*/
#include "parse.h"
-//#include "802.11b.h"
#include "main.h"
/* all the parsing stuff will go here
* different protocols should get to seperated files though ...
*/
+int switch_active_state(char *state) {
+
+ switch(*state) {
+ case '-':
+ *state='\\';
+ break;
+ case '\\':
+ *state='|';
+ break;
+ case '|':
+ *state='/';
+ break;
+ default:
+ *state='-';
+ break;
+ }
+
+ return 23;
+}
+
void parse_package(unsigned char *ptr,const struct pcap_pkthdr *pcap_header,const unsigned char *package) {
- t_info *info;
- int i;
-
- info=(t_info *)ptr;
-
- info->count++;
-
- printf("---> package %d --- %s\n",
- info->count,
- ctime((const time_t*)&(pcap_header->ts.tv_sec)));
- if(info->mode&MODE_ASCIIOUT) {
- puts("content in ascii:");
- for(i=0;i<pcap_header->caplen;i++) printf("%c ",package[i]);
- puts("");
- }
- if(info->mode&MODE_HEXOUT) {
- puts("content in ascii:");
- for(i=0;i<pcap_header->caplen;i++) printf("%x ",package[i]);
- puts("");
- }
+ t_info *info;
+ int i;
+ t_sta new_sta;
+ t_sta *sta;
+ //t_frame4_hdr *f4hdr;
+ t_frame3_hdr *f3hdr;
+ //t_frame2_hdr *f2hdr;
+ //t_frame1_hdr *f1hdr;
+ t_beacon_fb *beacon_fb;
+ int ret;
+ char string[MESSAGE_MAX];
+ char sc[MAX_SYSCALL_CHARS];
+ unsigned char new;
+
+ info=(t_info *)ptr;
+
+ info->count++;
+
+ memset(&new_sta,0,sizeof(t_sta));
+ new=0;
+
+ if(info->dump_fd!=0) {
+ ret=write(info->dump_fd,pcap_header,sizeof(struct pcap_pkthdr));
+ if(ret!=sizeof(struct pcap_pkthdr))
+ display_console(info,"warning, pcap header write failed!");
+ ret=write(info->dump_fd,package,pcap_header->caplen);
+ if(ret!=pcap_header->caplen)
+ display_console(info,"warning, package write failed!");
+ }
+
+ /* maybe there is offset to the actual ieee802.11 frame,
+ for example prism header ...
+ in that case, hack the source! */
+
+ /* management */
+ if(FCTL_TYPE(package[0])==FCTL_TYPE_MGMT) {
+ info->count_m++;
+
+ /* beacon frames */
+ if(FCTL_STYPE(package[0])==FCTL_STYPE_BEACON) {
+ f3hdr=(t_frame3_hdr *)package;
+ beacon_fb=(t_beacon_fb *)(package+sizeof(t_frame3_hdr));
+ // check sta
+ memcpy(new_sta.addr,f3hdr->addr2,ADDR_LEN);
+ ret=list_search_data(&(info->sniffed_sta),&new_sta,ADDR_LEN);
+ if((ret==L_EMPTY_LIST)|(ret==L_NO_SUCH_ELEMENT)) {
+ list_add_element(&(info->sniffed_sta),&new_sta,sizeof(t_sta));
+ sta=(t_sta *)info->sniffed_sta.current->data;
+ new=1;
+ }
+ else sta=(t_sta *)info->sniffed_sta.current->data;
+ // fill in stuff ...
+ memcpy(sta->ssid,beacon_fb->ssid,beacon_fb->ssid_length);
+ if((CAP_INFO_ESS(beacon_fb->cap_info))&
+ (CAP_INFO_IBSS(beacon_fb->cap_info)==0)) sta->ap=AP;
+ if(CAP_INFO_PRIVACY(beacon_fb->cap_info)) sta->wep=WEP;
+ sta->count_mgmt++;
+ switch_active_state(&(sta->active));
+ strncpy(string,"last: beacon, source: ",MESSAGE_MAX);
+ for(i=0;i<ADDR_LEN;i++)
+ snprintf(&string[22+3*i],4,"%02x%c",sta->addr[i],
+ (i==ADDR_LEN-1)?'.':':');
+ string[22+3*ADDR_LEN+1]=0;
+ display_console(info,string);
+ if(new) {
+ snprintf(sc,MAX_SYSCALL_CHARS,
+ "flite 'access point found: %s'",
+ sta->ssid);
+ system(sc);
+ if(sta->wep&WEP) strncpy(sc,"flite ' crypted'",MAX_SYSCALL_CHARS);
+ else strncpy(sc,"flite 'not crypted'",MAX_SYSCALL_CHARS);
+ system(sc);
+ }
+ }
+
+ }
+
+ /* control */
+ else if(FCTL_TYPE(package[0])==FCTL_TYPE_CTRL) {
+ info->count_c++;
+ display_console(info,"last: got control frame");
+ }
+
+ /* data */
+ else if(FCTL_TYPE(package[0])==FCTL_TYPE_DATA) {
+ info->count_d++;
+ display_console(info,"last: got data frame");
+ }
+
}
projects / my-code / hdw-sniff.git / blobdiff