diff options
| -rw-r--r-- | Makefile | 7 | ||||
| -rw-r--r-- | dependencies/nDPIsrvd.h | 35 | ||||
| -rw-r--r-- | examples/c-captured/c-captured.c | 261 | ||||
| -rw-r--r-- | nDPId.c | 32 | ||||
| -rw-r--r-- | nDPIsrvd.c | 15 |
5 files changed, 247 insertions, 103 deletions
@@ -71,13 +71,13 @@ all: help nDPId nDPIsrvd examples examples: examples/c-captured/c-captured examples/c-json-stdout/c-json-stdout examples/go-dashboard/go-dashboard nDPId: nDPId.c utils.c - $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(PC_CFLAGS) $(UTHASH_CFLAGS) $^ -o $@ $(LDFLAGS) $(PC_LDFLAGS) $(STATIC_NDPI_LIB) $(LIBS) + $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(PC_CFLAGS) $^ -o $@ $(LDFLAGS) $(PC_LDFLAGS) $(STATIC_NDPI_LIB) $(LIBS) nDPIsrvd: nDPIsrvd.c utils.c $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(DEPS_CFLAGS) $^ -o $@ $(LDFLAGS) $(STATIC_NDPI_LIB) $(LIBS) -examples/c-captured/c-captured: examples/c-captured/c-captured.c - $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(DEPS_CFLAGS) $@.c -o $@ $(LDFLAGS) $(LIBS) +examples/c-captured/c-captured: examples/c-captured/c-captured.c utils.c + $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(DEPS_CFLAGS) $^ -o $@ $(LDFLAGS) $(LIBS) examples/c-json-stdout/c-json-stdout: examples/c-json-stdout/c-json-stdout.c $(CC) $(PROJECT_CFLAGS) $(CFLAGS) $(DEPS_CFLAGS) $@.c -o $@ $(LDFLAGS) $(LIBS) @@ -106,6 +106,7 @@ help: @echo 'PC_LDFLAGS = $(PC_LDFLAGS)' @echo 'CC = $(CC)' @echo 'CFLAGS = $(CFLAGS)' + @echo 'EXTRA_CFLAGS = $(EXTRA_CFLAGS)' @echo 'LDFLAGS = $(LDFLAGS)' @echo 'PROJECT_CFLAGS = $(PROJECT_CFLAGS)' @echo 'LIBS = $(LIBS)' diff --git a/dependencies/nDPIsrvd.h b/dependencies/nDPIsrvd.h index fa4425410..f1e7f8afc 100644 --- a/dependencies/nDPIsrvd.h +++ b/dependencies/nDPIsrvd.h @@ -513,31 +513,34 @@ static inline int token_value_equals(struct nDPIsrvd_json_token const * const to } static inline enum nDPIsrvd_conversion_return -token_value_to_ull(struct nDPIsrvd_json_token const * const token, nDPIsrvd_ull_ptr const value) +str_value_to_ull(char const * const value_as_string, nDPIsrvd_ull_ptr const value) { - if (token == NULL || token->value == NULL || token->value_length == 0) + char * endptr = NULL; + *value = strtoull(value_as_string, &endptr, 10); + + if (value_as_string == endptr) { - return CONVERISON_KEY_NOT_FOUND; + return CONVERSION_NOT_A_NUMBER; } - + if (errno == ERANGE) { - char const * const value_as_string = token->value; - char * endptr = NULL; - *value = strtoull(value_as_string, &endptr, 10); - - if (value_as_string == endptr) - { - return CONVERSION_NOT_A_NUMBER; - } - if (errno == ERANGE) - { - return CONVERSION_RANGE_EXCEEDED; - } + return CONVERSION_RANGE_EXCEEDED; } return CONVERSION_OK; } +static inline enum nDPIsrvd_conversion_return +token_value_to_ull(struct nDPIsrvd_json_token const * const token, nDPIsrvd_ull_ptr const value) +{ + if (token == NULL || token->value == NULL || token->value_length == 0) + { + return CONVERISON_KEY_NOT_FOUND; + } + + return str_value_to_ull(token->value, value); +} + static inline int nDPIsrvd_build_flow_key(struct nDPIsrvd_flow_key * const key, struct nDPIsrvd_json_token const * const tokens[nDPIsrvd_FLOW_KEY_TOKENS]) { diff --git a/examples/c-captured/c-captured.c b/examples/c-captured/c-captured.c index 688b3d6ea..261b15f7a 100644 --- a/examples/c-captured/c-captured.c +++ b/examples/c-captured/c-captured.c @@ -8,7 +8,9 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <syslog.h> #include <sys/socket.h> +#include <sys/stat.h> #include <sys/types.h> #include <time.h> #include <unistd.h> @@ -16,8 +18,10 @@ #include "config.h" #include "nDPIsrvd.h" #include "utarray.h" +#include "utils.h" //#define VERBOSE +#define DEFAULT_DATADIR "/tmp/nDPId-captured" struct packet_data { @@ -37,6 +41,8 @@ struct flow_user_data uint8_t detection_finished; uint8_t guessed; uint8_t detected; + uint8_t risky; + uint8_t midstream; nDPIsrvd_ull flow_datalink; nDPIsrvd_ull flow_max_packets; UT_array * packets; @@ -45,14 +51,18 @@ struct flow_user_data struct nDPIsrvd_socket * sock = NULL; static int main_thread_shutdown = 0; -static int daemonize = 0; static char * pidfile = NULL; static char * serv_optarg = NULL; -#ifdef pcap_dump_open_append -static time_t pcap_filename_rotation = 600; +static nDPIsrvd_ull pcap_filename_rotation = 0; static time_t pcap_filename_last_rotation = 0; static struct tm pcap_filename_last_rotation_tm = {}; -#endif +static char * user = NULL; +static char * group = NULL; +static char * datadir = NULL; +static uint8_t process_guessed = 0; +static uint8_t process_undetected = 0; +static uint8_t process_risky = 0; +static uint8_t process_midstream = 0; static void packet_data_copy(void * dst, const void * src) { @@ -90,12 +100,11 @@ static char * generate_pcap_filename(struct nDPIsrvd_flow const * const flow, { char appendix[32] = {}; -#ifdef pcap_dump_open_append if (pcap_filename_rotation > 0) { time_t current_time = time(NULL); - if (current_time >= pcap_filename_last_rotation + pcap_filename_rotation) + if (current_time >= pcap_filename_last_rotation + (time_t)pcap_filename_rotation) { pcap_filename_last_rotation = current_time; if (localtime_r(&pcap_filename_last_rotation, &pcap_filename_last_rotation_tm) == NULL) @@ -108,8 +117,9 @@ static char * generate_pcap_filename(struct nDPIsrvd_flow const * const flow, { return NULL; } - } else -#endif + } + else + { if (snprintf(appendix, sizeof(appendix), "%llu", flow->id_as_ull) <= 0) { @@ -117,12 +127,32 @@ static char * generate_pcap_filename(struct nDPIsrvd_flow const * const flow, } } - if (flow_user->guessed != 0 || flow_user->detected == 0) + if (flow_user->guessed != 0 || flow_user->detected == 0 || flow_user->risky != 0 || flow_user->midstream != 0) { - int ret = - snprintf(dest, size, "flow-%s-%s.pcap", - (flow_user->guessed != 0 ? "guessed" : "undetected"), - appendix); + char const * flow_type = NULL; + + if (flow_user->guessed != 0) + { + flow_type = "guessed"; + } + else if (flow_user->detected == 0) + { + flow_type = "undetected"; + } + else if (flow_user->risky != 0) + { + flow_type = "risky"; + } + else if (flow_user->midstream != 0) + { + flow_type = "midstream"; + } + else + { + flow_type = "unknown-type"; + } + + int ret = snprintf(dest, size, "%s/flow-%s-%s.pcap", datadir, flow_type, appendix); if (ret <= 0 || (size_t)ret > size) { return NULL; @@ -147,7 +177,7 @@ static int packet_write_pcap_file(UT_array const * const pd_array, int pkt_datal if (utarray_len(pd_array) == 0) { - printf("no packets received via json, can not dump anything to pcap\n"); + syslog(LOG_DAEMON, "no packets received via json, can not dump anything to pcap"); return 0; } @@ -157,14 +187,19 @@ static int packet_write_pcap_file(UT_array const * const pd_array, int pkt_datal return 1; } -#ifdef pcap_dump_open_append - pcap_dumper_t * pd = pcap_dump_open_append(p, filename); -#else - pcap_dumper_t * pd = pcap_dump_open(p, filename); -#endif + pcap_dumper_t * pd; + if (access(filename, F_OK) == 0) + { + pd = pcap_dump_open_append(p, filename); + } + else + { + pd = pcap_dump_open(p, filename); + } + if (pd == NULL) { - fprintf(stderr, "pcap error %s\n", pcap_geterr(p)); + syslog(LOG_DAEMON | LOG_ERR, "pcap error %s", pcap_geterr(p)); pcap_close(p); return 1; } @@ -182,7 +217,10 @@ static int packet_write_pcap_file(UT_array const * const pd_array, int pkt_datal if (nDPIsrvd_base64decode(pd_elt->base64_packet, pd_elt->base64_packet_size, pkt_buf, &pkt_buf_len) != 0 || pkt_buf_len == 0) { - printf("packet base64 decode failed (%d bytes): %s\n", pd_elt->base64_packet_size, pd_elt->base64_packet); + syslog(LOG_DAEMON | LOG_ERR, + "packet base64 decode failed (%d bytes): %s", + pd_elt->base64_packet_size, + pd_elt->base64_packet); } else { @@ -224,26 +262,29 @@ static void packet_data_print(UT_array const * const pd_array) #define packet_data_print(pd_array) #endif -static void perror_ull(enum nDPIsrvd_conversion_return retval, char const * const prefix) +static enum nDPIsrvd_conversion_return perror_ull(enum nDPIsrvd_conversion_return retval, char const * const prefix) { switch (retval) { case CONVERSION_OK: - return; + break; case CONVERISON_KEY_NOT_FOUND: - fprintf(stderr, "%s `: Key not found.\n", prefix); + syslog(LOG_DAEMON | LOG_ERR, "%s: Key not found.", prefix); break; case CONVERSION_NOT_A_NUMBER: - fprintf(stderr, "%s: Not a valid number.\n", prefix); + syslog(LOG_DAEMON | LOG_ERR, "%s: Not a valid number.", prefix); break; case CONVERSION_RANGE_EXCEEDED: - fprintf(stderr, "%s: Number too large.\n", prefix); + syslog(LOG_DAEMON | LOG_ERR, "%s: Number too large.", prefix); break; default: - fprintf(stderr, "Internal error, invalid conversion return value.\n"); + syslog(LOG_DAEMON | LOG_ERR, "Internal error, invalid conversion return value."); + break; } + + return retval; } static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_socket * const sock, @@ -260,8 +301,10 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock if (current_token->value != NULL) { printf("[%.*s : %.*s] ", - current_token->key_length, current_token->key, - current_token->value_length, current_token->value); + current_token->key_length, + current_token->key, + current_token->value_length, + current_token->value); } } printf("EoF\n"); @@ -303,13 +346,11 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock nDPIsrvd_ull pkt_l4_offset = 0ull; perror_ull(TOKEN_VALUE_TO_ULL(TOKEN_GET_SZ(sock, "pkt_l4_offset"), &pkt_l4_offset), "pkt_l4_offset"); - struct packet_data pd = { - .packet_ts_sec = pkt_ts_sec, - .packet_ts_usec = pkt_ts_usec, - .packet_len = pkt_len, - .base64_packet_size = pkt->value_length, - .base64_packet_const = pkt->value - }; + struct packet_data pd = {.packet_ts_sec = pkt_ts_sec, + .packet_ts_usec = pkt_ts_usec, + .packet_len = pkt_len, + .base64_packet_size = pkt->value_length, + .base64_packet_const = pkt->value}; utarray_push_back(flow_user->packets, &pd); } @@ -318,29 +359,35 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "new") != 0) { flow_user->flow_new_seen = 1; - perror_ull(TOKEN_VALUE_TO_ULL(TOKEN_GET_SZ(sock, "flow_datalink"), &flow_user->flow_datalink), "flow_datalink"); - perror_ull(TOKEN_VALUE_TO_ULL(TOKEN_GET_SZ(sock, "flow_max_packets"), &flow_user->flow_max_packets), "flow_max_packets"); + perror_ull(TOKEN_VALUE_TO_ULL(TOKEN_GET_SZ(sock, "flow_datalink"), &flow_user->flow_datalink), + "flow_datalink"); + perror_ull(TOKEN_VALUE_TO_ULL(TOKEN_GET_SZ(sock, "flow_max_packets"), &flow_user->flow_max_packets), + "flow_max_packets"); + if (TOKEN_VALUE_EQUALS_SZ(TOKEN_GET_SZ(sock, "midstream"), "1") != 0) + { + flow_user->midstream = 1; + } return CALLBACK_OK; - } else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "guessed") != 