DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

Updated replay warnings to include proto/port info

Browse Source 
Replay warnings now include port and protocol information.  Here is an example:

SPA Packet from IP: 127.0.0.1 received.
Replay detected from source IP: 127.0.0.1
        Destination proto/port: 17/62201
            Original source IP: 127.0.0.1
       Original dst proto/port: 17/62201
                 Entry created: 08/17/11 21:06:07
                  First replay: 08/17/11 21:06:32
                   Last replay: 08/17/11 21:06:45
                  Replay count: 7
This commit is contained in:
Michael Rash 2011-08-17 21:07:35 -04:00
parent df96e42c51
commit 92b7e2588e
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
server/replay_cache.c
View File

@ -168,7 +168,9 @@ replay_warning(fko_srv_options_t *opts, digest_cache_info_t *digest_info)
log_msg(LOG_WARNING, log_msg(LOG_WARNING,
"Replay detected from source IP: %s\n" "Replay detected from source IP: %s\n"
" Destination proto/port: %d/%d\n"
" Original source IP: %s\n" " Original source IP: %s\n"
" Original dst proto/port: %d/%d\n"
#if USE_FILE_CACHE #if USE_FILE_CACHE
" Entry created: %s\n", " Entry created: %s\n",
#else #else
@ -177,7 +179,12 @@ replay_warning(fko_srv_options_t *opts, digest_cache_info_t *digest_info)
" Last replay: %s\n" " Last replay: %s\n"
" Replay count: %i\n", " Replay count: %i\n",
#endif #endif
src_ip, orig_src_ip, src_ip,
opts->spa_pkt.packet_proto,
opts->spa_pkt.packet_dst_port,
orig_src_ip,
digest_info->proto,
digest_info->dst_port,
#if USE_FILE_CACHE #if USE_FILE_CACHE
created created
#else #else
@ -593,8 +600,12 @@ replay_check_dbm_cache(fko_srv_options_t *opts, fko_ctx_t ctx)
} else { } else {
/* This is a new SPA packet that needs to be added to the cache. /* This is a new SPA packet that needs to be added to the cache.
*/ */
dc_info.src_ip = opts->spa_pkt.packet_src_ip; dc_info.src_ip = opts->spa_pkt.packet_src_ip;
dc_info.created = time(NULL); dc_info.dst_ip = opts->spa_pkt.packet_dst_ip;
dc_info.src_port = opts->spa_pkt.packet_src_port;
dc_info.dst_port = opts->spa_pkt.packet_dst_port;
dc_info.proto = opts->spa_pkt.packet_proto;
dc_info.created = time(NULL);
dc_info.first_replay = dc_info.last_replay = dc_info.replay_count = 0; dc_info.first_replay = dc_info.last_replay = dc_info.replay_count = 0;
db_ent.dsize = sizeof(digest_cache_info_t); db_ent.dsize = sizeof(digest_cache_info_t);

4
server/replay_cache.h
View File

@ -36,12 +36,12 @@
typedef struct digest_cache_info { typedef struct digest_cache_info {
unsigned int src_ip; unsigned int src_ip;
time_t created;
char *digest;
unsigned int dst_ip; unsigned int dst_ip;
unsigned short src_port; unsigned short src_port;
unsigned short dst_port; unsigned short dst_port;
unsigned char proto; unsigned char proto;
time_t created;
char *digest;
#if ! USE_FILE_CACHE #if ! USE_FILE_CACHE
time_t first_replay; time_t first_replay;
time_t last_replay; time_t last_replay;