Compare commits

...

6 commits

Author SHA1 Message Date
wllm-rbnt
cb7066478e
Merge d212450f58 into a7534300bb 2024-10-25 14:32:06 +02:00
a7534300bb
Merge pull request #115 from adulau/dependabot/github_actions/actions/upload-artifact-4.4.3
Bump actions/upload-artifact from 4.4.0 to 4.4.3
2024-10-17 06:26:39 +02:00
b8fa2f4bbf
Merge pull request #113 from infokek/pcap-logger-original-timestamps
Original PCAP timestamps instead of timeofday-generated
2024-10-17 06:26:07 +02:00
dependabot[bot]
b367ff8b04
Bump actions/upload-artifact from 4.4.0 to 4.4.3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 04:46:01 +00:00
infokek
e77e8abc18 Unused debug info removed 2024-08-20 13:36:06 +03:00
infokek
dcf6a338a3 Original pcap timestamps instead of timeofday-generated fix 2024-08-20 13:32:17 +03:00
4 changed files with 29 additions and 10 deletions

View file

@ -59,7 +59,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab. # format to the repository Actions tab.
- name: "Upload artifact" - name: "Upload artifact"
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with: with:
name: SARIF file name: SARIF file
path: results.sarif path: results.sarif

View file

@ -254,12 +254,16 @@ void logpkt_ctx_init(logpkt_ctx_t *ctx,
const struct sockaddr *src_addr, const struct sockaddr *src_addr,
socklen_t src_addr_len, socklen_t src_addr_len,
const struct sockaddr *dst_addr, const struct sockaddr *dst_addr,
socklen_t dst_addr_len) { socklen_t dst_addr_len,
const uint32_t *timestamp_sec,
const uint32_t *timestamp_usec) {
ctx->libnet = libnet; ctx->libnet = libnet;
memcpy(ctx->src_ether, src_ether, ETHER_ADDR_LEN); memcpy(ctx->src_ether, src_ether, ETHER_ADDR_LEN);
memcpy(ctx->dst_ether, dst_ether, ETHER_ADDR_LEN); memcpy(ctx->dst_ether, dst_ether, ETHER_ADDR_LEN);
memcpy(&ctx->src_addr, src_addr, src_addr_len); memcpy(&ctx->src_addr, src_addr, src_addr_len);
memcpy(&ctx->dst_addr, dst_addr, dst_addr_len); memcpy(&ctx->dst_addr, dst_addr, dst_addr_len);
memcpy(&ctx->timestamp_sec, timestamp_sec, sizeof(timestamp_sec));
memcpy(&ctx->timestamp_usec, timestamp_usec, sizeof(timestamp_usec));
ctx->src_seq = 0; ctx->src_seq = 0;
ctx->dst_seq = 0; ctx->dst_seq = 0;
if(mtu) { if(mtu) {
@ -275,13 +279,17 @@ void logpkt_ctx_init(logpkt_ctx_t *ctx,
* Write the layer 2 frame contained in *pkt* to file descriptor *fd* already * Write the layer 2 frame contained in *pkt* to file descriptor *fd* already
* open for writing. First writes a PCAP record header, then the actual frame. * open for writing. First writes a PCAP record header, then the actual frame.
*/ */
static int logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd) { static int logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd, uint32_t timestamp_sec, uint32_t timestamp_usec) {
pcap_rec_hdr_t rec_hdr; pcap_rec_hdr_t rec_hdr;
struct timeval tv; struct timeval tv;
if (timestamp_sec != 0 || timestamp_usec != 0) {
rec_hdr.ts_sec = timestamp_sec;
rec_hdr.ts_usec = timestamp_usec;
} else {
gettimeofday(&tv, NULL); gettimeofday(&tv, NULL);
rec_hdr.ts_sec = tv.tv_sec; rec_hdr.ts_sec = tv.tv_sec;
rec_hdr.ts_usec = tv.tv_usec; rec_hdr.ts_usec = tv.tv_usec;
}
rec_hdr.orig_len = rec_hdr.incl_len = pktsz; rec_hdr.orig_len = rec_hdr.incl_len = pktsz;
if(write(fd, &rec_hdr, sizeof(rec_hdr)) != sizeof(rec_hdr)) { if(write(fd, &rec_hdr, sizeof(rec_hdr)) != sizeof(rec_hdr)) {
@ -488,7 +496,8 @@ static int logpkt_write_packet(logpkt_ctx_t *ctx,
CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags, CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags,
ctx->dst_seq, ctx->src_seq, payload, payloadlen); ctx->dst_seq, ctx->src_seq, payload, payloadlen);
} }
rv = logpkt_pcap_write(buf, sz, fd);
rv = logpkt_pcap_write(buf, sz, fd, ctx->timestamp_sec, ctx->timestamp_usec);
if(rv == -1) { if(rv == -1) {
printf("Error writing packet to PCAP file\n"); printf("Error writing packet to PCAP file\n");
return -1; return -1;

View file

@ -51,6 +51,8 @@ typedef struct {
uint32_t src_seq; uint32_t src_seq;
uint32_t dst_seq; uint32_t dst_seq;
size_t mss; size_t mss;
uint32_t timestamp_sec;
uint32_t timestamp_usec;
} logpkt_ctx_t; } logpkt_ctx_t;
#define LOGPKT_REQUEST 0 #define LOGPKT_REQUEST 0
@ -65,7 +67,9 @@ void logpkt_ctx_init(logpkt_ctx_t *,
const struct sockaddr *, const struct sockaddr *,
socklen_t, socklen_t,
const struct sockaddr *, const struct sockaddr *,
socklen_t); socklen_t,
const uint32_t *,
const uint32_t *);
int logpkt_write_payload(logpkt_ctx_t *, int logpkt_write_payload(logpkt_ctx_t *,
int, int,
int, int,

View file

@ -72,6 +72,10 @@ static int create_pcap_logger(proto_obj **objp,
int _status; int _status;
logpkt_ctx_t *pcap_obj = 0; logpkt_ctx_t *pcap_obj = 0;
struct sockaddr_in src_addr, dst_addr; struct sockaddr_in src_addr, dst_addr;
uint32_t timestamp_sec, timestamp_usec;
timestamp_sec = base_time->tv_sec;
timestamp_usec = base_time->tv_usec;
if(!(pcap_obj = (logpkt_ctx_t *)calloc(1, sizeof(logpkt_ctx_t)))) if(!(pcap_obj = (logpkt_ctx_t *)calloc(1, sizeof(logpkt_ctx_t))))
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
@ -89,7 +93,9 @@ static int create_pcap_logger(proto_obj **objp,
logpkt_ctx_init(pcap_obj, NULL, 0, content_pcap_src_ether, logpkt_ctx_init(pcap_obj, NULL, 0, content_pcap_src_ether,
content_pcap_dst_ether, (const struct sockaddr *)&src_addr, content_pcap_dst_ether, (const struct sockaddr *)&src_addr,
sizeof(src_addr), (const struct sockaddr *)&dst_addr, sizeof(src_addr), (const struct sockaddr *)&dst_addr,
sizeof(dst_addr)); sizeof(dst_addr),
&timestamp_sec,
&timestamp_usec);
*objp = (proto_obj *)pcap_obj; *objp = (proto_obj *)pcap_obj;
_status = 0; _status = 0;
abort: abort: