diff options
Diffstat (limited to 'plugins/template')
| -rw-r--r-- | plugins/template/Makefile.am | 22 | ||||
| -rw-r--r-- | plugins/template/template.c | 147 | ||||
| -rwxr-xr-x | plugins/template/test1.sh | 13 |
3 files changed, 182 insertions, 0 deletions
diff --git a/plugins/template/Makefile.am b/plugins/template/Makefile.am new file mode 100644 index 0000000..2cc0d7e --- /dev/null +++ b/plugins/template/Makefile.am @@ -0,0 +1,22 @@ +MAINTAINERCLEANFILES = $(srcdir)/Makefile.in +CLEANFILES = *.gcda *.gcno *.gcov + +AM_CFLAGS = -I$(srcdir) \ + -I$(top_srcdir)/src \ + -I$(top_srcdir)/isc \ + $(SECCOMPFLAGS) + +pkglib_LTLIBRARIES = template.la +template_la_SOURCES = template.c +template_la_LDFLAGS = -module -avoid-version + +TESTS = test1.sh +EXTRA_DIST = $(TESTS) +CLEANFILES += *.pcap-dist + +if ENABLE_GCOV +gcov-local: + for src in $(template_la_SOURCES); do \ + gcov -o .libs -l -r -s "$(srcdir)" "$$src"; \ + done +endif diff --git a/plugins/template/template.c b/plugins/template/template.c new file mode 100644 index 0000000..6abf23c --- /dev/null +++ b/plugins/template/template.c @@ -0,0 +1,147 @@ +/* + * Copyright (c) 2016-2021, OARC, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <string.h> +#include <netinet/in.h> + +#include "dnscap_common.h" + +static logerr_t* logerr; +static int opt_f = 0; +static const char* opt_x = 0; + +output_t template_output; + +void template_usage() +{ + fprintf(stderr, + "\ntemplate.so options:\n" + "\t-? print these instructions and exit\n" + "\t-f flag option\n" + "\t-x <arg> option with argument\n"); +} + +void template_getopt(int* argc, char** argv[]) +{ + /* + * The "getopt" function will be called from the parent to + * process plugin options. + */ + int c; + while ((c = getopt(*argc, *argv, "?fx:")) != EOF) { + switch (c) { + case 'f': + opt_f = 1; + break; + case 'x': + opt_x = strdup(optarg); + break; + case '?': + template_usage(); + if (!optopt || optopt == '?') { + exit(0); + } + // fallthrough + default: + exit(1); + } + } +} + +int template_start(logerr_t* a_logerr) +{ + /* + * The "start" function is called once, when the program + * starts. It is used to initialize the plugin. If the + * plugin wants to write debugging and or error messages, + * it should save the a_logerr pointer passed from the + * parent code. + */ + logerr = a_logerr; + return 0; +} + +void template_stop() +{ + /* + * The "start" function is called once, when the program + * is exiting normally. It might be used to clean up state, + * free memory, etc. + */ +} + +int template_open(my_bpftimeval ts) +{ + /* + * The "open" function is called at the start of each + * collection interval, which might be based on a period + * of time or a number of packets. In the original code, + * this is where we opened an output pcap file. + */ + return 0; +} + +int template_close(my_bpftimeval ts) +{ + /* + * The "close" function is called at the end of each + * collection interval, which might be based on a period + * of time or on a number of packets. In the original code + * this is where we closed an output pcap file. + */ + return 0; +} + +void template_output(const char* descr, iaddr from, iaddr to, uint8_t proto, unsigned flags, + unsigned sport, unsigned dport, my_bpftimeval ts, + const u_char* pkt_copy, const unsigned olen, + const u_char* payload, const unsigned payloadlen) +{ + /* + * Here you can "process" a packet. The function is named + * "output" because in the original code this is where + * packets were outputted. + * + * if flags & PCAP_OUTPUT_ISDNS != 0 then payload is the start of a DNS message. + * + * if flags & PCAP_OUTPUT_ISFRAG != 0 then the packet is a fragment. + * + * if flags & PCAP_OUTPUT_ISLAYER != 0 then the pkt_copy is the same as payload. + */ +} diff --git a/plugins/template/test1.sh b/plugins/template/test1.sh new file mode 100755 index 0000000..3cb518f --- /dev/null +++ b/plugins/template/test1.sh @@ -0,0 +1,13 @@ +#!/bin/sh -xe + +plugin=`find . -name 'template.so' | head -n 1` +if [ -z "$plugin" ]; then + echo "Unable to find the template plugin" + exit 1 +fi + +ln -fs "$srcdir/../../src/test/dns.pcap" dns.pcap-dist + +../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -? +../../src/dnscap -r dns.pcap-dist -g -P "$plugin" +! ../../src/dnscap -r dns.pcap-dist -g -P "$plugin" -X |