| 1 | #include <netdb.h> |
|---|
| 2 | #include <inttypes.h> |
|---|
| 3 | #include <lt_inttypes.h> |
|---|
| 4 | #include <stdio.h> |
|---|
| 5 | #include "libtrace.h" |
|---|
| 6 | #include "tracereport.h" |
|---|
| 7 | |
|---|
| 8 | static stat_t tcpopt_stat[4][256] = {{{0,0}}}; |
|---|
| 9 | static bool suppress[4] = {true,true,true,true}; |
|---|
| 10 | |
|---|
| 11 | void tcpopt_per_packet(struct libtrace_packet_t *packet) |
|---|
| 12 | { |
|---|
| 13 | unsigned char *p=trace_get_link(packet); |
|---|
| 14 | struct libtrace_tcp *tcp = trace_get_tcp(packet); |
|---|
| 15 | |
|---|
| 16 | if(!tcp) |
|---|
| 17 | return; |
|---|
| 18 | |
|---|
| 19 | int dir = trace_get_direction(packet); |
|---|
| 20 | if(dir < 0 || dir > 1) |
|---|
| 21 | dir = 2; |
|---|
| 22 | |
|---|
| 23 | int len = trace_get_capture_length(packet) - 54; |
|---|
| 24 | if(len == 0) |
|---|
| 25 | return; |
|---|
| 26 | |
|---|
| 27 | int tcp_bytes = trace_get_wire_length(packet) - trace_get_capture_length(packet); |
|---|
| 28 | int i = tcp->doff*4 - sizeof *tcp; |
|---|
| 29 | |
|---|
| 30 | if(len > i) |
|---|
| 31 | len = i; |
|---|
| 32 | |
|---|
| 33 | unsigned char type,optlen,*data; |
|---|
| 34 | p += 54; //hax 14 mac header, 20 ip header, 20tcp header |
|---|
| 35 | |
|---|
| 36 | while(trace_get_next_option(&p,&len,&type,&optlen,&data)){ |
|---|
| 37 | tcpopt_stat[dir][type].count++; |
|---|
| 38 | tcpopt_stat[dir][type].bytes+= tcp_bytes; |
|---|
| 39 | } |
|---|
| 40 | |
|---|
| 41 | suppress[dir] = false; |
|---|
| 42 | } |
|---|
| 43 | |
|---|
| 44 | void tcpopt_suppress() |
|---|
| 45 | { |
|---|
| 46 | int i; |
|---|
| 47 | printf("%-20s","Direction:"); |
|---|
| 48 | for(i=0;i<4;i++){ |
|---|
| 49 | if(!suppress[i]){ |
|---|
| 50 | switch(i){ |
|---|
| 51 | case 0: |
|---|
| 52 | printf("\t%24s", "Outbound "); |
|---|
| 53 | break; |
|---|
| 54 | case 1: |
|---|
| 55 | printf("\t%24s", "Inbound "); |
|---|
| 56 | break; |
|---|
| 57 | case 2: |
|---|
| 58 | printf("\t%24s", "Undefined "); |
|---|
| 59 | break; |
|---|
| 60 | default: |
|---|
| 61 | break; |
|---|
| 62 | } |
|---|
| 63 | } |
|---|
| 64 | } |
|---|
| 65 | printf("\n"); |
|---|
| 66 | printf("%-20s","TCP OPTIONS"); |
|---|
| 67 | for(i=0;i<4;i++){ |
|---|
| 68 | if(!suppress[i]){ |
|---|
| 69 | printf("\t%12s\t%12s", "bytes","packets"); |
|---|
| 70 | } |
|---|
| 71 | } |
|---|
| 72 | printf("\n"); |
|---|
| 73 | } |
|---|
| 74 | |
|---|
| 75 | void tcpopt_report(void) |
|---|
| 76 | { |
|---|
| 77 | int i,j; |
|---|
| 78 | printf("# TCP OPTION breakdown:\n"); |
|---|
| 79 | tcpopt_suppress(); |
|---|
| 80 | |
|---|
| 81 | for(i=0;i<256;++i) { |
|---|
| 82 | if (tcpopt_stat[0][i].count==0 && |
|---|
| 83 | tcpopt_stat[1][i].count==0 && tcpopt_stat[2][i].count==0) |
|---|
| 84 | continue; |
|---|
| 85 | |
|---|
| 86 | switch(i) { |
|---|
| 87 | case 1: |
|---|
| 88 | printf("%20s", "NOP: "); |
|---|
| 89 | break; |
|---|
| 90 | case 2: |
|---|
| 91 | printf("%20s", "MSS: "); |
|---|
| 92 | break; |
|---|
| 93 | case 3: |
|---|
| 94 | printf("%20s", "Winscale: "); |
|---|
| 95 | break; |
|---|
| 96 | case 4: |
|---|
| 97 | printf("%20s", "SACK Permitted: "); |
|---|
| 98 | break; |
|---|
| 99 | case 5: |
|---|
| 100 | printf("%20s", "SACK Information: "); |
|---|
| 101 | break; |
|---|
| 102 | case 8: |
|---|
| 103 | printf("%20s", "Timestamp: "); |
|---|
| 104 | break; |
|---|
| 105 | case 19: |
|---|
| 106 | printf("%20s", "MD5: "); |
|---|
| 107 | default: |
|---|
| 108 | printf("%20i:",i); |
|---|
| 109 | } |
|---|
| 110 | |
|---|
| 111 | for(j=0;j<4;j++){ |
|---|
| 112 | if (tcpopt_stat[j][i].count==0){ |
|---|
| 113 | if(!suppress[j]) |
|---|
| 114 | printf("\t%24s"," "); |
|---|
| 115 | continue; |
|---|
| 116 | } |
|---|
| 117 | printf("\t%12" PRIu64 "\t%12" PRIu64, |
|---|
| 118 | tcpopt_stat[j][i].bytes, |
|---|
| 119 | tcpopt_stat[j][i].count); |
|---|
| 120 | } |
|---|
| 121 | printf("\n"); |
|---|
| 122 | } |
|---|
| 123 | } |
|---|
