To avoid exceeding the inputs number limit of the flex scanner used. Using port number as index, to map service names in the table, results in a very sparse table, so a new struct is needed to associate ports with names. Signed-off-by: Elise Lennion <elise.lennion@xxxxxxxxx> --- The services list are all well-known and registered ports of my local /etc/services file. include/datatype.h | 11 ++++ src/datatype.c | 159 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 162 insertions(+), 8 deletions(-) diff --git a/include/datatype.h b/include/datatype.h index 9f3f711..9c34c50 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -172,6 +172,17 @@ struct symbolic_constant { uint64_t value; }; +/** + * struct port_servname - port <-> service name mapping + * + * @port: port number + * @name: service name + */ +struct port_servname { + uint16_t port; + char *name; +}; + #define SYMBOL(id, v) { .identifier = (id), .value = (v) } #define SYMBOL_LIST_END (struct symbolic_constant) { } diff --git a/src/datatype.c b/src/datatype.c index 1e40287..85b261d 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -28,6 +28,156 @@ #include <netinet/ip_icmp.h> +static const struct port_servname services[] = { + {1, "tcpmux"}, {7, "echo"}, {9, "discard"}, + {11, "systat"}, {13, "daytime"}, {15, "netstat"}, + {17, "qotd"}, {18, "msp"}, {19, "chargen"}, + {20, "ftp-data"}, {21, "ftp"}, {22, "ssh"}, + {23, "telnet"}, {25, "smtp"}, {37, "time"}, {39, "rlp"}, + {42, "nameserver"}, {43, "whois"}, {49, "tacacs"}, + {50, "re-mail-ck"}, {53, "domain"}, {57, "mtp"}, + {65, "tacacs-ds"}, {67, "bootps"}, {68, "bootpc"}, + {69, "tftp"}, {70, "gopher"}, {77, "rje"}, {79, "finger"}, + {80, "http"}, {87, "link"}, {88, "kerberos"}, + {95, "supdup"}, {98, "linuxconf"}, {101, "hostnames"}, + {102, "iso-tsap"}, {104, "acr-nema"}, {105, "csnet-ns"}, + {106, "poppassd"}, {107, "rtelnet"}, {109, "pop2"}, + {110, "pop3"}, {111, "sunrpc"}, {113, "auth"}, + {115, "sftp"}, {117, "uucp-path"}, {119, "nntp"}, + {123, "ntp"}, {129, "pwdgen"}, {135, "loc-srv"}, + {137, "netbios-ns"}, {138, "netbios-dgm"}, + {139, "netbios-ssn"}, {143, "imap2"}, {161, "snmp"}, + {162, "snmp-trap"}, {163, "cmip-man"}, + {164, "cmip-agent"}, {174, "mailq"}, {177, "xdmcp"}, + {178, "nextstep"}, {179, "bgp"}, {191, "prospero"}, + {194, "irc"}, {199, "smux"}, {201, "at-rtmp"}, + {202, "at-nbp"}, {204, "at-echo"}, {206, "at-zis"}, + {209, "qmtp"}, {210, "z3950"}, {213, "ipx"}, + {220, "imap3"}, {345, "pawserv"}, {346, "zserv"}, + {347, "fatserv"}, {369, "rpc2portmap"}, + {370, "codaauth2"}, {371, "clearcase"}, + {372, "ulistserv"}, {389, "ldap"}, {406, "imsp"}, + {427, "svrloc"}, {443, "https"}, {444, "snpp"}, + {445, "microsoft-ds"}, {464, "kpasswd"}, {465, "urd"}, + {487, "saft"}, {500, "isakmp"}, {512, "biff"}, + {512, "exec"}, {513, "login"}, {513, "who"}, + {514, "shell"}, {514, "syslog"}, {515, "printer"}, + {517, "talk"}, {518, "ntalk"}, {520