From dc8cc03aa1c0879ac600967ca37b36aa6fb7ddf6 Mon Sep 17 00:00:00 2001
From: laforge <laforge>
Date: Tue, 30 Jul 2002 08:00:47 +0000
Subject: make ulogd_PCAP build conditional to the existance of pcap.h

---
 Makefile.in             |   5 ++
 Rules.make.in           |   2 +-
 configure.in            |   4 +-
 extensions/ulogd_PCAP.c | 228 ------------------------------------------------
 pcap/Makefile.in        |  30 +++++++
 pcap/ulogd_PCAP.c       | 228 ++++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 267 insertions(+), 230 deletions(-)
 delete mode 100644 extensions/ulogd_PCAP.c
 create mode 100644 pcap/Makefile.in
 create mode 100644 pcap/ulogd_PCAP.c

diff --git a/Makefile.in b/Makefile.in
index a0f353f..b39e8f7 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -15,6 +15,11 @@ else
 SUBDIRS+=pgsql
 endif
 
+ifeq (x@HAVE_PCAP_H@,x)
+else
+SUBDIRS+=pcap
+endif
+
 #  Normally You should not need to change anything below
 
 all: recurse ulogd
diff --git a/Rules.make.in b/Rules.make.in
index 68699be..0f9c937 100644
--- a/Rules.make.in
+++ b/Rules.make.in
@@ -26,7 +26,7 @@ LIBS=@LIBS@
 
 
 # Names of the plugins to be compiled
-ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU PCAP LOCALTIME
+ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU LOCALTIME
 
 # mysql output support
 #ULOGD_SL+=MYSQL
diff --git a/configure.in b/configure.in
index 06cbff1..4a749eb 100644
--- a/configure.in
+++ b/configure.in
@@ -8,6 +8,7 @@ AC_PROG_INSTALL
 
 dnl Checks for libraries.
 AC_CHECK_LIB(dl, dlopen)
+AC_CHECK_HEADERS(pcap.h)
 
 dnl Checks for header files.
 AC_HEADER_DIRENT
@@ -181,8 +182,9 @@ AC_SUBST(DB_DEF)
 AC_SUBST(EXTRA_MYSQL_DEF)
 
 AC_SUBST(DATABASE_DRIVERS)
+AC_SUBST(HAVE_PCAP_H)
 
 AM_CONDITIONAL(HAVE_MYSQL, test x$mysqldir != x)
 AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x)
 
