cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ngrep: update to git version from 2019

Browse Source
This commit is contained in:
sthen 2021-02-17 12:57:58 +00:00
parent b169069d47
commit 0b687c88b1
9 changed files with 20 additions and 951 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
net/ngrep/Makefile
View File

@ -1,14 +1,13 @@
# $OpenBSD: Makefile,v 1.39 2019/07/12 20:48:34 sthen Exp $
# $OpenBSD: Makefile,v 1.40 2021/02/17 12:57:58 sthen Exp $
COMMENT= network grep
DISTNAME= ngrep-1.45
REVISION= 5
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ngrep/}
EXTRACT_SUFX= .tar.bz2
GH_ACCOUNT= jpr5
GH_PROJECT= ngrep
GH_COMMIT= 2a9603bc67dface9606a658da45e1f5c65170444
DISTNAME= ngrep-1.47.20190128
HOMEPAGE= http://ngrep.sourceforge.net/
CATEGORIES= net
# custom BSD-like
PERMIT_PACKAGE= Yes
@ -19,7 +18,7 @@ LIB_DEPENDS= devel/pcre
NO_TEST= Yes
USE_GMAKE= Yes
AUTOCONF_VERSION= 2.60
AUTOCONF_VERSION= 2.69
CONFIGURE_STYLE= autoconf no-autoheader
CONFIGURE_ARGS+= --enable-ipv6 \
--enable-pcre \

4
net/ngrep/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (ngrep-1.45.tar.bz2) = rqbdM32oeBhHx1s7W4duTenFhSDg13MQZ5qXn8ZAL6c=
SIZE (ngrep-1.45.tar.bz2) = 463361
SHA256 (ngrep-1.47.20190128-2a9603bc.tar.gz) = UAwpkU3Sb1qm3wdEY4jUm2AkliLJsP0fJm9ipXBvBWw=
SIZE (ngrep-1.47.20190128-2a9603bc.tar.gz) = 187252

49
net/ngrep/patches/patch-Makefile_in
View File

@ -1,49 +0,0 @@
--- Makefile.in.orig Tue Nov 28 13:35:37 2006
+++ Makefile.in Thu Mar 26 22:14:15 2009
@@ -11,7 +11,7 @@ CFLAGS=@CFLAGS@ -D@OS@ @DEFS@ @EXTRA_DEFINES@
INCLUDES=-I@srcdir@ @PCAP_INCLUDE@ @EXTRA_INCLUDES@
LDFLAGS=@LDFLAGS@ @PCAP_LINK@
-LIBS=-lpcap @EXTRA_LIBS@
+LIBS=@LIBS@ @EXTRA_LIBS@
STRIPFLAG=@STRIPFLAG@
@@ -25,14 +25,14 @@ exec_prefix = @exec_prefix@
bindir = $(prefix)/bin
datadir = $(prefix)/share
-mandir = $(datadir)/man
+mandir = $(prefix)/man
-BINDIR_INSTALL = $(prefix)/bin
+BINDIR_INSTALL = $(prefix)/sbin
MANDIR_INSTALL = $(mandir)/man8
INSTALL = ./install-sh
-REGEX_DIR=@REGEX_DIR@
+#REGEX_DIR=@REGEX_DIR@
REGEX_OBJS=@REGEX_OBJS@
@@ -55,15 +55,15 @@ install: $(TARGET)
$(CC) $(CFLAGS) $(INCLUDES) -g -c $<
clean:
- make -C $(REGEX_DIR) clean
+ #make -C $(REGEX_DIR) clean
rm -f *~ $(OBJS) $(REGEX_OBJS) $(TARGET) $(TARGET).static
distclean: clean
- make -C $(REGEX_DIR) distclean
+ #make -C $(REGEX_DIR) distclean
rm -f config.status config.cache config.log config.h Makefile
-$(REGEX_OBJS): $(REGEX_OBJS:.o=.c) $(REGEX_DIR)/*.h
- $(MAKE) $(MAKEFLAGS) -C $(REGEX_DIR) $(notdir $(REGEX_OBJS))
+#$(REGEX_OBJS): $(REGEX_OBJS:.o=.c) $(REGEX_DIR)/*.h
+# $(MAKE) $(MAKEFLAGS) -C $(REGEX_DIR) $(notdir $(REGEX_OBJS))
$(OBJS): Makefile ngrep.c ngrep.h

