diff --git a/include/Host.h b/include/Host.h index e5c7bc5a16..73cc2b53fc 100644 --- a/include/Host.h +++ b/include/Host.h @@ -219,6 +219,7 @@ class Host : public GenericHost { void splitHostVlan(const char *at_sign_str, char *buf, int bufsize, u_int16_t *vlan_id); void setMDSNInfo(char *str); bool IsAllowedTrafficCategory(struct site_categories *category); + inline void setInterfaceId(u_int8_t bridge_iface_idx) { mac->setSeenIface(bridge_iface_idx); }; inline bool isChildSafe() { #ifdef NTOPNG_PRO return(iface->getHostPools()->isChildrenSafePool(host_pool_id)); diff --git a/include/Mac.h b/include/Mac.h index 21fbf553a6..b74a6da82f 100644 --- a/include/Mac.h +++ b/include/Mac.h @@ -29,7 +29,7 @@ class Mac : public GenericHashEntry, public GenericTrafficElement { u_int8_t mac[6]; const char * manuf; u_int16_t vlan_id; - bool special_mac; + bool special_mac:1, bridge_seen_iface[2] /* , notused:5 */; ArpStats arp_stats; public: @@ -54,10 +54,12 @@ class Mac : public GenericHashEntry, public GenericTrafficElement { rcvd.incStats(num_pkts, num_bytes); } - inline void incSentArpRequests() { arp_stats.sent_requests++; } - inline void incSentArpReplies() { arp_stats.sent_replies++; } - inline void incRcvdArpRequests() { arp_stats.rcvd_requests++; } - inline void incRcvdArpReplies() { arp_stats.rcvd_replies++; } + inline void incSentArpRequests() { arp_stats.sent_requests++; } + inline void incSentArpReplies() { arp_stats.sent_replies++; } + inline void incRcvdArpRequests() { arp_stats.rcvd_requests++; } + inline void incRcvdArpReplies() { arp_stats.rcvd_replies++; } + inline void setSeenIface(u_int8_t idx) { bridge_seen_iface[idx & 0x01] = 1; } + inline bool isSeenIface(u_int8_t idx) { return(bridge_seen_iface[idx & 0x01]); } inline u_int64_t getNumSentArp() { return (u_int64_t)arp_stats.sent_requests + arp_stats.sent_replies; } inline u_int64_t getNumRcvdArp() { return (u_int64_t)arp_stats.rcvd_requests + arp_stats.rcvd_replies; } diff --git a/include/NetworkInterface.h b/include/NetworkInterface.h index d2212752d4..493dbd4b9a 100644 --- a/include/NetworkInterface.h +++ b/include/NetworkInterface.h @@ -158,6 +158,7 @@ class NetworkInterface { time_t first_seen, time_t last_seen, bool *new_flow); int sortHosts(struct flowHostRetriever *retriever, + u_int8_t bridge_iface_idx, AddressTree *allowed_hosts, bool host_details, LocationPolicy location, @@ -171,6 +172,7 @@ class NetworkInterface { int sortVLANs(struct flowHostRetriever *retriever, char *sortColumn); int sortMacs(struct flowHostRetriever *retriever, + u_int8_t bridge_iface_idx, u_int16_t vlan_id, bool skipSpecialMacs, bool hostMacsOnly, const char *manufacturer, char *sortColumn); @@ -300,9 +302,12 @@ class NetworkInterface { u_int8_t dst_mac[6], IpAddress *_dst_ip, Host **dst); Flow* findFlowByKey(u_int32_t key, AddressTree *allowed_hosts); bool findHostsByName(lua_State* vm, AddressTree *allowed_hosts, char *key); - bool dissectPacket(const struct pcap_pkthdr *h, const u_char *packet, u_int16_t *ndpiProtocol, + bool dissectPacket(u_int8_t bridge_iface_idx, + const struct pcap_pkthdr *h, const u_char *packet, + u_int16_t *ndpiProtocol, Host **srcHost, Host **dstHost, Flow **flow); - bool processPacket(const struct bpf_timeval *when, + bool processPacket(u_int8_t bridge_iface_idx, + const struct bpf_timeval *when, const u_int64_t time, struct ndpi_ethhdr *eth, u_int16_t vlan_id, @@ -339,6 +344,7 @@ class NetworkInterface { int getLatestActivityHostsList(lua_State* vm, AddressTree *allowed_hosts); int getActiveHostsList(lua_State* vm, + u_int8_t