pax_global_header00006660000000000000000000000064141557325260014524gustar00rootroot0000000000000052 comment=3da715479f5fa7f1f9699e1379114140f12e5352 libnids-1.26/000077500000000000000000000000001415573252600131005ustar00rootroot00000000000000libnids-1.26/CHANGES000066400000000000000000000146461415573252600141060ustar00rootroot00000000000000v1.26 Sep 24 2015 - Set default tcp_flow_timeout to 1 hour, which should cover most firewalls' and OS's TCP idle timeout v1.25 Feb 18 2013 - added timeouts for tcp streams v1.24 Mar 14 2010 - fixed another remotely triggerable NULL dereference in ip_fragment.c - unofficial patch that enables tracking of already established TCP connections - missing reset of some tcp_* variables upon nids_exit - correct calculation of radiotap header - compilation warning fixes with newer gcc - use pcap_get_selectable_fd() instead of pcap_fileno() v1.23 Feb 23 2008 - fixed remotely triggerable NULL dereference in ip_fragment.c - fix DLT_PRISM_HEADER linkoffset calculation - check for DATA_FRAME_IS_QOS in wireless frames - free queued tcp segments with too old seq v1.22 Jul 22 2007 - in TCP stream, the byte with absolute offset 0 was treated as urgent data; fixed - DLT_IEEE802_11_RADIO handling - added a few missing checks for failed malloc v1.21 May 10 2006 - more externals to access libnids' intrinsics from the outside - nids_unregister_*() - UDP checksumming fix (0 is not an error according to RFC768) - nids_params.tcp_workarounds - nids_params.multiproc and queue_limit: merged a patch which creates a separate thread for packet capture; - in killtcp.c, send two more RST packets (required because of MS05-019 patch) - glibc 2.4 syslog.h disaster workaround v1.20 Feb 4 2005 - added wscale option parsing; surprisingly, it seems to be in some use - added nids_dispatch(), for systems which do not ignore pcap timeout - ability to specify hosts/networks for which we do not check checksums v1.19 Aug 08 2004 - fixed signed/unsigned comparisons; 1.18 could be possibly crashed in tcp options parsing (though an unlikely to happen memory layout is required); now the source is compiled with -W -Wall - export pcap header of the last received packet (to get timestamp etc) - export the timeout parameter to pcap_open_live in params - support DLT_PRISM_HEADER - support DLT_PPP_SERIAL - let through dataless acks - fixed raw_init() prototype - switched to use %edi instead of %ebx in csum_partial to make gcc-3.5 happy when compiling with -fPIC; cleaned inline asm - fixed a bug when a queued FIN segment was not processed properly, which resulted in not closing a stream v1.18 Oct 15 2003 - reject tcp packets with old timestamp; needed to pass fragroute test; well, linux 2.0.36 did not support this ;) - fixed memory corruption which could be caused by overlarge TCP packets - adjusted checksum.c to not use multiline literals (for gcc 3.3) - in configure.in, even if found libnet files, try compilation; there is another library with the same name - fix a bug in "collect" field handling; if you did collect-- and then collect++ (which is rare), you would get a single junk packet - correct handling of exec_prefix in configure.in - unlink config.status in "make distclean" - use pcap_hdr->caplen instead pcap_hdr->len; the only gain seems to be to gracefully handle pcap files with too short snaplen - changed soname to libnids.so.1.x, as binary compatibility is not guaranteed - switched to sourceforge as homepage v1.17 Dec 12 2002 - fixed a stupid bug in TCP reassembly; having received a particular order of TCP out of frame segments, libnids could lost track of the current seq, and miss the following data stream - DLT_FDDI - benign typo in hash.c - mentioned usefulness of two process buffering on a fast network v1.17rc1 Aug 30 2002 - support for libnet-1.1 and --with-libnet=no - added support for libpcap save files - finally, DLT_LINUX_SLL is recognized - removed a horrible assumption on sizeof(pointer); it could result in segfault in scan.c - --enable-shared - __i386 -> __i386__ || __i386 :( - support for 802.1Q VLAN - support for wireless frames (DLT_IEEE802_11) - got rid of (obsolete) pcap_open_live_new - bail out if link type is unknown, instead of pretending it is ethernet - $(MAKE) -> $(MAKE) $(AM_MAKEFLAGS) - added a working link to Ptacek-Newsham paper - %hi -> %hu :) - align IP header if necessary (should not be) - improved libraries detection - mentioned usefulness od setsockopt(...SO_RCVBUF...) on a fast network v1.16 Nov 3 2000 - nah, at least a release forced by a security bug. A typo in libnids.c could cause libnids to segfault when source routed frame has been received. v1.15 Oct 9 2000 - token ring support - new configurable option (non-default): if a tcp callback hasn't processed all available data, it is called immediately again - fixed alignment in hash.c, which caused sigsegv on Sparc - another _obviously_ redundant include file added to configure test progs - html version of the API documentation v1.14 Jun 28 2000 - fixed memory leak in tcp.c (queued tcp segments used to be not freed after connection termination) - added support to capture packets on all interfaces, including loopback (linux only, using new libpcap features - autoconf changed) - added nids_register_udp(); if anyone cares for UDP checksums... - stupid bug in nids_register_ip_frag() fixed - removed comments from asm code in checksum.c; Solaris compiler didn't recognized them - sigh - signed/unsigned bug in scan.c fixed - tcp callback could be notified even if no nw data arrived - fixed - added ability to disable tcp processing - added ability to refrain from setting promisc flag - libc5 support - alpha platform support - now it's possible to do setuid(nobody) after nids_init() with no loss of functionality (killtcp works) - removed pcap_lookupnet() call - one can capture packets from an interface with no IP assigned - hash function in tcp.c with pseudorandom parameters - #define NIDS_MAJOR 1, #define NIDS_MINOR 14 in nids.h v1.13 Jan 18 2000 - Changes by Dug Song: - GNU autoconf support - code cleanup and new libnids(3) manpage - disable portscan detection if scan_num_hosts == 0 - new field in nids_params for pcap(3) support: pcap_filter - subtle bugfix in ip_check_ext() - Solaris support (endianness fixes, etc.) - another tiny check in tcp.c v1.12 Sep 15 1999 - processing of ICMP Destination Unreachable - nids_next() and nids_getfd() functions added; new fields in nids_params: no_mem, ip_filter - clean error reporting via nids_errbuf; used by nids_init(), nids_next(), nids_getfd() - some more samples v1.11 Aug 20 1999 - some stupid bugs removed (hopefully no more segfaults) v1.1 Aug 10 1999 - *BSD support added by Dug Song - some minor cleanups in libnids.c - changed the license to GPL v1.0 July 30 1999 - Initial public release libnids-1.26/COPYING000066400000000000000000000430761415573252600141450ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. libnids-1.26/CREDITS000066400000000000000000000145211415573252600141230ustar00rootroot00000000000000 Libnids author: Nergal Corrections to make libnids build on *BSD; bugfixes, GNU autoconf support, libnids(3) manpage, alpha platform problems solved: Dug Song The fix of the problem with gcc 2.95 and 2.0.x asm code; the ideas of nids_getfd(), nids_next(): Adam Langley The idea of ip_filter function Sebastian WIN32 support Michael Davis Memory leak in tcp.c reported billzh , Rob Willis Possible improper behaviour of notify() Rob Willis Stupid bug found in nids_register_ip_frag() Gabe Wachob , Solar Designer Patches to support libc5 Solar Designer , Denis Ducamp Requests for features, constructive critics Solar Designer Support for token ring Vacuum Alignment bug in hash.c Anders Thulin Ken Mandelberg in.h missing in "configure" test programs. Damn, if a include file X needs structures defined in Y, why doesn't X include Y ? Stupid Solaris. Raymond Scott dangerous typo found in libpcap.c, in code handling source routed frames Keiji Takeda support for wireless frames (DLT_IEEE802_11) William McVey support for libpcap save files Scott Renfro actually, many people sent their save file patches; I picked Scott's one DLT_LINUX_SLL Robin Redeker support for 802.1Q VLAN Jason Ackley added AM_MAKEFLAGS Brad added a working link to Ptacek-Newsham paper Nick Drage replaced %hi with %hu Kazennov Vladimir report on configure unable to find libraries Eric Darchis DLT_FDDI jkrage@buser.net random() -> rand() Davide Madrisan provided pcap dump file triggering a bug in TCP reassembly Yoav Weiss reported a problem with fragroute "tcp_chaff paws", reported a problem with "collect" fields handling, exec_prefix patch, reported a problem with short snaplen pcapfiles Russ Fink reported a problem with memory corruption Robert Watson reported a problem with multiline literals and gcc 3.3 many folks; the first report from Arkadiusz Patyk reported a problem with signed/unsigned in get_ts() many folks; the first report from Russ Fink suggestion to export the pcap header of the last packet Arthur Bergman suggestion to make pcap_timeout parameter settable in params Pedro Paulo Jr prism wireless cards support snax reported a problem which revealed that dataless acks are not let through Russ Fink reported raw_init() breakage Brian Wesley Dillard DLT_PPP_SERIAL Jean-Edouard BABIN Reported a problem with gcc 3.5 and csum_partial Jon Oberheide man page fixes Solar Designer suggested inline asm fixes to reflect the usage of registers Solar Designer nids_dispatch(), API/documentation improvements Mike Pomraning submission of pcap files containing tcp stream with wscale Marc A. Lehmann Robin Redeker manpage suggestions, valuable discussions Marc A. Lehmann two threads patch (one for packet capture, other for packets processing) Erno Rigo more externals to access libnids' intrinsics from the outside (nids_last_pcap_data, nids_linkoffset, nids_prm.pcap_desc, nids_find_tcp_stream(), nids_free_tcp_stream(), nids_pcap_handler() and nids_exit()), more API functions (nids_unregister_*()), fix to prevent adding several times the same user-defined callback function with nids_register_*()), UDP checksumming fix (0 is not an error according to RFC768), timeout'ing of TCP streams closed despite needed retransmissions if nids_params.tcp_workarounds is non-zero, tcp_stream.user for connection-wide user-defined parameter, and updated manpage & API docs :) Sebastien Raveau Persistent quering about nonworking nids_killtcp() against XP SP2: "Pedro Paulo de Magalhaes Oliveira Junior" "Rafael Donnici de Azevedo" "absolute offset 0 byte" bug report Treker Chen DLT_IEEE802_11_RADIO support crass@berlios.de fix DLT_PRISM_HEADER linkoffset calculation; check for DATA_FRAME_IS_QOS in wireless frames (code from tcpdump) spotted by xenion free queued tcp segments with too old seq "Xiang, Lin" wallyymir@yahoo.com reported possible NULL dereference in ip_fragment.c "Alfred E. Heggestad" notes about global variables in case of multiproc operation "Ben, Wu CheokMan" David Cannings , Abhisek Datta missing reset of some tcp_* variables upon nids_exit Michal Pecio correct calculation of radiotap header Jon Oberheide , Alon Bar-Lev compilation warning fixes Gao Xia another possible NULL dereference in ip_fragment.c fix Jeff Nathan pcap_get_selectable_fd() Alon Bar-Lev unofficial patch that enables tracking of already established TCP connections Libnids uses libpcap and libnet libraries: LBNL Network Research Group ftp://ftp.ee.lbl.gov/libpcap.tar.Z new versions available at http://www.tcpdump.org/release/ Mike D. Schiffman route|daemon9 http://www.packetfactory.net/libnet Libnids emulates algorithms present in Linux 2.0.36 kernel. The files ip_fragment.c and ip_options.c are the modified respective files from Linux 2.0.36 kernel source. The asm code used for checksums computing is taken from Linux 2.2.10 kernel source. libnids-1.26/MISC000066400000000000000000000065471415573252600135720ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== 1. Building ----------- Libnids uses libpcap (can be retrieved from http://www.tcpdump.org/release/) and libnet (available at http://www.packetfactory.net/libnet). All credits to autors of these libs. As already mentioned in README, currently libnids will compile on Linux, any *BSD and Solaris. WIN32 port is mantained separately. In order to build libnids, issue "./configure;make" command in top directory. Library files libnids.so and libnids.a should be created in "src" directory. "make install" will install library and header files. You may wish to consult "./configure --help" output for available options. 2. Limitations -------------- In their paper, T. Ptacek and T. Newsham observed that various operating systems implement IP stack differently and can interpret differently the same packet. It means that having seen a IP packet, NIDS has to interpret it with regard to receiving operating system type. A perfect NIDS E-component should possess knowledge on all operating systems network implementation oddities. I don't know any actual NIDS implementation that takes the previous into consideration. Libnids 1.0 was meant to reliably emulate behavior of Linux 2.0.36 kernel. Thanks to libnids testing, some bugs in 2.0.36 networking code were found. One of them enabled an attacker to perform blind TCP spoofing against 2.0.x kernels, including 2.0.36 and 2.0.37 (that is NOT the vulnerability discovered by NAI; see my posting to Bugtrag from beginning of August 99). Info on spotted bugs was submitted to Linux kernel mantainers on 25th May 99 (before the release of 2.0.37), but none of them got fixed. File PATCH contains diffs against 2.0.37, which stop blind spoofing attack and one of data insertion attacks (now its equivalent is incorporated into Solar Designer's secure-linux-0.9 patch). Currently, libnids predicts 2.0.37 behavior as accurately as possible (with some unevitable exceptions - see my postings to Bugtraq from beginning of August 99). In extreme conditions, libnids can incorrectly emulate actions of other operating systems. However, libnids should cope with simple attacks (like these implemented in fragrouter 1.3) targetted at any OS type. All NIDS are vulnerable to DOS attacks. Libnids uses efficient data structures (i.e. hash tables) to minimize risk of CPU saturation. However, all NIDS (including ones based on libnids) has to define some resources (most notably, memory) limits. A determined attacker can attempt to make libnids use up all of its memory, which can result in dropping some data. Libnids will report such condition via its D-component interface. 3. Why does libnids emulate 2.0.x kernel instead of 2.2.x ? ------------------------------------------------------- First of all, libnids development started when 2.0.36 was the current stable kernel. Moreover, some people still prefer to use 2.0.x kernels, one of the reasons being the fact that there is still no Solar Designer non-executable stack patch for 2.2.x (not released oficially until July 99). Finally, 2.2.x kernels are highly configurable during run-time (for instance it's possible to change via proc interface the amount of kernel memory devoted for IP fragments queuing), which generally makes them unpredictable. libnids-1.26/Makefile.in000066400000000000000000000006541415573252600151520ustar00rootroot00000000000000# # Makefile for libnids. # # Dug Song all: static @BUILD_SHARED@ install: _install@BUILD_SHARED@ static shared _install _installshared: cd src ; $(MAKE) $(AM_MAKEFLAGS) $@ # cd samples; $(MAKE) $(AM_MAKEFLAGS) $@ clean: cd src ; $(MAKE) $(AM_MAKEFLAGS) $@ cd samples; $(MAKE) $(AM_MAKEFLAGS) $@ distclean: clean rm -f Makefile */Makefile */config.h config.status config.cache config.log *~ # EOF libnids-1.26/README000066400000000000000000000052751415573252600137710ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== 1. What is libnids ? ------------------------ Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. Libnids performs: a) assembly of TCP segments into TCP streams b) IP defragmentation c) TCP port scan detection More technical info can be found in MISC file. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS. 2. Why is libnids valuable ? ---------------------------- On January 98, Thomas H. Ptacek and Timothy N. Newsham published an excellent paper entitled "Eluding Network Intrusion Detection". It's a must-read for all security concerned people, available from http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html In this paper one can find description of variety of attack against NIDS. During libnids development a lot of effort was made to make libnids immune to these attacks. During tests libnids performed TCP assembly and IP defragmentation in exactly the same way as Linux 2.0.36 hosts (targets of test packets). For details, see file TESTS; here let's just mention two things: a) libnids passed all tests implemented in fragrouter by Dug Song (see http://www.anzen.com/research/nidsbench/ ). In fact, fragrouter's tests were fairly simple when compared with other, custom ones. b) libnids IP defragmenting module contains slightly modified Linux 2.0.36 kernel source files ip_fragment.c and ip_options.c. It means that libnids IP defragmentation is as reliable as one implemented in Linux 2.0.36. Libnids is easy to use and highly configurable - see API file for details. 3. On what platform does it run ? --------------------------------- Currently libnids will compile on Linux, Solaris, any *BSD. WIN32 port is available at http://www.datanerds.net/~mike/libnids.html, but currently only obsoleted versions are present there; newer ports may appear at http://www.checksum.org (in "downloads" section). 4. Who is allowed to use it ? ----------------------------- Libnids is licensed under GPL. See the file COPYING for details. 5. Contact info ? ----------------- The primary libnids site is http://libnids.sourceforge.net/ Please send bug reports, comments, or questions about this software to . libnids-1.26/aclocal.m4000066400000000000000000001106651415573252600147510ustar00rootroot00000000000000dnl aclocal.m4 generated automatically by aclocal 1.4-p6 dnl Copyright (C) 1994, 1995-8, 1999, 2001 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. dnl This program is distributed in the hope that it will be useful, dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A dnl PARTICULAR PURPOSE. # lib-prefix.m4 serial 4 (gettext-0.14.2) dnl Copyright (C) 2001-2005 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. dnl From Bruno Haible. dnl AC_LIB_ARG_WITH is synonymous to AC_ARG_WITH in autoconf-2.13, and dnl similar to AC_ARG_WITH in autoconf 2.52...2.57 except that is doesn't dnl require excessive bracketing. ifdef([AC_HELP_STRING], [AC_DEFUN([AC_LIB_ARG_WITH], [AC_ARG_WITH([$1],[[$2]],[$3],[$4])])], [AC_DEFUN([AC_][LIB_ARG_WITH], [AC_ARG_WITH([$1],[$2],[$3],[$4])])]) dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed dnl to access previously installed libraries. The basic assumption is that dnl a user will want packages to use other packages he previously installed dnl with the same --prefix option. dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate dnl libraries, but is otherwise very convenient. AC_DEFUN([AC_LIB_PREFIX], [ AC_BEFORE([$0], [AC_LIB_LINKFLAGS]) AC_REQUIRE([AC_PROG_CC]) AC_REQUIRE([AC_CANONICAL_HOST]) AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) dnl By default, look in $includedir and $libdir. use_additional=yes AC_LIB_WITH_FINAL_PREFIX([ eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" ]) AC_LIB_ARG_WITH([lib-prefix], [ --with-lib-prefix[=DIR] search for libraries in DIR/include and DIR/lib --without-lib-prefix don't search for libraries in includedir and libdir], [ if test "X$withval" = "Xno"; then use_additional=no else if test "X$withval" = "X"; then AC_LIB_WITH_FINAL_PREFIX([ eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" ]) else additional_includedir="$withval/include" additional_libdir="$withval/lib" fi fi ]) if test $use_additional = yes; then dnl Potentially add $additional_includedir to $CPPFLAGS. dnl But don't add it dnl 1. if it's the standard /usr/include, dnl 2. if it's already present in $CPPFLAGS, dnl 3. if it's /usr/local/include and we are using GCC on Linux, dnl 4. if it doesn't exist as a directory. if test "X$additional_includedir" != "X/usr/include"; then haveit= for x in $CPPFLAGS; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-I$additional_includedir"; then haveit=yes break fi done if test -z "$haveit"; then if test "X$additional_includedir" = "X/usr/local/include"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; esac fi fi if test -z "$haveit"; then if test -d "$additional_includedir"; then dnl Really add $additional_includedir to $CPPFLAGS. CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }-I$additional_includedir" fi fi fi fi dnl Potentially add $additional_libdir to $LDFLAGS. dnl But don't add it dnl 1. if it's the standard /usr/lib, dnl 2. if it's already present in $LDFLAGS, dnl 3. if it's /usr/local/lib and we are using GCC on Linux, dnl 4. if it doesn't exist as a directory. if test "X$additional_libdir" != "X/usr/lib"; then haveit= for x in $LDFLAGS; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-L$additional_libdir"; then haveit=yes break fi done if test -z "$haveit"; then if test "X$additional_libdir" = "X/usr/local/lib"; then if test -n "$GCC"; then case $host_os in linux*) haveit=yes;; esac fi fi if test -z "$haveit"; then if test -d "$additional_libdir"; then dnl Really add $additional_libdir to $LDFLAGS. LDFLAGS="${LDFLAGS}${LDFLAGS:+ }-L$additional_libdir" fi fi fi fi fi ]) dnl AC_LIB_PREPARE_PREFIX creates variables acl_final_prefix, dnl acl_final_exec_prefix, containing the values to which $prefix and dnl $exec_prefix will expand at the end of the configure script. AC_DEFUN([AC_LIB_PREPARE_PREFIX], [ dnl Unfortunately, prefix and exec_prefix get only finally determined dnl at the end of configure. if test "X$prefix" = "XNONE"; then acl_final_prefix="$ac_default_prefix" else acl_final_prefix="$prefix" fi if test "X$exec_prefix" = "XNONE"; then acl_final_exec_prefix='${prefix}' else acl_final_exec_prefix="$exec_prefix" fi acl_save_prefix="$prefix" prefix="$acl_final_prefix" eval acl_final_exec_prefix=\"$acl_final_exec_prefix\" prefix="$acl_save_prefix" ]) dnl AC_LIB_WITH_FINAL_PREFIX([statement]) evaluates statement, with the dnl variables prefix and exec_prefix bound to the values they will have dnl at the end of the configure script. AC_DEFUN([AC_LIB_WITH_FINAL_PREFIX], [ acl_save_prefix="$prefix" prefix="$acl_final_prefix" acl_save_exec_prefix="$exec_prefix" exec_prefix="$acl_final_exec_prefix" $1 exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" ]) # lib-link.m4 serial 6 (gettext-0.14.3) dnl Copyright (C) 2001-2005 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. dnl From Bruno Haible. AC_PREREQ(2.50) dnl AC_LIB_LINKFLAGS(name [, dependencies]) searches for libname and dnl the libraries corresponding to explicit and implicit dependencies. dnl Sets and AC_SUBSTs the LIB${NAME} and LTLIB${NAME} variables and dnl augments the CPPFLAGS variable. AC_DEFUN([AC_LIB_LINKFLAGS], [ AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) AC_REQUIRE([AC_LIB_RPATH]) define([Name],[translit([$1],[./-], [___])]) define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-], [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])]) AC_CACHE_CHECK([how to link with lib[]$1], [ac_cv_lib[]Name[]_libs], [ AC_LIB_LINKFLAGS_BODY([$1], [$2]) ac_cv_lib[]Name[]_libs="$LIB[]NAME" ac_cv_lib[]Name[]_ltlibs="$LTLIB[]NAME" ac_cv_lib[]Name[]_cppflags="$INC[]NAME" ]) LIB[]NAME="$ac_cv_lib[]Name[]_libs" LTLIB[]NAME="$ac_cv_lib[]Name[]_ltlibs" INC[]NAME="$ac_cv_lib[]Name[]_cppflags" AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) AC_SUBST([LIB]NAME) AC_SUBST([LTLIB]NAME) dnl Also set HAVE_LIB[]NAME so that AC_LIB_HAVE_LINKFLAGS can reuse the dnl results of this search when this library appears as a dependency. HAVE_LIB[]NAME=yes undefine([Name]) undefine([NAME]) ]) dnl AC_LIB_HAVE_LINKFLAGS(name, dependencies, includes, testcode) dnl searches for libname and the libraries corresponding to explicit and dnl implicit dependencies, together with the specified include files and dnl the ability to compile and link the specified testcode. If found, it dnl sets and AC_SUBSTs HAVE_LIB${NAME}=yes and the LIB${NAME} and dnl LTLIB${NAME} variables and augments the CPPFLAGS variable, and dnl #defines HAVE_LIB${NAME} to 1. Otherwise, it sets and AC_SUBSTs dnl HAVE_LIB${NAME}=no and LIB${NAME} and LTLIB${NAME} to empty. AC_DEFUN([AC_LIB_HAVE_LINKFLAGS], [ AC_REQUIRE([AC_LIB_PREPARE_PREFIX]) AC_REQUIRE([AC_LIB_RPATH]) define([Name],[translit([$1],[./-], [___])]) define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-], [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])]) dnl Search for lib[]Name and define LIB[]NAME, LTLIB[]NAME and INC[]NAME dnl accordingly. AC_LIB_LINKFLAGS_BODY([$1], [$2]) dnl Add $INC[]NAME to CPPFLAGS before performing the following checks, dnl because if the user has installed lib[]Name and not disabled its use dnl via --without-lib[]Name-prefix, he wants to use it. ac_save_CPPFLAGS="$CPPFLAGS" AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) AC_CACHE_CHECK([for lib[]$1], [ac_cv_lib[]Name], [ ac_save_LIBS="$LIBS" LIBS="$LIBS $LIB[]NAME" AC_TRY_LINK([$3], [$4], [ac_cv_lib[]Name=yes], [ac_cv_lib[]Name=no]) LIBS="$ac_save_LIBS" ]) if test "$ac_cv_lib[]Name" = yes; then HAVE_LIB[]NAME=yes AC_DEFINE([HAVE_LIB]NAME, 1, [Define if you have the $1 library.]) AC_MSG_CHECKING([how to link with lib[]$1]) AC_MSG_RESULT([$LIB[]NAME]) else HAVE_LIB[]NAME=no dnl If $LIB[]NAME didn't lead to a usable library, we don't need dnl $INC[]NAME either. CPPFLAGS="$ac_save_CPPFLAGS" LIB[]NAME= LTLIB[]NAME= fi AC_SUBST([HAVE_LIB]NAME) AC_SUBST([LIB]NAME) AC_SUBST([LTLIB]NAME) undefine([Name]) undefine([NAME]) ]) dnl Determine the platform dependent parameters needed to use rpath: dnl libext, shlibext, hardcode_libdir_flag_spec, hardcode_libdir_separator, dnl hardcode_direct, hardcode_minus_L. AC_DEFUN([AC_LIB_RPATH], [ dnl Tell automake >= 1.10 to complain if config.rpath is missing. m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([config.rpath])]) AC_REQUIRE([AC_PROG_CC]) dnl we use $CC, $GCC, $LDFLAGS AC_REQUIRE([AC_LIB_PROG_LD]) dnl we use $LD, $with_gnu_ld AC_REQUIRE([AC_CANONICAL_HOST]) dnl we use $host AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT]) dnl we use $ac_aux_dir AC_CACHE_CHECK([for shared library run path origin], acl_cv_rpath, [ CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \ ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh . ./conftest.sh rm -f ./conftest.sh acl_cv_rpath=done ]) wl="$acl_cv_wl" libext="$acl_cv_libext" shlibext="$acl_cv_shlibext" hardcode_libdir_flag_spec="$acl_cv_hardcode_libdir_flag_spec" hardcode_libdir_separator="$acl_cv_hardcode_libdir_separator" hardcode_direct="$acl_cv_hardcode_direct" hardcode_minus_L="$acl_cv_hardcode_minus_L" dnl Determine whether the user wants rpath handling at all. AC_ARG_ENABLE(rpath, [ --disable-rpath do not hardcode runtime library paths], :, enable_rpath=yes) ]) dnl AC_LIB_LINKFLAGS_BODY(name [, dependencies]) searches for libname and dnl the libraries corresponding to explicit and implicit dependencies. dnl Sets the LIB${NAME}, LTLIB${NAME} and INC${NAME} variables. AC_DEFUN([AC_LIB_LINKFLAGS_BODY], [ define([NAME],[translit([$1],[abcdefghijklmnopqrstuvwxyz./-], [ABCDEFGHIJKLMNOPQRSTUVWXYZ___])]) dnl By default, look in $includedir and $libdir. use_additional=yes AC_LIB_WITH_FINAL_PREFIX([ eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" ]) AC_LIB_ARG_WITH([lib$1-prefix], [ --with-lib$1-prefix[=DIR] search for lib$1 in DIR/include and DIR/lib --without-lib$1-prefix don't search for lib$1 in includedir and libdir], [ if test "X$withval" = "Xno"; then use_additional=no else if test "X$withval" = "X"; then AC_LIB_WITH_FINAL_PREFIX([ eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" ]) else additional_includedir="$withval/include" additional_libdir="$withval/lib" fi fi ]) dnl Search the library and its dependencies in $additional_libdir and dnl $LDFLAGS. Using breadth-first-seach. LIB[]NAME= LTLIB[]NAME= INC[]NAME= rpathdirs= ltrpathdirs= names_already_handled= names_next_round='$1 $2' while test -n "$names_next_round"; do names_this_round="$names_next_round" names_next_round= for name in $names_this_round; do already_handled= for n in $names_already_handled; do if test "$n" = "$name"; then already_handled=yes break fi done if test -z "$already_handled"; then names_already_handled="$names_already_handled $name" dnl See if it was already located by an earlier AC_LIB_LINKFLAGS dnl or AC_LIB_HAVE_LINKFLAGS call. uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./-|ABCDEFGHIJKLMNOPQRSTUVWXYZ___|'` eval value=\"\$HAVE_LIB$uppername\" if test -n "$value"; then if test "$value" = yes; then eval value=\"\$LIB$uppername\" test -z "$value" || LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$value" eval value=\"\$LTLIB$uppername\" test -z "$value" || LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$value" else dnl An earlier call to AC_LIB_HAVE_LINKFLAGS has determined dnl that this library doesn't exist. So just drop it. : fi else dnl Search the library lib$name in $additional_libdir and $LDFLAGS dnl and the already constructed $LIBNAME/$LTLIBNAME. found_dir= found_la= found_so= found_a= if test $use_additional = yes; then if test -n "$shlibext" && test -f "$additional_libdir/lib$name.$shlibext"; then found_dir="$additional_libdir" found_so="$additional_libdir/lib$name.$shlibext" if test -f "$additional_libdir/lib$name.la"; then found_la="$additional_libdir/lib$name.la" fi else if test -f "$additional_libdir/lib$name.$libext"; then found_dir="$additional_libdir" found_a="$additional_libdir/lib$name.$libext" if test -f "$additional_libdir/lib$name.la"; then found_la="$additional_libdir/lib$name.la" fi fi fi fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIB[]NAME; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) case "$x" in -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$shlibext" && test -f "$dir/lib$name.$shlibext"; then found_dir="$dir" found_so="$dir/lib$name.$shlibext" if test -f "$dir/lib$name.la"; then found_la="$dir/lib$name.la" fi else if test -f "$dir/lib$name.$libext"; then found_dir="$dir" found_a="$dir/lib$name.$libext" if test -f "$dir/lib$name.la"; then found_la="$dir/lib$name.la" fi fi fi ;; esac if test "X$found_dir" != "X"; then break fi done fi if test "X$found_dir" != "X"; then dnl Found the library. LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$found_dir -l$name" if test "X$found_so" != "X"; then dnl Linking with a shared library. We attempt to hardcode its dnl directory into the executable's runpath, unless it's the dnl standard /usr/lib. if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/lib"; then dnl No hardcoding is needed. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" else dnl Use an explicit option to hardcode DIR into the resulting dnl binary. dnl Potentially add DIR to ltrpathdirs. dnl The ltrpathdirs will be appended to $LTLIBNAME at the end. haveit= for x in $ltrpathdirs; do if test "X$x" = "X$found_dir"; then haveit=yes break fi done if test -z "$haveit"; then ltrpathdirs="$ltrpathdirs $found_dir" fi dnl The hardcoding into $LIBNAME is system dependent. if test "$hardcode_direct" = yes; then dnl Using DIR/libNAME.so during linking hardcodes DIR into the dnl resulting binary. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" else if test -n "$hardcode_libdir_flag_spec" && test "$hardcode_minus_L" = no; then dnl Use an explicit option to hardcode DIR into the resulting dnl binary. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" dnl Potentially add DIR to rpathdirs. dnl The rpathdirs will be appended to $LIBNAME at the end. haveit= for x in $rpathdirs; do if test "X$x" = "X$found_dir"; then haveit=yes break fi done if test -z "$haveit"; then rpathdirs="$rpathdirs $found_dir" fi else dnl Rely on "-L$found_dir". dnl But don't add it if it's already contained in the LDFLAGS dnl or the already constructed $LIBNAME haveit= for x in $LDFLAGS $LIB[]NAME; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-L$found_dir"; then haveit=yes break fi done if test -z "$haveit"; then LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir" fi if test "$hardcode_minus_L" != no; then dnl FIXME: Not sure whether we should use dnl "-L$found_dir -l$name" or "-L$found_dir $found_so" dnl here. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_so" else dnl We cannot use $hardcode_runpath_var and LD_RUN_PATH dnl here, because this doesn't fit in flags passed to the dnl compiler. So give up. No hardcoding. This affects only dnl very old systems. dnl FIXME: Not sure whether we should use dnl "-L$found_dir -l$name" or "-L$found_dir $found_so" dnl here. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name" fi fi fi fi else if test "X$found_a" != "X"; then dnl Linking with a static library. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$found_a" else dnl We shouldn't come here, but anyway it's good to have a dnl fallback. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$found_dir -l$name" fi fi dnl Assume the include files are nearby. additional_includedir= case "$found_dir" in */lib | */lib/) basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e 's,/lib/*$,,'` additional_includedir="$basedir/include" ;; esac if test "X$additional_includedir" != "X"; then dnl Potentially add $additional_includedir to $INCNAME. dnl But don't add it dnl 1. if it's the standard /usr/include, dnl 2. if it's /usr/local/include and we are using GCC on Linux, dnl 3. if it's already present in $CPPFLAGS or the already dnl constructed $INCNAME, dnl 4. if it doesn't exist as a directory. if test "X$additional_includedir" != "X/usr/include"; then haveit= if test "X$additional_includedir" = "X/usr/local/include"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; esac fi fi if test -z "$haveit"; then for x in $CPPFLAGS $INC[]NAME; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-I$additional_includedir"; then haveit=yes break fi done if test -z "$haveit"; then if test -d "$additional_includedir"; then dnl Really add $additional_includedir to $INCNAME. INC[]NAME="${INC[]NAME}${INC[]NAME:+ }-I$additional_includedir" fi fi fi fi fi dnl Look for dependencies. if test -n "$found_la"; then dnl Read the .la file. It defines the variables dnl dlname, library_names, old_library, dependency_libs, current, dnl age, revision, installed, dlopen, dlpreopen, libdir. save_libdir="$libdir" case "$found_la" in */* | *\\*) . "$found_la" ;; *) . "./$found_la" ;; esac libdir="$save_libdir" dnl We use only dependency_libs. for dep in $dependency_libs; do case "$dep" in -L*) additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` dnl Potentially add $additional_libdir to $LIBNAME and $LTLIBNAME. dnl But don't add it dnl 1. if it's the standard /usr/lib, dnl 2. if it's /usr/local/lib and we are using GCC on Linux, dnl 3. if it's already present in $LDFLAGS or the already dnl constructed $LIBNAME, dnl 4. if it doesn't exist as a directory. if test "X$additional_libdir" != "X/usr/lib"; then haveit= if test "X$additional_libdir" = "X/usr/local/lib"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; esac fi fi if test -z "$haveit"; then haveit= for x in $LDFLAGS $LIB[]NAME; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-L$additional_libdir"; then haveit=yes break fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then dnl Really add $additional_libdir to $LIBNAME. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-L$additional_libdir" fi fi haveit= for x in $LDFLAGS $LTLIB[]NAME; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X-L$additional_libdir"; then haveit=yes break fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then dnl Really add $additional_libdir to $LTLIBNAME. LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-L$additional_libdir" fi fi fi fi ;; -R*) dir=`echo "X$dep" | sed -e 's/^X-R//'` if test "$enable_rpath" != no; then dnl Potentially add DIR to rpathdirs. dnl The rpathdirs will be appended to $LIBNAME at the end. haveit= for x in $rpathdirs; do if test "X$x" = "X$dir"; then haveit=yes break fi done if test -z "$haveit"; then rpathdirs="$rpathdirs $dir" fi dnl Potentially add DIR to ltrpathdirs. dnl The ltrpathdirs will be appended to $LTLIBNAME at the end. haveit= for x in $ltrpathdirs; do if test "X$x" = "X$dir"; then haveit=yes break fi done if test -z "$haveit"; then ltrpathdirs="$ltrpathdirs $dir" fi fi ;; -l*) dnl Handle this in the next round. names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` ;; *.la) dnl Handle this in the next round. Throw away the .la's dnl directory; it is already contained in a preceding -L dnl option. names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` ;; *) dnl Most likely an immediate library name. LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$dep" LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }$dep" ;; esac done fi else dnl Didn't find the library; assume it is in the system directories dnl known to the linker and runtime loader. (All the system dnl directories known to the linker should also be known to the dnl runtime loader, otherwise the system is severely misconfigured.) LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }-l$name" LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-l$name" fi fi fi done done if test "X$rpathdirs" != "X"; then if test -n "$hardcode_libdir_separator"; then dnl Weird platform: only the last -rpath option counts, the user must dnl pass all path elements in one option. We can arrange that for a dnl single library, but not when more than one $LIBNAMEs are used. alldirs= for found_dir in $rpathdirs; do alldirs="${alldirs}${alldirs:+$hardcode_libdir_separator}$found_dir" done dnl Note: hardcode_libdir_flag_spec uses $libdir and $wl. acl_save_libdir="$libdir" libdir="$alldirs" eval flag=\"$hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag" else dnl The -rpath options are cumulative. for found_dir in $rpathdirs; do acl_save_libdir="$libdir" libdir="$found_dir" eval flag=\"$hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" LIB[]NAME="${LIB[]NAME}${LIB[]NAME:+ }$flag" done fi fi if test "X$ltrpathdirs" != "X"; then dnl When using libtool, the option that works for both libraries and dnl executables is -R. The -R options are cumulative. for found_dir in $ltrpathdirs; do LTLIB[]NAME="${LTLIB[]NAME}${LTLIB[]NAME:+ }-R$found_dir" done fi ]) dnl AC_LIB_APPENDTOVAR(VAR, CONTENTS) appends the elements of CONTENTS to VAR, dnl unless already present in VAR. dnl Works only for CPPFLAGS, not for LIB* variables because that sometimes dnl contains two or three consecutive elements that belong together. AC_DEFUN([AC_LIB_APPENDTOVAR], [ for element in [$2]; do haveit= for x in $[$1]; do AC_LIB_WITH_FINAL_PREFIX([eval x=\"$x\"]) if test "X$x" = "X$element"; then haveit=yes break fi done if test -z "$haveit"; then [$1]="${[$1]}${[$1]:+ }$element" fi done ]) # lib-ld.m4 serial 3 (gettext-0.13) dnl Copyright (C) 1996-2003 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. dnl Subroutines of libtool.m4, dnl with replacements s/AC_/AC_LIB/ and s/lt_cv/acl_cv/ to avoid collision dnl with libtool.m4. dnl From libtool-1.4. Sets the variable with_gnu_ld to yes or no. AC_DEFUN([AC_LIB_PROG_LD_GNU], [AC_CACHE_CHECK([if the linker ($LD) is GNU ld], acl_cv_prog_gnu_ld, [# I'd rather use --version here, but apparently some GNU ld's only accept -v. case `$LD -v 2>&1 conf$$.sh echo "exit 0" >>conf$$.sh chmod +x conf$$.sh if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi rm -f conf$$.sh fi ac_prog=ld if test "$GCC" = yes; then # Check if gcc -print-prog-name=ld gives a path. AC_MSG_CHECKING([for ld used by GCC]) case $host in *-*-mingw*) # gcc leaves a trailing carriage return which upsets mingw ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; *) ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; esac case $ac_prog in # Accept absolute paths. [[\\/]* | [A-Za-z]:[\\/]*)] [re_direlt='/[^/][^/]*/\.\./'] # Canonicalize the path of ld ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'` while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` done test -z "$LD" && LD="$ac_prog" ;; "") # If it fails, then pretend we aren't using GCC. ac_prog=ld ;; *) # If it is relative, then search for the first ld in PATH. with_gnu_ld=unknown ;; esac elif test "$with_gnu_ld" = yes; then AC_MSG_CHECKING([for GNU ld]) else AC_MSG_CHECKING([for non-GNU ld]) fi AC_CACHE_VAL(acl_cv_path_LD, [if test -z "$LD"; then IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}" for ac_dir in $PATH; do test -z "$ac_dir" && ac_dir=. if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then acl_cv_path_LD="$ac_dir/$ac_prog" # Check to see if the program is GNU ld. I'd rather use --version, # but apparently some GNU ld's only accept -v. # Break only if it was the GNU/non-GNU ld that we prefer. case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in *GNU* | *'with BFD'*) test "$with_gnu_ld" != no && break ;; *) test "$with_gnu_ld" != yes && break ;; esac fi done IFS="$ac_save_ifs" else acl_cv_path_LD="$LD" # Let the user override the test with a path. fi]) LD="$acl_cv_path_LD" if test -n "$LD"; then AC_MSG_RESULT($LD) else AC_MSG_RESULT(no) fi test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH]) AC_LIB_PROG_LD_GNU ]) # pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- # # Copyright © 2004 Scott James Remnant . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # PKG_PROG_PKG_CONFIG([MIN-VERSION]) # ---------------------------------- AC_DEFUN([PKG_PROG_PKG_CONFIG], [m4_pattern_forbid([^_?PKG_[A-Z_]+$]) m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])dnl if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) fi if test -n "$PKG_CONFIG"; then _pkg_min_version=m4_ifval([$1], [$1], [0.9.0]) AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) PKG_CONFIG="" fi fi[]dnl ])# PKG_PROG_PKG_CONFIG # PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) # # Check to see whether a particular set of modules exists. Similar # to PKG_CHECK_MODULES(), but does not set variables or print errors. # # # Similar to PKG_CHECK_MODULES, make sure that the first instance of # this or PKG_CHECK_MODULES is called, or make sure to call # PKG_CHECK_EXISTS manually # -------------------------------------------------------------- AC_DEFUN([PKG_CHECK_EXISTS], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl if test -n "$PKG_CONFIG" && \ AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then m4_ifval([$2], [$2], [:]) m4_ifvaln([$3], [else $3])dnl fi]) # _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) # --------------------------------------------- m4_define([_PKG_CONFIG], [if test -n "$PKG_CONFIG"; then PKG_CHECK_EXISTS([$3], [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], [pkg_failed=yes]) else pkg_failed=untried fi[]dnl ])# _PKG_CONFIG # PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], # [ACTION-IF-NOT-FOUND]) # # # Note that if there is a possibility the first call to # PKG_CHECK_MODULES might not happen, you should be sure to include an # explicit call to PKG_PROG_PKG_CONFIG in your configure.ac # # # -------------------------------------------------------------- AC_DEFUN([PKG_CHECK_MODULES], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl pkg_failed=no AC_MSG_CHECKING([for $1]) _PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) _PKG_CONFIG([$1][_LIBS], [libs], [$2]) if test $pkg_failed = yes; then $1[]_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "$2"` # Put the nasty error message in config.log where it belongs echo "$$1[]_PKG_ERRORS" 1>&AS_MESSAGE_LOG_FD ifelse([$4], , [AC_MSG_ERROR(dnl [Package requirements ($2) were not met. Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively you may set the $1_CFLAGS and $1_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details.])], [$4]) elif test $pkg_failed = untried; then ifelse([$4], , [AC_MSG_FAILURE(dnl [The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively you may set the $1_CFLAGS and $1_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see .])], [$4]) else $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS $1[]_LIBS=$pkg_cv_[]$1[]_LIBS AC_MSG_RESULT([yes]) ifelse([$3], , :, [$3]) fi[]dnl ])# PKG_CHECK_MODULES libnids-1.26/config.guess000077500000000000000000001137161415573252600154310ustar00rootroot00000000000000#! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000 # Free Software Foundation, Inc. timestamp='2000-12-15' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Written by Per Bothner . # Please send patches to . # # This script attempts to guess a canonical system name similar to # config.sub. If it succeeds, it prints the system name on stdout, and # exits with 0. Otherwise, it exits with 1. # # The plan is that this can be called by configure scripts if you # don't specify an explicit build system type. # # Only a few systems have been added to this list; please add others # (but try to keep the structure clean). # me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] Output the configuration name of the system \`$me' is run on. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 93, 94, 95, 96, 97, 98, 99, 2000 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit 0 ;; --version | -v ) echo "$version" ; exit 0 ;; --help | --h* | -h ) echo "$usage"; exit 0 ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" >&2 exit 1 ;; * ) break ;; esac done if test $# != 0; then echo "$me: too many arguments$help" >&2 exit 1 fi dummy=dummy-$$ trap 'rm -f $dummy.c $dummy.o $dummy; exit 1' 1 2 15 # CC_FOR_BUILD -- compiler used by this script. # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still # use `HOST_CC' if defined, but it is deprecated. case $CC_FOR_BUILD,$HOST_CC,$CC in ,,) echo "int dummy(){}" > $dummy.c for c in cc gcc c89 ; do ($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 if test $? = 0 ; then CC_FOR_BUILD="$c"; break fi done rm -f $dummy.c $dummy.o if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; esac # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 8/24/94.) if (test -f /.attbin/uname) >/dev/null 2>&1 ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # Netbsd (nbsd) targets should (where applicable) match one or # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward # compatibility and a consistent mechanism for selecting the # object file format. # Determine the machine/vendor (is the vendor relevant). case "${UNAME_MACHINE}" in amiga) machine=m68k-unknown ;; arm32) machine=arm-unknown ;; atari*) machine=m68k-atari ;; sun3*) machine=m68k-sun ;; mac68k) machine=m68k-apple ;; macppc) machine=powerpc-apple ;; hp3[0-9][05]) machine=m68k-hp ;; ibmrt|romp-ibm) machine=romp-ibm ;; *) machine=${UNAME_MACHINE}-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently, or will in the future. case "${UNAME_MACHINE}" in i386|sparc|amiga|arm*|hp300|mvme68k|vax|atari|luna68k|mac68k|news68k|next68k|pc532|sun3*|x68k) if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep __ELF__ >/dev/null then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? os=netbsd else os=netbsdelf fi ;; *) os=netbsd ;; esac # The OS release release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit 0 ;; alpha:OSF1:*:*) if test $UNAME_RELEASE = "V4.0"; then UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` fi # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. cat <$dummy.s .data \$Lformat: .byte 37,100,45,37,120,10,0 # "%d-%x\n" .text .globl main .align 4 .ent main main: .frame \$30,16,\$26,0 ldgp \$29,0(\$27) .prologue 1 .long 0x47e03d80 # implver \$0 lda \$2,-1 .long 0x47e20c21 # amask \$2,\$1 lda \$16,\$Lformat mov \$0,\$17 not \$1,\$18 jsr \$26,printf ldgp \$29,0(\$26) mov 0,\$16 jsr \$26,exit .end main EOF $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null if test "$?" = 0 ; then case `./$dummy` in 0-0) UNAME_MACHINE="alpha" ;; 1-0) UNAME_MACHINE="alphaev5" ;; 1-1) UNAME_MACHINE="alphaev56" ;; 1-101) UNAME_MACHINE="alphapca56" ;; 2-303) UNAME_MACHINE="alphaev6" ;; 2-307) UNAME_MACHINE="alphaev67" ;; esac fi rm -f $dummy.s $dummy echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` exit 0 ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix exit 0 ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 exit 0 ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 exit 0;; amiga:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos exit 0 ;; arc64:OpenBSD:*:*) echo mips64el-unknown-openbsd${UNAME_RELEASE} exit 0 ;; arc:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; hkmips:OpenBSD:*:*) echo mips-unknown-openbsd${UNAME_RELEASE} exit 0 ;; pmax:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; sgi:OpenBSD:*:*) echo mips-unknown-openbsd${UNAME_RELEASE} exit 0 ;; wgrisc:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; *:OS/390:*:*) echo i370-ibm-openedition exit 0 ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit 0;; SR2?01:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp exit 0;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then echo pyramid-pyramid-sysv3 else echo pyramid-pyramid-bsd fi exit 0 ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 exit 0 ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; i86pc:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` exit 0 ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} exit 0 ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) echo m68k-sun-sunos${UNAME_RELEASE} ;; sun4) echo sparc-sun-sunos${UNAME_RELEASE} ;; esac exit 0 ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} exit 0 ;; atari*:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor # > m68000). The system name ranges from "MiNT" over "FreeMiNT" # to the lowercase version "mint" (or "freemint"). Finally # the system name "TOS" denotes a system which is actually not # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} exit 0 ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} exit 0 ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} exit 0 ;; sun3*:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mac68k:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mvme68k:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mvme88k:OpenBSD:*:*) echo m88k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} exit 0 ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 exit 0 ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} exit 0 ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} exit 0 ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} exit 0 ;; mips:*:*:UMIPS | mips:*:*:RISCos) sed 's/^ //' << EOF >$dummy.c #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #if defined (host_mips) && defined (MIPSEB) #if defined (SYSTYPE_SYSV) printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_SVR4) printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); #endif #endif exit (-1); } EOF $CC_FOR_BUILD $dummy.c -o $dummy \ && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo mips-mips-riscos${UNAME_RELEASE} exit 0 ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix exit 0 ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 exit 0 ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 exit 0 ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 exit 0 ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ [ ${TARGET_BINARY_INTERFACE}x = x ] then echo m88k-dg-dgux${UNAME_RELEASE} else echo m88k-dg-dguxbcs${UNAME_RELEASE} fi else echo i586-dg-dgux${UNAME_RELEASE} fi exit 0 ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit 0 ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 exit 0 ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 exit 0 ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd exit 0 ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` exit 0 ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i?86:AIX:*:*) echo i386-ibm-aix exit 0 ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then sed 's/^ //' << EOF >$dummy.c #include main() { if (!__power_pc()) exit(1); puts("powerpc-ibm-aix3.2.5"); exit(0); } EOF $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo rs6000-ibm-aix3.2.5 elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi exit 0 ;; *:AIX:*:4) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'` if /usr/sbin/lsattr -EHl ${IBM_CPU_ID} | grep POWER >/dev/null 2>&1; then IBM_ARCH=rs6000 else IBM_ARCH=powerpc fi if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=4.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} exit 0 ;; *:AIX:*:5) case "`lsattr -El proc0 -a type -F value`" in PowerPC*) IBM_ARCH=powerpc IBM_MANUF=ibm ;; Itanium) IBM_ARCH=ia64 IBM_MANUF=unknown ;; POWER*) IBM_ARCH=power IBM_MANUF=ibm ;; *) IBM_ARCH=powerpc IBM_MANUF=ibm ;; esac echo ${IBM_ARCH}-${IBM_MANUF}-aix${UNAME_VERSION}.${UNAME_RELEASE} exit 0 ;; *:AIX:*:*) echo rs6000-ibm-aix exit 0 ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 exit 0 ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to exit 0 ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx exit 0 ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 exit 0 ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd exit 0 ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 exit 0 ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in 9000/31? ) HP_ARCH=m68000 ;; 9000/[34]?? ) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) case "${HPUX_REV}" in 11.[0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "${sc_cpu_version}" in 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 case "${sc_kernel_bits}" in 32) HP_ARCH="hppa2.0n" ;; 64) HP_ARCH="hppa2.0w" ;; esac ;; esac fi ;; esac if [ "${HP_ARCH}" = "" ]; then sed 's/^ //' << EOF >$dummy.c #define _HPUX_SOURCE #include #include int main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); #endif long cpu = sysconf (_SC_CPU_VERSION); switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0"); break; case CPU_PA_RISC1_1: puts ("hppa1.1"); break; case CPU_PA_RISC2_0: #if defined(_SC_KERNEL_BITS) switch (bits) { case 64: puts ("hppa2.0w"); break; case 32: puts ("hppa2.0n"); break; default: puts ("hppa2.0"); break; } break; #else /* !defined(_SC_KERNEL_BITS) */ puts ("hppa2.0"); break; #endif default: puts ("hppa1.0"); break; } exit (0); } EOF (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy` if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi rm -f $dummy.c $dummy fi ;; esac echo ${HP_ARCH}-hp-hpux${HPUX_REV} exit 0 ;; 3050*:HI-UX:*:*) sed 's/^ //' << EOF >$dummy.c #include int main () { long cpu = sysconf (_SC_CPU_VERSION); /* The order matters, because CPU_IS_HP_MC68K erroneously returns true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct results, however. */ if (CPU_IS_PA_RISC (cpu)) { switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; default: puts ("hppa-hitachi-hiuxwe2"); break; } } else if (CPU_IS_HP_MC68K (cpu)) puts ("m68k-hitachi-hiuxwe2"); else puts ("unknown-hitachi-hiuxwe2"); exit (0); } EOF $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo unknown-hitachi-hiuxwe2 exit 0 ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd exit 0 ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd exit 0 ;; *9??*:MPE/iX:*:*) echo hppa1.0-hp-mpeix exit 0 ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf exit 0 ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf exit 0 ;; i?86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi exit 0 ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites exit 0 ;; hppa*:OpenBSD:*:*) echo hppa-unknown-openbsd exit 0 ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd exit 0 ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit 0 ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd exit 0 ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd exit 0 ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd exit 0 ;; CRAY*X-MP:*:*:*) echo xmp-cray-unicos exit 0 ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} exit 0 ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ exit 0 ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*T3D:*:*:*) echo alpha-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY-2:*:*:*) echo cray2-cray-unicos exit 0 ;; F300:UNIX_System_V:*:*) FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit 0 ;; F301:UNIX_System_V:*:*) echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'` exit 0 ;; hp300:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; i?86:BSD/386:*:* | i?86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} exit 0 ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} exit 0 ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit 0 ;; *:FreeBSD:*:*) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit 0 ;; *:OpenBSD:*:*) echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` exit 0 ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit 0 ;; i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit 0 ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit 0 ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? echo i386-pc-interix exit 0 ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin exit 0 ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin exit 0 ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; *:GNU:*:*) echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit 0 ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit 0 ;; *:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent # problems with other programs or directories called `ld' in the path. ld_supported_emulations=`cd /; ld --help 2>&1 \ | sed -ne '/supported emulations:/!d s/[ ][ ]*/ /g s/.*supported emulations: *// s/ .*// p'` case "$ld_supported_emulations" in *ia64) echo "${UNAME_MACHINE}-unknown-linux" exit 0 ;; i?86linux) echo "${UNAME_MACHINE}-pc-linux-gnuaout" exit 0 ;; elf_i?86) TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" ;; i?86coff) echo "${UNAME_MACHINE}-pc-linux-gnucoff" exit 0 ;; sparclinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" exit 0 ;; elf32_sparc) echo "${UNAME_MACHINE}-unknown-linux-gnu" exit 0 ;; armlinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" exit 0 ;; elf32arm*) echo "${UNAME_MACHINE}-unknown-linux-gnuoldld" exit 0 ;; armelf_linux*) echo "${UNAME_MACHINE}-unknown-linux-gnu" exit 0 ;; m68klinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" exit 0 ;; elf32ppc | elf32ppclinux) # Determine Lib Version cat >$dummy.c < #if defined(__GLIBC__) extern char __libc_version[]; extern char __libc_release[]; #endif main(argc, argv) int argc; char *argv[]; { #if defined(__GLIBC__) printf("%s %s\n", __libc_version, __libc_release); #else printf("unkown\n"); #endif return 0; } EOF LIBC="" $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null if test "$?" = 0 ; then ./$dummy | grep 1\.99 > /dev/null if test "$?" = 0 ; then LIBC="libc1" fi fi rm -f $dummy.c $dummy echo powerpc-unknown-linux-gnu${LIBC} exit 0 ;; shelf_linux) echo "${UNAME_MACHINE}-unknown-linux-gnu" exit 0 ;; esac if test "${UNAME_MACHINE}" = "alpha" ; then cat <$dummy.s .data \$Lformat: .byte 37,100,45,37,120,10,0 # "%d-%x\n" .text .globl main .align 4 .ent main main: .frame \$30,16,\$26,0 ldgp \$29,0(\$27) .prologue 1 .long 0x47e03d80 # implver \$0 lda \$2,-1 .long 0x47e20c21 # amask \$2,\$1 lda \$16,\$Lformat mov \$0,\$17 not \$1,\$18 jsr \$26,printf ldgp \$29,0(\$26) mov 0,\$16 jsr \$26,exit .end main EOF LIBC="" $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null if test "$?" = 0 ; then case `./$dummy` in 0-0) UNAME_MACHINE="alpha" ;; 1-0) UNAME_MACHINE="alphaev5" ;; 1-1) UNAME_MACHINE="alphaev56" ;; 1-101) UNAME_MACHINE="alphapca56" ;; 2-303) UNAME_MACHINE="alphaev6" ;; 2-307) UNAME_MACHINE="alphaev67" ;; esac objdump --private-headers $dummy | \ grep ld.so.1 > /dev/null if test "$?" = 0 ; then LIBC="libc1" fi fi rm -f $dummy.s $dummy echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} ; exit 0 elif test "${UNAME_MACHINE}" = "mips" ; then cat >$dummy.c < /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #ifdef __MIPSEB__ printf ("%s-unknown-linux-gnu\n", argv[1]); #endif #ifdef __MIPSEL__ printf ("%sel-unknown-linux-gnu\n", argv[1]); #endif return 0; } EOF $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy elif test "${UNAME_MACHINE}" = "s390"; then echo s390-ibm-linux && exit 0 elif test "${UNAME_MACHINE}" = "x86_64"; then echo x86_64-unknown-linux-gnu && exit 0 elif test "${UNAME_MACHINE}" = "parisc" -o "${UNAME_MACHINE}" = "hppa"; then # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in PA7*) echo hppa1.1-unknown-linux-gnu ;; PA8*) echo hppa2.0-unknown-linux-gnu ;; *) echo hppa-unknown-linux-gnu ;; esac exit 0 else # Either a pre-BFD a.out linker (linux-gnuoldld) # or one that does not give us useful --help. # GCC wants to distinguish between linux-gnuoldld and linux-gnuaout. # If ld does not provide *any* "supported emulations:" # that means it is gnuoldld. test -z "$ld_supported_emulations" \ && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0 case "${UNAME_MACHINE}" in i?86) VENDOR=pc; ;; *) VENDOR=unknown; ;; esac # Determine whether the default compiler is a.out or elf cat >$dummy.c < #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #ifdef __ELF__ # ifdef __GLIBC__ # if __GLIBC__ >= 2 printf ("%s-${VENDOR}-linux-gnu\n", argv[1]); # else printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); # endif # else printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); # endif #else printf ("%s-${VENDOR}-linux-gnuaout\n", argv[1]); #endif return 0; } EOF $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 fi ;; # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. earlier versions # are messed up and put the nodename in both sysname and nodename. i?86:DYNIX/ptx:4*:*) echo i386-sequent-sysv4 exit 0 ;; i?86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit 0 ;; i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi exit 0 ;; i?86:*:5:7*) # Fixed at (any) Pentium or better UNAME_MACHINE=i586 if [ ${UNAME_SYSTEM} = "UnixWare" ] ; then echo ${UNAME_MACHINE}-sco-sysv${UNAME_RELEASE}uw${UNAME_VERSION} else echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE} fi exit 0 ;; i?86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ && UNAME_MACHINE=i586 (/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \ && UNAME_MACHINE=i686 (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 echo ${UNAME_MACHINE}-pc-sco$UNAME_REL else echo ${UNAME_MACHINE}-pc-sysv32 fi exit 0 ;; i?86:*DOS:*:*) echo ${UNAME_MACHINE}-pc-msdosdjgpp exit 0 ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i386. echo i386-pc-msdosdjgpp exit 0 ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit 0 ;; paragon:*:*:*) echo i860-intel-osf1 exit 0 ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi exit 0 ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv exit 0 ;; M68*:*:R3V[567]*:*) test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; 3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && echo i486-ncr-sysv4.3${OS_REL} && exit 0 /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && echo i486-ncr-sysv4 && exit 0 ;; m68*:LynxOS:2.*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit 0 ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 exit 0 ;; i?86:LynxOS:2.*:* | i?86:LynxOS:3.