17
net/ngrep/patches/patch-config_h_in
View File

@ -1,17 +0,0 @@
$OpenBSD: patch-config_h_in,v 1.2 2011/06/18 14:02:38 kili Exp $
--- config.h.in.orig Tue Nov 28 14:36:02 2006
+++ config.h.in Sat Jun 18 14:55:32 2011
@@ -11,12 +11,11 @@
#define USE_IPv6 @USE_IPv6@
#define HAVE_DLT_RAW @HAVE_DLT_RAW@
+#define HAVE_DLT_PFLOG @HAVE_DLT_PFLOG@
#define HAVE_DLT_LOOP @HAVE_DLT_LOOP@
#define HAVE_DLT_LINUX_SLL @HAVE_DLT_LINUX_SLL@
#define HAVE_DLT_IEEE802_11 @HAVE_DLT_IEEE802_11@
#define HAVE_DLT_IEEE802_11_RADIO @HAVE_DLT_IEEE802_11_RADIO@
-
-#define HAVE_DUMB_UDPHDR @HAVE_DUMB_UDPHDR@
#define USE_PCAP_RESTART @USE_PCAP_RESTART@
#define PCAP_RESTART_FUNC @PCAP_RESTART_FUNC@

99
net/ngrep/patches/patch-configure_in
View File

@ -1,99 +0,0 @@
--- configure.in.orig Wed Nov 15 03:43:56 2006
+++ configure.in Thu Jun 16 16:09:24 2011
@@ -111,47 +111,12 @@ else
fi
-dnl
-dnl Configure the regular expression library.
-dnl
+AC_CHECK_LIB(pcre, pcre_compile,,echo need pcre lib; exit)
+REGEX_OBJS=''
+USE_PCRE="1"
-AC_ARG_ENABLE(pcre,
-[ --enable-pcre use PCRE instead of GNU regex],
-[
- use_pcre="$enableval"
-],
-[
- use_pcre="no"
-])
-
-if test $use_pcre = yes; then
-
- echo
- echo 'Configuring Perl-Compatible Regular Expression (PCRE) library ...'
- echo
-
- REGEX_DIR='pcre-5.0'
- REGEX_OBJS="$REGEX_DIR/pcre.o $REGEX_DIR/study.o"
- USE_PCRE="1"
-
-else
-
- echo
- echo 'Configuring GNU Regular Expression library ...'
- echo
-
- REGEX_DIR='regex-0.12'
- REGEX_OBJS="$REGEX_DIR/regex.o"
- USE_PCRE="0"
-
-fi
-
-( cd $REGEX_DIR && ./configure )
-
-AC_SUBST(REGEX_DIR)
AC_SUBST(REGEX_OBJS)
-
echo
echo 'Configuring Network Grep (ngrep) ...'
echo
@@ -194,18 +159,6 @@ unsigned short bar = foo.source;
*bsd*)
AC_SUBST(OS, BSD)
- if test "$USE_PCAP_RESTART" = "0"; then
-
- AC_MSG_WARN(
-Your OS ($target_os) may have an old libpcap installation.
-If the resulting ngrep binary segfaults when a BPF filter is specified
-without an ngrep match string then you should reconfigure ngrep with
-the option ``--disable-pcap-restart''.
-)
- sleep 3
-
- fi
-
;;
*solaris*)
@@ -381,6 +334,18 @@ yes
[HAVE_DLT_RAW="1" && echo yes], [HAVE_DLT_RAW="0" && echo no])
+present=""
+AC_MSG_CHECKING(for DLT_PFLOG in bpf.h)
+AC_EGREP_CPP(yes,
+[
+#include <$BPF>
+#ifdef DLT_PFLOG
+yes
+#endif
+],
+[HAVE_DLT_PFLOG="1" && echo yes], [HAVE_DLT_PFLOG="0" && echo no])
+
+
dnl
dnl Now that we're past the OS-specific stuff, which could have
dnl modified our USE_* and other defines, define them all now.
@@ -397,6 +362,7 @@ AC_DEFINE_UNQUOTED(DROPPRIVS_USER, "$DROPPRI
AC_DEFINE_UNQUOTED(HAVE_DUMB_UDPHDR, $HAVE_DUMB_UDPHDR, [whether to accommodate broken redhat-glibc udphdr declaration (default no)])
AC_DEFINE_UNQUOTED(HAVE_DLT_RAW, $HAVE_DLT_RAW, [presence of DLT_RAW in bpf.h])
+AC_DEFINE_UNQUOTED(HAVE_DLT_PFLOG, $HAVE_DLT_PFLOG, [presence of DLT_PFLOG in bpf.h])
AC_DEFINE_UNQUOTED(HAVE_DLT_IEEE802_11, $HAVE_DLT_IEEE802_11, [presence of DLT_IEEE802_11 in bpf.h])
AC_DEFINE_UNQUOTED(HAVE_DLT_IEEE802_11_RADIO, $HAVE_DLT_IEEE802_11_RADIO, [presence of DLT_IEEE802_11_RADIO in bpf.h])
AC_DEFINE_UNQUOTED(HAVE_DLT_LOOP, $HAVE_DLT_LOOP, [presence of DLT_LOOP in bpf.h])

