/* * Copyright (c) 2005 - 2006 * CACE Technologies, Davis, CA * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of CACE Technologies nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /* * This simple program implements a user-level bridge. * It opens two adapters specified by the user and starts two threads. * The first thread receives packets from adapter 1 and sends them down to * adapter 2. The second thread does the same, but in the opposite * direction. */ #include <signal.h> #include "pcap.h" /* Storage data structure used to pass parameters to the threads */ typedef struct _in_out_adapters { unsigned int state; /* Some simple state information */ pcap_t *input_adapter; pcap_t *output_adapter; }in_out_adapters; /* Prototypes */ DWORD WINAPI CaptureAndForwardThread(LPVOID lpParameter); void ctrlc_handler(int sig); /* This prevents the two threads to mess-up when they do printfs */ CRITICAL_SECTION print_cs; /* Thread handlers. Global because we wait on the threads from the CTRL+C handler */ HANDLE threads[2]; /* This global variable tells the forwarder threads they must terminate */ volatile int kill_forwaders = 0; /*******************************************************************/ int main() { pcap_if_t *alldevs; pcap_if_t *d; int inum1, inum2; int i=0; pcap_t *adhandle1, *adhandle2; char errbuf[PCAP_ERRBUF_SIZE]; u_int netmask1, netmask2; char packet_filter[256]; struct bpf_program fcode; in_out_adapters couple0, couple1; /* * Retrieve the device list */ if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1) { fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf); exit(1); } /* Print the list */ for(d=alldevs; d; d=d->next) { printf("%d. ", ++i); if (d->description) printf("%s\n", d->description); else printf("<unknown adapter>\n"); } if(i==0) { printf("\nNo interfaces found! Make sure WinPcap is installed.\n"); return -1; } /* * Get input from the user */ /* Get the filter*/ printf("\nSpecify filter (hit return for no filter):"); fgets(packet_filter, sizeof(packet_filter), stdin); /* Get the first interface number*/ printf("\nEnter the number of the first interface to use (1-%d):",i); scanf_s("%d", &inum1); if(inum1 < 1 || inum1 > i) { printf("\nInterface number out of range.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* Get the second interface number*/ printf("Enter the number of the first interface to use (1-%d):",i); scanf_s("%d", &inum2); if(inum2 < 1 || inum2 > i) { printf("\nInterface number out of range.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } if(inum1 == inum2 ) { printf("\nCannot bridge packets on the same interface.\n"); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* * Open the specified couple of adapters */ /* Jump to the first selected adapter */ for(d = alldevs, i = 0; i< inum1 - 1 ;d = d->next, i++); /* * Open the first adapter. * *NOTICE* the flags we are using, they are important for the behavior of the prgram: * - PCAP_OPENFLAG_PROMISCUOUS: tells the adapter to go in promiscuous mode. * This means that we are capturing all the traffic, not only the one to or from * this machine. * - PCAP_OPENFLAG_NOCAPTURE_LOCAL: prevents the adapter from capturing again the packets * transmitted by itself. This avoids annoying loops. * - PCAP_OPENFLAG_MAX_RESPONSIVENESS: configures the adapter to provide minimum latency, * at the cost of higher CPU usage. */ if((adhandle1 = pcap_open(d->name, // name of the device 65536, // portion of the packet to capture. // 65536 grants that the whole packet will be captured on every link layer. PCAP_OPENFLAG_PROMISCUOUS | // flags. We specify that we don't want to capture loopback packets, and that the driver should deliver us the packets as fast as possible PCAP_OPENFLAG_NOCAPTURE_LOCAL | PCAP_OPENFLAG_MAX_RESPONSIVENESS, 500, // read timeout NULL, // remote authentication errbuf // error buffer )) == NULL) { fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->description); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } if(d->addresses != NULL) { /* Retrieve the mask of the first address of the interface */ netmask1 = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr; } else { /* If the interface is without addresses we suppose to be in a C class network */ netmask1 = 0xffffff; } /* Jump to the second selected adapter */ for(d = alldevs, i = 0; i< inum2 - 1 ;d = d->next, i++); /* Open the second adapter */ if((adhandle2 = pcap_open(d->name, // name of the device 65536, // portion of the packet to capture. // 65536 grants that the whole packet will be captured on every link layer. PCAP_OPENFLAG_PROMISCUOUS | // flags. We specify that we don't want to capture loopback packets, and that the driver should deliver us the packets as fast as possible PCAP_OPENFLAG_NOCAPTURE_LOCAL | PCAP_OPENFLAG_MAX_RESPONSIVENESS, 500, // read timeout NULL, // remote authentication errbuf // error buffer )) == NULL) { fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->description); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } if(d->addresses != NULL) { /* Retrieve the mask of the first address of the interface */ netmask2 = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr; } else { /* If the interface is without addresses we suppose to be in a C class network */ netmask2 = 0xffffff; } /* * Compile and set the filters */ /* compile the filter for the first adapter */ if (pcap_compile(adhandle1, &fcode, packet_filter, 1, netmask1) <0 ) { fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n"); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* set the filter for the first adapter*/ if (pcap_setfilter(adhandle1, &fcode)<0) { fprintf(stderr,"\nError setting the filter.