[01]*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit 0 ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} exit 0 ;; rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit 0 ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} exit 0 ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 exit 0 ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 exit 0 ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` echo ${UNAME_MACHINE}-sni-sysv4 else echo ns32k-sni-sysv fi exit 0 ;; PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 exit 0 ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 exit 0 ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. echo i860-stratus-sysv4 exit 0 ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} exit 0 ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 exit 0 ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi exit 0 ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit 0 ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos exit 0 ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit 0 ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit 0 ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} exit 0 ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit 0 ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} exit 0 ;; *:Darwin:*:*) echo `uname -p`-apple-darwin${UNAME_RELEASE} exit 0 ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) if test "${UNAME_MACHINE}" = "x86pc"; then UNAME_MACHINE=pc fi echo `uname -p`-${UNAME_MACHINE}-nto-qnx exit 0 ;; *:QNX:*:4*) echo i386-pc-qnx exit 0 ;; NSR-[KW]:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} exit 0 ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux exit 0 ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv exit 0 ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} exit 0 ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. if test "$cputype" = "386"; then UNAME_MACHINE=i386 else UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 exit 0 ;; i?86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. echo ${UNAME_MACHINE}-pc-os2-emx exit 0 ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 cat >$dummy.c < # include #endif main () { #if defined (sony) #if defined (MIPSEB) /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, I don't know.... */ printf ("mips-sony-bsd\n"); exit (0); #else #include printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 "4" #else "" #endif ); exit (0); #endif #endif #if defined (__arm) && defined (__acorn) && defined (__unix) printf ("arm-acorn-riscix"); exit (0); #endif #if defined (hp300) && !defined (hpux) printf ("m68k-hp-bsd\n"); exit (0); #endif #if defined (NeXT) #if !defined (__ARCHITECTURE__) #define __ARCHITECTURE__ "m68k" #endif int version; version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; if (version < 4) printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); else printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); exit (0); #endif #if defined (MULTIMAX) || defined (n16) #if defined (UMAXV) printf ("ns32k-encore-sysv\n"); exit (0); #else #if defined (CMU) printf ("ns32k-encore-mach\n"); exit (0); #else printf ("ns32k-encore-bsd\n"); exit (0); #endif #endif #endif #if defined (__386BSD__) printf ("i386-pc-bsd\n"); exit (0); #endif #if defined (sequent) #if defined (i386) printf ("i386-sequent-dynix\n"); exit (0); #endif #if defined (ns32000) printf ("ns32k-sequent-dynix\n"); exit (0); #endif #endif #if defined (_SEQUENT_) struct utsname un; uname(&un); if (strncmp(un.version, "V2", 2) == 0) { printf ("i386-sequent-ptx2\n"); exit (0); } if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ printf ("i386-sequent-ptx1\n"); exit (0); } printf ("i386-sequent-ptx\n"); exit (0); #endif #if defined (vax) #if !defined (ultrix) printf ("vax-dec-bsd\n"); exit (0); #else printf ("vax-dec-ultrix\n"); exit (0); #endif #endif #if defined (alliant) && defined (i860) printf ("i860-alliant-bsd\n"); exit (0); #endif exit (1); } EOF $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy # Apollos put the system type in the environment. test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } # Convex versions that predate uname can use getsysinfo(1) if [ -x /usr/convex/getsysinfo ] then case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd exit 0 ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit 0 ;; c34*) echo c34-convex-bsd exit 0 ;; c38*) echo c38-convex-bsd exit 0 ;; c4*) echo c4-convex-bsd exit 0 ;; esac fi cat >&2 < in order to provide the needed information to handle your system. config.guess version = $version uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` /bin/uname -X = `(/bin/uname -X) 2>/dev/null` hostinfo = `(hostinfo) 2>/dev/null` /bin/universe = `(/bin/universe) 2>/dev/null` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` /bin/arch = `(/bin/arch) 2>/dev/null` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` UNAME_MACHINE = ${UNAME_MACHINE} UNAME_RELEASE = ${UNAME_RELEASE} UNAME_SYSTEM = ${UNAME_SYSTEM} UNAME_VERSION = ${UNAME_VERSION} EOF exit 1 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: libnids-1.26/config.sub000077500000000000000000000650161415573252600150730ustar00rootroot00000000000000#! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000 # Free Software Foundation, Inc. timestamp='2000-12-15' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software # can handle that machine. It does not imply ALL GNU software can. # # This file is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Please send patches to . # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS $0 [OPTION] ALIAS Canonicalize a configuration name. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright (C) 1992, 93, 94, 95, 96, 97, 98, 99, 2000 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit 0 ;; --version | -v ) echo "$version" ; exit 0 ;; --help | --h* | -h ) echo "$usage"; exit 0 ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" exit 1 ;; *local*) # First pass through any local machine types. echo $1 exit 0;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | storm-chaos*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] then os=`echo $1 | sed 's/.*-/-/'` else os=; fi ;; esac ### Let's recognize common machines as not being operating systems so ### that things like config.sub decstation-3100 work. We also ### recognize some manufacturers as not being operating systems, so we ### can provide default operating systems below. case $os in -sun*os*) # Prevent following clause from handling this invalid input. ;; -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ -apple | -axis) os= basic_machine=$1 ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 ;; -scout) ;; -wrs) os=-vxworks basic_machine=$1 ;; -hiux*) os=-hiuxwe2 ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco4) os=-sco3.2v4 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2.[4-9]*) os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2v[4-9]*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -udk*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -isc) os=-isc2.2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -clix*) basic_machine=clipper-intergraph ;; -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -lynx*) os=-lynxos ;; -ptx*) basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` ;; -windowsnt*) os=`echo $os | sed -e 's/windowsnt/winnt/'` ;; -psos*) os=-psos ;; -mint | -mint[0-9]*) basic_machine=m68k-atari os=-mint ;; esac # Decode aliases for certain CPU-COMPANY combinations. case $basic_machine in # Recognize the basic CPU types without company name. # Some are omitted here because they have special meanings below. tahoe | i860 | ia64 | m32r | m68k | m68000 | m88k | ns32k | arc \ | arm | arme[lb] | arm[bl]e | armv[2345] | armv[345][lb] | strongarm | xscale \ | pyramid | mn10200 | mn10300 | tron | a29k \ | 580 | i960 | h8300 \ | x86 | ppcbe | mipsbe | mipsle | shbe | shle \ | hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \ | hppa64 \ | alpha | alphaev[4-8] | alphaev56 | alphapca5[67] \ | alphaev6[78] \ | we32k | ns16k | clipper | i370 | sh | sh[34] \ | powerpc | powerpcle \ | 1750a | dsp16xx | pdp11 | mips16 | mips64 | mipsel | mips64el \ | mips64orion | mips64orionel | mipstx39 | mipstx39el \ | mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \ | mips64vr5000 | miprs64vr5000el | mcore \ | sparc | sparclet | sparclite | sparc64 | sparcv9 | v850 | c4x \ | thumb | d10v | d30v | fr30 | avr) basic_machine=$basic_machine-unknown ;; m6811 | m68hc11 | m6812 | m68hc12) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | z8k | v70 | h8500 | w65 | pj | pjl) ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. i[234567]86 | x86_64) basic_machine=$basic_machine-pc ;; # Object if more than one company name word. *-*-*) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; # Recognize the basic CPU types with company name. # FIXME: clean up the formatting here. vax-* | tahoe-* | i[234567]86-* | i860-* | ia64-* | m32r-* | m68k-* | m68000-* \ | m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | c[123]* \ | arm-* | armbe-* | armle-* | armv*-* | strongarm-* | xscale-* \ | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \ | power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \ | xmp-* | ymp-* \ | x86-* | ppcbe-* | mipsbe-* | mipsle-* | shbe-* | shle-* \ | hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* \ | hppa2.0n-* | hppa64-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphapca5[67]-* \ | alphaev6[78]-* \ | we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \ | clipper-* | orion-* \ | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \ | sparc64-* | sparcv9-* | sparc86x-* | mips16-* | mips64-* | mipsel-* \ | mips64el-* | mips64orion-* | mips64orionel-* \ | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \ | mipstx39-* | mipstx39el-* | mcore-* \ | f30[01]-* | s390-* | sv1-* | t3e-* \ | m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | d10v-* \ | thumb-* | v850-* | d30v-* | tic30-* | c30-* | fr30-* \ | bs2000-* | tic54x-* | c54x-* | x86_64-*) ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) basic_machine=i386-unknown os=-bsd ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) basic_machine=m68000-att ;; 3b*) basic_machine=we32k-att ;; a29khif) basic_machine=a29k-amd os=-udi ;; adobe68k) basic_machine=m68010-adobe os=-scout ;; alliant | fx80) basic_machine=fx80-alliant ;; altos | altos3068) basic_machine=m68k-altos ;; am29k) basic_machine=a29k-none os=-bsd ;; amdahl) basic_machine=580-amdahl os=-sysv ;; amiga | amiga-*) basic_machine=m68k-unknown ;; amigaos | amigados) basic_machine=m68k-unknown os=-amigaos ;; amigaunix | amix) basic_machine=m68k-unknown os=-sysv4 ;; apollo68) basic_machine=m68k-apollo os=-sysv ;; apollo68bsd) basic_machine=m68k-apollo os=-bsd ;; aux) basic_machine=m68k-apple os=-aux ;; balance) basic_machine=ns32k-sequent os=-dynix ;; convex-c1) basic_machine=c1-convex os=-bsd ;; convex-c2) basic_machine=c2-convex os=-bsd ;; convex-c32) basic_machine=c32-convex os=-bsd ;; convex-c34) basic_machine=c34-convex os=-bsd ;; convex-c38) basic_machine=c38-convex os=-bsd ;; cray | ymp) basic_machine=ymp-cray os=-unicos ;; cray2) basic_machine=cray2-cray os=-unicos ;; [ctj]90-cray) basic_machine=c90-cray os=-unicos ;; crds | unos) basic_machine=m68k-crds ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; da30 | da30-*) basic_machine=m68k-da30 ;; decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola ;; delta88) basic_machine=m88k-motorola os=-sysv3 ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx ;; dpx2* | dpx2*-bull) basic_machine=m68k-bull os=-sysv3 ;; ebmon29k) basic_machine=a29k-amd os=-ebmon ;; elxsi) basic_machine=elxsi-elxsi os=-bsd ;; encore | umax | mmax) basic_machine=ns32k-encore ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson os=-ose ;; fx2800) basic_machine=i860-alliant ;; genix) basic_machine=ns32k-ns ;; gmicro) basic_machine=tron-gmicro os=-sysv ;; h3050r* | hiux*) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; h8300hms) basic_machine=h8300-hitachi os=-hms ;; h8300xray) basic_machine=h8300-hitachi os=-xray ;; h8500hms) basic_machine=h8500-hitachi os=-hms ;; harris) basic_machine=m88k-harris os=-sysv3 ;; hp300-*) basic_machine=m68k-hp ;; hp300bsd) basic_machine=m68k-hp os=-bsd ;; hp300hpux) basic_machine=m68k-hp os=-hpux ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) basic_machine=m68000-hp ;; hp9k3[2-9][0-9]) basic_machine=m68k-hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) basic_machine=hppa1.1-hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) basic_machine=hppa1.1-hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) basic_machine=hppa1.0-hp ;; hppa-next) os=-nextstep3 ;; hppaosf) basic_machine=hppa1.1-hp os=-osf ;; hppro) basic_machine=hppa1.1-hp os=-proelf ;; i370-ibm* | ibm*) basic_machine=i370-ibm ;; # I'm not sure what "Sysv32" means. Should this be sysv3.2? i[34567]86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 ;; i[34567]86v4*) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv4 ;; i[34567]86v) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv ;; i[34567]86sol2) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-solaris2 ;; i386mach) basic_machine=i386-mach os=-mach ;; i386-vsta | vsta) basic_machine=i386-unknown os=-vsta ;; i386-go32 | go32) basic_machine=i386-unknown os=-go32 ;; i386-mingw32 | mingw32) basic_machine=i386-unknown os=-mingw32 ;; i[34567]86-pw32 | pw32) basic_machine=i586-unknown os=-pw32 ;; iris | iris4d) basic_machine=mips-sgi case $os in -irix*) ;; *) os=-irix4 ;; esac ;; isi68 | isi) basic_machine=m68k-isi os=-sysv ;; m88k-omron*) basic_machine=m88k-omron ;; magnum | m3230) basic_machine=mips-mips os=-sysv ;; merlin) basic_machine=ns32k-utek os=-sysv ;; miniframe) basic_machine=m68000-convergent ;; *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) basic_machine=m68k-atari os=-mint ;; mipsel*-linux*) basic_machine=mipsel-unknown os=-linux-gnu ;; mips*-linux*) basic_machine=mips-unknown os=-linux-gnu ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown ;; mmix*) basic_machine=mmix-knuth os=-mmixware ;; monitor) basic_machine=m68k-rom68k os=-coff ;; msdos) basic_machine=i386-unknown os=-msdos ;; mvs) basic_machine=i370-ibm os=-mvs ;; ncr3000) basic_machine=i486-ncr os=-sysv4 ;; netbsd386) basic_machine=i386-unknown os=-netbsd ;; netwinder) basic_machine=armv4l-rebel os=-linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony os=-newsos ;; news1000) basic_machine=m68030-sony os=-newsos ;; news-3600 | risc-news) basic_machine=mips-sony os=-newsos ;; necv70) basic_machine=v70-nec os=-sysv ;; next | m*-next ) basic_machine=m68k-next case $os in -nextstep* ) ;; -ns2*) os=-nextstep2 ;; *) os=-nextstep3 ;; esac ;; nh3000) basic_machine=m68k-harris os=-cxux ;; nh[45]000) basic_machine=m88k-harris os=-cxux ;; nindy960) basic_machine=i960-intel os=-nindy ;; mon960) basic_machine=i960-intel os=-mon960 ;; nonstopux) basic_machine=mips-compaq os=-nonstopux ;; np1) basic_machine=np1-gould ;; nsr-tandem) basic_machine=nsr-tandem ;; op50n-* | op60c-*) basic_machine=hppa1.1-oki os=-proelf ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose ;; os68k) basic_machine=m68k-none os=-os68k ;; pa-hitachi) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; paragon) basic_machine=i860-intel os=-osf ;; pbd) basic_machine=sparc-tti ;; pbb) basic_machine=m68k-tti ;; pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pentium | p5 | k5 | k6 | nexgen) basic_machine=i586-pc ;; pentiumpro | p6 | 6x86 | athlon) basic_machine=i686-pc ;; pentiumii | pentium2) basic_machine=i686-pc ;; pentium-* | p5-* | k5-* | k6-* | nexgen-*) basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumii-* | pentium2-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ps2) basic_machine=i386-ibm ;; rom68k) basic_machine=m68k-rom68k os=-coff ;; rm[46]00) basic_machine=mips-siemens ;; rtpc | rtpc-*) basic_machine=romp-ibm ;; sa29200) basic_machine=a29k-amd os=-udi ;; sequent) basic_machine=i386-sequent ;; sh) basic_machine=sh-hitachi os=-hms ;; sparclite-wrs) basic_machine=sparclite-wrs os=-vxworks ;; sps7) basic_machine=m68k-bull os=-sysv2 ;; spur) basic_machine=spur-unknown ;; st2000) basic_machine=m68k-tandem ;; stratus) basic_machine=i860-stratus os=-sysv4 ;; sun2) basic_machine=m68000-sun ;; sun2os3) basic_machine=m68000-sun os=-sunos3 ;; sun2os4) basic_machine=m68000-sun os=-sunos4 ;; sun3os3) basic_machine=m68k-sun os=-sunos3 ;; sun3os4) basic_machine=m68k-sun os=-sunos4 ;; sun4os3) basic_machine=sparc-sun os=-sunos3 ;; sun4os4) basic_machine=sparc-sun os=-sunos4 ;; sun4sol2) basic_machine=sparc-sun os=-solaris2 ;; sun3 | sun3-*) basic_machine=m68k-sun ;; sun4) basic_machine=sparc-sun ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun ;; sv1) basic_machine=sv1-cray os=-unicos ;; symmetry) basic_machine=i386-sequent os=-dynix ;; t3e) basic_machine=t3e-cray os=-unicos ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff ;; tx39) basic_machine=mipstx39-unknown ;; tx39el) basic_machine=mipstx39el-unknown ;; tower | tower-32) basic_machine=m68k-ncr ;; udi29k) basic_machine=a29k-amd os=-udi ;; ultra3) basic_machine=a29k-nyu os=-sym1 ;; v810 | necv810) basic_machine=v810-nec os=-none ;; vaxv) basic_machine=vax-dec os=-sysv ;; vms) basic_machine=vax-dec os=-vms ;; vpp*|vx|vx-*) basic_machine=f301-fujitsu ;; vxworks960) basic_machine=i960-wrs os=-vxworks ;; vxworks68) basic_machine=m68k-wrs os=-vxworks ;; vxworks29k) basic_machine=a29k-wrs os=-vxworks ;; w65*) basic_machine=w65-wdc os=-none ;; w89k-*) basic_machine=hppa1.1-winbond os=-proelf ;; xmp) basic_machine=xmp-cray os=-unicos ;; xps | xps100) basic_machine=xps100-honeywell ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim ;; none) basic_machine=none-none os=-none ;; # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) basic_machine=hppa1.1-winbond ;; op50n) basic_machine=hppa1.1-oki ;; op60c) basic_machine=hppa1.1-oki ;; mips) if [ x$os = x-linux-gnu ]; then basic_machine=mips-unknown else basic_machine=mips-mips fi ;; romp) basic_machine=romp-ibm ;; rs6000) basic_machine=rs6000-ibm ;; vax) basic_machine=vax-dec ;; pdp11) basic_machine=pdp11-dec ;; we32k) basic_machine=we32k-att ;; sh3 | sh4) basic_machine=sh-unknown ;; sparc | sparcv9) basic_machine=sparc-sun ;; cydra) basic_machine=cydra-cydrome ;; orion) basic_machine=orion-highlevel ;; orion105) basic_machine=clipper-highlevel ;; mac | mpw | mac-mpw) basic_machine=m68k-apple ;; pmac | pmac-mpw) basic_machine=powerpc-apple ;; c4x*) basic_machine=c4x-none os=-coff ;; *) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; esac # Here we canonicalize certain aliases for manufacturers. case $basic_machine in *-digital*) basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` ;; *-commodore*) basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if [ x"$os" != x"" ] then case $os in # First match some system type aliases # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; -solaris) os=-solaris2 ;; -svr4*) os=-sysv4 ;; -unixware*) os=-sysv4.2uw ;; -gnu/linux*) os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` ;; # First accept the basic system types. # The portable systems comes first. # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \ | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* | -storm-chaos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) case $basic_machine in x86-* | i[34567]86-*) ;; *) os=-nto$os ;; esac ;; -nto*) os=-nto-qnx ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo $os | sed -e 's|mac|macos|'` ;; -linux*) os=`echo $os | sed -e 's|linux|linux-gnu|'` ;; -sunos5*) os=`echo $os | sed -e 's|sunos5|solaris2|'` ;; -sunos6*) os=`echo $os | sed -e 's|sunos6|solaris3|'` ;; -opened*) os=-openedition ;; -wince*) os=-wince ;; -osfrose*) os=-osfrose ;; -osf*) os=-osf ;; -utek*) os=-bsd ;; -dynix*) os=-bsd ;; -acis*) os=-aos ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; -ns2 ) os=-nextstep2 ;; -nsk*) os=-nsk ;; # Preserve the version number of sinix5. -sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` ;; -sinix*) os=-sysv4 ;; -triton*) os=-sysv3 ;; -oss*) os=-sysv3 ;; -svr4) os=-sysv4 ;; -svr3) os=-sysv3 ;; -sysvr4) os=-sysv4 ;; # This must come after -sysvr4. -sysv*) ;; -ose*) os=-ose ;; -es1800*) os=-ose ;; -xenix) os=-xenix ;; -*mint | -*MiNT) os=-mint ;; -none) ;; *) # Get rid of the `-' at the beginning of $os. os=`echo $os | sed 's/[^-]*-//'` echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 exit 1 ;; esac else # Here we handle the default operating systems that come with various machines. # The value should be what the vendor currently ships out the door with their # machine or put another way, the most popular os provided with the machine. # Note that if you're going to try to match "-MANUFACTURER" here (say, # "-sun"), then you have to tell the case statement up towards the top # that MANUFACTURER isn't an operating system. Otherwise, code above # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. case $basic_machine in *-acorn) os=-riscix1.2 ;; arm*-rebel) os=-linux ;; arm*-semi) os=-aout ;; pdp11-*) os=-none ;; *-dec | vax-*) os=-ultrix4.2 ;; m68*-apollo) os=-domain ;; i386-sun) os=-sunos4.0.2 ;; m68000-sun) os=-sunos3 # This also exists in the configure program, but was not the # default. # os=-sunos4 ;; m68*-cisco) os=-aout ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; sparc-* | *-sun) os=-sunos4.1.1 ;; *-be) os=-beos ;; *-ibm) os=-aix ;; *-wec) os=-proelf ;; *-winbond) os=-proelf ;; *-oki) os=-proelf ;; *-hp) os=-hpux ;; *-hitachi) os=-hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) os=-sysv ;; *-cbm) os=-amigaos ;; *-dg) os=-dgux ;; *-dolphin) os=-sysv3 ;; m68k-ccur) os=-rtu ;; m88k-omron*) os=-luna ;; *-next ) os=-nextstep ;; *-sequent) os=-ptx ;; *-crds) os=-unos ;; *-ns) os=-genix ;; i370-*) os=-mvs ;; *-next) os=-nextstep3 ;; *-gould) os=-sysv ;; *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; *-sgi) os=-irix ;; *-siemens) os=-sysv4 ;; *-masscomp) os=-rtu ;; f30[01]-fujitsu) os=-uxpv ;; *-rom68k) os=-coff ;; *-*bug) os=-coff ;; *-apple) os=-macos ;; *-atari*) os=-mint ;; *) os=-none ;; esac fi # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. vendor=unknown case $basic_machine in *-unknown) case $os in -riscix*) vendor=acorn ;; -sunos*) vendor=sun ;; -aix*) vendor=ibm ;; -beos*) vendor=be ;; -hpux*) vendor=hp ;; -mpeix*) vendor=hp ;; -hiux*) vendor=hitachi ;; -unos*) vendor=crds ;; -dgux*) vendor=dg ;; -luna*) vendor=omron ;; -genix*) vendor=ns ;; -mvs* | -opened*) vendor=ibm ;; -ptx*) vendor=sequent ;; -vxsim* | -vxworks*) vendor=wrs ;; -aux*) vendor=apple ;; -hms*) vendor=hitachi ;; -mpw* | -macos*) vendor=apple ;; -*mint | -*MiNT) vendor=atari ;; esac basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` ;; esac echo $basic_machine$os exit 0 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: libnids-1.26/configure000077500000000000000000005267261415573252600150310ustar00rootroot00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59. # # Copyright (C) 2003 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi DUALCASE=1; export DUALCASE # for MKS sh # Support unset when possible. if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi # Work around bugs in pre-3.0 UWIN ksh. $as_unset ENV MAIL MAILPATH PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. for as_var in \ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ LC_TELEPHONE LC_TIME do if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then eval $as_var=C; export $as_var else $as_unset $as_var fi done # Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi # Name of the executable. as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ . : '\(.\)' 2>/dev/null || echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } /^X\/\(\/\/\)$/{ s//\1/; q; } /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then echo "#! /bin/sh" >conf$$.sh echo "exit 0" >>conf$$.sh chmod +x conf$$.sh if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi rm -f conf$$.sh fi as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" || { # Find who we are. Look in the path if we contain no path at all # relative or not. case $0 in *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2 { (exit 1); exit 1; }; } fi case $CONFIG_SHELL in '') as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for as_base in sh bash ksh sh5; do case $as_dir in /*) if ("$as_dir/$as_base" -c ' as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} fi;; esac done done ;; esac # Create $as_me.lineno as a copy of $as_myself, but with $LINENO # uniformly replaced by the line number. The first 'sed' inserts a # line-number line before each line; the second 'sed' does the real # work. The second script uses 'N' to pair each line-number line # with the numbered line, and appends trailing '-' during # substitution so that $LINENO is not a special case at line end. # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) sed '=' <$as_myself | sed ' N s,$,-, : loop s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, t loop s,-$,, s,^['$as_cr_digits']*\n,, ' >$as_me.lineno && chmod +x $as_me.lineno || { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 { (exit 1); exit 1; }; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensible to this). . ./$as_me.lineno # Exit status is that of the last command. exit } case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in *c*,-n*) ECHO_N= ECHO_C=' ' ECHO_T=' ' ;; *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; *) ECHO_N= ECHO_C='\c' ECHO_T= ;; esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi rm -f conf$$ conf$$.exe conf$$.file echo >conf$$.file if ln -s conf$$.file conf$$ 2>/dev/null; then # We could just check for DJGPP; but this test a) works b) is more generic # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). if test -f conf$$.exe; then # Don't use ln at all; we don't have any links as_ln_s='cp -p' else as_ln_s='ln -s' fi elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.file if mkdir -p . 2>/dev/null; then as_mkdir_p=: else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS # We need space, tab and new line, in precisely that order. as_nl=' ' IFS=" $as_nl" # CDPATH. $as_unset CDPATH # Name of the host. # hostname on some systems (SVR3.2, Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` exec 6>&1 # # Initializations. # ac_default_prefix=/usr/local ac_config_libobj_dir=. cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. # This variable seems obsolete. It should probably be removed, and # only ac_max_sed_lines should be used. : ${ac_max_here_lines=38} # Identity of this package. PACKAGE_NAME= PACKAGE_TARNAME= PACKAGE_VERSION= PACKAGE_STRING= PACKAGE_BUGREPORT= ac_unique_file="src/libnids.c" # Factoring default headers for most tests. ac_includes_default="\ #include #if HAVE_SYS_TYPES_H # include #endif #if HAVE_SYS_STAT_H # include #endif #if STDC_HEADERS # include # include #else # if HAVE_STDLIB_H # include # endif #endif #if HAVE_STRING_H # if !STDC_HEADERS && HAVE_MEMORY_H # include # endif # include #endif #if HAVE_STRINGS_H # include #endif #if HAVE_INTTYPES_H # include #else # if HAVE_STDINT_H # include # endif #endif #if HAVE_UNISTD_H # include #endif" ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CPP EGREP PCAP_CFLAGS PCAPLIB PKG_CONFIG ac_pt_PKG_CONFIG GLIB_CFLAGS GLIB_LIBS GTHREAD_CFLAGS GTHREAD_LIBS LNET_CFLAGS LNETLIB BUILD_SHARED ICMPHEADER TCPSTATES HAVE_BSD_UDPHDR LIBNET_VER LIBOBJS LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. ac_init_help= ac_init_version=false # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datadir='${prefix}/share' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' libdir='${exec_prefix}/lib' includedir='${prefix}/include' oldincludedir='/usr/include' infodir='${prefix}/info' mandir='${prefix}/man' ac_prev= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval "$ac_prev=\$ac_option" ac_prev= continue fi ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'` # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_option in -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad | --data | --dat | --da) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ | --da=*) datadir=$ac_optarg ;; -disable-* | --disable-*) ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } ac_feature=`echo $ac_feature | sed 's/-/_/g'` eval "enable_$ac_feature=no" ;; -enable-* | --enable-*) ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } ac_feature=`echo $ac_feature | sed 's/-/_/g'` case $ac_option in *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; *) ac_optarg=yes ;; esac eval "enable_$ac_feature='$ac_optarg'" ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst \ | --locals | --local | --loca | --loc | --lo) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* \ | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } ac_package=`echo $ac_package| sed 's/-/_/g'` case $ac_option in *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; *) ac_optarg=yes ;; esac eval "with_$ac_package='$ac_optarg'" ;; -without-* | --without-*) ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } ac_package=`echo $ac_package | sed 's/-/_/g'` eval "with_$ac_package=no" ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) { echo "$as_me: error: unrecognized option: $ac_option Try \`$0 --help' for more information." >&2 { (exit 1); exit 1; }; } ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 { (exit 1); exit 1; }; } ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` eval "$ac_envvar='$ac_optarg'" export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` { echo "$as_me: error: missing argument to $ac_option" >&2 { (exit 1); exit 1; }; } fi # Be sure to have absolute paths. for ac_var in exec_prefix prefix do eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* | NONE | '' ) ;; *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done # Be sure to have absolute paths. for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \ localstatedir libdir includedir oldincludedir infodir mandir do eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* ) ;; *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. If a cross compiler is detected then cross compile mode will be used." >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then its parent. ac_confdir=`(dirname "$0") 2>/dev/null || $as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$0" : 'X\(//\)[^/]' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$0" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` srcdir=$ac_confdir if test ! -r $srcdir/$ac_unique_file; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r $srcdir/$ac_unique_file; then if test "$ac_srcdir_defaulted" = yes; then { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2 { (exit 1); exit 1; }; } else { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 { (exit 1); exit 1; }; } fi fi (cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null || { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2 { (exit 1); exit 1; }; } srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'` ac_env_build_alias_set=${build_alias+set} ac_env_build_alias_value=$build_alias ac_cv_env_build_alias_set=${build_alias+set} ac_cv_env_build_alias_value=$build_alias ac_env_host_alias_set=${host_alias+set} ac_env_host_alias_value=$host_alias ac_cv_env_host_alias_set=${host_alias+set} ac_cv_env_host_alias_value=$host_alias ac_env_target_alias_set=${target_alias+set} ac_env_target_alias_value=$target_alias ac_cv_env_target_alias_set=${target_alias+set} ac_cv_env_target_alias_value=$target_alias ac_env_CC_set=${CC+set} ac_env_CC_value=$CC ac_cv_env_CC_set=${CC+set} ac_cv_env_CC_value=$CC ac_env_CFLAGS_set=${CFLAGS+set} ac_env_CFLAGS_value=$CFLAGS ac_cv_env_CFLAGS_set=${CFLAGS+set} ac_cv_env_CFLAGS_value=$CFLAGS ac_env_LDFLAGS_set=${LDFLAGS+set} ac_env_LDFLAGS_value=$LDFLAGS ac_cv_env_LDFLAGS_set=${LDFLAGS+set} ac_cv_env_LDFLAGS_value=$LDFLAGS ac_env_CPPFLAGS_set=${CPPFLAGS+set} ac_env_CPPFLAGS_value=$CPPFLAGS ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set} ac_cv_env_CPPFLAGS_value=$CPPFLAGS ac_env_CPP_set=${CPP+set} ac_env_CPP_value=$CPP ac_cv_env_CPP_set=${CPP+set} ac_cv_env_CPP_value=$CPP ac_env_PKG_CONFIG_set=${PKG_CONFIG+set} ac_env_PKG_CONFIG_value=$PKG_CONFIG ac_cv_env_PKG_CONFIG_set=${PKG_CONFIG+set} ac_cv_env_PKG_CONFIG_value=$PKG_CONFIG ac_env_GLIB_CFLAGS_set=${GLIB_CFLAGS+set} ac_env_GLIB_CFLAGS_value=$GLIB_CFLAGS ac_cv_env_GLIB_CFLAGS_set=${GLIB_CFLAGS+set} ac_cv_env_GLIB_CFLAGS_value=$GLIB_CFLAGS ac_env_GLIB_LIBS_set=${GLIB_LIBS+set} ac_env_GLIB_LIBS_value=$GLIB_LIBS ac_cv_env_GLIB_LIBS_set=${GLIB_LIBS+set} ac_cv_env_GLIB_LIBS_value=$GLIB_LIBS ac_env_GTHREAD_CFLAGS_set=${GTHREAD_CFLAGS+set} ac_env_GTHREAD_CFLAGS_value=$GTHREAD_CFLAGS ac_cv_env_GTHREAD_CFLAGS_set=${GTHREAD_CFLAGS+set} ac_cv_env_GTHREAD_CFLAGS_value=$GTHREAD_CFLAGS ac_env_GTHREAD_LIBS_set=${GTHREAD_LIBS+set} ac_env_GTHREAD_LIBS_value=$GTHREAD_LIBS ac_cv_env_GTHREAD_LIBS_set=${GTHREAD_LIBS+set} ac_cv_env_GTHREAD_LIBS_value=$GTHREAD_LIBS # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures this package to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] _ACEOF cat <<_ACEOF Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --datadir=DIR read-only architecture-independent data [PREFIX/share] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --infodir=DIR info documentation [PREFIX/info] --mandir=DIR man documentation [PREFIX/man] _ACEOF cat <<\_ACEOF System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] --target=TARGET configure for building compilers for TARGET [HOST] _ACEOF fi if test -n "$ac_init_help"; then cat <<\_ACEOF Optional Features: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --disable-libglib use glib2 for multiprocessing support --disable-libnet whether to include code requiring libnet --enable-shared enable building shared libraries Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-libpcap=DIR use libpcap build directory --with-libnet=DIR use libnet build directory Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory CPPFLAGS C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor PKG_CONFIG path to pkg-config utility GLIB_CFLAGS C compiler flags for GLIB, overriding pkg-config GLIB_LIBS linker flags for GLIB, overriding pkg-config GTHREAD_CFLAGS C compiler flags for GTHREAD, overriding pkg-config GTHREAD_LIBS linker flags for GTHREAD, overriding pkg-config Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. _ACEOF fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. ac_popdir=`pwd` for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d $ac_dir || continue ac_builddir=. if test "$ac_dir" != .; then ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi case $srcdir in .) # No --srcdir option. We are building in place. ac_srcdir=. if test -z "$ac_top_builddir"; then ac_top_srcdir=. else ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` fi ;; [\\/]* | ?:[\\/]* ) # Absolute path. