From ae22da5136a84a8a2d0636409ee7bf89f23bed93 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Thu, 28 Jan 2016 11:22:59 +0100
Subject: [PATCH] Added --capture-direction (issue #265)

---
 include/Prefs.h          |  3 +++
 ntopng.8                 |  9 +++++++--
 src/PF_RINGInterface.cpp | 22 ++++++++++++++++------
 src/PcapInterface.cpp    |  3 +++
 src/Prefs.cpp            | 15 +++++++++++++--
 5 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/include/Prefs.h b/include/Prefs.h
index a0ab47ba87..e309958b18 100644
--- a/include/Prefs.h
+++ b/include/Prefs.h
@@ -37,6 +37,7 @@ typedef struct {
 class Prefs {
  private:
   u_int8_t num_deferred_interfaces_to_register;
+  pcap_direction_t captureDirection;
   char *deferred_interfaces_to_register[MAX_NUM_INTERFACES];
   const char *http_binding_address, *https_binding_address;
   Ntop *ntop;
@@ -186,6 +187,8 @@ class Prefs {
 
   inline char* getInterfaceViewAt(int id) { return((id >= MAX_NUM_INTERFACES) ? NULL : ifViewNames[id].name); }
   inline char* getInterfaceAt(int id)     { return((id >= MAX_NUM_INTERFACES) ? NULL : ifNames[id].name); }
+  inline pcap_direction_t getCaptureDirection() { return(captureDirection); }
+  inline void setCaptureDirection(pcap_direction_t dir) { captureDirection = dir; }
 };
 
 #endif /* _PREFS_H_ */
diff --git a/ntopng.8 b/ntopng.8
index b9b039eaf7..ee65300f36 100644
--- a/ntopng.8
+++ b/ntopng.8
@@ -1,4 +1,4 @@
-.\" This file Copyright 1998-2014-15 Luca Deri <deri@ntop.org>
+.\" This file Copyright 1998-16 ntop.org
 .\"
 .
 .de It
@@ -9,7 +9,7 @@
 .TP 1.2
 .B "\\$1 | \\$2"
 ..
-.TH NTOPNG 8 "Jul 2015 (ntopng 2.0.1)"
+.TH NTOPNG 8 "Dev 2015 (ntopng 2.2)"
 .SH NAME
 ntopng \- display top network users
 .SH SYNOPSIS
@@ -85,6 +85,7 @@ or
 .RB [ \-Z
 .IR <prefix> ]
 .RB [ \-\-shutdown\-when\-done ]
+.RB [ \-\-capture\-direction ]
 .RB [ \-v ]
 .RB [ \-V ]
 .RB [ \-h ]
@@ -338,6 +339,10 @@ you must use ntopng with \-Z "/ntopng/"
 .It \-\-shutdown\-when\-done
 Terminate ntopng when the input pcap file is over (debug only).
 
+.It \-\-capture\-direction
+Specify the packet capture direction for packet capture interfaces (no ZMQ).
+Supported values are: 0=RX+TX (default), 1=RX only, 2=TX only
+
 .It \-v|\-\-verbose
 Verbose tracing.
 
diff --git a/src/PF_RINGInterface.cpp b/src/PF_RINGInterface.cpp
index e52f33d185..8449b5bc12 100644
--- a/src/PF_RINGInterface.cpp
+++ b/src/PF_RINGInterface.cpp
@@ -31,6 +31,7 @@
 
 PF_RINGInterface::PF_RINGInterface(const char *name) : NetworkInterface(name) {
   u_int flags = ntop->getPrefs()->use_promiscuous() ? PF_RING_PROMISC : 0;
+  packet_direction direction;
 
   flags |= PF_RING_LONG_HEADER;
   flags |= PF_RING_DNA_SYMMETRIC_RSS;  /* Note that symmetric RSS is ignored by non-DNA drivers */
@@ -59,6 +60,15 @@ PF_RINGInterface::PF_RINGInterface(const char *name) : NetworkInterface(name) {
   pfring_set_direction(pfring_handle, rx_only_direction);
   pfring_set_poll_watermark(pfring_handle, 8);
   pfring_set_application_name(pfring_handle, (char*)"ntopng");
+
+  switch(ntop->getPrefs()->getCaptureDirection()) {
+  case PCAP_D_INOUT: direction = rx_and_tx_direction; break;
+  case PCAP_D_IN:    direction = rx_only_direction; break;
+  case PCAP_D_OUT:   direction = tx_only_direction; break;
+  }
+
+  if(pfring_set_direction(pfring_handle, direction) != 0)
+    ntop->getTrace()->traceEvent(TRACE_WARNING, "Unable to set packet capture direction");
 }
 
 /* **************************************************** */
@@ -84,7 +94,7 @@ static void* packetPollLoop(void* ptr) {
 
   while(iface->isRunning()) {
     if(pfring_is_pkt_available(pd)) {
-      u_char *buffer; 
+      u_char *buffer;
       struct pfring_pkthdr hdr;
 
       if(pfring_recv(pd, &buffer, 0, &hdr, 0 /* wait_for_packet */) > 0) {
@@ -96,7 +106,7 @@ static void* packetPollLoop(void* ptr) {
 				  &a_shaper_id, &b_shaper_id);
 	} catch(std::bad_alloc& ba) {
 	  static bool oom_warning_sent = false;
-	  
+
 	  if(!oom_warning_sent) {
 	    ntop->getTrace()->traceEvent(TRACE_WARNING, "Not enough memory");
 	    oom_warning_sent = true;
@@ -118,7 +128,7 @@ static void* packetPollLoop(void* ptr) {
 void PF_RINGInterface::startPacketPolling() {
   pthread_create(&pollLoop, NULL, packetPollLoop, (void*)this);
   pollLoopCreated = true;
-  NetworkInterface::startPacketPolling(); 
+  NetworkInterface::startPacketPolling();
 }
 
