Menu
▾
▴
Re: [hank-devel] problems compiling hank
|
From: <tl...@mi...> - 2002-06-16 20:54:15
|
On Sun, 16 Jun 2002, Patrick McHardy wrote:
> I want to use it to pass packets from netfilter to hank to match them
> against known service signatures (
> like ssh, edonkey, http, ...) and then change their nfmark value. The
> nfmark is then used for QoS classification.
> Do you think it is suited for this task ?
Yep, no prob. If you want detailed upper-level protocol analysis, like
only matching ssh that uses DSA keys or http 1.1 or something, then
you'll have to write a protocol engine for ssh or http, but other than
that it should be fine.
> BTW, i managed to compile hank now and it seems to work, however with
> libpcap i get segmentation faults (libipq works fine):
>
> (gdb) bt
> #0 0x40023c50 in pcap_dispatch () from /usr/lib/libpcap.so.0
> #1 0x080562c4 in get_packet (id=33554432) at paengine_pcap.c:141
> #2 0x08056f55 in main (argc=3, argv=0xbffffae4) at hank.c:361
>
> (gdb) disassemble
> 0x40023c50 <pcap_dispatch+32>: cmpl $0x0,0x14(%eax)
>
> (gdb) info registers eax
> eax 0x0 0
The problem line is this:
141 if((i=pcap_dispatch(config.pcap, 1, &callback, NULL))==0){
Try this patch:
**********************************************************************
--- paengine_pcap.c.orig Sun Jun 16 16:49:45 2002
+++ paengine_pcap.c Sun Jun 16 16:50:22 2002
@@ -138,6 +138,8 @@
}
/* do callback */
+ printf("DOING CALLBACK with config %p, callback %p.\n",
+ config.pcap, &callback);
if((i=pcap_dispatch(config.pcap, 1, &callback, NULL))==0){
/* FIXME: log */
/* fprintf(stderr, "AIEE! pcap_dispatch returned %i!\n", i); */
**********************************************************************
that will at least tell if they're not getting set somehow.
> I used the files coming with hank except for one change: i removed the
> "firewall" part from rules.xml because hank complained
> about unrecognized keyword "firewall" ...
That's fine. That whole area is on the verge of a cleanup; it's
got rather a lot of cruft in it. Unfortunately, right now I am
in the middle of another project; if someone wanted to undertake
the work, I'd be happy to send guidance.
--
Todd Lewis
tl...@mi...
"Bonsoir, Monet. Work, work. It is the most beautiful thing there is
in the world." -- Clemenceau
|
