/[darkstattype]/trunk/darkstattype.c
ViewVC logotype

Diff of /trunk/darkstattype.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 7 by trond, 2014-03-19T15:40:13Z Revision 14 by trond, 2014-03-21T18:35:50Z
# Line 17  Line 17 
17      this list of conditions and the following disclaimer in the documentation      this list of conditions and the following disclaimer in the documentation
18      and/or other materials provided with the distribution.      and/or other materials provided with the distribution.
19    
20   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23   DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR   DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
24   ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES   ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25   (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;   (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27   ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT   ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30  */  */
31    
 // Define FOLLOW_SPECIFICATION to 0 (zero) to go with darkstat's own format as of 3.0.718.  
 #define FOLLOW_SPECIFICATION 0  
   
 // Define FOLLOW_SPECIFICATION to 1 (one) to go with the format specified in the export-format.txt file.  
 //#define FOLLOW_SPECIFICATION 1  
   
32  #include <errno.h>  #include <errno.h>
33    #include <stdbool.h>
34  #include <stdio.h>  #include <stdio.h>
35  #include <stdlib.h>  #include <stdlib.h>
36  #include <string.h>  #include <string.h>
37  #include <time.h>  #include <time.h>
38  #include <unistd.h>  #include <unistd.h>
39    
40  const char *progname = NULL;  const char *progname = NULL;
41  const char *filename = NULL;  const char *filename = NULL;
42  FILE *file = NULL;  FILE *file = NULL;
43    bool follow_specification = false;
44    
45  int main(int argc, char **argv)  int main(int argc, char **argv)
46  {  {
47    void show_usage(int exitcode);    void show_usage(int exitcode);
48    void show_version(void);    void show_version(void);
49    void decode_file(void);    void decode_file(void);
50    
51    int i;    int i;
52    
53    progname = argv[0];    progname = argv[0];
54    
55    opterr = 0;    opterr = 0;
56    while ( (i = getopt(argc, argv, "hv")) != -1) {    while ( (i = getopt(argc, argv, "fhv")) != -1) {
57      switch (i) {      switch (i) {
58          case 'f':
59            follow_specification = !follow_specification;
60            break;
61    
62        case 'h':        case 'h':
63          show_usage(EXIT_SUCCESS);          show_usage(EXIT_SUCCESS);
64          break;          break;
65    
66        case 'v':        case 'v':
67          show_version();          show_version();
68          break;          break;
69    
70        case '?':        case '?':
71          /*FALLTHROUGH*/          /*FALLTHROUGH*/
72        default:        default:
73          fprintf(stderr, "%s: illegal option -%c\n\n", progname, optopt);          fprintf(stderr, "%s: illegal option -%c\n\n", progname, optopt);
74          show_usage(EXIT_FAILURE);          show_usage(EXIT_FAILURE);
75          break;          break;
76      } // switch      } // switch
77    }  // while    }  // while
78    argc -= optind;    argc -= optind;
79    argv += optind;    argv += optind;
80    
81    if (argv[0] == NULL) {    if (*argv == NULL) {
82      fprintf(stderr, "%s: missing filename\n\n", progname);      fprintf(stderr, "%s: missing filename\n\n", progname);
83      show_usage(EXIT_FAILURE);      show_usage(EXIT_FAILURE);
84    } // if    } // if
85    
86    filename = argv[0];    while (*argv != NULL) {
87        filename = *argv;
88    
89    decode_file();      decode_file();
90    
91        argv++;
92      } // while
93    
94    return EXIT_SUCCESS;    return EXIT_SUCCESS;
95  } // main()  } // main()
96    
97  void show_usage(int exitcode)  void show_usage(int exitcode)
98  {  {
99    fprintf((exitcode == EXIT_SUCCESS) ? stdout : stderr,    fprintf((exitcode == EXIT_SUCCESS) ? stdout : stderr,
100      "Usage: %s [-h] [-v] filename\n"      "Usage: %s [-f] [-h] [-v] filename ...\n"
101      " E.g.: %s darkstat.db\n",      " E.g.: %s darkstat.db\n\n"
102    
103        "Options:\n"
104        "-f\tToggle follow strict specification, default is false.\n"
105        "-h\tShow this help message and exit.\n"
106        "-v\tShow version and copyright and exit.\n",
107      progname, progname);      progname, progname);
108    
109    exit(exitcode);    exit(exitcode);
110  } // show_usage()  } // show_usage()
111    
112  void show_version(void)  void show_version(void)
113  {  {
114    puts("darkstattype 1.0");    puts("darkstattype 1.0");
115    puts("$Ximalas$");    puts("$Ximalas$");
116    puts("");    puts("");
117    
118    puts("Copyright © 2014, Trond Endrestøl <Trond.Endrestol@ximalas.info>");    puts("Copyright © 2014, Trond Endrestøl <Trond.Endrestol@ximalas.info>");
