The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Data Structures | Macros | Typedefs | Enumerations
radsniff.h File Reference

Structures and prototypes for the RADIUS sniffer. More...

#include <sys/types.h>
#include <freeradius-devel/util/pcap.h>
#include <freeradius-devel/util/event.h>
#include <freeradius-devel/radius/radius.h>
+ Include dependency graph for radsniff.h:
+ This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  radius_packet_t
 
struct  rs
 
struct  rs.stats
 
struct  rs_capture_t
 
struct  rs_counters_t
 
struct  rs_event_t
 Statistic write/print event. More...
 
struct  rs_latency_t
 Stats for a single interval. More...
 
struct  rs_latency_t.interval
 
struct  rs_malformed_t
 
struct  rs_request_t
 Wrapper for fr_packet_t. More...
 
struct  rs_stats_t
 One set of statistics. More...
 
struct  rs_update
 FD data which gets passed to callbacks. More...
 

Macros

#define DEBUG(fmt, ...)   if (fr_debug_lvl > 1) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)
 
#define DEBUG2(fmt, ...)   if (fr_debug_lvl > 2) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)
 
#define ERROR(fmt, ...)   fr_perror("radsniff: " fmt, ## __VA_ARGS__)
 
#define INFO(fmt, ...)   if (fr_debug_lvl > 0) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)
 
#define RDEBUG(fmt, ...)   if (conf->print_packet && (fr_debug_lvl > 1)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)
 
#define RDEBUG2(fmt, ...)   if (conf->print_packet && (fr_debug_lvl > 2)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)
 
#define RDEBUG_ENABLED()   (conf->print_packet && (fr_debug_lvl > 1))
 
#define RDEBUG_ENABLED2()   (conf->print_packet && (fr_debug_lvl > 2))
 
#define REDEBUG(fmt, ...)   if (conf->print_packet) fr_perror("%s (%" PRIu64 ") " fmt , timestr, count, ## __VA_ARGS__)
 
#define RIDEBUG(fmt, ...)   if (conf->print_packet && (fr_debug_lvl > 0)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)
 
#define RIDEBUG_ENABLED()   (conf->print_packet && (fr_debug_lvl > 0))
 
#define RS_DEFAULT_PREFIX   "radsniff"
 Default instance. More...
 
#define RS_DEFAULT_SECRET   "testing123"
 Default secret. More...
 
#define RS_DEFAULT_TIMEOUT   5200
 Standard timeout of 5s + 300ms to cover network latency. More...
 
#define RS_FORCE_YIELD   1000
 Service another descriptor every X number of packets. More...
 
#define RS_MAX_ATTRS   50
 Maximum number of attributes we can filter on. More...
 
#define RS_RETRANSMIT_MAX   5
 Maximum number of times we expect to see a packet retransmitted. More...
 
#define RS_SOCKET_REOPEN_DELAY   5000
 How long we delay re-opening a collectd socket. More...
 

Typedefs

typedef void(* rs_packet_logger_t) (uint64_t count, rs_status_t status, fr_pcap_t *handle, fr_packet_t *packet, fr_pair_list_t *list, struct timeval *elapsed, struct timeval *latency, bool response, bool body)
 
typedef void(* rs_stats_print_cb_t) (rs_update_t *this, rs_stats_t *stats, struct timeval *now)
 Callback for printing stats values. More...
 
typedef void(* rs_stats_print_header_cb_t) (rs_update_t *this)
 Callback for printing stats header. More...
 
typedef struct rs rs_t
 
typedef struct rs_update rs_update_t
 

Enumerations

enum  rs_status_t {
  RS_NORMAL = 0x01 ,
  RS_UNLINKED = 0x02 ,
  RS_RTX = 0x04 ,
  RS_REUSED = 0x08 ,
  RS_ERROR = 0x10 ,
  RS_LOST = 0x20
}
 
enum  stats_out_t {
  RS_STATS_OUT_STDIO_FANCY ,
  RS_STATS_OUT_STDIO_CSV
}
 

Detailed Description

Structures and prototypes for the RADIUS sniffer.

Id
10c2de3c134cbcb676f0c24bcb98032b29ee09e7
Copyright
2013 Arran Cudbard-Bell (arran.nosp@m..cud.nosp@m.bardb.nosp@m.@fre.nosp@m.eradi.nosp@m.us.o.nosp@m.rg)
2006 The FreeRADIUS server project
2006 Nicolas Baradakis (nicol.nosp@m.as.b.nosp@m.arada.nosp@m.kis@.nosp@m.ceget.nosp@m.el.n.nosp@m.et)

Definition in file radsniff.h.

