13de95056a
The patches are a modified version of some enhancements to tcpflow from Debian Adds the following options: -e When outputting to the console each flow will be output in alternating colours. -C Console print without the packet source and destination details being printed. Print the contents of packets to stdout as they are received, without storing any captured data to files (implies -s).
92 lines
2.4 KiB
Text
92 lines
2.4 KiB
Text
$NetBSD: patch-ad,v 1.1 2006/01/02 19:23:40 adrianp Exp $
|
|
|
|
--- src/tcpip.c.orig 2001-08-24 06:36:14.000000000 +0100
|
|
+++ src/tcpip.c
|
|
@@ -55,8 +55,11 @@ static char *cvsid = "$Id: tcpip.c,v 1.1
|
|
#include "tcpflow.h"
|
|
|
|
extern int console_only;
|
|
+extern int supress_header;
|
|
extern int bytes_per_flow;
|
|
extern int strip_nonprint;
|
|
+extern int use_colour;
|
|
+
|
|
|
|
/*************************************************************************/
|
|
|
|
@@ -133,7 +136,7 @@ void process_tcp(const u_char *data, u_i
|
|
tcp_header_len = tcp_header->th_off * 4;
|
|
|
|
/* return if this packet doesn't have any data (e.g., just an ACK) */
|
|
- if (length <= tcp_header_len) {
|
|
+ if (length <= tcp_header_len && tcp_header->th_flags != TH_SYN ) {
|
|
DEBUG(50) ("got TCP segment with no data");
|
|
return;
|
|
}
|
|
@@ -158,7 +161,7 @@ void process_tcp(const u_char *data, u_i
|
|
if (console_only) {
|
|
print_packet(this_flow, data, length);
|
|
} else {
|
|
- store_packet(this_flow, data, length, seq);
|
|
+ store_packet(this_flow, data, length, seq, IS_SET(tcp_header->th_flags, TH_SYN));
|
|
}
|
|
}
|
|
|
|
@@ -188,8 +191,34 @@ u_char *do_strip_nonprint(const u_char *
|
|
/* print the contents of this packet to the console */
|
|
void print_packet(flow_t flow, const u_char *data, u_int32_t length)
|
|
{
|
|
- printf("%s: ", flow_filename(flow));
|
|
+ static int current_colour = 0;
|
|
+ char *colour[2] = { "\033[0;34m", // blue
|
|
+ "\033[0;31m" }; // red
|
|
+
|
|
+ if ( use_colour )
|
|
+ {
|
|
+ printf( "%s", colour[ current_colour ] );
|
|
+ if ( current_colour == 1 )
|
|
+ {
|
|
+ current_colour = 0;
|
|
+ }
|
|
+ else
|
|
+ {
|
|
+ current_colour = 1;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if ( supress_header == 0 )
|
|
+ {
|
|
+ printf("%s: ", flow_filename(flow));
|
|
+ }
|
|
+
|
|
fwrite(data, length, 1, stdout);
|
|
+
|
|
+ if ( use_colour )
|
|
+ {
|
|
+ printf("\033[0m");
|
|
+ }
|
|
putchar('\n');
|
|
fflush(stdout);
|
|
}
|
|
@@ -197,7 +226,7 @@ void print_packet(flow_t flow, const u_c
|
|
|
|
/* store the contents of this packet to its place in its file */
|
|
void store_packet(flow_t flow, const u_char *data, u_int32_t length,
|
|
- u_int32_t seq)
|
|
+ u_int32_t seq, int syn_set)
|
|
{
|
|
flow_state_t *state;
|
|
tcp_seq offset;
|
|
@@ -208,6 +237,12 @@ void store_packet(flow_t flow, const u_c
|
|
state = create_flow_state(flow, seq);
|
|
}
|
|
|
|
+ /* If we got a SYN reset the sequence number */
|
|
+ if (syn_set)
|
|
+ {
|
|
+ state->isn = seq - state->pos +1;
|
|
+ }
|
|
+
|
|
/* if we're done collecting for this flow, return now */
|
|
if (IS_SET(state->flags, FLOW_FINISHED))
|
|
return;
|