119    puts("All rights reserved.");    puts("All rights reserved.");
120    puts("");    puts("");
121    puts("Redistribution and use in source and binary forms, with or without");    puts("Redistribution and use in source and binary forms, with or without");
# Line 161  void decode_file(void) Line 170  void decode_file(void)
170    void decode_graph_db_v1(void);    void decode_graph_db_v1(void);
171    
172    unsigned int fileheader;    unsigned int fileheader;
173    unsigned int sectionheader;    unsigned int sectionheader;
174    
175    unsigned int i;    unsigned int i;
176    
177    if ( (file = fopen(filename, "rb")) == NULL) {    if ( (file = fopen(filename, "rb")) == NULL) {
178      fprintf(stderr, "%s: fopen(\"%s\") = %s (%d)\n", progname, filename, strerror(errno), errno);      fprintf(stderr, "%s: fopen(\"%s\") = %s (%d)\n", progname, filename, strerror(errno), errno);
179      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
180    } // if    } // if
181    
182  #define FILE_HEADER_V1 0xDA314159U  #define FILE_HEADER_V1 0xDA314159U
183    
184    if ( (fileheader = read32u()) != FILE_HEADER_V1) { // not darkstat export format    if ( (fileheader = read32u()) != FILE_HEADER_V1) { // not darkstat export format
185      fprintf(stderr, "%s:%s: file header = 0x%x, not 0x%x\n", progname, filename, fileheader, FILE_HEADER_V1);      fprintf(stderr, "%s:%s:%ld: file header = 0x%x, not 0x%x\n", progname, filename, ftell(file), fileheader, FILE_HEADER_V1);
186      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
187    } // if    } // if
188    
189    printf("File header 0x%x\n", fileheader);    printf("File header 0x%x\n", fileheader);
190    
191    // Possible section header for host_db v1 and later graph_db v1.    // Possible section header for host_db v1 and later graph_db v1.
192    indent();    indent();
193    
194  #define HOST_DB_V1 0xDA485301U  #define HOST_DB_V1 0xDA485301U
195  #define GRAPH_DB_V1 0xDA475201U  #define GRAPH_DB_V1 0xDA475201U
196    
197    for (i = 0; i < 2; i++) {    for (i = 0; i < 2; i++) {
198      if ( (sectionheader = read32u()) == HOST_DB_V1) {      if ( (sectionheader = read32u()) == HOST_DB_V1) {
199        print_indentation();        print_indentation();
200        printf("Section header host_db v1 0x%x\n", sectionheader);        printf("Section header host_db v1 0x%x\n", sectionheader);
201        decode_host_db_v1();        decode_host_db_v1();
202      } // if      } // if
203      else if (sectionheader == GRAPH_DB_V1) {      else if (sectionheader == GRAPH_DB_V1) {
204        print_indentation();        print_indentation();
205        printf("Section header graph_db v1 0x%x\n", sectionheader);        printf("Section header graph_db v1 0x%x\n", sectionheader);
206        decode_graph_db_v1();        decode_graph_db_v1();
207      } // else if      } // else if
208      else {      else {
209        fprintf(stderr, "%s:%s: unknown section header = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, sectionheader, HOST_DB_V1, GRAPH_DB_V1);        fprintf(stderr, "%s:%s:%ld: unknown section header = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, ftell(file), sectionheader, HOST_DB_V1, GRAPH_DB_V1);
210        exit(EXIT_FAILURE);        exit(EXIT_FAILURE);
211      } // else      } // else
212    } // for    } // for
213    
214    exdent();    exdent();
215    
216      if (fclose(file) != 0) {
217        fprintf(stderr, "%s: fclose(\"%s\") = %s (%d)\n", progname, filename, strerror(errno), errno);
218        exit(EXIT_FAILURE);
219      } // if
220  } // decode_file()  } // decode_file()
221    
222  void decode_host_db_v1(void)  void decode_host_db_v1(void)
223  {  {
224    void decode_host_header_v1(void);    void decode_host_header_v1(void);
225    void decode_host_header_v2(void);    void decode_host_header_v2(void);
226    void decode_host_header_v3(void);    void decode_host_header_v3(void);
227    
228    unsigned int hostcount;    unsigned int hostcount;
229    unsigned int i;    unsigned int i;
230    
231    indent();    indent();
232    
233    hostcount = read32u();    hostcount = read32u();
234    
# Line 237  void decode_host_db_v1(void) Line 251  void decode_host_db_v1(void)
251        print_indentation();        print_indentation();
252        printf("Host header v3 0x%x\n", hostheader);        printf("Host header v3 0x%x\n", hostheader);
253        decode_host_header_v3();        decode_host_header_v3();
254      } // if      } // if
255      else if (hostheader == HOST_HEADER_V2) { // host header v2      else if (hostheader == HOST_HEADER_V2) { // host header v2
256        print_indentation();        print_indentation();
257        printf("Host header v2 0x%x\n", hostheader);        printf("Host header v2 0x%x\n", hostheader);
258        decode_host_header_v2();        decode_host_header_v2();
259      } // else if      } // else if
260      else if (hostheader == HOST_HEADER_V1) { // host header v1      else if (hostheader == HOST_HEADER_V1) { // host header v1