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ;; *) # Relative path. ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac # Do not use `cd foo && pwd` to compute absolute paths, because # the directories may not exist. case `pwd` in .) ac_abs_builddir="$ac_dir";; *) case "$ac_dir" in .) ac_abs_builddir=`pwd`;; [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; *) ac_abs_builddir=`pwd`/"$ac_dir";; esac;; esac case $ac_abs_builddir in .) ac_abs_top_builddir=${ac_top_builddir}.;; *) case ${ac_top_builddir}. in .) ac_abs_top_builddir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; esac;; esac case $ac_abs_builddir in .) ac_abs_srcdir=$ac_srcdir;; *) case $ac_srcdir in .) ac_abs_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; esac;; esac case $ac_abs_builddir in .) ac_abs_top_srcdir=$ac_top_srcdir;; *) case $ac_top_srcdir in .) ac_abs_top_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; esac;; esac cd $ac_dir # Check for guested configure; otherwise get Cygnus style configure. if test -f $ac_srcdir/configure.gnu; then echo $SHELL $ac_srcdir/configure.gnu --help=recursive elif test -f $ac_srcdir/configure; then echo $SHELL $ac_srcdir/configure --help=recursive elif test -f $ac_srcdir/configure.ac || test -f $ac_srcdir/configure.in; then echo $ac_configure --help else echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi cd "$ac_popdir" done fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF Copyright (C) 2003 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit 0 fi exec 5>config.log cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ _ACEOF { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` hostinfo = `(hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. echo "PATH: $as_dir" done } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_sep= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; 2) ac_configure_args1="$ac_configure_args1 '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" # Get rid of the leading space. ac_sep=" " ;; esac done done $as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } $as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Be sure not to use single quotes in there, as some shells, # such as our DU 5.0 friend, will then `close' the trap. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo cat <<\_ASBOX ## ---------------- ## ## Cache variables. ## ## ---------------- ## _ASBOX echo # The following way of writing the cache mishandles newlines in values, { (set) 2>&1 | case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in *ac_space=\ *) sed -n \ "s/'"'"'/'"'"'\\\\'"'"''"'"'/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p" ;; *) sed -n \ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } echo cat <<\_ASBOX ## ----------------- ## ## Output variables. ## ## ----------------- ## _ASBOX echo for ac_var in $ac_subst_vars do eval ac_val=$`echo $ac_var` echo "$ac_var='"'"'$ac_val'"'"'" done | sort echo if test -n "$ac_subst_files"; then cat <<\_ASBOX ## ------------- ## ## Output files. ## ## ------------- ## _ASBOX echo for ac_var in $ac_subst_files do eval ac_val=$`echo $ac_var` echo "$ac_var='"'"'$ac_val'"'"'" done | sort echo fi if test -s confdefs.h; then cat <<\_ASBOX ## ----------- ## ## confdefs.h. ## ## ----------- ## _ASBOX echo sed "/^$/d" confdefs.h | sort echo fi test "$ac_signal" != 0 && echo "$as_me: caught signal $ac_signal" echo "$as_me: exit $exit_status" } >&5 rm -f core *.core && rm -rf conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -rf conftest* confdefs.h # AIX cpp loses on an empty file, so make sure it contains at least a newline. echo >confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer explicitly selected file to automatically selected ones. if test -z "$CONFIG_SITE"; then if test "x$prefix" != xNONE; then CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" else CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi fi for ac_site_file in $CONFIG_SITE; do if test -r "$ac_site_file"; then { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special # files actually), so we avoid doing that. if test -f "$cache_file"; then { echo "$as_me:$LINENO: loading cache $cache_file" >&5 echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . $cache_file;; *) . ./$cache_file;; esac fi else { echo "$as_me:$LINENO: creating cache $cache_file" >&5 echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in `(set) 2>&1 | sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val="\$ac_cv_env_${ac_var}_value" eval ac_new_val="\$ac_env_${ac_var}_value" case $ac_old_set,$ac_new_set in set,) { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 echo "$as_me: former value: $ac_old_val" >&2;} { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 echo "$as_me: current value: $ac_new_val" >&2;} ac_cache_corrupted=: fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 echo "$as_me: error: changes in the environment can compromise the build" >&2;} { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} { (exit 1); exit 1; }; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_aux_dir= for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do if test -f $ac_dir/install-sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f $ac_dir/install.sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f $ac_dir/shtool; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} { (exit 1); exit 1; }; } fi ac_config_guess="$SHELL $ac_aux_dir/config.guess" ac_config_sub="$SHELL $ac_aux_dir/config.sub" ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure. # Make sure we can run config.sub. $ac_config_sub sun4 >/dev/null 2>&1 || { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5 echo "$as_me: error: cannot run $ac_config_sub" >&2;} { (exit 1); exit 1; }; } echo "$as_me:$LINENO: checking build system type" >&5 echo $ECHO_N "checking build system type... $ECHO_C" >&6 if test "${ac_cv_build+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_build_alias=$build_alias test -z "$ac_cv_build_alias" && ac_cv_build_alias=`$ac_config_guess` test -z "$ac_cv_build_alias" && { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 echo "$as_me: error: cannot guess build type; you must specify one" >&2;} { (exit 1); exit 1; }; } ac_cv_build=`$ac_config_sub $ac_cv_build_alias` || { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;} { (exit 1); exit 1; }; } fi echo "$as_me:$LINENO: result: $ac_cv_build" >&5 echo "${ECHO_T}$ac_cv_build" >&6 build=$ac_cv_build build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` echo "$as_me:$LINENO: checking host system type" >&5 echo $ECHO_N "checking host system type... $ECHO_C" >&6 if test "${ac_cv_host+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_host_alias=$host_alias test -z "$ac_cv_host_alias" && ac_cv_host_alias=$ac_cv_build_alias ac_cv_host=`$ac_config_sub $ac_cv_host_alias` || { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;} { (exit 1); exit 1; }; } fi echo "$as_me:$LINENO: result: $ac_cv_host" >&5 echo "${ECHO_T}$ac_cv_host" >&6 host=$ac_cv_host host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` echo "$as_me:$LINENO: checking target system type" >&5 echo $ECHO_N "checking target system type... $ECHO_C" >&6 if test "${ac_cv_target+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_target_alias=$target_alias test "x$ac_cv_target_alias" = "x" && ac_cv_target_alias=$ac_cv_host_alias ac_cv_target=`$ac_config_sub $ac_cv_target_alias` || { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_target_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_target_alias failed" >&2;} { (exit 1); exit 1; }; } fi echo "$as_me:$LINENO: result: $ac_cv_target" >&5 echo "${ECHO_T}$ac_cv_target" >&6 target=$ac_cv_target target_cpu=`echo $ac_cv_target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` target_vendor=`echo $ac_cv_target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` target_os=`echo $ac_cv_target | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` # The aliases save the names the user supplied, while $host etc. # will get canonicalized. test -n "$target_alias" && test "$program_prefix$program_suffix$program_transform_name" = \ NONENONEs,x,x, && program_prefix=${target_alias}- ac_config_headers="$ac_config_headers src/config.h" if test "$prefix" = "NONE" ; then prefix="/usr/local" fi if test "$exec_prefix" = "NONE" ; then exec_prefix=$prefix fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi CC=$ac_ct_CC else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi CC=$ac_ct_CC else CC="$ac_cv_prog_CC" fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$ac_ct_CC" && break done CC=$ac_ct_CC fi fi test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH See \`config.log' for more details." >&5 echo "$as_me: error: no acceptable C compiler found in \$PATH See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } # Provide some information about the compiler. echo "$as_me:$LINENO:" \ "checking for C compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` { (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 (eval $ac_compiler --version &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } { (eval echo "$as_me:$LINENO: \"$ac_compiler -v &5\"") >&5 (eval $ac_compiler -v &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } { (eval echo "$as_me:$LINENO: \"$ac_compiler -V &5\"") >&5 (eval $ac_compiler -V &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6 ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 (eval $ac_link_default) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # Find the output, starting from the most likely. This scheme is # not robust to junk in `.', hence go to wildcards (a.*) only as a last # resort. # Be careful to initialize this variable, since it used to be cached. # Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile. ac_cv_exeext= # b.out is created by i960 compilers. for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; conftest.$ac_ext ) # This is the source file. ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` # FIXME: I believe we export ac_cv_exeext for Libtool, # but it would be cool to find out if it's true. Does anybody # maintain Libtool? --akim. export ac_cv_exeext break;; * ) break;; esac done else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: C compiler cannot create executables See \`config.log' for more details." >&5 echo "$as_me: error: C compiler cannot create executables See \`config.log' for more details." >&2;} { (exit 77); exit 77; }; } fi ac_exeext=$ac_cv_exeext echo "$as_me:$LINENO: result: $ac_file" >&5 echo "${ECHO_T}$ac_file" >&6 # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. echo "$as_me:$LINENO: checking whether the C compiler works" >&5 echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6 # FIXME: These cross compiler hacks should be removed for Autoconf 3.0 # If not cross compiling, check that we can run a simple program. if test "$cross_compiling" != yes; then if { ac_try='./$ac_file' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { echo "$as_me:$LINENO: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details." >&5 echo "$as_me: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi fi fi echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 rm -f a.out a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6 echo "$as_me:$LINENO: result: $cross_compiling" >&5 echo "${ECHO_T}$cross_compiling" >&6 echo "$as_me:$LINENO: checking for suffix of executables" >&5 echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` export ac_cv_exeext break;; * ) break;; esac done else { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&5 echo "$as_me: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi rm -f conftest$ac_cv_exeext echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 echo "${ECHO_T}$ac_cv_exeext" >&6 rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT echo "$as_me:$LINENO: checking for suffix of object files" >&5 echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6 if test "${ac_cv_objext+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile See \`config.log' for more details." >&5 echo "$as_me: error: cannot compute suffix of object files: cannot compile See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 echo "${ECHO_T}$ac_cv_objext" >&6 OBJEXT=$ac_cv_objext ac_objext=$OBJEXT echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6 if test "${ac_cv_c_compiler_gnu+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_compiler_gnu=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_compiler_gnu=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6 GCC=`test $ac_compiler_gnu = yes && echo yes` ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS CFLAGS="-g" echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6 if test "${ac_cv_prog_cc_g+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_prog_cc_g=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 if test "${ac_cv_prog_cc_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_prog_cc_stdc=no ac_save_CC=$CC cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std1 is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std1. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF # Don't try gcc -ansi; that turns off useful extensions and # breaks some systems' header files. # AIX -qlanglvl=ansi # Ultrix and OSF/1 -std1 # HP-UX 10.20 and later -Ae # HP-UX older versions -Aa -D_HPUX_SOURCE # SVR4 -Xc -D__EXTENSIONS__ for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_stdc=$ac_arg break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext done rm -f conftest.$ac_ext conftest.$ac_objext CC=$ac_save_CC fi case "x$ac_cv_prog_cc_stdc" in x|xno) echo "$as_me:$LINENO: result: none needed" >&5 echo "${ECHO_T}none needed" >&6 ;; *) echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 CC="$CC $ac_cv_prog_cc_stdc" ;; esac # Some people use a C++ compiler to compile C. Since we use `exit', # in C++ we need to declare it. In case someone uses the same compiler # for both compiling C and C++ we need to have the C++ compiler decide # the declaration of exit, since it's the most demanding environment. cat >conftest.$ac_ext <<_ACEOF #ifndef __cplusplus choke me #endif _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then for ac_declaration in \ '' \ 'extern "C" void std::exit (int) throw (); using std::exit;' \ 'extern "C" void std::exit (int); using std::exit;' \ 'extern "C" void exit (int) throw ();' \ 'extern "C" void exit (int);' \ 'void exit (int);' do cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_declaration #include int main () { exit (42); ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 continue fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_declaration int main () { exit (42); ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done rm -f conftest* if test -n "$ac_declaration"; then echo '#ifdef __cplusplus' >>confdefs.h echo $ac_declaration >>confdefs.h echo '#endif' >>confdefs.h fi else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then echo "$as_me:$LINENO: result: $RANLIB" >&5 echo "${ECHO_T}$RANLIB" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done test -z "$ac_cv_prog_ac_ct_RANLIB" && ac_cv_prog_ac_ct_RANLIB=":" fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 echo "${ECHO_T}$ac_ct_RANLIB" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi RANLIB=$ac_ct_RANLIB else RANLIB="$ac_cv_prog_RANLIB" fi # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6 if test -z "$INSTALL"; then if test "${ac_cv_path_install+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in ./ | .// | /cC/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi done done ;; esac done fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. We don't cache a # path for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the path is relative. INSTALL=$ac_install_sh fi fi echo "$as_me:$LINENO: result: $INSTALL" >&5 echo "${ECHO_T}$INSTALL" >&6 # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if test "${ac_cv_prog_CPP+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Broken: fails on valid input. continue fi rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then # Broken: success on invalid input. continue else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext if $ac_preproc_ok; then break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi echo "$as_me:$LINENO: result: $CPP" >&5 echo "${ECHO_T}$CPP" >&6 ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Broken: fails on valid input. continue fi rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then # Broken: success on invalid input. continue else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details." >&5 echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu echo "$as_me:$LINENO: checking for egrep" >&5 echo $ECHO_N "checking for egrep... $ECHO_C" >&6 if test "${ac_cv_prog_egrep+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if echo a | (grep -E '(a|b)') >/dev/null 2>&1 then ac_cv_prog_egrep='grep -E' else ac_cv_prog_egrep='egrep' fi fi echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5 echo "${ECHO_T}$ac_cv_prog_egrep" >&6 EGREP=$ac_cv_prog_egrep echo "$as_me:$LINENO: checking for ANSI C header files" >&5 echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 if test "${ac_cv_header_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_header_stdc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_header_stdc=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } _ACEOF rm -f conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ( exit $ac_status ) ac_cv_header_stdc=no fi rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi fi echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 echo "${ECHO_T}$ac_cv_header_stdc" >&6 if test $ac_cv_header_stdc = yes; then cat >>confdefs.h <<\_ACEOF #define STDC_HEADERS 1 _ACEOF fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_Header=no" fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in sys/time.h syslog.h unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6 if test "${ac_cv_c_const+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { /* FIXME: Include the comments suggested by Paul. */ #ifndef __cplusplus /* Ultrix mips cc rejects this. */ typedef int charset[2]; const charset x; /* SunOS 4.1.1 cc rejects this. */ char const *const *ccp; char **p; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; /* AIX XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; ccp = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ ++ccp; p = (char**) ccp; ccp = (char const *const *) p; { /* SCO 3.2v4 cc rejects this. */ char *t; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; } { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ int x[] = {25, 17}; const int *foo = &x[0]; ++foo; } { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ typedef const int *iptr; iptr p = 0; ++p; } { /* AIX XL C 1.02.0.0 rejects this saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; }; struct s *b; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; } #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_const=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_c_const=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 echo "${ECHO_T}$ac_cv_c_const" >&6 if test $ac_cv_c_const = no; then cat >>confdefs.h <<\_ACEOF #define const _ACEOF fi echo "$as_me:$LINENO: checking for inline" >&5 echo $ECHO_N "checking for inline... $ECHO_C" >&6 if test "${ac_cv_c_inline+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; static $ac_kw foo_t static_foo () {return 0; } $ac_kw foo_t foo () {return 0; } #endif _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_inline=$ac_kw; break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done fi echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 echo "${ECHO_T}$ac_cv_c_inline" >&6 case $ac_cv_c_inline in inline | yes) ;; *) case $ac_cv_c_inline in no) ac_val=;; *) ac_val=$ac_cv_c_inline;; esac cat >>confdefs.h <<_ACEOF #ifndef __cplusplus #define inline $ac_val #endif _ACEOF ;; esac echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6 if test "${ac_cv_header_time+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include int main () { if ((struct tm *) 0) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_header_time=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_header_time=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 echo "${ECHO_T}$ac_cv_header_time" >&6 if test $ac_cv_header_time = yes; then cat >>confdefs.h <<\_ACEOF #define TIME_WITH_SYS_TIME 1 _ACEOF fi echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6 if test "${ac_cv_c_bigendian+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else # See if sys/param.h defines the BYTE_ORDER macro. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include int main () { #if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN bogus endian macros #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then # It does; now see whether it defined to BIG_ENDIAN or not. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include int main () { #if BYTE_ORDER != BIG_ENDIAN not big endian #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_bigendian=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_c_bigendian=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # It does not; compile a test program. if test "$cross_compiling" = yes; then # try to guess the endianness by grepping values into an object file ac_cv_c_bigendian=unknown cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; } short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; } int main () { _ascii (); _ebcdic (); ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then ac_cv_c_bigendian=yes fi if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then if test "$ac_cv_c_bigendian" = unknown; then ac_cv_c_bigendian=no else # finding both strings is unlikely to happen, but who knows? ac_cv_c_bigendian=unknown fi fi else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { /* Are we little or big endian? From Harbison&Steele. */ union { long l; char c[sizeof (long)]; } u; u.l = 1; exit (u.c[sizeof (long) - 1] == 1); } _ACEOF rm -f conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_bigendian=no else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ( exit $ac_status ) ac_cv_c_bigendian=yes fi rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 echo "${ECHO_T}$ac_cv_c_bigendian" >&6 case $ac_cv_c_bigendian in yes) cat >>confdefs.h <<\_ACEOF #define WORDS_BIGENDIAN 1 _ACEOF ;; no) ;; *) { { echo "$as_me:$LINENO: error: unknown endianness presetting ac_cv_c_bigendian=no (or yes) will help" >&5 echo "$as_me: error: unknown endianness presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} { (exit 1); exit 1; }; } ;; esac CFLAGS="$CFLAGS -D_BSD_SOURCE" for ac_func in gettimeofday do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done echo "$as_me:$LINENO: checking for socket in -lsocket" >&5 echo $ECHO_N "checking for socket in -lsocket... $ECHO_C" >&6 if test "${ac_cv_lib_socket_socket+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char socket (); int main () { socket (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_socket_socket=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_socket_socket=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5 echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6 if test $ac_cv_lib_socket_socket = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBSOCKET 1 _ACEOF LIBS="-lsocket $LIBS" fi echo "$as_me:$LINENO: checking for gethostbyname in -lnsl" >&5 echo $ECHO_N "checking for gethostbyname in -lnsl... $ECHO_C" >&6 if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char gethostbyname (); int main () { gethostbyname (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_nsl_gethostbyname=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_nsl_gethostbyname=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_gethostbyname" >&5 echo "${ECHO_T}$ac_cv_lib_nsl_gethostbyname" >&6 if test $ac_cv_lib_nsl_gethostbyname = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBNSL 1 _ACEOF LIBS="-lnsl $LIBS" fi case "$target_cpu" in alpha*|arm*|hp*|mips*|sparc*) ac_cv_lbl_unaligned_fail=yes ;; *) ac_cv_lbl_unaligned_fail=no ;; esac if test $ac_cv_lbl_unaligned_fail = yes ; then cat >>confdefs.h <<\_ACEOF #define LBL_ALIGN 1 _ACEOF fi echo "$as_me:$LINENO: checking for libpcap" >&5 echo $ECHO_N "checking for libpcap... $ECHO_C" >&6 # Check whether --with-libpcap or --without-libpcap was given. if test "${with_libpcap+set}" = set; then withval="$with_libpcap" case "$withval" in yes|no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; *) echo "$as_me:$LINENO: result: $withval" >&5 echo "${ECHO_T}$withval" >&6 if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAP_CFLAGS="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" else { { echo "$as_me:$LINENO: error: pcap.h or libpcap.a not found in $withval" >&5 echo "$as_me: error: pcap.h or libpcap.a not found in $withval" >&2;} { (exit 1); exit 1; }; } fi ;; esac else if test -f ${prefix}/include/pcap.h; then PCAP_CFLAGS="-I${prefix}/include" PCAPLIB="-L${exec_prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAP_CFLAGS="-I/usr/include/pcap" PCAPLIB="-lpcap" else TMP=$LIBS LIBS="-lpcap $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include int main () { pcap_open_offline("","") ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then LIBPCAP_FOUND=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 LIBPCAP_FOUND=0 fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$TMP if test $LIBPCAP_FOUND = 1 ; then PCAPLIB="-lpcap" else { { echo "$as_me:$LINENO: error: libpcap not found" >&5 echo "$as_me: error: libpcap not found" >&2;} { (exit 1); exit 1; }; } fi fi echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 fi; # Check whether --enable-libglib or --disable-libglib was given. if test "${enable_libglib+set}" = set; then enableval="$enable_libglib" echo "$as_me:$LINENO: result: skipping glib2 support" >&5 echo "${ECHO_T}skipping glib2 support" >&6 else if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_PKG_CONFIG+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else case $PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done ;; esac fi PKG_CONFIG=$ac_cv_path_PKG_CONFIG if test -n "$PKG_CONFIG"; then echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5 echo "${ECHO_T}$PKG_CONFIG" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_path_PKG_CONFIG"; then ac_pt_PKG_CONFIG=$PKG_CONFIG # Extract the first word of "pkg-config", so it can be a program name with args. set dummy pkg-config; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else case $ac_pt_PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done ;; esac fi ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG if test -n "$ac_pt_PKG_CONFIG"; then echo "$as_me:$LINENO: result: $ac_pt_PKG_CONFIG" >&5 echo "${ECHO_T}$ac_pt_PKG_CONFIG" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi PKG_CONFIG=$ac_pt_PKG_CONFIG else PKG_CONFIG="$ac_cv_path_PKG_CONFIG" fi fi if test -n "$PKG_CONFIG"; then _pkg_min_version=0.9.0 echo "$as_me:$LINENO: checking pkg-config is at least version $_pkg_min_version" >&5 echo $ECHO_N "checking pkg-config is at least version $_pkg_min_version... $ECHO_C" >&6 if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 PKG_CONFIG="" fi fi pkg_failed=no echo "$as_me:$LINENO: checking for GLIB" >&5 echo $ECHO_N "checking for GLIB... $ECHO_C" >&6 if test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"glib-2.0 >= 2.2.0\"") >&5 ($PKG_CONFIG --exists --print-errors "glib-2.0 >= 2.2.0") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then pkg_cv_GLIB_CFLAGS=`$PKG_CONFIG --cflags "glib-2.0 >= 2.2.0" 2>/dev/null` else pkg_failed=yes fi else pkg_failed=untried fi if test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"glib-2.0 >= 2.2.0\"") >&5 ($PKG_CONFIG --exists --print-errors "glib-2.0 >= 2.2.0") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then pkg_cv_GLIB_LIBS=`$PKG_CONFIG --libs "glib-2.0 >= 2.2.0" 2>/dev/null` else pkg_failed=yes fi else pkg_failed=untried fi if test $pkg_failed = yes; then GLIB_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "glib-2.0 >= 2.2.0"` # Put the nasty error message in config.log where it belongs echo "$GLIB_PKG_ERRORS" 1>&5 { { echo "$as_me:$LINENO: error: Package requirements (glib-2.0 >= 2.2.0) were not met. Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively you may set the GLIB_CFLAGS and GLIB_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details." >&5 echo "$as_me: error: Package requirements (glib-2.0 >= 2.2.0) were not met. Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively you may set the GLIB_CFLAGS and GLIB_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details." >&2;} { (exit 1); exit 1; }; } elif test $pkg_failed = untried; then { { echo "$as_me:$LINENO: error: The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively you may set the GLIB_CFLAGS and GLIB_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details." >&5 echo "$as_me: error: The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively you may set the GLIB_CFLAGS and GLIB_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } else GLIB_CFLAGS=$pkg_cv_GLIB_CFLAGS GLIB_LIBS=$pkg_cv_GLIB_LIBS echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 pkg_failed=no echo "$as_me:$LINENO: checking for GTHREAD" >&5 echo $ECHO_N "checking for GTHREAD... $ECHO_C" >&6 if test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gthread-2.0 >= 2.2.0\"") >&5 ($PKG_CONFIG --exists --print-errors "gthread-2.0 >= 2.2.0") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then pkg_cv_GTHREAD_CFLAGS=`$PKG_CONFIG --cflags "gthread-2.0 >= 2.2.0" 2>/dev/null` else pkg_failed=yes fi else pkg_failed=untried fi if test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gthread-2.0 >= 2.2.0\"") >&5 ($PKG_CONFIG --exists --print-errors "gthread-2.0 >= 2.2.0") 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then pkg_cv_GTHREAD_LIBS=`$PKG_CONFIG --libs "gthread-2.0 >= 2.2.0" 2>/dev/null` else pkg_failed=yes fi else pkg_failed=untried fi if test $pkg_failed = yes; then GTHREAD_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gthread-2.0 >= 2.2.0"` # Put the nasty error message in config.log where it belongs echo "$GTHREAD_PKG_ERRORS" 1>&5 { { echo "$as_me:$LINENO: error: Package requirements (gthread-2.0 >= 2.2.0) were not met. Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively you may set the GTHREAD_CFLAGS and GTHREAD_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details." >&5 echo "$as_me: error: Package requirements (gthread-2.0 >= 2.2.0) were not met. Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively you may set the GTHREAD_CFLAGS and GTHREAD_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details." >&2;} { (exit 1); exit 1; }; } elif test $pkg_failed = untried; then { { echo "$as_me:$LINENO: error: The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively you may set the GTHREAD_CFLAGS and GTHREAD_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details." >&5 echo "$as_me: error: The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively you may set the GTHREAD_CFLAGS and GTHREAD_LIBS environment variables to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } else GTHREAD_CFLAGS=$pkg_cv_GTHREAD_CFLAGS GTHREAD_LIBS=$pkg_cv_GTHREAD_LIBS echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 : fi echo "$as_me:$LINENO: checking for g_thread_init in -lgthread-2.0" >&5 echo $ECHO_N "checking for g_thread_init in -lgthread-2.0... $ECHO_C" >&6 if test "${ac_cv_lib_gthread_2_0_g_thread_init+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lgthread-2.0 $GTHREAD_LIBS $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char g_thread_init (); int main () { g_thread_init (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_gthread_2_0_g_thread_init=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_gthread_2_0_g_thread_init=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_gthread_2_0_g_thread_init" >&5 echo "${ECHO_T}$ac_cv_lib_gthread_2_0_g_thread_init" >&6 if test $ac_cv_lib_gthread_2_0_g_thread_init = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBGTHREAD_2_0 1 _ACEOF LIBS="-lgthread-2.0 $LIBS" fi fi fi; echo "$as_me:$LINENO: checking for libnet" >&5 echo $ECHO_N "checking for libnet... $ECHO_C" >&6 # Check whether --enable-libnet or --disable-libnet was given. if test "${enable_libnet+set}" = set; then enableval="$enable_libnet" case "$enableval" in yes) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 ;; no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 LIBNET_VER=-1 ;; *) { { echo "$as_me:$LINENO: error: no arguments expected for --disable-libnet" >&5 echo "$as_me: error: no arguments expected for --disable-libnet" >&2;} { (exit 1); exit 1; }; } ;; esac fi; # Check whether --with-libnet or --without-libnet was given. if test "${with_libnet+set}" = set; then withval="$with_libnet" case "$withval" in yes) ;; no) LIBNET_VER=-1 echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; *) echo "$as_me:$LINENO: result: $withval" >&5 echo "${ECHO_T}$withval" >&6 if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a -a -f $withval/libnet-config ; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi LNET_CFLAGS="-I$withval/include `$withval/libnet-config --defines`" LNETLIB="-L$withval/lib -lnet" elif test -f $withval/include/libnet.h -a -f $withval/src/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi LNET_CFLAGS="-I$withval/include" LNETLIB="-L$withval/src -lnet" else echo "A working combination of libnet.h, libnet.a and libnet-config not found in $withval; get libnet from www.packetfactory.net/projects/libnet and reinstall" { { echo "$as_me:$LINENO: error: libnet" >&5 echo "$as_me: error: libnet" >&2;} { (exit 1); exit 1; }; } fi ;; esac else if test "x"$LIBNET_VER = "x"-1 ; then echo "$as_me:$LINENO: result: skipping libnet" >&5 echo "${ECHO_T}skipping libnet" >&6 else if test -f ${prefix}/include/libnet.h -a ${exec_prefix}/lib/libnet.a ; then LNET_CFLAGS="-I${prefix}/include `${exec_prefix}/bin/libnet-config --defines 2>/dev/null`" LNETLIB="-L${exec_prefix}/lib -lnet" else LNET_CFLAGS="`libnet-config --defines 2>/dev/null`" LNETLIB="-lnet" fi fi fi; if test "x"$LIBNET_VER != "x"-1 ; then TMPC="$CFLAGS" TMPL="$LIBS" CFLAGS="$CFLAGS $LNET_CFLAGS" LIBS="$LNETLIB $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include int main () { libnet_get_prand(0) ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then LIBNET_FOUND=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 LIBNET_FOUND=0 fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext CFLAGS="$TMPC" LIBS="$TMPL" if test $LIBNET_FOUND = 1 ; then LNETLIB="-lnet" echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 else echo "Working libnet not found; get it from www.packetfactory.net/projects/libnet and reinstall" { { echo "$as_me:$LINENO: error: libnet" >&5 echo "$as_me: error: libnet" >&2;} { (exit 1); exit 1; }; } fi fi BUILD_SHARED= echo "$as_me:$LINENO: checking whether to build shared library" >&5 echo $ECHO_N "checking whether to build shared library... $ECHO_C" >&6 # Check whether --enable-shared or --disable-shared was given. if test "${enable_shared+set}" = set; then enableval="$enable_shared" case "$enableval" in yes) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 BUILD_SHARED=shared ;; no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; *) { { echo "$as_me:$LINENO: error: no arguments expected for --enable-shared" >&5 echo "$as_me: error: no arguments expected for --enable-shared" >&2;} { (exit 1); exit 1; }; } ;; esac else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi; echo "$as_me:$LINENO: checking the name of struct icmp" >&5 echo $ECHO_N "checking the name of struct icmp... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include int main () { struct icmphdr h;int c=h.type ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ICMPHEADER=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ICMPHEADER=0 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $ICMPHEADER = 1 ; then echo "$as_me:$LINENO: result: struct icmphdr" >&5 echo "${ECHO_T}struct icmphdr" >&6 ; else echo "$as_me:$LINENO: result: struct icmp" >&5 echo "${ECHO_T}struct icmp" >&6 fi echo "$as_me:$LINENO: checking if tcp states are defined" >&5 echo $ECHO_N "checking if tcp states are defined... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include int main () { int c=TCP_ESTABLISHED ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then TCPSTATES=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 TCPSTATES=0 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $TCPSTATES = 1 ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 ; else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi echo "$as_me:$LINENO: checking for bsd-ish struct udphdr" >&5 echo $ECHO_N "checking for bsd-ish struct udphdr... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include int main () { struct udphdr h;int c=h.uh_ulen ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then HAVE_BSD_UDPHDR=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 HAVE_BSD_UDPHDR=0 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $HAVE_BSD_UDPHDR = 1 ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 ; else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi if test "x"$LIBNET_VER != "x"-1 ; then TMP=$CFLAGS CFLAGS="$CFLAGS $LNET_CFLAGS" echo "$as_me:$LINENO: checking libnet version" >&5 echo $ECHO_N "checking libnet version... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include int main () { int c=LIBNET_PTAG_INITIALIZER ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then LIBNET_VER=1 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 LIBNET_VER=0 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext CFLAGS=$TMP if test $LIBNET_VER = 1 ; then echo "$as_me:$LINENO: result: looks new" >&5 echo "${ECHO_T}looks new" >&6 ; else echo "$as_me:$LINENO: result: looks old" >&5 echo "${ECHO_T}looks old" >&6 fi fi ac_config_files="$ac_config_files Makefile src/Makefile samples/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, don't put newlines in cache variables' values. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. { (set) 2>&1 | case `(ac_space=' '; set | grep ac_space) 2>&1` in *ac_space=\ *) # `set' does not quote correctly, so add quotes (double-quote # substitution turns \\\\ into \\, and sed turns \\ into \). sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n \ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } | sed ' t clear : clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ : end' >>confcache if diff $cache_file confcache >/dev/null 2>&1; then :; else if test -w $cache_file; then test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file" cat confcache >$cache_file else echo "not updating unwritable cache $cache_file" fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' # VPATH may cause trouble with some makes, so we remove $(srcdir), # ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=/{ s/:*\$(srcdir):*/:/; s/:*\${srcdir}:*/:/; s/:*@srcdir@:*/:/; s/^\([^=]*=[ ]*\):*/\1/; s/:*$//; s/^[^=]*=[ ]*$//; }' fi DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_i=`echo "$ac_i" | sed 's/\$U\././;s/\.o$//;s/\.obj$//'` # 2. Add them. ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext" ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : ${CONFIG_STATUS=./config.status} ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 echo "$as_me: creating $CONFIG_STATUS" >&6;} cat >$CONFIG_STATUS <<_ACEOF #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi DUALCASE=1; export DUALCASE # for MKS sh # Support unset when possible. if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi # Work around bugs in pre-3.0 UWIN ksh. $as_unset ENV MAIL MAILPATH PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. for as_var in \ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ LC_TELEPHONE LC_TIME do if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then eval $as_var=C; export $as_var else $as_unset $as_var fi done # Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi # Name of the executable. as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ . : '\(.\)' 2>/dev/null || echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } /^X\/\(\/\/\)$/{ s//\1/; q; } /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then echo "#! /bin/sh" >conf$$.sh echo "exit 0" >>conf$$.sh chmod +x conf$$.sh if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi rm -f conf$$.sh fi as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" || { # Find who we are. Look in the path if we contain no path at all # relative or not. case $0 in *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5 echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;} { (exit 1); exit 1; }; } fi case $CONFIG_SHELL in '') as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for as_base in sh bash ksh sh5; do case $as_dir in /*) if ("$as_dir/$as_base" -c ' as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} fi;; esac done done ;; esac # Create $as_me.lineno as a copy of $as_myself, but with $LINENO # uniformly replaced by the line number. The first 'sed' inserts a # line-number line before each line; the second 'sed' does the real # work. The second script uses 'N' to pair each line-number line # with the numbered line, and appends trailing '-' during # substitution so that $LINENO is not a special case at line end. # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) sed '=' <$as_myself | sed ' N s,$,-, : loop s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, t loop s,-$,, s,^['$as_cr_digits']*\n,, ' >$as_me.lineno && chmod +x $as_me.lineno || { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5 echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;} { (exit 1); exit 1; }; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensible to this). . ./$as_me.lineno # Exit status is that of the last command. exit } case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in *c*,-n*) ECHO_N= ECHO_C=' ' ECHO_T=' ' ;; *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; *) ECHO_N= ECHO_C='\c' ECHO_T= ;; esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi rm -f conf$$ conf$$.exe conf$$.file echo >conf$$.file if ln -s conf$$.file conf$$ 2>/dev/null; then # We could just check for DJGPP; but this test a) works b) is more generic # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). if test -f conf$$.exe; then # Don't use ln at all; we don't have any links as_ln_s='cp -p' else as_ln_s='ln -s' fi elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.file if mkdir -p . 2>/dev/null; then as_mkdir_p=: else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS # We need space, tab and new line, in precisely that order. as_nl=' ' IFS=" $as_nl" # CDPATH. $as_unset CDPATH exec 6>&1 # Open the log real soon, to keep \$[0] and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. Logging --version etc. is OK. exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX } >&5 cat >&5 <<_CSEOF This file was extended by $as_me, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ _CSEOF echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5 echo >&5 _ACEOF # Files that config.status was made for. if test -n "$ac_config_files"; then echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS fi if test -n "$ac_config_headers"; then echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS fi if test -n "$ac_config_links"; then echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS fi if test -n "$ac_config_commands"; then echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS fi cat >>$CONFIG_STATUS <<\_ACEOF ac_cs_usage="\ \`$as_me' instantiates files from templates according to the current configuration. Usage: $0 [OPTIONS] [FILE]... -h, --help print this help, then exit -V, --version print version number, then exit -q, --quiet do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Report bugs to ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ config.status configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Copyright (C) 2003 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." srcdir=$srcdir INSTALL="$INSTALL" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # If no file are specified by the user, then we need to provide default # value. By we need to know if files were specified by the user. ac_need_defaults=: while test $# != 0 do case $1 in --*=*) ac_option=`expr "x$1" : 'x\([^=]*\)='` ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'` ac_shift=: ;; -*) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; *) # This is not an option, so the user has probably given explicit # arguments. ac_option=$1 ac_need_defaults=false;; esac case $ac_option in # Handling of the options. _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --vers* | -V ) echo "$ac_cs_version"; exit 0 ;; --he | --h) # Conflict between --help and --header { { echo "$as_me:$LINENO: error: ambiguous option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: ambiguous option: $1 Try \`$0 --help' for more information." >&2;} { (exit 1); exit 1; }; };; --help | --hel | -h ) echo "$ac_cs_usage"; exit 0 ;; --debug | --d* | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift CONFIG_FILES="$CONFIG_FILES $ac_optarg" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" ac_need_defaults=false;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: unrecognized option: $1 Try \`$0 --help' for more information." >&2;} { (exit 1); exit 1; }; } ;; *) ac_config_targets="$ac_config_targets $1" ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF if \$ac_cs_recheck; then echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF for ac_config_target in $ac_config_targets do case "$ac_config_target" in # Handling of arguments. "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; "src/Makefile" ) CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; "samples/Makefile" ) CONFIG_FILES="$CONFIG_FILES samples/Makefile" ;; "src/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS src/config.h" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} { (exit 1); exit 1; }; };; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason to put it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Create a temporary directory, and hook for its removal unless debugging. $debug || { trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 trap '{ (exit 1); exit 1; }' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" } || { tmp=./confstat$$-$RANDOM (umask 077 && mkdir $tmp) } || { echo "$me: cannot create a temporary directory in ." >&2 { (exit 1); exit 1; } } _ACEOF cat >>$CONFIG_STATUS <<_ACEOF # # CONFIG_FILES section. # # No need to generate the scripts if there are no CONFIG_FILES. # This happens for instance when ./config.status config.h if test -n "\$CONFIG_FILES"; then # Protect against being on the right side of a sed subst in config.status. sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g; s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF s,@SHELL@,$SHELL,;t t s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t s,@exec_prefix@,$exec_prefix,;t t s,@prefix@,$prefix,;t t s,@program_transform_name@,$program_transform_name,;t t s,@bindir@,$bindir,;t t s,@sbindir@,$sbindir,;t t s,@libexecdir@,$libexecdir,;t t s,@datadir@,$datadir,;t t s,@sysconfdir@,$sysconfdir,;t t s,@sharedstatedir@,$sharedstatedir,;t t s,@localstatedir@,$localstatedir,;t t s,@libdir@,$libdir,;t t s,@includedir@,$includedir,;t t s,@oldincludedir@,$oldincludedir,;t t s,@infodir@,$infodir,;t t s,@mandir@,$mandir,;t t s,@build_alias@,$build_alias,;t t s,@host_alias@,$host_alias,;t t s,@target_alias@,$target_alias,;t t s,@DEFS@,$DEFS,;t t s,@ECHO_C@,$ECHO_C,;t t s,@ECHO_N@,$ECHO_N,;t t s,@ECHO_T@,$ECHO_T,;t t s,@LIBS@,$LIBS,;t t s,@build@,$build,;t t s,@build_cpu@,$build_cpu,;t t s,@build_vendor@,$build_vendor,;t t s,@build_os@,$build_os,;t t s,@host@,$host,;t t s,@host_cpu@,$host_cpu,;t t s,@host_vendor@,$host_vendor,;t t s,@host_os@,$host_os,;t t s,@target@,$target,;t t s,@target_cpu@,$target_cpu,;t t s,@target_vendor@,$target_vendor,;t t s,@target_os@,$target_os,;t t s,@CC@,$CC,;t t s,@CFLAGS@,$CFLAGS,;t t s,@LDFLAGS@,$LDFLAGS,;t t s,@CPPFLAGS@,$CPPFLAGS,;t t s,@ac_ct_CC@,$ac_ct_CC,;t t s,@EXEEXT@,$EXEEXT,;t t s,@OBJEXT@,$OBJEXT,;t t s,@RANLIB@,$RANLIB,;t t s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t s,@INSTALL_DATA@,$INSTALL_DATA,;t t s,@CPP@,$CPP,;t t s,@EGREP@,$EGREP,;t t s,@PCAP_CFLAGS@,$PCAP_CFLAGS,;t t s,@PCAPLIB@,$PCAPLIB,;t t s,@PKG_CONFIG@,$PKG_CONFIG,;t t s,@ac_pt_PKG_CONFIG@,$ac_pt_PKG_CONFIG,;t t s,@GLIB_CFLAGS@,$GLIB_CFLAGS,;t t s,@GLIB_LIBS@,$GLIB_LIBS,;t t s,@GTHREAD_CFLAGS@,$GTHREAD_CFLAGS,;t t s,@GTHREAD_LIBS@,$GTHREAD_LIBS,;t t s,@LNET_CFLAGS@,$LNET_CFLAGS,;t t s,@LNETLIB@,$LNETLIB,;t t s,@BUILD_SHARED@,$BUILD_SHARED,;t t s,@ICMPHEADER@,$ICMPHEADER,;t t s,@TCPSTATES@,$TCPSTATES,;t t s,@HAVE_BSD_UDPHDR@,$HAVE_BSD_UDPHDR,;t t s,@LIBNET_VER@,$LIBNET_VER,;t t s,@LIBOBJS@,$LIBOBJS,;t t s,@LTLIBOBJS@,$LTLIBOBJS,;t t CEOF _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # Split the substitutions into bite-sized pieces for seds with # small command number limits, like on Digital OSF/1 and HP-UX. ac_max_sed_lines=48 ac_sed_frag=1 # Number of current file. ac_beg=1 # First line for current file. ac_end=$ac_max_sed_lines # Line after last line for current file. ac_more_lines=: ac_sed_cmds= while $ac_more_lines; do if test $ac_beg -gt 1; then sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag else sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag fi if test ! -s $tmp/subs.frag; then ac_more_lines=false else # The purpose of the label and of the branching condition is to # speed up the sed processing (if there are no `@' at all, there # is no need to browse any of the substitutions). # These are the two extra sed commands mentioned above. (echo ':t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed if test -z "$ac_sed_cmds"; then ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" else ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" fi ac_sed_frag=`expr $ac_sed_frag + 1` ac_beg=$ac_end ac_end=`expr $ac_end + $ac_max_sed_lines` fi done if test -z "$ac_sed_cmds"; then ac_sed_cmds=cat fi fi # test -n "$CONFIG_FILES" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin cat >$tmp/stdin ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` { if $as_mkdir_p; then mkdir -p "$ac_dir" else as_dir="$ac_dir" as_dirs= while test ! -d "$as_dir"; do as_dirs="$as_dir $as_dirs" as_dir=`(dirname "$as_dir") 2>/dev/null || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` done test ! -n "$as_dirs" || mkdir $as_dirs fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; }; } ac_builddir=. if test "$ac_dir" != .; then ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi case $srcdir in .) # No --srcdir option. We are building in place. ac_srcdir=. if test -z "$ac_top_builddir"; then ac_top_srcdir=. else ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` fi ;; [\\/]* | ?:[\\/]* ) # Absolute path. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ;; *) # Relative path. ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac # Do not use `cd foo && pwd` to compute absolute paths, because # the directories may not exist. case `pwd` in .) ac_abs_builddir="$ac_dir";; *) case "$ac_dir" in .) ac_abs_builddir=`pwd`;; [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; *) ac_abs_builddir=`pwd`/"$ac_dir";; esac;; esac case $ac_abs_builddir in .) ac_abs_top_builddir=${ac_top_builddir}.;; *) case ${ac_top_builddir}. in .) ac_abs_top_builddir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; esac;; esac case $ac_abs_builddir in .) ac_abs_srcdir=$ac_srcdir;; *) case $ac_srcdir in .) ac_abs_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; esac;; esac case $ac_abs_builddir in .) ac_abs_top_srcdir=$ac_top_srcdir;; *) case $ac_top_srcdir in .) ac_abs_top_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; esac;; esac case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_builddir$INSTALL ;; esac # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ if test x"$ac_file" = x-; then configure_input= else configure_input="$ac_file. " fi configure_input=$configure_input"Generated from `echo $ac_file_in | sed 's,.*/,,'` by configure." # First look for the input files in the build tree, otherwise in the # src tree. ac_file_inputs=`IFS=: for f in $ac_file_in; do case $f in -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } echo "$f";; *) # Relative if test -f "$f"; then # Build tree echo "$f" elif test -f "$srcdir/$f"; then # Source tree echo "$srcdir/$f" else # /dev/null tree { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; esac done` || { (exit 1); exit 1; } if test x"$ac_file" != x-; then { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} rm -f "$ac_file" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF sed "$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s,@configure_input@,$configure_input,;t t s,@srcdir@,$ac_srcdir,;t t s,@abs_srcdir@,$ac_abs_srcdir,;t t s,@top_srcdir@,$ac_top_srcdir,;t t s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t s,@builddir@,$ac_builddir,;t t s,@abs_builddir@,$ac_abs_builddir,;t t s,@top_builddir@,$ac_top_builddir,;t t s,@abs_top_builddir@,$ac_abs_top_builddir,;t t s,@INSTALL@,$ac_INSTALL,;t t " $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out rm -f $tmp/stdin if test x"$ac_file" != x-; then mv $tmp/out $ac_file else cat $tmp/out rm -f $tmp/out fi done _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # # CONFIG_HEADER section. # # These sed commands are passed to sed as "A NAME B NAME C VALUE D", where # NAME is the cpp macro being defined and VALUE is the value it is being given. # # ac_d sets the value in "#define NAME VALUE" lines. ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' ac_dB='[ ].*$,\1#\2' ac_dC=' ' ac_dD=',;t' # ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE". ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' ac_uB='$,\1#\2define\3' ac_uC=' ' ac_uD=',;t' for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin cat >$tmp/stdin ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} # First look for the input files in the build tree, otherwise in the # src tree. ac_file_inputs=`IFS=: for f in $ac_file_in; do case $f in -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } # Do quote $f, to prevent DOS paths from being IFS'd. echo "$f";; *) # Relative if test -f "$f"; then # Build tree echo "$f" elif test -f "$srcdir/$f"; then # Source tree echo "$srcdir/$f" else # /dev/null tree { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; esac done` || { (exit 1); exit 1; } # Remove the trailing spaces. sed 's/[ ]*$//' $ac_file_inputs >$tmp/in _ACEOF # Transform confdefs.h into two sed scripts, `conftest.defines' and # `conftest.undefs', that substitutes the proper values into # config.h.in to produce config.h. The first handles `#define' # templates, and the second `#undef' templates. # And first: Protect against being on the right side of a sed subst in # config.status. Protect against being in an unquoted here document # in config.status. rm -f conftest.defines conftest.undefs # Using a here document instead of a string reduces the quoting nightmare. # Putting comments in sed scripts is not portable. # # `end' is used to avoid that the second main sed command (meant for # 0-ary CPP macros) applies to n-ary macro definitions. # See the Autoconf documentation for `clear'. cat >confdef2sed.sed <<\_ACEOF s/[\\&,]/\\&/g s,[\\$`],\\&,g t clear : clear s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp t end s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp : end _ACEOF # If some macros were called several times there might be several times # the same #defines, which is useless. Nevertheless, we may not want to # sort them, since we want the *last* AC-DEFINE to be honored. uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs rm -f confdef2sed.sed # This sed command replaces #undef with comments. This is necessary, for # example, in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. cat >>conftest.undefs <<\_ACEOF s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */, _ACEOF # Break up conftest.defines because some shells have a limit on the size # of here documents, and old seds have small limits too (100 cmds). echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS echo ' :' >>$CONFIG_STATUS rm -f conftest.tail while grep . conftest.defines >/dev/null do # Write a limited-size here document to $tmp/defines.sed. echo ' cat >$tmp/defines.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#define' lines. echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS echo 'CEOF sed -f $tmp/defines.sed $tmp/in >$tmp/out rm -f $tmp/in mv $tmp/out $tmp/in ' >>$CONFIG_STATUS sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail rm -f conftest.defines mv conftest.tail conftest.defines done rm -f conftest.defines echo ' fi # grep' >>$CONFIG_STATUS echo >>$CONFIG_STATUS # Break up conftest.undefs because some shells have a limit on the size # of here documents, and old seds have small limits too (100 cmds). echo ' # Handle all the #undef templates' >>$CONFIG_STATUS rm -f conftest.tail while grep . conftest.undefs >/dev/null do # Write a limited-size here document to $tmp/undefs.sed. echo ' cat >$tmp/undefs.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#undef' echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS echo 'CEOF sed -f $tmp/undefs.sed $tmp/in >$tmp/out rm -f $tmp/in mv $tmp/out $tmp/in ' >>$CONFIG_STATUS sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail rm -f conftest.undefs mv conftest.tail conftest.undefs done rm -f conftest.undefs cat >>$CONFIG_STATUS <<\_ACEOF # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ if test x"$ac_file" = x-; then echo "/* Generated by configure. */" >$tmp/config.h else echo "/* $ac_file. Generated by configure. */" >$tmp/config.h fi cat $tmp/in >>$tmp/config.h rm -f $tmp/in if test x"$ac_file" != x-; then if diff $ac_file $tmp/config.h >/dev/null 2>&1; then { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 echo "$as_me: $ac_file is unchanged" >&6;} else ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` { if $as_mkdir_p; then mkdir -p "$ac_dir" else as_dir="$ac_dir" as_dirs= while test ! -d "$as_dir"; do as_dirs="$as_dir $as_dirs" as_dir=`(dirname "$as_dir") 2>/dev/null || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` done test ! -n "$as_dirs" || mkdir $as_dirs fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; }; } rm -f $ac_file mv $tmp/config.h $ac_file fi else cat $tmp/config.h rm -f $tmp/config.h fi done _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF { (exit 0); exit 0; } _ACEOF chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || { (exit 1); exit 1; } fi libnids-1.26/configure.in000066400000000000000000000143441415573252600154170ustar00rootroot00000000000000dnl dnl configure.in for libnids. dnl dnl Dug Song dnl ... mantained by Nergal AC_INIT(src/libnids.c) AC_CANONICAL_SYSTEM AC_CONFIG_HEADER(src/config.h) dnl Initialize prefix. if test "$prefix" = "NONE" ; then prefix="/usr/local" fi dnl Initialize exec_prefix. if test "$exec_prefix" = "NONE" ; then exec_prefix=$prefix fi dnl Checks for programs. AC_PROG_CC AC_PROG_RANLIB AC_PROG_INSTALL dnl Checks for header files. AC_HEADER_STDC AC_CHECK_HEADERS(sys/time.h syslog.h unistd.h) dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_C_INLINE AC_HEADER_TIME AC_C_BIGENDIAN dnl XXX - Linux sux. CFLAGS="$CFLAGS -D_BSD_SOURCE" dnl Checks for library functions. AC_CHECK_FUNCS(gettimeofday) dnl XXX - Solaris sux. AC_CHECK_LIB(socket, socket) AC_CHECK_LIB(nsl, gethostbyname) case "$target_cpu" in alpha*|arm*|hp*|mips*|sparc*) ac_cv_lbl_unaligned_fail=yes ;; *) ac_cv_lbl_unaligned_fail=no ;; esac if test $ac_cv_lbl_unaligned_fail = yes ; then AC_DEFINE(LBL_ALIGN,1,[if unaligned access fails]) fi dnl Checks for libpcap AC_MSG_CHECKING(for libpcap) AC_ARG_WITH(libpcap, [ --with-libpcap=DIR use libpcap build directory], [ case "$withval" in yes|no) AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/pcap.h -a -f $withval/libpcap.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi PCAP_CFLAGS="-I$withval -I$withval/bpf" PCAPLIB="-L$withval -lpcap" else AC_ERROR(pcap.h or libpcap.a not found in $withval) fi ;; esac ], [ if test -f ${prefix}/include/pcap.h; then PCAP_CFLAGS="-I${prefix}/include" PCAPLIB="-L${exec_prefix}/lib -lpcap" elif test -f /usr/include/pcap/pcap.h; then PCAP_CFLAGS="-I/usr/include/pcap" PCAPLIB="-lpcap" else TMP=$LIBS LIBS="-lpcap $LIBS" AC_TRY_LINK([#include ], pcap_open_offline("",""), LIBPCAP_FOUND=1,LIBPCAP_FOUND=0) LIBS=$TMP if test $LIBPCAP_FOUND = 1 ; then PCAPLIB="-lpcap" else AC_ERROR(libpcap not found) fi fi AC_MSG_RESULT(yes) ] ) AC_SUBST(PCAP_CFLAGS) AC_SUBST(PCAPLIB) dnl Checks for libglib2.8 AC_ARG_ENABLE(libglib, [ --disable-libglib use glib2 for multiprocessing support], [ AC_MSG_RESULT(skipping glib2 support) ], [ PKG_PROG_PKG_CONFIG PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.2.0,[ PKG_CHECK_MODULES(GTHREAD, gthread-2.0 >= 2.2.0,,) AC_CHECK_LIB(gthread-2.0,g_thread_init,,,$GTHREAD_LIBS) ],) ] ) dnl Checks for libnet AC_MSG_CHECKING(for libnet) AC_ARG_ENABLE(libnet, [ --disable-libnet whether to include code requiring libnet], [ case "$enableval" in yes) AC_MSG_RESULT(yes) ;; no) AC_MSG_RESULT(no) LIBNET_VER=-1 ;; *) AC_ERROR(no arguments expected for --disable-libnet) ;; esac ] ) AC_ARG_WITH(libnet, [ --with-libnet=DIR use libnet build directory], [ case "$withval" in yes) ;; no) LIBNET_VER=-1 AC_MSG_RESULT(no) ;; *) AC_MSG_RESULT($withval) if test -f $withval/include/libnet.h -a -f $withval/lib/libnet.a -a -f $withval/libnet-config ; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi LNET_CFLAGS="-I$withval/include `$withval/libnet-config --defines`" LNETLIB="-L$withval/lib -lnet" elif test -f $withval/include/libnet.h -a -f $withval/src/libnet.a; then owd=`pwd` if cd $withval; then withval=`pwd`; cd $owd; fi LNET_CFLAGS="-I$withval/include" LNETLIB="-L$withval/src -lnet" else echo "A working combination of libnet.h, libnet.a and libnet-config not found in $withval; get libnet from www.packetfactory.net/projects/libnet and reinstall" AC_ERROR(libnet) fi ;; esac ], [ if test "x"$LIBNET_VER = "x"-1 ; then AC_MSG_RESULT(skipping libnet) else if test -f ${prefix}/include/libnet.h -a ${exec_prefix}/lib/libnet.a ; then LNET_CFLAGS="-I${prefix}/include `${exec_prefix}/bin/libnet-config --defines 2>/dev/null`" LNETLIB="-L${exec_prefix}/lib -lnet" else LNET_CFLAGS="`libnet-config --defines 2>/dev/null`" LNETLIB="-lnet" fi fi ] ) if test "x"$LIBNET_VER != "x"-1 ; then TMPC="$CFLAGS" TMPL="$LIBS" CFLAGS="$CFLAGS $LNET_CFLAGS" LIBS="$LNETLIB $LIBS" AC_TRY_LINK([#include ], libnet_get_prand(0), LIBNET_FOUND=1,LIBNET_FOUND=0) CFLAGS="$TMPC" LIBS="$TMPL" if test $LIBNET_FOUND = 1 ; then LNETLIB="-lnet" AC_MSG_RESULT(yes) else echo "Working libnet not found; get it from www.packetfactory.net/projects/libnet and reinstall" AC_ERROR(libnet) fi fi AC_SUBST(LNET_CFLAGS) AC_SUBST(LNETLIB) BUILD_SHARED= AC_MSG_CHECKING(whether to build shared library) AC_ARG_ENABLE(shared, [ --enable-shared enable building shared libraries], [ case "$enableval" in yes) AC_MSG_RESULT(yes) BUILD_SHARED=shared ;; no) AC_MSG_RESULT(no) ;; *) AC_ERROR(no arguments expected for --enable-shared) ;; esac ], [AC_MSG_RESULT(no)] ) AC_SUBST(BUILD_SHARED) AC_MSG_CHECKING(the name of struct icmp) AC_TRY_COMPILE([#include #include #include #include ], struct icmphdr h;int c=h.type, ICMPHEADER=1,ICMPHEADER=0) AC_SUBST(ICMPHEADER) if test $ICMPHEADER = 1 ; then AC_MSG_RESULT(struct icmphdr) ; else AC_MSG_RESULT(struct icmp) fi AC_MSG_CHECKING(if tcp states are defined) AC_TRY_COMPILE([#include #include #include ], int c=TCP_ESTABLISHED,TCPSTATES=1,TCPSTATES=0) AC_SUBST(TCPSTATES) if test $TCPSTATES = 1 ; then AC_MSG_RESULT(yes) ; else AC_MSG_RESULT(no) fi AC_MSG_CHECKING(for bsd-ish struct udphdr) AC_TRY_COMPILE([#include #include #include ], struct udphdr h;int c=h.uh_ulen,HAVE_BSD_UDPHDR=1,HAVE_BSD_UDPHDR=0) AC_SUBST(HAVE_BSD_UDPHDR) if test $HAVE_BSD_UDPHDR = 1 ; then AC_MSG_RESULT(yes) ; else AC_MSG_RESULT(no) fi if test "x"$LIBNET_VER != "x"-1 ; then TMP=$CFLAGS CFLAGS="$CFLAGS $LNET_CFLAGS" AC_MSG_CHECKING(libnet version) AC_TRY_COMPILE([#include ], int c=LIBNET_PTAG_INITIALIZER, LIBNET_VER=1,LIBNET_VER=0) CFLAGS=$TMP if test $LIBNET_VER = 1 ; then AC_MSG_RESULT(looks new) ; else AC_MSG_RESULT(looks old) fi fi AC_SUBST(LIBNET_VER) AC_OUTPUT(Makefile src/Makefile samples/Makefile) libnids-1.26/doc/000077500000000000000000000000001415573252600136455ustar00rootroot00000000000000libnids-1.26/doc/API.html000066400000000000000000001035601415573252600151510ustar00rootroot00000000000000 Libnids-1.26 API

