update for t9

diff --git a/Makefile b/Makefile
deleted file mode 100644 (file)
index c153c05..0000000
--- a/Makefile
+++ /dev/null
@@ -1,11 +0,0 @@
-SRC        := p0f-client-exim.c
-OUT        := p0f-client-exim
-CC         := /home/zamnedix/local/1/bin/gcc
-CFLAGS     := -O2 -march=native -pipe
-DBG_CFLAGS := -Wall -Og -ggdb
-
-all:
-       ${CC} ${CFLAGS}     ${SRC} -o ${OUT}
-debug:
-       ${CC} ${DBG_CFLAGS} ${SRC} -o ${OUT}
-

diff --git a/README b/README
new file mode 100644 (file)
index 0000000..b285b36
--- /dev/null
+++ b/README
@@ -0,0 +1,3 @@
+p0f client patched to only print the os.
+patch is against 3.09b-1 in trisquel 9.
+simply apt-get source, replace the file and run make.

diff --git a/p0f-client-exim.c b/p0f-client.c
similarity index 71%
rename from p0f-client-exim.c
rename to p0f-client.c
index 9d2711c48df3d1e8c3c75696c1dc25563d72b7a2..d53bda6a23c25bdbc17babf91684d61e21d9d1e8 100644 (file)
--- a/p0f-client-exim.c
+++ b/p0f-client.c
@@ -38,15 +38,11 @@ static void parse_addr4(char* str, u8* ret) {
 
   u32 a1, a2, a3, a4;
 
-  if (sscanf(str, "%u.%u.%u.%u", &a1, &a2, &a3, &a4) != 4) {
-    SAYF("Malformed IPv4 address.");
-    exit(1);
-  }
+  if (sscanf(str, "%u.%u.%u.%u", &a1, &a2, &a3, &a4) != 4)
+    FATAL("Malformed IPv4 address.");
 
-  if (a1 > 255 || a2 > 255 || a3 > 255 || a4 > 255) {
-    SAYF("Malformed IPv4 address.");
-    exit(1);
-  }
+  if (a1 > 255 || a2 > 255 || a3 > 255 || a4 > 255)
+    FATAL("Malformed IPv4 address.");
 
   ret[0] = a1;
   ret[1] = a2;
@@ -59,17 +55,29 @@ static void parse_addr4(char* str, u8* ret) {
 /* Parse IPv6 address into a buffer. */
 
 static void parse_addr6(char* str, u8* ret) {
-  struct in6_addr ip;
-  int8_t r = inet_pton(AF_INET6, str, &ip);
-  if    (r == -1) {
-    SAYF("parse_addr6: error while converting IPv6 address to binary format: %s", strerror(errno));
-  }
-  else if (r == 0) {
-    SAYF("parse_addr6: passed invalid IPv6 address");
+
+  u32 seg = 0;
+  u32 val;
+
+  while (*str) {
+
+    if (seg == 8) FATAL("Malformed IPv6 address (too many segments).");
+
+    if (sscanf((char*)str, "%x", &val) != 1 ||
+        val > 65535) FATAL("Malformed IPv6 address (bad octet value).");
+
+    ret[seg * 2] = val >> 8;
+    ret[seg * 2 + 1] = val;
+
+    seg++;
+
+    while (isxdigit(*str)) str++;
+    if (*str) str++;
+
   }
-  memcpy(ret, &ip, 16);
 
-  return;
+  if (seg != 8) FATAL("Malformed IPv6 address (don't abbreviate).");
+
 }
 
 
@@ -107,47 +115,31 @@ int main(int argc, char** argv) {
 
   sock = socket(PF_UNIX, SOCK_STREAM, 0);
 
-  if (sock < 0) {
-    SAYF("Call to socket() failed.");
-               return 1;
-       }
+  if (sock < 0) PFATAL("Call to socket() failed.");
 
   sun.sun_family = AF_UNIX;
 
-  if (strlen(argv[1]) >= sizeof(sun.sun_path)) {
-    SAYF("API socket filename is too long for sockaddr_un (blame Unix).");
-    return 1;
-  }
+  if (strlen(argv[1]) >= sizeof(sun.sun_path))
+    FATAL("API socket filename is too long for sockaddr_un (blame Unix).");
 
   strcpy(sun.sun_path, argv[1]);
 
-  if (connect(sock, (struct sockaddr*)&sun, sizeof(sun))) {
-    SAYF("Can't connect to API socket.");
-               return 1;
-       }
+  if (connect(sock, (struct sockaddr*)&sun, sizeof(sun)))
+    PFATAL("Can't connect to API socket.");
 
   if (write(sock, &q, sizeof(struct p0f_api_query)) !=
-      sizeof(struct p0f_api_query)) {
-    SAYF("Short write to API socket.");
-    return 1;
-  }
+      sizeof(struct p0f_api_query)) FATAL("Short write to API socket.");
 
   if (read(sock, &r, sizeof(struct p0f_api_response)) !=
-      sizeof(struct p0f_api_response)) {
-    SAYF("Short read from API socket.");
-  }
-  
+      sizeof(struct p0f_api_response)) FATAL("Short read from API socket.");
+
   close(sock);
 
-  if (r.magic != P0F_RESP_MAGIC) {
-    SAYF("Bad response magic (0x%08x).\n", r.magic);
-    return 1;
-  }
+  if (r.magic != P0F_RESP_MAGIC)
+    FATAL("Bad response magic (0x%08x).\n", r.magic);
 
-  if (r.status == P0F_STATUS_BADQUERY) {
-    SAYF("P0f did not understand the query.\n");
-               return 1;
-       }
+  if (r.status == P0F_STATUS_BADQUERY)
+    FATAL("P0f did not understand the query.\n");
 
   if (r.status == P0F_STATUS_NOMATCH) {
     SAYF("No matching host in p0f cache. That's all we know.\n");
@@ -158,7 +150,7 @@ int main(int argc, char** argv) {
   t = localtime(&ut);
   strftime((char*)tmp, 128, "%Y/%m/%d %H:%M:%S", t);
 
-//  SAYF("First seen    = %s\n", tmp);
+  SAYF("First seen    = %s\n", tmp);
 
   ut = r.last_seen;
   t = localtime(&ut);
@@ -169,9 +161,9 @@ int main(int argc, char** argv) {
 //  SAYF("Total flows   = %u\n", r.total_conn);
 
   if (!r.os_name[0])
-    SAYF("Genre and OS details not recognized.");
+    SAYF("Detected OS   = ???\n");
   else
-    SAYF("%s %s%s%s", r.os_name, r.os_flavor,
+    SAYF("Detected OS   = %s %s%s%s\n", r.os_name, r.os_flavor,
          (r.os_match_q & P0F_MATCH_GENERIC) ? " [generic]" : "",
          (r.os_match_q & P0F_MATCH_FUZZY) ? " [fuzzy]" : "");
 
@@ -212,7 +204,7 @@ int main(int argc, char** argv) {
 //  }
 //
 //  if (r.uptime_min) {
-//    SAYF("Uptime        = %u days %u hrs %u min (modulo %u days)\n", 
+//    SAYF("Uptime        = %u days %u hrs %u min (modulo %u days)\n",
 //         r.uptime_min / 60 / 24, (r.uptime_min / 60) % 24, r.uptime_min % 60,
 //         r.up_mod_days);
 //  }
@@ -220,4 +212,3 @@ int main(int argc, char** argv) {
   return 0;
 
 }
-