnode_t { struct hnode_t *hnext; // used for hash table struct hnode_t *dnext; // used to display stremas on the screen uint32_t ip_src; - uint32_t ip_dst; uint32_t bytes; // number of bytes received in the last display interval uint16_t port_src; uint8_t protocol; @@ -46,7 +45,7 @@ HNode *htable[HMAX] = {NULL}; // display linked list HNode *dlist = NULL; -static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16_t port_src, uint32_t bytes) { +static void hnode_add(uint32_t ip_src, uint8_t protocol, uint16_t port_src, uint32_t bytes) { uint8_t h = hash(ip_src); // find @@ -55,7 +54,7 @@ static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16 while (ptr) { if (ptr->ip_src == ip_src) { ip_instance++; - if (ptr->ip_dst == ip_dst && ptr->port_src == port_src && ptr->protocol == protocol) { + if (ptr->port_src == port_src && ptr->protocol == protocol) { ptr->bytes += bytes; return; } @@ -71,7 +70,6 @@ static void hnode_add(uint32_t ip_src, uint32_t ip_dst, uint8_t protocol, uint16 errExit("malloc"); hnew->hostname = NULL; hnew->ip_src = ip_src; - hnew->ip_dst = ip_dst; hnew->port_src = port_src; hnew->protocol = protocol; hnew->hnext = NULL; @@ -119,8 +117,6 @@ static void hnode_free(HNode *elem) { htable[h] = elem->hnext; else prev->hnext = elem->hnext; - if (elem->hostname) - free(elem->hostname); free(elem); } @@ -245,18 +241,12 @@ static void hnode_print(unsigned bw) { else snprintf(bytes, 11, "%u B/s ", (unsigned) (ptr->bytes / DISPLAY_INTERVAL)); - char *hostname = ptr->hostname; - if (!hostname) - hostname = radix_find_last(ptr->ip_src); - if (!hostname) - hostname = retrieve_hostname(ptr->ip_src); - if (!hostname) - hostname = " "; - else { - ptr->hostname = strdup(hostname); - if (!ptr->hostname) - errExit("strdup"); - } + if (!ptr->hostname) + ptr->hostname = radix_longest_prefix_match(ptr->ip_src); + if (!ptr->hostname) + ptr->hostname = retrieve_hostname(ptr->ip_src); + if (!ptr->hostname) + ptr->hostname = " "; unsigned bwunit = bw / DISPLAY_BW_UNITS; char *bwline; @@ -274,13 +264,13 @@ static void hnode_print(unsigned bw) { protocol = "(UDP)"; /* else (ptr->port_src == 443) - protocol = "SSL"; + protocol = "TLS"; else if (ptr->port_src == 53) protocol = "DNS"; */ len = snprintf(line, LINE_MAX, "%10s %s %d.%d.%d.%d:%u%s %s\n", - bytes, bwline, PRINT_IP(ptr->ip_src), ptr->port_src, protocol, hostname); + bytes, bwline, PRINT_IP(ptr->ip_src), ptr->port_src, protocol, ptr->hostname); adjust_line(line, len, cols); printf("%s", line); @@ -360,16 +350,12 @@ static void run_trace(void) { memcpy(&ip_src, buf + 12, 4); ip_src = ntohl(ip_src); - uint32_t ip_dst; - memcpy(&ip_dst, buf + 16, 4); - ip_dst = ntohl(ip_dst); - uint8_t hlen = (buf[0] & 0x0f) * 4; uint16_t port_src; memcpy(&port_src, buf + hlen, 2); port_src = ntohs(port_src); - hnode_add(ip_src, ip_dst, buf[9], port_src, bytes + 14); + hnode_add(ip_src, buf[9], port_src, bytes + 14); } } } @@ -537,7 +523,6 @@ void logprintf(char* fmt, ...) { static void usage(void) { printf("Usage: fnetlock [OPTIONS]\n"); printf("Options:\n"); - printf(" --build=filename - compact list of addresses\n"); printf(" --help, -? - this help screen\n"); printf(" --log=filename - netlocker logfile\n"); printf(" --netfilter - build the firewall rules and commit them.\n"); @@ -552,21 +537,15 @@ int main(int argc, char **argv) { radix_add(0x09000000, 0xff000000, "IBM"); radix_add(0x09090909, 0xffffffff, "Quad9 DNS"); radix_add(0x09000000, 0xff000000, "IBM"); - radix_print(); printf("This test should print \"IBM, Quad9 DNS, IBM\"\n"); - char *name = radix_find_first(0x09090909); + char *name = radix_longest_prefix_match(0x09040404); printf("%s, ", name); - name = radix_find_last(0x09090909); + name = radix_longest_prefix_match(0x09090909); printf("%s, ", name); - name = radix_find_last(0x09322209); + name = radix_longest_prefix_match(0x09322209); printf("%s\n", name); #endif - if (argc == 2 && strncmp(argv[1], "--build=", 8) == 0) { - build_list(argv[1] + 8); - return 0; - } - if (getuid() != 