11
net/ngrep/patches/patch-doc_README_txt
View File

@ -1,11 +0,0 @@
$OpenBSD: patch-doc_README_txt,v 1.1 2011/06/16 21:21:43 sthen Exp $
--- doc/README.txt.orig Tue Nov 28 13:37:34 2006
+++ doc/README.txt Thu Jun 16 16:04:12 2011
@@ -41,6 +41,7 @@ Usage: ngrep <LhNXViwqpevxlDtTRM> <-IO pcap_dump> <-n
-D is replay pcap_dumps with their recorded time intervals
-t is print timestamp every time a packet is matched
-T is print delta timestamp every time a packet is matched
+ specify twice for delta from first match
-M is don't do multi-line match (do single-line match instead)
-I is read packet stream from pcap format file pcap_dump
-O is dump matched packets in pcap format to pcap_dump

49
net/ngrep/patches/patch-ngrep_8
View File

@ -1,49 +0,0 @@
$OpenBSD: patch-ngrep_8,v 1.6 2011/06/18 14:02:38 kili Exp $
--- ngrep.8.orig Tue Nov 28 14:36:31 2006
+++ ngrep.8 Sat Jun 18 14:57:33 2011
@@ -2,11 +2,11 @@
.\"
.\" All content, except portions of the bpf filter explanation, are:
.\"
-.\" Copyright (c) 2006 Jordan Ritter <jpr5@darkridge.com>
+.\" Copyright (c) 2007 Jordan Ritter <jpr5@darkridge.com>
.\"
.\" Please refer to the LICENSE file for more information.
-.TH NGREP 8 "November 2006" *nux "User Manuals"
+.TH NGREP 8 "December 2007" *nux "User Manuals"
.SH NAME
@@ -106,7 +106,8 @@ a packet is matched.
.IP -T
Print a timestamp in the form of +S.UUUUUU, indicating the delta
-between packet matches.
+between packet matches. Specify a second time to indicate the delta
+since the first packet match.
.IP -R
Do not try to drop privileges to the DROPPRIVS_USER.
@@ -180,21 +181,6 @@ this option to force ngrep to listen on interface \fId
.IP "-A num"
Dump \fInum\fP packets of trailing context after matching a packet.
-
-.IP "-W normal|byline|none"
-Alter the method by which ngrep displays packet payload. ``normal''
-mode represents the standard behaviour, ``byline'' instructs ngrep to
-respect embedded linefeeds (useful for observing HTTP transactions,
-for instance), and ``none'' results in the payload on one single line
-(useful for scripted processing of ngrep output).
-
-.IP "-c cols"
-Ignore the detected terminal width and force the column width to the
-specified size.
-
-.IP "-P char"
-Change the non-printable character from the default ``.'' to the
-character specified.
.IP "\fI match expression\fP"
A match expression is either an extended regular expression, or if the

