def __init__(self, options):
Subject.__init__(self)
self.log = logging.getLogger("mallorymain")
config.logsetup(self.log)
self.configured_protos = []
self.configured_plugin_managers = []
self.protoinstances = []
self.opts = options.options
self.dbname = self.opts.trafficdb
self.debugon = False
self.debugger = Debugger()
self.config_protocols = config_proto.ConfigProtocols()
self.config_rules = config_rule.ConfigRules()
self.rpcserver = rpc.RPCServer()
self.nftool = netfilter.NetfilterTool()
def forward_any(self):
#TODO: Debugger support for UDP
self.log.info("UDPProtocol: Starting main UDP thread")
nftool = netfilter.NetfilterTool()
while True:
try:
# Get the packet and client address
self.log.debug("UDPProtocol[m]: Waiting for data")
pkt, caddr = self.source.recvfrom(65507)
self.log.debug("UDPProtocol[m]: %s sent us %s"
% (caddr, repr(pkt[:32])))
# Get real destiation
rdst, rpt = nftool.getrealdest_ct(caddr[0], caddr[1])
raddr = (rdst, rpt)
conndata = ConnData({'clientip' : caddr[0], \
'clientport' : caddr[1], \
'serverip' : rdst, 'serverport' : rpt, \
'conncount' : 1, 'direction' : 'c2s' })
dgram_time = time.time()
if self.rules is not None:
pkt = self.processrules(pkt, conndata, dgram_time)
tdata = (caddr[0], caddr[1], rdst, rpt, "c2s", repr(pkt),
dgram_time)
self.trafficdb.dgram.put(tdata)
self.log.debug("UDPProtocol[m]: sending data from %s to %s"
% (caddr, raddr))
# See if we have a session for this caddr
sport = self.getsession(caddr)
self.log.debug("UDPProtocol[m]: self.getssion returned %d"
% (sport))
if sport != 0:
dest = self.session[sport][2]
bsent = dest.sendto(pkt, raddr)
else:
dest = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
dest.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
sport = random.randrange(40000, 60001)
# TODO: This should be in a try/catch loop in case there is
# an error binding on a port. Existing ports in use by other
# UDP sessions must also be checked.
dest.bind(("", sport))
self.log.debug("UDPProtocol[m]: main thrd sending data to " \
"%s,%s " % (raddr[0],raddr[1]))
dest.sendto(pkt, raddr)
self.log.debug("UDPProtocol[m]: no session found for caddr " \
"%s. Creating one on sport=%d"
% (caddr, sport))
# TODO: Create a fresh protocol instance and store it with
# the session. This will be used to maintain "state" and
# history within a protocol instance object for more complex
# protocols like SIP/RTP, etc.
self.addsession(caddr, raddr, sport, dest)
#self.log.debug("UDPProtocol: added session")
thread.start_new_thread(self.spawn_recv_thread,
(dest, caddr, raddr, sport))
#self.log.debug("UDPProtocol: spawned new receive thread")
except:
self.log.warn("***************************ARGH")
traceback.print_exc()