Skip to content

Commit

Permalink
Merge pull request #93 from pspacek/dns_name_escaping
Browse files Browse the repository at this point in the history
new option to escape DNS names
  • Loading branch information
jelu authored Oct 19, 2021
2 parents 4042df5 + 6c1247f commit db7de6b
Show file tree
Hide file tree
Showing 21 changed files with 258 additions and 101 deletions.
2 changes: 1 addition & 1 deletion fmt.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh

clang-format-4.0 \
clang-format \
-style=file \
-i \
src/*.cpp \
Expand Down
Binary file added pcap/sample-rfc1035escape.pcap.gz
Binary file not shown.
22 changes: 20 additions & 2 deletions src/dns.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,27 @@ void fill_in_visible_char_map()
}
}

Parse_dns::Parse_dns()
void fill_in_visible_char_map_rfc1035()
{
fill_in_visible_char_map();
for (int i = 0; i < 256; ++i) {
if ((i >= 'a' && i <= 'z')
|| (i >= 'A' && i <= 'Z')
|| (i >= '0' && i <= '9')
|| (i == '-' || i == '_')) {
visible_char_map[i] = i;
} else { // espaping needed
visible_char_map[i] = 0;
}
}
}

Parse_dns::Parse_dns(bool escape_dnsnames)
{
if (escape_dnsnames) {
fill_in_visible_char_map_rfc1035();
} else {
fill_in_visible_char_map();
}

table_name = "dns";

Expand Down
14 changes: 11 additions & 3 deletions src/dns.h
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,15 @@ class DNSMessage {
p = 0;

while (n-- > 0) {
out[p++] = visible_char_map[get_ubyte(offs++)];
const unsigned int byte = get_ubyte(offs++);
if (visible_char_map[byte]) {
out[p++] = visible_char_map[byte];
} else {
out[p++] = '\\';
out[p++] = '0' + byte / 100;
out[p++] = '0' + byte / 10 % 10;
out[p++] = '0' + byte % 10;
}
}
out[p++] = '.';
n = get_ubyte(offs++);
Expand Down Expand Up @@ -451,9 +459,9 @@ class Parse_dns : public Packet_handler {
COLUMN_EDNS0_ECS_ADDRESS,
};

Parse_dns();
Parse_dns(bool escape_dnsnames);

virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample);

void add_packet_columns();
Expand Down
2 changes: 1 addition & 1 deletion src/icmp.h
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ class Parse_icmp : public Packet_handler {

Parse_icmp();

virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual void on_table_created(Table* table, const std::vector<int>& columns);
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample);

void add_packet_columns();
Expand Down
10 changes: 4 additions & 6 deletions src/output.h
Original file line number Diff line number Diff line change
Expand Up @@ -76,11 +76,9 @@ class Output {
if (c == '\\') {
m_buffer[m_len++] = '\\';
c = '\\';
}
else if (c == '"') {
} else if (c == '"') {
m_buffer[m_len++] = '\\';
}
else if (c < 0x20) {
} else if (c < 0x20) {
m_buffer[m_len++] = '\\';
m_buffer[m_len++] = 'u';
m_buffer[m_len++] = '0';
Expand Down Expand Up @@ -199,7 +197,7 @@ class Output {
if (i == longest_p) {
if (i == 0)
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
}
} else {
add_hex_ushort(digs[i]);
Expand Down Expand Up @@ -357,7 +355,7 @@ class Str_conv {
if (i == longest_p) {
if (i == 0)
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
m_buffer[m_len++] = ':';
}
} else {
add_hex_ushort(digs[i]);
Expand Down
10 changes: 5 additions & 5 deletions src/packet_handler.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,8 @@ Str_conv converter;
class Fragments {
private:
Fragments& operator=(const Fragments& other);
Fragments(Fragments &&other) noexcept;
Fragments const & operator=(Fragments &&other);
Fragments(Fragments&& other) noexcept;
Fragments const& operator=(Fragments&& other);

public:
class Range {
Expand Down Expand Up @@ -85,7 +85,7 @@ class Fragments {
m_frags++;
if (head.fragments == 0)
m_complete = head.offset + len;
bool complete = add_range(head.offset, head.offset + len);
bool complete = add_range(head.offset, head.offset + len);
memcpy((void*)&m_buffer[head.offset], data, len);
if (complete) {
m_complete = head.offset + len;
Expand Down Expand Up @@ -405,9 +405,9 @@ void Packet_handler::add_packet_column(const char* name, const char* description
packet_columns.push_back(c);
}

void init_packet_handlers()
void init_packet_handlers(bool escape_dnsnames)
{
packet_handlers.push_back(new Parse_dns());
packet_handlers.push_back(new Parse_dns(escape_dnsnames));
packet_handlers.push_back(new Parse_icmp());
}

Expand Down
14 changes: 7 additions & 7 deletions src/packet_handler.h
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,8 @@ class IP_header {
memset(&dst_ip, 0, sizeof(dst_ip));
}

void reset();
int decode(unsigned char* data, int ether_type, int id);
void reset();
int decode(unsigned char* data, int ether_type, int id);
unsigned int s;
unsigned int us;
unsigned short ethertype;
Expand Down Expand Up @@ -176,9 +176,9 @@ class Packet {
}

