Merge pull request #18 from git-hulk/fix/determine-packet-type

MOD: determine the packet type

Author: git-hulk

README.md

@@ -6,7 +6,7 @@ A tool to capture tcp packets and analyze the packets with LUA.
 
 ```
 TCPKIT is a tool to capture tcp packets and analyze the packets with lua.
-	-s which server ip to monitor, e.g. 192.168.1.2,192.168.1.3
+	-s which server ip to monitor, must specify when runing in client side. e.g. 192.168.1.2,192.168.1.3 
 	-p which n_latency to monitor, e.g. 6379,6380
 	-P stats listen port, default is 33333
 	-i network card interface, e.g. bond0, lo, em0... see 'ifconfig'
@@ -36,7 +36,7 @@ $ sudo make && make install
 Supports Redis/Memcached/DNS protocol now, we take Redis as example here: 
 
 ```
-$ sudo tcpkit -i em1 -p 6379,6380,6381 -t 10 -m redis
+$ sudo tcpkit -i em1 -s 192.168.1.2 -p 6379,6380,6381 -t 10 -m redis
 ```
 
 and the request latency more than 10ms would be printed, like below:
@@ -48,6 +48,7 @@ and the request latency more than 10ms would be printed, like below:
 
 Tcpkit would print all requests if the `-t` option wasn't set.
 If tcpkit was deployed client-side, use the `-s` option to specify the server host/ip.
+> Caution: `-s` option should be specified when tcpkit is running in client side or decode packets from offline pcap.
 
 ## Use lua to analyze packets
 

src/hashtable.c

@@ -92,13 +92,18 @@ void hashtable_destroy(hashtable *ht) {
 }
 
 int hashtable_add(hashtable *ht, char *key, void *value) {
-    int bucket;
+    int bucket, key_size, current_key_size;
     entry *current;
 
+    key_size = strlen(key);
     bucket = hash_function(key, strlen(key)) % ht->nbucket;
     current = ht->buckets[bucket];
     while (current) {
-        if (!strncasecmp(key, current->key, strlen(current->key))) return 0;
+        current_key_size = strlen(current->key);
+        if (key_size == current_key_size
+            && !strncmp(key, current->key, key_size)){
+            return 0;
+        }
         current = current->next;
     }
     entry *e = malloc(sizeof(*e));
@@ -110,39 +115,45 @@ int hashtable_add(hashtable *ht, char *key, void *value) {
 }
 
 void *hashtable_get(hashtable *ht, char *key) {
-    int bucket;
+    int bucket, key_size, current_key_size;
     entry *current;
 
-    bucket = hash_function(key, strlen(key)) % ht->nbucket;
+    key_size = strlen(key);
+    bucket = hash_function(key, key_size) % ht->nbucket;
     current = ht->buckets[bucket];
     while(current) {
-        if (!strncasecmp(key, current->key, strlen(current->key))) {
-           return current->value;
+        current_key_size = strlen(current->key);
+        if (current_key_size == key_size
+            && !strncmp(key, current->key, key_size)) {
+            return current->value;
         }
         current = current->next;
     }
     return NULL;
 }
 
 int hashtable_del(hashtable *ht, char *key) {
-    int bucket;
-    entry *next, *prev;
+    int bucket, key_size=strlen(key), current_key_size;
+    entry *current, *prev;
 
-    bucket = hash_function(key, strlen(key)) % ht->nbucket;
-    prev = next = ht->buckets[bucket];
-    while (next) {
-        if (!strncasecmp(key, next->key, strlen(next->key))) {
-            prev->next = next->next;
-            free(next->key);
-            ht->free ? ht->free(next->value):free(next->value);
-            free(next);
-            if (prev == ht->buckets[bucket]) {
+    bucket = hash_function(key, key_size) % ht->nbucket;
+    prev = current = ht->buckets[bucket];
+
+    while (current) {
+        current_key_size = strlen(current->key);
+        if (key_size == current_key_size
+            && !strncmp(key, current->key, key_size)) {
+            prev->next = current->next;
+            if (current == ht->buckets[bucket]) {
                ht->buckets[bucket] = NULL;
             }
+            free(current->key);
+            ht->free ? ht->free(current->value):free(current->value);
+            free(current);
             return 1;
