2008-02-20 20:30:45 +00:00
|
|
|
/* libtcp-portmon.h: tcp port monitoring library.
|
2005-10-31 05:17:06 +00:00
|
|
|
*
|
2007-08-10 20:09:43 +00:00
|
|
|
* Copyright (C) 2005-2007 Philip Kovacs pkovacs@users.sourceforge.net
|
2005-10-31 05:17:06 +00:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
2006-12-13 16:54:59 +00:00
|
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
2008-02-20 20:30:45 +00:00
|
|
|
* USA. */
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
#ifndef LIBTCP_PORTMON_H
|
|
|
|
#define LIBTCP_PORTMON_H
|
|
|
|
|
2006-12-12 23:21:14 +00:00
|
|
|
#include <sys/types.h>
|
2006-03-16 17:57:53 +00:00
|
|
|
#include <sys/socket.h>
|
|
|
|
|
|
|
|
#include <arpa/inet.h>
|
2005-10-31 05:17:06 +00:00
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <netinet/tcp.h>
|
2006-03-16 17:57:53 +00:00
|
|
|
|
|
|
|
#include <math.h>
|
|
|
|
#include <netdb.h>
|
2005-10-31 05:17:06 +00:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
2006-03-16 17:57:53 +00:00
|
|
|
|
2006-12-09 05:40:08 +00:00
|
|
|
#include <glib.h>
|
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* connection deleted if unseen again after this # of refreshes */
|
|
|
|
#define TCP_CONNECTION_STARTING_AGE 1
|
2006-12-09 05:40:08 +00:00
|
|
|
#define TCP_CONNECTION_HASH_KEY_SIZE 28
|
|
|
|
#define TCP_PORT_MONITOR_HASH_KEY_SIZE 12
|
2008-06-14 18:41:12 +00:00
|
|
|
#define MAX_PORT_MONITOR_CONNECTIONS_DEFAULT 256
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* -------------------------------------------------------------------
|
|
|
|
* IMPLEMENTATION INTERFACE
|
|
|
|
*
|
2008-02-20 20:30:45 +00:00
|
|
|
* Implementation-specific interface begins here. Clients should not
|
|
|
|
* manipulate these structures directly, nor call the defined helper
|
2005-10-31 05:17:06 +00:00
|
|
|
* functions. Use the "Client interface" functions defined at bottom.
|
|
|
|
* ------------------------------------------------------------------- */
|
|
|
|
|
|
|
|
/* The inventory of peekable items within the port monitor. */
|
2008-02-20 20:30:45 +00:00
|
|
|
enum tcp_port_monitor_peekables {
|
|
|
|
COUNT = 0,
|
|
|
|
REMOTEIP,
|
|
|
|
REMOTEHOST,
|
|
|
|
REMOTEPORT,
|
|
|
|
REMOTESERVICE,
|
|
|
|
LOCALIP,
|
|
|
|
LOCALHOST,
|
|
|
|
LOCALPORT,
|
|
|
|
LOCALSERVICE
|
2006-12-09 05:40:08 +00:00
|
|
|
};
|
2005-10-31 05:17:06 +00:00
|
|
|
|
2005-11-01 00:58:34 +00:00
|
|
|
/* ------------------------------------------------------------------------
|
2008-02-20 20:30:45 +00:00
|
|
|
* A single tcp connection
|
2005-11-01 00:58:34 +00:00
|
|
|
*
|
|
|
|
* The age variable provides the mechanism for removing connections if they
|
|
|
|
* are not seen again in subsequent update cycles.
|
|
|
|
* ------------------------------------------------------------------------ */
|
2005-10-31 05:17:06 +00:00
|
|
|
typedef struct _tcp_connection_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
/* connection's key in monitor hash */
|
|
|
|
gchar key[TCP_CONNECTION_HASH_KEY_SIZE];
|
|
|
|
in_addr_t local_addr;
|
|
|
|
in_port_t local_port;
|
|
|
|
in_addr_t remote_addr;
|
|
|
|
in_port_t remote_port;
|
2005-10-31 05:17:06 +00:00
|
|
|
int age;
|
|
|
|
} tcp_connection_t;
|
|
|
|
|
2005-11-12 16:37:57 +00:00
|
|
|
/* ----------------------------------
|
|
|
|
* Copy a connection
|
|
|
|
*
|
|
|
|
* Returns 0 on success, -1 otherwise
|
2008-02-20 20:30:45 +00:00
|
|
|
* ---------------------------------- */
|
|
|
|
int copy_tcp_connection(tcp_connection_t *p_dest_connection,
|
|
|
|
const tcp_connection_t *p_source_connection);
|
2005-11-12 16:37:57 +00:00
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* -------------------------------------------------------------------
|
2005-10-31 05:17:06 +00:00
|
|
|
* A tcp connection node/list
|
|
|
|
*
|
|
|
|
* Connections within each monitor are stored in a double-linked list.