Data Structure Documentation

◆ radius_packet_t

struct radius_packet_t

Definition at line 100 of file radsniff.h.

Data Fields
uint8_t code
uint8_t data[]
uint8_t id
uint8_t length[2]
uint8_t vector[RADIUS_AUTH_VECTOR_LENGTH]

◆ rs

struct rs

Definition at line 259 of file radsniff.h.

+ Collaboration diagram for rs:
Data Fields
int buffer_pkts Size of the ring buffer to setup for live capture.
bool daemonize Daemonize and write PID out to file.
bool decode_attrs Whether we should decode attributes in the request and response.
rs_status_t event_flags Events we log and capture on.
char const * filter_request Raw request filter string.
fr_radius_packet_code_t filter_request_code Filter request packets by code.
fr_pair_list_t filter_request_vps Sorted filter vps.
char const * filter_response Raw response filter string.
fr_radius_packet_code_t filter_response_code Filter response packets by code.
fr_pair_list_t filter_response_vps Sorted filter vps.
bool from_auto From list was auto-generated.
bool from_dev Were reading pcap data from devices.
bool from_file Were reading pcap data from files.
bool from_stdin Were reading pcap data from stdin.
uint64_t limit Maximum number of packets to capture.
char * link_attributes Names of fr_dict_attr_ts to use for rtx.
fr_dict_attr_t const * link_da[RS_MAX_ATTRS] fr_dict_attr_ts to link on.
int link_da_num Number of rtx fr_dict_attr_ts.
char * list_attributes Raw attribute filter string.
fr_dict_attr_t const * list_da[RS_MAX_ATTRS] Output CSV with these attribute values.
int list_da_num
rs_packet_logger_t logger Packet logger.
char const * output_dir Where we should save the files $PATH/requests.txt and $PATH/reply.txt.
char * pcap_filter PCAP filter string applied to live capture devices.
char * pcap_filter_vlan Variant of the normal filter to apply to devices which support VLAN tags.
char const * pidfile File to write PID to.
bool print_packet Print packet info, disabled with -W.
bool promiscuous Capture in promiscuous mode.
char * radius_secret Secret to decode encrypted attributes.
struct rs stats
bool to_file Were writing pcap data to files.
bool to_output_dir Were writing attributes into directory.
bool to_stdout Were writing pcap data to stdout.
bool verify_radius_authenticator Check RADIUS authenticator in packets.
bool verify_udp_checksum Check UDP checksum in packets.

◆ rs.stats

struct rs.stats

Definition at line 308 of file radsniff.h.

Data Fields
int interval Time between stats updates in seconds.
stats_out_t out Where to write stats.
int timeout Maximum length of time we wait for a response.

◆ rs_capture_t

struct rs_capture_t

Definition at line 174 of file radsniff.h.

Data Fields
uint8_t * data PCAP packet data.
struct pcap_pkthdr * header PCAP packet header.

◆ rs_counters_t

struct rs_counters_t

Definition at line 96 of file radsniff.h.

Data Fields
uint64_t type[FR_RADIUS_CODE_MAX+1]

◆ rs_event_t

struct rs_event_t

Statistic write/print event.

Definition at line 224 of file radsniff.h.

+ Collaboration diagram for rs_event_t:
Data Fields
fr_pcap_t * in PCAP handle event occurred on.
fr_event_list_t * list The event list.
fr_pcap_t * out Where to write output.
rs_stats_t * stats Where to write stats.

◆ rs_latency_t

struct rs_latency_t

Stats for a single interval.

And interval is defined as the time between a call to the stats output function.

Definition at line 112 of file radsniff.h.

Data Fields
struct rs_latency_t interval
int intervals Number of stats intervals.
double latency_smoothed Smoothed moving average.
uint64_t latency_smoothed_count Number of CMA datapoints processed.

◆ rs_latency_t.interval

struct rs_latency_t.interval

Definition at line 118 of file radsniff.h.