0) { fprintf(stderr, "Error: you need to be root to run this program\n"); return 1; diff --git a/src/fnettrace/radix.c b/src/fnettrace/radix.c index 96d6bcf41..c800c8708 100644 --- a/src/fnettrace/radix.c +++ b/src/fnettrace/radix.c @@ -25,6 +25,12 @@ #include "radix.h" #include "fnettrace.h" +typedef struct rnode_t { + struct rnode_t *zero; + struct rnode_t *one; + char *name; +} RNode; + RNode *head = 0; int radix_nodes = 0; @@ -35,10 +41,7 @@ static inline RNode *addOne(RNode *ptr, uint32_t ip, uint32_t mask, char *name) RNode *node = malloc(sizeof(RNode)); if (!node) errExit("malloc"); - radix_nodes++; memset(node, 0, sizeof(RNode)); - node->ip = ip; - node->mask = mask; if (name) { node->name = strdup(name); if (!node->name) @@ -57,8 +60,6 @@ static inline RNode *addZero(RNode *ptr, uint32_t ip, uint32_t mask, char *name) if (!node) errExit("malloc"); memset(node, 0, sizeof(RNode)); - node->ip = ip; - node->mask = mask; if (name) { node->name = strdup(name); if (!node->name) @@ -71,7 +72,7 @@ static inline RNode *addZero(RNode *ptr, uint32_t ip, uint32_t mask, char *name) // add to radix tree -void radix_add(uint32_t ip, uint32_t mask, char *name) { +char *radix_add(uint32_t ip, uint32_t mask, char *name) { assert(name); uint32_t m = 0x80000000; uint32_t lastm = 0; @@ -80,6 +81,7 @@ void radix_add(uint32_t ip, uint32_t mask, char *name) { memset(head, 0, sizeof(RNode)); } RNode *ptr = head; + radix_nodes++; int i; for (i = 0; i < 32; i++, m >>= 1) { @@ -99,32 +101,12 @@ void radix_add(uint32_t ip, uint32_t mask, char *name) { if (!ptr->name) errExit("strdup"); } -} - -// find first match -char *radix_find_first(uint32_t ip) { - if (!head) - return NULL; - uint32_t m = 0x80000000; - RNode *ptr = head; - - int i; - for (i = 0; i < 32; i++, m >>= 1) { - if (m & ip) - ptr = ptr->one; - else - ptr = ptr->zero; - if (!ptr) - return NULL; - if (ptr->name) - return ptr->name; - } - return NULL; + return ptr->name; } // find last match -char *radix_find_last(uint32_t ip) { +char *radix_longest_prefix_match(uint32_t ip) { if (!head) return NULL; @@ -147,69 +129,3 @@ char *radix_find_last(uint32_t ip) { return (rv)? rv->name: NULL; } -static void radix_print_node(RNode *ptr, int level) { - assert(ptr); - - int i; - for (i = 0; i < level; i++) - printf(" "); - printf("%08x %08x", ptr->ip, ptr->mask); - if (ptr->name) - printf(" (%s)\n", ptr->name); - else - printf(" (NULL)\n"); - - if (ptr->zero) - radix_print_node(ptr->zero, level + 1); - if (ptr->one) - radix_print_node(ptr->one, level + 1); -} - -void radix_print(void) { - if (!head) { - printf("radix tree is empty\n"); - return; - } - - printf("radix IPv4 tree\n"); - radix_print_node(head, 0); -} - - -static inline int mask2cidr(uint32_t mask) { - uint32_t m = 0x80000000; - int i; - int cnt = 0; - for (i = 0; i < 32; i++, m = m >> 1) { - if (mask & m) - cnt++; - } - - return cnt; -} - -static void radix_build_list_node(RNode *ptr) { - assert(ptr); - - - if (ptr->name) { - printf("%d.%d.%d.%d/%d %s\n", PRINT_IP(ptr->ip), mask2cidr(ptr->mask), ptr->name); - return; - } - else { - if (ptr->zero) - radix_build_list_node(ptr->zero); - if (ptr->one) - radix_build_list_node(ptr->one); - } -} - -void radix_build_list(void) { - if (!head) { - printf("radix tree is empty\n"); - return; - } - - radix_build_list_node(head); -} - diff --git a/src/fnettrace/radix.h b/src/fnettrace/radix.h index ed7ae0cb7..c22c5c547 100644 --- a/src/fnettrace/radix.h +++ b/src/fnettrace/radix.h @@ -20,19 +20,8 @@ #ifndef RADIX_H #define RADIX_H -typedef struct rnode_t { - struct rnode_t *zero; - struct rnode_t *one; - uint32_t ip; - uint32_t mask; - char *name; -} RNode; - extern int radix_nodes; -char *radix_find_first(uint32_t ip); -char *radix_find_last(uint32_t ip); -void radix_add(uint32_t ip, uint32_t mask, char *name); -void radix_print(void); -void radix_build_list(void); +char *radix_longest_prefix_match(uint32_t ip); +char *radix_add(uint32_t ip, uint32_t mask, char *name); #endif \ No newline at end of file -- cgit v1.2.3-70-g09d2