File: snoopctl.c

package info (click to toggle)
l2tpns 2.4.1-3
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 1,892 kB
  • sloc: ansic: 22,125; sh: 177; perl: 139; makefile: 132
file content (122 lines) | stat: -rw-r--r-- 2,472 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
 
#include <string.h>
#include <netinet/ip6.h>
#include "dhcp6.h"
#include "l2tpns.h"
#include "plugin.h"
#include "control.h"

/* snoop control */

int plugin_api_version = PLUGIN_API_VERSION;
static struct pluginfuncs *f = 0;

char *plugin_control_help[] = {
    "  snoop USER|SID IP PORT                      Intercept user traffic",
    "  unsnoop USER|SID                            Stop intercepting user",
    0
};

int plugin_control(struct param_control *data)
{
    sessionidt session;
    sessiont *s = 0;
    int flag;
    char *end;

    if (data->argc < 1)
	return PLUGIN_RET_OK;

    if (strcmp(data->argv[0], "snoop") && strcmp(data->argv[0], "unsnoop"))
	return PLUGIN_RET_OK; // not for us

    if (!data->iam_master)
	return PLUGIN_RET_NOTMASTER;

    flag = data->argv[0][0] != 'u';

    if (flag)
    {
	if (data->argc != 4)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "requires username or session id and host, port";
	    return PLUGIN_RET_STOP;
	}
    }
    else
    {
	if (data->argc != 2)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "requires username or session id";
	    return PLUGIN_RET_STOP;
	}
    }

    if (!(session = strtol(data->argv[1], &end, 10)) || *end)
	session = f->get_session_by_username(data->argv[1]);

    if (session)
	s = f->get_session_by_id(session);

    if (!s || !s->ip)
    {
	data->response = NSCTL_RES_ERR;
	data->additional = "session not found";
	return PLUGIN_RET_STOP;
    }

    if (flag)
    {
	in_addr_t ip = inet_addr(data->argv[2]);
	uint16_t port = atoi(data->argv[3]);

	if (!ip || ip == INADDR_NONE)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "invalid ip address";
	    return PLUGIN_RET_STOP;
	}

	if (!port)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "invalid port";
	    return PLUGIN_RET_STOP;
	}

	if (ip == s->snoop_ip && port == s->snoop_port)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "already intercepted";
	    return PLUGIN_RET_STOP;
	}

	s->snoop_ip = ip;
	s->snoop_port = port;
    }
    else
    {
	if (!s->snoop_ip)
	{
	    data->response = NSCTL_RES_ERR;
	    data->additional = "not intercepted";
	    return PLUGIN_RET_STOP;
	}

	s->snoop_ip = 0;
	s->snoop_port = 0;
    }

    f->session_changed(session);

    data->response = NSCTL_RES_OK;
    data->additional = 0;

    return PLUGIN_RET_STOP;
}

int plugin_init(struct pluginfuncs *funcs)
{
    return ((f = funcs)) ? 1 : 0;
}