Data Fields
double latency_average Average latency (this iteration).
double latency_high Latency high water mark.
double latency_low Latency low water mark.
long double latency_total Total latency between requests/responses in the interval.
double linked Number of request/response pairs.
uint64_t linked_total Total request/response pairs over interval.
double lost Never got a response to a request.
uint64_t lost_total Total packets definitely lost in this interval.
double received Number of this type of packet we've received.
uint64_t received_total Total received over interval.
double reused ID re-used too quickly.
uint64_t reused_total Total reused over interval.
double rt[RS_RETRANSMIT_MAX+1] Number of times we saw the same request packet.
uint64_t rt_total[RS_RETRANSMIT_MAX+1] Number of RTX until complete over interval.
double unlinked Response with no request.
uint64_t unlinked_total Total unlinked over interval.

◆ rs_malformed_t

struct rs_malformed_t

Definition at line 145 of file radsniff.h.

Data Fields
uint64_t attribute_overflow
uint64_t attribute_too_short
uint64_t attribute_underflow
uint64_t header_overflow
uint64_t invalid_attribute
uint64_t ma_invalid_length
uint64_t ma_missing
uint64_t min_length_field
uint64_t min_length_mimatch
uint64_t min_length_packet
uint64_t too_many_attributes

◆ rs_request_t

struct rs_request_t

Wrapper for fr_packet_t.

Allows an event to be associated with a request packet. This is required because we need to disarm the event timer when a response is received, so we don't erroneously log the response as lost.

Definition at line 184 of file radsniff.h.

+ Collaboration diagram for rs_request_t:
Data Fields
rs_capture_t capture[RS_RETRANSMIT_MAX] Buffered request packets (if a response filter has been applied).
rs_capture_t * capture_p Next packet slot.
fr_event_timer_t const * event Event created when we received the original request.
fr_packet_t * expect Request/response.
fr_pair_list_t expect_vps
uint64_t id Monotonically increasing packet counter.
fr_pcap_t * in PCAP handle the original request was received on.
bool in_link_tree Whether the request is currently in the linked tree.
bool in_request_tree Whether the request is currently in the request tree.
fr_rb_node_t link_node
fr_pair_list_t link_vps fr_pair_ts used to link retransmissions.
fr_packet_t * linked The subsequent response or forwarded request the packet.

was linked against.

bool logged Whether any messages regarding this request were logged.
fr_packet_t * packet The original packet.
fr_pair_list_t packet_vps
fr_rb_node_t request_node
uint64_t rt_req Number of times we saw the same request packet.
uint64_t rt_rsp Number of times we saw a retransmitted response packet.
bool silent_cleanup Cleanup was forced before normal expiry period, ignore stats about packet loss.
rs_latency_t * stats_req Latency entry for the request type.
rs_latency_t * stats_rsp Latency entry for the request type.
struct timeval when Time when the packet was received, or next time an event is scheduled.

◆ rs_stats_t

struct rs_stats_t

One set of statistics.

Definition at line 162 of file radsniff.h.

+ Collaboration diagram for rs_stats_t:
Data Fields
rs_latency_t exchange[FR_RADIUS_CODE_MAX+1] We end up allocating ~16K, but memory is cheap so.

what the hell. This is required because instances of FreeRADIUS delay Access-Rejects, which would artificially increase latency stats for Access-Requests.

int intervals Number of stats intervals.
struct timeval quiet We may need to 'mute' the stats if libpcap starts dropping packets, or we run out of memory.

◆ rs_update

struct rs_update

FD data which gets passed to callbacks.

Definition at line 249 of file radsniff.h.

+ Collaboration diagram for rs_update:
Data Fields
rs_stats_print_cb_t body Print body.
bool done_header Have we printed the stats header?
rs_stats_print_header_cb_t head Print header.
fr_pcap_t * in Linked list of PCAP handles to check for drops.
fr_event_list_t * list List to insert new event into.
rs_stats_t * stats Stats to process.

Macro Definition Documentation

◆ DEBUG

#define DEBUG (   fmt,
  ... 
)    if (fr_debug_lvl > 1) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)

Definition at line 54 of file radsniff.h.

◆ DEBUG2

#define DEBUG2 (   fmt,
  ... 
)    if (fr_debug_lvl > 2) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)

Definition at line 52 of file radsniff.h.

◆ ERROR

#define ERROR (   fmt,
  ... 
)    fr_perror("radsniff: " fmt, ## __VA_ARGS__)

Definition at line 58 of file radsniff.h.

◆ INFO

#define INFO (   fmt,
  ... 
)    if (fr_debug_lvl > 0) fprintf(fr_log_fp , fmt "\n", ## __VA_ARGS__)

Definition at line 56 of file radsniff.h.

