aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols/snmp.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/protocols/snmp.c')
-rw-r--r--src/lib/protocols/snmp.c37
1 files changed, 19 insertions, 18 deletions
diff --git a/src/lib/protocols/snmp.c b/src/lib/protocols/snmp.c
index 71de7589b..6a2f2624f 100644
--- a/src/lib/protocols/snmp.c
+++ b/src/lib/protocols/snmp.c
@@ -22,10 +22,14 @@
*
*/
+#include "ndpi_protocol_ids.h"
-#include "ndpi_protocols.h"
#ifdef NDPI_PROTOCOL_SNMP
+#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_SNMP
+
+#include "ndpi_api.h"
+
static void ndpi_int_snmp_add_connection(struct ndpi_detection_module_struct
*ndpi_struct, struct ndpi_flow_struct *flow)
{
@@ -35,10 +39,9 @@ static void ndpi_int_snmp_add_connection(struct ndpi_detection_module_struct
void ndpi_search_snmp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
{
struct ndpi_packet_struct *packet = &flow->packet;
-
- // struct ndpi_id_struct *src=ndpi_struct->src;
- // struct ndpi_id_struct *dst=ndpi_struct->dst;
+ NDPI_LOG_DBG(ndpi_struct, "search SNMP\n");
+
if (packet->payload_packet_len > 32 && packet->payload[0] == 0x30) {
int offset;
u_int16_t u16;
@@ -52,7 +55,7 @@ void ndpi_search_snmp(struct ndpi_detection_module_struct *ndpi_struct, struct n
break;
default:
if (packet->payload[1] > 0x82) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP excluded, second byte is > 0x82\n");
+ NDPI_LOG_DBG2(ndpi_struct, "SNMP excluded, second byte is > 0x82\n");
goto excl;
}
offset = 2;
@@ -61,22 +64,22 @@ void ndpi_search_snmp(struct ndpi_detection_module_struct *ndpi_struct, struct n
u16 = ntohs(get_u_int16_t(packet->payload, offset));
if((u16 != 0x0201) && (u16 != 0x0204)) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP excluded, 0x0201/0x0204 pattern not found\n");
+ NDPI_LOG_DBG2(ndpi_struct, "SNMP excluded, 0x0201/0x0204 pattern not found\n");
goto excl;
}
if (packet->payload[offset + 2] >= 0x04) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP excluded, version > 3\n");
+ NDPI_LOG_DBG2(ndpi_struct, "SNMP excluded, version > 3\n");
goto excl;
}
if (flow->l4.udp.snmp_stage == 0) {
if (packet->udp->dest == htons(161) || packet->udp->dest == htons(162)) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP detected due to port.\n");
+ NDPI_LOG_INFO(ndpi_struct, "found SNMP by port\n");
ndpi_int_snmp_add_connection(ndpi_struct, flow);
return;
}
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP stage 0.\n");
+ NDPI_LOG_DBG2(ndpi_struct, "SNMP stage 0\n");
if (packet->payload[offset + 2] == 3) {
flow->l4.udp.snmp_msg_id = ntohs(get_u_int32_t(packet->payload, offset + 8));
} else if (packet->payload[offset + 2] == 0) {
@@ -89,41 +92,39 @@ void ndpi_search_snmp(struct ndpi_detection_module_struct *ndpi_struct, struct n
} else if (flow->l4.udp.snmp_stage == 1 + packet->packet_direction) {
if (packet->payload[offset + 2] == 0) {
if (flow->l4.udp.snmp_msg_id != get_u_int8_t(packet->payload, offset + 15) - 1) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG,
+ NDPI_LOG_DBG2(ndpi_struct,
"SNMP v1 excluded, message ID doesn't match\n");
goto excl;
}
}
} else if (flow->l4.udp.snmp_stage == 2 - packet->packet_direction) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP stage 1-2.\n");
+ NDPI_LOG_DBG2(ndpi_struct, "SNMP stage 1-2\n");
if (packet->payload[offset + 2] == 3) {
if (flow->l4.udp.snmp_msg_id != ntohs(get_u_int32_t(packet->payload, offset + 8))) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG,
+ NDPI_LOG_DBG2(ndpi_struct,
"SNMP v3 excluded, message ID doesn't match\n");
goto excl;
}
} else if (packet->payload[offset + 2] == 0) {
if (flow->l4.udp.snmp_msg_id != get_u_int8_t(packet->payload, offset + 15)) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG,
+ NDPI_LOG_DBG2(ndpi_struct,
"SNMP v1 excluded, message ID doesn't match\n");
goto excl;
}
} else {
if (flow->l4.udp.snmp_msg_id != ntohs(get_u_int16_t(packet->payload, offset + 15))) {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG,
+ NDPI_LOG_DBG2(ndpi_struct,
"SNMP v2 excluded, message ID doesn't match\n");
goto excl;
}
}
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP detected.\n");
+ NDPI_LOG_INFO(ndpi_struct, "found SNMP\n");
ndpi_int_snmp_add_connection(ndpi_struct, flow);
return;
}
- } else {
- NDPI_LOG(NDPI_PROTOCOL_SNMP, ndpi_struct, NDPI_LOG_DEBUG, "SNMP excluded.\n");
}
excl:
- NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SNMP);
+ NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
}
Powered by cgit, Themed by Ted Yin.