diff --git a/CREDITS b/CREDITS new file mode 100644 index 0000000..75df002 --- /dev/null +++ b/CREDITS @@ -0,0 +1,4 @@ +I would like to thank you the following people for their contributions to the project: + + Matthew Bricker https://twitter.com/MatthewBricker + drits \ No newline at end of file diff --git a/configure.in b/configure.in index 704fabe..eee9860 100644 --- a/configure.in +++ b/configure.in @@ -46,5 +46,17 @@ AC_TYPE_SIZE_T AC_FUNC_MALLOC AC_CHECK_FUNCS([inet_ntoa memset socket]) +# Check for directories + +test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc + +TARGET="$sysconfdir/portspoof/" +if test ! -d $TARGET; then + mkdir $TARGET +fi + ++ AT_CHECK([mkdir "$dir" "$TMPDIR" && touch "$file.ac" || exit 77]) + + AC_CONFIG_FILES([Makefile src/Makefile tools/Makefile]) AC_OUTPUT diff --git a/src/Revregex.cpp b/src/Revregex.cpp index da44022..5f827e1 100644 --- a/src/Revregex.cpp +++ b/src/Revregex.cpp @@ -1,8 +1,6 @@ #include #include #include -#include -#include #include #include #include @@ -385,7 +383,7 @@ wektor fill_specialchars(wektor str,int start_offset,int end_offset) result_vector.push_back('\t'); i++; } - else if(str[i]==dot && ( i == start_offset || str[i-1] != bslash ) ) + else if(str[i]==dot && i+1<=end_offset && ( i == start_offset || str[i-1] != bslash ) ) { result_vector.push_back(97+rand()%25); if(i<=end_offset && (str[i+1]=='+' || str[i+1]=='*') ) @@ -429,59 +427,6 @@ wektor escape_hex(wektor str,int start_offset,int end_offset) } -/* -char * clear_spaces(char* str) -{ - - int len=0; - int flag=1; - int i=0; - int j=0; - char* str2; - - len=strlen(str); - if (!(str2 = malloc((len+1) * sizeof(char)))) - exit(1); - - memset(str2,0,len+1); - - for(i;i process_signature(std::string str) return result_vector; -} \ No newline at end of file +} diff --git a/src/connection.cpp b/src/connection.cpp index 1689456..6c012cb 100644 --- a/src/connection.cpp +++ b/src/connection.cpp @@ -46,6 +46,30 @@ #include "connection.h" #include "Configuration.h" +/* +ipstr has to be of length INET_ADDRSTRLEN +or INET6_ADDRSTRLEN +*/ +int get_ipstr(int fd, char *ipstr) +{ + socklen_t len; + struct sockaddr_storage addr; + + len = sizeof(struct sockaddr_storage); + getpeername(fd, (struct sockaddr *)&addr, &len); + + if (addr.ss_family == AF_INET) + { + struct sockaddr_in *s = (struct sockaddr_in *)&addr; + inet_ntop(AF_INET, &s->sin_addr, ipstr, INET_ADDRSTRLEN); + } + else + { // AF_INET6 + struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr; + inet_ntop(AF_INET6, &s->sin6_addr, ipstr, INET6_ADDRSTRLEN); + } + return 1; +} void nonblock(int sockfd) { @@ -67,7 +91,6 @@ void nonblock(int sockfd) void* process_connection(void *arg) { int tid = *((int*)(&arg)); - //int len; string str; char buffer[1000];//TODO: to be fixed int original_port=DEFAULT_PORT; @@ -76,6 +99,8 @@ void* process_connection(void *arg) struct sockaddr_in peer_sockaddr; int peer_sockaddr_len=sizeof(struct sockaddr_in); char* msg; + char ipstr[INET6_ADDRSTRLEN]; + memset(ipstr, '\0', INET6_ADDRSTRLEN); while(1) { @@ -106,14 +131,15 @@ void* process_connection(void *arg) goto close_socket; } else - original_port = ntohs(peer_sockaddr.sin_port); + original_port = ntohs(peer_sockaddr.sin_port); + get_ipstr(threads[tid].clients[i], ipstr); #endif //LOG msg=(char*)malloc(MAX_LOG_MSG_LEN); memset(msg,0,MAX_LOG_MSG_LEN); - snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,; + snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,; Utils::log_write(configuration,msg); free(msg); // @@ -154,14 +180,15 @@ void* process_connection(void *arg) goto close_socket2; } else - original_port = ntohs(peer_sockaddr.sin_port); + original_port = ntohs(peer_sockaddr.sin_port); + get_ipstr(threads[tid].clients[i], ipstr); #endif //LOG msg =(char*)malloc(MAX_LOG_MSG_LEN); memset(msg,0,MAX_LOG_MSG_LEN); - snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,; + snprintf(msg,MAX_LOG_MSG_LEN,"%d # Port_probe # REMOVING_SOCKET # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,; Utils::log_write(configuration,msg); free(msg); // @@ -180,20 +207,22 @@ void* process_connection(void *arg) #ifdef OSX // BSD - original_port = ntohs(peer_sockaddr.sin_port); + original_port = ntohs(peer_sockaddr.sin_port); // #else // Linux if ( getsockopt (threads[tid].clients[i], SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&peer_sockaddr, (socklen_t*) &peer_sockaddr_len )) perror("Getsockopt failed"); - original_port = ntohs(peer_sockaddr.sin_port); + + original_port = ntohs(peer_sockaddr.sin_port); + get_ipstr(threads[tid].clients[i], ipstr); // #endif //LOG char* msg=(char*)malloc(MAX_LOG_MSG_LEN); memset(msg,0,MAX_LOG_MSG_LEN); - snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d \n",(int)timestamp,(char*)inet_ntoa(peer_sockaddr.sin_addr),original_port);//" port:%d src_ip%s\n", original_port,; + snprintf(msg,MAX_LOG_MSG_LEN,"%d # Service_probe # SIGNATURE_SEND # source_ip:%s # dst_port:%d \n",(int)timestamp,ipstr,original_port);//" port:%d src_ip%s\n", original_port,; Utils::log_write(configuration,msg); free(msg); // diff --git a/tools/Makefile.am b/tools/Makefile.am index 3b7417f..ac80c8a 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -2,6 +2,6 @@ EXTRA_DIST = portspoof.conf portspoof_signatures -confdir= $(sysconfdir)/portspoof +confdir= "/$sysconfdir/portspoof/"" sysconf_DATA=portspoof.conf portspoof_signatures \ No newline at end of file