621
net/ngrep/patches/patch-ngrep_c
View File

@ -1,612 +1,13 @@
$OpenBSD: patch-ngrep_c,v 1.7 2017/02/07 12:32:56 sthen Exp $
--- ngrep.c.orig Tue Nov 28 13:38:43 2006
+++ ngrep.c Tue Feb 7 12:31:35 2017
@@ -60,6 +60,7 @@
#include <config.h>
#define strcasecmp stricmp
+#define strncasecmp strnicmp
#else
@@ -74,6 +75,7 @@
#include <stdlib.h>
#include <string.h>
#include <signal.h>
+#include <locale.h>
#if !defined(_WIN32)
#include <errno.h>
@@ -92,7 +94,7 @@
$OpenBSD: patch-ngrep_c,v 1.8 2021/02/17 12:57:58 sthen Exp $
Index: ngrep.c
--- ngrep.c.orig
+++ ngrep.c
@@ -16,6 +16,7 @@
#include <arpa/inet.h>
#include <sys/tty.h>
#include <pwd.h>
+#include <stdint.h>
#endif
#if USE_PCRE
-#include "pcre-5.0/pcre.h"
+#include "pcre.h"
#else
#include "regex-0.12/regex.h"
#endif
@@ -114,6 +116,7 @@ uint8_t show_empty = 0, show_hex = 0, show_proto = 0,
uint8_t invert_match = 0, bin_match = 0;
uint8_t live_read = 1, want_delay = 0;
uint8_t dont_dropprivs = 0;
+uint8_t enable_hilite = 0;
char *read_file = NULL, *dump_file = NULL;
char *usedev = NULL;
@@ -145,7 +148,7 @@ uint16_t match_len = 0;
int8_t (*match_func)() = &blank_match_func;
int8_t dump_single = 0;
-void (*dump_func)(unsigned char *, uint32_t) = &dump_formatted;
+void (*dump_func)(unsigned char *, uint32_t, uint16_t, uint16_t) = &dump_formatted;
/*
* BPF/Network
@@ -153,10 +156,10 @@ void (*dump_func)(unsigned char *, uint32_t) = &dump_f
char *filter = NULL, *filter_file = NULL;
char pc_err[PCAP_ERRBUF_SIZE];
-uint8_t link_offset;
+uint8_t link_offset, vlan_offset = 0;
uint8_t radiotap_present = 0;
-pcap_t *pd = NULL;
+pcap_t *pd = NULL, *pd_dumppcap = NULL;
pcap_dumper_t *pd_dump = NULL;
struct bpf_program pcapfilter;
struct in_addr net, mask;
@@ -176,8 +179,7 @@ void (*print_time)() = NULL, (*dump_delay)() = dump_de
/*
- * When !Win32, windowsize stuff. We leave it in regardless to avoid
- * any additional #if complication/obfuscation.
+ * Window-size functionality (adjust output based on width of console display)
*/
uint32_t ws_row, ws_col = 80, ws_col_forced = 0;
@@ -195,7 +197,17 @@ int main(int argc, char **argv) {
signal(SIGWINCH, update_windowsize);
#endif
- while ((c = getopt(argc, argv, "LNhXViwqpevxlDtTRMs:n:c:d:A:I:O:S:P:F:W:")) != EOF) {
+#if !defined(_WIN32)
+ {
+ char const *locale = getenv("LANG");
+ if (locale == NULL)
+ locale = "en_US";
+
+ setlocale(LC_CTYPE, locale);
+ }
+#endif
+
+ while ((c = getopt(argc, argv, "LNhXViwqpevxlDtTRMCs:n:c:d:A:I:O:S:P:F:W:")) != EOF) {
switch (c) {
case 'W': {
if (!strcasecmp(optarg, "normal"))
@@ -257,6 +269,9 @@ int main(int argc, char **argv) {
if (value > 0)
snaplen = value;
} break;
+ case 'C':
+ enable_hilite = 1;
+ break;
case 'M':
re_multiline_match = 0;
break;
@@ -264,13 +279,18 @@ int main(int argc, char **argv) {
dont_dropprivs = 1;
break;
case 'T':
- print_time = &print_time_diff;
+ if (print_time == &print_time_diff) {
+ print_time = print_time_offset;
+ memset(&prev_ts, 0, sizeof(prev_ts));
+ } else {
+ print_time = &print_time_diff;
#if defined(_WIN32)
- prev_ts.tv_sec = (uint32_t)time(NULL);
- prev_ts.tv_usec = 0;
+ prev_ts.tv_sec = (uint32_t)time(NULL);
+ prev_ts.tv_usec = 0;
#else
- gettimeofday(&prev_ts, NULL);
+ gettimeofday(&prev_ts, NULL);
#endif
+ }
break;
case 't':
print_time = &print_time_absolute;
@@ -337,7 +357,12 @@ int main(int argc, char **argv) {
} else {
- char *dev = usedev ? usedev : pcap_lookupdev(pc_err);
+ char *dev = usedev ? usedev :
+#if defined(_WIN32)
+ win32_choosedevice();
+#else
+ pcap_lookupdev(pc_err);
+#endif
if (!dev) {
perror(pc_err);
@@ -391,7 +416,7 @@ int main(int argc, char **argv) {
filter = get_filter_from_argv(&argv[optind-1]);
#if USE_PCAP_RESTART
- PCAP_RESTART_FUNC();