261        print_indentation();        print_indentation();
262        printf("Host header v1 0x%x\n", hostheader);        printf("Host header v1 0x%x\n", hostheader);
263        decode_host_header_v1();        decode_host_header_v1();
264      } // else if      } // else if
265      else { // unknown host header version      else { // unknown host header version
266        fprintf(stderr, "%s:%s: unknown host header = 0x%x, neither 0x%x nor 0x%x nor 0x%x\n", progname, filename, hostheader, HOST_HEADER_V3, HOST_HEADER_V2, HOST_HEADER_V1);        fprintf(stderr, "%s:%s:%ld: unknown host header = 0x%x, neither 0x%x nor 0x%x nor 0x%x\n", progname, filename, ftell(file), hostheader, HOST_HEADER_V3, HOST_HEADER_V2, HOST_HEADER_V1);
267        exit(EXIT_FAILURE);        exit(EXIT_FAILURE);
268      } // else      } // else
269    
270      exdent();      exdent();
271    } // for    } // for
272    
273    exdent();    exdent();
274  } // decode_host_db_v1()  } // decode_host_db_v1()
275    
276  void decode_protos_data(void);  void decode_protos_data(void);
277  void decode_tcp_data(void);  void decode_tcp_data(void);
278  void decode_udp_data(void);  void decode_udp_data(void);
279    
280  void decode_host_header_v1(void)  void decode_host_header_v1(void)
281  {  {
# Line 273  void decode_host_header_v1(void) Line 287  void decode_host_header_v1(void)
287    unsigned long bytesout;    unsigned long bytesout;
288    unsigned char protosdata;    unsigned char protosdata;
289    unsigned char tcpdata;    unsigned char tcpdata;
290    unsigned char udpdata;    unsigned char udpdata;
291    
292    unsigned char i;    unsigned char i;
293    
294    indent();    indent();
295    
296    ipv4address[0] = read8u();    ipv4address[0] = read8u();
297    ipv4address[1] = read8u();    ipv4address[1] = read8u();
298    ipv4address[2] = read8u();    ipv4address[2] = read8u();
299    ipv4address[3] = read8u();    ipv4address[3] = read8u();
300    
301    print_indentation();    print_indentation();
302    printf("IPv4 address %d.%d.%d.%d\n",    printf("IPv4 address %u.%u.%u.%u\n",
303           ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);           ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);
304    
305    macaddress[0] = read8u();    macaddress[0] = read8u();
306    macaddress[1] = read8u();    macaddress[1] = read8u();
307    macaddress[2] = read8u();    macaddress[2] = read8u();
308    macaddress[3] = read8u();    macaddress[3] = read8u();
309    macaddress[4] = read8u();    macaddress[4] = read8u();
310    macaddress[5] = read8u();    macaddress[5] = read8u();
311    
312    print_indentation();    print_indentation();
313    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);
314    
315    hostnamelen = read8u();    hostnamelen = read8u();
316    
317    print_indentation();    print_indentation();
318    printf("Hostname length %d\n", hostnamelen);    printf("Hostname length %u\n", hostnamelen);
319    
320    for (i = 0; i < hostnamelen; i++) {    for (i = 0; i < hostnamelen; i++) {
321      hostname[i] = read8u();      hostname[i] = read8u();
322    } // for    } // for
323    hostname[i] = '\0';    hostname[i] = '\0';
324    
325    print_indentation();    print_indentation();
326    printf("Hostname %s\n", hostname);    printf("Hostname %s\n", hostname);
327    
328    bytesin = read64u();    bytesin = read64u();
329    
330    print_indentation();    print_indentation();
331    printf("Bytes in %lu\n", bytesin);    printf("Bytes in %lu\n", bytesin);
332    
333    bytesout = read64u();    bytesout = read64u();
334    
335    print_indentation();    print_indentation();
336    printf("Bytes out %lu\n", bytesout);    printf("Bytes out %lu\n", bytesout);
337    
338    if ( (protosdata = read8u()) != 'P') { // missing protos data    if ( (protosdata = read8u()) != 'P') { // missing protos data
339      fprintf(stderr, "%s: expecting character P, not %c\n", progname, protosdata);      fprintf(stderr, "%s:%s:%ld: expecting character P, not %c\n", progname, filename, ftell(file), protosdata);
340      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
341    } // if    } // if
342    
343    decode_protos_data();    decode_protos_data();
344    
345    if ( (tcpdata = read8u()) != 'T') { // missing tcp data    if ( (tcpdata = read8u()) != 'T') { // missing tcp data
346      fprintf(stderr, "%s: expecting character T, not %c\n", progname, tcpdata);      fprintf(stderr, "%s:%s:%ld: expecting character T, not %c\n", progname, filename, ftell(file), tcpdata);
347      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
348    } // if    } // if
349    
350    decode_tcp_data();    decode_tcp_data();
351    
352    if ( (udpdata = read8u()) != 'U') { // missing udp data    if ( (udpdata = read8u()) != 'U') { // missing udp data