, "route"}, + {525, "timed"}, {526, "tempo"}, {530, "courier"}, + {531, "conference"}, {532, "netnews"}, {533, "netwall"}, + {538, "gdomap"}, {540, "uucp"}, {543, "klogin"}, + {544, "kshell"}, {546, "dhcpv6-client"}, + {547, "dhcpv6-server"}, {548, "afpovertcp"}, + {549, "idfp"}, {554, "rtsp"}, {556, "remotefs"}, + {563, "nntps"}, {587, "submission"}, {607, "nqs"}, + {610, "npmp-local"}, {611, "npmp-gui"}, {612, "hmmp-ind"}, + {623, "asf-rmcp"}, {628, "qmqp"}, {631, "ipp"}, + {636, "ldaps"}, {655, "tinc"}, {706, "silc"}, + {749, "kerberos-adm"}, {750, "kerberos4"}, + {751, "kerberos-master"}, {752, "passwd-server"}, + {754, "krb-prop"}, {760, "krbupdate"}, {765, "webster"}, + {775, "moira-db"}, {777, "moira-update"}, + {779, "moira-ureg"}, {783, "spamd"}, {808, "omirr"}, + {871, "supfilesrv"}, {873, "rsync"}, {901, "swat"}, + {989, "ftps-data"}, {990, "ftps"}, {992, "telnets"}, + {993, "imaps"}, {994, "ircs"}, {995, "pop3s"}, + {1001, "customs"}, {1080, "socks"}, {1093, "proofd"}, + {1094, "rootd"}, {1099, "rmiregistry"}, {1109, "kpop"}, + {1127, "supfiledbg"}, {1178, "skkserv"}, + {1194, "openvpn"}, {1210, "predict"}, {1214, "kazaa"}, + {1236, "rmtcfg"}, {1241, "nessus"}, {1300, "wipld"}, + {1313, "xtel"}, {1314, "xtelw"}, {1352, "lotusnote"}, + {1433, "ms-sql-s"}, {1434, "ms-sql-m"}, + {1524, "ingreslock"}, {1525, "prospero-np"}, + {1529, "support"}, {1645, "datametrics"}, + {1646, "sa-msg-port"}, {1649, "kermit"}, + {1677, "groupwise"}, {1701, "l2f"}, {1812, "radius"}, + {1813, "radius-acct"}, {1863, "msnp"}, + {1957, "unix-status"}, {1958, "log-server"}, + {1959, "remoteping"}, {2000, "cisco-sccp"}, + {2003, "cfinger"}, {2010, "pipe-server"}, + {2010, "search"}, {2049, "nfs"}, {2053, "knetd"}, + {2086, "gnunet"}, {2101, "rtcm-sc104"}, + {2102, "zephyr-srv"}, {2103, "zephyr-clt"}, + {2104, "zephyr-hm"}, {2105, "eklogin"}, {2111, "kx"}, + {2119, "gsigatekeeper"}, {2121, "frox"}, {2121, "iprop"}, + {2135, "gris"}, {2150, "ninstall"}, {2401, "cvspserver"}, + {2430, "venus"}, {2431, "venus-se"}, {2432, "codasrv"}, + {2433, "codasrv-se"}, {2583, "mon"}, {2600, "zebrasrv"}, + {2601, "zebra"}, {2602, "ripd"}, {2603, "ripngd"}, + {2604, "ospfd"}, {2605, "bgpd"}, {2606, "ospf6d"}, + {2607, "ospfapi"}, {2608, "isisd"}, {2628, "dict"}, + {2792, "f5-globalsite"}, {2811, "gsiftp"}, {2947, "gpsd"}, + {2988, "afbackup"}, {2989, "afmbackup"}, {3050, "gds-db"}, + {3130, "icpv2"}, {3260, "iscsi-target"}, {3306, "mysql"}, + {3493, "nut"}, {3632, "distcc"}, {3689, "daap"}, + {3690, "svn"}, {4031, "suucp"}, {4094, "sysrqd"}, + {4190, "sieve"}, {4224, "xtell"}, {4353, "f5-iquery"}, + {4369, "epmd"}, {4373, "remctl"}, {4500, "ipsec-nat-t"}, + {4557, "fax"}, {4559, "hylafax"}, {4569, "iax"}, + {4600, "distmp3"}, {4691, "mtn"}, {4899, "radmin-port"}, + {4949, "munin"}, {5002, "rfe"}, {5050, "mmcc"}, + {5051, "enbd-cstatd"}, {5052, "enbd-sstatd"}, + {5060, "sip"}, {5061, "sip-tls"}, {5151, "pcrd"}, + {5190, "aol"}, {5222, "xmpp-client"}, + {5269, "xmpp-server"}, {5308, "cfengine"}, {5353, "mdns"}, + {5354, "noclog"}, {5355, "hostmon"}, {5432, "postgresql"}, + {5555, "rplay"}, {5556, "freeciv"}, {5666, "nrpe"}, + {5667, "nsca"}, {5671, "amqps"}, {5672, "amqp"}, + {5674, "mrtd"}, {5675, "bgpsim"}, {5680, "canna"}, + {5688, "ggz"}, {6000, "x11"}, {6001, "x11-1"}, + {6002, "x11-2"}, {6003, "x11-3"}, {6004, "x11-4"}, + {6005, "x11-5"}, {6006, "x11-6"}, {6007, "x11-7"}, + {6346, "gnutella-svc"}, {6347, "gnutella-rtr"}, + {6444, "sge-qmaster"}, {6445, "sge-execd"}, + {6446, "mysql-proxy"}, {6514, "syslog-tls"}, + {6566, "sane-port"}, {6667, "ircd"}, + {7000, "afs3-fileserver"}, {7001, "afs3-callback"}, + {7002, "afs3-prserver"}, {7003, "afs3-vlserver"}, + {7004, "afs3-kaserver"}, {7005, "afs3-volser"}, + {7006, "afs3-errors"}, {7007, "afs3-bos"}, + {7008, "afs3-update"}, {7009, "afs3-rmtsys"}, + {7100, "font-service"}, {8021, "zope-ftp"}, + {8080, "http-alt"}, {8081, "tproxy"}, {8088, "omniorb"}, + {8990, "clc-build-daemon"}, {9098, "xinetd"}, + {9101, "bacula-dir"}, {9102, "bacula-fd"}, + {9103, "bacula-sd"}, {9359, "mandelspawn"}, {9418, "git"}, + {9667, "xmms2"}, {9673, "zope"}, {10000, "webmin"}, + {10050, "zabbix-agent"}, {10051, "zabbix-trapper"}, + {10080, "amanda"}, {10081, "kamanda"}, + {10082, "amandaidx"}, {10083, "amidxtape"}, + {10809, "nbd"}, {11112, "dicom"}, {11201, "smsqp"}, + {11371, "hkp"}, {13720, "bprd"}, {13721, "bpdbm"}, + {13722, "bpjava-msvc"}, {13724, "vnetd"}, {13782, "bpcd"}, + {13783, "vopied"}, {15345, "xpilot"}, {17001, "sgi-cmsd"}, + {17002, "sgi-crsd"}, {17003, "sgi-gcd"}, + {17004, "sgi-cad"}, {17500, "db-lsp"}, {20011, "isdnlog"}, + {20012, "vboxd"}, {22125, "dcap"}, {22128, "gsidcap"}, + {22273, "wnn6"}, {24554, "binkp"}, {27374, "asp"}, + {30865, "csync2"} +}; + +static void service_lookup(const uint16_t port, char *buf) +{ + uint16_t s = 0; + uint16_t m; + uint16_t e = sizeof(services) / sizeof(struct port_servname) - 1; + + while (s < e) { + m = s + (e - s)/2; + + if (services[m].port < port) + s = m + 1; + else + e = m; + } + + if (services[s].port == port) + strcpy(buf, services[s].name); + else + sprintf(buf, "%hu", port); +} + static const struct datatype *datatypes[TYPE_MAX + 1] = { [TYPE_INVALID] = &invalid_type, [TYPE_VERDICT] = &verdict_type, @@ -561,16 +711,9 @@ static void inet_service_type_print(const struct expr *expr) { struct sockaddr_in sin = { .sin_family = AF_INET }; char buf[NI_MAXSERV]; - int err; sin.sin_port = mpz_get_be16(expr->value); - err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), NULL, 0, - buf, sizeof(buf), - numeric_output < NUMERIC_PORT ? 0 : NI_NUMERICSERV); - if (err != 0) { - getnameinfo((struct sockaddr *)&sin, sizeof(sin), NULL, - 0, buf, sizeof(buf), NI_NUMERICSERV); - } + service_lookup(ntohs(sin.sin_port), buf); printf("%s", buf); } -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html