]> git.saurik.com Git - apple/mdnsresponder.git/blob - mDNSPosix/NetMonitor.c
projects / apple / mdnsresponder.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mDNSResponder-176.3.tar.gz
[apple/mdnsresponder.git] / mDNSPosix / NetMonitor.c
1 /* -*- Mode: C; tab-width: 4 -*-
2 *
3 * Copyright (c) 2002-2004 Apple Computer, Inc. All rights reserved.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 * Formatting notes:
18 * This code follows the "Whitesmiths style" C indentation rules. Plenty of discussion
19 * on C indentation can be found on the web, such as <http://www.kafejo.com/komp/1tbs.htm>,
20 * but for the sake of brevity here I will say just this: Curly braces are not syntactially
21 * part of an "if" statement; they are the beginning and ending markers of a compound statement;
22 * therefore common sense dictates that if they are part of a compound statement then they
23 * should be indented to the same level as everything else in that compound statement.
24 * Indenting curly braces at the same level as the "if" implies that curly braces are
25 * part of the "if", which is false. (This is as misleading as people who write "char* x,y;"
26 * thinking that variables x and y are both of type "char*" -- and anyone who doesn't
27 * understand why variable y is not of type "char*" just proves the point that poor code
28 * layout leads people to unfortunate misunderstandings about how the C language really works.)
29
30 Change History (most recent first):
31
32 $Log: NetMonitor.c,v $
33 Revision 1.89 2007/05/17 19:12:42 cheshire
34 Tidy up code layout
35
36 Revision 1.88 2007/04/22 20:16:25 cheshire
37 Fix compiler errors (const parameter declarations)
38
39 Revision 1.87 2007/04/16 20:49:39 cheshire
40 Fix compile errors for mDNSPosix build
41
42 Revision 1.86 2007/03/22 18:31:48 cheshire
43 Put dst parameter first in mDNSPlatformStrCopy/mDNSPlatformMemCopy, like conventional Posix strcpy/memcpy
44
45 Revision 1.85 2007/02/28 01:51:22 cheshire
46 Added comment about reverse-order IP address
47
48 Revision 1.84 2007/01/05 08:30:52 cheshire
49 Trim excessive "$Log" checkin history from before 2006
50 (checkin history still available via "cvs log ..." of course)
51
52 Revision 1.83 2006/11/18 05:01:32 cheshire
53 Preliminary support for unifying the uDNS and mDNS code,
54 including caching of uDNS answers
55
56 Revision 1.82 2006/08/14 23:24:46 cheshire
57 Re-licensed mDNSResponder daemon source code under Apache License, Version 2.0
58
59 Revision 1.81 2006/07/06 00:01:44 cheshire
60 <rdar://problem/4472014> Add Private DNS client functionality to mDNSResponder
61 Update mDNSSendDNSMessage() to use uDNS_TCPSocket type instead of "int"
62
63 Revision 1.80 2006/06/12 18:22:42 cheshire
64 <rdar://problem/4580067> mDNSResponder building warnings under Red Hat 64-bit (LP64) Linux
65
66 Revision 1.79 2006/04/26 20:48:33 cheshire
67 Make final count of unique source addresses show IPv4 and IPv6 counts separately
68
69 Revision 1.78 2006/04/25 00:42:24 cheshire
70 Add ability to specify a single interface index to capture on,
71 e.g. typically "-i 4" for Ethernet and "-i 5" for AirPort
72
73 Revision 1.77 2006/03/02 21:50:45 cheshire
74 Removed strange backslash at the end of a line
75
76 Revision 1.76 2006/02/23 23:38:43 cheshire
77 <rdar://problem/4427969> On FreeBSD 4 "arpa/inet.h" requires "netinet/in.h" be included first
78
79 Revision 1.75 2006/01/05 22:33:58 cheshire
80 Use IFNAMSIZ (more portable) instead of IF_NAMESIZE
81
82 */
83
84 //*************************************************************************************************************
85 // Incorporate mDNS.c functionality
86
87 // We want to use much of the functionality provided by "mDNS.c",
88 // except we'll steal the packets that would be sent to normal mDNSCoreReceive() routine
89 #define mDNSCoreReceive __NOT__mDNSCoreReceive__NOT__
90 #include "mDNS.c"
91 #undef mDNSCoreReceive
92
93 //*************************************************************************************************************
94 // Headers
95
96 #include <stdio.h> // For printf()
97 #include <stdlib.h> // For malloc()
98 #include <string.h> // For bcopy()
99 #include <time.h> // For "struct tm" etc.
100 #include <signal.h> // For SIGINT, SIGTERM
101 #include <netdb.h> // For gethostbyname()
102 #include <sys/socket.h> // For AF_INET, AF_INET6, etc.
103 #include <net/if.h> // For IF_NAMESIZE
104 #include <netinet/in.h> // For INADDR_NONE
105 #include <arpa/inet.h> // For inet_addr()
106
107 #include "mDNSPosix.h" // Defines the specific types needed to run mDNS on this platform
108 #include "ExampleClientApp.h"
109
110 //*************************************************************************************************************
111 // Types and structures
112
113 enum
114 {
115 // Primitive operations
116 OP_probe = 0,
117 OP_goodbye = 1,
118
119 // These are meta-categories;
120 // Query and Answer operations are actually subdivided into two classes:
121 // Browse query/answer and
122 // Resolve query/answer
123 OP_query = 2,
124 OP_answer = 3,
125
126 // The "Browse" variants of query/answer
127 OP_browsegroup = 2,
128 OP_browseq = 2,
129 OP_browsea = 3,
130
131 // The "Resolve" variants of query/answer
132 OP_resolvegroup = 4,
133 OP_resolveq = 4,
134 OP_resolvea = 5,
135
136 OP_NumTypes = 6
137 };
138
139 typedef struct ActivityStat_struct ActivityStat;
140 struct ActivityStat_struct
141 {
142 ActivityStat *next;
143 domainname srvtype;
144 int printed;
145 int totalops;
146 int stat[OP_NumTypes];
147 };
148
149 typedef struct FilterList_struct FilterList;
150 struct FilterList_struct
151 {
152 FilterList *next;
153 mDNSAddr FilterAddr;
154 };
155
156 //*************************************************************************************************************
157 // Constants
158
159 #define kReportTopServices 15
160 #define kReportTopHosts 15
161
162 //*************************************************************************************************************
163 // Globals
164
165 static mDNS mDNSStorage; // mDNS core uses this to store its globals
166 static mDNS_PlatformSupport PlatformStorage; // Stores this platform's globals
167 mDNSexport const char ProgramName[] = "mDNSNetMonitor";
168
169 struct timeval tv_start, tv_end, tv_interval;
170 static int FilterInterface = 0;
171 static FilterList *Filters;
172 #define ExactlyOneFilter (Filters && !Filters->next)
173
174 static int NumPktQ, NumPktL, NumPktR, NumPktB; // Query/Legacy/Response/Bad
175 static int NumProbes, NumGoodbyes, NumQuestions, NumLegacy, NumAnswers, NumAdditionals;
176
177 static ActivityStat *stats;
178
179 #define OPBanner "Total Ops Probe Goodbye BrowseQ BrowseA ResolveQ ResolveA"
180
181 //*************************************************************************************************************
182 // Utilities
183
184 // Special version of printf that knows how to print IP addresses, DNS-format name strings, etc.
