pcap-helper.cpp
Go to the documentation of this file.
1 /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2 /*
3  * Copyright (c) 2014-2022, Regents of the University of California,
4  * Arizona Board of Regents,
5  * Colorado State University,
6  * University Pierre & Marie Curie, Sorbonne University,
7  * Washington University in St. Louis,
8  * Beijing Institute of Technology,
9  * The University of Memphis.
10  *
11  * This file is part of NFD (Named Data Networking Forwarding Daemon).
12  * See AUTHORS.md for complete list of NFD authors and contributors.
13  *
14  * NFD is free software: you can redistribute it and/or modify it under the terms
15  * of the GNU General Public License as published by the Free Software Foundation,
16  * either version 3 of the License, or (at your option) any later version.
17  *
18  * NFD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
19  * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
20  * PURPOSE. See the GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License along with
23  * NFD, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
24  */
25 
26 #include "pcap-helper.hpp"
27 #include "ethernet-protocol.hpp"
28 
29 #include "common/privilege-helper.hpp"
30 
31 #include <pcap/pcap.h>
32 #include <unistd.h>
33 
34 #if !defined(PCAP_NETMASK_UNKNOWN)
35 #define PCAP_NETMASK_UNKNOWN 0xffffffff
36 #endif
37 
38 namespace nfd::face {
39 
40 PcapHelper::PcapHelper(const std::string& interfaceName)
41 {
42  char errbuf[PCAP_ERRBUF_SIZE] = {};
43  m_pcap = pcap_create(interfaceName.data(), errbuf);
44  if (!m_pcap)
45  NDN_THROW(Error("pcap_create: " + std::string(errbuf)));
46 
47  // Enable "immediate mode", effectively disabling any read buffering in the kernel.
48  // This corresponds to the BIOCIMMEDIATE ioctl on BSD-like systems (including macOS)
49  // where libpcap uses a BPF device. On Linux this forces libpcap not to use TPACKET_V3,
50  // even if the kernel supports it, thus preventing bug #1511.
51  if (pcap_set_immediate_mode(m_pcap, 1) < 0)
52  NDN_THROW(Error("pcap_set_immediate_mode failed"));
53 
54  pcap_set_snaplen(m_pcap, ethernet::HDR_LEN + ndn::MAX_NDN_PACKET_SIZE);
55  pcap_set_buffer_size(m_pcap, 4 * 1024 * 1024);
56 }
57 
58 PcapHelper::~PcapHelper() noexcept
59 {
60  close();
61 }
62 
63 void
64 PcapHelper::activate(int dlt)
65 {
66  PrivilegeHelper::runElevated([this] {
67  int ret = pcap_activate(m_pcap);
68  if (ret < 0)
69  NDN_THROW(Error("pcap_activate: " + std::string(pcap_statustostr(ret))));
70  });
71 
72  char errbuf[PCAP_ERRBUF_SIZE] = {};
73  if (pcap_setnonblock(m_pcap, 1, errbuf) < 0)
74  NDN_THROW(Error("pcap_setnonblock: " + std::string(errbuf)));
75 
76  if (pcap_set_datalink(m_pcap, dlt) < 0)
77  NDN_THROW(Error("pcap_set_datalink: " + getLastError()));
78 
79  if (pcap_setdirection(m_pcap, PCAP_D_IN) < 0)
80  NDN_THROW(Error("pcap_setdirection: " + getLastError()));
81 }
82 
83 void
84 PcapHelper::close() noexcept
85 {
86  if (m_pcap) {
87  pcap_close(m_pcap);
88  m_pcap = nullptr;
89  }
90 }
91 
92 int
93 PcapHelper::getFd() const
94 {
95  int fd = pcap_get_selectable_fd(m_pcap);
96  if (fd < 0)
97  NDN_THROW(Error("pcap_get_selectable_fd failed"));
98 
99  // we need to duplicate the fd, otherwise both pcap_close() and the
100  // caller may attempt to close the same fd and one of them will fail
101  return ::dup(fd);
102 }
103 
104 std::string
105 PcapHelper::getLastError() const noexcept
106 {
107  return pcap_geterr(m_pcap);
108 }
109 
110 size_t
111 PcapHelper::getNDropped() const
112 {
113  pcap_stat ps{};
114  if (pcap_stats(m_pcap, &ps) < 0)
115  NDN_THROW(Error("pcap_stats: " + getLastError()));
116 
117  return ps.ps_drop;
118 }
119 
120 void
121 PcapHelper::setPacketFilter(const char* filter) const
122 {
123  bpf_program prog;
124  if (pcap_compile(m_pcap, &prog, filter, 1, PCAP_NETMASK_UNKNOWN) < 0)
125  NDN_THROW(Error("pcap_compile: " + getLastError()));
126 
127  int ret = pcap_setfilter(m_pcap, &prog);
128  pcap_freecode(&prog);
129  if (ret < 0)
130  NDN_THROW(Error("pcap_setfilter: " + getLastError()));
131 }
132 
133 std::tuple<span<const uint8_t>, std::string>
134 PcapHelper::readNextPacket() const noexcept
135 {
136  pcap_pkthdr* header;
137  const uint8_t* packet;
138 
139  int ret = pcap_next_ex(m_pcap, &header, &packet);
140  if (ret < 0)
141  return {span<uint8_t>{}, getLastError()};
142  else if (ret == 0)
143  return {span<uint8_t>{}, "Nothing to read"};
144  else
145  return {{packet, header->caplen}, ""};
146 }
147 
148 } // namespace nfd::face
nfd::PrivilegeHelper::runElevated
static void runElevated(F &&f)
Definition: privilege-helper.hpp:72
nfd::face::PcapHelper::PcapHelper
PcapHelper(const std::string &interfaceName)
Create a libpcap context for live packet capture on a network interface.
Definition: pcap-helper.cpp:40
nfd::face::PcapHelper::getFd
int getFd() const
Obtain a file descriptor that can be used in calls such as select(2) and poll(2).
Definition: pcap-helper.cpp:93
nfd::face::PcapHelper::getLastError
std::string getLastError() const noexcept
Get last error message.
Definition: pcap-helper.cpp:105
nfd::face::PcapHelper::activate
void activate(int dlt)
Start capturing packets.
Definition: pcap-helper.cpp:64
nfd::face::PcapHelper::getNDropped
size_t getNDropped() const
Get the number of packets dropped by the kernel, as reported by libpcap.
Definition: pcap-helper.cpp:111
nfd::face::PcapHelper::setPacketFilter
void setPacketFilter(const char *filter) const
Install a BPF filter on the receiving socket.
Definition: pcap-helper.cpp:121
nfd::face::PcapHelper::readNextPacket
std::tuple< span< const uint8_t >, std::string > readNextPacket() const noexcept
Read the next packet captured on the interface.
Definition: pcap-helper.cpp:134
nfd::face::PcapHelper::close
void close() noexcept
Stop capturing and close the handle.
Definition: pcap-helper.cpp:84
PCAP_NETMASK_UNKNOWN
#define PCAP_NETMASK_UNKNOWN
Definition: pcap-helper.cpp:35