93 lines
2.8 KiB
Text
93 lines
2.8 KiB
Text
$NetBSD: patch-ai,v 1.3 2013/01/11 00:02:13 joerg Exp $
|
|
|
|
- use standard headers
|
|
- fix signature of signal handler, make it file-static
|
|
- fix signature of pcap handler
|
|
- make const declarations internally consistent
|
|
- CORRUPT_IP/DONT_EXAMINE changes from a long time ago
|
|
|
|
--- sniffit.0.3.5.c.orig 1997-04-18 09:33:58.000000000 +0000
|
|
+++ sniffit.0.3.5.c
|
|
@@ -7,6 +7,8 @@
|
|
#include <unistd.h>
|
|
#include <signal.h>
|
|
#include <stdio.h>
|
|
+#include <stdlib.h>
|
|
+#include <string.h>
|
|
#include <netdb.h>
|
|
#include <errno.h>
|
|
#include <sys/stat.h>
|
|
@@ -93,7 +95,7 @@ printf(" 9 -- %s\n",PLUGIN9_NAME);
|
|
exit(0);
|
|
}
|
|
|
|
-void my_exit (void) { exit(0);};
|
|
+static void my_exit (int sig) { exit(0);};
|
|
|
|
/* DEBUGGING INFO */
|
|
#ifdef DEBUG
|
|
@@ -298,7 +300,7 @@ struct file_info *search_dynam(char *fil
|
|
|
|
/* Type 0: TELNET */
|
|
void record_buf(struct file_info *dummy_pointer, unsigned long cur_seq_nr,
|
|
- char *data, int len, int type)
|
|
+ const char *data, int len, int type)
|
|
{
|
|
int i,j,noloop=0;
|
|
|
|
@@ -337,7 +339,7 @@ for(i=1;i<SCBUF;i++)
|
|
}
|
|
|
|
void sbuf_update(struct file_info *dummy_pointer, unsigned long cur_seq_nr,
|
|
- char *data, int len)
|
|
+ const char *data, int len)
|
|
{
|
|
int i;
|
|
|
|
@@ -411,11 +413,17 @@ int check_packet(unsigned long ipaddr,
|
|
proto=unwrap_packet(sp, info);
|
|
if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */
|
|
if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */
|
|
+ if(proto == CORRUPT_IP)
|
|
+ {printf("Suspicious Packet detected... (Split header)\n");
|
|
+ return DONT_EXAMINE;}
|
|
|
|
memcpy(&iphead,(sp+PROTO_HEAD),sizeof(struct IP_header));
|
|
so=(unsigned char *)&(iphead.source);
|
|
dest=(unsigned char *)&(iphead.destination);
|
|
|
|
+ if(info->FRAG_nf!=0)
|
|
+ {printf("Fragment Skipped...\n"); return DONT_EXAMINE; };
|
|
+
|
|
if((proto==TCP)&&(PROTOCOLS&F_TCP))
|
|
{
|
|
#ifdef DEBUG_ONSCREEN
|
|
@@ -823,7 +831,7 @@ printf("Selected: %d\n",selected);
|
|
}
|
|
|
|
/* Default Processing of packets */
|
|
-pcap_handler packethandler(unsigned char *ipaddrpoint,
|
|
+void packethandler(unsigned char *ipaddrpoint,
|
|
const struct packetheader *p_header,
|
|
const unsigned char *sp)
|
|
{
|
|
@@ -1220,6 +1228,10 @@ int check_mask (const struct packetheade
|
|
proto=unwrap_packet(sp, info);
|
|
if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */
|
|
if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */
|
|
+ if(proto == CORRUPT_IP) return DONT_EXAMINE; /* no use in trying */
|
|
+
|
|
+ if(info->FRAG_nf!=0)
|
|
+ {return DONT_EXAMINE; };
|
|
|
|
(*IP_nr_of_packets)++;
|
|
if(proto==ICMP)
|
|
@@ -1272,7 +1284,7 @@ int check_mask (const struct packetheade
|
|
return TCP_EXAMINE; /* interprete packet */
|
|
}
|
|
|
|
-pcap_handler interactive_packethandler( char *dummy,
|
|
+void interactive_packethandler( unsigned char *dummy,
|
|
const struct packetheader *p_header,
|
|
const unsigned char *sp)
|
|
{
|