185 mDNSlocal mDNSu32 mprintf(const char *format, ...) IS_A_PRINTF_STYLE_FUNCTION(1,2);
186 mDNSlocal mDNSu32 mprintf(const char *format, ...)
187 {
188 mDNSu32 length;
189 unsigned char buffer[512];
190 va_list ptr;
191 va_start(ptr,format);
192 length = mDNS_vsnprintf((char *)buffer, sizeof(buffer), format, ptr);
193 va_end(ptr);
194 printf("%s", buffer);
195 return(length);
196 }
197
198 //*************************************************************************************************************
199 // Host Address List
200 //
201 // Would benefit from a hash
202
203 typedef enum
204 {
205 HostPkt_Q = 0, // Query
206 HostPkt_L = 1, // Legacy Query
207 HostPkt_R = 2, // Response
208 HostPkt_B = 3, // Bad
209 HostPkt_NumTypes = 4
210 } HostPkt_Type;
211
212 typedef struct
213 {
214 mDNSAddr addr;
215 unsigned long pkts[HostPkt_NumTypes];
216 unsigned long totalops;
217 unsigned long stat[OP_NumTypes];
218 domainname hostname;
219 domainname revname;
220 UTF8str255 HIHardware;
221 UTF8str255 HISoftware;
222 mDNSu32 NumQueries;
223 mDNSs32 LastQuery;
224 } HostEntry;
225
226 #define HostEntryTotalPackets(H) ((H)->pkts[HostPkt_Q] + (H)->pkts[HostPkt_L] + (H)->pkts[HostPkt_R] + (H)->pkts[HostPkt_B])
227
228 typedef struct
229 {
230 long num;
231 long max;
232 HostEntry *hosts;
233 } HostList;
234
235 static HostList IPv4HostList = { 0, 0, 0 };
236 static HostList IPv6HostList = { 0, 0, 0 };
237
238 mDNSlocal HostEntry *FindHost(const mDNSAddr *addr, HostList *list)
239 {
240 long i;
241
242 for (i = 0; i < list->num; i++)
243 {
244 HostEntry *entry = list->hosts + i;
245 if (mDNSSameAddress(addr, &entry->addr))
246 return entry;
247 }
248
249 return NULL;
250 }
251
252 mDNSlocal HostEntry *AddHost(const mDNSAddr *addr, HostList *list)
253 {
254 int i;
255 HostEntry *entry;
256 if (list->num >= list->max)
257 {
258 long newMax = list->max + 64;
259 HostEntry *newHosts = realloc(list->hosts, newMax * sizeof(HostEntry));
260 if (newHosts == NULL)
261 return NULL;
262 list->max = newMax;
263 list->hosts = newHosts;
264 }
265
266 entry = list->hosts + list->num++;
267
268 entry->addr = *addr;
269 for (i=0; i<HostPkt_NumTypes; i++) entry->pkts[i] = 0;
270 entry->totalops = 0;
271 for (i=0; i<OP_NumTypes; i++) entry->stat[i] = 0;
272 entry->hostname.c[0] = 0;
273 entry->revname.c[0] = 0;
274 entry->HIHardware.c[0] = 0;
275 entry->HISoftware.c[0] = 0;
276 entry->NumQueries = 0;
277
278 if (entry->addr.type == mDNSAddrType_IPv4)
279 {
280 mDNSv4Addr ip = entry->addr.ip.v4;
281 char buffer[32];
282 // Note: This is reverse order compared to a normal dotted-decimal IP address, so we can't use our customary "%.4a" format code
283 mDNS_snprintf(buffer, sizeof(buffer), "%d.%d.%d.%d.in-addr.arpa.", ip.b[3], ip.b[2], ip.b[1], ip.b[0]);
284 MakeDomainNameFromDNSNameString(&entry->revname, buffer);
285 }
286
287 return(entry);
288 }
289
290 mDNSlocal HostEntry *GotPacketFromHost(const mDNSAddr *addr, HostPkt_Type t, mDNSOpaque16 id)
291 {
292 if (ExactlyOneFilter) return(NULL);
293 else
294 {
295 HostList *list = (addr->type == mDNSAddrType_IPv4) ? &IPv4HostList : &IPv6HostList;
296 HostEntry *entry = FindHost(addr, list);
297 if (!entry) entry = AddHost(addr, list);
298 if (!entry) return(NULL);
299 // Don't count our own interrogation packets
300 if (id.NotAnInteger != 0xFFFF) entry->pkts[t]++;
301 return(entry);
302 }
303 }
304
305 mDNSlocal void RecordHostInfo(HostEntry *entry, const ResourceRecord *const pktrr)
306 {
307 if (!entry->hostname.c[0])
308 {
309 if (pktrr->rrtype == kDNSType_A || pktrr->rrtype == kDNSType_AAAA)
310 {
311 // Should really check that the rdata in the address record matches the source address of this packet
312 entry->NumQueries = 0;
313 AssignDomainName(&entry->hostname, pktrr->name);
314 }
315
316 if (pktrr->rrtype == kDNSType_PTR)
317 if (SameDomainName(&entry->revname, pktrr->name))
318 {
319 entry->NumQueries = 0;
320 AssignDomainName(&entry->hostname, &pktrr->rdata->u.name);
321 }
322 }
323 else if (pktrr->rrtype == kDNSType_HINFO)
324 {
325 RDataBody *rd = &pktrr->rdata->u;
326 mDNSu8 *rdend = (mDNSu8 *)rd + pktrr->rdlength;
327 mDNSu8 *hw = rd->txt.c;
328 mDNSu8 *sw = hw + 1 + (mDNSu32)hw[0];
329 if (sw + 1 + sw[0] <= rdend)
330 {
331 AssignDomainName(&entry->hostname, pktrr->name);
332 mDNSPlatformMemCopy(entry->HIHardware.c, hw, 1 + (mDNSu32)hw[0]);
333 mDNSPlatformMemCopy(entry->HISoftware.c, sw, 1 + (mDNSu32)sw[0]);
334 }
335 }
336 }
337
338 mDNSlocal void SendUnicastQuery(mDNS *const m, HostEntry *entry, domainname *name, mDNSu16 rrtype, mDNSInterfaceID InterfaceID)
339 {
340 const mDNSOpaque16 id = { { 0xFF, 0xFF } };
341 DNSMessage query;
342 mDNSu8 *qptr = query.data;
343 const mDNSu8 *const limit = query.data + sizeof(query.data);
344 const mDNSAddr *target = &entry->addr;
345 InitializeDNSMessage(&query.h, id, QueryFlags);
346 qptr = putQuestion(&query, qptr, limit, name, rrtype, kDNSClass_IN);
347 entry->LastQuery = m->timenow;
348 entry->NumQueries++;
349
350 // Note: When there are multiple mDNSResponder agents running on a single machine
351 // (e.g. Apple mDNSResponder plus a SliMP3 server with embedded mDNSResponder)
352 // it is possible that unicast queries may not go to the primary system responder.
353 // We try the first query using unicast, but if that doesn't work we try again via multicast.
354 if (entry->NumQueries > 2)
355 {
356 target = &AllDNSLinkGroup_v4;
357 }
358 else
359 {
360 //mprintf("%#a Q\n", target);
361 InterfaceID = mDNSInterface_Any; // Send query from our unicast reply socket
362 }
363
364 mDNSSendDNSMessage(&mDNSStorage, &query, qptr, InterfaceID, target, MulticastDNSPort, mDNSNULL, mDNSNULL);
365 }
366
367 mDNSlocal void AnalyseHost(mDNS *const m, HostEntry *entry, const mDNSInterfaceID InterfaceID)
368 {
369 // If we've done four queries without answer, give up
370 if (entry->NumQueries >= 4) return;
371
372 // If we've done a query in the last second, give the host a chance to reply before trying again
373 if (entry->NumQueries && m->timenow - entry->LastQuery < mDNSPlatformOneSecond) return;
374
375 // If we don't know the host name, try to find that first
376 if (!entry->hostname.c[0])
377 {
378 if (entry->revname.c[0])
379 {
380 SendUnicastQuery(m, entry, &entry->revname, kDNSType_PTR, InterfaceID);
381 //mprintf("%##s PTR %d\n", entry->revname.c, entry->NumQueries);
382 }
383 }
384 // If we have the host name but no HINFO, now ask for that
385 else if (!entry->HIHardware.c[0])
386 {
387 SendUnicastQuery(m, entry, &entry->hostname, kDNSType_HINFO, InterfaceID);
388 //mprintf("%##s HINFO %d\n", entry->hostname.c, entry->NumQueries);
389 }
390 }
391
392 mDNSlocal int CompareHosts(const void *p1, const void *p2)
393 {
394 return (int)(HostEntryTotalPackets((HostEntry *)p2) - HostEntryTotalPackets((HostEntry *)p1));
395 }
396
397 mDNSlocal void ShowSortedHostList(HostList *list, int max)
398 {
399 HostEntry *e, *end = &list->hosts[(max < list->num) ? max : list->num];
400 qsort(list->hosts, list->num, sizeof(HostEntry), CompareHosts);
401 if (list->num) mprintf("\n%-25s%s%s\n", "Source Address", OPBanner, " Pkts Query LegacyQ Response");
402 for (e = &list->hosts[0]; e < end; e++)
403 {
404 int len = mprintf("%#-25a", &e->addr);
405 if (len > 25) mprintf("\n%25s", "");
406 mprintf("%8lu %8lu %8lu %8lu %8lu %8lu %8lu", e->totalops,
407 e->stat[OP_probe], e->stat[OP_goodbye],
408 e->stat[OP_browseq], e->stat[OP_browsea],
409 e->stat[OP_resolveq], e->stat[OP_resolvea]);
410 mprintf(" %8lu %8lu %8lu %8lu",
411 HostEntryTotalPackets(e), e->pkts[HostPkt_Q], e->pkts[HostPkt_L], e->pkts[HostPkt_R]);
412 if (e->pkts[HostPkt_B]) mprintf("Bad: %8lu", e->pkts[HostPkt_B]);
413 mprintf("\n");
414 if (!e->HISoftware.c[0] && e->NumQueries > 2)
415 mDNSPlatformMemCopy(&e->HISoftware, "\x27*** Unknown (Jaguar, Windows, etc.) ***", 0x28);
416 if (e->hostname.c[0] || e->HIHardware.c[0] || e->HISoftware.c[0])
417 mprintf("%##-45s %#-14s %#s\n", e->hostname.c, e->HIHardware.c, e->HISoftware.c);
418 }
419 }
420
421 //*************************************************************************************************************
422 // Receive and process packets
423
424 mDNSexport mDNSBool ExtractServiceType(const domainname *const fqdn, domainname *const srvtype)
425 {
426 int i, len;
427 const mDNSu8 *src = fqdn->c;
428 mDNSu8 *dst = srvtype->c;
429
430 len = *src;
431 if (len == 0 || len >= 0x40) return(mDNSfalse);
432 if (src[1] != '_') src += 1 + len;
433
434 len = *src;
435 if (len == 0 || len >= 0x40 || src[1] != '_') return(mDNSfalse);
