4 * This program is is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License, version 2 if the
6 * License as published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * @file include/pcap.h
21 * @brief Prototypes and constants for PCAP functions.
23 * @author Arran Cudbard-Bell <a.cudbardb@freeradius.org>
24 * @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
26 #include <freeradius-devel/libradius.h>
27 #include <sys/types.h>
28 #include <netinet/in.h>
32 * Length of a DEC/Intel/Xerox or 802.3 Ethernet header.
33 * Note that some compilers may pad "struct ether_header" to
34 * a multiple of 4 *bytes, for example, so "sizeof (struct
35 * ether_header)" may not give the right answer.
37 * 6 Byte SRC, 6 Byte DST, 2 Byte Ether type, 4 Byte CVID, 4 Byte SVID
39 #define ETHER_HDRLEN 22
43 * RADIUS packet length.
44 * RFC 2865, Section 3., subsection 'length' says:
45 * " ... and maximum length is 4096."
47 #define MAX_RADIUS_LEN 4096
48 #define MIN_RADIUS_LEN 20
49 #define SNAPLEN ETHER_HDRLEN + IP_HDRLEN + sizeof(struct udp_header) + MAX_RADIUS_LEN
50 #define PCAP_BUFFER_DEFAULT (10000)
52 * It's unclear why this differs between platforms
55 # define PCAP_NONBLOCK_TIMEOUT (0)
57 # define PCAP_NONBLOCK_TIMEOUT (-1)
61 #define BIOCIMMEDIATE (2147762800)
65 * Older versions of libpcap don't define this
67 #ifndef PCAP_NETMASK_UNKNOWN
68 # define PCAP_NETMASK_UNKNOWN 0
72 * The number of bytes in an ethernet (MAC) address.
74 #define ETHER_ADDR_LEN 6
77 * Structure of a DEC/Intel/Xerox or 802.3 Ethernet header.
79 struct ethernet_header {
80 uint8_t ether_dst[ETHER_ADDR_LEN];
81 uint8_t ether_src[ETHER_ADDR_LEN];
86 * Structure of an internet header, naked of options.
89 #define IP_V(ip) (((ip)->ip_vhl & 0xf0) >> 4)
90 #define IP_HL(ip) ((ip)->ip_vhl & 0x0f)
92 #define I_DF 0x4000 //!< Dont fragment flag.
93 #define IP_MF 0x2000 //!< More fragments flag.
94 #define IP_OFFMASK 0x1fff //!< Mask for fragmenting bits.
96 typedef struct ip_header {
97 uint8_t ip_vhl; //!< Header length, version.
99 uint8_t ip_tos; //!< Type of service.
100 uint16_t ip_len; //!< Total length.
101 uint16_t ip_id; //!< identification.
102 uint16_t ip_off; //!< Fragment offset field.
104 uint8_t ip_ttl; //!< Time To Live.
105 uint8_t ip_p; //!< Protocol.
106 uint16_t ip_sum; //!< Checksum.
107 struct in_addr ip_src, ip_dst; //!< Src and Dst address
110 typedef struct ip_header6 {
111 uint32_t ip_vtcfl; //!< Version, traffic class, flow label.
112 uint16_t ip_len; //!< Payload length
114 uint8_t ip_next; //!< Next header (protocol)
115 uint8_t ip_hopl; //!< IP Hop Limit
117 struct in6_addr ip_src, ip_dst; //!< Src and Dst address
121 * UDP protocol header.
122 * Per RFC 768, September, 1981.
124 typedef struct udp_header {
125 uint16_t src; //!< Source port.
126 uint16_t dst; //!< Destination port.
127 uint16_t len; //!< UDP length.
128 uint16_t checksum; //!< UDP checksum.
131 typedef struct radius_packet_t {
135 uint8_t vector[AUTH_VECTOR_LEN];
139 #define AUTH_HDR_LEN 20
151 extern const FR_NAME_NUMBER pcap_types[];
154 * Internal pcap structures
156 typedef struct fr_pcap fr_pcap_t;
158 char errbuf[PCAP_ERRBUF_SIZE]; //!< Last error on this interface.
159 fr_pcap_type_t type; //!< What type of handle this is.
160 char *name; //!< Name of file or interface.
161 bool promiscuous; //!< Whether the interface is in promiscuous mode.
162 //!< Only valid for live capture handles.
163 int buffer_pkts; //!< How big to make the PCAP ring buffer.
164 //!< Actual buffer size is SNAPLEN * buffer.
165 //!< Only valid for live capture handles.
167 pcap_t *handle; //!< libpcap handle.
168 pcap_dumper_t *dumper; //!< libpcap dumper handle.
170 int link_type; //!< Link layer type.
172 int fd; //!< Selectable file descriptor we feed to select.
173 struct pcap_stat pstats; //!< The last set of pcap stats for this handle.
175 fr_pcap_t *next; //!< Next handle in collection.
179 fr_pcap_t *fr_pcap_init(TALLOC_CTX *ctx, char const *name, fr_pcap_type_t type);
180 int fr_pcap_open(fr_pcap_t *handle);
181 int fr_pcap_apply_filter(fr_pcap_t *handle, char const *expression);
182 char *fr_pcap_device_names(TALLOC_CTX *ctx, fr_pcap_t *handle, char c);
183 ssize_t fr_pcap_link_layer_offset(uint8_t const *data, size_t len, int link_type);
184 uint16_t fr_udp_checksum(uint8_t const *data, uint16_t len, uint16_t checksum,
185 struct in_addr const src_addr, struct in_addr const dst_addr);