Remove extra SLL.patch

[ltp2tcp] / dccp_encap.c

/******************************************************************************
Utility to convert a LTP flow to a TCP flow for LTP analysis via tcptrace.
<ETH, IPv4, DCCP> encapsulation functions

Copyright (C) 2013  Samuel Jero <sj323707@ohio.edu>

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

Author: Samuel Jero <sj323707@ohio.edu>
Date: 06/2013

Notes:
        1)Only handles one LTP "connection". There isn't a good way to separate
                different LTP "connections" from new sessions of the same "connection".
                Use Tcpdump filters to separate connections. Libpcap filtering could also
                be added in ltp2tcp.
        2)Uses some special types from Linux (u_char, u_int32_t)
******************************************************************************/
#include "ltp2tcp.h"
#include <linux/dccp.h>



extern int debug;



/* encapsulation manipulation previous to packet conversion */
int dccp_encap_pre(struct pcap_pkthdr *h, const u_char **odata, u_char **ndata, int* olength, int* nlength)
{
        struct iphdr                    *iph;
        struct ether_header             *ethh;
        struct dccp_hdr                 *dccph;

        /*Safety checks*/
        if(!h || !odata || !ndata || !*odata || !*ndata || !olength || !nlength){
                dbgprintf(0,"Error: DCCP Encapsulation given bad data!\n");
                exit(1);
        }
        if(*olength < sizeof(struct ether_header)+sizeof(struct iphdr)+sizeof(struct dccp_hdr )
                        || *nlength < sizeof(struct ether_header)+sizeof(struct iphdr)+sizeof(struct tcphdr)){
                        dbgprintf(0, "Error: DCCP Encapsulation given packet of wrong size!\n");
                        return -1;
        }

        /*Determine what type of DCCP packet this is*/
        dccph=(struct dccp_hdr*) (*odata + sizeof(struct ether_header)+sizeof(struct iphdr));
        if(dccph->dccph_type!=DCCP_PKT_DATA && dccph->dccph_type!=DCCP_PKT_DATAACK){
                /*Packet Contains no data, discard*/
                dbgprintf(2, "Note: DCCP Encapsulation discarding non-data-carrying packet. Type: %i\n", dccph->dccph_type);
                return -1;
        }

        /*We have a data carrying packet, proceed to process*/


        /*initialize encapsulation private data*/
        if(state.en_priv==NULL){
                /* First time, allocate memory and copy libpcap header and encap headers
                 * this guarantees the IP "direction" of the encap headers */
                state.en_priv=malloc(sizeof(struct eip4_en_p));
                if(state.en_priv==NULL){
                        dbgprintf(0,"Error: Couldn't allocate Memory\n");
                        exit(1);
                }
        }
        if(fill_eip4_encap((struct eip4_en_p*)state.en_priv, *odata, *olength, h)<0){
                return -1;
        }

        /*Copy Ethernet and IPv4 headers over*/
        memcpy(*ndata, *odata, sizeof(struct ether_header)+sizeof(struct iphdr));
        *odata+=sizeof(struct ether_header)+ sizeof(struct iphdr);
        *ndata+=sizeof(struct ether_header)+ sizeof(struct iphdr);

        /*Confirm that this is Ethernet and that IPv4 is next*/
        ethh=(struct ether_header*)(*odata -sizeof(struct ether_header)- sizeof(struct iphdr));
        if(ethh->ether_type!=htons(ETHERTYPE_IP)){
                dbgprintf(1, "Note: Packet not Ethernet or Not IPv4 next\n");
                return -1;
        }

        /* Check That this is IPv4 and that DCCP is next*/
        iph= (struct iphdr *) (*ndata - sizeof(struct iphdr));
        if(iph->version!=4){
                dbgprintf(1, "Note: Packet is not IPv4\n");
                return -1;
        }
        if(iph->protocol!=33){
                dbgprintf(1, "Note: Packet is not DCCP\n");
                return -1;
        }

        /*set IP to indicate that TCP is next protocol*/
        iph->protocol=6;
        iph->check=htonl(0);

        /* Adjust libpcap headers*/
        h->caplen=sizeof(struct ether_header) +sizeof(struct iphdr);
        h->len=sizeof(struct ether_header) +sizeof(struct iphdr);

        /*Adjust packet length*/
        *olength=ntohs(iph->tot_len) - dccph->dccph_doff*4;

        /*Adjust New Packet Length*/
        *nlength-=sizeof(struct ether_header) +sizeof(struct iphdr);

        /*Move Packet Pointer past DCCP header*/
        *odata+=dccph->dccph_doff*4;

        return 0;
}

/* encapsulation manipulation after conversion */
int dccp_encap_post(int tlen, u_char *data)
{
        return eip4_post((struct eip4_en_p*)state.en_priv, tlen, data);
}

/* Create a TCP three-way handshake */
int dccp_encap_handshake(struct pcap_pkthdr *h)
{
        return eip4_handshake((struct eip4_en_p*)state.en_priv, h);
}

/* Create a TCP ending handshake */
int dccp_encap_fin()
{
        return eip4_fin((struct eip4_en_p*)state.en_priv);
}




/* The DCCP Encapsulation Structure*/
struct encap_ops dccp_encap = {
        .pre=dccp_encap_pre,
        .post=dccp_encap_post,
        .handshake=dccp_encap_handshake,
        .fin=dccp_encap_fin
};