0) + } + else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "guessed") != 0) { flow_user->guessed = 1; flow_user->detection_finished = 1; - } else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "not-detected") != 0) + } + else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "not-detected") != 0) { flow_user->detected = 0; flow_user->detection_finished = 1; - } else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "detected") != 0) + } + else if (TOKEN_VALUE_EQUALS_SZ(flow_event_name, "detected") != 0) { flow_user->detected = 1; flow_user->detection_finished = 1; - if (flow_user->packets != NULL) + if (TOKEN_GET_SZ(sock, "flow_risk") != NULL) { - utarray_free(flow_user->packets); - flow_user->packets = NULL; + flow_user->risky = 1; } - - return CALLBACK_OK; } if (flow_user->flow_new_seen == 0) @@ -350,23 +397,26 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock if (flow_user->packets == NULL || flow_user->flow_max_packets == 0 || utarray_len(flow_user->packets) == 0) { - printf("flow %llu: No packets captured.\n", flow->id_as_ull); - + syslog(LOG_DAEMON | LOG_ERR, "flow %llu: No packets captured.", flow->id_as_ull); return CALLBACK_OK; } if (flow_user->detection_finished != 0 && - (flow_user->guessed != 0 || flow_user->detected == 0)) + ((flow_user->guessed != 0 && process_guessed != 0) || + (flow_user->detected == 0 && process_undetected != 0) || (flow_user->risky != 0 && process_risky != 0) || + (flow_user->midstream != 0 && process_midstream != 0))) { packet_data_print(flow_user->packets); { char pcap_filename[64]; if (generate_pcap_filename(flow, flow_user, pcap_filename, sizeof(pcap_filename)) == NULL) { - fprintf(stderr, "%s\n", "Internal error, exit .."); + syslog(LOG_DAEMON | LOG_ERR, "%s", "Internal error, exit .."); return CALLBACK_ERROR; } - printf("flow %llu: save to %s\n", flow->id_as_ull, pcap_filename); +#ifdef VERBOSE + printf("flow %llu saved to %s\n", flow->id_as_ull, pcap_filename); +#endif if (packet_write_pcap_file(flow_user->packets, flow_user->flow_datalink, pcap_filename) != 0) { return CALLBACK_ERROR; @@ -409,26 +459,65 @@ static int parse_options(int argc, char ** argv) static char const usage[] = "Usage: %s " - "[-d] [-p pidfile] [-s host] [-R rotate-every-n-seconds] [-g] [-u]\n"; - - while ((opt = getopt(argc, argv, "hdp:s:R:g:u:")) != -1) + "[-d] [-p pidfile] [-s host] [-r rotate-every-n-seconds] [-u user] [-g group] [-D dir] [-G] [-U] [-R] [-M]\n\n" + "\t-d\tForking into background after initialization.\n" + "\t-p\tWrite the daemon PID to the given file path.\n" + "\t-s\tDestination where nDPIsrvd is listening on.\n" + "\t \tCan be either a path to UNIX socket or an IPv4/TCP-Port IPv6/TCP-Port tuple.\n" + "\t-r\tRotate PCAP files every n seconds\n" + "\t-u\tChange user.\n" + "\t-g\tChange group.\n" + "\t-D\tDatadir - Where to store PCAP files.\n" + "\t-G\tGuessed - Dump guessed flows to a PCAP file.\n" + "\t-U\tUndetected - Dump undetected flows to a PCAP file.\n" + "\t-R\tRisky - Dump risky flows to a PCAP file.\n" + "\t-M\tMidstream - Dump midstream flows to a PCAP file.