|
2008-02-20 20:30:45 +00:00
|
|
|
* ------------------------------------------------------------------- */
|
2005-10-31 05:17:06 +00:00
|
|
|
typedef struct _tcp_connection_node_t {
|
|
|
|
tcp_connection_t connection;
|
2008-02-20 20:30:45 +00:00
|
|
|
struct _tcp_connection_node_t *p_prev;
|
|
|
|
struct _tcp_connection_node_t *p_next;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_connection_node_t;
|
|
|
|
|
|
|
|
typedef struct _tcp_connection_list_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_connection_node_t *p_head;
|
|
|
|
tcp_connection_node_t *p_tail;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_connection_list_t;
|
|
|
|
|
|
|
|
/* --------------
|
2008-02-20 20:30:45 +00:00
|
|
|
* A port monitor
|
2005-10-31 05:17:06 +00:00
|
|
|
* -------------- */
|
|
|
|
typedef struct _tcp_port_monitor_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
/* monitor's key in collection hash */
|
|
|
|
gchar key[TCP_PORT_MONITOR_HASH_KEY_SIZE];
|
|
|
|
/* start of monitor port range */
|
|
|
|
in_port_t port_range_begin;
|
|
|
|
/* begin = end to monitor a single port */
|
|
|
|
in_port_t port_range_end;
|
|
|
|
/* list of connections for this monitor */
|
|
|
|
tcp_connection_list_t connection_list;
|
|
|
|
/* hash table of pointers into connection list */
|
|
|
|
GHashTable *hash;
|
|
|
|
/* array of connection pointers for O(1) peeking */
|
|
|
|
tcp_connection_t **p_peek;
|
|
|
|
/* max number of connections */
|
|
|
|
unsigned int max_port_monitor_connections;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_port_monitor_t;
|
|
|
|
|
|
|
|
/* ------------------------
|
2008-02-20 20:30:45 +00:00
|
|
|
* A port monitor node/list
|
2005-10-31 05:17:06 +00:00
|
|
|
* ------------------------ */
|
|
|
|
typedef struct _tcp_port_monitor_node_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_t *p_monitor;
|
|
|
|
struct _tcp_port_monitor_node_t *p_next;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_port_monitor_node_t;
|
|
|
|
|
|
|
|
typedef struct __tcp_port_monitor_list_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_node_t *p_head;
|
|
|
|
tcp_port_monitor_node_t *p_tail;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_port_monitor_list_t;
|
|
|
|
|
|
|
|
/* ---------------------------------------
|
|
|
|
* A port monitor utility function typedef
|
2008-02-20 20:30:45 +00:00
|
|
|
* --------------------------------------- */
|
|
|
|
typedef void (*tcp_port_monitor_function_ptr_t)(tcp_port_monitor_t *p_monitor,
|
|
|
|
void *p_void);
|
|
|
|
|
|
|
|
/* -------------------------------------------
|
|
|
|
* Port monitor utility functions implementing
|
|
|
|
* tcp_port_monitor_function_ptr_t
|
|
|
|
* ------------------------------------------- */
|
|
|
|
void destroy_tcp_port_monitor(tcp_port_monitor_t *p_monitor,
|
|
|
|
void *p_void /* (use NULL for this function) */);
|
|
|
|
|
|
|
|
void age_tcp_port_monitor(tcp_port_monitor_t *p_monitor,
|
|
|
|
void *p_void /* (use NULL for this function) */);
|
|
|
|
|
|
|
|
void rebuild_tcp_port_monitor_peek_table(tcp_port_monitor_t *p_monitor,
|
|
|
|
void *p_void /* (use NULL for this function) */);
|
|
|
|
|
|
|
|
void show_connection_to_tcp_port_monitor(tcp_port_monitor_t *p_monitor,
|
|
|
|
void *p_connection /* (client should cast) */);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* -----------------------------
|
|
|
|
* A tcp port monitor collection
|
2008-02-20 20:30:45 +00:00
|
|
|
* ----------------------------- */
|
2005-10-31 05:17:06 +00:00
|
|
|
typedef struct _tcp_port_monitor_collection_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
/* list of monitors for this collection */
|
|
|
|
tcp_port_monitor_list_t monitor_list;
|
|
|
|
/* hash table of pointers into collection's monitor list */
|
|
|
|
GHashTable *hash;
|
2005-10-31 05:17:06 +00:00
|
|
|
} tcp_port_monitor_collection_t;
|
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* --------------------------------------------------------
|
|
|
|
* Apply a tcp_port_monitor_function_ptr_t function to each
|
|
|
|
* port monitor in the collection.
