/* 
 * defs.h 
 * Copyright (c) 2004-2006 Vlad GALU <dudu@dudu.ro> 
 *                    Andrei GAVRILOAIE <gavriloaie_andrei@yahoo.com> 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
 */


#ifndef DEFS_H
#define DEFS_H

/* define section */
#define __FAVOR_BSD					1
#define _BSD_SOURCE					1
#define SNAPLEN						68
#define TIME_BETWEEN_FLOW_CLEANUPS	10		// time between cleanups in seconds

#define TIME_BETWEEN_HOST_CLEANUPS	20		// time between cleanups in seconds

#define FLOW_LIFETIME				20		// the number of seconds of
											// inactivity after which a flow is
											// discarded
											
#define MAX_FLOWS_PER_SEC			100		// the maximum number of flows 
											// per second that hit a target
#define MAX_PACKETS_PER_SEC_IN_FLOW	2000

#define	MAX_PPS_PER_HOST			5000	// the maximum number of 
											// packets per second towards a 
											// specific host
											
#define HOST_LIFETIME				30		// the number of seconds of
											// inactivity for a specific host

/* link layer offset section */
#define	ETHSIZE			14
#define	TRSIZE			22
#define	PPPSIZE			4
#define	SLIPSIZE		16
#define	RAWSIZE			0
#define	LOOPSIZE		4
#define	FDDISIZE		21
#define	ISDNSIZE		16

/* include section */
#include <config.h>

#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif

#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif

#ifdef HAVE_NETINET_IN_SYSTM_H
#include <netinet/in_systm.h>
#endif

#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif

#ifdef HAVE_NETINET_IP_H
#include <netinet/ip.h>
#endif

#ifdef HAVE_ARPA_INET_H 
#include <arpa/inet.h>  
#endif

#ifdef HAVE_NETINET_IP_ICMP_H
#include <netinet/ip_icmp.h>
#endif

#ifndef _LINUX
#ifdef HAVE_NETINET_UDP_H
#include <netinet/udp.h>
#endif // HAVE_NETINET_UDP_H
#ifdef HAVE_NETINET_TCP_H
#include <netinet/tcp.h>
#endif // HAVE_NETINET_TCP_H
#endif //_LINUX

#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif

#ifdef HAVE_SYSLOG_H
#include <syslog.h>
#endif

#ifdef HAVE_STRING_H
#include <string.h>
#endif

#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif

#ifdef HAVE_SIGNAL_H
#include <signal.h>
#endif

#ifdef HAVE_PCAP_H
extern "C" {
#include <pcap.h>
}
#endif

#ifdef _USE_MD4
#include <openssl/md4.h>
#else
#ifdef _USE_MD5
#include <openssl/md5.h>
#endif //_USE_MD5
#endif //_USE_MD4

#include <stack>
using namespace std;

#ifdef _DEBUG
#ifdef HAVE_TIME_H
#include <time.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#endif //_DEBUG



/* type declaration section */
typedef bool(*CLEANFUNC) (void *, void*);

typedef struct {
	struct pdu {
		struct in_addr  saddr;  /* source host */
		struct in_addr  daddr;  /* destination host */
        u_short sport;          /* source port */
        u_short dport;          /* destination port */
		u_int   packets;        /* total packets in flow */
		u_int   bytes;          /* total bytes in flow */
		time_t  first;          /* timestamp of the first packet in the flow */
		time_t  last;           /* timestamp of the last packet in the flow */
		u_char tcp_flags;      /* TCP flags, if any */
		u_char proto;          /* IP protocol (eg. TCP/UDP/other) */
		u_char tos;            /* Type Of Service */
	}	records;
	struct counters	{
		time_t  lastcheck;
	}	stats;
}	flow_t;

#ifdef _LINUX
typedef u_int32_t tcp_seq;
/*
 * TCP header.
 * Per RFC 793, September, 1981.
 */
struct tcphdr
  {
    u_int16_t th_sport;         /* source port */
    u_int16_t th_dport;         /* destination port */
    tcp_seq th_seq;             /* sequence number */
    tcp_seq th_ack;             /* acknowledgement number */
#if __BYTE_ORDER == __LITTLE_ENDIAN
    u_int8_t th_x2:4;           /* (unused) */
    u_int8_t th_off:4;          /* data offset */
#endif
#if __BYTE_ORDER == __BIG_ENDIAN
    u_int8_t th_off:4;          /* data offset */
    u_int8_t th_x2:4;           /* (unused) */
#endif
    u_int8_t th_flags;
#  define TH_FIN        0x01
#  define TH_SYN        0x02
#  define TH_RST        0x04
#  define TH_PUSH       0x08
#  define TH_ACK        0x10
#  define TH_URG        0x20
    u_int16_t th_win;           	/* window */
    u_int16_t th_sum;           	/* checksum */
    u_int16_t th_urp;           	/* urgent pointer */
};

struct udphdr {
    u_short uh_sport;               /* source port */
    u_short uh_dport;               /* destination port */
    u_short uh_ulen;                /* udp length */
    u_short uh_sum;                 /* udp checksum */
};
#endif //_LINUX



/* macro section */
#ifdef _DEBUG
#define dprintf(args...) fprintf(stdout, args)
#else
#define dprintf(args...)
#endif //_DEBUG

#ifdef _USE_MD4
#define HASH(src, srcSize, dst) {\
	MD4_CTX context;\
	MD4_Init(&context);\
	MD4_Update(&context,src,srcSize);\
	MD4_Final(dst,&context);\
}
#else
#ifdef _USE_MD5
#define HASH(src, srcSize, dst) {\
	MD5_CTX context;\
	MD5_Init(&context);\
	MD5_Update(&context,src,srcSize);\
	MD5_Final(dst,&context);\
}
#endif //_USE_MD5
#endif //_USE_MD4


/* prototype section */
int getIPLayerOffset(pcap_t *pPcap);
void handlePacket(u_char *pIPLayerOffsetV, const pcap_pkthdr *pPcapHeader, const u_char *pPacketData);
bool cleanupFlowTest(void *current, void *udata);
bool cleanupHostTest(void *current, void *udata);

#endif //DEFS_H

// vi:ts=4