#if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT)    u_int spoof_eth_src = 1;#endif   if (bpf_in_use != 0) {      DEBUG_MSG("Inet_OpenRawSock %s", iface);      DEBUG_MSG("Inet_OpenRawSock \t bpf_in_use = %d ", bpf_in_use);      return bpf_in_use;   }   Inet_GetIfaceInfo(iface, NULL, MyMAC, NULL, NULL);   insns[1].k = htons(*(short *)MyMAC);         // put MyMac in the filter...   insns[3].k = htons(*(short *)(MyMAC+2));   insns[5].k = htons(*(short *)(MyMAC+4));   DEBUG_MSG("Inet_OpenRawSock %s", iface);   do    // find an available bpf device   {      sprintf(device, "/dev/bpf%d", i++);      fd = open(device, O_RDWR);   } while (fd < 0 && errno == EBUSY);   if (fd < 0)      Error_msg("ec_inet_macosx:%d  no /dev/bpf* available (tried to open %d) | ERRNO : %d | %s", __LINE__, i, errno, strerror(errno));   DEBUG_MSG("Inet_OpenRawSock \t fd = %d -- /dev/bpf%d ", fd, i-1);   if (ioctl(fd, BIOCVERSION, (caddr_t)&bv) < 0)      // get bpf version      ERROR_MSG(" ioctl(BIOCVERSION)");   if (bv.bv_major != BPF_MAJOR_VERSION || bv.bv_minor < BPF_MINOR_VERSION)      Error_msg(" Kernel bpf filter out of date ");   for (size = 32768; size != 0; size >>= 1)   {      ioctl(fd, BIOCSBLEN, (caddr_t)&size);      strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));    // attach the iface to the bpf      if (ioctl(fd, BIOCSETIF, (caddr_t)&ifr) >= 0)         break;  /* that size worked; we're done */      if (errno != ENOBUFS)         ERROR_MSG(" ioctl(BIOCSETIF)");   }   if (size == 0) Error_msg("BIOCSBLEN: No buffer size worked");   if (ioctl(fd, BIOCGBLEN, (caddr_t)&size) < 0)     ERROR_MSG(" ioctl(BIOCGBLEN)");   if (ioctl(fd, BIOCGDLT, (caddr_t)&type) == -1)           // Get the data link layer type.      ERROR_MSG(" ioctl(BIOCGDLT)");   if (type != DLT_EN10MB)      Error_msg("%s : Interface not supported ( only DLT_EN10MB) | %d", iface, type);#if defined(BIOCGHDRCMPLT) && defined(BIOCSHDRCMPLT)     // auto fill the source mac address now set OFF    if (ioctl(fd, BIOCSHDRCMPLT, &spoof_eth_src) == -1)      ERROR_MSG(" ioctl(BIOCSHDRCMPLT)");#endif   i = 1;   if (ioctl(fd, BIOCIMMEDIATE, &i) < 0)                    // Set immediate mode so packets are processed as they arrive.      ERROR_MSG(" ioctl(BIOCIMMEDIATE)");   if (ioctl(fd, BIOCSETF, (caddr_t)&filter) < 0)           // Set filter program.      ERROR_MSG(" ioctl(BIOCSETF)");   bpf_in_use = fd;   return fd;}int Inet_GetRawPacket(int sock, char *buffer, int MTU, short *type){   int len = 0, pktlen = 0;   u_char *buf, *bp, *ep;   static char MyMAC[6]={0x65,0x74,0x74,0x65,0x72,0x63};   if (SocketBuffer == -1)                   // only the first time      SocketBuffer = Buffer_Create(1.0e5);   // 100 K buffer   Buffer_Get(SocketBuffer, &pktlen, sizeof(u_int));   len = Buffer_Get(SocketBuffer, buffer, pktlen );   if (type != NULL)   {       if (!strncmp(MyMAC,"etterc",6))    // only the first time...           Inet_GetIfaceInfo(Options.netiface, NULL, MyMAC, NULL, NULL);       if (!memcmp(MyMAC,buffer,6))           *type = 0; // PACKET_HOST       else           *type = 1; // !PACKET_HOST   }   if (len > 0) return len;                     // there was pending fata.   buf = (char *)calloc(size, sizeof(char));    // size is global and set by BIOCGBLEN   len = read(sock, buf, size);#define bhp ((struct bpf_hdr *)bp)              // Loop through the packet(s)         bp = buf;         ep = bp + len;         while (bp < ep) {            u_int caplen, hdrlen;            caplen = bhp->bh_caplen;            hdrlen = bhp->bh_hdrlen;//          //  bp + hdrlen is my packet//          //  caplen is the length            if (caplen > MTU + ETH_HEADER) caplen = MTU + ETH_HEADER;  // evil workaround for the 1518 size packet with FCS            Buffer_Put(SocketBuffer, &caplen, sizeof(u_int) );            Buffer_Put(SocketBuffer, bp + hdrlen, caplen );            bp += BPF_WORDALIGN(hdrlen + caplen);         }#undef bhp   Buffer_Get(SocketBuffer, &pktlen, sizeof(u_int));   len = Buffer_Get(SocketBuffer, buffer, pktlen );   if (type != NULL)   {       if (!memcmp(MyMAC,buffer,6))           *type = 0; // PACKET_HOST       else           *type = 1; // !PACKET_HOST   }   free(buf);   return len;}int Inet_SendRawPacket(int sock, char *buffer, int len){   int sent;   sent = write(sock, buffer, len);   if (sent < len)   {      while (errno == ENOBUFS)      {         usleep(5000);         sent = write(sock, buffer, len);         if (sent == len) return (sent);      }      Error_msg("ec_inet_macosx:%d write() %d(%d) | ERRNO : %d | %s \n", __LINE__, len, sent, errno, strerror(errno));   }   return (sent);}int Inet_SetPromisc(char *iface){   DEBUG_MSG("Inet_SetPromisc %s %d", iface, bpf_in_use);   if ( ioctl(bpf_in_use, BIOCPROMISC, NULL) < 0 )      ERROR_MSG("ioctl(BIOCPROMISC)");   return 0;}void Inet_Restore_ifr(void){   // this function is not needed !!   // when a bpf is closed, the interface is restored}void Inet_DisableForwarding(void){   int mib[4];      // for sysctl()   int val = 0;     // for sysctl()   disable   size_t len;   mib[0] = CTL_NET;   mib[1] = PF_INET;   mib[2] = IPPROTO_IP;   mib[3] = IPCTL_FORWARDING;   len = sizeof(IpForward_status);   if( (sysctl(mib, 4, &IpForward_status, &len, &val, sizeof(val))) == -1)    ERROR_MSG("sysctl() | net.inet.ip.forwarding");   DEBUG_MSG("Inet_DisableForwarding | net.inet.ip.forwarding = %d  old_value = %d\n", val, IpForward_status);   atexit(Inet_RestoreForwarding);}void Inet_RestoreForwarding(void){   int mib[4];      // for sysctl()   mib[0] = CTL_NET;   mib[1] = PF_INET;   mib[2] = IPPROTO_IP;   mib[3] = IPCTL_FORWARDING;   if (strcmp(ECThread_getname(pthread_self()), PROGRAM)) return;   if( (sysctl(mib, 4, NULL, NULL, &IpForward_status, sizeof(IpForward_status))) == -1)      ERROR_MSG("sysctl()");   DEBUG_MSG("Inet_RestoreForwarding | net.inet.ip.forwarding = %d\n", IpForward_status);}char *Inet_MacFromIP(unsigned long ip){   int mib[6];   size_t len;   char *buf, *next, *end;   struct rt_msghdr *rtm;   struct sockaddr_inarp *sin;   struct sockaddr_dl *sdl;   static char ETH_BROADCAST[6] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};   DEBUG_MSG("Inet_MacFromIP");   mib[0] = CTL_NET;   mib[1] = AF_ROUTE;   mib[2] = 0;   mib[3] = AF_INET;   mib[4] = NET_RT_FLAGS;   mib[5] = RTF_LLINFO;   if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0)      ERROR_MSG("sysctl()");   if ((buf = (char *)malloc(len)) == NULL)      ERROR_MSG("malloc()");   if (sysctl(mib, 6, buf, &len, NULL, 0) < 0)   {      free(buf);      ERROR_MSG("sysctl()");   }   end = buf + len;   for (next = buf ; next < end ; next += rtm->rtm_msglen)   {      rtm = (struct rt_msghdr *)next;      sin = (struct sockaddr_inarp *)(rtm + 1);      sdl = (struct sockaddr_dl *)(sin + 1);      if (sin->sin_addr.s_addr == ip && sdl->sdl_alen)      {         free(buf);         return LLADDR(sdl);      }      else     // not in cache... try to find it...      {      	struct recv_packet recvpck;         char MyMAC[6];         u_long MyIP;         int MTU, sock;         TIME_DECLARE;         DEBUG_MSG("Inet_MacFromIP -- try to find it");         sock = Inet_OpenRawSock(Options.netiface);         Inet_GetIfaceInfo(Options.netiface, &MTU, MyMAC, &MyIP, NULL);         if (ip == MyIP)         {            DEBUG_MSG("Inet_MacFromIP -- try to find me... ;)");            memcpy(LLADDR(sdl), MyMAC, ETHER_ADDR_LEN);            Inet_CloseRawSock(sock);            return (char *) LLADDR(sdl);         }      	recvpck.buf = Inet_Forge_packet( MTU + ALIGN_ETH_TO_WORD );      	recvpck.aligned = recvpck.buf + ALIGN_ETH_TO_WORD;         Inet_Forge_ethernet( recvpck.aligned, MyMAC, ETH_BROADCAST, ETH_P_ARP );         Inet_Forge_arp( recvpck.aligned + ETH_HEADER, ARPOP_REQUEST,                         MyMAC, MyIP,                         ARP_BROADCAST, ip );         Inet_SendRawPacket(sock, buf, ETH_HEADER + ARP_HEADER);			memset(recvpck.aligned, 0, MTU);         fcntl(sock, F_SETFL, O_NONBLOCK);         TIME_START;         do         {            int len;            short pkttype;            ETH_header *ethpkt;            ARP_header *arppkt;            len = Inet_GetRawPacket(sock, recvpck.aligned, MTU, &pkttype);            ethpkt = (ETH_header *)recvpck.aligned;            arppkt = (ARP_header *)(recvpck.aligned + ETH_HEADER);            TIME_FINISH;            if (len > 0 && pkttype == PACKET_HOST && ethpkt->type == htons(ETH_P_ARP) && arppkt->opcode == htons(ARPOP_REPLY))            {               if ( *(unsigned long *)arppkt->source_ip == ip )               {                  memcpy(LLADDR(sdl), &arppkt->source_add, ETHER_ADDR_LEN);                  free(buf);                  Inet_Forge_packet_destroy( recvpck.buf );                  Inet_CloseRawSock(sock);                  return (char *) LLADDR(sdl);               }            }         } while ( TIME_ELAPSED < 0.5 );         Inet_Forge_packet_destroy( recvpck.buf );         Inet_CloseRawSock(sock);      }   }   free(buf);   return ETH_BROADCAST;  // workaround for non local ip}/* EOF */// vim:ts=3:expandtab