436 for (i=0; i<=len; i++) *dst++ = *src++;
437
438 len = *src;
439 if (len == 0 || len >= 0x40 || src[1] != '_') return(mDNSfalse);
440 for (i=0; i<=len; i++) *dst++ = *src++;
441
442 *dst++ = 0; // Put the null root label on the end of the service type
443
444 return(mDNStrue);
445 }
446
447 mDNSlocal void recordstat(HostEntry *entry, const domainname *fqdn, int op, mDNSu16 rrtype)
448 {
449 ActivityStat **s = &stats;
450 domainname srvtype;
451
452 if (op != OP_probe)
453 {
454 if (rrtype == kDNSType_SRV || rrtype == kDNSType_TXT) op = op - OP_browsegroup + OP_resolvegroup;
455 else if (rrtype != kDNSType_PTR) return;
456 }
457
458 if (!ExtractServiceType(fqdn, &srvtype)) return;
459
460 while (*s && !SameDomainName(&(*s)->srvtype, &srvtype)) s = &(*s)->next;
461 if (!*s)
462 {
463 int i;
464 *s = malloc(sizeof(ActivityStat));
465 if (!*s) exit(-1);
466 (*s)->next = NULL;
467 (*s)->srvtype = srvtype;
468 (*s)->printed = 0;
469 (*s)->totalops = 0;
470 for (i=0; i<OP_NumTypes; i++) (*s)->stat[i] = 0;
471 }
472
473 (*s)->totalops++;
474 (*s)->stat[op]++;
475 if (entry)
476 {
477 entry->totalops++;
478 entry->stat[op]++;
479 }
480 }
481
482 mDNSlocal void printstats(int max)
483 {
484 int i;
485 if (!stats) return;
486 for (i=0; i<max; i++)
487 {
488 int max = 0;
489 ActivityStat *s, *m = NULL;
490 for (s = stats; s; s=s->next)
491 if (!s->printed && max < s->totalops)
492 { m = s; max = s->totalops; }
493 if (!m) return;
494 m->printed = mDNStrue;
495 if (i==0) mprintf("%-25s%s\n", "Service Type", OPBanner);
496 mprintf("%##-25s%8d %8d %8d %8d %8d %8d %8d\n", m->srvtype.c, m->totalops, m->stat[OP_probe],
497 m->stat[OP_goodbye], m->stat[OP_browseq], m->stat[OP_browsea], m->stat[OP_resolveq], m->stat[OP_resolvea]);
498 }
499 }
500
501 mDNSlocal const mDNSu8 *FindUpdate(mDNS *const m, const DNSMessage *const query, const mDNSu8 *ptr, const mDNSu8 *const end,
502 DNSQuestion *q, LargeCacheRecord *pkt)
503 {
504 int i;
505 for (i = 0; i < query->h.numAuthorities; i++)
506 {
507 const mDNSu8 *p2 = ptr;
508 ptr = GetLargeResourceRecord(m, query, ptr, end, q->InterfaceID, kDNSRecordTypePacketAuth, pkt);
509 if (!ptr) break;
510 if (ResourceRecordAnswersQuestion(&pkt->r.resrec, q)) return(p2);
511 }
512 return(mDNSNULL);
513 }
514
515 mDNSlocal void DisplayPacketHeader(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *const end, const mDNSAddr *srcaddr, mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSInterfaceID InterfaceID)
516 {
517 const char *const ptype = (msg->h.flags.b[0] & kDNSFlag0_QR_Response) ? "-R- " :
518 (srcport.NotAnInteger == MulticastDNSPort.NotAnInteger) ? "-Q- " : "-LQ-";
519
520 struct timeval tv;
521 struct tm tm;
522 const mDNSu32 index = mDNSPlatformInterfaceIndexfromInterfaceID(m, InterfaceID);
523 char if_name[IFNAMSIZ]; // Older Linux distributions don't define IF_NAMESIZE
524 if_indextoname(index, if_name);
525 gettimeofday(&tv, NULL);
526 localtime_r((time_t*)&tv.tv_sec, &tm);
527 mprintf("\n%d:%02d:%02d.%06d Interface %d/%s\n", tm.tm_hour, tm.tm_min, tm.tm_sec, tv.tv_usec, index, if_name);
528
529 mprintf("%#-16a %s Q:%3d Ans:%3d Auth:%3d Add:%3d Size:%5d bytes",
530 srcaddr, ptype, msg->h.numQuestions, msg->h.numAnswers, msg->h.numAuthorities, msg->h.numAdditionals, end - (mDNSu8 *)msg);
531
532 if (msg->h.id.NotAnInteger) mprintf(" ID:%u", mDNSVal16(msg->h.id));
533
534 if (!mDNSAddrIsDNSMulticast(dstaddr)) mprintf(" To: %#a", dstaddr);
535
536 if (msg->h.flags.b[0] & kDNSFlag0_TC)
537 {
538 if (msg->h.flags.b[0] & kDNSFlag0_QR_Response) mprintf(" Truncated");
539 else mprintf(" Truncated (KA list continues in next packet)");
540 }
541 mprintf("\n");
542 }
543
544 mDNSlocal void DisplayResourceRecord(const mDNSAddr *const srcaddr, const char *const op, const ResourceRecord *const pktrr)
545 {
546 static const char hexchars[16] = "0123456789ABCDEF";
547 #define MaxWidth 132
548 char buffer[MaxWidth+8];
549 char *p = buffer;
550
551 RDataBody *rd = &pktrr->rdata->u;
552 mDNSu8 *rdend = (mDNSu8 *)rd + pktrr->rdlength;
553 int n = mprintf("%#-16a %-5s %-5s%5lu %##s -> ", srcaddr, op, DNSTypeName(pktrr->rrtype), pktrr->rroriginalttl, pktrr->name->c);
554
555 switch(pktrr->rrtype)
556 {
557 case kDNSType_A: n += mprintf("%.4a", &rd->ipv4); break;
558 case kDNSType_PTR: n += mprintf("%##.*s", MaxWidth - n, rd->name.c); break;
559 case kDNSType_HINFO:// same as kDNSType_TXT below
560 case kDNSType_TXT: {
561 mDNSu8 *t = rd->txt.c;
562 while (t < rdend && t[0] && p < buffer+MaxWidth)
563 {
564 int i;
565 for (i=1; i<=t[0] && p < buffer+MaxWidth; i++)
566 {
567 if (t[i] == '\\') *p++ = '\\';
568 if (t[i] >= ' ') *p++ = t[i];
569 else
570 {
571 *p++ = '\\';
572 *p++ = '0';
573 *p++ = 'x';
574 *p++ = hexchars[t[i] >> 4];
575 *p++ = hexchars[t[i] & 0xF];
576 }
577 }
578 t += 1+t[0];
579 if (t < rdend && t[0]) { *p++ = '\\'; *p++ = ' '; }
580 }
581 *p++ = 0;
582 n += mprintf("%.*s", MaxWidth - n, buffer);
583 } break;
584 case kDNSType_AAAA: n += mprintf("%.16a", &rd->ipv6); break;
585 case kDNSType_SRV: n += mprintf("%##s:%d", rd->srv.target.c, mDNSVal16(rd->srv.port)); break;
586 default: {
587 mDNSu8 *s = rd->data;
588 while (s < rdend && p < buffer+MaxWidth)
589 {
590 if (*s == '\\') *p++ = '\\';
591 if (*s >= ' ') *p++ = *s;
592 else
593 {
594 *p++ = '\\';
595 *p++ = '0';
596 *p++ = 'x';
597 *p++ = hexchars[*s >> 4];
598 *p++ = hexchars[*s & 0xF];
599 }
600 s++;
601 }
602 *p++ = 0;
603 n += mprintf("%.*s", MaxWidth - n, buffer);
604 } break;
605 }
606
607 mprintf("\n");
608 }
609
610 mDNSlocal void HexDump(const mDNSu8 *ptr, const mDNSu8 *const end)
611 {
612 while (ptr < end)
613 {
614 int i;
615 for (i=0; i<16; i++)
616 if (&ptr[i] < end) mprintf("%02X ", ptr[i]);
617 else mprintf(" ");
618 for (i=0; i<16; i++)
619 if (&ptr[i] < end) mprintf("%c", ptr[i] <= ' ' || ptr[i] >= 126 ? '.' : ptr[i]);
620 ptr += 16;
621 mprintf("\n");
622 }
623 }
624
625 mDNSlocal void DisplayError(const mDNSAddr *srcaddr, const mDNSu8 *ptr, const mDNSu8 *const end, char *msg)
626 {
627 mprintf("%#-16a **** ERROR: FAILED TO READ %s **** \n", srcaddr, msg);
628 HexDump(ptr, end);
629 }
630
631 mDNSlocal void DisplayQuery(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *const end,
632 const mDNSAddr *srcaddr, mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSInterfaceID InterfaceID)
633 {
634 int i;
635 const mDNSu8 *ptr = msg->data;
636 const mDNSu8 *auth = LocateAuthorities(msg, end);
637 mDNSBool MQ = (srcport.NotAnInteger == MulticastDNSPort.NotAnInteger);
638 HostEntry *entry = GotPacketFromHost(srcaddr, MQ ? HostPkt_Q : HostPkt_L, msg->h.id);
639 LargeCacheRecord pkt;
640
641 DisplayPacketHeader(m, msg, end, srcaddr, srcport, dstaddr, InterfaceID);
642 if (msg->h.id.NotAnInteger != 0xFFFF)
643 {
644 if (MQ) NumPktQ++; else NumPktL++;
645 }
646
647 for (i=0; i<msg->h.numQuestions; i++)
648 {
649 DNSQuestion q;
650 mDNSu8 *p2 = (mDNSu8 *)getQuestion(msg, ptr, end, InterfaceID, &q);
651 mDNSu16 ucbit = q.qclass & kDNSQClass_UnicastResponse;
652 q.qclass &= ~kDNSQClass_UnicastResponse;
653 if (!p2) { DisplayError(srcaddr, ptr, end, "QUESTION"); return; }
654 ptr = p2;
655 p2 = (mDNSu8 *)FindUpdate(m, msg, auth, end, &q, &pkt);
656 if (p2)
657 {
658 NumProbes++;
659 DisplayResourceRecord(srcaddr, ucbit ? "(PU)" : "(PM)", &pkt.r.resrec);
660 recordstat(entry, &q.qname, OP_probe, q.qtype);
661 p2 = (mDNSu8 *)skipDomainName(msg, p2, end);
662 // Having displayed this update record, clear type and class so we don't display the same one again.
663 p2[0] = p2[1] = p2[2] = p2[3] = 0;
664 }
665 else
666 {
667 const char *ptype = ucbit ? "(QU)" : "(QM)";
668 if (srcport.NotAnInteger == MulticastDNSPort.NotAnInteger) NumQuestions++;
669 else { NumLegacy++; ptype = "(LQ)"; }
670 mprintf("%#-16a %-5s %-5s %##s\n", srcaddr, ptype, DNSTypeName(q.qtype), q.qname.c);
671 if (msg->h.id.NotAnInteger != 0xFFFF) recordstat(entry, &q.qname, OP_query, q.qtype);
672 }
673 }
674
675 for (i=0; i<msg->h.numAnswers; i++)
676 {
677 const mDNSu8 *ep = ptr;
678 ptr = GetLargeResourceRecord(m, msg, ptr, end, InterfaceID, kDNSRecordTypePacketAns, &pkt);
679 if (!ptr) { DisplayError(srcaddr, ep, end, "KNOWN ANSWER"); return; }
680 DisplayResourceRecord(srcaddr, "(KA)", &pkt.r.resrec);
681
682 // In the case of queries with long multi-packet KA lists, we count each subsequent KA packet
683 // the same as a single query, to more accurately reflect the burden on the network
684 // (A query with a six-packet KA list is *at least* six times the burden on the network as a single-packet query.)
