From cc31a604f302b58723f29ff74df3ef9ae7a75629 Mon Sep 17 00:00:00 2001 From: pdw <> Date: Mon, 1 Mar 2010 22:10:09 +0000 Subject: [PATCH] =?UTF-8?q?Applied=20patch=20from=20Richard=20T=C3=B3th=20?= =?UTF-8?q?=20to=20support=20PFLOG=20interfaces.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- iftop.c | 17 +++++++++++++++++ iftop.h | 12 ++++++++++++ 2 files changed, 29 insertions(+) diff --git a/iftop.c b/iftop.c index 5a7b41e..397d815 100644 --- a/iftop.c +++ b/iftop.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -301,6 +302,19 @@ static void handle_raw_packet(unsigned char* args, const struct pcap_pkthdr* pkt handle_ip_packet((struct ip*)packet, -1); } +static void handle_pflog_packet(unsigned char* args, const struct pcap_pkthdr* pkthdr, const unsigned char* packet) +{ + register u_int length = pkthdr->len; + u_int hdrlen; + const struct pfloghdr *hdr; + + hdr = (struct pfloghdr *)packet; + hdrlen = BPF_WORDALIGN(hdr->length); + length -= hdrlen; + packet += hdrlen; + handle_ip_packet((struct ip*)packet, length); +} + static void handle_llc_packet(const struct llc* llc, int dir) { struct ip* ip = (struct ip*)((void*)llc + sizeof(struct llc)); @@ -519,6 +533,9 @@ void packet_init() { if(dlt == DLT_EN10MB) { packet_handler = handle_eth_packet; } + else if (dlt == DLT_PFLOG) { + packet_handler = handle_pflog_packet; + } else if(dlt == DLT_RAW || dlt == DLT_NULL) { packet_handler = handle_raw_packet; } diff --git a/iftop.h b/iftop.h index 2c99e64..4f03d8c 100644 --- a/iftop.h +++ b/iftop.h @@ -32,5 +32,17 @@ void xfree(void *v); /* options.c */ void options_read(int argc, char **argv); +struct pfloghdr { + unsigned char length; + unsigned char af; + unsigned char action; + unsigned char reason; + char ifname[16]; + char ruleset[16]; + unsigned int rulenr; + unsigned int subrulenr; + unsigned char dir; + unsigned char pad[3]; +}; #endif /* __IFTOP_H_ */