+ PCAP_RESTART_FUNC(NULL);
#endif
if (pcap_compile(pd, &pcapfilter, filter, 0, mask.s_addr)) {
pcap_perror(pd, "pcap compile");
@@ -408,6 +433,17 @@ int main(int argc, char **argv) {
}
}
+ /* VLAN support: determine # of +4 offsets to accommodate */
+ if (filter) {
+ char const bpf_vlan[] = "vlan";
+ char *s = filter;
+ while (*s)
+ if (strncasecmp(s++, bpf_vlan, sizeof(bpf_vlan)-1) == 0)
+ vlan_offset++;
+
+ vlan_offset *= VLANHDR_SIZE;
+ }
+
if (filter && quiet < 2)
printf("filter: %s\n", filter);
@@ -549,6 +585,10 @@ int main(int argc, char **argv) {
link_offset = PPPHDR_SIZE;
break;
+ case DLT_PPP_ETHER:
+ link_offset = PPPOEHDR_SIZE;
+ break;
+
#if HAVE_DLT_LOOP
case DLT_LOOP:
#endif
@@ -579,21 +619,28 @@ int main(int argc, char **argv) {
break;
#endif
+#if HAVE_DLT_PFLOG
+ case DLT_PFLOG:
+ link_offset = PFLOGHDR_SIZE;
+ break;
+#endif
+
default:
fprintf(stderr, "fatal: unsupported interface type %u\n", pcap_datalink(pd));
clean_exit(-1);
}
+ link_offset += vlan_offset;
+
if (dump_file) {
- if (!(pd_dump = pcap_dump_open(pd, dump_file))) {
+ pd_dump = pcap_dump_open(pd, dump_file);
+ if (!pd_dump) {
fprintf(stderr, "fatal: %s\n", pcap_geterr(pd));
clean_exit(-1);
} else printf("output: %s\n", dump_file);
}
-#if !defined(_WIN32)
update_windowsize(0);
-#endif
#if defined(_WIN32)
win32_initwinsock();
@@ -603,7 +650,7 @@ int main(int argc, char **argv) {
drop_privs();
#endif
- while (pcap_loop(pd, 0, (pcap_handler)process, 0));
+ while (pcap_loop(pd, -1, (pcap_handler)process, 0));
clean_exit(0);
@@ -699,11 +746,6 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
data = (unsigned char *)(tcp_pkt) + tcphdr_offset;
len -= link_offset + ip_hl + tcphdr_offset;
-#if USE_IPv6
- if (ip_ver == 6)
- len -= ntohs(ip6_pkt->ip6_plen);
-#endif
-
if ((int32_t)len < 0)
len = 0;
@@ -719,20 +761,11 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
data = (unsigned char *)(udp_pkt) + udphdr_offset;
len -= link_offset + ip_hl + udphdr_offset;
-#if USE_IPv6
- if (ip_ver == 6)
- len -= ntohs(ip6_pkt->ip6_plen);
-#endif
-
if ((int32_t)len < 0)
len = 0;
dump_packet(h, p, ip_proto, data, len, ip_src, ip_dst,
-#if HAVE_DUMB_UDPHDR
- ntohs(udp_pkt->source), ntohs(udp_pkt->dest), 0,
-#else
ntohs(udp_pkt->uh_sport), ntohs(udp_pkt->uh_dport), 0,
-#endif
udphdr_offset, fragmented, frag_offset, frag_id);
} break;
@@ -757,7 +790,7 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
uint16_t icmp6hdr_offset = (frag_offset) ? 0 : 4;
data = (unsigned char *)(icmp6_pkt) + icmp6hdr_offset;
- len -= link_offset + ip_hl + ntohs(ip6_pkt->ip6_plen) + icmp6hdr_offset;
+ len -= link_offset + ip_hl + icmp6hdr_offset;
if ((int32_t)len < 0)
len = 0;
@@ -808,13 +841,15 @@ void dump_packet(struct pcap_pkthdr *h, u_char *p, uin
const char *ip_src, const char *ip_dst, uint16_t sport, uint16_t dport, uint8_t flags,
uint16_t hdr_offset, uint8_t frag, uint16_t frag_offset, uint32_t frag_id) {
+ uint16_t match_size, match_index;
+
if (!show_empty && len == 0)
return;
if (len > limitlen)
len = limitlen;
- if ((len > 0 && match_func(data, len) == invert_match) && !keep_matching)
+ if ((len > 0 && match_func(data, len, &match_index, &match_size) == invert_match) && !keep_matching)
return;
if (!live_read && want_delay)
@@ -879,15 +914,17 @@ void dump_packet(struct pcap_pkthdr *h, u_char *p, uin
printf("\n");
if (quiet < 3)
- dump_func(data, len);
+ dump_func(data, len, match_index, match_size);
if (pd_dump)
pcap_dump((u_char*)pd_dump, h, p);
}
-int8_t re_match_func(unsigned char *data, uint32_t len) {
+int8_t re_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
#if USE_PCRE
- switch(pcre_exec(pattern, 0, data, (int32_t)len, 0, 0, 0, 0)) {
+
+ static int sub[2];