685 if (msg->h.numQuestions == 0 && i == 0)
686 recordstat(entry, pkt.r.resrec.name, OP_query, pkt.r.resrec.rrtype);
687 }
688
689 for (i=0; i<msg->h.numAuthorities; i++)
690 {
691 const mDNSu8 *ep = ptr;
692 ptr = skipResourceRecord(msg, ptr, end);
693 if (!ptr) { DisplayError(srcaddr, ep, end, "AUTHORITY"); return; }
694 }
695
696 if (entry) AnalyseHost(m, entry, InterfaceID);
697 }
698
699 mDNSlocal void DisplayResponse(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *end,
700 const mDNSAddr *srcaddr, mDNSIPPort srcport, const mDNSAddr *dstaddr, const mDNSInterfaceID InterfaceID)
701 {
702 int i;
703 const mDNSu8 *ptr = msg->data;
704 HostEntry *entry = GotPacketFromHost(srcaddr, HostPkt_R, msg->h.id);
705 LargeCacheRecord pkt;
706
707 DisplayPacketHeader(m, msg, end, srcaddr, srcport, dstaddr, InterfaceID);
708 if (msg->h.id.NotAnInteger != 0xFFFF) NumPktR++;
709
710 for (i=0; i<msg->h.numQuestions; i++)
711 {
712 DNSQuestion q;
713 const mDNSu8 *ep = ptr;
714 ptr = getQuestion(msg, ptr, end, InterfaceID, &q);
715 if (!ptr) { DisplayError(srcaddr, ep, end, "QUESTION"); return; }
716 if (mDNSAddrIsDNSMulticast(dstaddr))
717 mprintf("%#-16a (?) **** ERROR: SHOULD NOT HAVE Q IN mDNS RESPONSE **** %-5s %##s\n", srcaddr, DNSTypeName(q.qtype), q.qname.c);
718 else
719 mprintf("%#-16a (Q) %-5s %##s\n", srcaddr, DNSTypeName(q.qtype), q.qname.c);
720 }
721
722 for (i=0; i<msg->h.numAnswers; i++)
723 {
724 const mDNSu8 *ep = ptr;
725 ptr = GetLargeResourceRecord(m, msg, ptr, end, InterfaceID, kDNSRecordTypePacketAns, &pkt);
726 if (!ptr) { DisplayError(srcaddr, ep, end, "ANSWER"); return; }
727 if (pkt.r.resrec.rroriginalttl)
728 {
729 NumAnswers++;
730 DisplayResourceRecord(srcaddr, (pkt.r.resrec.RecordType & kDNSRecordTypePacketUniqueMask) ? "(AN)" : "(AN+)", &pkt.r.resrec);
731 if (msg->h.id.NotAnInteger != 0xFFFF) recordstat(entry, pkt.r.resrec.name, OP_answer, pkt.r.resrec.rrtype);
732 if (entry) RecordHostInfo(entry, &pkt.r.resrec);
733 }
734 else
735 {
736 NumGoodbyes++;
737 DisplayResourceRecord(srcaddr, "(DE)", &pkt.r.resrec);
738 recordstat(entry, pkt.r.resrec.name, OP_goodbye, pkt.r.resrec.rrtype);
739 }
740 }
741
742 for (i=0; i<msg->h.numAuthorities; i++)
743 {
744 const mDNSu8 *ep = ptr;
745 ptr = GetLargeResourceRecord(m, msg, ptr, end, InterfaceID, kDNSRecordTypePacketAuth, &pkt);
746 if (!ptr) { DisplayError(srcaddr, ep, end, "AUTHORITY"); return; }
747 mprintf("%#-16a (?) **** ERROR: SHOULD NOT HAVE AUTHORITY IN mDNS RESPONSE **** %-5s %##s\n",
748 srcaddr, DNSTypeName(pkt.r.resrec.rrtype), pkt.r.resrec.name->c);
749 }
750
751 for (i=0; i<msg->h.numAdditionals; i++)
752 {
753 const mDNSu8 *ep = ptr;
754 ptr = GetLargeResourceRecord(m, msg, ptr, end, InterfaceID, kDNSRecordTypePacketAdd, &pkt);
755 if (!ptr) { DisplayError(srcaddr, ep, end, "ADDITIONAL"); return; }
756 NumAdditionals++;
757 DisplayResourceRecord(srcaddr, (pkt.r.resrec.RecordType & kDNSRecordTypePacketUniqueMask) ? "(AD)" : "(AD+)", &pkt.r.resrec);
758 if (entry) RecordHostInfo(entry, &pkt.r.resrec);
759 }
760
761 if (entry) AnalyseHost(m, entry, InterfaceID);
762 }
763
764 mDNSlocal void ProcessUnicastResponse(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *end, const mDNSAddr *srcaddr, const mDNSInterfaceID InterfaceID)
765 {
766 int i;
767 const mDNSu8 *ptr = LocateAnswers(msg, end);
768 HostEntry *entry = GotPacketFromHost(srcaddr, HostPkt_R, msg->h.id);
769 //mprintf("%#a R\n", srcaddr);
770
771 for (i=0; i<msg->h.numAnswers + msg->h.numAuthorities + msg->h.numAdditionals; i++)
772 {
773 LargeCacheRecord pkt;
774 ptr = GetLargeResourceRecord(m, msg, ptr, end, InterfaceID, kDNSRecordTypePacketAns, &pkt);
775 if (pkt.r.resrec.rroriginalttl && entry) RecordHostInfo(entry, &pkt.r.resrec);
776 }
777 }
778
779 mDNSlocal mDNSBool AddressMatchesFilterList(const mDNSAddr *srcaddr)
780 {
781 FilterList *f;
782 if (!Filters) return(srcaddr->type == mDNSAddrType_IPv4);
783 for (f=Filters; f; f=f->next) if (mDNSSameAddress(srcaddr, &f->FilterAddr)) return(mDNStrue);
784 return(mDNSfalse);
785 }
786
787 mDNSexport void mDNSCoreReceive(mDNS *const m, DNSMessage *const msg, const mDNSu8 *const end,
788 const mDNSAddr *srcaddr, mDNSIPPort srcport, const mDNSAddr *dstaddr, mDNSIPPort dstport, const mDNSInterfaceID InterfaceID)
789 {
790 const mDNSu8 StdQ = kDNSFlag0_QR_Query | kDNSFlag0_OP_StdQuery;
791 const mDNSu8 StdR = kDNSFlag0_QR_Response | kDNSFlag0_OP_StdQuery;
792 const mDNSu8 QR_OP = (mDNSu8)(msg->h.flags.b[0] & kDNSFlag0_QROP_Mask);
793 mDNSu8 *ptr = (mDNSu8 *)&msg->h.numQuestions;
794 int goodinterface = (FilterInterface == 0);
795
796 (void)dstaddr; // Unused
797 (void)dstport; // Unused
798
799 // Read the integer parts which are in IETF byte-order (MSB first, LSB second)
800 msg->h.numQuestions = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]);
801 msg->h.numAnswers = (mDNSu16)((mDNSu16)ptr[2] << 8 | ptr[3]);
802 msg->h.numAuthorities = (mDNSu16)((mDNSu16)ptr[4] << 8 | ptr[5]);
803 msg->h.numAdditionals = (mDNSu16)((mDNSu16)ptr[6] << 8 | ptr[7]);
804
805 // For now we're only interested in monitoring IPv4 traffic.
