source/netvis.cpp

   1 /* $Id$
   2
   3 This file is part of NetVis
   4 Copyright @ 2008 Mikko Rasa, Mikkosoft Productions
   5 Distributed unter the GPL
   6 */
   7
   8 #include <limits>
   9 #include <cstdlib>
  10 #include <cmath>
  11 #include <signal.h>
  12 #include <msp/core/getopt.h>
  13 #include <msp/debug/profilingscope.h>
  14 #include <msp/gl/blend.h>
  15 #include <msp/gl/framebuffer.h>
  16 #include <msp/gl/immediate.h>
  17 #include <msp/gl/matrix.h>
  18 #include <msp/gl/misc.h>
  19 #include <msp/gl/projection.h>
  20 #include <msp/gl/texture2d.h>
  21 #include <msp/gl/transform.h>
  22 #include <msp/io/print.h>
  23 #include <msp/strings/format.h>
  24 #include <msp/time/units.h>
  25 #include <msp/time/utils.h>
  26 #include "history.h"
  27 #include "host.h"
  28 #include "netvis.h"
  29 #include "packet.h"
  30 #include "port.h"
  31 #include "resolver.h"
  32
  33 using namespace std;
  34 using namespace Msp;
  35
  36 NetVis::NetVis(int argc, char **argv):
  37         pcap(0),
  38         resolver(0),
  39         wnd(0),
  40         font(0),
  41         max_hosts(1000),
  42         max_visible_hosts(30),
  43         frames(0)
  44 {
  45         if(argc<2)
  46                 throw usage_error("No interface given");
  47         iface = argv[1];
  48
  49         char err[PCAP_ERRBUF_SIZE];
  50         pcap_if_t *devs;
  51         if(pcap_findalldevs(&devs, err)==-1)
  52                 throw runtime_error(err);
  53
  54         pcap = pcap_open_live(iface.c_str(), 128, true, 0, err);
  55         if(!pcap)
  56                 throw runtime_error(err);
  57
  58         if(pcap_setnonblock(pcap, true, err)==-1)
  59                 throw runtime_error(err);
  60
  61         for(pcap_if_t *d=devs; d; d=d->next)
  62                 if(iface==d->name)
  63                 {
  64                         for(pcap_addr_t *a=d->addresses; a; a=a->next)
  65                         {
  66                                 if(a->addr->sa_family==AF_INET)
  67                                 {
  68                                         Address addr(ntohl(reinterpret_cast<sockaddr_in *>(a->addr)->sin_addr.s_addr));
  69                                         if(a->netmask)
  70                                                 addr.set_mask(Address(ntohl(reinterpret_cast<sockaddr_in *>(a->netmask)->sin_addr.s_addr)));
  71                                         localnets.push_back(addr);
  72                                 }
  73                                 else if(a->addr->sa_family==AF_INET6)
  74                                 {
  75                                         Address addr(reinterpret_cast<sockaddr_in6 *>(a->addr)->sin6_addr);
  76                                         if(a->netmask)
  77                                                 addr.set_mask(Address(reinterpret_cast<sockaddr_in6 *>(a->netmask)->sin6_addr));
  78                                         localnets.push_back(addr);
  79                                 }
  80                         }
  81                 }
  82
  83         pcap_freealldevs(devs);
  84
  85         resolver = new Resolver;
  86
  87         wnd = new Graphics::SimpleGLWindow(1024, 768);
  88         wnd->set_title("NetVis");
  89         wnd->signal_close.connect(sigc::bind(sigc::mem_fun(this, &NetVis::exit), 0));
  90         wnd->show();
  91
  92         GL::Blend::alpha().bind();
  93
  94         font = new GL::Font;
  95         DataFile::load(*font, "dejavu-10.font");
  96
  97         history = new History(*this, 301, 100);
  98
  99         catch_signal(SIGINT);
 100 }
 101
 102 NetVis::~NetVis()
 103 {
 104         delete history;
 105         delete resolver;
 106
 107         delete font;
 108         delete wnd;
 109
 110         pcap_close(pcap);
 111         for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
 112                 delete i->second;
 113         for(map<Address, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end(); ++i)
 114                 delete i->second;
 115         for(map<unsigned, Port *>::iterator i=ports.begin(); i!=ports.end(); ++i)
 116                 delete i->second;