353      fprintf(stderr, "%s: expecting character U, not %c\n", progname, udpdata);      fprintf(stderr, "%s:%s:%ld: expecting character U, not %c\n", progname, filename, ftell(file), udpdata);
354      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
355    } // if    } // if
356    
357    decode_udp_data();    decode_udp_data();
358    
359    exdent();    exdent();
360  } // decode_host_header_v1  } // decode_host_header_v1
361    
362  void decode_host_header_v2(void)  void decode_host_header_v2(void)
363  {  {
364    unsigned char ipv4address[4];    unsigned char ipv4address[4];
365    unsigned char macaddress[6];    unsigned char macaddress[6];
366      signed long lastseen;      signed long lastseen;
367    unsigned char hostnamelen;    unsigned char hostnamelen;
368    unsigned char hostname[256];    unsigned char hostname[256];
# Line 356  void decode_host_header_v2(void) Line 370  void decode_host_header_v2(void)
370    unsigned long bytesout;    unsigned long bytesout;
371    unsigned char protosdata;    unsigned char protosdata;
372    unsigned char tcpdata;    unsigned char tcpdata;
373    unsigned char udpdata;    unsigned char udpdata;
374    
375    unsigned char i;    unsigned char i;
376    
377    indent();    indent();
378    
379    ipv4address[0] = read8u();    ipv4address[0] = read8u();
380    ipv4address[1] = read8u();    ipv4address[1] = read8u();
381    ipv4address[2] = read8u();    ipv4address[2] = read8u();
382    ipv4address[3] = read8u();    ipv4address[3] = read8u();
383    
384    print_indentation();    print_indentation();
385    printf("IPv4 address %d.%d.%d.%d\n",    printf("IPv4 address %u.%u.%u.%u\n",
386           ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);           ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);
387    
388  #if FOLLOW_SPECIFICATION == 1    if (follow_specification == true) {
389    macaddress[0] = read8u();      macaddress[0] = read8u();
390    macaddress[1] = read8u();      macaddress[1] = read8u();
391    macaddress[2] = read8u();      macaddress[2] = read8u();
392    macaddress[3] = read8u();      macaddress[3] = read8u();
393    macaddress[4] = read8u();      macaddress[4] = read8u();
394    macaddress[5] = read8u();      macaddress[5] = read8u();
395    
396    print_indentation();      print_indentation();
397    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);      printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);
398    
399    lastseen = read64s();      lastseen = read64s();
400    
401    print_indentation();      print_indentation();
402    printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);      printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);
403    print_time_t(lastseen);      print_time_t(lastseen);
404    puts("");      puts("");
405  #else    } // if
406    lastseen = read64s();    else {
407        lastseen = read64s();
408    
409    print_indentation();      print_indentation();
410    printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);      printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);
411    print_time_t(lastseen);      print_time_t(lastseen);
412    puts("");      puts("");
413    
414    macaddress[0] = read8u();      macaddress[0] = read8u();
415    macaddress[1] = read8u();      macaddress[1] = read8u();
416    macaddress[2] = read8u();      macaddress[2] = read8u();
417    macaddress[3] = read8u();      macaddress[3] = read8u();
418    macaddress[4] = read8u();      macaddress[4] = read8u();
419    macaddress[5] = read8u();      macaddress[5] = read8u();
420    
421    print_indentation();      print_indentation();
422    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);      printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);
423  #endif    } // else
424    
425    hostnamelen = read8u();    hostnamelen = read8u();
426    
427    print_indentation();    print_indentation();
428    printf("Hostname length %d\n", hostnamelen);    printf("Hostname length %u\n", hostnamelen);
429    
430    for (i = 0; i < hostnamelen; i++) {    for (i = 0; i < hostnamelen; i++) {
431      hostname[i] = read8u();      hostname[i] = read8u();
432    } // for    } // for
433    hostname[i] = '\0';    hostname[i] = '\0';
434    
435    print_indentation();    print_indentation();
436    printf("Hostname %s\n", hostname);    printf("Hostname %s\n", hostname);
437    
438    bytesin = read64u();    bytesin = read64u();
439    
440    print_indentation();    print_indentation();
441    printf("Bytes in %lu\n", bytesin);    printf("Bytes in %lu\n", bytesin);
442    
443    bytesout = read64u();    bytesout = read64u();
444    
445    print_indentation();    print_indentation();
446    printf("Bytes out %lu\n", bytesout);    printf("Bytes out %lu\n", bytesout);
447    
448    if ( (protosdata = read8u()) != 'P') { // missing protos data    if ( (protosdata = read8u()) != 'P') { // missing protos data
449      fprintf(stderr, "%s: expecting character P, not %c\n", progname, protosdata);      fprintf(stderr, "%s:%s:%ld: expecting character P, not %c\n", progname, filename, ftell(file), protosdata);
