ProtocolAnalyzer/packetstats.cpp at master · megatran/ProtocolAnalyzer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
//
//  project4.cpp
//  project4
//
//  Skeleton code by Phillip Romig on 4/3/12.
//  Solution implemented by Nhan Tran on December 2018
//

#include "packetstats.h"


// ****************************************************************************
// * main()
// *
// *  Open the file, initalize the results container class,
// *  call pk_processor() once for each packet and the finally call
// *  the displayResutls() method.
// ****************************************************************************
int main (int argc, char **argv)
{

    // **********************************************************************
    // * Initalize the debugging class.
    // **********************************************************************
    boost::log::add_console_log(std::cout, boost::log::keywords::format = "%Message%");
    boost::log::core::get()->set_filter(boost::log::trivial::severity >= boost::log::trivial::warning);

    // **********************************************************************
    // * The program is called with two arguments:
    // * -f <filename>
    // * -d <debug level>
    // * -m List unique MAC addresses
    // * -a List unique IP addresses
    // * -u List unique UDP addresses
    // * -t List unique TCP addresses
    // **********************************************************************
    int opt = 0;
    char filename[NAME_MAX];
    bool displayMac =  false;
    bool displayIP = false;
    bool displayUDP = false;
    bool displayTCP = false;
    while ((opt = getopt(argc,argv,"mautf:d:")) != -1) {

        switch (opt) {
            case 'f':
                strncpy(filename,optarg,NAME_MAX);
                break;
            case 'd':
                if (atoi(optarg) >= 1) boost::log::core::get()->set_filter(boost::log::trivial::severity >= boost::log::trivial::info);
                if (atoi(optarg) >= 2) boost::log::core::get()->set_filter(boost::log::trivial::severity >= boost::log::trivial::debug);
                if (atoi(optarg) >= 3) boost::log::core::get()->set_filter(boost::log::trivial::severity >= boost::log::trivial::trace);
                break;
            case 'm':
                displayMac = true;
                break;
            case 'a':
                displayIP = true;
                break;
            case 'u':
                displayUDP = true;
                break;
            case 't':
                displayTCP = true;
                break;
            case ':':
            case '?':
            default:
                std::cout << "useage: " << argv[0] << " -f <cpautremy file name> -d <debug level> -m -a -u -t" << std::endl;
                std::cout << "        -m list unique MAC addressses" << std::endl;
                std::cout << "        -a list unique IPv4 addressses" << std::endl;
                std::cout << "        -u list unique UDP ports" << std::endl;
                std::cout << "        -t list unique TCP ports" << std::endl;
                exit(EXIT_FAILURE);
        }
    }
    TRACE << "Running packetstats on file " << filename << ENDL;


    // **********************************************************************
    // * Instantiate the results class.
    // **********************************************************************
    resultsC* results = new resultsC(displayMac,displayIP,displayUDP,displayTCP);
    TRACE << "results object created" << ENDL;


    // **********************************************************************
    // * Attempt to open the file.
    // **********************************************************************
    char errbuf[PCAP_ERRBUF_SIZE];
    pcap_t *PT;

    bzero(errbuf,PCAP_ERRBUF_SIZE);
    if ((PT = pcap_open_offline(filename,errbuf)) == NULL ) {
        FATAL << "Unable to open pcap file: " << filename << ENDL;
        exit(EXIT_FAILURE);
    }
    DEBUG << filename << " has been opened." << ENDL;

    if (strlen(errbuf) > 0)
        WARNING << "pcap_open_offiline encountered a non-fatal error: " << pcap_geterr(PT) << ENDL;


    // **********************************************************************
    // * The dispatcher will call the packet processor once for packet
    // * in the capture file.
    // **********************************************************************
    int pk_count;
    DEBUG << "Calling dispatcher." << ENDL;
    if ((pk_count = pcap_dispatch(PT, -1, pk_processor, (u_char *)results)) < 0) {
        FATAL << "Error calling dispatcher: " << pcap_geterr(PT) << ENDL;
        exit(EXIT_FAILURE);
    }
    DEBUG << "Dispatcher finished with " << pk_count << " packets left in the queue." << ENDL;


    // **********************************************************************
    // * File your report here.
    // **********************************************************************
    std::cout << *results << std::endl;
    exit(EXIT_SUCCESS);
}