         }
-        prev = next;
-        next = next->next;
+        prev = current;
+        current = current->next;
     }
     return 0;
 }

src/packet.c

@@ -232,11 +232,15 @@ static void process_udp_packet(server *srv, user_packet *packet) {
 }
 
 static int8_t is_request(server *srv, user_packet *packet) {
+    int i;
+
     if (packet->sport != packet->dport) {
         return port_in_target(srv, packet->dport) != -1;
     }
-    // TODO; corner case src port == dst port
-    return 1;
+    for (i = 0; i < srv->n_server; i++) {
+        if (srv->servers[i].s_addr == packet->dip.s_addr) return 1;
+    }
+    return 0;
 }
 
 void extract_packet_handler(unsigned char *user,

src/server.c

@@ -26,6 +26,7 @@
 #include <lua.h>
 #include <pcap/pcap.h>
 #include <netinet/in.h>
+#include <arpa/inet.h>
 
 #include "server.h"
 #include "tcpikt.h"
@@ -36,12 +37,40 @@
 #include "logger.h"
 
 int server_init(server *srv) {
+    int i, n_server;
+    char *server_str;
+    struct array *local_addresses;
+
     srv->stop = 0;
     srv->req_ht = hashtable_create(102400);
     if (!srv->req_ht) return -1;
     srv->st = stats_create(array_used(srv->opts->ports));
     if (!srv->st) return -1;
     server_create_stats_thread(srv);
+
+    srv->n_server = 0;
+    srv->servers = NULL;
+    n_server = array_used(srv->opts->servers);
+    if (n_server > 0) {
+        srv->n_server = n_server;
+        srv->servers = malloc(n_server * sizeof(struct in_addr));
+        for (i = 0; i < n_server; i++) {
+            server_str = *(char **)array_pos(srv->opts->servers, i);
+            inet_pton(AF_INET, server_str, &srv->servers[i]);
+        }
+    } else {
+        // fetch server ip from nic
+        local_addresses = get_addresses_from_device();
+        if (local_addresses) {
+            srv->n_server = array_used(local_addresses);
+            srv->servers = malloc(srv->n_server * sizeof(struct in_addr));
+            for (i = 0; i < srv->n_server; i++) {
+                memcpy(&srv->servers[i], (struct in_addr*)array_pos(local_addresses, i),
+                        sizeof(struct in_addr));
+            }
+            array_dealloc(local_addresses);
+        }
+    }
     return 0;
 }
 
@@ -55,6 +84,7 @@ void server_deinit(server *srv) {
     if (srv->filter) free(srv->filter);
     if (srv->st) stats_destroy(srv->st);
     if (srv->req_ht) hashtable_destroy(srv->req_ht);
+    if (srv->servers) free(srv->servers);
 
     options *opts = srv->opts;
     if (opts) {

src/tcpikt.h

@@ -52,6 +52,8 @@ typedef struct {
     hashtable *req_ht;
     pthread_t stats_tid;
     int stop;
+    struct in_addr *servers;
+    int n_server;
 } server;
 
 typedef enum {

src/util.c

@@ -16,6 +16,11 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <ifaddrs.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
 
 #include "util.h"
 #include "array.h"
@@ -63,3 +68,26 @@ void free_split_string(struct array *arr) {
     }
     array_dealloc(arr);
 }
+
+struct array *get_addresses_from_device() {
+    struct ifaddrs *if_addrs, *ifa;
+    struct in_addr in_addr;
+    struct array *addrs;
+    char *elem;
+
+    if (getifaddrs(&if_addrs) == -1) {
+        return NULL;
+    }
+    addrs = array_alloc(sizeof(struct in_addr), 5);
+    for (ifa = if_addrs; ifa; ifa = ifa->ifa_next) {
+        if (!ifa->ifa_addr) continue;
+        if (ifa->ifa_addr->sa_family == AF_INET || ifa->ifa_addr->sa_family == AF_INET6) {
+            in_addr = ((struct sockaddr_in*)ifa->ifa_addr)->sin_addr;
+            if (!in_addr.s_addr) continue;
+            elem = array_push(addrs);
+            memcpy(elem, &in_addr, sizeof(struct in_addr));
+        }
+    }
+    freeifaddrs(if_addrs);
+    return addrs;
+}

src/util.h

@@ -17,6 +17,9 @@
 #ifndef TCPKIT_UTIL_H
 #define TCPKIT_UTIL_H
 
+#include "array.h"
+
 struct array *split_string(char *input, char delim);
 void free_split_string(struct array *arr);
+struct array *get_addresses_from_device();
 #endif //TCPKIT_UTIL_H