Beispiel #1
0
// compileBPFFilter always returns an allocated _Ctype_struct_bpf_program
// It is the callers responsibility to free the memory again, e.g.
//
//    C.pcap_freecode(&bpf)
//
func (p *Handle) compileBPFFilter(expr string) (_Ctype_struct_bpf_program, error) {
	errorBuf := (*C.char)(C.calloc(errorBufferSize, 1))
	defer C.free(unsafe.Pointer(errorBuf))

	var netp uint32
	var maskp uint32

	// Only do the lookup on network interfaces.
	// No device indicates we're handling a pcap file.
	if len(p.device) > 0 {
		dev := C.CString(p.device)
		defer C.free(unsafe.Pointer(dev))
		if -1 == C.pcap_lookupnet(
			dev,
			(*C.bpf_u_int32)(unsafe.Pointer(&netp)),
			(*C.bpf_u_int32)(unsafe.Pointer(&maskp)),
			errorBuf,
		) {
			// We can't lookup the network, but that could be because the interface
			// doesn't have an IPv4.
		}
	}

	var bpf _Ctype_struct_bpf_program
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	if -1 == C.pcap_compile(p.cptr, &bpf, cexpr, 1, C.bpf_u_int32(maskp)) {
		return bpf, p.Error()
	}

	return bpf, nil
}
Beispiel #2
0
// NewBPF compiles the given string into a new filter program.
//
// BPF filters need to be created from activated handles, because they need to
// know the underlying link type to correctly compile their offsets.
func (p *Handle) NewBPF(expr string) (*BPF, error) {
	bpf := &BPF{orig: expr}
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	if C.pcap_compile(p.cptr, &bpf.bpf, cexpr /* optimize */, 1, C.PCAP_NETMASK_UNKNOWN) != 0 {
		return nil, p.Error()
	}
	runtime.SetFinalizer(bpf, destroyBPF)
	return bpf, nil
}
Beispiel #3
0
func (p *Pcap) CompileAndSetFilter(filter string) error {
	var bpf C.struct_bpf_program
	if C.pcap_compile(p.pcap, &bpf, C.CString(filter), 1, 0) != 0 {
		return errors.New(p.GetErr())
	}

	if C.pcap_setfilter(p.pcap, &bpf) != 0 {
		return errors.New(p.GetErr())
	}

	return nil
}
Beispiel #4
0
func (p *Pcap) Setfilter(expr string) (err string) {
	var bpf _Ctype_struct_bpf_program

	if -1 == C.pcap_compile(p.cptr, &bpf, C.CString(expr), 1, 0) {
		return p.Geterror()
	}

	if -1 == C.pcap_setfilter(p.cptr, &bpf) {
		C.pcap_freecode(&bpf)
		return p.Geterror()
	}

	C.pcap_freecode(&bpf)
	return ""
}
Beispiel #5
0
func (p *Pcap) SetFilter(expr string) (err error) {
	var bpf _Ctype_struct_bpf_program
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	if -1 == C.pcap_compile(p.cptr, &bpf, cexpr, 1, 0) {
		return p.Geterror()
	}

	if -1 == C.pcap_setfilter(p.cptr, &bpf) {
		C.pcap_freecode(&bpf)
		return p.Geterror()
	}
	C.pcap_freecode(&bpf)
	return nil
}
Beispiel #6
0
func (p *Pcap) Setfilter(expr string) os.Error {
	var bpf C.struct_bpf_program
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	if C.pcap_compile(p.cptr, &bpf, cexpr, 1, 0) == -1 {
		return os.NewError(p.Geterror())
	}
	defer C.pcap_freecode(&bpf)

	if C.pcap_setfilter(p.cptr, &bpf) == -1 {
		return os.NewError(p.Geterror())
	}

	return nil
}
Beispiel #7
0
// SetBPFFilter compiles and sets a BPF filter for the pcap handle.
func (p *Handle) SetBPFFilter(expr string) (err error) {
	p.activate.Do(p.activation)
	var bpf _Ctype_struct_bpf_program
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	if -1 == C.pcap_compile(p.cptr, &bpf, cexpr, 1, 0) {
		return p.Error()
	}

	if -1 == C.pcap_setfilter(p.cptr, &bpf) {
		C.pcap_freecode(&bpf)
		return p.Error()
	}
	C.pcap_freecode(&bpf)
	return nil
}
Beispiel #8
0
func main() {
	var errbuf = (*C.char)(C.malloc(C.PCAP_ERRBUF_SIZE))
	defer C.free(unsafe.Pointer(errbuf))
	var source = C.CString("any")
	defer C.free(unsafe.Pointer(source))

	pcap_handle := C.pcap_create(source, errbuf)
	if pcap_handle == nil {
		panic("pcap_handle")
	}
	C.pcap_set_buffer_size(pcap_handle, 2*1024*1024)
	C.pcap_set_promisc(pcap_handle, 1)
	C.pcap_set_snaplen(pcap_handle, 512) // more than enough to recognize a WOL packet
	C.pcap_setdirection(pcap_handle, C.PCAP_D_IN)
	if C.pcap_activate(pcap_handle) != 0 {
		panic(C.GoString(C.pcap_geterr(pcap_handle)))
	}

	var bpf_program C.struct_bpf_program
	if C.pcap_compile(pcap_handle, &bpf_program, pcap_filter, 0, 0) != 0 {
		panic(C.GoString(C.pcap_geterr(pcap_handle)))
	}
	if C.pcap_setfilter(pcap_handle, &bpf_program) != 0 {
		panic(C.GoString(C.pcap_geterr(pcap_handle)))
	}

	for {
		var pkt_header *C.struct_pcap_pkthdr
		var pkt_data *C.u_char
		if C.pcap_next_ex(pcap_handle, &pkt_header, &pkt_data) < 0 {
			panic(C.GoString(C.pcap_geterr(pcap_handle)))
		}
		if pkt_data == nil {
			continue
		}
		data := make([]byte, pkt_header.caplen)
		copy(data, (*(*[10000000]byte)(unsafe.Pointer(pkt_data)))[0:])
		from_mac, to_mac := checkwol(data)
		if from_mac != "" {
			fmt.Printf("%v: %v sends WOL to %v\n", time.Now(), from_mac, to_mac)
		}
	}

}
Beispiel #9
0
// Setfilter compiles a filter string into a bpf program and sets the filter.
func (p *Pcap) Setfilter(expr string) error {
	cexpr := C.CString(expr)
	defer C.free(unsafe.Pointer(cexpr))

	var bpf C.struct_bpf_program
	res := C.pcap_compile(p.cptr, &bpf, cexpr, C.int(OptimizeFilters),
		C.PCAP_NETMASK_UNKNOWN)
	if res == C.PCAP_ERROR {
		return p.GetErr()
	}

	res = C.pcap_setfilter(p.cptr, &bpf)
	if res == C.PCAP_ERROR {
		C.pcap_freecode(&bpf)
		return p.GetErr()
	}

	p.Filters = append(p.Filters, expr)

	C.pcap_freecode(&bpf)
	return nil
}