//--------------------------------------------------------------------//----- $Header: /home/cvsroot/sebek/mon/sdm.c,v 1.3 2002/09/08 22:48:57 cvs Exp $//--------------------------------------------------------------------/* * Copyright (C) 2001/2002 The Honeynet Project. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright *    notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in the *    documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software *    must display the following acknowledgement: *      This product includes software developed by The Honeynet Project. * 4. The name "The Honeynet Project" may not be used to endorse or promote *    products derived from this software without specific prior written *    permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */#include <sdm_utils.h>void Usage(){    printf(" -s source        IP network specification: a.b.c.d/xy\n");  printf(" -d destination   IP network specification: a.b.c.d/xy\n");  printf(" -k encryption key\n");  printf(" -d destination port number\n");  printf(" -m magic number\n");  printf(" -f filename\n");  printf(" -x maximum interpacket delay\n");  printf("Examples:\n");  printf("  To make everything pretty random including port data:\n");  printf("  fmon -d 10.0.0.0/8 -s 10.0.0.0/8 -m 7777 -k foobar\n\n");    printf("  To have static destination addr and port:\n");  printf("  fmon -d 10.0.0.1/32 -s 10.0.0.0/8 -d 123 -k foobar\n\n");  printf("  To have static src and dst with static ports:\n");  printf("  fmon -d 10.0.0.1/32 -s 10.0.0.2/32 -d 123 -m 223\n");  printf("  - the src port = value of -m minus value of -d\n");}int GenNetInfo(char* netstr,int is_src){    struct in_addr net;       /* place to stick the local network data */        int nmask;                /* temporary netmask storage */    char * str1;    char * str2;    u_int32_t *ip;    u_int32_t *mask;    if(is_src){      ip   = &pv.src_ip;      mask = &pv.src_mask;    }else{      ip   = &pv.dst_ip;      mask = &pv.dst_mask;    }    /* break out the CIDR notation from the IP address */    str1 = strtok(netstr,"/");    str2 = strtok(NULL,"/");    if(str2 && strlen(str2) < 3 && strlen(str2) > 0){        /* convert the CIDR notation into a real live netmask */        nmask = atoi(str2);        if((nmask > 0) && (nmask < 33)){            *mask = netmasks[nmask];        }else{            FatalError("ERROR: Bad CIDR block [%s:%d]\n", str2, pv.src_mask);        }    }else{      /*  if we have no mask then assume its a /32 mask */     mask = netmasks[32];          }    /* convert the IP addr into its 32-bit value */    if((net.s_addr = inet_addr(str1)) == -1){        FatalError("ERROR: %s is not valid IP addr\n",str1);    }else{        /* set up the source IP */        *ip = ((u_int32_t)ntohl(net.s_addr));    }    return 1;}int CheckConfig(){  if(!pv.dst_ip){    Usage();    FatalError("Need to specify Destination IP\n");  }  if(!pv.src_ip){    Usage();    FatalError("Need to specify Source IP\n");  }  if(!pv.dst_port && !pv.magic){    Usage();    FatalError("Need to specify the Destination Port number and/or Magic Number\n");  }    if(!strlen(pv.filename))    strncpy(pv.filename,filename,IBUF);  if(!pv.ipd){    pv.ipd = 1000000;  }    return 1;}int ParseCmdLine(int argc, char *argv[]){  int ch;  char *valid_options;  u_char digest[16];  valid_options = "vf:k:s:d:p:m:x:";  while((ch = getopt(argc, argv, valid_options)) != -1)    {      switch(ch)        {	case 'v':	  pv.verbose = 1;	  break;	case 'f':	  strncpy(pv.filename,optarg,IBUF);	  break;  	case 'k':	  if(strlen(optarg)>4 && strlen(optarg) < 80){	    MD5(optarg,strlen(optarg),digest);	    BF_set_key(&pv.key,sizeof(digest),digest);	  }else{	    FatalError("Password unacceptable, either too short or too long",1);	  }	  break; 	case 'p':	  pv.dst_port = atoi(optarg);	  break;	case 'm':	  pv.magic = atoi(optarg);	  if(pv.dst_port > 0){	    pv.src_port = pv.magic - pv.dst_port;	  }	  break;	case 's':	  GenNetInfo(optarg,1);	  break;	case 'd':	  GenNetInfo(optarg,0);	  break;	  	case 'x':	  pv.magic = atoi(optarg);	  if(pv.ipd > MAX_INTERPKTDELAY)pv.ipd = MAX_INTERPKTDELAY;	}    }  return CheckConfig();}int main(int argc, char **argv){  FILE *f;  char ar[IBUF];  char decoy_buff[IBUF];  int  ret, arlen,idlen;  struct sockaddr_in libnet_sock;  struct libnet_link_int *write2net;  u_char *libnet_dev = NULL;  char libnet_err[LIBNET_ERRBUF_SIZE];  u_int32_t id;  int decoy = 0;  int x = 0;  int rd_sz;   rd_sz = IBUF - sizeof(id);  libnet_seed_prand();  ParseCmdLine(argc,argv);  //---- get the host ID, aka first IP addr ----  id = get_id();  //----- libnet initialization stuff  if (libnet_select_device(&libnet_sock,&libnet_dev, libnet_err) == -1) {    libnet_error(LIBNET_ERR_FATAL, "libnet_select_device failed: %s\n", libnet_err);    exit(-1);  }  if ((write2net = libnet_open_link_interface(libnet_dev, libnet_err)) == NULL) {    libnet_error(LIBNET_ERR_FATAL, "libnet_open_link_interface: %s\n", libnet_err);    exit(-1);  }  //----- some initialization  memset(ar,0,sizeof(ar));    memset(decoy_buff,0,sizeof(decoy_buff));  arlen = 0;  idlen = 0;    if(getuid() != 0)exit;  //----- first 32 bits of payload is the host ID  //----- set it once and forget.  memcpy(ar,&id,sizeof(id));  idlen = sizeof(id);  if(pv.verbose)printf("Reading data from: %s\n",pv.filename);    while(1){      //---- if the file exists read all the data from it    if((f = fopen(pv.filename,"r")) != NULL){      while(1){	//----- read data in blocks of rd_sz  len	ret = fread(ar + idlen,1,rd_sz,f);        if(!ret){	  fclose(f);	  break;        }	arlen = ret + idlen;        //----- export onto the network	create_udp(ar,arlen,write2net,libnet_dev,1);	usleep(libnet_get_prand(PRu32) % pv.ipd); 		if(pv.verbose)printf("wrote %d bytes\n",arlen +4);	        //----- zero out the array and set arlen to 0        memset(ar+idlen,0,sizeof(ar)-idlen);                                   //----- partial buffer indicates the end of file	if(ret != rd_sz){	  fclose(f);          break;	}      }          }else{      //------ no data, spew a few decoys      for(x =0;x <= MAX_DECOY;x++){	//----- host ID for decoys is set to 0	create_udp(decoy_buff,sizeof(decoy_buff),write2net,libnet_dev,0);	usleep(libnet_get_prand(PRu32) % pv.ipd);       }    }  }//While}//Main