+ switch(pcre_exec(pattern, 0, (char const *)data, (int32_t)len, 0, 0, 0, 0)) {
case PCRE_ERROR_NULL:
case PCRE_ERROR_BADOPTION:
case PCRE_ERROR_BADMAGIC:
@@ -898,15 +935,25 @@ int8_t re_match_func(unsigned char *data, uint32_t len
case PCRE_ERROR_NOMATCH:
return 0;
+
+ default:
+ *mindex = sub[0];
+ *msize = sub[1] - sub[0];
}
#else
- switch (re_search(&pattern, data, (int32_t)len, 0, len, 0)) {
+
+ static struct re_registers regs;
+ switch (re_search(&pattern, (char const *)data, (int32_t)len, 0, len, &regs)) {
case -2:
perror("she's dead, jim\n");
clean_exit(-2);
case -1:
return 0;
+
+ default:
+ *mindex = regs.start[0];
+ *msize = regs.end[0] - regs.start[0];
}
#endif
@@ -919,7 +966,7 @@ int8_t re_match_func(unsigned char *data, uint32_t len
return 1;
}
-int8_t bin_match_func(unsigned char *data, uint32_t len) {
+int8_t bin_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
int32_t stop = len - match_len;
int32_t i = 0;
@@ -934,71 +981,118 @@ int8_t bin_match_func(unsigned char *data, uint32_t le
if (match_after && keep_matching != match_after)
keep_matching = match_after;
+ *mindex = i - 1;
+ *msize = match_len;
+
return 1;
}
return 0;
}
-
-int8_t blank_match_func(unsigned char *data, uint32_t len) {
+int8_t blank_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
if (max_matches)
matches++;
+ *mindex = 0;
+ *msize = 0;
+
return 1;
}
-void dump_byline(unsigned char *data, uint32_t len) {
+void dump_byline(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
if (len > 0) {
- const unsigned char *s = data;
+ const unsigned char *s = data;
+ uint8_t should_hilite = (msize && enable_hilite);
+ unsigned char *hilite_start = data + mindex;
+ unsigned char *hilite_end = hilite_start + msize;
while (s < data + len) {
+ if (should_hilite && s == hilite_start)
+ printf(ANSI_hilite);
+
printf("%c", (*s == '\n' || isprint(*s)) ? *s : nonprint_char);
s++;
+
+ if (should_hilite && s == hilite_end)
+ printf(ANSI_off);
}
printf("\n");
}
}
-void dump_unwrapped(unsigned char *data, uint32_t len) {
+void dump_unwrapped(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
if (len > 0) {
- const unsigned char *s = data;
+ const unsigned char *s = data;
+ uint8_t should_hilite = (msize && enable_hilite);
+ unsigned char *hilite_start = data + mindex;
+ unsigned char *hilite_end = hilite_start + msize;
while (s < data + len) {
+ if (should_hilite && s == hilite_start)
+ printf(ANSI_hilite);
+
printf("%c", isprint(*s) ? *s : nonprint_char);
s++;
+
+ if (should_hilite && s == hilite_end)
+ printf(ANSI_off);
}
printf("\n");
}
}
-void dump_formatted(unsigned char *data, uint32_t len) {
+void dump_formatted(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
if (len > 0) {
- unsigned char *str = data;
- uint8_t width = show_hex ? 16 : (ws_col-5);
- uint32_t i = 0,
- j = 0;
+ uint8_t should_hilite = (msize && enable_hilite);
+ unsigned char *str = data;
+ uint8_t hiliting = 0;
+ uint8_t width = show_hex ? 16 : (ws_col-5);
+ uint32_t i = 0,
+ j = 0;
while (i < len) {
printf(" ");
- if (show_hex)
+ if (show_hex) {
for (j = 0; j < width; j++) {
+ if (should_hilite && (mindex <= (i+j) && (i+j) < mindex + msize)) {
+ hiliting = 1;
+ printf(ANSI_hilite);
+ }
+
if (i + j < len)
printf("%02x ", str[j]);
else printf(" ");
if ((j+1) % (width/2) == 0)
printf(" ");
+
+ if (hiliting) {
+ hiliting = 0;
+ printf(ANSI_off);
+ }
}
+ }
- for (j = 0; j < width; j++)
+ for (j = 0; j < width; j++) {
+ if (should_hilite && mindex <= (i+j) && (i+j) < mindex + msize) {
+ hiliting = 1;
+ printf(ANSI_hilite);
+ }
+
if (i + j < len)
printf("%c", isprint(str[j]) ? str[j] : nonprint_char);
else printf(" ");
+ if (hiliting) {
+ hiliting = 0;
+ printf(ANSI_off);
+ }
+ }
+
str += width;
i += j;