 117         for(list<Packet *>::iterator i=packets.begin(); i!=packets.end(); ++i)
 118                 delete *i;
 119 }
 120
 121 void NetVis::tick()
 122 {
 123         Msp::Time::TimeStamp t = Msp::Time::now();
 124         Msp::Time::TimeDelta dt;
 125         if(tick_t)
 126                 dt = t-tick_t;
 127         tick_t = t;
 128
 129         if(tick_t>fps_t+Msp::Time::sec)
 130         {
 131                 fps = frames/((tick_t-fps_t)/Msp::Time::sec);
 132                 fps_t = tick_t;
 133                 frames = 0;
 134         }
 135
 136         wnd->get_display().tick();
 137
 138         while(pcap_dispatch(pcap, -1, &capture_handler, reinterpret_cast<unsigned char *>(this))>0) ;
 139
 140         resolver->tick();
 141         history->tick(tick_t);
 142
 143
 144         float min_activity = numeric_limits<float>::max();
 145         for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
 146         {
 147                 i->second->tick(dt);
 148                 min_activity = min(min_activity, i->second->get_activity());
 149         }
 150         float del_limit = pow(10, 6-0.1*static_cast<int>(max_hosts-hosts.size()-disabled_hosts.size()));
 151         for(map<Address, Host *>::iterator i=disabled_hosts.begin(); i!=disabled_hosts.end();)
 152         {
 153                 i->second->tick(dt);
 154
 155                 if(i->second->get_activity()>min_activity)
 156                 {
 157                         i->second->set_active(true);
 158                         hosts.insert(*i);
 159                         for(unsigned j=0; j<100; ++j)
 160                                 i->second->tick(100*Time::msec);
 161                         disabled_hosts.erase(i++);
 162                 }
 163                 else if(i->second->get_activity()<del_limit)
 164                 {
 165                         resolver->cancel(i->second);
 166                         delete i->second;
 167                         disabled_hosts.erase(i++);
 168                 }
 169                 else
 170                         ++i;
 171         }
 172
 173         if(hosts.size()>max_visible_hosts)
 174         {
 175                 list<float> activity;
 176                 for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
 177                         activity.push_back(i->second->get_activity());
 178                 activity.sort();
 179
 180                 list<float>::iterator j = activity.begin();
 181                 advance(j, activity.size()-max_visible_hosts);
 182                 float limit = *j;
 183
 184                 for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end();)
 185                 {
 186                         if(i->second->get_activity()<limit)
 187                         {
 188                                 i->second->set_active(false);
 189                                 disabled_hosts.insert(*i);
 190                                 hosts.erase(i++);
 191                         }
 192                         else
 193                                 ++i;
 194                 }
 195         }
 196
 197         for(map<unsigned, Port *>::iterator i=ports.begin(); i!=ports.end();)
 198         {
 199                 i->second->tick(dt);
 200
 201                 if(!i->second->is_registered() && i->second->get_activity()<0.1)
 202                 {
 203                         delete i->second;
 204                         ports.erase(i++);
 205                 }
 206                 else
 207                         ++i;
 208         }
 209
 210         for(list<Packet *>::iterator i=packets.begin(); i!=packets.end();)
 211         {
 212                 (*i)->tick(dt);
 213                 if((*i)->get_stale())
 214                 {
 215                         delete *i;
 216                         i = packets.erase(i);
 217                 }
 218                 else
 219                         ++i;
 220         }
 221
 222         render();
 223         wnd->swap_buffers();
 224
 225         ++frames;
 226 }
 227
 228 void NetVis::render()
 229 {
 230         GL::Framebuffer::system().clear(GL::COLOR_BUFFER_BIT);