-AC_OUTPUT(extensions/Makefile doc/Makefile conffile/Makefile libipulog/Makefile mysql/Makefile pgsql/Makefile Makefile Rules.make)
+AC_OUTPUT(extensions/Makefile doc/Makefile conffile/Makefile libipulog/Makefile mysql/Makefile pgsql/Makefile pcap/Makefile Makefile Rules.make)
diff --git a/extensions/ulogd_PCAP.c b/extensions/ulogd_PCAP.c
deleted file mode 100644
index 547982e..0000000
--- a/extensions/ulogd_PCAP.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* ulogd_PCAP.c, Version $Revision: 1.9 $
- *
- * ulogd output target for writing pcap-style files (like tcpdump)
- *
- * FIXME: descr.
- * 
- *
- * (C) 2002 by Harald Welte <laforge@gnumonks.org>
- *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License version 2 
- *  as published by the Free Software Foundation
- *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- *
- * $Id: ulogd_LOGEMU.c,v 1.9 2002/04/27 19:45:51 laforge Exp $
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <time.h>
-#include <sys/time.h>
-#include <sys/stat.h>
-#include <pcap.h>
-#include "ulogd.h"
-#include "conffile.h"
-
-#ifndef ULOGD_PCAP_DEFAULT
-#define ULOGD_PCAP_DEFAULT	"/var/log/ulogd.pcap"
-#endif
-
-#ifndef ULOGD_PCAP_SYNC_DEFAULT
-#define ULOGD_PCAP_SYNC_DEFAULT	0
-#endif
-
-#define NIPQUAD(addr) \
-	((unsigned char *)&addr)[0], \
-	((unsigned char *)&addr)[1], \
-        ((unsigned char *)&addr)[2], \
-        ((unsigned char *)&addr)[3]
-
-static config_entry_t pcapf_ce = { NULL, "pcapfile", CONFIG_TYPE_STRING, 
-				  CONFIG_OPT_NONE, 0,
-				  { string: ULOGD_PCAP_DEFAULT } };
-
-static config_entry_t pcapsync_ce = { &pcapf_ce, "pcapsync", 
-				      CONFIG_TYPE_INT, CONFIG_OPT_NONE, 0,
-				      { value: ULOGD_PCAP_SYNC_DEFAULT }
-				     };
-
-static FILE *of = NULL;
-
-static char hostname[255];
-
-struct intr_id {
-	char* name;
-	unsigned int id;		
-};
-
-#define INTR_IDS 	5
-static struct intr_id intr_ids[INTR_IDS] = {
-	{ "raw.pkt", 0 },
-	{ "raw.pktlen", 0 },
-	{ "ip.totlen", 0 },
-	{ "oob.time.sec", 0 },
-	{ "oob.time.usec", 0 },
-};
-
-#define GET_VALUE(x)	ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
-#define GET_FLAGS(x)	ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
-
-int _output_pcap(ulog_iret_t *res)
-{
-	ulog_iret_t *ret;
-	struct pcap_pkthdr pchdr;
-
-	pchdr.caplen = GET_VALUE(1).ui32;
-	pchdr.len = GET_VALUE(2).ui32;
-
-	if (GET_FLAGS(3) & ULOGD_RETF_VALID
-	    && GET_FLAGS(4) & ULOGD_RETF_VALID) {
-		pchdr.ts.tv_sec = GET_VALUE(3).ui32;
-		pchdr.ts.tv_usec = GET_VALUE(4).ui32;
-	} else {
-		/* use current system time */
-		gettimeofday(&pchdr.ts, NULL);
-	}
-
-	if (fwrite(&pchdr, sizeof(pchdr), 1, of) != 1) {
-		ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
-			  strerror(errno));
-		return 1;
-	}
-	if (fwrite(GET_VALUE(0).ptr, pchdr.caplen, 1, of) != 1) {
-		ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
-			  strerror(errno));
-		return 1;
-	}
-
-	if (pcapf_ce.u.value)
-		fflush(of);
-
-	return 0;
-}
-
-/* stolen from libpcap savefile.c */
-#define LINKTYPE_RAW            101
-#define TCPDUMP_MAGIC	0xa1b2c3d4
-
-static int write_pcap_header(void)
-{
-	struct pcap_file_header pcfh;
-	int ret;
-
-	pcfh.magic = TCPDUMP_MAGIC;
-	pcfh.version_major = PCAP_VERSION_MAJOR;
-	pcfh.version_minor = PCAP_VERSION_MINOR;
-	pcfh.thiszone = timezone;
-	pcfh.sigfigs = 0;
-	pcfh.snaplen = 64 * 1024; /* we don't know the length in advance */
-	pcfh.linktype = LINKTYPE_RAW;
-
-	ret =  fwrite(&pcfh, sizeof(pcfh), 1, of);
-	fflush(of);
-
-	return ret;
-}
-	
-/* get all key id's for the keys we are intrested in */
-static int get_ids(void)
-{
-	int i;
-	struct intr_id *cur_id;
-
-	for (i = 0; i < INTR_IDS; i++) {
