mmaraya / port-mirroring Goto Github PK
View Code? Open in Web Editor NEWOpenWrt package for copying network packets without iptables
License: BSD 2-Clause "Simplified" License
OpenWrt package for copying network packets without iptables
License: BSD 2-Clause "Simplified" License
cppcheck found these unused variables:
[port-mirroring.c:528]: (style) Unused variable: rtInfo
[port-mirroring.c:569]: (style) Unused variable: rtAttr
[port-mirroring.c:570]: (style) Unused variable: rtLen
[port-mirroring.c:1069]: (style) Unused variable: i
Update travis-ci settings to automatically upload ./bin/ar71xx/packages/base/port-mirroring_1.4-6d602ddb171d975276a1fa76246102c5f2ac7dcd_ar71xx.ipk
when successfully built
Setup continuous integration under travis-ci.org.
Since OpenWrt is a Linux distribution and port-mirroring is an OpenWrt package, there should be no situations where port-mirroring runs on Windows. We should be able to eliminate any conditional macros that check for a Windows operating system.
Integer handling issues (BAD_SHIFT) in getSenderInterface()
port-mirroring/port-mirroring.c
Line 565 in 962e011
large_shift: In expression ({...}) << 32U - dstMask, left shifting by more than 31 bits has undefined behavior. The shift amount, 32U - dstMask, is 32.
The operaton may have an undefined behavior or yield to an unexpected result.
In getSenderInterface: A bit shift operation has a shift amount which is too large or has a negative value.
Deeply nested conditionals are difficult to read, understand, and maintain. Simplify code where possible.
port-mirroring/port-mirroring.c
Line 662 in 0e80665
port-mirroring.c: In function ‘initSendHandle’:
port-mirroring.c:662:5: warning: pointer targets in passing argument 1 of ‘time’ differ in signedness [-Wpointer-sign]
time(&tLastInit);
^
In file included from port-mirroring.c:44:0:
/usr/include/time.h:192:15: note: expected ‘time_t *’ but argument is of type ‘long unsigned int *’
extern time_t time (time_t *__timer) __THROW;
^
port-mirroring/port-mirroring.c
Line 384 in 2433871
CID 19974 (#1 of 1): Missing return statement (MISSING_RETURN)
missing_return: Arriving at the end of a function without returning a value.
The return value will be taken from whatever happens to be on the stack, likely causing incorrect computation. In reopenSendHandle: Function that returns non-void is missing a return value (CWE-710)
https://github.com/mmaraya/port-mirroring/blob/master/port-mirroring.c#L450
buffer_size_warning: Calling strncpy with a maximum size argument of 16 bytes on destination array buffer.ifr_ifrn.ifrn_name of size 16 bytes might leave the destination string unterminated.
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In getInterfaceMac: The string buffer may not have a null terminator if the source string's length is equal to the buffer size CWE-170
port-mirroring/port-mirroring.c
Line 765 in 07f74e1
port-mirroring.c: In function ‘packet_handler_ex’:
port-mirroring.c:765:13: warning: pointer targets in passing argument 2 of ‘pcap_sendpacket’ differ in signedness [-Wpointer-sign]
if (sendHandle == NULL || pcap_sendpacket(sendHandle, buf, header->len) != 0)
^
In file included from /usr/include/pcap.h:45:0,
from port-mirroring.c:51:
/usr/include/pcap/pcap.h:384:5: note: expected ‘const u_char *’ but argument is of type ‘char *’
int pcap_sendpacket(pcap_t *, const u_char *, int);
^
port-mirroring/src/port-mirroring.c
Line 387 in 8ac5075
src/port-mirroring.c: In function 'readNlSock':
src/port-mirroring.c:387:128: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
if ((NLMSG_OK(nlHdr, readLen) == 0) || (nlHdr->nlmsg_type == NLMSG_ERROR))
^
NLMSG_OK from netlink expands to:
87 #define NLMSG_OK(nlh,len) ((len) >= (int)sizeof(struct nlmsghdr) && \
88 (nlh)->nlmsg_len >= sizeof(struct nlmsghdr) && \
89 (nlh)->nlmsg_len <= (len))
Replace global variables with a structure to hold all program options
https://github.com/mmaraya/port-mirroring/blob/master/port-mirroring.c#L1055
buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array opt_config of size 255 bytes might leave the destination string unterminated.