 231
 232         GL::MatrixStack::projection() = GL::Matrix::ortho_centered(1024, 768);
 233         GL::MatrixStack::modelview() = GL::Matrix();
 234
 235         for(map<Address, Host *>::iterator i=hosts.begin(); i!=hosts.end(); ++i)
 236                 i->second->render();
 237         {
 238                 GL::Immediate imm((GL::COLOR4_UBYTE, GL::VERTEX2));
 239                 imm.begin(GL::QUADS);
 240                 for(list<Packet *>::iterator i=packets.begin(); i!=packets.end(); ++i)
 241                         (*i)->render(imm);
 242                 imm.end();
 243         }
 244
 245         GL::MatrixStack::modelview() = GL::Matrix::translation(-500, 360, 0);
 246         unsigned n = 0;
 247         for(map<unsigned, Port *>::iterator i=ports.begin(); (i!=ports.end() && n<50); ++i)
 248         {
 249                 float act = i->second->get_activity();
 250                 if((i->second->is_registered() && act>1) || act>200)
 251                 {
 252                         i->second->render();
 253                         GL::MatrixStack::modelview() *= GL::Matrix::translation(0, -12, 0);
 254                         ++n;
 255                 }
 256         }
 257
 258         GL::MatrixStack::modelview() = GL::Matrix::translation(-500, -348, 0);
 259         GL::MatrixStack::modelview() *= GL::Matrix::scaling(10);
 260         font->draw_string(format("%d hosts", hosts.size()+disabled_hosts.size()));
 261         GL::MatrixStack::modelview() *= GL::Matrix::translation(0, -1.2, 0);
 262         font->draw_string(format("%d ports", ports.size()));
 263         GL::MatrixStack::modelview() *= GL::Matrix::translation(0, -1.2, 0);
 264         font->draw_string(format("%.2f fps", fps));
 265         GL::Texture::unbind();
 266
 267         GL::MatrixStack::modelview() = GL::Matrix::translation(170, -370, 0);
 268         history->render();
 269 }
 270
 271 Host &NetVis::get_host(const Address &a)
 272 {
 273         map<Address, Host *>::iterator i = hosts.find(a);
 274         if(i!=hosts.end())
 275                 return *i->second;
 276
 277         i = disabled_hosts.find(a);
 278         if(i!=disabled_hosts.end())
 279                 return *i->second;
 280
 281         Host *host = new Host(*this, a);
 282         for(list<Address>::const_iterator j=localnets.begin(); j!=localnets.end(); ++j)
 283                 if(j->masked_match(a))
 284                         host->set_local(true);
 285         resolver->push(host);
 286         host->set_position(Vector2(rand()*400.0/RAND_MAX-200.0, rand()*400.0/RAND_MAX-200.0));
 287         for(unsigned j=0; j<100; ++j)
 288                 host->tick(100*Time::msec);
 289         hosts[a] = host;
 290         return *host;
 291 }
 292
 293 Port &NetVis::get_port(unsigned number)
 294 {
 295         map<unsigned, Port *>::iterator i = ports.find(number);
 296         if(i!=ports.end())
 297                 return *i->second;
 298         Port *port = new Port(*this, number);
 299         ports[number] = port;
 300         return *port;
 301 }
 302
 303 void NetVis::capture_handler(unsigned char *user, const pcap_pkthdr *cap, const unsigned char *data)
 304 {
 305         NetVis *self = reinterpret_cast<NetVis *>(user);
 306
 307         CaptureContext ctx;
 308         ctx.cap_hdr = cap;
 309         const ethhdr *eth = reinterpret_cast<const ethhdr *>(data);
 310         self->handle_ethernet(ctx, eth, cap->caplen);
 311 }
 312
 313 void NetVis::handle_ethernet(CaptureContext &ctx, const ethhdr *eth, unsigned len)
 314 {
 315         ctx.size = ctx.cap_hdr->len-sizeof(ethhdr);
 316
 317         int proto = ntohs(eth->h_proto);
 318         if(proto==ETH_P_IP)
 319         {
 320                 const iphdr *ip = reinterpret_cast<const iphdr *>(eth+1);
 321                 handle_ipv4(ctx, ip, len-sizeof(ethhdr));
 322         }
 323         else if(proto==ETH_P_IPV6)
 324         {
 325                 const ip6_hdr *ip6 = reinterpret_cast<const ip6_hdr *>(eth+1);
 326                 handle_ipv6(ctx, ip6, len-sizeof(ethhdr));
 327         }
 328         else
 329                 IO::print("Unknown protocol in eth: %d\n", proto);
