Reworked packet storage to work with sampled data (#883)
This commit is contained in:
parent
fca943d6ba
commit
47bcbc57da
|
@ -3104,7 +3104,7 @@ void process_packet(simple_packet_t& current_packet) {
|
|||
// this code SHOULD NOT be called without mutex!
|
||||
if (current_packet.packet_payload_length > 0 && current_packet.packet_payload_pointer != NULL) {
|
||||
ban_list[current_packet.src_ip].pcap_attack_dump.write_packet(current_packet.packet_payload_pointer,
|
||||
current_packet.packet_payload_length);
|
||||
current_packet.packet_payload_length, current_packet.packet_payload_length);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -3125,7 +3125,7 @@ void process_packet(simple_packet_t& current_packet) {
|
|||
// this code SHOULD NOT be called without mutex!
|
||||
if (current_packet.packet_payload_length > 0 && current_packet.packet_payload_pointer != NULL) {
|
||||
ban_list[current_packet.dst_ip].pcap_attack_dump.write_packet(current_packet.packet_payload_pointer,
|
||||
current_packet.packet_payload_length);
|
||||
current_packet.packet_payload_length, current_packet.packet_payload_length);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,25 +1,24 @@
|
|||
#ifndef PACKET_STORAGE_H
|
||||
#define PACKET_STORAGE_H
|
||||
#pragma once
|
||||
|
||||
#include "fastnetmon_pcap_format.h"
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
// This is dynamically allocated packet storage
|
||||
class packet_storage_t {
|
||||
public:
|
||||
packet_storage_t() {
|
||||
memory_pointer = NULL;
|
||||
memory_pos = NULL;
|
||||
buffer_size = 0;
|
||||
memory_pos = NULL;
|
||||
buffer_size = 0;
|
||||
|
||||
// TODO: fix hardcoded mtu size this!!!
|
||||
max_packet_size = 1500;
|
||||
max_captured_packet_size = 1500;
|
||||
}
|
||||
|
||||
bool allocate_buffer(unsigned int buffer_size_in_packets) {
|
||||
unsigned int memory_size_in_bytes =
|
||||
buffer_size_in_packets * (max_packet_size + sizeof(fastnetmon_pcap_pkthdr)) +
|
||||
sizeof(fastnetmon_pcap_file_header);
|
||||
buffer_size_in_packets * (max_captured_packet_size + sizeof(fastnetmon_pcap_pkthdr)) + sizeof(fastnetmon_pcap_file_header);
|
||||
|
||||
// std::cout << "We will allocate " << memory_size_in_bytes << std::endl;
|
||||
|
||||
|
@ -27,7 +26,7 @@ class packet_storage_t {
|
|||
|
||||
if (memory_pointer != NULL) {
|
||||
this->buffer_size = memory_size_in_bytes;
|
||||
memory_pos = memory_pointer;
|
||||
memory_pos = memory_pointer;
|
||||
|
||||
// Add header to newely allocated memory block
|
||||
return this->write_header();
|
||||
|
@ -47,31 +46,31 @@ class packet_storage_t {
|
|||
}
|
||||
}
|
||||
|
||||
bool write_packet(void* payload_pointer, unsigned int length) {
|
||||
bool write_packet(void* payload_pointer, unsigned int captured_length, unsigned int real_packet_length) {
|
||||
// TODO: performance killer! Check it!
|
||||
bool we_do_timestamps = true;
|
||||
|
||||
struct timeval current_time;
|
||||
current_time.tv_sec = 0;
|
||||
current_time.tv_sec = 0;
|
||||
current_time.tv_usec = 0;
|
||||
|
||||
if (we_do_timestamps) {
|
||||
gettimeofday(¤t_time, NULL);
|
||||
}
|
||||
|
||||
struct fastnetmon_pcap_pkthdr pcap_packet_header;
|
||||
fastnetmon_pcap_pkthdr pcap_packet_header;
|
||||
|
||||
pcap_packet_header.ts_sec = current_time.tv_sec;
|
||||
pcap_packet_header.ts_sec = current_time.tv_sec;
|
||||
pcap_packet_header.ts_usec = current_time.tv_usec;
|
||||
|
||||
// Store full length of packet
|
||||
pcap_packet_header.orig_len = length;
|
||||
pcap_packet_header.orig_len = real_packet_length;
|
||||
pcap_packet_header.incl_len = captured_length;
|
||||
|
||||
if (length > max_packet_size) {
|
||||
// We whould crop packet because it's too big
|
||||
pcap_packet_header.incl_len = max_packet_size;
|
||||
} else {
|
||||
pcap_packet_header.incl_len = length;
|
||||
// We should not store packets packets with size exceeding maximum size for
|
||||
// this file
|
||||
if (captured_length > max_captured_packet_size) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!this->write_binary_data(&pcap_packet_header, sizeof(pcap_packet_header))) {
|
||||
|
@ -89,11 +88,10 @@ class packet_storage_t {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
bool write_header() {
|
||||
struct fastnetmon_pcap_file_header pcap_header;
|
||||
|
||||
fill_pcap_header(&pcap_header, max_packet_size);
|
||||
fill_pcap_header(&pcap_header, max_captured_packet_size);
|
||||
|
||||
return this->write_binary_data(&pcap_header, sizeof(pcap_header));
|
||||
}
|
||||
|
@ -109,8 +107,8 @@ class packet_storage_t {
|
|||
|
||||
free(this->memory_pointer);
|
||||
this->memory_pointer = NULL;
|
||||
this->memory_pos = NULL;
|
||||
this->buffer_size = 0;
|
||||
this->memory_pos = NULL;
|
||||
this->buffer_size = 0;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -119,19 +117,20 @@ class packet_storage_t {
|
|||
return memory_pointer;
|
||||
}
|
||||
|
||||
unsigned int get_max_packet_size() {
|
||||
return this->max_packet_size;
|
||||
unsigned int get_max_captured_packet_size() {
|
||||
return this->max_captured_packet_size;
|
||||
}
|
||||
|
||||
void set_max_packet_size(unsigned int new_max_packet_size) {
|
||||
this->max_packet_size = new_max_packet_size;
|
||||
void set_max_captured_packet_size(unsigned int new_max_captured_packet_size) {
|
||||
this->max_captured_packet_size = new_max_captured_packet_size;
|
||||
}
|
||||
|
||||
private:
|
||||
unsigned char* memory_pointer;
|
||||
unsigned char* memory_pos;
|
||||
unsigned int buffer_size;
|
||||
unsigned int max_packet_size;
|
||||
|
||||
// We should not store packets with incl_len exceeding this value
|
||||
unsigned int max_captured_packet_size;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue