Ejemplo n.º 1
0
 def __init__(self, options):
     Subject.__init__(self)
     self.log = logging.getLogger("mallorymain")
     config.logsetup(self.log)
     self.configured_protos = []
     self.configured_plugin_managers = []
     self.protoinstances = []
     self.opts = options.options
     self.dbname = self.opts.trafficdb
     self.debugon = False
     self.debugger = Debugger()
     self.config_protocols = config_proto.ConfigProtocols()
     self.config_rules = config_rule.ConfigRules()
     self.rpcserver = rpc.RPCServer()
     self.nftool = netfilter.NetfilterTool()
Ejemplo n.º 2
0
    def forward_any(self):
        #TODO: Debugger support for UDP
        self.log.info("UDPProtocol: Starting main UDP thread")
        nftool = netfilter.NetfilterTool()
           
        while True:
            try:
                # Get the packet and client address
                self.log.debug("UDPProtocol[m]: Waiting for data")
                pkt, caddr  = self.source.recvfrom(65507)
                self.log.debug("UDPProtocol[m]: %s sent us %s" 
                               % (caddr, repr(pkt[:32])))
                
                # Get real destiation
                rdst, rpt = nftool.getrealdest_ct(caddr[0], caddr[1])        
                raddr = (rdst, rpt)
                
                conndata = ConnData({'clientip' : caddr[0], \
                        'clientport' : caddr[1], \
                        'serverip' : rdst, 'serverport' : rpt, \
                        'conncount' : 1, 'direction' : 'c2s' })
                dgram_time = time.time() 
                
                if self.rules is not None:
                    pkt = self.processrules(pkt, conndata, dgram_time)


                tdata = (caddr[0], caddr[1], rdst, rpt, "c2s", repr(pkt), 
                         dgram_time)
                self.trafficdb.dgram.put(tdata)                  
                self.log.debug("UDPProtocol[m]: sending data from %s to %s" 
                               % (caddr, raddr))
                
                # See if we have a session for this caddr                           
                sport = self.getsession(caddr)                        
                                
                self.log.debug("UDPProtocol[m]: self.getssion returned %d" 
                               % (sport))
                
                if sport != 0:
                    dest = self.session[sport][2]
                    bsent = dest.sendto(pkt, raddr)              
                else:
                    dest = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
                    dest.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
                    sport = random.randrange(40000, 60001)
                    
                    # TODO: This should be in a try/catch loop in case there is
                    # an error binding on a port. Existing ports in use by other
                    # UDP sessions must also be checked.
                    dest.bind(("", sport))
                                        
                    self.log.debug("UDPProtocol[m]: main thrd sending data to " \
                                   "%s,%s " % (raddr[0],raddr[1]))
                                     
                    dest.sendto(pkt, raddr)
                    
                    
                    self.log.debug("UDPProtocol[m]: no session found for caddr " \
                                    "%s. Creating one on sport=%d" 
                                    % (caddr, sport))
                               
                    # TODO: Create a fresh protocol instance and store it with
                    # the session. This will be used to maintain "state" and
                    # history within a protocol instance object for more complex
                    # protocols like SIP/RTP, etc.          
                    self.addsession(caddr, raddr, sport, dest)
                    
                    #self.log.debug("UDPProtocol: added session")
                                      
                    thread.start_new_thread(self.spawn_recv_thread, 
                                                    (dest, caddr, raddr, sport))
                    
                    #self.log.debug("UDPProtocol: spawned new receive thread")
                    
            except:
                self.log.warn("***************************ARGH")
                traceback.print_exc()