Code refactoring - move DPI code to separate library

2024-05-27 04:46:15 +02:00 · 2015-07-24 15:37:11 +03:00 · 2015-07-24 15:37:11 +03:00 · 20630aee58
parent 17dcb34adc
commit 20630aee58
3 changed files with 79 additions and 27 deletions
--- a/src/fast_dpi.cpp
+++ b/src/fast_dpi.cpp
@ -0,0 +1,56 @@
+#include "fast_dpi.h"
+
+void debug_printf(u_int32_t protocol, void *id_struct, ndpi_log_level_t log_level, const char *format, ...) {
+    va_list va_ap;
+    struct tm result;
+
+    char buf[8192], out_buf[8192];
+    char theDate[32];
+    const char *extra_msg = "";
+    time_t theTime = time(NULL);
+
+    va_start (va_ap, format);
+
+    /*
+    if(log_level == NDPI_LOG_ERROR)
+      extra_msg = "ERROR: ";
+    else if(log_level == NDPI_LOG_TRACE)
+      extra_msg = "TRACE: ";
+    else 
+      extra_msg = "DEBUG: ";
+    */
+
+    memset(buf, 0, sizeof(buf));
+    strftime(theDate, 32, "%d/%b/%Y %H:%M:%S", localtime_r(&theTime, &result) );
+    vsnprintf(buf, sizeof(buf)-1, format, va_ap);
+
+    snprintf(out_buf, sizeof(out_buf), "%s %s%s", theDate, extra_msg, buf);
+    printf("%s", out_buf);
+    fflush(stdout);
+
+    va_end(va_ap);
+}
+
+struct ndpi_detection_module_struct* init_ndpi() {
+    u_int32_t detection_tick_resolution = 1000;
+    
+    struct ndpi_detection_module_struct* my_ndpi_struct =
+        ndpi_init_detection_module(detection_tick_resolution, malloc, free, debug_printf);
+
+    if (my_ndpi_struct == NULL) {
+        // printf("Can't init nDPI");
+        return NULL;
+    }
+
+    NDPI_PROTOCOL_BITMASK all;
+    // enable all protocols
+    NDPI_BITMASK_SET_ALL(all);
+    ndpi_set_protocol_detection_bitmask2(my_ndpi_struct, &all);
+
+    // Load custom protocols
+    // ndpi_load_protocols_file(ndpi_thread_info[thread_id].ndpi_struct, _protoFilePath);
+
+    //printf("nDPI started correctly\n");
+    return my_ndpi_struct;
+}
+
--- a/src/fast_dpi.h
+++ b/src/fast_dpi.h
@ -0,0 +1,9 @@
+#ifndef FAST_DPI_H
+#define FAST_DPI_H
+
+#include <stdlib.h>
+#include "libndpi/ndpi_api.h"
+
+struct ndpi_detection_module_struct* init_ndpi();
+
+#endif
--- a/src/tests/snabb/ndpicallback.cpp
+++ b/src/tests/snabb/ndpicallback.cpp
@ -17,7 +17,8 @@
 #include "../../fastnetmon_types.h"
 #include "../../fastnetmon_packet_parser.h"

-#include "libndpi/ndpi_api.h"
+#include "../../fast_dpi.h"
+//#include "libndpi/ndpi_api.h"

 class conntrack_hash_struct_for_simple_packet_t {
    public:
@ -90,31 +91,6 @@ void debug_printf(u_int32_t protocol, void *id_struct, ndpi_log_level_t log_leve

 struct ndpi_detection_module_struct* my_ndpi_struct = NULL;

-bool init_ndpi() {
-    u_int32_t detection_tick_resolution = 1000;
-    
-    my_ndpi_struct = ndpi_init_detection_module(detection_tick_resolution, malloc, free, debug_printf);
-
-    if (my_ndpi_struct == NULL) {
-        printf("Can't init nDPI");
-        return false;     
-    }
-
-    NDPI_PROTOCOL_BITMASK all;
-    // enable all protocols
-    NDPI_BITMASK_SET_ALL(all);
-    ndpi_set_protocol_detection_bitmask2(my_ndpi_struct, &all);
-
-    // allocate memory for id and flow tracking
-    size_id_struct = ndpi_detection_get_sizeof_ndpi_id_struct();
-    size_flow_struct = ndpi_detection_get_sizeof_ndpi_flow_struct();
-
-    // Load custom protocols
-    // ndpi_load_protocols_file(ndpi_thread_info[thread_id].ndpi_struct, _protoFilePath);
-
-    printf("nDPI started correctly\n");
-}
-
 /* Called once before processing packets. */
 void firehose_start(); /* optional */

@ -306,6 +282,8 @@ bool convert_simple_packet_toconntrack_hash_struct(simple_packet& packet, conntr

    conntrack_struct.source_port = packet.source_port;
    conntrack_struct.destination_port = packet.destination_port; 
+
+    return true;
 }

 void firehose_packet(const char *pciaddr, char *data, int length) {
@ -462,13 +440,19 @@ void pcap_parse_packet(char* buffer, uint32_t len) {

        printf("Protocol: %s master protocol: %s\n", protocol_name, master_protocol_name);

+        // It's DNS request or answer
+        if (detected_protocol.protocol == NDPI_PROTOCOL_DNS) {
+            
+        }
+
+        /*
        if (strstr(master_protocol_name, "Tor") == master_protocol_name) {
            printf("Shitty Tor found\n");
            char print_buffer[512];
            fastnetmon_print_parsed_pkt(print_buffer, 512, (u_char*)buffer, &packet_header);
            printf("packet: %s\n", print_buffer);
        }
-
+        */
    }

    free(flow);
@ -483,6 +467,9 @@ void pcap_parse_packet(char* buffer, uint32_t len) {
 int main(int argc, char** argv) {
    init_ndpi();

+    size_id_struct = ndpi_detection_get_sizeof_ndpi_id_struct();
+    size_flow_struct = ndpi_detection_get_sizeof_ndpi_flow_struct();
+
    if (argc != 2) {
        printf("Please specify path to dump file\n");
        exit(-1);