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In main: The string buffer may not have a null terminator if the source string's length is equal to the buffer size CWE-170
Package should use OpenWrt logging to send configuration settings at startup, processing statistics at shutdown, and all exceptions.
Explore the use of PKG_FIXUP:=autoreconf
in the OpenWrt Makefile to keep the number of generated files in the source code to a minimum
I would like to implement an x86 version openwrt on my environment.
so any possible to provide a x86 version of port-mirroring?
Original issue reported on code.google.com by [email protected]
on 8 Dec 2013 at 10:22
Adjust the autoconf and automake files to produce all compiler warnings.
Let's make this part of the official OpenWrt packages
port-mirroring/port-mirroring.c
Line 538 in 1640a0f
CID 19976 (#1 of 1): Resource leak (RESOURCE_LEAK)
leaked_handle: Handle variable sock going out of scope leaks the handle.
The system resource will not be reclaimed and reused, reducing the future availability of the resource.
In getSenderInterface: Leak of memory or pointers to system resources (CWE-404)
port-mirroring/port-mirroring.c
Line 567 in d5af52a
CID 19977 (#1 of 1): Uninitialized scalar variable (UNINIT)
uninit_use: Using uninitialized value dstAddr.
The variable will contain an arbitrary value left from earlier computations.
In getSenderInterface: Use of an uninitialized variable (CWE-457)
port-mirroring/port-mirroring.c
Line 416 in 8016cd3
port-mirroring.c:416:32: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
} while ((nlHdr->nlmsg_seq != seqNum) || (nlHdr->nlmsg_pid != pId));
^
Follow RFC-3339 for syslog timestamps.
The literal integer value 65536 is used in several places in the code to specify the packet snapshot length. Replace these literals with a #define to standardize the value.
Add a LuCI graphical user interface to configure port mirroring
https://github.com/mmaraya/port-mirroring/blob/master/port-mirroring.c#L211
CID 19969: Buffer not null terminated (BUFFER_SIZE_WARNING)
buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array mirroring_source[mirroring_source_num] of size 255 bytes might leave the destination string unterminated.
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In addMonitoringSource: The string buffer may not have a null terminator if the source string's length is equal to the buffer size CWE-170.
Compiling using make/package/port-mirroring/compile produces the following error:
make[3]: *** No targets specified and no makefile found. Stop.
https://github.com/mmaraya/port-mirroring/blob/master/port-mirroring.c#L1055
CID 19972: Buffer not null terminated (BUFFER_SIZE_WARNING)
14. buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array opt_pid of size 255 bytes might leave the destination string unterminated
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In main: The string buffer may not have a null terminator if the source string's length is equal to the buffer size CWE-170
port-mirroring/src/port-mirroring.c
Line 514 in 8ac5075
src/port-mirroring.c: In function 'getSenderInterface':
src/port-mirroring.c:514:122: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
for (; NLMSG_OK(nlMsg, len); nlMsg = NLMSG_NEXT(nlMsg, len)) {
^
NLMSG_OK from netlink expands to:
87 #define NLMSG_OK(nlh,len) ((len) >= (int)sizeof(struct nlmsghdr) && \
88 (nlh)->nlmsg_len >= sizeof(struct nlmsghdr) && \
89 (nlh)->nlmsg_len <= (len))
https://github.com/mmaraya/port-mirroring/blob/master/port-mirroring.c#L478
CID 19970: Buffer not null terminated (BUFFER_SIZE_WARNING)
2. buffer_size_warning: Calling strncpy with a maximum size argument of 16 bytes on destination array buffer.ifr_ifrn.ifrn_name of size 16 bytes might leave the destination string unterminated.