450      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
451    } // if    } // if
452    
453    decode_protos_data();    decode_protos_data();
454    
455    if ( (tcpdata = read8u()) != 'T') { // missing tcp data    if ( (tcpdata = read8u()) != 'T') { // missing tcp data
456      fprintf(stderr, "%s: expecting character T, not %c\n", progname, tcpdata);      fprintf(stderr, "%s:%s:%ld: expecting character T, not %c\n", progname, filename, ftell(file), tcpdata);
457      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
458    } // if    } // if
459    
460    decode_tcp_data();    decode_tcp_data();
461    
462    if ( (udpdata = read8u()) != 'U') { // missing udp data    if ( (udpdata = read8u()) != 'U') { // missing udp data
463      fprintf(stderr, "%s: expecting character U, not %c\n", progname, udpdata);      fprintf(stderr, "%s:%s:%ld: expecting character U, not %c\n", progname, filename, ftell(file), udpdata);
464      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
465    } // if    } // if
466    
467    decode_udp_data();    decode_udp_data();
468    
469    exdent();    exdent();
470  } // decode_host_header_v2  } // decode_host_header_v2
471    
472  void decode_host_header_v3(void)  void decode_host_header_v3(void)
473  {  {
474    unsigned char addressfamily;    unsigned char  addressfamily;
475    unsigned char ipv4address[4];    unsigned char  ipv4address[4];
476    unsigned char ipv6address[16];    unsigned short ipv6address[8];
477    unsigned char macaddress[6];    unsigned char  macaddress[6];
478      signed long lastseen;      signed long  lastseen;
479    unsigned char hostnamelen;    unsigned char  hostnamelen;
480    unsigned char hostname[256];    unsigned char  hostname[256];
481    unsigned long bytesin;    unsigned long  bytesin;
482    unsigned long bytesout;    unsigned long  bytesout;
483    unsigned char protosdata;    unsigned char  protosdata;
484    unsigned char tcpdata;    unsigned char  tcpdata;
485    unsigned char udpdata;    unsigned char  udpdata;
486    
487    unsigned char i;    unsigned char  i;
488    
489    indent();    indent();
490    
491    if ( (addressfamily = read8u()) == 0x04) { // IPv4 address    if ( (addressfamily = read8u()) == 0x04) { // IPv4 address
492      print_indentation();      print_indentation();
493      printf("IPv4 address family (0x%02x)\n", addressfamily);      printf("IPv4 address family (0x%02x)\n", addressfamily);
494    
495      ipv4address[0] = read8u();      ipv4address[0] = read8u();
496      ipv4address[1] = read8u();      ipv4address[1] = read8u();
497      ipv4address[2] = read8u();      ipv4address[2] = read8u();
498      ipv4address[3] = read8u();      ipv4address[3] = read8u();
499    
500      print_indentation();      print_indentation();
501      printf("IPv4 address %d.%d.%d.%d\n",      printf("IPv4 address %u.%u.%u.%u\n",
502             ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);             ipv4address[0], ipv4address[1], ipv4address[2], ipv4address[3]);
503    } // if    } // if
504    else if (addressfamily == 0x06) { // IPv6 address    else if (addressfamily == 0x06) { // IPv6 address
505      print_indentation();      print_indentation();
506      printf("IPv6 address family (0x%02x)\n", addressfamily);      printf("IPv6 address family (0x%02x)\n", addressfamily);
507    
508      ipv6address[ 0] = read8u();      ipv6address[0] = read16u();
509      ipv6address[ 1] = read8u();      ipv6address[1] = read16u();
510      ipv6address[ 2] = read8u();      ipv6address[2] = read16u();
511      ipv6address[ 3] = read8u();      ipv6address[3] = read16u();
512      ipv6address[ 4] = read8u();      ipv6address[4] = read16u();
513      ipv6address[ 5] = read8u();      ipv6address[5] = read16u();
514      ipv6address[ 6] = read8u();      ipv6address[6] = read16u();
515      ipv6address[ 7] = read8u();      ipv6address[7] = read16u();
     ipv6address[ 8] = read8u();  
     ipv6address[ 9] = read8u();  
     ipv6address[10] = read8u();  
     ipv6address[11] = read8u();  
     ipv6address[12] = read8u();  
     ipv6address[13] = read8u();  
     ipv6address[14] = read8u();  
     ipv6address[15] = read8u();  
516    
517      print_indentation();      print_indentation();
518      printf("IPv6 address %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",      printf("IPv6 address %04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n",
519             ipv6address[ 0],             ipv6address[0],
520             ipv6address[ 1],             ipv6address[1],
521             ipv6address[ 2],             ipv6address[2],
522             ipv6address[ 3],             ipv6address[3],
523             ipv6address[ 4],             ipv6address[4],
524             ipv6address[ 5],             ipv6address[5],
525             ipv6address[ 6],             ipv6address[6],