====================
libnids-1.26
====================

  1. Introduction
  2. IP defragmentation
  3. TCP stream assembly
  4. A sample application
  5. Basic libnids structures and functions
  6. Misc useful hacks
  7. New features in version 1.21
  8. FAQ

1. Introduction

Declarations of data structures and functions defined by libnids are gathered in include file "nids.h". An application which uses libnids must include this file and must be linked with libnids.a (or libnids.so.x.x).

An application's function main usually looks this way:

main()
{
	application private processing, not related to libnids
	optional modification of libnids parameters
	if (!nids_init() ) something's wrong, terminate;
	registration of callback functions
	nids_run();
	// not reached in normal situation
}

Another method is mentioned later.

2. IP defragmentation

In order to receive all IP packets seen by libnids (including fragmented ones, packets with invalid checksum et cetera) a programmer should define a callback function of the following type

void ip_frag_func(struct ip * a_packet, int len)

After calling nids_init, this function should be registered with libnids:

nids_register_ip_frag(ip_frag_func);

Function ip_frag_func will be called from libnids; parameter a_packet will point to a received datagram, len is the packet length.

Analogically, in order to receive only packets, which will be accepted by a target host (that is, packets not fragmented or packets assembled from fragments; a header correctness is verified) one should define a callback function

void ip_func(struct ip * a_packet, int len)

and register it with

nids_register_ip(ip_func);

3. TCP stream assembly

In order to receive data exchanged in a TCP stream, one must declare a callback function

void tcp_callback(struct tcp_stream * ns, void ** param)

Structure tcp_stream provides all info on a TCP connection. For instance, it contains two fields of type struct half_stream (named client and server), each of them describing one side of a connection. We'll explain all its fields later.

One of tcp_stream field is named nids_state. Behaviour of tcp_callback depends on value of this field.

  •  ns->nids_state==NIDS_JUST_EST
    In this case, ns describes a connection which has just been established. Tcp_callback must decide if it wishes to be notified in future of arrival of data in this connection. All the connection parameters are available (IP addresses, ports numbers etc). If the connection is interesting, tcp_callback informs libnids which data it wishes to receive (data to client, to server, urgent data to client, urgent data to server). Then the function returns. 
  •  ns->nids_state==NIDS_DATA
    In this case, new data has arrived. Structures half_stream (members of tcp_stream) contain buffers with data.
  • The following values of nids_state field :
    • NIDS_CLOSE
    • NIDS_RESET
    • NIDS_TIMED_OUT
    mean that the connection has been closed. Tcp_callback should free allocated resources, if any. 
  • ns->nids_state==NIDS_EXITING
    In this case, libnids is exiting. This is the applications last opportunity to make use of any data left stored in the half_stream buffers. When reading traffic from a capture file rather than the network, libnids may never see a close, reset, or timeout. If the application has unprocessed data (e.g., from using nids_discard(), this allows the application to process it.

4. A sample application

Now let's have a look at a simple application, which displays on stderr data exchanged in all TCP connections seen by libnids.

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <arpa/inet.h>
#include <string.h>
#include <stdio.h>
#include "nids.h"

#define int_ntoa(x)	inet_ntoa(*((struct in_addr *)&x))

// struct tuple4 contains addresses and port numbers of the TCP connections
// the following auxiliary function produces a string looking like
// 10.0.0.1,1024,10.0.0.2,23
char *
adres (struct tuple4 addr)
{
  static char buf[256];
  strcpy (buf, int_ntoa (addr.saddr));
  sprintf (buf + strlen (buf), ",%i,", addr.source);
  strcat (buf, int_ntoa (addr.daddr));
  sprintf (buf + strlen (buf), ",%i", addr.dest);
  return buf;
}

void
tcp_callback (struct tcp_stream *a_tcp, void ** this_time_not_needed)
{
  char buf[1024];
  strcpy (buf, adres (a_tcp->addr)); // we put conn params into buf
  if (a_tcp->nids_state == NIDS_JUST_EST)
    {
    // connection described by a_tcp is established
    // here we decide, if we wish to follow this stream
    // sample condition: if (a_tcp->addr.dest!=23) return;
    // in this simple app we follow each stream, so..
      a_tcp->client.collect++; // we want data received by a client
      a_tcp->server.collect++; // and by a server, too
      a_tcp->server.collect_urg++; // we want urgent data received by a
                                   // server
#ifdef WE_WANT_URGENT_DATA_RECEIVED_BY_A_CLIENT
      a_tcp->client.collect_urg++; // if we don't increase this value,
                                   // we won't be notified of urgent data
                                   // arrival
#endif
      fprintf (stderr, "%s established\n", buf);
      return;
    }
  if (a_tcp->nids_state == NIDS_CLOSE)
    {
      // connection has been closed normally
      fprintf (stderr, "%s closing\n", buf);
      return;
    }
  if (a_tcp->nids_state == NIDS_RESET)
    {
      // connection has been closed by RST
      fprintf (stderr, "%s reset\n", buf);
      return;
    }

  if (a_tcp->nids_state == NIDS_DATA)
    {
      // new data has arrived; gotta determine in what direction
      // and if it's urgent or not

      struct half_stream *hlf;

      if (a_tcp->server.count_new_urg)
      {
        // new byte of urgent data has arrived 
        strcat(buf,"(urgent->)");
        buf[strlen(buf)+1]=0;
        buf[strlen(buf)]=a_tcp->server.urgdata;
        write(1,buf,strlen(buf));
        return;
      }
      // We don't have to check if urgent data to client has arrived,
      // because we haven't increased a_tcp->client.collect_urg variable.
      // So, we have some normal data to take care of.
      if (a_tcp->client.count_new)
	{
          // new data for the client
	  hlf = &a_tcp->client; // from now on, we will deal with hlf var,
                                // which will point to client side of conn
	  strcat (buf, "(<-)"); // symbolic direction of data
	}
      else
	{
	  hlf = &a_tcp->server; // analogical
	  strcat (buf, "(->)");
	}
    fprintf(stderr,"%s",buf); // we print the connection parameters
                              // (saddr, daddr, sport, dport) accompanied
                              // by data flow direction (-> or <-)

   write(2,hlf->data,hlf->count_new); // we print the newly arrived data
      
    }
  return ;
}

int 
main ()
{
  // here we can alter libnids params, for instance:
  // nids_params.n_hosts=256;
  if (!nids_init ())
  {
  	fprintf(stderr,"%s\n",nids_errbuf);
  	exit(1);
  }
  nids_register_tcp (tcp_callback);
  nids_run ();
  return 0;
}

5. Basic libnids structures and functions

Now it's time for more systematic description of libnids structures. As mentioned, they're all declared in nids.h

   struct tuple4 // TCP connection parameters
   {
   unsigned short source,dest; // client and server port numbers
   unsigned long saddr,daddr;  // client and server IP addresses
   };


   struct half_stream // structure describing one side of a TCP connection
   {
   char state;            // socket state (ie TCP_ESTABLISHED )
   char collect;          // if >0, then data should be stored in 
                          // "data" buffer; else
                          // data flowing in this direction will be ignored
                          // have a look at samples/sniff.c for an example
                          // how one can use this field
   char collect_urg;      // analogically, determines if to collect urgent 
                          // data
   char * data;           // buffer for normal data
   unsigned char urgdata; // one-byte buffer for urgent data
   int count;             // how many bytes has been appended to buffer "data"
                          // since the creation of a connection 
   int offset;            // offset (in data stream) of first byte stored in 
                          // the "data" buffer; additional explanations
                          // follow
   int count_new;         // how many bytes were appended to "data" buffer 
                          // last (this) time; if == 0, no new data arrived 
   char count_new_urg;    // if != 0, new urgent data arrived

   ... // other fields are auxiliary for libnids

   };


   struct tcp_stream
   {
   struct tuple4 addr;   // connections params (saddr, daddr, sport, dport)
   char nids_state;                  // logical state of the connection
   struct half_stream client,server; // structures describing client and
                                     // server side of the connection 
   ...                               // other fields are auxiliary for libnids
   };

In the above sample program function tcp_callback printed data from hlf->data buffer on stderr, and this data was no longer needed. After tcp_callback return, libnids by default frees space occupied by this data. Field hlf->offset will be increased by number of discarded bytes, and new data will be stored at the beginning of "data" buffer. If the above is not the desired behaviour (for instance, data processor needs at least N bytes of input to operate, and so far libnids received count_new<N bytes) one should call function

void nids_discard(struct tcp_stream * a_tcp, int num_bytes)

before tcp_callback returns. As a result, after tcp_callback return libnids will discard at most num_bytes first bytes from buffer "data" (updating "offset" field accordingly, and moving rest of the data to the beginning of the buffer). If nids_discard function is never called (like in above sample program), buffer hlf->data contains exactly hlf->count_new bytes. Generally, number of bytes in buffer hlf->data equals hlf->count-hlf->offset.

Thanks to nids_discard function, a programmer doesn't have to copy received bytes into a separate buffer - hlf->data will always contain as many bytes, as possible. However, often arises a need to maintain auxiliary data structures per each pair (libnids_callback, tcp stream). For instance, if we wish to detect an attack against wu-ftpd (this attack involves creating deep directory on the server), we need to store somewhere current directory of a ftpd daemon. It will be changed by "CWD" instructions sent by ftp client. That's what the second parameter of tcp_callback is for. It is a pointer to a pointer to data private for each (libnids_callback, tcp stream) pair. Typically, one should use it as follows:

   void
   tcp_callback_2 (struct tcp_stream * a_tcp, struct conn_param **ptr)
   {
   if (a_tcp->nids_state==NIDS_JUST_EST)
   {
        struct conn_param * a_conn;
   	if the connection is uninteresting, return;
        a_conn=malloc of some data structure
        init of a_conn
        *ptr=a_conn // this value will be passed to tcp_callback_2 in future
                    // calls
        increase some of "collect" fields
        return;
   }
   if (a_tcp->nids_state==NIDS_DATA)
   {
	struct conn_param *current_conn_param=*ptr;
        using current_conn_param and the newly received data from the net
        we search for attack signatures, possibly modyfying
        current_conn_param  
        return ;

   }

Functions nids_register_tcp and nids_register_ip* can be called arbitrary number of times. Two different functions (similar to tcp_callback) are allowed to follow the same TCP stream (with a certain non-default exception).

Libnids parameters can be changed by modification of fields of the global variable nids_params, declared as follows: 

   struct nids_prm
   {
   int n_tcp_streams; // size of the hash table used for storing structures 
                      // tcp_stream; libnis will follow no more than 
                      // 3/4 * n_tcp_streams connections simultaneously
                      // default value: 1040. If set to 0, libnids will
                      // not assemble TCP streams.
   int n_hosts;       // size of the hash table used for storing info on
                      // IP defragmentation; default value: 256
   char * filename;   // capture filename from which to read packets; 
                      // file must be in libpcap format and device must
                      // be set to NULL; default value: NULL
   char * device;     // interface on which libnids will listen for packets;
                      // default value == NULL, in which case device will
                      // be determined by call to pcap_lookupdev; special
                      // value of "all" results in libnids trying to
                      // capture packets on all interfaces (this works only
                      // with Linux kernel > 2.2.0 and libpcap >= 0.6.0); 
                      // see also doc/LINUX 
   int sk_buff_size;  // size of struct sk_buff, a structure defined by
                      // Linux kernel, used by kernel for packets queuing. If 
                      // this parameter has different value from 
                      // sizeof(struct sk_buff), libnids can be bypassed
                      // by attacking resource managing of libnis (see TEST
                      // file). If you are paranoid, check sizeof(sk_buff)
                      // on the hosts on your network, and correct this 
                      // parameter. Default value: 168
   int dev_addon;     // how many bytes in structure sk_buff is reserved for
                      // information on net interface; if dev_addon==-1, it
                      // will be corrected during nids_init() according to
                      // type of the interface libnids will listen on.
                      // Default value: -1.
   void (*syslog)();  // see description below the nids_params definition
   int syslog_level;  // if nids_params.syslog==nids_syslog, then this field
                      // determines loglevel used by reporting events by
                      // system daemon syslogd; default value: LOG_ALERT
   int scan_num_hosts;// size of hash table used for storing info on port
                      // scanning; the number of simultaneuos port
		      // scan attempts libnids will detect. if set to 
		      // 0, port scanning detection will be turned
		      // off. Default value: 256.
   int scan_num_ports;// how many TCP ports has to be scanned from the same
                      // source. Default value: 10.
   int scan_delay;    // with no more than scan_delay milisecond pause
                      // between two ports, in order to make libnids report
                      // portscan attempt. Default value: 3000
   void (*no_mem)();  // called when libnids runs out of memory; it should
                      // terminate the current process
   int (*ip_filter)(struct ip*);  // this function is consulted when an IP
                      // packet arrives; if ip_filter returns non-zero, the
                      // packet is processed, else it is discarded. This way
                      // one can monitor traffic directed at selected hosts
                      // only, not entire subnet. Default function 
                      // (nids_ip_filter) always returns 1
   char *pcap_filter; // filter string to hand to pcap(3). Default is
		      // NULL. be aware that this applies to the
		      // link-layer, so filters like "tcp dst port 23"
		      // will NOT correctly handle fragmented traffic; one
                      // should add "or (ip[6:2] & 0x1fff != 0)" to process
                      // all fragmented packets
   int promisc;       // if non-zero, the device(s) libnids reads packets
                      // from will be put in promiscuous mode. Default: 1
   int one_loop_less; // disabled by default; see the explanation
   int pcap_timeout;  // the "timeout" parameter to pcap_open_live
                      // 1024 (ms) by default ; change to a lower value
                      // if you want a quick reaction to traffic; this
                      // is present starting with libnids-1.20
   int multiproc;     // start ip defragmentation and tcp stream assembly in a 
                      // different thread parameter to a nonzero value and 
                      // compiling libnids in an environment where  glib-2.0 is 
                      // available enables libnids to use two different threads 
                      // - one for receiving IP fragments from libpcap, 
                      // and one, with lower priority, to process fragments, 
                      // streams and to notify callbacks. Preferrably using 
                      // nids_run() this behavior is invisible to the user.
                      // Using this functionality with nids_next() is quite
                      // useless since the thread must be started and stopped
                      // for every packet received.
                      // Also, if it is enabled, global variables (nids_last_pcap_header
                      // and nids_last_pcap_data) may not point to the
		      // packet currently processed by a callback
   int queue_limit;   // limit on the number of packets to be queued;
                      // used only when multiproc=true; 20000 by default
   int tcp_workarounds; // enable (hopefully harmless) workarounds for some
                      // non-rfc-compliant TCP/IP stacks
   pcap_t *pcap_desc; // pcap descriptor 
   } nids_params;

The field syslog of nids_params variable by default contains the address of function nids_syslog, declared as:

void nids_syslog (int type, int errnum, struct ip *iph, void *data);

Function nids_params.syslog is used to report unusual condition, such as port scan attempts, invalid TCP header flags and other. This field should be assigned the address of a custom event logging function. Function nids_syslog (defined in libnids.c) can be an example on how to decode parameters passed to nids_params.syslog. Nids_syslog logs messages to system daemon syslogd, disregarding such things like message rate per second or free disk space (that is why it should be replaced).

If one is interested in UDP datagrams, one should declare

void udp_callback(struct tuple4 * addr, char * buf, int len, struct ip * iph);

and register it with

nids_register_udp(udp_callback)

Parameter addr contains address info, buf points to data carried by UDP packet, len is the data length, and iph points to the IP packet which contained the UDP packet. The checksum is verified.

6. Misc useful hacks

As a nice toy :) function

void nids_killtcp(struct tcp_stream * a_tcp)

is implemented. It terminates TCP connection described by a_tcp by sending RST segments.
Originally the RST segments sent by libnids were given a sequence number in the half of the TCP window of the destination. MS Windows systems with MS05-019 patch applied do not seem to tear down a connection upon receiving such RSTs, so now libnids sends two RSTs in each direction - additional one has the lowest (expected) seq. Unfortunately, it is somewhat unreliable: if due to traffic burst, your application is a few miliseconds delayed behind the current traffic, its view of what the current/expected seq is may be incorrect.
Naturaly, sending a RST as a defensive measure is unreliable by design, unless deployed on an "inline NIDS", or NIPS, as a few call it; therefore the "toy" label.

Using nids_run() has one disadvantage - the application becomes totally packets driven. Sometimes it is necessary to perform some task even when no packets arrive. Instead of nids_run(), one can use function

int nids_next()

It calls pcap_next() instead of pcap_loop, that is it processes only one packet. If no packet is available, the process will sleep. Nids_next() returns 1 on success, 0 on error (nids_errbuf contains appropriate message then).

Typically, when using nids_next(), an aplication will sleep in a select() function, with a snooping socket fd present in read fd_set. This fd can be obtained via a call to

int nids_getfd()

It returns a file descriptor when succeeded and -1 on error ( nids_errbuf is filled then).
Similarly, function

int nids_dispatch(int cnt)

is a wrapper around pcap_dispatch. It maybe advantageous to use it instead of nids_next() when we want to distinguish between return values (ie end-of-file vs error).
There are a few reasons why you may want to skip checksum processing on certain packets:
  1. Nowadays, some NIC drivers are capable of computing checksums of outgoing packets. In such case, outgoing packets passed to libpcap can have uncomputed checksums. So, you may want to not check checksums on outgoing packets.
  2. In order to improve performance, you may wish to not compute checksums for hosts one trusts (or protects), e.g. one's server farm.
In order to let libnids know which packets should not be checksummed, you should allocate an array of struct nids_chksum_ctl (defined in nids.h):
   struct nids_chksum_ctl
{       u_int netaddr;
        u_int mask;
        u_int action;
	/* reserved fields */
};
and register it with

nids_register_chksum_ctl(struct nids_chksum_ctl *, int);

where the second parameter indicates the number of elements in the array.
Checksumming functions will first check elements of this array one by one, and if the source ip SRCIP of the current packet satisfies condition

(SRCIP&chksum_ctl_array[i].mask)==chksum_ctl_array[i].netaddr

then if the "action" field is NIDS_DO_CHKSUM, the packet will be checksummed; if the "action" field is NIDS_DONT_CHKSUM, the packet will not be checksummed. If the packet matches none of the array elements, the default action is to perform checksumming.
The example of usage is available in the samples/chksum_ctl.c file.
The include file nids.h defines the constants NIDS_MAJOR (1) and NIDS_MINOR (21), which can be used to determine in runtime the version of libnids. Nids.h used to define HAVE_NEW_PCAP as well, but since 1.19 it is nonsupported as obsolete.
Typically, data carried by a tcp stream can be divided into protocol-dependent records (say, lines of input). A tcp callback can receive an amount of data, which contains more then one record. Therefore, a tcp callback should iterate its protocol parsing routine over the whole amount of data received. This adds complexity to the code.
If nids_params.one_loop_less is non-zero, libnids behaviour changes slightly. If a callback consumes some (but not all) of newly arrived data, libnids calls it immediately again. Only non-processed data remain in the buffer, and rcv->count_new is decreased appropriately. Thus, a callback can process only one record at the time - libnids will call it again, until no new data remain or no data can be processed. Unfortunately, this behaviour introduces horrible semantics problems in case of 2+ callbacks reading the same half of a tcp stream. Therefore, if nids_params.one_loop_less is non-zero, you are not allowed to attach two or more callbacks to the same half of tcp stream. Unfortunately, the existing interface is unable to propagate the error to the callback - therefore, you must watch it yourself. You have been warned.
The pcap header of the last seen packet is exported as
extern struct pcap_pkthdr *nids_last_pcap_header;

It is wise to use it to get timestamp, to get a better accuracy and save a syscall.
Other applications using libnids can be found in "samples" directory.

