#include <cstdlib>
#include <cmath>
#include <signal.h>
-#include <netinet/ether.h>
-#include <netinet/ip.h>
-#include <netinet/tcp.h>
-#include <netinet/udp.h>
#include <msp/core/getopt.h>
#include <msp/debug/profilingscope.h>
#include <msp/gl/blend.h>
#include <msp/gl/projection.h>
#include <msp/gl/texture2d.h>
#include <msp/gl/transform.h>
+#include <msp/io/print.h>
#include <msp/strings/format.h>
#include <msp/time/units.h>
#include <msp/time/utils.h>
throw usage_error("No interface given");
iface = argv[1];
- char err[1024];
+ char err[PCAP_ERRBUF_SIZE];
+ pcap_if_t *devs;
+ if(pcap_findalldevs(&devs, err)==-1)
+ throw runtime_error(err);
+
pcap = pcap_open_live(iface.c_str(), 128, true, 0, err);
if(!pcap)
throw runtime_error(err);
if(pcap_setnonblock(pcap, true, err)==-1)
throw runtime_error(err);
- pcap_lookupnet(iface.c_str(), &localnet, &localnet_mask, err);
- localnet = ntohl(localnet);
- localnet_mask = ntohl(localnet_mask);
+ for(pcap_if_t *d=devs; d; d=d->next)
+ if(iface==d->name)
+ {
+ for(pcap_addr_t *a=d->addresses; a; a=a->next)
+ {
+ if(a->addr->sa_family==AF_INET)
+ {
+ Address addr(ntohl(reinterpret_cast<sockaddr_in *>(a->addr)->sin_addr.s_addr));
+ if(a->netmask)
+ addr.set_mask(Address(ntohl(reinterpret_cast<sockaddr_in *>(a->netmask)->sin_addr.s_addr)));
+ localnets.push_back(addr);
+ }
+ else if(a->addr->sa_family==AF_INET6)
+ {
+ Address addr(reinterpret_cast<sockaddr_in6 *>(a->addr)->sin6_addr);
+ if(a->netmask)
+ addr.set_mask(Address(reinterpret_cast<sockaddr_in6 *>(a->netmask)->sin6_addr));
+ localnets.push_back(addr);
+ }
+ }
+ }
+
+ pcap_freealldevs(devs);
resolver = new Resolver;
delete wnd;
pcap_close(pcap);
- for(map<unsigned, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
+ for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
delete i->second;
- for(map<unsigned, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end(); ++i)
+ for(map<Address, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end(); ++i)
delete i->second;
for(map<unsigned, Port *>::iterator i=ports.begin(); i!=ports.end(); ++i)
delete i->second;
float min_activity = numeric_limits<float>::max();
- for(map<unsigned, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
+ for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
{
i->second->tick(dt);
min_activity = min(min_activity, i->second->get_activity());
}
float del_limit = pow(10, 6-0.1*static_cast<int>(max_hosts-hosts.size()-disabled_hosts.size()));
- for(map<unsigned, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end();)
+ for(map<Address, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end();)
{
i->second->tick(dt);
if(hosts.size()>max_visible_hosts)
{
list<float> activity;
- for(map<unsigned, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
+ for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
activity.push_back(i->second->get_activity());
activity.sort();
advance(j, activity.size()-max_visible_hosts);
float limit = *j;
- for(map<unsigned, Host *>::iterator i=hosts.begin(); i!=hosts.end();)
+ for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end();)
{
if(i->second->get_activity()<limit)
{
GL::MatrixStack::projection() = GL::Matrix::ortho_centered(1024, 768);
GL::MatrixStack::modelview() = GL::Matrix();
- for(map<unsigned, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
+ for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
i->second->render();
{
GL::Immediate imm((GL::COLOR4_UBYTE, GL::VERTEX2));