-		cur_id = &intr_ids[i];
-		cur_id->id = keyh_getid(cur_id->name);
-		if (!cur_id->id) {
-			ulogd_log(ULOGD_ERROR, 
-				"Cannot resolve keyhash id for %s\n", 
-				cur_id->name);
-			return 1;
-		}
-	}	
-	return 0;
-}
-
-void append_create_outfile(void) {
-	struct stat st_dummy;
-
-	if (stat(pcapf_ce.u.string, &st_dummy)) {
-		of = fopen(pcapf_ce.u.string, "w");
-		if (!of) {
-			ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n",
-				  strerror(errno));
-			exit(2);
-		}
-		if (!write_pcap_header()) {
-			ulogd_log(ULOGD_FATAL, "can't write pcap header: %s\n",
-				  strerror(errno));
-			exit(2);
-		}
-	} else {
-		of = fopen(pcapf_ce.u.string, "a");
-		if (!of) {
-			ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n", 
-				strerror(errno));
-			exit(2);
-		}		
-	}
-}
-
-void sighup_handler_pcap(int signal)
-{
-	switch (signal) {
-	case SIGHUP:
-		ulogd_log(ULOGD_NOTICE, "pcap: reopening capture file\n");
-		fclose(of);
-		append_create_outfile();
-		break;
-	default:
-		break;
-	}
-}
-		
-
-static ulog_output_t logemu_op[] = {
-	{ NULL, "pcap", &_output_pcap, &sighup_handler_pcap },
-	{ NULL, "", NULL, NULL },
-};
-
-/* register output plugin with ulogd */
-static void _logemu_reg_op(void)
-{
-	ulog_output_t *op = logemu_op;
-	ulog_output_t *p;
-
-	for (p = op; p->output; p++)
-		register_output(p);
-}
-
-void _init(void)
-{
-	/* FIXME: error handling */
-	config_register_key(&pcapsync_ce);
-	config_parse_file(0);
-
-#ifdef DEBUG_PCAP
-	of = stdout;
-#else
-	append_create_outfile();
-#endif
-	if (get_ids()) {
-		ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
-	}
-
-	_logemu_reg_op();
-}
diff --git a/pcap/Makefile.in b/pcap/Makefile.in
new file mode 100644
index 0000000..9a31edb
--- /dev/null
+++ b/pcap/Makefile.in
@@ -0,0 +1,30 @@
+#
+
+#  Normally You should not need to change anything below
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/conffile
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+SHARED_LIBS=ulogd_PCAP.so
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+$(SHARED_LIBS): %.so: %_sh.o
+	ld -shared -o $@ $<
+
+%_sh.o: %.c
+	$(CC) $(SH_CFLAGS) -o $@ -c $<
+	
+clean:
+	rm -f $(SHARED_LIBS) *.o
+
+distclean:
+	rm -f Makefile
+
+install: all
+	@INSTALL@ -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+	@INSTALL@ -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/pcap/ulogd_PCAP.c b/pcap/ulogd_PCAP.c
new file mode 100644
index 0000000..d7e5912
--- /dev/null
+++ b/pcap/ulogd_PCAP.c
@@ -0,0 +1,228 @@
+/* ulogd_PCAP.c, Version $Revision: 1.1 $
+ *
+ * ulogd output target for writing pcap-style files (like tcpdump)
+ *
+ * FIXME: descr.
+ * 
+ *
+ * (C) 2002 by Harald Welte <laforge@gnumonks.org>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 
+ *  as published by the Free Software Foundation
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * $Id: ulogd_PCAP.c,v 1.1 2002/06/13 12:55:21 laforge Exp $
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <time.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <pcap.h>
+#include "ulogd.h"
+#include "conffile.h"
+
+#ifndef ULOGD_PCAP_DEFAULT
+#define ULOGD_PCAP_DEFAULT	"/var/log/ulogd.pcap"
+#endif
+
+#ifndef ULOGD_PCAP_SYNC_DEFAULT
+#define ULOGD_PCAP_SYNC_DEFAULT	0
+#endif
+
+#define NIPQUAD(addr) \
+	((unsigned char *)&addr)[0], \
+	((unsigned char *)&addr)[1], \
+        ((unsigned char *)&addr)[2], \
+        ((unsigned char *)&addr)[3]
+
+static config_entry_t pcapf_ce = { NULL, "pcapfile", CONFIG_TYPE_STRING, 
+				  CONFIG_OPT_NONE, 0,
+				  { string: ULOGD_PCAP_DEFAULT } };
+
+static config_entry_t pcapsync_ce = { &pcapf_ce, "pcapsync", 
+				      CONFIG_TYPE_INT, CONFIG_OPT_NONE, 0,
