Changeset View
Changeset View
Standalone View
Standalone View
plugins/process/network/helper/Packet.cpp
- This file was added.
1 | /* | ||||
---|---|---|---|---|---|
2 | * This file is part of KSysGuard. | ||||
3 | * Copyright 2019 Arjen Hiemstra <ahiemstra@heimr.nl> | ||||
4 | * | ||||
5 | * This program is free software; you can redistribute it and/or | ||||
6 | * modify it under the terms of the GNU General Public License as | ||||
7 | * published by the Free Software Foundation; either version 2 of | ||||
8 | * the License or (at your option) version 3 or any later version | ||||
9 | * accepted by the membership of KDE e.V. (or its successor approved | ||||
10 | * by the membership of KDE e.V.), which shall act as a proxy | ||||
11 | * defined in Section 14 of version 3 of the license. | ||||
12 | * | ||||
13 | * This program is distributed in the hope that it will be useful, | ||||
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||||
16 | * GNU General Public License for more details. | ||||
17 | * | ||||
18 | * You should have received a copy of the GNU General Public License | ||||
19 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | ||||
20 | */ | ||||
21 | | ||||
22 | #include "Packet.h" | ||||
23 | | ||||
24 | #include <arpa/inet.h> | ||||
25 | #include <linux/if_ether.h> | ||||
26 | #include <netinet/ip.h> | ||||
27 | #include <netinet/ip6.h> | ||||
28 | #include <netinet/tcp.h> | ||||
29 | #include <netinet/udp.h> | ||||
30 | | ||||
31 | #include <pcap/pcap.h> | ||||
32 | #include <pcap/sll.h> | ||||
33 | | ||||
34 | Packet::Packet() | ||||
35 | { | ||||
36 | } | ||||
37 | | ||||
38 | Packet::Packet(const TimeStamp::MicroSeconds &timeStamp, const uint8_t *data, uint32_t dataLength, uint32_t packetSize) | ||||
39 | { | ||||
40 | m_timeStamp = timeStamp; | ||||
41 | m_size = packetSize; | ||||
42 | | ||||
43 | const sll_header *header = reinterpret_cast<const sll_header *>(data); | ||||
44 | switch (ntohs(header->sll_protocol)) { | ||||
45 | case ETH_P_IP: | ||||
46 | m_networkProtocol = NetworkProtocolType::IPv4; | ||||
47 | if (sizeof(sll_header) <= dataLength) { | ||||
48 | parseIPv4(data + sizeof(sll_header)); | ||||
49 | } | ||||
50 | break; | ||||
51 | case ETH_P_IPV6: | ||||
52 | m_networkProtocol = NetworkProtocolType::IPv6; | ||||
53 | if (sizeof(sll_header) <= dataLength) { | ||||
54 | parseIPv6(data + sizeof(sll_header)); | ||||
55 | } | ||||
56 | break; | ||||
57 | default: | ||||
58 | m_networkProtocol = NetworkProtocolType::Unknown; | ||||
59 | break; | ||||
60 | } | ||||
61 | } | ||||
62 | | ||||
63 | Packet::~Packet() | ||||
64 | { | ||||
65 | } | ||||
66 | | ||||
67 | unsigned int Packet::size() const | ||||
68 | { | ||||
69 | return m_size; | ||||
70 | } | ||||
71 | | ||||
72 | TimeStamp::MicroSeconds Packet::timeStamp() const | ||||
73 | { | ||||
74 | return m_timeStamp; | ||||
75 | } | ||||
76 | | ||||
77 | Packet::NetworkProtocolType Packet::networkProtocol() const | ||||
78 | { | ||||
79 | return m_networkProtocol; | ||||
80 | } | ||||
81 | | ||||
82 | Packet::TransportProtocolType Packet::transportProtocol() const | ||||
83 | { | ||||
84 | return m_transportProtocol; | ||||
85 | } | ||||
86 | | ||||
87 | Packet::Address Packet::sourceAddress() const | ||||
88 | { | ||||
89 | return m_sourceAddress; | ||||
90 | } | ||||
91 | | ||||
92 | Packet::Address Packet::destinationAddress() const | ||||
93 | { | ||||
94 | return m_destinationAddress; | ||||
95 | } | ||||
96 | | ||||
97 | void Packet::parseIPv4(const uint8_t *data) | ||||
98 | { | ||||
99 | const ip *header = reinterpret_cast<const ip *>(data); | ||||
100 | | ||||
101 | m_sourceAddress.address[3] = header->ip_src.s_addr; | ||||
102 | m_destinationAddress.address[3] = header->ip_dst.s_addr; | ||||
103 | | ||||
104 | parseTransport(header->ip_p, data + sizeof(ip)); | ||||
105 | } | ||||
106 | | ||||
107 | void Packet::parseIPv6(const uint8_t *data) | ||||
108 | { | ||||
109 | const ip6_hdr *header = reinterpret_cast<const ip6_hdr *>(data); | ||||
110 | | ||||
111 | m_sourceAddress.address = { | ||||
112 | header->ip6_src.s6_addr32[0], | ||||
113 | header->ip6_src.s6_addr32[1], | ||||
114 | header->ip6_src.s6_addr32[2], | ||||
115 | header->ip6_src.s6_addr32[3] | ||||
116 | }; | ||||
117 | m_destinationAddress.address = { | ||||
118 | header->ip6_dst.s6_addr32[0], | ||||
119 | header->ip6_dst.s6_addr32[1], | ||||
120 | header->ip6_dst.s6_addr32[2], | ||||
121 | header->ip6_dst.s6_addr32[3] | ||||
122 | }; | ||||
123 | | ||||
124 | parseTransport(header->ip6_nxt, data + sizeof(ip6_hdr)); | ||||
125 | } | ||||
126 | | ||||
127 | void Packet::parseTransport(uint8_t type, const uint8_t *data) | ||||
128 | { | ||||
129 | switch (type) { | ||||
130 | case IPPROTO_TCP: { | ||||
131 | m_transportProtocol = TransportProtocolType::Tcp; | ||||
132 | const tcphdr *tcpHeader = reinterpret_cast<const tcphdr *>(data); | ||||
133 | m_sourceAddress.port = ntohs(tcpHeader->th_sport); | ||||
134 | m_destinationAddress.port = ntohs(tcpHeader->th_dport); | ||||
135 | break; | ||||
136 | } | ||||
137 | case IPPROTO_UDP: { | ||||
138 | m_transportProtocol = TransportProtocolType::Udp; | ||||
139 | const udphdr *udpHeader = reinterpret_cast<const udphdr *>(data); | ||||
140 | m_sourceAddress.port = ntohs(udpHeader->uh_sport); | ||||
141 | m_destinationAddress.port = ntohs(udpHeader->uh_dport); | ||||
142 | break; | ||||
143 | } | ||||
144 | default: | ||||
145 | m_transportProtocol = TransportProtocolType::Unknown; | ||||
146 | break; | ||||
147 | } | ||||
148 | } |