◆ RDEBUG

#define RDEBUG (   fmt,
  ... 
)    if (conf->print_packet && (fr_debug_lvl > 1)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)

Definition at line 66 of file radsniff.h.

◆ RDEBUG2

#define RDEBUG2 (   fmt,
  ... 
)    if (conf->print_packet && (fr_debug_lvl > 2)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)

Definition at line 67 of file radsniff.h.

◆ RDEBUG_ENABLED

#define RDEBUG_ENABLED ( )    (conf->print_packet && (fr_debug_lvl > 1))

Definition at line 61 of file radsniff.h.

◆ RDEBUG_ENABLED2

#define RDEBUG_ENABLED2 ( )    (conf->print_packet && (fr_debug_lvl > 2))

Definition at line 62 of file radsniff.h.

◆ REDEBUG

#define REDEBUG (   fmt,
  ... 
)    if (conf->print_packet) fr_perror("%s (%" PRIu64 ") " fmt , timestr, count, ## __VA_ARGS__)

Definition at line 64 of file radsniff.h.

◆ RIDEBUG

#define RIDEBUG (   fmt,
  ... 
)    if (conf->print_packet && (fr_debug_lvl > 0)) fprintf(fr_log_fp , "%s (%" PRIu64 ") " fmt "\n", timestr, count, ## __VA_ARGS__)

Definition at line 65 of file radsniff.h.

◆ RIDEBUG_ENABLED

#define RIDEBUG_ENABLED ( )    (conf->print_packet && (fr_debug_lvl > 0))

Definition at line 60 of file radsniff.h.

◆ RS_DEFAULT_PREFIX

#define RS_DEFAULT_PREFIX   "radsniff"

Default instance.

Definition at line 40 of file radsniff.h.

◆ RS_DEFAULT_SECRET

#define RS_DEFAULT_SECRET   "testing123"

Default secret.

Definition at line 41 of file radsniff.h.

◆ RS_DEFAULT_TIMEOUT

#define RS_DEFAULT_TIMEOUT   5200

Standard timeout of 5s + 300ms to cover network latency.

Definition at line 42 of file radsniff.h.

◆ RS_FORCE_YIELD

#define RS_FORCE_YIELD   1000

Service another descriptor every X number of packets.

Definition at line 43 of file radsniff.h.

◆ RS_MAX_ATTRS

#define RS_MAX_ATTRS   50

Maximum number of attributes we can filter on.

Definition at line 45 of file radsniff.h.

◆ RS_RETRANSMIT_MAX

#define RS_RETRANSMIT_MAX   5

Maximum number of times we expect to see a packet retransmitted.

Definition at line 44 of file radsniff.h.

◆ RS_SOCKET_REOPEN_DELAY

#define RS_SOCKET_REOPEN_DELAY   5000

How long we delay re-opening a collectd socket.

Definition at line 46 of file radsniff.h.

Typedef Documentation

◆ rs_packet_logger_t

typedef void(* rs_packet_logger_t) (uint64_t count, rs_status_t status, fr_pcap_t *handle, fr_packet_t *packet, fr_pair_list_t *list, struct timeval *elapsed, struct timeval *latency, bool response, bool body)

Definition at line 78 of file radsniff.h.

◆ rs_stats_print_cb_t

typedef void(* rs_stats_print_cb_t) (rs_update_t *this, rs_stats_t *stats, struct timeval *now)

Callback for printing stats values.

Definition at line 243 of file radsniff.h.

◆ rs_stats_print_header_cb_t

typedef void(* rs_stats_print_header_cb_t) (rs_update_t *this)

Callback for printing stats header.

Definition at line 238 of file radsniff.h.

◆ rs_t

typedef struct rs rs_t

Definition at line 78 of file radsniff.h.

◆ rs_update_t

typedef struct rs_update rs_update_t

Definition at line 78 of file radsniff.h.

Enumeration Type Documentation

◆ rs_status_t

enum rs_status_t
Enumerator
RS_NORMAL 
RS_UNLINKED 
RS_RTX 
RS_REUSED 
RS_ERROR 
RS_LOST 

Definition at line 69 of file radsniff.h.

◆ stats_out_t

enum stats_out_t
Enumerator
RS_STATS_OUT_STDIO_FANCY 
RS_STATS_OUT_STDIO_CSV 

Definition at line 81 of file radsniff.h.

Generated by   doxygen 1.9.1