If the buffer is treated as a null terminated string in later operations, a buffer overflow or over-read may occur. In getInterfaceIP: The string buffer may not have a null terminator if the source string's length is equal to the buffer size (CWE-170)
port-mirroring/port-mirroring.c
Line 562 in 88fb166
CID 19978: Uninitialized scalar variable (UNINIT)
uninit_use: Using uninitialized value dstMask.
The variable will contain an arbitrary value left from earlier computations.
In getSenderInterface: Use of an uninitialized variable (CWE-457)
I try to mirror the traffic on a pppoe network but receive nothing
and --debug shows no error
details:
15:49:03 root@OpenWrt ~ ifconfig
br-lan Link encap:Ethernet HWaddr AA:AA:AA:11:11:11
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fdf9:5c46:674e::1/60 Scope:Global
inet6 addr: 2001:470:1f19:1b5::1/64 Scope:Global
inet6 addr: fe80::e695:6eff:fe40:2133/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:62878 errors:0 dropped:0 overruns:0 frame:0
TX packets:63097 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6352932 (6.0 MiB) TX bytes:19405120 (18.5 MiB)
eth0 Link encap:Ethernet HWaddr E4:95:6E:40:21:33
inet addr:100.64.215.143 Bcast:100.64.255.255 Mask:255.255.0.0
inet6 addr: fe80::e695:6eff:fe40:2133/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1219431 errors:0 dropped:995 overruns:0 frame:0
TX packets:954829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1308812165 (1.2 GiB) TX bytes:99050584 (94.4 MiB)
Interrupt:4
eth1 Link encap:Ethernet HWaddr E4:95:6E:40:21:33
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1214169 errors:0 dropped:0 overruns:0 frame:0
TX packets:1093214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:460244586 (438.9 MiB) TX bytes:1203312990 (1.1 GiB)
Interrupt:5
ifb4pppoe-pppoe Link encap:Ethernet HWaddr 1E:7E:77:58:D5:7B
inet6 addr: fe80::1c7e:77ff:fe58:d57b/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:23918 errors:0 dropped:0 overruns:0 frame:0
TX packets:23918 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:32
RX bytes:13903602 (13.2 MiB) TX bytes:13903602 (13.2 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:22683 errors:0 dropped:0 overruns:0 frame:0
TX packets:22683 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3422354 (3.2 MiB) TX bytes:3422354 (3.2 MiB)
pppoe-pppoe Link encap:Point-to-Point Protocol
inet addr:xxxxxxxxxxx P-t-P:xxxxxxxxxxx Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP PROMISC MULTICAST MTU:1492 Metric:1
RX packets:24262 errors:0 dropped:0 overruns:0 frame:0
TX packets:25637 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:13644555 (13.0 MiB) TX bytes:3769276 (3.5 MiB)
15:50:57 root@OpenWrt ~ cat /etc/config/port-mirroring
#
#"target" defines the mirror target, it can be a local interface or a remote ip
#address. For openwrt routers, it shall be remote ip in most case.
#
#"source_ports" defines the mirrored interface, for example, "wlan0" will mirror#all wireless traffic. Multiple interfaces are supported(ie: "wlan0,eth0").
#
config 'port-mirroring'
option 'target' '192.168.1.141'
option 'source_ports' 'pppoe-pppoe'
option 'filter' ''
option 'protocol' 'TZSP'
I use wireshark on 192.168.1.141.If it mirrors these traffic,I should see ip packets which src ip is the ip from pppoe server.but I only get packets which src/dst ip is 192.168.1.x
sorry for my pool english
port-mirroring 1.3 needs version 1.1 of libpcap to run. OpenWrt v15.05 (Chaos Calmer) ships with version 1.3 of libpcap
root@OpenWrt:/# port-mirroring --debug
port-mirroring: can't load library 'libpcap.so.1.1'
root@OpenWrt:/# cat /etc/banner
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
CHAOS CALMER (15.05, r46767)
-----------------------------------------------------
* 1 1/2 oz Gin Shake with a glassful
* 1/4 oz Triple Sec of broken ice and pour
* 3/4 oz Lime Juice unstrained into a goblet.