@@ -1080,7 +1174,9 @@ uint8_t strishex(char *str) {
void print_time_absolute(struct pcap_pkthdr *h) {
- struct tm *t = localtime((const time_t *)&h->ts.tv_sec);
+ struct tm *t;
+ time_t ts = h->ts.tv_sec;
+ t = localtime(&ts);
printf("%02u/%02u/%02u %02u:%02u:%02u.%06u ",
t->tm_year+1900, t->tm_mon+1, t->tm_mday, t->tm_hour,
@@ -1104,6 +1200,27 @@ void print_time_diff(struct pcap_pkthdr *h) {
prev_ts.tv_usec = h->ts.tv_usec;
}
+void print_time_offset(struct pcap_pkthdr *h) {
+ uint32_t secs, usecs;
+
+ secs = h->ts.tv_sec - prev_ts.tv_sec;
+ if (h->ts.tv_usec >= prev_ts.tv_usec)
+ usecs = h->ts.tv_usec - prev_ts.tv_usec;
+ else {
+ secs--;
+ usecs = 1000000 - (prev_ts.tv_usec - h->ts.tv_usec);
+ }
+
+ if (prev_ts.tv_sec == 0 && prev_ts.tv_usec == 0) {
+ prev_ts.tv_sec = h->ts.tv_sec;
+ prev_ts.tv_usec = h->ts.tv_usec;
+ secs = 0;
+ usecs = 0;
+ }
+
+ printf("+%u.%06u ", secs, usecs);
+}
+
void dump_delay_proc_init(struct pcap_pkthdr *h) {
dump_delay = &dump_delay_proc;
@@ -1155,26 +1272,36 @@ void dump_delay_proc(struct pcap_pkthdr *h) {
prev_delay_ts.tv_usec = h->ts.tv_usec;
}
-#if !defined(_WIN32)
void update_windowsize(int32_t e) {
if (e == 0 && ws_col_forced)
ws_col = ws_col_forced;
else if (!ws_col_forced) {
+
+#if !defined(_WIN32)
const struct winsize ws;
if (!ioctl(0, TIOCGWINSZ, &ws)) {
ws_row = ws.ws_row;
ws_col = ws.ws_col;
- } else {
+ }
+#else
+ CONSOLE_SCREEN_BUFFER_INFO csbi;
+ if (GetConsoleScreenBufferInfo(GetStdHandle(STD_OUTPUT_HANDLE), &csbi)) {
+ ws_row = csbi.dwSize.Y;
+ ws_col = csbi.dwSize.X;
+ }
+#endif
+ else {
ws_row = 24;
ws_col = 80;
}
+
}
}
-#if USE_DROPPRIVS
+#if !defined(_WIN32) && USE_DROPPRIVS
void drop_privs(void) {
struct passwd *pw;
uid_t newuid;
@@ -1197,6 +1324,14 @@ void drop_privs(void) {
perror("attempt to drop privileges failed");
clean_exit(-1);
}
+ if (chroot("/var/empty") == -1) {
+ perror("attempt to drop privileges failed: chroot failed");
+ clean_exit(-1);
+ }
+ if (chdir("/") == -1) {
+ perror("attempt to drop privileges failed: chdir failed");
+ clean_exit(-1);
+ }
if (((getgid() != newgid) && (setgid(newgid) == -1)) ||
((getegid() != newgid) && (setegid(newgid) == -1)) ||
@@ -1209,7 +1344,6 @@ void drop_privs(void) {
}
#endif
-#endif
void usage(int8_t e) {
printf("usage: ngrep <-"
@@ -1234,6 +1368,7 @@ void usage(int8_t e) {
" -D is replay pcap_dumps with their recorded time intervals\n"
" -t is print timestamp every time a packet is matched\n"
" -T is print delta timestamp every time a packet is matched\n"
+ " specify twice for delta from first match\n"
" -M is don't do multi-line match (do single-line match instead)\n"
" -I is read packet stream from pcap format file pcap_dump\n"
" -O is dump matched packets in pcap format to pcap_dump\n"
@@ -1292,8 +1427,9 @@ void clean_exit(int32_t sig) {
&& pd && !pcap_stats(pd, &s))
printf("%u received, %u dropped\n", s.ps_recv, s.ps_drop);
- if (pd) pcap_close(pd);
- if (pd_dump) pcap_dump_close(pd_dump);
+ if (pd) pcap_close(pd);
+ if (pd_dumppcap) pcap_close(pd_dumppcap);
+ if (pd_dump) pcap_dump_close(pd_dump);
#if defined(_WIN32)
if (delay_socket) closesocket(delay_socket);
@@ -1379,6 +1515,28 @@ char *win32_usedevice(const char *index) {
}
pcap_freealldevs(alldevs);
+
+ return dev;
+}
+
+char *win32_choosedevice(void) {
+ pcap_if_t *alldevs, *d;
+ char errbuf[PCAP_ERRBUF_SIZE];
+ char *dev = NULL;
+
+ if (pcap_findalldevs(&alldevs, errbuf) == -1) {
+ perror("unable to enumerate devices");
+ clean_exit(-1);
+ }
+
+ for (d = alldevs; d != NULL; d = d->next)
+ if ((d->addresses) && (d->addresses->addr))
+ dev = _strdup(d->name);
+
+ pcap_freealldevs(alldevs);
+
+ if (!dev)
+ dev = pcap_lookupdev(errbuf);
return dev;
}
#if defined(OSF1)