526             ipv6address[ 7],             ipv6address[7]);
            ipv6address[ 8],  
            ipv6address[ 9],  
            ipv6address[10],  
            ipv6address[11],  
            ipv6address[12],  
            ipv6address[13],  
            ipv6address[14],  
            ipv6address[15]);  
527    } // else if    } // else if
528    else { // unknown address family    else { // unknown address family
529      fprintf(stderr, "%s:%s: unknown address family = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, addressfamily, 0x04, 0x06);      fprintf(stderr, "%s:%s:%ld: unknown address family = 0x%x, neither 0x%x nor 0x%x\n", progname, filename, ftell(file), addressfamily, 0x04, 0x06);
530      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
531    } // else    } // else
532    
533  #if FOLLOW_SPECIFICATION == 1    if (follow_specification == true) {
534    macaddress[0] = read8u();      macaddress[0] = read8u();
535    macaddress[1] = read8u();      macaddress[1] = read8u();
536    macaddress[2] = read8u();      macaddress[2] = read8u();
537    macaddress[3] = read8u();      macaddress[3] = read8u();
538    macaddress[4] = read8u();      macaddress[4] = read8u();
539    macaddress[5] = read8u();      macaddress[5] = read8u();
540    
541    print_indentation();      print_indentation();
542    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);      printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);
543    
544    lastseen = read64s();      lastseen = read64s();
545    
546    print_indentation();      print_indentation();
547    printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);      printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);
548    print_time_t(lastseen);      print_time_t(lastseen);
549    puts("");      puts("");
550  #else    } // if
551    lastseen = read64s();    else {
552        lastseen = read64s();
553    
554    print_indentation();      print_indentation();
555    printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);      printf("Last seen 0x%lx = %ld = ", lastseen, lastseen);
556    print_time_t(lastseen);      print_time_t(lastseen);
557    puts("");      puts("");
558    
559    macaddress[0] = read8u();      macaddress[0] = read8u();
560    macaddress[1] = read8u();      macaddress[1] = read8u();
561    macaddress[2] = read8u();      macaddress[2] = read8u();
562    macaddress[3] = read8u();      macaddress[3] = read8u();
563    macaddress[4] = read8u();      macaddress[4] = read8u();
564    macaddress[5] = read8u();      macaddress[5] = read8u();
565    
566    print_indentation();      print_indentation();
567    printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);      printf("MAC address %02x:%02x:%02x:%02x:%02x:%02x\n", macaddress[0], macaddress[1], macaddress[2], macaddress[3], macaddress[4], macaddress[5]);
568  #endif    } // else
569    
570    hostnamelen = read8u();    hostnamelen = read8u();
571    
572    print_indentation();    print_indentation();
573    printf("Hostname length %d\n", hostnamelen);    printf("Hostname length %u\n", hostnamelen);
574    
575    for (i = 0; i < hostnamelen; i++) {    for (i = 0; i < hostnamelen; i++) {
576      hostname[i] = read8u();      hostname[i] = read8u();
577    } // for    } // for
578    hostname[i] = '\0';    hostname[i] = '\0';
579    
580    print_indentation();    print_indentation();
581    printf("Hostname %s\n", hostname);    printf("Hostname %s\n", hostname);
582    
583    bytesin = read64u();    bytesin = read64u();
584    
585    print_indentation();    print_indentation();
586    printf("Bytes in %lu\n", bytesin);    printf("Bytes in %lu\n", bytesin);
587    
588    bytesout = read64u();    bytesout = read64u();
589    
590    print_indentation();    print_indentation();
591    printf("Bytes out %lu\n", bytesout);    printf("Bytes out %lu\n", bytesout);
592    
593    if ( (protosdata = read8u()) != 'P') { // missing protos data    if ( (protosdata = read8u()) != 'P') { // missing protos data
594      fprintf(stderr, "%s: expecting character P, not %c\n", progname, protosdata);      fprintf(stderr, "%s:%s:%ld: expecting character P, not %c\n", progname, filename, ftell(file), protosdata);
595      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
596    } // if    } // if
597    
598    decode_protos_data();    decode_protos_data();
599    
600    if ( (tcpdata = read8u()) != 'T') { // missing tcp data    if ( (tcpdata = read8u()) != 'T') { // missing tcp data
601      fprintf(stderr, "%s: expecting character T, not %c\n", progname, tcpdata);      fprintf(stderr, "%s:%s:%ld: expecting character T, not %c\n", progname, filename, ftell(file), tcpdata);
602      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
603    } // if    } // if
604    
605    decode_tcp_data();    decode_tcp_data();
606    
607    if ( (udpdata = read8u()) != 'U') { // missing udp data    if ( (udpdata = read8u()) != 'U') { // missing udp data
