tracedump
single application IP packet sniffer

tracedump.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2011-2012 IITiS PAN Gliwice <http://www.iitis.pl/>
00003  * Author: Paweł Foremski <pjf@iitis.pl>
00004  * Licensed under GNU GPL v. 3
00005  */
00006 
00007 #ifndef _TRACEDUMP_H_
00008 #define _TRACEDUMP_H_
00009 
00010 #include <stdio.h>
00011 #include <stdlib.h>
00012 #include <stdint.h>
00013 #include <string.h>
00014 #include <dirent.h>
00015 #include <getopt.h>
00016 
00017 #include <sys/types.h>
00018 #include <sys/ptrace.h>
00019 #include <sys/socket.h>
00020 #include <sys/time.h>
00021 #include <sys/user.h>
00022 #include <sys/syscall.h>
00023 #include <sys/wait.h>
00024 #include <linux/net.h>
00025 #include <signal.h>
00026 #include <setjmp.h>
00027 #include <pthread.h>
00028 
00029 #include <libpjf/lib.h>
00030 
00031 #define TRACEDUMP_VERSION "0.5"
00032 
00033 struct tracedump;
00034 struct pid;
00035 struct sock;
00036 struct port;
00037 
00038 #include "inject.h"
00039 #include "ptrace.h"
00040 #include "pcap.h"
00041 #include "pid.h"
00042 #include "port.h"
00043 
00045 struct tracedump {
00046         mmatic *mm;                           
00047         jmp_buf jmp;                          
00049         /* options */
00050         struct {
00051                 char **src;                       
00052                 int srclen;                       
00053                 char *outfile;                    
00054                 int snaplen;                      
00055         } opts;
00056 
00057         /* structures for process tracing */
00058         struct pid *sp;                       
00059         thash *pids;                          
00060         thash *socks;                         
00062         /* structures for port tracking */
00063         pthread_mutex_t mutex_ports;          
00064         pthread_t thread_gc;                  
00065         thash *tcp_ports;                     
00066         thash *udp_ports;                     
00068         /* structures for packet capture */
00069         struct pcap *pc;                      
00070 };
00071 
00073 struct pid {
00074         struct tracedump *td;                 
00075         int pid;                              
00077         bool in_socketcall;                   
00078         int code;                             
00079         struct sock *ss;                      
00081         struct user_regs_struct regs;         
00082 };
00083 
00085 struct sock {
00086         struct tracedump *td;                 
00087         int socknum;                          
00088         int type;                             
00089         unsigned long port;                   
00090 };
00091 
00093 struct port {
00094         struct timeval since;                 
00095         bool local;                           
00096         int socknum;                          
00097 };
00098 
00099 /* exceptions */
00100 #define EXCEPTION(td, code, arg) longjmp(td->jmp, ((code) & 0xffff) | ((arg) << 16))
00101 #define EXC_PTRACE 1
00102 
00103 /* assumes 32-bits in int */
00104 #define EXC_CODE(i) ((i) & 0xffff)
00105 #define EXC_ARG(i) ((i) >> 16)
00106 
00107 #endif
 All Data Structures Files Functions Variables Enumerations Enumerator Defines
Generated on Mon Feb 6 2012 14:57:52 for tracedump by  doxygen 1.7.3