|
|
|
|
* -------------------------------------------------------- */
|
2005-10-31 05:17:06 +00:00
|
|
|
void for_each_tcp_port_monitor_in_collection(
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_collection_t *p_collection,
|
|
|
|
tcp_port_monitor_function_ptr_t p_function,
|
|
|
|
void *p_function_args /* (for user arguments) */);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* ----------------------------------------------------------------------
|
2008-02-20 20:30:45 +00:00
|
|
|
* CLIENT INTERFACE
|
2005-10-31 05:17:06 +00:00
|
|
|
*
|
|
|
|
* Clients should call only those functions below this line.
|
|
|
|
* ---------------------------------------------------------------------- */
|
|
|
|
|
2005-11-11 20:46:42 +00:00
|
|
|
/* struct to hold monitor creation arguments */
|
|
|
|
typedef struct _tcp_port_monitor_args_t {
|
2008-02-20 20:30:45 +00:00
|
|
|
/* monitor supports tracking at most this many connections */
|
|
|
|
int max_port_monitor_connections;
|
2005-11-11 20:46:42 +00:00
|
|
|
} tcp_port_monitor_args_t;
|
|
|
|
|
2005-10-31 05:17:06 +00:00
|
|
|
/* ----------------------------------
|
|
|
|
* Client operations on port monitors
|
|
|
|
* ---------------------------------- */
|
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* Clients should first try to "find_tcp_port_monitor" before creating one,
|
|
|
|
* so that there are no redundant monitors. */
|
|
|
|
tcp_port_monitor_t *create_tcp_port_monitor(in_port_t port_range_begin,
|
|
|
|
in_port_t port_range_end, tcp_port_monitor_args_t *p_creation_args);
|
|
|
|
|
|
|
|
/* Clients use this function to get connection data from
|
|
|
|
* the indicated port monitor.
|
|
|
|
* The requested monitor value is copied into a client-supplied char buffer.
|
|
|
|
* Returns 0 on success, -1 otherwise. */
|
|
|
|
int peek_tcp_port_monitor(const tcp_port_monitor_t *p_monitor,
|
|
|
|
/* (item of interest, from tcp_port_monitor_peekables enum) */
|
|
|
|
int item,
|
|
|
|
/* (0 to number of connections in monitor - 1) */
|
|
|
|
int connection_index,
|
|
|
|
/* buffer to receive requested value */
|
|
|
|
char *p_buffer,
|
|
|
|
/* size of p_buffer */
|
|
|
|
size_t buffer_size);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* --------------------------------
|
|
|
|
* Client operations on collections
|
|
|
|
* -------------------------------- */
|
|
|
|
|
|
|
|
/* Create a monitor collection. Do this one first. */
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_collection_t *create_tcp_port_monitor_collection(void);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* Destroy the monitor collection (and everything it contains).
|
|
|
|
* Do this one last. */
|
|
|
|
void destroy_tcp_port_monitor_collection(
|
|
|
|
tcp_port_monitor_collection_t *p_collection);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* Updates the tcp statitics for all monitors within a collection */
|
|
|
|
void update_tcp_port_monitor_collection(
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_collection_t *p_collection);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
2008-02-20 20:30:45 +00:00
|
|
|
/* After clients create a monitor, use this to add it to the collection.
|
|
|
|
* Returns 0 on success, -1 otherwise. */
|
|
|
|
int insert_tcp_port_monitor_into_collection(
|
|
|
|
tcp_port_monitor_collection_t *p_collection, tcp_port_monitor_t *p_monitor);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
/* Clients need a way to find monitors */
|
2008-02-20 20:30:45 +00:00
|
|
|
tcp_port_monitor_t *find_tcp_port_monitor(
|
|
|
|
const tcp_port_monitor_collection_t *p_collection,
|
|
|
|
in_port_t port_range_begin, in_port_t port_range_end);
|
2005-10-31 05:17:06 +00:00
|
|
|
|
|
|
|
#endif
|