608      fprintf(stderr, "%s: expecting character U, not %c\n", progname, udpdata);      fprintf(stderr, "%s:%s:%ld: expecting character U, not %c\n", progname, filename, ftell(file), udpdata);
609      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
610    } // if    } // if
611    
612    decode_udp_data();    decode_udp_data();
613    
614    exdent();    exdent();
615  } // decode_host_header_v3  } // decode_host_header_v3
616    
617  void decode_protos_data(void)  void decode_protos_data(void)
618  {  {
619    unsigned char ipprotocount;    unsigned char ipprotocount;
620    
621    unsigned char u;    unsigned char i;
622    
623    ipprotocount = read8u();    ipprotocount = read8u();
624    
625    print_indentation();    print_indentation();
626    printf("IP Proto count %d\n", ipprotocount);    printf("IP Proto count %u\n", ipprotocount);
627    
628    indent();    indent();
629    
630    for (u = 0; u < ipprotocount; u++) {    for (i = 0; i < ipprotocount; i++) {
631      unsigned char proto;      unsigned char proto;
632      unsigned long in;      unsigned long in;
633      unsigned long out;      unsigned long out;
634    
635      print_indentation();      print_indentation();
636      printf("Protocol #%u of %u:\n", u + 1, ipprotocount);      printf("Protocol #%u of %u:\n", i + 1, ipprotocount);
637    
638      proto = read8u();      proto = read8u();
639    
640      indent();      indent();
641      print_indentation();      print_indentation();
642      printf("Protocol 0x%02x\n", proto);      printf("Protocol 0x%02x\n", proto);
643    
644      in = read64u();      in = read64u();
645    
646      print_indentation();      print_indentation();
647      printf("In %lu\n", in);      printf("In %lu\n", in);
648    
649      out = read64u();      out = read64u();
650    
651      print_indentation();      print_indentation();
# Line 654  void decode_tcp_data(void) Line 654  void decode_tcp_data(void)
654      exdent();      exdent();
655    } // for    } // for
656    
657    exdent();    exdent();
658  } // decode_protos_data();  } // decode_protos_data();
659    
660  void decode_tcp_data(void)  void decode_tcp_data(void)
661  {  {
662    unsigned char tcpprotocount;    unsigned char tcpprotocount;
663    
664    unsigned short i;    unsigned short i;
665    
666    tcpprotocount = read16u();    tcpprotocount = read16u();
667    
668    print_indentation();    print_indentation();
669    printf("TCP proto count %d\n", tcpprotocount);    printf("TCP proto count %u\n", tcpprotocount);
670    
671    indent();    indent();
672    
673    for (i = 0; i < tcpprotocount; i++) {    for (i = 0; i < tcpprotocount; i++) {
674      unsigned short port;      unsigned short port;
675      unsigned long syn;      unsigned long syn;
676      unsigned long in;      unsigned long in;
677      unsigned long out;      unsigned long out;
678    
679      port = read16u();      port = read16u();
680    
681      print_indentation();      print_indentation();
682      printf("Port %d:\n", port);      printf("Port %u:\n", port);
683    
684      syn = read64u();      syn = read64u();
685    
686      indent();      indent();
687      print_indentation();      print_indentation();
688      printf("SYN %lu\n", syn);      printf("SYN %lu\n", syn);
689    
690      in = read64u();      in = read64u();
691    
692      print_indentation();      print_indentation();
693      printf("In %lu\n", in);      printf("In %lu\n", in);
694    
695      out = read64u();      out = read64u();
696    
697      print_indentation();      print_indentation();
# Line 700  void decode_udp_data(void) Line 700  void decode_udp_data(void)
700      exdent();      exdent();
701    } // for    } // for
702    
703    exdent();    exdent();
704  } // decode_tcp_data()  } // decode_tcp_data()
705    
706  void decode_udp_data(void)  void decode_udp_data(void)
707  {  {
708    unsigned char udpprotocount;    unsigned char udpprotocount;
709    
710    unsigned short i;    unsigned short i;
711    
712    udpprotocount = read16u();    udpprotocount = read16u();
713    
714    print_indentation();    print_indentation();
715    printf("UDP proto count %d\n", udpprotocount);    printf("UDP proto count %u\n", udpprotocount);
716    
717    indent();    indent();
718    
719    for (i = 0; i < udpprotocount; i++) {    for (i = 0; i < udpprotocount; i++) {
720      unsigned short port;      unsigned short port;
721      unsigned long in;      unsigned long in;
722      unsigned long out;      unsigned long out;
723    
724      port = read16u();      port = read16u();
725    
726      print_indentation();      print_indentation();
727      printf("Port %d:\n", port);      printf("Port %u:\n", port);
728    
729      in = read64u();      in = read64u();
730    
731      indent();      indent();
732      print_indentation();      print_indentation();
733      printf("In %lu\n", in);      printf("In %lu\n", in);
734    