7. New features in version 1.21

Version 1.21 brings several bugfixes, optimizations and a few new features, but mostly extra external variables and functions to access libnids' intrinsics from the outside.

nids_last_pcap_data is a new external variable to get the data of the last PCAP frame, like it was already possible to use nids_last_pcap_header in order to get the header of the last PCAP frame.

nids_linkoffset is a new external variable to get the computed offset between the link layer and the network layer for the current PCAP device. It is useful to reconstruct PCAP frames from IP defragmented packets which you get in your ip_func (see chapter on IP defragmentation) by copying the same amount of bytes from the beginning of nids_last_pcap_data representing the link layer, like this: 

void				ip_callback(struct ip *pkt, int len)
{
  u_char                        *frame;
  struct pcap_pkthdr            ph;

  frame = malloc(len + nids_linkoffset);
  memcpy(frame, nids_last_pcap_data, nids_linkoffset);
  memcpy(frame + nids_linkoffset, pkt, len);
  ph.ts = nids_last_pcap_header->ts;
  ph.caplen = ph.len = len + nids_linkoffset;
  pcap_dump(nids_params.pcap_desc, &ph, frame);
  free(frame);
}

In versions prior to 1.21 it was only possible to give libnids a device or file name and have it take total control over libpcap operations when using nids_run() or nids_next(). Now, with nids_params.pcap_desc it is possible to have your pcap_handler outside libnids and choose which frames you want to be processed by libnids (e.g. only TCP packets to keep track of TCP connections whilst this is not your only objective); all you have to do is copy your pointer to the pcap_t structure (returned by pcap_open_live(), pcap_open_dead() or pcap_open_offline()) to nids_params.pcap_desc and call nids_pcap_handler(), normally with the same parameters as your own pcap_handler (the one you registered with pcap_dispatch() or pcap_loop()) was called with. NOTE: since libnids cannot know when you are finished if you interactively pass packets to it with nids_pcap_handler(), you must tell it when to free the allocated resources by calling nids_exit().

nids_params.tcp_workarounds is a new libnids runtime option which can be used to enable extra checks for faulty implementations of TCP such as the ones which allow connections to be closed despite the fact that there should be retransmissions for lost packets first, thus violating section 3.5 of RFC 793. In those cases, and if this option is non-zero, libnids will set the NIDS_TIMED_OUT state for TCP connections that were savagely closed.

nids_find_tcp_stream() is a new external function that can be used to find the corresponding tcp_stream structure for a given pointer to a tuple4 structure.

nids_free_tcp_stream() is a new external function that can be used for example to force libnids into not following a TCP stream anymore. BEWARE! Calling nids_free_tcp_stream() from inside one of your registered tcp_callbacks on a TCP stream that is already in a closing state (NIDS_CLOSE, NIDS_TIMED_OUT, NIDS_RESET or NIDS_EXITING) will result in a double free (because libnids will call nids_free_tcp_stream() internally when your tcp_callback returns) and your program will crash.

nids_unregister_ip_frag(), nids_unregister_ip(), nids_unregister_udp() and nids_unregister_tcp() are new external functions that can be used to unregister callbacks previous registed with the corresponding nids_register_*(), at any time.

tcp_stream.user is a new field in the structure passed to TCP callbacks. It is similar to their void **param argument, except that it is global to all the TCP callbacks for the same stream, whereas param is specific to each callback.