\n"; + + while ((opt = getopt(argc, argv, "hdp:s:r:u:g:D:GURM")) != -1) { switch (opt) { case 'd': - daemonize = 1; + daemonize_enable(); break; case 'p': + free(pidfile); + pidfile = strdup(optarg); break; case 's': free(serv_optarg); serv_optarg = strdup(optarg); break; - case 'R': + case 'r': + if (perror_ull(str_value_to_ull(optarg, &pcap_filename_rotation), "pcap_filename_rotation") != + CONVERSION_OK) + { + return 1; + } + break; + case 'u': + free(user); + user = strdup(optarg); break; case 'g': + free(group); + group = strdup(optarg); break; - case 'u': + case 'D': + free(datadir); + datadir = strdup(optarg); + break; + case 'G': + process_guessed = 1; + break; + case 'U': + process_undetected = 1; + break; + case 'R': + process_risky = 1; + break; + case 'M': + process_midstream = 1; break; default: fprintf(stderr, usage, argv[0]); @@ -447,6 +536,17 @@ static int parse_options(int argc, char ** argv) return 1; } + if (datadir == NULL) + { + datadir = strdup(DEFAULT_DATADIR); + } + + if (process_guessed == 0 && process_undetected == 0 && process_risky == 0 && process_midstream == 0) + { + fprintf(stderr, "%s: Nothing to capture. Use at least one of -G / -U / -R / -M flags.\n", argv[0]); + return 1; + } + if (optind < argc) { fprintf(stderr, "Unexpected argument after options\n\n"); @@ -454,6 +554,13 @@ static int parse_options(int argc, char ** argv) return 1; } + errno = 0; + if (mkdir(datadir, S_IRWXU) != 0 && errno != EEXIST) + { + fprintf(stderr, "%s: Could not create directory %s: %s\n", argv[0], datadir, strerror(errno)); + return 1; + } + return 0; } @@ -468,21 +575,40 @@ int main(int argc, char ** argv) if (parse_options(argc, argv) != 0) { - fprintf(stderr, "%s: Could not parse command line arguments.\n", argv[0]); return 1; } + printf("Recv buffer size: %u\n", NETWORK_BUFFER_MAX_SIZE); + printf("Connecting to `%s'..\n", serv_optarg); + signal(SIGINT, sighandler); signal(SIGTERM, sighandler); signal(SIGPIPE, sighandler); - printf("Recv buffer size: %u\n", NETWORK_BUFFER_MAX_SIZE); - printf("Connecting to `%s'..\n", serv_optarg); - enum nDPIsrvd_connect_return connect_ret = nDPIsrvd_connect(sock); + if (daemonize_with_pidfile(pidfile) != 0) + { + return 1; + } + openlog("c-captured", LOG_CONS, LOG_DAEMON); + errno = 0; + if (user != NULL && change_user_group(user, group, pidfile, NULL, NULL) != 0) + { + if (errno != 0) + { + syslog(LOG_DAEMON | LOG_ERR, "Change user/group failed: %s", strerror(errno)); + } + else + { + syslog(LOG_DAEMON | LOG_ERR, "Change user/group failed."); + } + return 1; + } + + enum nDPIsrvd_connect_return connect_ret = nDPIsrvd_connect(sock); if (connect_ret != CONNECT_OK) { - fprintf(stderr, "%s: nDPIsrvd socket connect to %s failed!\n", argv[0], serv_optarg); + syslog(LOG_DAEMON | LOG_ERR, "%s: nDPIsrvd socket connect to %s failed!", argv[0], serv_optarg); nDPIsrvd_free(&sock); return 1; } @@ -493,19 +619,26 @@ int main(int argc, char ** argv) enum nDPIsrvd_read_return read_ret = nDPIsrvd_read(sock); if (read_ret != READ_OK) { - fprintf(stderr, "%s: nDPIsrvd read failed with: %s\n", argv[0], nDPIsrvd_enum_to_string(read_ret)); + syslog(LOG_DAEMON | LOG_ERR, + "%s: nDPIsrvd read failed with: %s", + argv[0], + nDPIsrvd_enum_to_string(read_ret)); break; } enum nDPIsrvd_parse_return parse_ret = nDPIsrvd_parse(sock); if (parse_ret != PARSE_OK) { - fprintf(stderr, "%s: nDPIsrvd parse failed with: %s\n", argv[0], nDPIsrvd_enum_to_string(parse_ret)); + syslog(LOG_DAEMON | LOG_ERR, + "%s: nDPIsrvd parse failed with: %s", + argv[0], + nDPIsrvd_enum_to_string(parse_ret)); break; } } nDPIsrvd_free(&sock); + closelog(); return 0; } @@ -36,8 +36,7 @@ enum nDPId_l3_type L3_IP6 }; -union nDPId_ip -{ +union nDPId_ip { struct { uint32_t ip; @@ -68,7 +67,8 @@ struct nDPId_flow_basic uint8_t l4_protocol; uint8_t tcp_fin_rst_seen : 1; uint8_t tcp_is_midstream_flow : 1; - uint8_t reserved_00[2]; + uint8_t reserved_00 : 6; + uint8_t reserved_01[2]; uint16_t src_port; uint16_t dst_port; uint64_t last_seen; @@ -84,34 +84,34 @@ struct nDPId_flow_info struct nDPId_flow_basic flow_basic; uint32_t flow_id; - unsigned long long int packets_processed; - uint64_t first_seen; uint16_t min_l4_data_len; uint16_t max_l4_data_len; + + unsigned long long int packets_processed; + uint64_t first_seen; + unsigned long long int total_l4_data_len; uint8_t detection_completed : 1; - uint8_t reserved_00[3]; + uint8_t reserved_00 : 7; + uint8_t reserved_01[3]; uint32_t last_ndpi_flow_struct_hash; struct ndpi_proto detected_l7_protocol; struct ndpi_proto guessed_l7_protocol; - union - { + union { uint8_t ndpi_flow_raw[SIZEOF_FLOW_STRUCT]; struct ndpi_flow_struct ndpi_flow; }; - union - { + union { uint8_t ndpi_src_raw[SIZEOF_ID_STRUCT]; struct ndpi_id_struct ndpi_src; }; - union - { + union { uint8_t ndpi_dst_raw[SIZEOF_ID_STRUCT]; struct ndpi_id_struct ndpi_dst; }; @@ -122,6 +122,7 @@ struct nDPId_workflow pcap_t * pcap_handle; int error_or_eof; + int reserved_00; unsigned long long int packets_captured; unsigned long long int packets_processed; @@ -216,8 +217,9 @@ enum daemon_event DAEMON_EVENT_COUNT }; -static char const * const packet_event_name_table[PACKET_EVENT_COUNT] = { - [PACKET_EVENT_INVALID] = "invalid", [PACKET_EVENT_PAYLOAD] = "packet", [PACKET_EVENT_PAYLOAD_FLOW] = "packet-flow"}; +static char const * const packet_event_name_table[PACKET_EVENT_COUNT] = {[PACKET_EVENT_INVALID] = "invalid", + [PACKET_EVENT_PAYLOAD] = "packet", + [PACKET_EVENT_PAYLOAD_FLOW] = "packet-flow"}; static char const * const flow_event_name_table[FLOW_EVENT_COUNT] = {[FLOW_EVENT_INVALID] = "invalid", [FLOW_EVENT_NEW] = "new", @@ -597,7 +599,7 @@ static struct nDPId_workflow * init_workflow(char const * const file_or_device) { ndpi_load_categories_file(workflow->ndpi_struct, custom_categories_file); } - ndpi_finalize_initalization(workflow->ndpi_struct); + ndpi_finalize_initialization(workflow->ndpi_struct); ndpi_set_detection_preferences(workflow->ndpi_struct, ndpi_pref_enable_tls_block_dissection, 1); diff --git a/nDPIsrvd.c b/nDPIsrvd.c index 2e19c115a..030393bfd 100644 --- a/nDPIsrvd.c +++ b/nDPIsrvd.c @@ -61,7 +61,9 @@ static int log_to_stderr = 0; static char * pidfile = NULL; static char * json_sockpath = NULL; static char * serv_optarg = NULL; -static struct nDPIsrvd_address serv_address = { .raw.sa_family = 0xFFFF, }; +static struct nDPIsrvd_address serv_address = { + .raw.sa_family = 0xFFFF, +}; static int json_sockfd; static int serv_sockfd; static char * user = NULL; @@ -96,14 +98,16 @@ static int create_listen_sockets(void) if (bind(json_sockfd, (struct sockaddr *)&json_addr, sizeof(json_addr)) < 0) { unlink(json_sockpath); - syslog(LOG_DAEMON | LOG_ERR, "Error on binding UNIX socket (collector) to %s: %s", json_sockpath, strerror(errno)); + syslog(LOG_DAEMON | LOG_ERR, + "Error on binding UNIX socket (collector) to %s: %s", + json_sockpath, + strerror(errno)); return 1; } if (bind(serv_sockfd, &serv_address.raw, serv_address.size) < 0) { - syslog(LOG_DAEMON | LOG_ERR, - "Error on binding socket (distributor) to %s: %s", serv_optarg, strerror(errno)); + syslog(LOG_DAEMON | LOG_ERR, "Error on binding socket (distributor) to %s: %s", serv_optarg, strerror(errno)); unlink(json_sockpath); return 1; } @@ -326,7 +330,8 @@ int main(int argc, char ** argv) } errno = 0; - if (change_user_group(user, group, pidfile, json_sockpath, (serv_address.raw.sa_family == AF_UNIX ? serv_optarg : NULL)) != 0) + if (change_user_group( + user, group, pidfile, json_sockpath, (serv_address.raw.sa_family == AF_UNIX ? serv_optarg : NULL)) != 0) { if (errno != 0) { |