806 // All IPv6 packets should just be duplicates of the v4 packets.
807 if (!goodinterface) goodinterface = (FilterInterface == (int)mDNSPlatformInterfaceIndexfromInterfaceID(m, InterfaceID));
808 if (goodinterface && AddressMatchesFilterList(srcaddr))
809 {
810 mDNS_Lock(m);
811 if (!mDNSAddrIsDNSMulticast(dstaddr))
812 {
813 if (QR_OP == StdQ) mprintf("Unicast query from %#a\n", srcaddr);
814 else if (QR_OP == StdR) ProcessUnicastResponse(m, msg, end, srcaddr, InterfaceID);
815 }
816 else
817 {
818 if (QR_OP == StdQ) DisplayQuery (m, msg, end, srcaddr, srcport, dstaddr, InterfaceID);
819 else if (QR_OP == StdR) DisplayResponse (m, msg, end, srcaddr, srcport, dstaddr, InterfaceID);
820 else
821 {
822 debugf("Unknown DNS packet type %02X%02X (ignored)", msg->h.flags.b[0], msg->h.flags.b[1]);
823 GotPacketFromHost(srcaddr, HostPkt_B, msg->h.id);
824 NumPktB++;
825 }
826 }
827 mDNS_Unlock(m);
828 }
829 }
830
831 mDNSlocal mStatus mDNSNetMonitor(void)
832 {
833 struct tm tm;
834 int h, m, s, mul, div, TotPkt;
835 sigset_t signals;
836
837 mStatus status = mDNS_Init(&mDNSStorage, &PlatformStorage,
838 mDNS_Init_NoCache, mDNS_Init_ZeroCacheSize,
839 mDNS_Init_DontAdvertiseLocalAddresses,
840 mDNS_Init_NoInitCallback, mDNS_Init_NoInitCallbackContext);
841 if (status) return(status);
842
843 gettimeofday(&tv_start, NULL);
844 mDNSPosixListenForSignalInEventLoop(SIGINT);
845 mDNSPosixListenForSignalInEventLoop(SIGTERM);
846
847 do
848 {
849 struct timeval timeout = { 0x3FFFFFFF, 0 }; // wait until SIGINT or SIGTERM
850 mDNSBool gotSomething;
851 mDNSPosixRunEventLoopOnce(&mDNSStorage, &timeout, &signals, &gotSomething);
852 }
853 while ( !( sigismember( &signals, SIGINT) || sigismember( &signals, SIGTERM)));
854
855 // Now display final summary
856 TotPkt = NumPktQ + NumPktL + NumPktR;
857 gettimeofday(&tv_end, NULL);
858 tv_interval = tv_end;
859 if (tv_start.tv_usec > tv_interval.tv_usec)
860 { tv_interval.tv_usec += 1000000; tv_interval.tv_sec--; }
861 tv_interval.tv_sec -= tv_start.tv_sec;
862 tv_interval.tv_usec -= tv_start.tv_usec;
863 h = (tv_interval.tv_sec / 3600);
864 m = (tv_interval.tv_sec % 3600) / 60;
865 s = (tv_interval.tv_sec % 60);
866 if (tv_interval.tv_sec > 10)
867 {
868 mul = 60;
869 div = tv_interval.tv_sec;
870 }
871 else
872 {
873 mul = 60000;
874 div = tv_interval.tv_sec * 1000 + tv_interval.tv_usec / 1000;
875 if (div == 0) div=1;
876 }
877
878 mprintf("\n\n");
879 localtime_r((time_t*)&tv_start.tv_sec, &tm);
880 mprintf("Started %3d:%02d:%02d.%06d\n", tm.tm_hour, tm.tm_min, tm.tm_sec, tv_start.tv_usec);
881 localtime_r((time_t*)&tv_end.tv_sec, &tm);
882 mprintf("End %3d:%02d:%02d.%06d\n", tm.tm_hour, tm.tm_min, tm.tm_sec, tv_end.tv_usec);
883 mprintf("Captured for %3d:%02d:%02d.%06d\n", h, m, s, tv_interval.tv_usec);
884 if (!Filters)
885 {
886 mprintf("Unique source addresses seen on network:");
887 if (IPv4HostList.num) mprintf(" %ld (IPv4)", IPv4HostList.num);
888 if (IPv6HostList.num) mprintf(" %ld (IPv6)", IPv6HostList.num);
889 if (!IPv4HostList.num && !IPv6HostList.num) mprintf(" None");
890 mprintf("\n");
891 }
892 mprintf("\n");
893 mprintf("Modern Query Packets: %7d (avg%5d/min)\n", NumPktQ, NumPktQ * mul / div);
894 mprintf("Legacy Query Packets: %7d (avg%5d/min)\n", NumPktL, NumPktL * mul / div);
895 mprintf("Multicast Response Packets: %7d (avg%5d/min)\n", NumPktR, NumPktR * mul / div);
896 mprintf("Total Multicast Packets: %7d (avg%5d/min)\n", TotPkt, TotPkt * mul / div);
897 mprintf("\n");
898 mprintf("Total New Service Probes: %7d (avg%5d/min)\n", NumProbes, NumProbes * mul / div);
899 mprintf("Total Goodbye Announcements: %7d (avg%5d/min)\n", NumGoodbyes, NumGoodbyes * mul / div);
900 mprintf("Total Query Questions: %7d (avg%5d/min)\n", NumQuestions, NumQuestions * mul / div);
901 mprintf("Total Queries from Legacy Clients:%7d (avg%5d/min)\n", NumLegacy, NumLegacy * mul / div);
902 mprintf("Total Answers/Announcements: %7d (avg%5d/min)\n", NumAnswers, NumAnswers * mul / div);