ParseResult parse(Packet_handler* handler, const std::vector<int>& columns, Row& destination_row, bool sample);
bool parse_ethernet();
bool parse_ip(unsigned char* data, int len, int ether_type);
bool parse_transport(unsigned char* data, int len);
bool parse_ethernet();
bool parse_ip(unsigned char* data, int len, int ether_type);
bool parse_transport(unsigned char* data, int len);

IP_header m_ip_header;
unsigned char* m_data;
Expand Down Expand Up @@ -209,7 +209,7 @@ class Packet_handler {
Table* create_table(const std::vector<int>& columns);

// for actual packet handlers to fill in
virtual void on_table_created(Table* table, const std::vector<int>& columns) = 0;
virtual void on_table_created(Table* table, const std::vector<int>& columns) = 0;
virtual Packet::ParseResult parse(Packet& packet, const std::vector<int>& columns, Row& destination_row, bool sample) = 0;

const char* table_name;
Expand All @@ -218,7 +218,7 @@ class Packet_handler {
void add_packet_column(const char* name, const char* description, Coltype::Type type, int id);
};

void init_packet_handlers();
void init_packet_handlers(bool escape_dnsnames);
void destroy_packet_handlers();
Packet_handler* get_packet_handler(std::string table_name);

Expand Down
45 changes: 41 additions & 4 deletions src/packetq.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,10 @@ static void usage(char* argv0, bool longversion)
" --json | -j JSON (default)\n"
" --csv | -c CSV\n"
" --table | -t Text table\n"
" --xml | -x ] XML\n"
" --xml | -x XML\n"
" --rfc1035 Output DNS names escaped using RFC1035 format:\n"
" All characters outsize [a-zA-Z0-9_-] are escaped\n"
" like \\012. (Octet value in decimal.)\n"
"\n"
"Web Server:\n"
" --daemon | -d Run web server in daemon mode.\n"
Expand Down Expand Up @@ -155,11 +158,40 @@ int main(int argc, char* argv[])
int max_conn = 7;
bool daemon = false;

init_packet_handlers(); // set up tables

std::string webroot = "", pcaproot = "";
std::string queries[NUM_QUERIES] = {
"", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
};
int qcount = 0;

Expand All @@ -177,6 +209,7 @@ int main(int argc, char* argv[])
{ "json", 0, 0, 'j' },
{ "table", 0, 0, 't' },
{ "xml", 0, 0, 'x' },
{ "rfc1035", 0, 0, 10000 },
{ "help", 0, 0, 'h' },
{ "version", 0, 0, 'v' },
{ NULL, 0, 0, 0 }
Expand Down Expand Up @@ -229,6 +262,9 @@ int main(int argc, char* argv[])
case 'p':
port = atoi(optarg);
break;
case 10000: // rfc1035
g_app->set_escape(true);
break;
default:
fprintf(stderr, "Unknown option: %c\n", c);
usage(argv[0], false);
Expand All @@ -238,6 +274,7 @@ int main(int argc, char* argv[])
return 1;
}
}
init_packet_handlers(g_app->get_escape()); // set up tables
g_app->set_limit(limit);
if (port > 0) {
start_server(port, daemon, pcaproot, webroot, max_conn);
Expand Down
7 changes: 7 additions & 0 deletions src/packetq.h
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,14 @@ class PacketQ {
};
PacketQ()
{
m_escape = false;
m_limit = 0;
m_output = json;
}
void set_escape(bool escape)
{
m_escape = escape;
}
void set_limit(int limit)
{
m_limit = limit;
Expand All @@ -48,10 +53,12 @@ class PacketQ {
{
m_output = opt;
}
int get_escape() { return m_escape; }
OutputOpts get_output() { return m_output; }
int get_limit() { return m_limit; }

private:
bool m_escape;
int m_limit;
OutputOpts m_output;
};
Expand Down
4 changes: 2 additions & 2 deletions src/pcap.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ namespace packetq {
class Pcap_file {
private:
Pcap_file& operator=(const Pcap_file& other);
Pcap_file(Pcap_file &&other) noexcept;
Pcap_file const & operator=(Pcap_file &&other);
Pcap_file(Pcap_file&& other) noexcept;
Pcap_file const& operator=(Pcap_file&& other);

public:
static const bool TAKE_OVER_FP = true;
Expand Down
6 changes: 3 additions & 3 deletions src/refcountstring.h
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ struct RefCountString {
{
int length = to - from;
if (length < 0)
length = 0;
length = 0;
RefCountString* str = RefCountString::allocate(length + 1);
std::memcpy(str->data, data + from, length);
str->data[length - 1 + 1] = '\0';
Expand All @@ -84,8 +84,8 @@ struct RefCountString {
class RefCountStringHandle {
private:
RefCountStringHandle& operator=(const RefCountStringHandle& other);
RefCountStringHandle(RefCountStringHandle &&other) noexcept;
RefCountStringHandle const & operator=(RefCountStringHandle &&other);
RefCountStringHandle(RefCountStringHandle&& other) noexcept;
RefCountStringHandle const& operator=(RefCountStringHandle&& other);

public:
RefCountStringHandle()
Expand Down
4 changes: 2 additions & 2 deletions src/segzip.h
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ class Buffer {
class Zip {
private:
Zip& operator=(const Zip& other);
Zip(Zip &&other) noexcept;
Zip const & operator=(Zip &&other);
Zip(Zip&& other) noexcept;
Zip const& operator=(Zip&& other);

public:
Zip()
Expand Down
Loading

0 comments on commit db7de6b

Please sign in to comment.