Merge pull request #887 from IvanNardi/tunnel

Tunnel
author: Luca Deri <lucaderi@users.noreply.github.com> 2020-04-27 23:27:03 +0200
committer: GitHub <noreply@github.com> 2020-04-27 23:27:03 +0200
commit: 44259ab2b97e89e800d4406f5c8c3dd4869e374d (patch)
tree: e34f257f35965f553bf6a886f01c42fb904c5fdf /example
parent: 328016895f4da6c817495d98cdc09980040dd06b (diff)
parent: 097127c31d028bb8abae8d3aa8edcc367f17bfba (diff)
2 files changed, 38 insertions, 20 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index f15ee0e66..2818c2c41 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -2519,9 +2519,13 @@ static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_us
 	else traffic_duration = (pcap_end.tv_sec*1000000 + pcap_end.tv_usec) - (pcap_start.tv_sec*1000000 + pcap_start.tv_usec);
 
 	printf("\tnDPI throughput:       %s pps / %s/sec\n", formatPackets(t, buf), formatTraffic(b, 1, buf1));
-	t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)traffic_duration;
-	b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)traffic_duration;
-
+	if(traffic_duration != 0) {
+	  t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)traffic_duration;
+	  b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)traffic_duration;
+	} else {
+	  t = 0;
+	  b = 0;
+	}
 	strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime_r(&pcap_start.tv_sec, &result));
 	printf("\tAnalysis begin:        %s\n", when);
 	strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime_r(&pcap_end.tv_sec, &result));
diff --git a/example/reader_util.c b/example/reader_util.c
index dbce3636e..3c1af8397 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -1675,7 +1675,7 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
     ip_len = ((u_int16_t)iph->ihl * 4);
     iph6 = NULL;
 
-    if(iph->protocol == IPPROTO_IPV6) {
+    if(iph->protocol == IPPROTO_IPV6 || iph->protocol == IPPROTO_IPIP) {
       ip_offset += ip_len;
       if(ip_len > 0)
         goto iph_check;
@@ -1707,6 +1707,12 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
     if(ndpi_handle_ipv6_extension_headers(NULL, &l4ptr, &ip_len, &proto) != 0) {
       return(nproto);
     }
+    if(proto == IPPROTO_IPV6 || proto == IPPROTO_IPIP) {
+      if(l4ptr > packet) { /* Better safe than sorry */
+        ip_offset = (l4ptr - packet);
+        goto iph_check;
+      }
+    }
 
     iph = NULL;
   } else {
@@ -1746,11 +1752,15 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
 	  if(flags & 0x02) ip_offset += 4; /* sequence_number is present (it also includes next_ext_header and pdu_number) */
 	  if(flags & 0x01) ip_offset += 1; /* pdu_number is present */
 
-	  iph = (struct ndpi_iphdr *) &packet[ip_offset];
-
-	  if(iph->version != IPVERSION) {
-	    // printf("WARNING: not good (packet_id=%u)!\n", (unsigned int)workflow->stats.raw_packet_count);
-	    goto v4_warning;
+	  if(ip_offset < header->caplen) {
+	    iph = (struct ndpi_iphdr *)&packet[ip_offset];
+	    if(iph->version == 6) {
+	      iph6 = (struct ndpi_ipv6hdr *)&packet[ip_offset];
+	      iph = NULL;
+	    } else if(iph->version != IPVERSION) {
+	      // printf("WARNING: not good (packet_id=%u)!\n", (unsigned int)workflow->stats.raw_packet_count);
+	      goto v4_warning;
+	    }
 	  }
 	}
       } else if((sport == TZSP_PORT) || (dport == TZSP_PORT)) {
@@ -1800,22 +1810,26 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow,
 	/* We dissect ONLY CAPWAP traffic */
 	u_int offset           = ip_offset+ip_len+sizeof(struct ndpi_udphdr);
 
-	if((offset+40) < header->caplen) {
-	  u_int16_t msg_len = packet[offset+1] >> 1;
+	if((offset+1) < header->caplen) {
+	  uint8_t preamble = packet[offset];
+
+	  if((preamble & 0x0F) == 0) { /* CAPWAP header */
+	    u_int16_t msg_len = (packet[offset+1] & 0xF8) >> 1;
 
-	  offset += msg_len;
+	    offset += msg_len;
 
-	  if(packet[offset] == 0x02) {
-	    /* IEEE 802.11 Data */
+	    if((offset + 32 < header->caplen) && (packet[offset] == 0x02)) {
+	      /* IEEE 802.11 Data */
 
-	    offset += 24;
-	    /* LLC header is 8 bytes */
-	    type = ntohs((u_int16_t)*((u_int16_t*)&packet[offset+6]));
+	      offset += 24;
+	      /* LLC header is 8 bytes */
+	      type = ntohs((u_int16_t)*((u_int16_t*)&packet[offset+6]));
 
-	    ip_offset = offset + 8;
+	      ip_offset = offset + 8;
 
-	    tunnel_type = ndpi_capwap_tunnel;
-	    goto iph_check;
+	      tunnel_type = ndpi_capwap_tunnel;
+	      goto iph_check;
+	    }
 	  }
 	}
       }
author	Luca Deri <lucaderi@users.noreply.github.com>	2020-04-27 23:27:03 +0200
committer	GitHub <noreply@github.com>	2020-04-27 23:27:03 +0200
commit	44259ab2b97e89e800d4406f5c8c3dd4869e374d (patch)
tree	e34f257f35965f553bf6a886f01c42fb904c5fdf /example
parent	328016895f4da6c817495d98cdc09980040dd06b (diff)
parent	097127c31d028bb8abae8d3aa8edcc367f17bfba (diff)