\n"); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* compile the filter for the second adapter */ if (pcap_compile(adhandle2, &fcode, packet_filter, 1, netmask2) <0 ) { fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n"); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* set the filter for the second adapter*/ if (pcap_setfilter(adhandle2, &fcode)<0) { fprintf(stderr,"\nError setting the filter.\n"); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* At this point, we don't need the device list any more. Free it */ pcap_freealldevs(alldevs); /* * Start the threads that will forward the packets */ /* Initialize the critical section that will be used by the threads for console output */ InitializeCriticalSection(&print_cs); /* Init input parameters of the threads */ couple0.state = 0; couple0.input_adapter = adhandle1; couple0.output_adapter = adhandle2; couple1.state = 1; couple1.input_adapter = adhandle2; couple1.output_adapter = adhandle1; /* Start first thread */ if((threads[0] = CreateThread( NULL, 0, CaptureAndForwardThread, &couple0, 0, NULL)) == NULL) { fprintf(stderr, "error creating the first forward thread"); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* Start second thread */ if((threads[1] = CreateThread( NULL, 0, CaptureAndForwardThread, &couple1, 0, NULL)) == NULL) { fprintf(stderr, "error creating the second forward thread"); /* Kill the first thread. Not very gentle at all...*/ TerminateThread(threads[0], 0); /* Close the adapters */ pcap_close(adhandle1); pcap_close(adhandle2); /* Free the device list */ pcap_freealldevs(alldevs); return -1; } /* * Install a CTRL+C handler that will do the cleanups on exit */ signal(SIGINT, ctrlc_handler); /* * Done! * Wait for the Greek calends... */ printf("\nStart bridging the two adapters...\n", d->description); Sleep(INFINITE); return 0; } /******************************************************************* * Forwarding thread. * Gets the packets from the input adapter and sends them to the output one. *******************************************************************/ DWORD WINAPI CaptureAndForwardThread(LPVOID lpParameter) { struct pcap_pkthdr *header; const u_char *pkt_data; int res = 0; in_out_adapters* ad_couple = lpParameter; unsigned int n_fwd = 0; /* * Loop receiving packets from the first input adapter */ while((!kill_forwaders) && (res = pcap_next_ex(ad_couple->input_adapter, &header, &pkt_data)) >= 0) { if(res != 0) /* Note: res=0 means "read timeout elapsed"*/ { /* * Print something, just to show when we have activity. * BEWARE: acquiring a critical section and printing strings with printf * is something inefficient that you seriously want to avoid in your packet loop! * However, since this is a *sample program*, we privilege visual output to efficiency. */ EnterCriticalSection(&print_cs); if(ad_couple->state == 0) printf(">> Len: %u\n", header->caplen); else printf("<< Len: %u\n", header->caplen); LeaveCriticalSection(&print_cs); /* * Send the just received packet to the output adaper */ if(pcap_sendpacket(ad_couple->output_adapter, pkt_data, header->caplen) != 0) { EnterCriticalSection(&print_cs); printf("Error sending a %u bytes packets on interface %u: %s\n", header->caplen, ad_couple->state, pcap_geterr(ad_couple->output_adapter)); LeaveCriticalSection(&print_cs); } else { n_fwd++; } } } /* * We're out of the main loop. Check the reason. */ if(res < 0) { EnterCriticalSection(&print_cs); printf("Error capturing the packets: %s\n", pcap_geterr(ad_couple->input_adapter)); fflush(stdout); LeaveCriticalSection(&print_cs); } else { EnterCriticalSection(&print_cs); printf("End of bridging on interface %u. Forwarded packets:%u\n", ad_couple->state, n_fwd); fflush(stdout); LeaveCriticalSection(&print_cs); } return 0; } /******************************************************************* * CTRL+C hanlder. * We order the threads to die and then we patiently wait for their * suicide. *******************************************************************/ void ctrlc_handler(int sig) { /* * unused variable */ (VOID)(sig); kill_forwaders = 1; WaitForMultipleObjects(2, threads, TRUE, /* Wait for all the handles */ 5000); /* Timeout */ exit(0); }