* 1 1/2 oz Orange Juice
* 1 tsp. Grenadine Syrup
-----------------------------------------------------
root@OpenWrt:/# uname -a
Linux OpenWrt 3.18.20 #1 Fri Sep 4 21:55:57 CEST 2015 mips GNU/Linux
root@OpenWrt:/# ls /usr/lib/libpcap* -lh
lrwxrwxrwx 1 root root 14 Sep 27 07:29 /usr/lib/libpcap.so -> libpcap.so.1.3
lrwxrwxrwx 1 root root 16 Sep 27 07:29 /usr/lib/libpcap.so.1.3 -> libpcap.so.1.3.0
-rw-r--r-- 1 root root 164.9K Sep 4 15:47 /usr/lib/libpcap.so.1.3.0
Implement Check unit testing framework for C.
We'll need to figure out how to remove these later and have OpenWrt run automake before compiling but for now, let's add these files back in.
configure.ac:14: error: required file './compile' not found
configure.ac:14: 'automake --add-missing' can install 'compile'
configure.ac:6: error: required file './install-sh' not found
configure.ac:6: 'automake --add-missing' can install 'install-sh'
configure.ac:6: error: required file './missing' not found
configure.ac:6: 'automake --add-missing' can install 'missing'
Makefile.am: error: required file './depcomp' not found
Makefile.am: 'automake --add-missing' can install 'depcomp'
port-mirroring/port-mirroring.c
Line 958 in 2433871
CID 19975 (#4 of 4): Missing return statement (MISSING_RETURN)
missing_return: Arriving at the end of a function without returning a value.
The return value will be taken from whatever happens to be on the stack, likely causing incorrect computation. In start_mirroring: Function that returns non-void is missing a return value (CWE-710)
Hello! Thank you for so great package. I compiled it for my modem and want to
share it with you :)
Original issue reported on code.google.com by [email protected]
on 16 Jan 2014 at 11:41
Attachments:
Make returns this error while building port-mirroring against OpenWrt:
Makefile:358: .deps/port_mirroring-port-mirroring.Po: No such file or directory
Display log messages to the console when the --debug option is provided.
Could you post a binary for Atheros AR9344 platform. I am using Chaos Calmer 15.05. Kind regards.
port-mirroring/port-mirroring.c
Line 974 in 07f74e1
port-mirroring.c: In function ‘fork_daemon’:
port-mirroring.c:974:5: warning: implicit declaration of function ‘umask’ [-Wimplicit-function-declaration]
umask(0);
^
port-mirroring/port-mirroring.c
Line 700 in 88fb166
CID 19973: Unchecked return value from library (CHECKED_RETURN)
check_return: Calling setsockopt(sendSocket, 1, 7, (char *)&sendBufSize, 4U) without checking return value. This library function may fail and return an error code.
The function returns a value that indicates an error condition. If this is not checked, the error condition may not be handled correctly.
In initSendHandle: Value returned from a library function is not checked for errors before being used. This value may indicate an error condition. CWE-252
port-mirroring/port-mirroring.c
Line 481 in 0a4873e
port-mirroring.c: In function ‘getSenderInterface’:
port-mirroring.c:481:22: warning: variable ‘rtMsg’ set but not used [-Wunused-but-set-variable]
struct rtmsg* rtMsg;
^
39.76s$ curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | COVERITY_SCAN_PROJECT_NAME="$PROJECT_NAME" COVERITY_SCAN_NOTIFICATION_EMAIL="*******" COVERITY_SCAN_BUILD_COMMAND="autoreconf -vfi && ./configure && make" COVERITY_SCAN_BUILD_COMMAND_PREPEND="" COVERITY_SCAN_BRANCH_PATTERN=coverity_scan bash
Note: COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN are available on Project Settings page on scan.coverity.com
Coverity Scan configured to run on branch coverity_scan
Coverity Scan analysis authorized per quota.
