8 require './access_list.pl';
10 require './survey.pl';
16 vec($bits, fileno($fh), 1) = 1;
21 # used for rate limiting
25 my %active_surveys = ();
29 sub cache_cidrlookup {
30 my ($addr, $net) = @_;
31 my $key = $addr . " " . $net;
33 if (!exists($cidrcache{$key})) {
34 $cidrcache{$key} = Net::CIDR::cidrlookup($addr, $net);
36 return $cidrcache{$key};
43 if (!exists($rangecache{$net})) {
44 ($rangecache{$net}) = Net::CIDR::cidr2range($net);
47 return $rangecache{$net};
50 open LOG, ">>", "mbd.log";
52 my @ports = ( mbd::find_all_ports() , $Config::survey_port_low .. $Config::survey_port_high );
54 # Open a socket for each port
56 my $udp = getprotobyname("udp");
59 socket($sock, PF_INET, SOCK_DGRAM, $udp);
60 bind($sock, sockaddr_in($p, INADDR_ANY));
64 my $sendsock = Net::RawIP->new({udp => {}});
66 print "Listening on " . scalar @ports . " ports.\n";
70 my $rin = fhbits(@socks);
73 my $nfound = select($rout=$rin, undef, undef, undef);
74 my $now = [Time::HiRes::gettimeofday];
76 # First of all, close any surveys that are due.
77 for my $sport (keys %active_surveys) {
78 my $age = Time::HiRes::tv_interval($active_surveys{$sport}{start}, $now);
79 if ($age > $Config::survey_time && $active_surveys{$sport}{active}) {
80 print "Survey for '" . $Config::access_list[$active_surveys{$sport}{entry}]->{name} . "'/" .
81 $active_surveys{$sport}{dport} . ": " . $active_surveys{$sport}{num} . " active servers.\n";
82 $active_surveys{$sport}{active} = 0;
84 if ($age > $Config::survey_time * 3.0) {
85 delete $active_surveys{$sport};
89 for my $sock (@socks) {
90 next unless (vec($rout, fileno($sock), 1) == 1);
93 my $addr = recv($sock, $data, 8192, 0); # jumbo broadcast! :-P
94 my ($sport, $saddr) = sockaddr_in($addr);
95 my ($dport, $daddr) = sockaddr_in(getsockname($sock));
96 my $size = length($data);
98 # Check if this is a survey reply
99 if ($dport >= $Config::survey_port_low && $dport <= $Config::survey_port_high) {
100 if (!exists($active_surveys{$dport})) {
101 print "WARNING: Unknown survey port $dport, ignoring\n";
104 if (!$active_surveys{$dport}{active}) {
109 ++$active_surveys{$dport}{num};
115 if (exists($last_sent{$saddr}{$dport})) {
116 my $elapsed = Time::HiRes::tv_interval($last_sent{$saddr}{$dport}, $now);
117 if ($elapsed < 1.0) {
118 print LOG "$dport $size 2\n";
119 print inet_ntoa($saddr), ", $dport, $size bytes => rate-limited ($elapsed secs since last)\n";
124 # We don't get the packet's destination address, but I guess this should do...
125 # Check against the ACL.
128 for my $rule (@Config::access_list) {
131 next unless (mbd::match_ranges($dport, $rule->{'ports'}));
132 next unless (mbd::match_ranges($size, $rule->{'sizes'}));
134 if ($rule->{'filter'}) {
135 next unless ($rule->{'filter'}($data));
142 print LOG "$dport $size $pass\n";
145 print inet_ntoa($saddr), ", $dport, $size bytes => filtered\n";
149 $last_sent{$saddr}{$dport} = $now;
151 # The packet is OK! Do we already have a recent enough survey
152 # for this port, or should we use this packet?
154 if (exists($last_survey{$entry . "/" . $dport})) {
155 my $age = Time::HiRes::tv_interval($last_survey{$entry . "/" . $dport}, $now);
156 if ($age < $Config::survey_freq) {
161 # New survey; find an unused port
164 for my $port ($Config::survey_port_low..$Config::survey_port_high) {
165 if (!exists($active_surveys{$port})) {
166 $survey_sport = $port;
168 $active_surveys{$port} = {
175 $last_survey{$entry . "/" . $dport} = $now;
181 if (!defined($survey_sport)) {
182 print "WARNING: no free survey source ports, not surveying.\n";
188 for my $net (@Config::networks) {
189 next if (cache_cidrlookup(inet_ntoa($saddr), $net));
191 my ($range) = cache_cidrrange($net);
197 saddr => inet_ntoa($saddr),
211 saddr => $Config::survey_ip,
215 source => $survey_sport,
227 print inet_ntoa($saddr), ", $dport, $size bytes => ($num_nets networks) [+survey from port $survey_sport]\n";
229 print inet_ntoa($saddr), ", $dport, $size bytes => ($num_nets networks)\n";
projects / nms / blob