 /* **************************************************** */
@@ -126,7 +136,7 @@ void PF_RINGInterface::startPacketPolling() {
 void PF_RINGInterface::shutdown() {
   void *res;
 
-  if(running) { 
+  if(running) {
     NetworkInterface::shutdown();
     if(pfring_handle) pfring_breakloop(pfring_handle);
     pthread_join(pollLoop, &res);
@@ -137,10 +147,10 @@ void PF_RINGInterface::shutdown() {
 
 u_int PF_RINGInterface::getNumDroppedPackets() {
   pfring_stat stats;
- 
+
   if(pfring_stats(pfring_handle, &stats) >= 0) {
 #if 0
-    ntop->getTrace()->traceEvent(TRACE_NORMAL, "[%s][Rcvd: %llu][Drops: %llu][DroppedByFilter: %u]", 
+    ntop->getTrace()->traceEvent(TRACE_NORMAL, "[%s][Rcvd: %llu][Drops: %llu][DroppedByFilter: %u]",
 				 ifname, stats.recv, stats.drop, stats.droppedbyfilter);
 #endif
     return(stats.drop);
diff --git a/src/PcapInterface.cpp b/src/PcapInterface.cpp
index 196f4ef11c..e7eac76b06 100644
--- a/src/PcapInterface.cpp
+++ b/src/PcapInterface.cpp
@@ -85,6 +85,9 @@ PcapInterface::PcapInterface(const char *name) : NetworkInterface(name) {
       ntop->getTrace()->traceEvent(TRACE_NORMAL, "Reading packets from interface %s...", ifname);
       read_pkts_from_pcap_dump = false;
       pcap_datalink_type = pcap_datalink(pcap_handle);
+
+      if(pcap_setdirection(pcap_handle, ntop->getPrefs()->getCaptureDirection()) != 0)
+	ntop->getTrace()->traceEvent(TRACE_WARNING, "Unable to set packet capture direction");
     }
   }
   
diff --git a/src/Prefs.cpp b/src/Prefs.cpp
index c9e8ba08c7..92e3079ad8 100755
--- a/src/Prefs.cpp
+++ b/src/Prefs.cpp
@@ -34,7 +34,7 @@ Prefs::Prefs(Ntop *_ntop) {
   resolve_all_host_ip = false;
   max_num_hosts = MAX_NUM_INTERFACE_HOSTS, max_num_flows = MAX_NUM_INTERFACE_HOSTS;
   data_dir = strdup(CONST_DEFAULT_DATA_DIR);
-  install_dir = NULL;
+  install_dir = NULL, captureDirection = PCAP_D_INOUT;
   docs_dir = strdup(CONST_DEFAULT_DOCS_DIR);
   scripts_dir = strdup(CONST_DEFAULT_SCRIPTS_DIR);
   callbacks_dir = strdup(CONST_DEFAULT_CALLBACKS_DIR);
@@ -239,6 +239,8 @@ void usage() {
 	 "                                    |         hardware devices\n"
 	 "                                    | vss   - Timestamped packets by vssmonitoring.com\n"
 	 "                                    |         hardware devices\n"
+	 "--capture-direction                 | Specify packet capture direction\n"
+	 "                                    | 0=RX+TX (default), 1=RX only, 2=TX only\n"
 	 "[--enable-taps|-T]                  | Enable tap interfaces used to dump traffic\n"
 	 "[--http-prefix|-Z] <prefix>         | HTTP prefix to be prepended to URLs. This is\n"
 	 "                                    | useful when using ntopng behind a proxy.\n"
@@ -363,6 +365,7 @@ static const struct option long_options[] = {
   { "disable-alerts",                    no_argument,       NULL, 'H' },
   { "export-flows",                      required_argument, NULL, 'I' },
   { "disable-host-persistency",          no_argument,       NULL, 'P' },
+  { "capture-direction",                 required_argument, NULL, 'Q' },
   { "sticky-hosts",                      required_argument, NULL, 'S' },
   { "enable-taps",                       no_argument,       NULL, 'T' },
   { "user",                              required_argument, NULL, 'U' },
@@ -491,6 +494,14 @@ int Prefs::setOption(int optkey, char *optarg) {
     enable_auto_logout = false;
     break;
 
+  case 'Q':
+    switch(atoi(optarg)) {
+    case 1:  setCaptureDirection(PCAP_D_IN);    break;
+    case 2:  setCaptureDirection(PCAP_D_OUT);   break;
+    default: setCaptureDirection(PCAP_D_INOUT); break;
+    }
+    break;
+
   case 'P':
     disable_host_persistency = true;
     break;
@@ -831,7 +842,7 @@ int Prefs::loadFromCLI(int argc, char *argv[]) {
   u_char c;
 
   while((c = getopt_long(argc, argv,
-			 "k:eg:hi:w:r:sg:m:n:p:qd:t:x:1:2:3:l:uvA:B:CD:E:F:N:G:HI:O:S:TU:X:W:VZ:",
+			 "k:eg:hi:w:r:sg:m:n:p:qd:t:x:1:2:3:l:uvA:B:CD:E:F:N:G:HI:O:Q:S:TU:X:W:VZ:",
 			 long_options, NULL)) != '?') {
     if(c == 255) break;
     setOption(c, optarg);