 330 }
 331
 332 void NetVis::handle_ipv4(CaptureContext &ctx, const iphdr *ip, unsigned len)
 333 {
 334         ctx.src_host = &get_host(ntohl(ip->saddr));
 335         if((ntohl(ip->daddr)&0xFF)!=0xFF)
 336                 ctx.dst_host = &get_host(ntohl(ip->daddr));
 337
 338         if(ip->protocol==IPPROTO_TCP)
 339         {
 340                 const tcphdr *tcp = reinterpret_cast<const tcphdr *>(ip+1);
 341                 handle_tcp(ctx, tcp, len-sizeof(iphdr));
 342         }
 343         else if(ip->protocol==IPPROTO_UDP)
 344         {
 345                 const udphdr *udp = reinterpret_cast<const udphdr *>(ip+1);
 346                 handle_udp(ctx, udp, len-sizeof(iphdr));
 347         }
 348         else
 349                 IO::print("Unknown protocol in ip: %d\n", ip->protocol);
 350 }
 351
 352 void NetVis::handle_ipv6(CaptureContext &ctx, const ip6_hdr *ip6, unsigned len)
 353 {
 354         ctx.src_host = &get_host(ip6->ip6_src);
 355         if(!IN6_IS_ADDR_MULTICAST(ip6->ip6_dst.s6_addr))
 356                 ctx.dst_host = &get_host(ip6->ip6_dst);
 357
 358         if(ip6->ip6_nxt==IPPROTO_TCP)
 359         {
 360                 const tcphdr *tcp = reinterpret_cast<const tcphdr *>(ip6+1);
 361                 handle_tcp(ctx, tcp, len-sizeof(ip6_hdr));
 362         }
 363         else if(ip6->ip6_nxt==IPPROTO_UDP)
 364         {
 365                 const udphdr *udp = reinterpret_cast<const udphdr *>(ip6+1);
 366                 handle_udp(ctx, udp, len-sizeof(ip6_hdr));
 367         }
 368         else
 369                 IO::print("Unknown next header in ip6: %d\n", ip6->ip6_nxt);
 370 }
 371
 372 void NetVis::handle_tcp(CaptureContext &ctx, const tcphdr *tcp, unsigned)
 373 {
 374         ctx.src_port = &get_port(ntohs(tcp->source));
 375         ctx.dst_port = &get_port(ntohs(tcp->dest));
 376         handle_packet(ctx);
 377 }
 378
 379 void NetVis::handle_udp(CaptureContext &ctx, const udphdr *udp, unsigned)
 380 {
 381         ctx.src_port = &get_port(ntohs(udp->source));
 382         ctx.dst_port = &get_port(ntohs(udp->dest));
 383         handle_packet(ctx);
 384 }
 385
 386 void NetVis::handle_packet(CaptureContext &ctx)
 387 {
 388         Port *port = 0;
 389         if(ctx.src_port && ctx.dst_port)
 390         {
 391                 if(ctx.src_port->is_registered()!=ctx.dst_port->is_registered())
 392                 {
 393                         if(ctx.src_port->is_registered())
 394                                 port = ctx.src_port;
 395                         else
 396                                 port = ctx.dst_port;
 397                 }
 398                 else if(ctx.src_port->get_number()<ctx.dst_port->get_number())
 399                         port = ctx.src_port;
 400                 else
 401                         port = ctx.dst_port;
 402         }
 403         else
 404                 port = &get_port(0);
 405
 406         float throttle = ctx.src_host->send_packet();
 407         if(throttle<1)
 408         {
 409                 packets.push_back(new Packet(*ctx.src_host, ctx.dst_host, port->get_color(), ctx.size));
 410                 packets.back()->tick(-throttle*Msp::Time::sec);
 411         }
 412
 413         ctx.src_host->add_activity(ctx.size);
 414         if(ctx.dst_host)
 415                 ctx.dst_host->add_activity(ctx.size);
 416
 417         if(ctx.src_port)
 418                 ctx.src_port->add_activity(ctx.size);
 419         if(ctx.dst_port)
 420                 ctx.dst_port->add_activity(ctx.size);
 421
 422         bool local_src = ctx.src_host->is_local();
 423         bool local_dst = (ctx.dst_host && ctx.dst_host->is_local());
 424         if(local_src && !local_dst)
 425                 history->activity(0, ctx.size);
 426         else if(local_dst && !local_src)
 427                 history->activity(ctx.size, 0);
 428 }
 429
 430 void NetVis::sighandler(int)
 431 {
 432         exit(0);
 433 }
 434
 435
 436 NetVis::CaptureContext::CaptureContext():
 437         cap_hdr(0),
 438         src_host(0),
 439         src_port(0),
 440         dst_host(0),
 441         dst_port(0),
 442         size(0)
 443 { }