+				      { value: ULOGD_PCAP_SYNC_DEFAULT }
+				     };
+
+static FILE *of = NULL;
+
+static char hostname[255];
+
+struct intr_id {
+	char* name;
+	unsigned int id;		
+};
+
+#define INTR_IDS 	5
+static struct intr_id intr_ids[INTR_IDS] = {
+	{ "raw.pkt", 0 },
+	{ "raw.pktlen", 0 },
+	{ "ip.totlen", 0 },
+	{ "oob.time.sec", 0 },
+	{ "oob.time.usec", 0 },
+};
+
+#define GET_VALUE(x)	ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
+#define GET_FLAGS(x)	ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
+
+int _output_pcap(ulog_iret_t *res)
+{
+	ulog_iret_t *ret;
+	struct pcap_pkthdr pchdr;
+
+	pchdr.caplen = GET_VALUE(1).ui32;
+	pchdr.len = GET_VALUE(2).ui32;
+
+	if (GET_FLAGS(3) & ULOGD_RETF_VALID
+	    && GET_FLAGS(4) & ULOGD_RETF_VALID) {
+		pchdr.ts.tv_sec = GET_VALUE(3).ui32;
+		pchdr.ts.tv_usec = GET_VALUE(4).ui32;
+	} else {
+		/* use current system time */
+		gettimeofday(&pchdr.ts, NULL);
+	}
+
+	if (fwrite(&pchdr, sizeof(pchdr), 1, of) != 1) {
+		ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
+			  strerror(errno));
+		return 1;
+	}
+	if (fwrite(GET_VALUE(0).ptr, pchdr.caplen, 1, of) != 1) {
+		ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
+			  strerror(errno));
+		return 1;
+	}
+
+	if (pcapf_ce.u.value)
+		fflush(of);
+
+	return 0;
+}
+
+/* stolen from libpcap savefile.c */
+#define LINKTYPE_RAW            101
+#define TCPDUMP_MAGIC	0xa1b2c3d4
+
+static int write_pcap_header(void)
+{
+	struct pcap_file_header pcfh;
+	int ret;
+
+	pcfh.magic = TCPDUMP_MAGIC;
+	pcfh.version_major = PCAP_VERSION_MAJOR;
+	pcfh.version_minor = PCAP_VERSION_MINOR;
+	pcfh.thiszone = timezone;
+	pcfh.sigfigs = 0;
+	pcfh.snaplen = 64 * 1024; /* we don't know the length in advance */
+	pcfh.linktype = LINKTYPE_RAW;
+
+	ret =  fwrite(&pcfh, sizeof(pcfh), 1, of);
+	fflush(of);
+
+	return ret;
+}
+	
+/* get all key id's for the keys we are intrested in */
+static int get_ids(void)
+{
+	int i;
+	struct intr_id *cur_id;
+
+	for (i = 0; i < INTR_IDS; i++) {
+		cur_id = &intr_ids[i];
+		cur_id->id = keyh_getid(cur_id->name);
+		if (!cur_id->id) {
+			ulogd_log(ULOGD_ERROR, 
+				"Cannot resolve keyhash id for %s\n", 
+				cur_id->name);
+			return 1;
+		}
+	}	
+	return 0;
+}
+
+void append_create_outfile(void) {
+	struct stat st_dummy;
+
+	if (stat(pcapf_ce.u.string, &st_dummy)) {
+		of = fopen(pcapf_ce.u.string, "w");
+		if (!of) {
+			ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n",
+				  strerror(errno));
+			exit(2);
+		}
+		if (!write_pcap_header()) {
+			ulogd_log(ULOGD_FATAL, "can't write pcap header: %s\n",
+				  strerror(errno));
+			exit(2);
+		}
+	} else {
+		of = fopen(pcapf_ce.u.string, "a");
+		if (!of) {
+			ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n", 
+				strerror(errno));
+			exit(2);
+		}		
+	}
+}
+
+void sighup_handler_pcap(int signal)
+{
+	switch (signal) {
+	case SIGHUP:
+		ulogd_log(ULOGD_NOTICE, "pcap: reopening capture file\n");
+		fclose(of);
+		append_create_outfile();
+		break;
+	default:
+		break;
+	}
+}
+		
+
+static ulog_output_t logemu_op[] = {
+	{ NULL, "pcap", &_output_pcap, &sighup_handler_pcap },
+	{ NULL, "", NULL, NULL },
+};
+
+/* register output plugin with ulogd */
+static void _logemu_reg_op(void)
+{
+	ulog_output_t *op = logemu_op;
+	ulog_output_t *p;
+
+	for (p = op; p->output; p++)
+		register_output(p);
+}
+
+void _init(void)
+{
+	/* FIXME: error handling */
+	config_register_key(&pcapsync_ce);
+	config_parse_file(0);
+
+#ifdef DEBUG_PCAP
+	of = stdout;
+#else
+	append_create_outfile();
+#endif
+	if (get_ids()) {
+		ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
+	}
+
+	_logemu_reg_op();
+}
-- 
cgit v1.2.3