ports/51002: new feature for net/trafshow
Luigi Rizzo
rizzo at icir.org
Tue Apr 15 20:40:18 UTC 2003
>Number: 51002
>Category: ports
>Synopsis: new feature for net/trafshow
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Apr 15 13:40:17 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Luigi Rizzo
>Release: FreeBSD 4.8-RELEASE i386
>Organization:
Universita` di Pisa
>Environment:
System: FreeBSD xorpc.icir.org 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Mon Apr 7 20:59:56 PDT 2003 root at xorpc.icir.org:/usr/src/sys/compile/ICIR-4.8-USB i386
>Description:
the attached patch implements a new option for net/trafsnow. From the
manpage:
-m [src-ip M] [dst-ip M] [src-port M] [dst-port M] [proto M]
Mask the specified field with mask M (which should be specified
as an hex number e.g. 0xffff0000) before further processing of
the packet. This allows to aggregate traffic in the display to
ease analysis.
>How-To-Repeat:
>Fix:
attached is a patch to put in ports/net/trafshow/files/patch-mask
--- display.c.orig Sun Aug 23 21:51:48 1998
+++ display.c Fri Dec 6 12:17:55 2002
@@ -54,6 +54,7 @@
static int l_nflag, l_eflag;
static int n_entries;
static int err_pos;
+extern struct t_entry t_mask; /* traffic mask */
void
init_display(reinit)
@@ -282,6 +284,13 @@
packets_total++;
bytes_total += e->bytes;
j = page * page_size;
+
+ e->src.s_addr &= t_mask.src.s_addr;
+ e->dst.s_addr &= t_mask.dst.s_addr;
+ e->sport &= t_mask.sport;
+ e->dport &= t_mask.dport;
+ e->proto &= t_mask.proto;
+
for (i = 0; i < n_entry; i++) {
if (memcmp(&e->eh, &entries[i].eh, sizeof(e->eh)) == 0 &&
e->src.s_addr == entries[i].src.s_addr &&
--- trafshow.c.orig Fri Aug 28 00:15:57 1998
+++ trafshow.c Fri Dec 6 12:34:09 2002
@@ -48,6 +48,7 @@
int pflag = 0; /* don't put the interface into promiscuous mode */
int kflag = 1; /* disable keyboard input checking */
int eflag = 0; /* show ethernet traffic rather than ip */
+struct t_entry t_mask; /* traffic mask */
/* global variables */
char *program_name; /* myself */
@@ -78,6 +79,12 @@
extern int abort_on_misalignment();
extern pcap_handler lookup_if();
+ t_mask.src.s_addr = 0xffffffff; /* all bits valid */
+ t_mask.dst.s_addr = 0xffffffff; /* all bits valid */
+ t_mask.sport = 0xffff; /* all bits valid */
+ t_mask.dport = 0xffff; /* all bits valid */
+ t_mask.proto = 0xffff; /* all bits valid */
+
cnt = -1;
device_name = NULL;
infile = NULL;
@@ -94,7 +87,7 @@
if (abort_on_misalignment(ebuf) < 0) error(0, ebuf);
- while ((op = getopt(argc, argv, "c:CefF:i:knNOpr:t:vh?")) != EOF)
+ while ((op = getopt(argc, argv, "c:CefF:i:kmnNOpr:t:vh?")) != EOF)
switch (op) {
case 'C':
#ifdef HAVE_SLCURSES
@@ -114,6 +121,42 @@
break;
case 'k':
kflag = 0;
+ break;
+ case 'm':
+ fprintf(stderr, "option m %d %d\n", optind, argc);
+ t_mask.src.s_addr = 0;
+ t_mask.dst.s_addr = 0;
+ t_mask.sport = 0;
+ t_mask.dport = 0;
+ t_mask.proto = 0;
+ for (;optind + 1 <= argc;) {
+ char *s = argv[optind];
+ u_int32_t arg = 0xffffffff;
+ int save=optind;
+
+ optind++;
+ if (optind + 1 <= argc &&
+ isdigit(*(argv[optind])) ) {
+ arg = strtol(argv[optind], NULL, 0);
+ optind++;
+ }
+ fprintf(stderr, "-m %s 0x%x\n", s, arg);
+
+ if (!strcmp(s, "src-ip"))
+ t_mask.src.s_addr = arg;
+ else if (!strcmp(s, "dst-ip"))
+ t_mask.dst.s_addr = arg;
+ else if (!strcmp(s, "src-port"))
+ t_mask.sport = (u_short)(arg);
+ else if (!strcmp(s, "dst-port"))
+ t_mask.dport = (u_short)(arg);
+ else if (!strcmp(s, "proto"))
+ t_mask.proto = arg;
+ else {
+ optind = save;
+ break;
+ }
+ }
break;
case 'n':
++nflag;
--- trafshow.1.orig Fri Aug 28 09:37:38 1998
+++ trafshow.1 Tue Apr 15 22:32:21 2003
@@ -42,6 +42,14 @@
.B \-k
Disable input keyboard checking. It is intended to avoid loss of packets.
.TP
+.B \-m
+[src-ip M] [dst-ip M] [src-port M] [dst-port M] [proto M]
+.br
+Mask the specified field with mask M (which should be specified
+as an hex number e.g. 0xffff0000) before further processing
+of the packet. This allows to aggregate traffic in the display
+to ease analysis.
+.TP
.B \-n
Don't convert host addresses and port numbers to names.
.TP
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list