1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
$NetBSD: patch-ad,v 1.1 2006/01/02 19:23:40 adrianp Exp $
--- src/tcpip.c.orig 2001-08-24 06:36:14.000000000 +0100
+++ src/tcpip.c
@@ -55,8 +55,11 @@ static char *cvsid = "$Id: tcpip.c,v 1.1
#include "tcpflow.h"
extern int console_only;
+extern int supress_header;
extern int bytes_per_flow;
extern int strip_nonprint;
+extern int use_colour;
+
/*************************************************************************/
@@ -133,7 +136,7 @@ void process_tcp(const u_char *data, u_i
tcp_header_len = tcp_header->th_off * 4;
/* return if this packet doesn't have any data (e.g., just an ACK) */
- if (length <= tcp_header_len) {
+ if (length <= tcp_header_len && tcp_header->th_flags != TH_SYN ) {
DEBUG(50) ("got TCP segment with no data");
return;
}
@@ -158,7 +161,7 @@ void process_tcp(const u_char *data, u_i
if (console_only) {
print_packet(this_flow, data, length);
} else {
- store_packet(this_flow, data, length, seq);
+ store_packet(this_flow, data, length, seq, IS_SET(tcp_header->th_flags, TH_SYN));
}
}
@@ -188,8 +191,34 @@ u_char *do_strip_nonprint(const u_char *
/* print the contents of this packet to the console */
void print_packet(flow_t flow, const u_char *data, u_int32_t length)
{
- printf("%s: ", flow_filename(flow));
+ static int current_colour = 0;
+ char *colour[2] = { "\033[0;34m", // blue
+ "\033[0;31m" }; // red
+
+ if ( use_colour )
+ {
+ printf( "%s", colour[ current_colour ] );
+ if ( current_colour == 1 )
+ {
+ current_colour = 0;
+ }
+ else
+ {
+ current_colour = 1;
+ }
+ }
+
+ if ( supress_header == 0 )
+ {
+ printf("%s: ", flow_filename(flow));
+ }
+
fwrite(data, length, 1, stdout);
+
+ if ( use_colour )
+ {
+ printf("\033[0m");
+ }
putchar('\n');
fflush(stdout);
}
@@ -197,7 +226,7 @@ void print_packet(flow_t flow, const u_c
/* store the contents of this packet to its place in its file */
void store_packet(flow_t flow, const u_char *data, u_int32_t length,
- u_int32_t seq)
+ u_int32_t seq, int syn_set)
{
flow_state_t *state;
tcp_seq offset;
@@ -208,6 +237,12 @@ void store_packet(flow_t flow, const u_c
state = create_flow_state(flow, seq);
}
+ /* If we got a SYN reset the sequence number */
+ if (syn_set)
+ {
+ state->isn = seq - state->pos +1;
+ }
+
/* if we're done collecting for this flow, return now */
if (IS_SET(state->flags, FLOW_FINISHED))
return;
|