735      out = read64u();      out = read64u();
736    
737      print_indentation();      print_indentation();
738      printf("Out %lu\n", out);      printf("Out %lu\n", out);
739    
740      exdent();      exdent();
741    } // for    } // for
742    
# Line 752  void decode_graph_db_v1(void) Line 752  void decode_graph_db_v1(void)
752    lasttime = read64s();    lasttime = read64s();
753    
754    indent();    indent();
755    print_indentation();    print_indentation();
756    printf("Last time 0x%lx = %ld = ", lasttime, lasttime);    printf("Last time 0x%lx = %ld = ", lasttime, lasttime);
757    print_time_t(lasttime);    print_time_t(lasttime);
758    puts("");    puts("");
759    
760    for (i = 0; i < 4; i++) {    for (i = 0; i < 4; i++) {
761      unsigned char nbars;      unsigned char nbars;
762      unsigned char idxlastbar;      unsigned char idxlastbar;
763    
764      unsigned int j;      unsigned int j;
765    
766      print_indentation();      print_indentation();
767      printf("Graph #%d of 4:\n", i + 1);      printf("Graph #%u of 4:\n", i + 1);
768    
769      nbars = read8u();      nbars = read8u();
770    
771      indent();      indent();
772      print_indentation();      print_indentation();
773      printf("Number of bars %u\n", nbars);      printf("Number of bars %u\n", nbars);
774    
775      idxlastbar = read8u();      idxlastbar = read8u();
776    
777      print_indentation();      print_indentation();
778      printf("Index of last bar %u\n", idxlastbar);      printf("Index of last bar %u\n", idxlastbar);
779    
780      indent();      indent();
781      for (j = 0; j < idxlastbar; j++) {      for (j = 0; j < idxlastbar; j++) {
782        unsigned long in;        unsigned long in;
# Line 954  void handle_file_error(void) Line 954  void handle_file_error(void)
954    if ( (r = fread((void *)&v, sizeof(v), 1, file)) != 1) {    if ( (r = fread((void *)&v, sizeof(v), 1, file)) != 1) {
955      handle_file_error();      handle_file_error();
956    } // if    } // if
957    
958  #ifdef __LITTLE_ENDIAN__  #ifdef __LITTLE_ENDIAN__
959    p2[1] = ntohl(p1[0]);    p2[1] = ntohl(p1[0]);
960    p2[0] = ntohl(p1[1]);    p2[0] = ntohl(p1[1]);
961    v = tmp;    v = tmp;
962  #endif  #endif
963    
964    return v;    return v;
965  } // read64s()  } // read64s()
966    
967  void handle_file_error(void)  void handle_file_error(void)
968  {  {
969      int saved_errno = errno;
970    
971    if (feof(file) != 0) {    if (feof(file) != 0) {
972      fprintf(stderr, "%s:%s: premature end-of-file\n", progname, filename);      fprintf(stderr, "%s:%s:%ld: premature end-of-file\n", progname, filename, ftell(file));
973      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
974    } // if    } // if
975    
976    if (ferror(file) != 0) {    if (ferror(file) != 0) {
977      fprintf(stderr, "%s:%s: file error, errno = %s (%d)\n", progname, filename, strerror(errno), errno);      fprintf(stderr, "%s:%s:%ld: file error, errno = %s (%d)\n", progname, filename, ftell(file), strerror(saved_errno), saved_errno);
978      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
979    } // if    } // if
980  } // handle_file_error()  } // handle_file_error()
981    
982  signed long long indentation = 0LL;  signed long long indentation = 0LL;
983    
984  void indent(void)  void indent(void)
985  {  {
986    indentation += 2LL;    indentation += 2LL;
987  } // indent()  } // indent()
988    
989  void exdent(void)  void exdent(void)
990  {  {
991    indentation -= 2LL;    indentation -= 2LL;
992    
# Line 999  void print_time_t(time_t t) Line 1001  void print_time_t(time_t t)
1001    
1002    for (i = 0; i < indentation; i++) {    for (i = 0; i < indentation; i++) {
1003      putchar(' ');      putchar(' ');
1004    } // for    } // for
1005  } // print_indentation()  } // print_indentation()
1006    
1007  void print_time_t(time_t t)  void print_time_t(time_t t)
1008  {  {
1009    struct tm *stm;    struct tm *stm;
1010    char buffer[1024];    char buffer[1024];
1011    
1012    stm = gmtime(&t);    stm = gmtime(&t);
1013    
1014    // ISO 8601 format    // ISO 8601 format
1015    if (strftime(buffer, sizeof(buffer), "%Y-%m-%dT%H:%M:%S%z", stm) == 0) {    if (strftime(buffer, sizeof(buffer), "%Y-%m-%dT%H:%M:%S%z", stm) == 0) {
1016      fprintf(stderr, "%s:%s: strftime() error, errno = %s (%d)\n", progname, filename, strerror(errno), errno);      int saved_errno = errno;
1017    
1018        fprintf(stderr, "%s:%s:%ld: strftime() error, errno = %s (%d)\n", progname, filename, ftell(file), strerror(saved_errno), saved_errno);
1019      exit(EXIT_FAILURE);      exit(EXIT_FAILURE);
1020    } // if    } // if
1021    
1022    fputs(buffer, stdout);    fputs(buffer, stdout);
1023  } // print_time_t()  } // print_time_t()
1024    
1025  // darkstattype.c  // darkstattype.c


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

svn@ximalas.info
ViewVC Help
Powered by ViewVC 1.3.0-dev