history->render();
}
-Host &NetVis::get_host(unsigned a)
+Host &NetVis::get_host(const Address &a)
{
- map<unsigned, Host *>::iterator i = hosts.find(a);
+ map<Address, Host *>::iterator i = hosts.find(a);
if(i!=hosts.end())
return *i->second;
return *i->second;
Host *host = new Host(*this, a);
- if((a&localnet_mask)==localnet)
- host->set_local(true);
+ for(list<Address>::const_iterator j=localnets.begin(); j!=localnets.end(); ++j)
+ if(j->masked_match(a))
+ host->set_local(true);
resolver->push(host);
host->set_position(Vector2(rand()*400.0/RAND_MAX-200.0, rand()*400.0/RAND_MAX-200.0));
for(unsigned j=0; j<100; ++j)
if(i!=ports.end())
return *i->second;
Port *port = new Port(*this, number);
+ if(number>=0x10000)
+ {
+ if((number&0xFF)==IPPROTO_ICMP)
+ port->set_name("icmp");
+ else if((number&0xFF)==IPPROTO_ICMPV6)
+ port->set_name("icmp6");
+ }
ports[number] = port;
return *port;
}
-void NetVis::capture_handler(unsigned char *user, const pcap_pkthdr *, const unsigned char *data)
+void NetVis::capture_handler(unsigned char *user, const pcap_pkthdr *cap, const unsigned char *data)
{
NetVis *self = reinterpret_cast<NetVis *>(user);
+ CaptureContext ctx;
+ ctx.cap_hdr = cap;
const ethhdr *eth = reinterpret_cast<const ethhdr *>(data);
- if(ntohs(eth->h_proto)==ETH_P_IP)
+ self->handle_ethernet(ctx, eth, cap->caplen);
+}
+
+void NetVis::handle_ethernet(CaptureContext &ctx, const ethhdr *eth, unsigned len)
+{
+ ctx.size = ctx.cap_hdr->len-sizeof(ethhdr);
+
+ int proto = ntohs(eth->h_proto);
+ if(proto==ETH_P_IP)
{
const iphdr *ip = reinterpret_cast<const iphdr *>(eth+1);
+ handle_ipv4(ctx, ip, len-sizeof(ethhdr));
+ }
+ else if(proto==ETH_P_IPV6)
+ {
+ const ip6_hdr *ip6 = reinterpret_cast<const ip6_hdr *>(eth+1);
+ handle_ipv6(ctx, ip6, len-sizeof(ethhdr));
+ }
+ else
+ IO::print("Unknown protocol in eth: %d\n", proto);
+}
- unsigned size = ntohs(ip->tot_len);
+void NetVis::handle_ipv4(CaptureContext &ctx, const iphdr *ip, unsigned len)
+{
+ ctx.src_host = &get_host(ntohl(ip->saddr));
+ if((ntohl(ip->daddr)&0xFF)!=0xFF)
+ ctx.dst_host = &get_host(ntohl(ip->daddr));
- Port *sport = 0;
- Port *dport = 0;
- if(ip->protocol==IPPROTO_TCP)
- {
- const tcphdr *tcp = reinterpret_cast<const tcphdr *>(ip+1);
- sport = &self->get_port(ntohs(tcp->source));
- dport = &self->get_port(ntohs(tcp->dest));
- }
- else if(ip->protocol==IPPROTO_UDP)
- {
- const udphdr *udp = reinterpret_cast<const udphdr *>(ip+1);
- sport = &self->get_port(ntohs(udp->source));
- dport = &self->get_port(ntohs(udp->dest));
- }
+ if(ip->protocol==IPPROTO_TCP)
+ {
+ const tcphdr *tcp = reinterpret_cast<const tcphdr *>(ip+1);
+ handle_tcp(ctx, tcp, len-sizeof(iphdr));
+ }
+ else if(ip->protocol==IPPROTO_UDP)
+ {
+ const udphdr *udp = reinterpret_cast<const udphdr *>(ip+1);
+ handle_udp(ctx, udp, len-sizeof(iphdr));
+ }
+ else if(ip->protocol==IPPROTO_ICMP)
+ {
+ const icmphdr *icmp = reinterpret_cast<const icmphdr *>(ip+1);
+ handle_icmp(ctx, icmp, len-sizeof(iphdr));
+ }
+ else
+ IO::print("Unknown protocol in ip: %d\n", ip->protocol);
+}
- Port *port = 0;
- if(sport && dport)
- {
- if(sport->is_registered()!=dport->is_registered())
- {
- if(sport->is_registered())
- port = sport;
- else
- port = dport;
- }
- else if(sport->get_number()<dport->get_number())
- port = sport;
- else
- port = dport;
- }
- else
- port = &self->get_port(0);
+void NetVis::handle_ipv6(CaptureContext &ctx, const ip6_hdr *ip6, unsigned len)