903 mprintf("Total Additional Records: %7d (avg%5d/min)\n", NumAdditionals, NumAdditionals * mul / div);
904 mprintf("\n");
905 printstats(kReportTopServices);
906
907 if (!ExactlyOneFilter)
908 {
909 ShowSortedHostList(&IPv4HostList, kReportTopHosts);
910 ShowSortedHostList(&IPv6HostList, kReportTopHosts);
911 }
912
913 mDNS_Close(&mDNSStorage);
914 return(0);
915 }
916
917 mDNSexport int main(int argc, char **argv)
918 {
919 const char *progname = strrchr(argv[0], '/') ? strrchr(argv[0], '/') + 1 : argv[0];
920 int i;
921 mStatus status;
922
923 setlinebuf(stdout); // Want to see lines as they appear, not block buffered
924
925 for (i=1; i<argc; i++)
926 {
927 if (i+1 < argc && !strcmp(argv[i], "-i") && atoi(argv[i+1]))
928 {
929 FilterInterface = atoi(argv[i+1]);
930 i += 2;
931 printf("Monitoring interface %d\n", FilterInterface);
932 }
933 else
934 {
935 struct in_addr s4;
936 struct in6_addr s6;
937 FilterList *f;
938 mDNSAddr a;
939 a.type = mDNSAddrType_IPv4;
940
941 if (inet_pton(AF_INET, argv[i], &s4) == 1)
942 a.ip.v4.NotAnInteger = s4.s_addr;
943 else if (inet_pton(AF_INET6, argv[i], &s6) == 1)
944 {
945 a.type = mDNSAddrType_IPv6;
946 bcopy(&s6, &a.ip.v6, sizeof(a.ip.v6));
947 }
948 else
949 {
950 struct hostent *h = gethostbyname(argv[i]);
951 if (h) a.ip.v4.NotAnInteger = *(long*)h->h_addr;
952 else goto usage;
953 }
954
955 f = malloc(sizeof(*f));
956 f->FilterAddr = a;
957 f->next = Filters;
958 Filters = f;
959 }
960 }
961
962 status = mDNSNetMonitor();
963 if (status) { fprintf(stderr, "%s: mDNSNetMonitor failed %d\n", progname, (int)status); return(status); }
964 return(0);
965
966 usage:
967 fprintf(stderr, "\nmDNS traffic monitor\n");
968 fprintf(stderr, "Usage: %s (<host>)\n", progname);
969 fprintf(stderr, "Optional <host> parameter displays only packets from that host\n");
970
971 fprintf(stderr, "\nPer-packet header output:\n");
972 fprintf(stderr, "-Q- Multicast Query from mDNS client that accepts multicast responses\n");
973 fprintf(stderr, "-R- Multicast Response packet containing answers/announcements\n");
974 fprintf(stderr, "-LQ- Multicast Query from legacy client that does *not* listen for multicast responses\n");
975 fprintf(stderr, "Q/Ans/Auth/Add Number of questions, answers, authority records and additional records in packet\n");
976
977 fprintf(stderr, "\nPer-record display:\n");
978 fprintf(stderr, "(PM) Probe Question (new service starting), requesting multicast response\n");
979 fprintf(stderr, "(PU) Probe Question (new service starting), requesting unicast response\n");
980 fprintf(stderr, "(DE) Deletion/Goodbye (service going away)\n");
981 fprintf(stderr, "(LQ) Legacy Query Question\n");
982 fprintf(stderr, "(QM) Query Question, requesting multicast response\n");
983 fprintf(stderr, "(QU) Query Question, requesting unicast response\n");
984 fprintf(stderr, "(KA) Known Answer (information querier already knows)\n");
985 fprintf(stderr, "(AN) Unique Answer to question (or periodic announcment) (entire RR Set)\n");
986 fprintf(stderr, "(AN+) Answer to question (or periodic announcment) (add to existing RR Set members)\n");
987 fprintf(stderr, "(AD) Unique Additional Record Set (entire RR Set)\n");
988 fprintf(stderr, "(AD+) Additional records (add to existing RR Set members)\n");
989
990 fprintf(stderr, "\nFinal summary, sorted by service type:\n");
991 fprintf(stderr, "Probe Probes for this service type starting up\n");
992 fprintf(stderr, "Goodbye Goodbye (deletion) packets for this service type shutting down\n");
993 fprintf(stderr, "BrowseQ Browse questions from clients browsing to find a list of instances of this service\n");
994 fprintf(stderr, "BrowseA Browse answers/announcments advertising instances of this service\n");
995 fprintf(stderr, "ResolveQ Resolve questions from clients actively connecting to an instance of this service\n");
996 fprintf(stderr, "ResolveA Resolve answers/announcments giving connection information for an instance of this service\n");
997 fprintf(stderr, "\n");
998 return(-1);
999 }
mirror of mDNSResponder