Downloading Coverity Scan Analysis Tool...
2015-10-18 02:34:53 URL:https://scan.coverity.com/download/Linux [345756002/345756002] -> "/tmp/cov-analysis-Linux.tgz" [1]
Extracting Coverity Scan Analysis Tool...
/tmp/coverity-scan-analysis ~/build/mmaraya/port-mirroring
~/build/mmaraya/port-mirroring
Running Coverity Scan Analysis Tool...
Coverity Build Capture (64-bit) version 7.7.0 on Linux 3.13.0-40-generic x86_64
Internal version numbers: 772028383d p-indio-push-22816.428
autoreconf: `configure.ac' or `configure.in' is required
[WARNING] Build command autoreconf -vfi && ./configure && make exited with code 1. Please verify that the build completed successfully.
[WARNING] No files were emitted. This may be due to a problem with your configuration
or because no files were actually compiled by your build command.
Please make sure you have configured the compilers actually used in the compilation.
For more details, please look at:
/home/travis/build/mmaraya/port-mirroring/cov-int/build-log.txt
Break up port-mirroring into multiple source files, grouped by function.
Can you provide a compiled version of this port-mirroring tool for the current
OpenWRT firmware images? Specifically for Barrier Breaker 14.07-rc3 on
architecture ar71xx? I would do it on my own, but I don't know how. Please.
Original issue reported on code.google.com by [email protected]
on 21 Mar 2015 at 1:51
What steps will reproduce the problem?
1. configure port-mirroring with TEE protocol
2. start
3.
What is the expected output? What do you see instead?
10:51:49[info] port-mirroring::main, mirroring_type:[remote][TEE],
mirroring_source_num:[1], target:[192.168.16.12], filter:[],
opt_promiscuous:[0].
*** buffer overflow detected ***: port-mirroring terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7fadf4c76f47]
/lib/x86_64-linux-gnu/libc.so.6(+0x109e40)[0x7fadf4c75e40]
port-mirroring[0x402f2f]
port-mirroring[0x4030e1]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7e9a)[0x7fadf516ae9a]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fadf4c603fd]
What version of the product are you using? On what operating system?
Last stable version of port-mirroring on Ubuntu 12.04.4 LTS 64bits
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 5 Jun 2014 at 9:10
The original codebase at b090667 uses autoconf and automake, part of the GNU Build System to compile the port-mirroring binary. Given that the OpenWrt build system provides the cross-compilation toolchain for building the port-mirroring package, it should be possible to simplify the build system into either one Make or CMake file.
Given that OpenWrt runs on a multitude of platforms with potentially different implementations of integer types, look into using C99 fixed-width integer types throughout the package.
Declare function prototypes and move #include directives to a new header file
port-mirroring/port-mirroring.c
Line 416 in 6c7908c
port-mirroring.c: In function ‘readNlSock’:
port-mirroring.c:416:64: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
} while ((nlHdr->nlmsg_seq != seqNum) || (nlHdr->nlmsg_pid != pId));
^
According to the netlink man page, nlmsg_pid
is an unsigned 32-bit integer:
struct nlmsghdr {
__u32 nlmsg_len; /* Length of message including header. */
__u16 nlmsg_type; /* Type of message content. */
__u16 nlmsg_flags; /* Additional flags. */
__u32 nlmsg_seq; /* Sequence number. */
__u32 nlmsg_pid; /* Sender port ID. */
};
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.