106
net/ngrep/patches/patch-ngrep_h
View File

@ -1,106 +0,0 @@
$OpenBSD: patch-ngrep_h,v 1.3 2011/06/18 14:02:38 kili Exp $
--- ngrep.h.orig Tue Nov 28 14:38:43 2006
+++ ngrep.h Sat Jun 18 14:55:58 2011
@@ -7,7 +7,7 @@
*
*/
-#define VERSION "1.45"
+#define VERSION "1.46-CVS"
/*
* We cache the standard frame sizes here to save us time and
@@ -17,12 +17,15 @@
#define ETHHDR_SIZE 14
#define TOKENRING_SIZE 22
#define PPPHDR_SIZE 4
+#define PPPOEHDR_SIZE 8
#define SLIPHDR_SIZE 16
#define RAWHDR_SIZE 0
#define LOOPHDR_SIZE 4
#define FDDIHDR_SIZE 21
#define ISDNHDR_SIZE 16
#define IEEE80211HDR_SIZE 32
+#define PFLOGHDR_SIZE 48
+#define VLANHDR_SIZE 4
/*
* Default patterns for BPF and regular expression filters.
@@ -34,8 +37,8 @@
#define BPF_FILTER_IP "(ip)"
#endif
-#define BPF_FILTER_OTHER " and ( %s)"
-#define BPF_MAIN_FILTER BPF_FILTER_IP BPF_FILTER_OTHER
+#define BPF_FILTER_OTHER "( %s) and "
+#define BPF_MAIN_FILTER BPF_FILTER_OTHER BPF_FILTER_IP
#define WORD_REGEX "((^%s\\W)|(\\W%s$)|(\\W%s\\W))"
@@ -77,25 +80,27 @@ void process(u_char *, struct pcap_pkthdr *, u_char *)
void version(void);
void usage(int8_t);
+void update_windowsize(int32_t);
void clean_exit(int32_t);
void dump_packet(struct pcap_pkthdr *, u_char *, uint8_t, unsigned char *, uint32_t,
const char *, const char *, uint16_t, uint16_t, uint8_t,
uint16_t, uint8_t, uint16_t, uint32_t);
-void dump_unwrapped(unsigned char *, uint32_t);
-void dump_formatted(unsigned char *, uint32_t);
-void dump_byline (unsigned char *, uint32_t);
+void dump_unwrapped(unsigned char *, uint32_t, uint16_t, uint16_t);
+void dump_formatted(unsigned char *, uint32_t, uint16_t, uint16_t);
+void dump_byline (unsigned char *, uint32_t, uint16_t, uint16_t);
void dump_delay_proc_init(struct pcap_pkthdr *);
void dump_delay_proc (struct pcap_pkthdr *);
-int8_t re_match_func (unsigned char *, uint32_t);
-int8_t bin_match_func (unsigned char *, uint32_t);
-int8_t blank_match_func(unsigned char *, uint32_t);
+int8_t re_match_func (unsigned char *, uint32_t, uint16_t *, uint16_t *);
+int8_t bin_match_func (unsigned char *, uint32_t, uint16_t *, uint16_t *);
+int8_t blank_match_func(unsigned char *, uint32_t, uint16_t *, uint16_t *);
void print_time_absolute(struct pcap_pkthdr *);
void print_time_diff (struct pcap_pkthdr *);
+void print_time_offset (struct pcap_pkthdr *);
char *get_filter_from_string(char *);
char *get_filter_from_argv (char **);
@@ -103,7 +108,6 @@ char *get_filter_from_argv (char **);
uint8_t strishex(char *);
#if !defined(_WIN32)
-void update_windowsize(int32_t);
void drop_privs(void);
#endif
@@ -111,6 +115,7 @@ void drop_privs(void);
int8_t win32_initwinsock(void);
void win32_listdevices(void);
char *win32_usedevice(const char *);
+char *win32_choosedevice(void);
#endif
@@ -120,4 +125,16 @@ struct NGREP_rtaphdr_t {
uint16_t it_len;
uint32_t it_present;
};
+
+
+/*
+ * ANSI color/hilite stuff.
+ */
+
+const char ANSI_red[] = "\33[01;31m";
+const char ANSI_bold[] = "\33[01m";
+
+const char *ANSI_hilite = ANSI_red;
+const char ANSI_off[] = "\33[00m";
+