bridge_iface_idx, AddressTree *allowed_hosts, bool host_details, LocationPolicy location, char *countryFilter, char *mac_filter, @@ -363,14 +369,18 @@ class NetworkInterface { char *sortColumn, u_int32_t maxHits, u_int32_t toSkip, bool a2zSortOrder, DetailsLevel details_level); - int getActiveMacList(lua_State* vm, u_int16_t vlan_id, + int getActiveMacList(lua_State* vm, + u_int8_t bridge_iface_idx, + u_int16_t vlan_id, bool skipSpecialMacs, bool hostMacsOnly, const char *manufacturer, char *sortColumn, u_int32_t maxHits, u_int32_t toSkip, bool a2zSortOrder); - int getActiveMacManufacturers(lua_State* vm, u_int16_t vlan_id, - bool skipSpecialMacs, - bool hostMacsOnly, u_int32_t maxHits); + int getActiveMacManufacturers(lua_State* vm, + u_int8_t bridge_iface_idx, + u_int16_t vlan_id, + bool skipSpecialMacs, + bool hostMacsOnly, u_int32_t maxHits); void getFlowsStats(lua_State* vm); void getNetworksStats(lua_State* vm); #ifdef NOTUSED diff --git a/src/AddressTree.cpp b/src/AddressTree.cpp index d47dba5313..a2533cf681 100644 --- a/src/AddressTree.cpp +++ b/src/AddressTree.cpp @@ -168,7 +168,7 @@ static void address_tree_dump_funct(prefix_t *prefix, void *data, void *user_dat if(user_data) lua_push_str_table_entry((lua_State*)user_data, ret, (char*)""); else - ntop->getTrace()->traceEvent(TRACE_NORMAL, "[AddressTree] %s", ret); + ntop->getTrace()->traceEvent(TRACE_INFO, "[AddressTree] %s", ret); } /* **************************************************** */ diff --git a/src/DivertInterface.cpp b/src/DivertInterface.cpp index 49babdb5cc..c425dd21cc 100644 --- a/src/DivertInterface.cpp +++ b/src/DivertInterface.cpp @@ -67,7 +67,7 @@ static void* divertPacketPollLoop(void* ptr) { #else h.len = h.caplen = len, gettimeofday(&h.ts, NULL); #endif /* __OpenBSD__ */ - iface->dissectPacket(&h, packet, &c, &srcHost, &dstHost, &flow); + iface->dissectPacket(0, &h, packet, &c, &srcHost, &dstHost, &flow); /* Enable the row below to specify the firewall rule corresponding to the protocol */ #if 0 diff --git a/src/Lua.cpp b/src/Lua.cpp index 4eaa47a61c..83e3a9aac3 100644 --- a/src/Lua.cpp +++ b/src/Lua.cpp @@ -602,7 +602,9 @@ static int ntop_get_interface_hosts(lua_State* vm, LocationPolicy location) { if(lua_type(vm,14) == LUA_TNUMBER) proto_filter = (int)lua_tonumber(vm, 14); if(!ntop_interface || - ntop_interface->getActiveHostsList(vm, get_allowed_nets(vm), + ntop_interface->getActiveHostsList(vm, + 0, /* bridge InterfaceId - TODO pass Id 0,1 for bridge devices*/ + get_allowed_nets(vm), show_details, location, country, mac_filter, vlan_filter, os_filter, asn_filter, @@ -712,12 +714,13 @@ static int ntop_get_interface_macs_info(lua_State* vm) { if(lua_type(vm, 6) == LUA_TBOOLEAN) { skipSpecialMacs = lua_toboolean(vm, 6) ? true : false; } + if(lua_type(vm, 7) == LUA_TBOOLEAN) { hostMacsOnly = lua_toboolean(vm, 7) ? true : false; - - if(lua_type(vm, 8) == LUA_TSTRING) { - manufacturer = lua_tostring(vm, 8); - } + + if(lua_type(vm, 8) == LUA_TSTRING) { + manufacturer = lua_tostring(vm, 8); + } } } } @@ -726,7 +729,9 @@ static int ntop_get_interface_macs_info(lua_State* vm) { } if(!ntop_interface || - ntop_interface->getActiveMacList(vm, vlan_id, skipSpecialMacs, + ntop_interface->getActiveMacList(vm, + 0, /* bridge InterfaceId - TODO pass Id 0,1 for bridge devices*/ + vlan_id, skipSpecialMacs, hostMacsOnly, manufacturer, sortColumn, maxHits, toSkip, a2zSortOrder) < 0) @@ -893,8 +898,10 @@ static int ntop_get_interface_macs_manufacturers(lua_State* vm) { } if(!ntop_interface || - ntop_interface->getActiveMacManufacturers(vm, vlan_id, skipSpecialMacs, - hostMacsOnly,maxHits) < 0) + ntop_interface->getActiveMacManufacturers(vm, + 0, /* bridge_iface_idx - TODO */ + vlan_id, skipSpecialMacs, + hostMacsOnly,maxHits) < 0) return(CONST_LUA_ERROR); return(CONST_LUA_OK); diff --git a/src/NetworkInterface.cpp b/src/NetworkInterface.cpp index 2aca9a2b6d..76cdd98f51 100644 --- a/src/NetworkInterface.cpp +++ b/src/NetworkInterface.cpp @@ -1145,7 +1145,8 @@ void NetworkInterface::dumpPacketTap(const struct pcap_pkthdr *h, const u_char * /* **************************************************** */ -bool NetworkInterface::processPacket(const struct bpf_timeval *when, +bool NetworkInterface::processPacket(u_int8_t bridge_iface_idx, + const struct bpf_timeval *when, const u_int64_t time, struct ndpi_ethhdr *eth, u_int16_t vlan_id, @@ -1180,7 +1181,8 @@ bool NetworkInterface::processPacket(const struct bpf_timeval *when, bool ret; vIface->setTimeLastPktRcvd(h->ts.tv_sec); - ret = vIface->processPacket(when, time, eth, vlan_id, + ret = vIface->processPacket(bridge_iface_idx, + when, time, eth, vlan_id, iph, ip6, ipsize, rawsize, h, packet, ndpiProtocol, srcHost, dstHost, hostFlow); @@ -1333,6 +1335,8 @@ bool NetworkInterface::processPacket(const struct bpf_timeval *when, *dstHost = src2dst_direction ? flow->get_srv_host() : flow->get_cli_host(); *hostFlow = flow; + if(*srcHost) (*srcHost)->setInterfaceId(bridge_iface_idx); + switch(l4_proto) { case IPPROTO_TCP: flow->updateTcpFlags(when, tcp_flags, src2dst_direction); @@ -1640,7 +1644,8 @@ void NetworkInterface::purgeIdle(time_t when) { /* **************************************************** */ -bool NetworkInterface::dissectPacket(const struct pcap_pkthdr *h, +bool NetworkInterface::dissectPacket(u_int8_t bridge_iface_idx, + const struct pcap_pkthdr *h, const u_char *packet, u_int16_t *ndpiProtocol, Host **srcHost, Host **dstHost, @@ -1876,7 +1881,8 @@ bool NetworkInterface::dissectPacket(const struct pcap_pkthdr *h, vlan_id = (ip6 ? ip6->ip6_src.u6_addr.u6_addr8[15] : iph->saddr) & 0xFF; try { - pass_verdict = processPacket(&h->ts, time, ethernet, vlan_id, iph, + pass_verdict = processPacket(bridge_iface_idx, + &h->ts, time, ethernet, vlan_id, iph, ip6, h->caplen - ip_offset, rawsize, h, packet, ndpiProtocol, srcHost, dstHost, flow); } catch(std::bad_alloc& ba) { @@ -1962,7 +1968,8 @@ bool NetworkInterface::dissectPacket(const struct pcap_pkthdr *h, vlan_id = (ip6 ? ip6->ip6_src.u6_addr.u6_addr8[15] : iph->saddr) & 0xFF; try { - pass_verdict = processPacket(&h->ts, time, ethernet, vlan_id, + pass_verdict = processPacket(bridge_iface_idx, + &h->ts, time, ethernet, vlan_id, iph, ip6, h->len - ip_offset, rawsize, h, packet, ndpiProtocol, srcHost, dstHost, flow); } catch(std::bad_alloc& ba) { @@ -2651,7 +2658,7 @@ struct flowHostRetriever { /* Search criteria */ AddressTree *allowed_hosts; Host *host; - u_int8_t *mac; + u_int8_t *mac, bridge_iface_idx; char *manufacturer; bool skipSpecialMacs, hostMacsOnly; char *country; @@ -2815,17 +2822,17 @@ static bool host_search_walker(GenericHashEntry *he, void *user_data) { if(!h || h->idle() || !h->match(r->allowed_hosts)) return(false); - if((r->location == location_local_only && !h->isLocalHost()) || - (r->location == location_remote_only && h->isLocalHost()) || - (r->vlan_id && (r->vlan_id != h->get_vlan_id())) || - ((r->ndpi_proto != -1) && (h->get_ndpi_stats()->getProtoBytes(r->ndpi_proto) == 0)) || - ((r->asnFilter != (u_int32_t)-1) && (r->asnFilter != h->get_asn())) || - ((r->networkFilter != -2) && (r->networkFilter != h->get_local_network_id())) || - (r->hostMacsOnly && h->getMac() && h->getMac()->isSpecialMac()) || - (r->mac && (! h->getMac()->equal(r->vlan_id, r->mac))) || - ((r->poolFilter != (u_int16_t)-1) && (r->poolFilter != h->get_host_pool())) || + if((r->location == location_local_only && !h->isLocalHost()) || + (r->location == location_remote_only && h->isLocalHost()) || + (r->vlan_id && (r->vlan_id != h->get_vlan_id())) || + ((r->ndpi_proto != -1) && (h->get_ndpi_stats()->getProtoBytes(r->ndpi_proto) == 0)) || + ((r->asnFilter != (u_int32_t)-1) && (r->asnFilter != h->get_asn())) || + ((r->networkFilter != -2) && (r->networkFilter != h->get_local_network_id())) || + (r->hostMacsOnly && h->getMac() && h->getMac()->isSeenIface(r->bridge_iface_idx)) || + (r->mac && (! h->getMac()->equal(r->vlan_id, r->mac))) || + ((r->poolFilter != (u_int16_t)-1) && (r->poolFilter != h->get_host_pool())) || (r->country && strlen(r->country) && (!h->get_country() || strcmp(h->get_country(), r->country))) || - (r->osFilter && strlen(r->osFilter) && (!h->get_os() || strcmp(h->get_os(), r->osFilter))) || + (r->osFilter && strlen(r->osFilter) && (!h->get_os() || strcmp(h->get_os(), r->osFilter))) || (r->ipVersionFilter && (((r->ipVersionFilter == 4) && (!h->get_ip()->isIPv4())) || ((r->ipVersionFilter == 6) && (!h->get_ip()->isIPv6()))))) return(false); /* false = keep on walking */ @@ -3382,6 +3389,7 @@ int NetworkInterface::getLatestActivityHostsList(lua_State* vm, AddressTree *all /* **************************************************** */ int NetworkInterface::sortHosts(struct flowHostRetriever *retriever, + u_int8_t bridge_iface_idx, AddressTree *allowed_hosts, bool host_details, LocationPolicy location, @@ -3421,7 +3429,7 @@ int NetworkInterface::sortHosts(struct flowHostRetriever *retriever, retriever->country = countryFilter, retriever->vlan_id = vlan_id, retriever->osFilter = osFilter, retriever->asnFilter = asnFilter, retriever->networkFilter = networkFilter, retriever->actNumEntries = 0, - retriever->poolFilter = pool_filter; + retriever->poolFilter = pool_filter, retriever->bridge_iface_idx = 0; retriever->ipVersionFilter = ipver_filter; retriever->ndpi_proto = proto_filter; retriever->maxNumEntries = maxHits, retriever->hostMacsOnly = hostMacsOnly; @@ -3469,6 +3477,7 @@ int NetworkInterface::sortHosts(struct flowHostRetriever *retriever, /* **************************************************** */ int NetworkInterface::sortMacs(struct flowHostRetriever *retriever, + u_int8_t bridge_iface_idx, u_int16_t vlan_id, bool skipSpecialMacs, bool hostMacsOnly, const char *manufacturer, char *sortColumn) { @@ -3590,7 +3599,9 @@ int NetworkInterface::sortVLANs(struct flowHostRetriever *retriever, char *sortC /* **************************************************** */ -int NetworkInterface::getActiveHostsList(lua_State* vm, AddressTree *allowed_hosts, +int NetworkInterface::getActiveHostsList(lua_State* vm, + u_int8_t bridge_iface_idx, + AddressTree *allowed_hosts, bool host_details, LocationPolicy location, char *countryFilter, char *mac_filter, u_int16_t vlan_id, char *osFilter, @@ -3602,7 +3613,8 @@ int NetworkInterface::getActiveHostsList(lua_State* vm, AddressTree *allowed_hos disablePurge(false); - if(sortHosts(&retriever, allowed_hosts, host_details, location, + if(sortHosts(&retriever, bridge_iface_idx, + allowed_hosts, host_details, location, countryFilter, mac_filter, vlan_id, osFilter, asnFilter, networkFilter, pool_filter, ipver_filter, proto_filter, false /* All MACs */, sortColumn) < 0) { @@ -3654,7 +3666,8 @@ int NetworkInterface::getActiveHostsList(lua_State* vm, AddressTree *allowed_hos /* **************************************************** */ -int NetworkInterface::getActiveHostsGroup(lua_State* vm, AddressTree *allowed_hosts, +int NetworkInterface::getActiveHostsGroup(lua_State* vm, + AddressTree *allowed_hosts, bool host_details, LocationPolicy location, char *countryFilter, u_int16_t vlan_id, char *osFilter, @@ -3667,7 +3680,8 @@ int NetworkInterface::getActiveHostsGroup(lua_State* vm, AddressTree *allowed_ho disablePurge(false); // sort hosts according to the grouping criterion - if(sortHosts(&retriever, allowed_hosts, host_details, location, + if(sortHosts(&retriever, 0 /* bridge_iface_idx TODO */, + allowed_hosts, host_details, location, countryFilter, NULL /* Mac */, vlan_id, osFilter, asnFilter, networkFilter, pool_filter, ipver_filter, -1 /* no protocol filter */, local_macs, groupColumn) < 0 ) { @@ -5176,7 +5190,9 @@ int NetworkInterface::luaEvalFlow(Flow *f, const LuaCallback cb) { /* **************************************** */ -int NetworkInterface::getActiveMacList(lua_State* vm, u_int16_t vlan_id, +int NetworkInterface::getActiveMacList(lua_State* vm, + u_int8_t bridge_iface_idx, + u_int16_t vlan_id, bool skipSpecialMacs, bool hostMacsOnly, const char *manufacturer, char *sortColumn, u_int32_t maxHits, @@ -5186,7 +5202,8 @@ int NetworkInterface::getActiveMacList(lua_State* vm, u_int16_t vlan_id, disablePurge(false); - if(sortMacs(&retriever, vlan_id, skipSpecialMacs, hostMacsOnly, manufacturer, sortColumn) < 0) { + if(sortMacs(&retriever, bridge_iface_idx, vlan_id, skipSpecialMacs, + hostMacsOnly, manufacturer, sortColumn) < 0) { enablePurge(false); return -1; } @@ -5329,14 +5346,17 @@ int NetworkInterface::getActiveVLANList(lua_State* vm, /* **************************************** */ -int NetworkInterface::getActiveMacManufacturers(lua_State* vm, u_int16_t vlan_id, +int NetworkInterface::getActiveMacManufacturers(lua_State* vm, + u_int8_t bridge_iface_idx, + u_int16_t vlan_id, bool skipSpecialMacs, bool hostMacsOnly, u_int32_t maxHits) { struct flowHostRetriever retriever; disablePurge(false); - if(sortMacs(&retriever, vlan_id, skipSpecialMacs, hostMacsOnly, NULL, (char*)"column_manufacturer") < 0) { + if(sortMacs(&retriever, bridge_iface_idx, vlan_id, skipSpecialMacs, + hostMacsOnly, NULL, (char*)"column_manufacturer") < 0) { enablePurge(false); return -1; } diff --git a/src/Ntop.cpp b/src/Ntop.cpp index 08db1b2c7e..f2e6a367f0 100644 --- a/src/Ntop.cpp +++ b/src/Ntop.cpp @@ -619,9 +619,9 @@ void Ntop::loadLocalInterfaceAddress() { closesocket(sock); #endif - ntop->getTrace()->traceEvent(TRACE_NORMAL, "Local Interface Addresses (System Host)"); + ntop->getTrace()->traceEvent(TRACE_INFO, "Local Interface Addresses (System Host)"); local_interface_addresses.dump(); - ntop->getTrace()->traceEvent(TRACE_NORMAL, "Local Networks"); + ntop->getTrace()->traceEvent(TRACE_INFO, "Local Networks"); address->dump(); if(0) { diff --git a/src/PcapInterface.cpp b/src/PcapInterface.cpp index 12519383e0..c521ac5e33 100644 --- a/src/PcapInterface.cpp +++ b/src/PcapInterface.cpp @@ -186,7 +186,7 @@ static void* packetPollLoop(void* ptr) { iface->dissectPacket(&hdr_copy, (const u_char*)pkt_copy, &p, &srcHost, &dstHost, &flow); #else hdr->caplen = min_val(hdr->caplen, iface->getMTU()); - iface->dissectPacket(hdr, pkt, &p, &srcHost, &dstHost, &flow); + iface->dissectPacket(0, hdr, pkt, &p, &srcHost, &dstHost, &flow); #endif } } else if(rc < 0) {