+{
+ ctx.src_host = &get_host(ip6->ip6_src);
+ if(!IN6_IS_ADDR_MULTICAST(ip6->ip6_dst.s6_addr))
+ ctx.dst_host = &get_host(ip6->ip6_dst);
- Host &shost = self->get_host(ntohl(ip->saddr));
- Host *dhost = 0;
- if((ntohl(ip->daddr)&0xFF)!=0xFF)
- dhost = &self->get_host(ntohl(ip->daddr));
+ if(ip6->ip6_nxt==IPPROTO_TCP)
+ {
+ const tcphdr *tcp = reinterpret_cast<const tcphdr *>(ip6+1);
+ handle_tcp(ctx, tcp, len-sizeof(ip6_hdr));
+ }
+ else if(ip6->ip6_nxt==IPPROTO_UDP)
+ {
+ const udphdr *udp = reinterpret_cast<const udphdr *>(ip6+1);
+ handle_udp(ctx, udp, len-sizeof(ip6_hdr));
+ }
+ else if(ip6->ip6_nxt==IPPROTO_ICMPV6)
+ {
+ const icmp6_hdr *icmp6 = reinterpret_cast<const icmp6_hdr *>(ip6+1);
+ handle_icmp6(ctx, icmp6, len-sizeof(ip6_hdr));
+ }
+ else
+ IO::print("Unknown next header in ip6: %d\n", ip6->ip6_nxt);
+}
- float throttle = shost.send_packet();
- if(throttle<1)
- {
- self->packets.push_back(new Packet(shost, dhost, port->get_color(), size));
- self->packets.back()->tick(-throttle*Msp::Time::sec);
- }
+void NetVis::handle_tcp(CaptureContext &ctx, const tcphdr *tcp, unsigned)
+{
+ ctx.src_port = &get_port(ntohs(tcp->source));
+ ctx.dst_port = &get_port(ntohs(tcp->dest));
+ handle_packet(ctx);
+}
- shost.add_activity(size);
- if(dhost)
- dhost->add_activity(size);
+void NetVis::handle_udp(CaptureContext &ctx, const udphdr *udp, unsigned)
+{
+ ctx.src_port = &get_port(ntohs(udp->source));
+ ctx.dst_port = &get_port(ntohs(udp->dest));
+ handle_packet(ctx);
+}
- if(sport)
- sport->add_activity(size);
- if(dport)
- dport->add_activity(size);
+void NetVis::handle_icmp(CaptureContext &ctx, const icmphdr *, unsigned)
+{
+ ctx.src_port = &get_port(0x10000|IPPROTO_ICMP);
+ ctx.dst_port = ctx.src_port;
+ handle_packet(ctx);
+}
+
+void NetVis::handle_icmp6(CaptureContext &ctx, const icmp6_hdr *, unsigned)
+{
+ ctx.src_port = &get_port(0x10000|IPPROTO_ICMPV6);
+ ctx.dst_port = ctx.src_port;
+ handle_packet(ctx);
+}
+
+void NetVis::handle_packet(CaptureContext &ctx)
+{
+ Port *port = 0;
+ if(ctx.src_port && ctx.dst_port)
+ {
+ if(ctx.src_port->is_registered()!=ctx.dst_port->is_registered())
+ {
+ if(ctx.src_port->is_registered())
+ port = ctx.src_port;
+ else
+ port = ctx.dst_port;
+ }
+ else if(ctx.src_port->get_number()<ctx.dst_port->get_number())
+ port = ctx.src_port;
+ else
+ port = ctx.dst_port;
+ }
+ else
+ port = &get_port(0);
- if((ntohl(ip->saddr)&self->localnet_mask)==self->localnet)
- self->history->activity(0, size);
- else if((ntohl(ip->daddr)&self->localnet_mask)==self->localnet)
- self->history->activity(size, 0);
+ float throttle = ctx.src_host->send_packet();
+ if(throttle<1)
+ {
+ packets.push_back(new Packet(*ctx.src_host, ctx.dst_host, port->get_color(), ctx.size));
+ packets.back()->tick(-throttle*Msp::Time::sec);
}
+
+ ctx.src_host->add_activity(ctx.size);
+ if(ctx.dst_host)
+ ctx.dst_host->add_activity(ctx.size);
+
+ if(ctx.src_port)
+ ctx.src_port->add_activity(ctx.size);
+ if(ctx.dst_port)
+ ctx.dst_port->add_activity(ctx.size);
+
+ bool local_src = ctx.src_host->is_local();
+ bool local_dst = (ctx.dst_host && ctx.dst_host->is_local());
+ if(local_src && !local_dst)
+ history->activity(0, ctx.size);
+ else if(local_dst && !local_src)
+ history->activity(ctx.size, 0);
}
void NetVis::sighandler(int)
{
exit(0);
}
+
+
+NetVis::CaptureContext::CaptureContext():
+ cap_hdr(0),
+ src_host(0),
+ src_port(0),
+ dst_host(0),
+ dst_port(0),
+ size(0)
+{ }