8. FAQ

  • Q.1 For a connection X, my tcp callback gets only the data sent by the server ?
    A.1 You probably run a libnids app on a host that is the client side of X; and your NIC driver offloads checksums computing to the hardware. So, when libnids sees packets sent by the client, their checksum is not computed, and they are dropped. See the API.html file on the description of the nids_register_chksum_ctl(), and configure libnids app to skip checksum verification of packets sent by the host you run libnids on.
  • Q.2 How to make libnids track already established TCP connections ?
    A.2 Intentionally not implemented; it would be unreliable, due to the fact that some crucial information (like TCP window scale) is present only in SYN packets. If you really need this functionality, you can try the included libnids-track-established.patch, prepared by Alon Bar-Lev; of course, the responsibility is yours.
libnids-1.26/doc/API.txt000066400000000000000000000735071415573252600150330ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== 1. Introduction 2. IP defragmentation 3. TCP stream assembly 4. A sample application 5. Basic libnids structures and functions 6. Misc useful hacks 7. New features in version 1.21 8. FAQ 1. Introduction Declarations of data structures and functions defined by libnids are gathered in include file "nids.h". An application which uses libnids must include this file and must be linked with libnids.a (or libnids.so.x.x). An application's function main usually looks this way: main() { application private processing, not related to libnids optional modification of libnids parameters if (!nids_init() ) something's wrong, terminate; registration of callback functions nids_run(); // not reached in normal situation } Another method is mentioned later. 2. IP defragmentation In order to receive all IP packets seen by libnids (including fragmented ones, packets with invalid checksum et cetera) a programmer should define a callback function of the following type void ip_frag_func(struct ip * a_packet, int len) After calling nids_init, this function should be registered with libnids: nids_register_ip_frag(ip_frag_func); Function ip_frag_func will be called from libnids; parameter a_packet will point to a received datagram, len is the packet length. Analogically, in order to receive only packets, which will be accepted by a target host (that is, packets not fragmented or packets assembled from fragments; a header correctness is verified) one should define a callback function void ip_func(struct ip * a_packet, int len) and register it with nids_register_ip(ip_func); 3. TCP stream assembly In order to receive data exchanged in a TCP stream, one must declare a callback function void tcp_callback(struct tcp_stream * ns, void ** param) Structure tcp_stream provides all info on a TCP connection. For instance, it contains two fields of type struct half_stream (named client and server), each of them describing one side of a connection. We'll explain all its fields later. One of tcp_stream field is named nids_state. Behaviour of tcp_callback depends on value of this field. * ns->nids_state==NIDS_JUST_EST In this case, ns describes a connection which has just been established. Tcp_callback must decide if it wishes to be notified in future of arrival of data in this connection. All the connection parameters are available (IP addresses, ports numbers etc). If the connection is interesting, tcp_callback informs libnids which data it wishes to receive (data to client, to server, urgent data to client, urgent data to server). Then the function returns. * ns->nids_state==NIDS_DATA In this case, new data has arrived. Structures half_stream (members of tcp_stream) contain buffers with data. * The following values of nids_state field : + NIDS_CLOSE + NIDS_RESET + NIDS_TIMED_OUT mean that the connection has been closed. Tcp_callback should free allocated resources, if any. * ns->nids_state==NIDS_EXITING In this case, libnids is exiting. This is the applications last opportunity to make use of any data left stored in the half_stream buffers. When reading traffic from a capture file rather than the network, libnids may never see a close, reset, or timeout. If the application has unprocessed data (e.g., from using nids_discard(), this allows the application to process it. 4. A sample application Now let's have a look at a simple application, which displays on stderr data exchanged in all TCP connections seen by libnids. #include #include #include #include #include #include #include #include "nids.h" #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) // struct tuple4 contains addresses and port numbers of the TCP connections // the following auxiliary function produces a string looking like // 10.0.0.1,1024,10.0.0.2,23 char * adres (struct tuple4 addr) { static char buf[256]; strcpy (buf, int_ntoa (addr.saddr)); sprintf (buf + strlen (buf), ",%i,", addr.source); strcat (buf, int_ntoa (addr.daddr)); sprintf (buf + strlen (buf), ",%i", addr.dest); return buf; } void tcp_callback (struct tcp_stream *a_tcp, void ** this_time_not_needed) { char buf[1024]; strcpy (buf, adres (a_tcp->addr)); // we put conn params into buf if (a_tcp->nids_state == NIDS_JUST_EST) { // connection described by a_tcp is established // here we decide, if we wish to follow this stream // sample condition: if (a_tcp->addr.dest!=23) return; // in this simple app we follow each stream, so.. a_tcp->client.collect++; // we want data received by a client a_tcp->server.collect++; // and by a server, too a_tcp->server.collect_urg++; // we want urgent data received by a // server #ifdef WE_WANT_URGENT_DATA_RECEIVED_BY_A_CLIENT a_tcp->client.collect_urg++; // if we don't increase this value, // we won't be notified of urgent data // arrival #endif fprintf (stderr, "%s established\n", buf); return; } if (a_tcp->nids_state == NIDS_CLOSE) { // connection has been closed normally fprintf (stderr, "%s closing\n", buf); return; } if (a_tcp->nids_state == NIDS_RESET) { // connection has been closed by RST fprintf (stderr, "%s reset\n", buf); return; } if (a_tcp->nids_state == NIDS_DATA) { // new data has arrived; gotta determine in what direction // and if it's urgent or not struct half_stream *hlf; if (a_tcp->server.count_new_urg) { // new byte of urgent data has arrived strcat(buf,"(urgent->)"); buf[strlen(buf)+1]=0; buf[strlen(buf)]=a_tcp->server.urgdata; write(1,buf,strlen(buf)); return; } // We don't have to check if urgent data to client has arrived, // because we haven't increased a_tcp->client.collect_urg variable. // So, we have some normal data to take care of. if (a_tcp->client.count_new) { // new data for the client hlf = &a_tcp->client; // from now on, we will deal with hlf var, // which will point to client side of conn strcat (buf, "(<-)"); // symbolic direction of data } else { hlf = &a_tcp->server; // analogical strcat (buf, "(->)"); } fprintf(stderr,"%s",buf); // we print the connection parameters // (saddr, daddr, sport, dport) accompanied // by data flow direction (-> or <-) write(2,hlf->data,hlf->count_new); // we print the newly arrived data } return ; } int main () { // here we can alter libnids params, for instance: // nids_params.n_hosts=256; if (!nids_init ()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } nids_register_tcp (tcp_callback); nids_run (); return 0; } 5. Basic libnids structures and functions Now it's time for more systematic description of libnids structures. As mentioned, they're all declared in nids.h struct tuple4 // TCP connection parameters { unsigned short source,dest; // client and server port numbers unsigned long saddr,daddr; // client and server IP addresses }; struct half_stream // structure describing one side of a TCP connection { char state; // socket state (ie TCP_ESTABLISHED ) char collect; // if >0, then data should be stored in // "data" buffer; else // data flowing in this direction will be ignored // have a look at samples/sniff.c for an example // how one can use this field char collect_urg; // analogically, determines if to collect urgent // data char * data; // buffer for normal data unsigned char urgdata; // one-byte buffer for urgent data int count; // how many bytes has been appended to buffer "data" // since the creation of a connection int offset; // offset (in data stream) of first byte stored in // the "data" buffer; additional explanations // follow int count_new; // how many bytes were appended to "data" buffer // last (this) time; if == 0, no new data arrived char count_new_urg; // if != 0, new urgent data arrived ... // other fields are auxiliary for libnids }; struct tcp_stream { struct tuple4 addr; // connections params (saddr, daddr, sport, dport) char nids_state; // logical state of the connection struct half_stream client,server; // structures describing client and // server side of the connection ... // other fields are auxiliary for libnids }; In the above sample program function tcp_callback printed data from hlf->data buffer on stderr, and this data was no longer needed. After tcp_callback return, libnids by default frees space occupied by this data. Field hlf->offset will be increased by number of discarded bytes, and new data will be stored at the beginning of "data" buffer. If the above is not the desired behaviour (for instance, data processor needs at least N bytes of input to operate, and so far libnids received count_newdata contains exactly hlf->count_new bytes. Generally, number of bytes in buffer hlf->data equals hlf->count-hlf->offset. Thanks to nids_discard function, a programmer doesn't have to copy received bytes into a separate buffer - hlf->data will always contain as many bytes, as possible. However, often arises a need to maintain auxiliary data structures per each pair (libnids_callback, tcp stream). For instance, if we wish to detect an attack against wu-ftpd (this attack involves creating deep directory on the server), we need to store somewhere current directory of a ftpd daemon. It will be changed by "CWD" instructions sent by ftp client. That's what the second parameter of tcp_callback is for. It is a pointer to a pointer to data private for each (libnids_callback, tcp stream) pair. Typically, one should use it as follows: void tcp_callback_2 (struct tcp_stream * a_tcp, struct conn_param **ptr) { if (a_tcp->nids_state==NIDS_JUST_EST) { struct conn_param * a_conn; if the connection is uninteresting, return; a_conn=malloc of some data structure init of a_conn *ptr=a_conn // this value will be passed to tcp_callback_2 in future // calls increase some of "collect" fields return; } if (a_tcp->nids_state==NIDS_DATA) { struct conn_param *current_conn_param=*ptr; using current_conn_param and the newly received data from the net we search for attack signatures, possibly modyfying current_conn_param return ; } Functions nids_register_tcp and nids_register_ip* can be called arbitrary number of times. Two different functions (similar to tcp_callback) are allowed to follow the same TCP stream (with a certain non-default exception). Libnids parameters can be changed by modification of fields of the global variable nids_params, declared as follows: struct nids_prm { int n_tcp_streams; // size of the hash table used for storing structures // tcp_stream; libnis will follow no more than // 3/4 * n_tcp_streams connections simultaneously // default value: 1040. If set to 0, libnids will // not assemble TCP streams. int n_hosts; // size of the hash table used for storing info on // IP defragmentation; default value: 256 char * filename; // capture filename from which to read packets; // file must be in libpcap format and device must // be set to NULL; default value: NULL char * device; // interface on which libnids will listen for packets; // default value == NULL, in which case device will // be determined by call to pcap_lookupdev; special // value of "all" results in libnids trying to // capture packets on all interfaces (this works only // with Linux kernel > 2.2.0 and libpcap >= 0.6.0); // see also doc/LINUX int sk_buff_size; // size of struct sk_buff, a structure defined by // Linux kernel, used by kernel for packets queuing. If // this parameter has different value from // sizeof(struct sk_buff), libnids can be bypassed // by attacking resource managing of libnis (see TEST // file). If you are paranoid, check sizeof(sk_buff) // on the hosts on your network, and correct this // parameter. Default value: 168 int dev_addon; // how many bytes in structure sk_buff is reserved for // information on net interface; if dev_addon==-1, it // will be corrected during nids_init() according to // type of the interface libnids will listen on. // Default value: -1. void (*syslog)(); // see description below the nids_params definition int syslog_level; // if nids_params.syslog==nids_syslog, then this field // determines loglevel used by reporting events by // system daemon syslogd; default value: LOG_ALERT int scan_num_hosts;// size of hash table used for storing info on port // scanning; the number of simultaneuos port // scan attempts libnids will detect. if set to // 0, port scanning detection will be turned // off. Default value: 256. int scan_num_ports;// how many TCP ports has to be scanned from the same // source. Default value: 10. int scan_delay; // with no more than scan_delay milisecond pause // between two ports, in order to make libnids report // portscan attempt. Default value: 3000 void (*no_mem)(); // called when libnids runs out of memory; it should // terminate the current process int (*ip_filter)(struct ip*); // this function is consulted when an IP // packet arrives; if ip_filter returns non-zero, the // packet is processed, else it is discarded. This way // one can monitor traffic directed at selected hosts // only, not entire subnet. Default function // (nids_ip_filter) always returns 1 char *pcap_filter; // filter string to hand to pcap(3). Default is // NULL. be aware that this applies to the // link-layer, so filters like "tcp dst port 23" // will NOT correctly handle fragmented traffic; one // should add "or (ip[6:2] & 0x1fff != 0)" to process // all fragmented packets int promisc; // if non-zero, the device(s) libnids reads packets // from will be put in promiscuous mode. Default: 1 int one_loop_less; // disabled by default; see the explanation int pcap_timeout; // the "timeout" parameter to pcap_open_live // 1024 (ms) by default ; change to a lower value // if you want a quick reaction to traffic; this // is present starting with libnids-1.20 int multiproc; // start ip defragmentation and tcp stream assembly in a // different thread parameter to a nonzero value and // compiling libnids in an environment where glib-2.0 is // available enables libnids to use two different threads // - one for receiving IP fragments from libpcap, // and one, with lower priority, to process fragments, // streams and to notify callbacks. Preferrably using // nids_run() this behavior is invisible to the user. // Using this functionality with nids_next() is quite // useless since the thread must be started and stopped // for every packet received. // Also, if it is enabled, global variables (nids_last_pca p_header // and nids_last_pcap_data) may not point to the // packet currently processed by a callback int queue_limit; // limit on the number of packets to be queued; // used only when multiproc=true; 20000 by default int tcp_workarounds; // enable (hopefully harmless) workarounds for some // non-rfc-compliant TCP/IP stacks pcap_t *pcap_desc; // pcap descriptor } nids_params; The field syslog of nids_params variable by default contains the address of function nids_syslog, declared as: void nids_syslog (int type, int errnum, struct ip *iph, void *data); Function nids_params.syslog is used to report unusual condition, such as port scan attempts, invalid TCP header flags and other. This field should be assigned the address of a custom event logging function. Function nids_syslog (defined in libnids.c) can be an example on how to decode parameters passed to nids_params.syslog. Nids_syslog logs messages to system daemon syslogd, disregarding such things like message rate per second or free disk space (that is why it should be replaced). If one is interested in UDP datagrams, one should declare void udp_callback(struct tuple4 * addr, char * buf, int len, struct ip * iph); and register it with nids_register_udp(udp_callback) Parameter addr contains address info, buf points to data carried by UDP packet, len is the data length, and iph points to the IP packet which contained the UDP packet. The checksum is verified. 6. Misc useful hacks As a nice toy :) function void nids_killtcp(struct tcp_stream * a_tcp) is implemented. It terminates TCP connection described by a_tcp by sending RST segments. Originally the RST segments sent by libnids were given a sequence number in the half of the TCP window of the destination. MS Windows systems with MS05-019 patch applied do not seem to tear down a connection upon receiving such RSTs, so now libnids sends two RSTs in each direction - additional one has the lowest (expected) seq. Unfortunately, it is somewhat unreliable: if due to traffic burst, your application is a few miliseconds delayed behind the current traffic, its view of what the current/expected seq is may be incorrect. Naturaly, sending a RST as a defensive measure is unreliable by design, unless deployed on an "inline NIDS", or NIPS, as a few call it; therefore the "toy" label. __________________________________________________________________ Using nids_run() has one disadvantage - the application becomes totally packets driven. Sometimes it is necessary to perform some task even when no packets arrive. Instead of nids_run(), one can use function int nids_next() It calls pcap_next() instead of pcap_loop, that is it processes only one packet. If no packet is available, the process will sleep. Nids_next() returns 1 on success, 0 on error (nids_errbuf contains appropriate message then). Typically, when using nids_next(), an aplication will sleep in a select() function, with a snooping socket fd present in read fd_set. This fd can be obtained via a call to int nids_getfd() It returns a file descriptor when succeeded and -1 on error ( nids_errbuf is filled then). Similarly, function int nids_dispatch(int cnt) is a wrapper around pcap_dispatch. It maybe advantageous to use it instead of nids_next() when we want to distinguish between return values (ie end-of-file vs error). __________________________________________________________________ There are a few reasons why you may want to skip checksum processing on certain packets: 1. Nowadays, some NIC drivers are capable of computing checksums of outgoing packets. In such case, outgoing packets passed to libpcap can have uncomputed checksums. So, you may want to not check checksums on outgoing packets. 2. In order to improve performance, you may wish to not compute checksums for hosts one trusts (or protects), e.g. one's server farm. In order to let libnids know which packets should not be checksummed, you should allocate an array of struct nids_chksum_ctl (defined in nids.h): struct nids_chksum_ctl { u_int netaddr; u_int mask; u_int action; /* reserved fields */ }; and register it with nids_register_chksum_ctl(struct nids_chksum_ctl *, int); where the second parameter indicates the number of elements in the array. Checksumming functions will first check elements of this array one by one, and if the source ip SRCIP of the current packet satisfies condition (SRCIP&chksum_ctl_array[i].mask)==chksum_ctl_array[i].netaddr then if the "action" field is NIDS_DO_CHKSUM, the packet will be checksummed; if the "action" field is NIDS_DONT_CHKSUM, the packet will not be checksummed. If the packet matches none of the array elements, the default action is to perform checksumming. The example of usage is available in the samples/chksum_ctl.c file. __________________________________________________________________ The include file nids.h defines the constants NIDS_MAJOR (1) and NIDS_MINOR (21), which can be used to determine in runtime the version of libnids. Nids.h used to define HAVE_NEW_PCAP as well, but since 1.19 it is nonsupported as obsolete. __________________________________________________________________ Typically, data carried by a tcp stream can be divided into protocol-dependent records (say, lines of input). A tcp callback can receive an amount of data, which contains more then one record. Therefore, a tcp callback should iterate its protocol parsing routine over the whole amount of data received. This adds complexity to the code. If nids_params.one_loop_less is non-zero, libnids behaviour changes slightly. If a callback consumes some (but not all) of newly arrived data, libnids calls it immediately again. Only non-processed data remain in the buffer, and rcv->count_new is decreased appropriately. Thus, a callback can process only one record at the time - libnids will call it again, until no new data remain or no data can be processed. Unfortunately, this behaviour introduces horrible semantics problems in case of 2+ callbacks reading the same half of a tcp stream. Therefore, if nids_params.one_loop_less is non-zero, you are not allowed to attach two or more callbacks to the same half of tcp stream. Unfortunately, the existing interface is unable to propagate the error to the callback - therefore, you must watch it yourself. You have been warned. __________________________________________________________________ The pcap header of the last seen packet is exported as extern struct pcap_pkthdr *nids_last_pcap_header; It is wise to use it to get timestamp, to get a better accuracy and save a syscall. __________________________________________________________________ Other applications using libnids can be found in "samples" directory. 7. New features in version 1.21 Version 1.21 brings several bugfixes, optimizations and a few new features, but mostly extra external variables and functions to access libnids' intrinsics from the outside. nids_last_pcap_data is a new external variable to get the data of the last PCAP frame, like it was already possible to use nids_last_pcap_header in order to get the header of the last PCAP frame. nids_linkoffset is a new external variable to get the computed offset between the link layer and the network layer for the current PCAP device. It is useful to reconstruct PCAP frames from IP defragmented packets which you get in your ip_func (see chapter on IP defragmentation) by copying the same amount of bytes from the beginning of nids_last_pcap_data representing the link layer, like this: void ip_callback(struct ip *pkt, int len) { u_char *frame; struct pcap_pkthdr ph; frame = malloc(len + nids_linkoffset); memcpy(frame, nids_last_pcap_data, nids_linkoffset); memcpy(frame + nids_linkoffset, pkt, len); ph.ts = nids_last_pcap_header->ts; ph.caplen = ph.len = len + nids_linkoffset; pcap_dump(nids_params.pcap_desc, &ph, frame); free(frame); } In versions prior to 1.21 it was only possible to give libnids a device or file name and have it take total control over libpcap operations when using nids_run() or nids_next(). Now, with nids_params.pcap_desc it is possible to have your pcap_handler outside libnids and choose which frames you want to be processed by libnids (e.g. only TCP packets to keep track of TCP connections whilst this is not your only objective); all you have to do is copy your pointer to the pcap_t structure (returned by pcap_open_live(), pcap_open_dead() or pcap_open_offline()) to nids_params.pcap_desc and call nids_pcap_handler(), normally with the same parameters as your own pcap_handler (the one you registered with pcap_dispatch() or pcap_loop()) was called with. NOTE: since libnids cannot know when you are finished if you interactively pass packets to it with nids_pcap_handler(), you must tell it when to free the allocated resources by calling nids_exit(). nids_params.tcp_workarounds is a new libnids runtime option which can be used to enable extra checks for faulty implementations of TCP such as the ones which allow connections to be closed despite the fact that there should be retransmissions for lost packets first, thus violating section 3.5 of RFC 793. In those cases, and if this option is non-zero, libnids will set the NIDS_TIMED_OUT state for TCP connections that were savagely closed. nids_find_tcp_stream() is a new external function that can be used to find the corresponding tcp_stream structure for a given pointer to a tuple4 structure. nids_free_tcp_stream() is a new external function that can be used for example to force libnids into not following a TCP stream anymore. BEWARE! Calling nids_free_tcp_stream() from inside one of your registered tcp_callbacks on a TCP stream that is already in a closing state (NIDS_CLOSE, NIDS_TIMED_OUT, NIDS_RESET or NIDS_EXITING) will result in a double free (because libnids will call nids_free_tcp_stream() internally when your tcp_callback returns) and your program will crash. nids_unregister_ip_frag(), nids_unregister_ip(), nids_unregister_udp() and nids_unregister_tcp() are new external functions that can be used to unregister callbacks previous registed with the corresponding nids_register_*(), at any time. tcp_stream.user is a new field in the structure passed to TCP callbacks. It is similar to their void **param argument, except that it is global to all the TCP callbacks for the same stream, whereas param is specific to each callback. 8. FAQ * Q.1 For a connection X, my tcp callback gets only the data sent by the server ? A.1 You probably run a libnids app on a host that is the client side of X; and your NIC driver offloads checksums computing to the hardware. So, when libnids sees packets sent by the client, their checksum is not computed, and they are dropped. See the API.html file on the description of the nids_register_chksum_ctl(), and configure libnids app to skip checksum verification of packets sent by the host you run libnids on. * Q.2 How to make libnids track already established TCP connections ? A.2 Intentionally not implemented; it would be unreliable, due to the fact that some crucial information (like TCP window scale) is present only in SYN packets. If you really need this functionality, you can try the included libnids-track-established.patch, prepared by Alon Bar-Lev; of course, the responsibility is yours. libnids-1.26/doc/LINUX000066400000000000000000000021371415573252600144720ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== The following applies to Linux only. Linux 2.0.x kernels introduces sockets of family PF_PACKET which allow to gather packets from all devices, including loopback (!). Recent libpcap versions (0.6.x for sure) support this feature; you have to pass device "any" to pcap_open_live in order to listen on such a socket. For backwards compatibility with libnids <= 1.16, you can also assign device "all" to nids_params.device. If nids_params.promisc is nonzero, libnids (because libpcap does not support it) will try to set all interfaces into promiscuous mode, one by one. A certain problem may arise, if the machine routes packets among its interfaces. Libpcap will pass to userspace a copy of a packet per each interface this packet travels through. This is no problem for libnids TCP reassembly, as it deals perfectly with duplicate packets - tcp callback functions will not notice anything unusual. However, UDP and IP callbacks will receive duplicate packets. libnids-1.26/doc/NEW_LIBPCAP000066400000000000000000000003101415573252600153450ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== This document is obsolete; read LINUX instead ! libnids-1.26/doc/PATCH000066400000000000000000000015431415573252600144320ustar00rootroot00000000000000--- linux-2.0.37/net/ipv4/tcp_input.c.orig Fri Jul 23 17:25:14 1999 +++ linux/net/ipv4/tcp_input.c Fri Jul 23 17:29:43 1999 @@ -2764,7 +2764,18 @@ kfree_skb(skb, FREE_READ); return 0; } - + + if (sk->state==TCP_SYN_RECV && th->ack && skb->ack_seq!=sk->sent_seq) + { + /* + * Quick fix to detect too small ack_seq + * in 3rd packet of 3ws and force a RST segment. + */ + tcp_send_reset(daddr, saddr, th,sk->prot, opt, dev,0,255); + kfree_skb(skb, FREE_READ); + return 0; + } + rfc_step6: /* * If the accepted buffer put us over our queue size we libnids-1.26/doc/PERFORMANCE000066400000000000000000000060351415573252600153350ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== Libnids uses efficient data structures (hash tables), so it imposes as little overhead on packets processing as possible. However, in some cases, packet content must be copies several times, which can result in burst of CPU activity. The following notes refer rather to libpcap, not libnids, but because many people seem to encounter similar performance-related problems when running libnids on fast network, this may be worth reading. Keep in mind that even if a single packet, belonging to TCP connection X, is not delivered to libnids, libnids will likely loose all the following data in X. Therefore you must avoid packet loss, at all cost. If you use the default syslog routine and see messages like "Max number of TCP streams reached" or "Too much data in TCP receive queue" then (assuming you are not under sophisticated NIDS evasion attack) most likely you are loosing packets. The packet loss usually happens when CPU is busy and cannot handle all incoming packets. It must be stressed that even if CPU seems to be fairly idle (say, load average 10%), during traffic burst it may be unable to queue all the packets, if the buffer space reserved for packets queuing is too small. And this is where the problem with libpcap is. It uses rather small buffers, and there is no API to enlarge them. So, we are left with unofficial methods. In case of Linux, libpcap 0.7.1, one can call int rcvbuf=100*1024; setsockopt(nids_getfd(),SOL_SOCKET, SO_RCVBUF, &rcvbuf, sizeof(rcvbuf)); This setsockopt doubles (approximately) the default kernel buffers size. Unfortunately, there seems to be a limit (about 100KB) for buffers allocated this way, which is way too small. Recent Linux 2.4 kernels offer PACKET_RX_RING setsockopt, which is supposed to allow to specify arbitrary buffer size. 640 K^H^H^H^H^H 10 MB buffer ought to be enough for everyone ;) This feature has not yet been integrated into libpcap (not in 0.7.1). There are floating some libpcap patches which merge this capability. See http://public.lanl.gov/cpw/ or http://pusa.uv.es/~ulisses/packet_mmap/ In case of BSD, you may play with BIOCSBLEN, but I have no experience with it. If you know how to enlarge libpcap buffers on other OS, let me know. A portable solution has been suggested by Yoav Weiss . Especially on SMP, it could be beneficial to split a libpcap application into two processes. The first one would receive packets via libpcap interface, and store them in arbitrarily large buffer; this process should run with high priority, perhaps even real time one. The second process, running with low priority, would retrieve packets from the first process and pass them to higher layers (for example to libnids). However, the efficient implementation is nontrivial. UPDATE: the current version of libnids adds experimental support for the solution mentioned above. See the documentation for nids_prm.multiproc for more information. libnids-1.26/doc/TESTS000066400000000000000000000124261415573252600144770ustar00rootroot00000000000000 ==================== libnids-1.26 ==================== In order to verify reliability of libnids, a number of tests were conducted. A small applications were composed, which displayed on stdout data received from libnids (contents of IP packets or data exchanged in TCP connections). Test packets were sent to a host running Linux 2.0.36. As we will see, libnids accurately emulated behaviour of the target host. As mentioned in README, libnids resisted all attack implemented by fragrouter 1.3. The following tests were conducted with custom tools. 1. IP defragmentation Libnids was put to the following tests: a) sending overlapping and/or duplicate IP fragments. All possible combinations of fragments positions in the final packet were tried. b) sending multiple fragments with the flag "no more fragments" c) sending a fragmented packet, pause for 30+epsilon second, then sending remaining fragments. If epsilon has been greater than zero, Linux discarded the first fragment (and ICMP message of type TIME_EXCEEDED was generated). In the other case, defragmentation succeeded. d) two fragments F1 and F2 of a packet P with header id X were build. A packet P' with header id X, but contents different to P was build as well. Finally, packets F1, P', F2 were sent (in the mentioned order). e) as a last test, resource managing was abused. Linux 2.0.x queues fragments until they consume 256 KB of kernel memory, than some of queued fragments are discarded so that less than 192 KB of kernel memory is consumed. A helper program, sendtcpfrag, was built. It accepts two command line parameters, x and y. Sendtcpfrag builds a certain TCP packet, which is than split into two fragments, named A and B. Next x random IP fragments carrying 8 data bytes are sent, than fragment A, than y random IP fragments carrying 8 data bytes are sent, finally fragment B. If all sent packets consume less than 256 KB of kernel memory, no packet is dropped, and the target host will assemble packets A and B. Otherwise, packet A can be dropped. After execution of # ./sendtcpfrag 650 61 target host received a TCP segment. The situation looked similarly when second parameter was less than 61. After execution of # ./sendtcpfrag 650 62 target host received no TCP segments. As we can see, 650+1+61 was the threshold number of packets, which could be queued. In the last test, libnids had to be fed a correct value of parameter sk_buff_size (see more on libnids parameters in file API). Libnids passed all above tests. 2) TCP segments assembly Libnids was put to the following tests: a) sending overlapping and/or duplicate segments. All possible combinations of segments sequence numbers precedence were tried. b) sending segments with sequence numbers ahead of expected values (test of segments queuing) c) sending segments [partially] out of connection window d) sending segments carrying invalid TCP flags e) sending segments carrying SYN flags after the sockets reached ESTABLISHED state f) sending segments carrying urgent data g) closing of previously established TCP connection with a RST segment, then setting up another connection with the same tuple (saddr, daddr, sport, dport), but different sequence numbers h) sending segments with incorrect IP or TCP checksum i) sequence numbers wrap j) initializing a TCP connection with a segment carrying not only SYN flag k) resource managing. Linux queues TCP segments which fit in the connection window until kernel memory used for this purpose reaches SK_RMEM_MAX (typically 64 KB). Queuing uses lots of auxiliary data structures; therefore Linux can discard TCP segments, which belong to the connection window. Another tool was written, tcpqueue. It sends a flow of TCP segments carrying 1 byte of data. Segments have got consecutive, decreasing sequence numbers (so they're sent in reversed order than any OS do). Tcpqueue accepts two command line parameters: S - the last segment sequence number, and N - number of segments to be sent. If S is the expected sequence number of the connection and N is not big, all sent segments are queued, then after the arrival of the last segments data from all segments is passed to the application. If N is large, some of segments will be discarded. After execution of # ./tcpqueue 2 283 (connection was set up with initial sequence number equal 1) application (namely netcat) run on the target host received all 283 bytes of data. After execution of # ./tcpqueue 285 284 application received data from the last segment only. As we can see, Linux queues up to 283 one-byte TCP segments, though it announces window close to 32768. Analogically to the last IP fragmentation test, libnids had to be fed a correct value of parameter sk_buff_size. Libnids passed all above tests, with one exception of test f. However, it is due to a bug in Linux kernel, not libnids. In certain conditions, a byte of urgent data can be included in normal data flow. Kernel developers were notified, perhaps the bug will be squashed soon. 3. Additionally, libnids handles properly ICMP Destination Unreachable packets. Source routed IP packets are discarded. libnids-1.26/doc/bugtraq_post000066400000000000000000000107711415573252600163100ustar00rootroot00000000000000[cut] Libnids was implemented with regard to results of Linux kernel 2.0.x networking code analysis, included in my Master Thesis. This analysis was conducted from NIDS developer's point of view. Of course, 2.0.x family is obsolete now (still widely used though), but some points mentioned below are worth checking against any OS. 1) In their famous paper, Ptacek and Newsham mention that a packet can be discarded by a kernel if OS resources are low (e.g. too many packets arrives in a unit of time), which makes an insertion attack possible. However, it was not stated that an attacker can create such a condition deterministicly and repeatably. One obvious target is IP defragmentation. If many IP fragments arrive, kernel has to drop some of them to avoid a DOS attack (IP fragment bomb). NIDS has to employ the same defragmentation algorithm (including the order in which fragments are discarded) which is used by protected systems; otherwise, all discrepancies can be exploited by an attacker to construct an insertion or evasion attack. The above statement is valid considering any OS type; what makes things even worse in case of Linux is the fact that the behaviour of the defragmentation algorithm used by Linux depends on kernel compilation options (size of struct sk_buff is critical). TCP segments queuing algorithm used by Linux 2.0.x is vulnerable to a similar attack. Linux queues TCP segments that fit in a connection window until the kernel memory consumed for this purpose (counted by rmem_alloc variable) reaches 64 KB; when it happens, all unacknowledged segments are discarded. TCP segments queuing requires a lot of auxiliary structures; as a result, TCP segments can be dropped, even if their sequence numbers are acceptable. For example, a tested 2.0.36 kernel could queue only 284 TCP segments carrying one byte of data each (announced connection window was about 32K). Again, the succesful emulation of this algorithm by NIDS requires knowledge of size of struct sk_buff. To sum up, it is obvious that DOS attacks against NIDS are a threat, but that's not all. A mild DOS attack against a monitored host can trigger some OS-dependent resource management algorithm, which can be tough to emulate by NIDS. Another nasty feature of Linux TCP queuing was found. If an application doesn't receive data from kernel (doesn't perform read calls on a socket for some time) all acknowledged (that is, ready to be passed to an app), buffered segments still consume kernel memory (rmem_alloc counter is not zero). As a result, even less packets can be queued (because some of 64KB pool is still in use). It means that the number of queued packets (and consequently, received data) depends on an application behaviour (!). To verify such possibility, the same stream of packets was sent twice. First, the receiving application A performed immediate read call. In the second case, the receiving application B executed sleep(1); read(sockfd, buffer, num); sequence of system calls. App A received different data than app B. The delay imposed by sleep(1) call was unnecessarily large; a delay resulting from a context switch can be big enough. Libnids uses algorithms equivalent to or taken directly from Linux kernel sources. If libnids is given a correct value of struct sk_buff size (it is configurable in run-time, along with many other parameters) the above mentioned attacks will not bypass libnids (with an exception of the last one; libnids has no way to determine frequency of read calls performed by an app). It also mean that at least IP defragmentation performed by libnids is as reliable as one offered by Linux 2.0.36 kernel. 2) Linux firewall implementation includes one hard-coded rule. Quoting from ip_fw.c: /* * Don't allow a fragment of TCP 8 bytes in. Nobody * normal causes this. Its a cracker trying to break * in by doing a flag overwrite to pass the direction * checks. */ if (offset == 1 && ip->protocol == IPPROTO_TCP) return FW_BLOCK; So, if the kernel was compiled with CONFIG_FIREWALL (for instance, Redhat install kernels are), it can block some packets (short fragmented TCP segments), even if no firewall rules was defined by the administrator. If NIDS accepts such a packet for further processing, an insertion attack is possible. It's another example that NIDS has to know the compilation options of monitored kernels. [cut] The description of other tests on libnids is included in libnids distribution. Save yourself, Nergal libnids-1.26/install-sh000077500000000000000000000112441415573252600151060ustar00rootroot00000000000000#! /bin/sh # # install - install a program, script, or datafile # This comes from X11R5. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. # # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" tranformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 libnids-1.26/mkinstalldirs000077500000000000000000000012111415573252600157010ustar00rootroot00000000000000#!/bin/sh # mkinstalldirs --- make directory hierarchy # Author: Noah Friedman # Created: 1993-05-16 # Last modified: 1994-03-25 # Public domain errstatus=0 for file in ${1+"$@"} ; do set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` shift pathcomp= for d in ${1+"$@"} ; do pathcomp="$pathcomp$d" case "$pathcomp" in -* ) pathcomp=./$pathcomp ;; esac if test ! -d "$pathcomp"; then echo "mkdir $pathcomp" 1>&2 mkdir "$pathcomp" || errstatus=$? fi pathcomp="$pathcomp/" done done exit $errstatus # mkinstalldirs ends here libnids-1.26/samples/000077500000000000000000000000001415573252600145445ustar00rootroot00000000000000libnids-1.26/samples/Makefile.in000066400000000000000000000013601415573252600166110ustar00rootroot00000000000000# # Makefile for libnids samples. # # Dug Song srcdir = @srcdir@ VPATH = @srcdir@ CC = @CC@ CFLAGS = @CFLAGS@ LDFLAGS = @LDFLAGS@ PCAP_CFLAGS = @PCAP_CFLAGS@ PCAPLIB = @PCAPLIB@ LNET_CFLAGS = @LNET_CFLAGS@ LNETLIB = @LNETLIB@ LIBS_CFLAGS = -I../src $(PCAP_CFLAGS) $(LNET_CFLAGS) LIBS = -L../src -lnids $(PCAPLIB) $(LNETLIB) @LIBS@ .c.o: $(CC) -c $(CFLAGS) -I. $(LIBS_CFLAGS) $< all: overflows printall sniff static shared: all overflows: overflows.o $(CC) -o $@ overflows.o $(LDFLAGS) $(LIBS) printall: printall.o $(CC) -o $@ printall.o $(LDFLAGS) $(LIBS) sniff: sniff.o $(CC) -o $@ sniff.o $(LDFLAGS) $(LIBS) static shared install installshared: @true clean: rm -f *.o *~ overflows printall sniff # EOF libnids-1.26/samples/chksum_ctl.c000066400000000000000000000042161415573252600170470ustar00rootroot00000000000000#include "nids.h" #include #include #include #include #include #include /* Example 1: simple disabling of checksums on a predefined network */ void simple_chksum_ctl_example() { static struct nids_chksum_ctl ctl; ctl.netaddr = inet_addr("172.16.99.0"); ctl.mask = inet_addr("255.255.255.0"); ctl.action = NIDS_DONT_CHKSUM; nids_register_chksum_ctl(&ctl, 1); } /* Example 2: disabling checksums of packets with src ip of any local interface */ static int get_all_ifaces(struct ifreq **, int *); static unsigned int get_addr_from_ifreq(struct ifreq *); int all_local_ipaddrs_chksum_disable() { struct ifreq *ifaces; int ifaces_count; int i, ind = 0; struct nids_chksum_ctl *ctlp; unsigned int tmp; if (!get_all_ifaces(&ifaces, &ifaces_count)) return -1; ctlp = (struct nids_chksum_ctl *) malloc(ifaces_count * sizeof(struct nids_chksum_ctl)); if (!ctlp) return -1; for (i = 0; i < ifaces_count; i++) { tmp = get_addr_from_ifreq(ifaces + i); if (tmp) { ctlp[ind].netaddr = tmp; ctlp[ind].mask = inet_addr("255.255.255.255"); ctlp[ind].action = NIDS_DONT_CHKSUM; ind++; } } free(ifaces); nids_register_chksum_ctl(ctlp, ind); } /* helper functions for Example 2 */ unsigned int get_addr_from_ifreq(struct ifreq *iface) { if (iface->ifr_addr.sa_family == AF_INET) return ((struct sockaddr_in *) &(iface->ifr_addr))-> sin_addr.s_addr; return 0; } static int get_all_ifaces(struct ifreq **ifaces, int *count) { int ifaces_size = 8 * sizeof(struct ifreq); struct ifconf param; int sock; unsigned int i; *ifaces = malloc(ifaces_size); sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); if (sock <= 0) return 0; for (;;) { param.ifc_len = ifaces_size; param.ifc_req = *ifaces; if (ioctl(sock, SIOCGIFCONF, ¶m)) goto err; if (param.ifc_len < ifaces_size) break; free(*ifaces); ifaces_size *= 2; ifaces = malloc(ifaces_size); } *count = param.ifc_len / sizeof(struct ifreq); close(sock); return 1; err: close(sock); return 0; } #ifdef TESTING main() { all_local_ipaddrs_chksum_disable(); } #endif libnids-1.26/samples/nids_next.c000066400000000000000000000016131415573252600167040ustar00rootroot00000000000000/* This is an example how one can use nids_getfd() and nids_next() functions. You can replace printall.c's function main with this file. */ #include #include #include int main () { // here we can alter libnids params, for instance: // nids_params.n_hosts=256; int fd; int time = 0; fd_set rset; struct timeval tv; if (!nids_init ()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } nids_register_tcp (tcp_callback); fd = nids_getfd (); for (;;) { tv.tv_sec = 1; tv.tv_usec = 0; FD_ZERO (&rset); FD_SET (fd, &rset); // add any other fd we need to take care of if (select (fd + 1, &rset, 0, 0, &tv)) { if (FD_ISSET(fd,&rset) // need to test it if there are other // fd in rset if (!nids_next ()) break; } else fprintf (stderr, "%i ", time++); } return 0; } libnids-1.26/samples/overflows.c000066400000000000000000000131241415573252600167370ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ /* This code attempts to detect attack against imapd (AUTHENTICATE hole) and wuftpd (creation of deep directory). This code is to ilustrate use of libnids; in order to improve readability, some simplifications were made, which enables an attacker to bypass this code (note, the below routines should be improved, not libnids) */ #include #include #include #include #include #include #include #include #include #include "nids.h" #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) char * adres (struct tuple4 addr) { static char buf[256]; strcpy (buf, int_ntoa (addr.saddr)); sprintf (buf + strlen (buf), ",%i,", addr.source); strcat (buf, int_ntoa (addr.daddr)); sprintf (buf + strlen (buf), ",%i", addr.dest); return buf; } /* if we find a pattern AUTHENTICATE {an_int} in data stream sent to an imap server, where an_int >1024, it means an buffer overflow attempt. We kill the connection. */ #define PATTERN "AUTHENTICATE {" #define PATLEN strlen(PATTERN) void detect_imap (struct tcp_stream *a_tcp) { char numbuf[30]; int i, j, datalen, numberlen; struct half_stream *hlf; if (a_tcp->nids_state == NIDS_JUST_EST) { if (a_tcp->addr.dest == 143) { a_tcp->server.collect++; return; } else return; } if (a_tcp->nids_state != NIDS_DATA) return; hlf = &a_tcp->server; datalen = hlf->count - hlf->offset; if (datalen < PATLEN) { // we have too small amount of data to work on. Keep all data in buffer. nids_discard (a_tcp, 0); return; } for (i = 0; i <= datalen - PATLEN; i++) if (!memcmp (PATTERN, hlf->data + i, PATLEN)) //searching for a pattern break; if (i > datalen - PATLEN) { // retain PATLEN bytes in buffer nids_discard (a_tcp, datalen - PATLEN); return; } for (j = i + PATLEN; j < datalen; j++) // searching for a closing '}' if (*(hlf->data + j) == '}') break; if (j > datalen) { if (datalen > 20) { //number too long, perhaps we should log it, too } return; } numberlen = j - i - PATLEN; memcpy (numbuf, hlf->data + i + PATLEN, numberlen); //numbuf contains // AUTH argument numbuf[numberlen] = 0; if (atoi (numbuf) > 1024) { // notify admin syslog(nids_params.syslog_level, "Imapd exploit attempt, connection %s\n",adres(a_tcp->addr)); // kill the connection nids_killtcp (a_tcp); } nids_discard (a_tcp, datalen - PATLEN); return; } // auxiliary structure, needed to keep current dir of ftpd daemon struct supp { char *currdir; int last_newline; }; // the below function adds "elem" string to "path" string, taking care of // ".." and multiple '/'. If the resulting path is longer than 768, // return value is 1, otherwise 0 int add_to_path (char *path, char *elem, int len) { int plen; char * ptr; if (len > 768) return 1; if (len == 2 && elem[0] == '.' && elem[1] == '.') { ptr = rindex (path, '/'); if (ptr != path) *ptr = 0; } else if (len > 0) { plen = strlen (path); if (plen + len + 1 > 768) return 1; if (plen==1) { strncpy(path+1,elem,len); path[1+len]=0; } else { path[plen] = '/'; strncpy (path + plen + 1, elem, len); path[plen + 1 + len] = 0; } } return 0; } void do_detect_ftp (struct tcp_stream *a_tcp, struct supp **param_ptr) { struct supp *p = *param_ptr; int index = p->last_newline + 1; char *buf = a_tcp->server.data; int offset = a_tcp->server.offset; int n_bytes = a_tcp->server.count - offset; int path_index, pi2, index2, remcaret; for (;;) { index2 = index; while (index2 - offset < n_bytes && buf[index2 - offset] != '\n') index2++; if (index2 - offset >= n_bytes) break; if (!strncasecmp (buf + index - offset, "cwd ", 4)) { path_index = index + 4; if (buf[path_index - offset] == '/') { strcpy (p->currdir, "/"); path_index++; } for (;;) { pi2 = path_index; while (buf[pi2 - offset] != '\n' && buf[pi2 - offset] != '/') pi2++; if (buf[pi2-offset]=='\n' && buf[pi2-offset-1]=='\r') remcaret=1; else remcaret=0; if (add_to_path (p->currdir, buf + path_index-offset, pi2 - path_index-remcaret)) { // notify admin syslog(nids_params.syslog_level, "Ftpd exploit attempt, connection %s\n",adres(a_tcp->addr)); nids_killtcp (a_tcp); return; } if (buf[pi2 - offset] == '\n') break; path_index = pi2 + 1; } } index = index2 + 1; } p->last_newline = index - 1; nids_discard (a_tcp, index - offset); } void detect_ftpd (struct tcp_stream *a_tcp, struct supp **param) { if (a_tcp->nids_state == NIDS_JUST_EST) { if (a_tcp->addr.dest == 21) { struct supp *one_for_conn; a_tcp->server.collect++; one_for_conn = (struct supp *) malloc (sizeof (struct supp)); one_for_conn->currdir = malloc (1024); strcpy (one_for_conn->currdir, "/"); one_for_conn->last_newline = 0; *param=one_for_conn; } return; } if (a_tcp->nids_state != NIDS_DATA) { free ((*param)->currdir); free (*param); return; } do_detect_ftp (a_tcp, param); } int main () { if (!nids_init ()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } nids_register_tcp (detect_imap); nids_register_tcp (detect_ftpd); nids_run (); return 0; } libnids-1.26/samples/printall.c000066400000000000000000000070641415573252600165440ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include #include #include #include "nids.h" #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) // struct tuple4 contains addresses and port numbers of the TCP connections // the following auxiliary function produces a string looking like // 10.0.0.1,1024,10.0.0.2,23 char * adres (struct tuple4 addr) { static char buf[256]; strcpy (buf, int_ntoa (addr.saddr)); sprintf (buf + strlen (buf), ",%i,", addr.source); strcat (buf, int_ntoa (addr.daddr)); sprintf (buf + strlen (buf), ",%i", addr.dest); return buf; } void tcp_callback (struct tcp_stream *a_tcp, void ** this_time_not_needed) { char buf[1024]; strcpy (buf, adres (a_tcp->addr)); // we put conn params into buf if (a_tcp->nids_state == NIDS_JUST_EST) { // connection described by a_tcp is established // here we decide, if we wish to follow this stream // sample condition: if (a_tcp->addr.dest!=23) return; // in this simple app we follow each stream, so.. a_tcp->client.collect++; // we want data received by a client a_tcp->server.collect++; // and by a server, too a_tcp->server.collect_urg++; // we want urgent data received by a // server #ifdef WE_WANT_URGENT_DATA_RECEIVED_BY_A_CLIENT a_tcp->client.collect_urg++; // if we don't increase this value, // we won't be notified of urgent data // arrival #endif fprintf (stderr, "%s established\n", buf); return; } if (a_tcp->nids_state == NIDS_CLOSE) { // connection has been closed normally fprintf (stderr, "%s closing\n", buf); return; } if (a_tcp->nids_state == NIDS_RESET) { // connection has been closed by RST fprintf (stderr, "%s reset\n", buf); return; } if (a_tcp->nids_state == NIDS_DATA) { // new data has arrived; gotta determine in what direction // and if it's urgent or not struct half_stream *hlf; if (a_tcp->server.count_new_urg) { // new byte of urgent data has arrived strcat(buf,"(urgent->)"); buf[strlen(buf)+1]=0; buf[strlen(buf)]=a_tcp->server.urgdata; write(1,buf,strlen(buf)); return; } // We don't have to check if urgent data to client has arrived, // because we haven't increased a_tcp->client.collect_urg variable. // So, we have some normal data to take care of. if (a_tcp->client.count_new) { // new data for client hlf = &a_tcp->client; // from now on, we will deal with hlf var, // which will point to client side of conn strcat (buf, "(<-)"); // symbolic direction of data } else { hlf = &a_tcp->server; // analogical strcat (buf, "(->)"); } fprintf(stderr,"%s",buf); // we print the connection parameters // (saddr, daddr, sport, dport) accompanied // by data flow direction (-> or <-) write(2,hlf->data,hlf->count_new); // we print the newly arrived data } return ; } int main () { // here we can alter libnids params, for instance: // nids_params.n_hosts=256; if (!nids_init ()) { fprintf(stderr,"%s\n",nids_errbuf); exit(1); } nids_register_tcp (tcp_callback); nids_run (); return 0; } libnids-1.26/samples/sniff.c000066400000000000000000000043751415573252600160260ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include #include #include #include "nids.h" #define LOG_MAX 100 #define SZLACZEK "\n--------------------------------------------------\n" #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) char * adres (struct tuple4 addr) { static char buf[256]; strcpy (buf, int_ntoa (addr.saddr)); sprintf (buf + strlen (buf), ",%i,", addr.source); strcat (buf, int_ntoa (addr.daddr)); sprintf (buf + strlen (buf), ",%i : ", addr.dest); return buf; } int logfd; void do_log (char *adres_txt, char *data, int ile) { write (logfd, adres_txt, strlen (adres_txt)); write (logfd, data, ile); write (logfd, SZLACZEK, strlen (SZLACZEK)); } void sniff_callback (struct tcp_stream *a_tcp, void **this_time_not_needed) { int dest; if (a_tcp->nids_state == NIDS_JUST_EST) { dest = a_tcp->addr.dest; if (dest == 21 || dest == 23 || dest == 110 || dest == 143 || dest == 513) a_tcp->server.collect++; return; } if (a_tcp->nids_state != NIDS_DATA) { // seems the stream is closing, log as much as possible do_log (adres (a_tcp->addr), a_tcp->server.data, a_tcp->server.count - a_tcp->server.offset); return; } if (a_tcp->server.count - a_tcp->server.offset < LOG_MAX) { // we haven't got enough data yet; keep all of it nids_discard (a_tcp, 0); return; } // enough data do_log (adres (a_tcp->addr), a_tcp->server.data, LOG_MAX); // Now procedure sniff_callback doesn't want to see this stream anymore. // So, we decrease all the "collect" fields we have previously increased. // If there were other callbacks following a_tcp stream, they would still // receive data a_tcp->server.collect--; } int main () { logfd = open ("./logfile", O_WRONLY | O_CREAT | O_TRUNC, 0600); if (logfd < 0) { perror ("opening ./logfile:"); exit (1); } if (!nids_init ()) { fprintf (stderr, "%s\n", nids_errbuf); exit (1); } nids_register_tcp (sniff_callback); nids_run (); return 0; } libnids-1.26/src/000077500000000000000000000000001415573252600136675ustar00rootroot00000000000000libnids-1.26/src/Makefile.in000066400000000000000000000052061415573252600157370ustar00rootroot00000000000000# # Makefile for libnids. # # Dug Song srcdir = @srcdir@ VPATH = @srcdir@ install_prefix = prefix = @prefix@ exec_prefix = @exec_prefix@ includedir = @includedir@ libdir = @libdir@ mandir = @mandir@ LIBSTATIC = libnids.a LIBSHARED = libnids.so.1.26 CC = @CC@ CFLAGS = @CFLAGS@ -DLIBNET_VER=@LIBNET_VER@ -DHAVE_ICMPHDR=@ICMPHEADER@ -DHAVE_TCP_STATES=@TCPSTATES@ -DHAVE_BSD_UDPHDR=@HAVE_BSD_UDPHDR@ LDFLAGS = @LDFLAGS@ PCAP_CFLAGS = @PCAP_CFLAGS@ PCAPLIB = @PCAPLIB@ LNET_CFLAGS = @LNET_CFLAGS@ LNETLIB = @LNETLIB@ LIBS_CFLAGS = $(PCAP_CFLAGS) $(LNET_CFLAGS) @GLIB_CFLAGS@ @GTHREAD_CFLAGS@ LIBS = @LIBS@ @GLIB_LIBS@ @GTHREAD_LIBS@ RANLIB = @RANLIB@ INSTALL = @INSTALL@ OBJS = checksum.o ip_fragment.o ip_options.o killtcp.o \ libnids.o scan.o tcp.o util.o allpromisc.o hash.o OBJS_SHARED = $(OBJS:.o=_pic.o) .c.o: $(CC) -c $(CFLAGS) -I. $(LIBS_CFLAGS) $< static: $(LIBSTATIC) shared: $(LIBSHARED) # How to write the following rules compactly and portably ? # gmake accepts "%_pic.o: %.c", bsd make does not. checksum_pic.o: checksum.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c checksum.c -o $@ ip_fragment_pic.o: ip_fragment.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c ip_fragment.c -o $@ ip_options_pic.o: ip_options.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c ip_options.c -o $@ killtcp_pic.o: killtcp.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c killtcp.c -o $@ libnids_pic.o: libnids.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c libnids.c -o $@ scan_pic.o: scan.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c scan.c -o $@ tcp_pic.o: tcp.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c tcp.c -o $@ util_pic.o: util.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c util.c -o $@ allpromisc_pic.o: allpromisc.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c allpromisc.c -o $@ hash_pic.o: hash.c $(CC) -fPIC $(CFLAGS) -I. $(LIBS_CFLAGS) -c hash.c -o $@ $(LIBSTATIC): $(OBJS) ar -cr $@ $(OBJS) $(RANLIB) $@ $(LIBSHARED): $(OBJS_SHARED) $(CC) -shared -Wl,-soname,$(LIBSHARED) -o $(LIBSHARED) $(OBJS_SHARED) $(LIBS) $(LNETLIB) $(PCAPLIB) _install install: $(LIBSTATIC) ../mkinstalldirs $(install_prefix)$(libdir) ../mkinstalldirs $(install_prefix)$(includedir) ../mkinstalldirs $(install_prefix)$(mandir)/man3 $(INSTALL) -c -m 644 libnids.a $(install_prefix)$(libdir) $(INSTALL) -c -m 644 nids.h $(install_prefix)$(includedir) $(INSTALL) -c -m 644 libnids.3 $(install_prefix)$(mandir)/man3 _installshared installshared: install $(LIBSHARED) $(INSTALL) -c -m 755 $(LIBSHARED) $(install_prefix)$(libdir) ln -s -f $(LIBSHARED) $(install_prefix)$(libdir)/libnids.so clean: rm -f *.o *~ $(LIBSTATIC) $(LIBSHARED) # EOF libnids-1.26/src/allpromisc.c000066400000000000000000000015721415573252600162050ustar00rootroot00000000000000#include "nids.h" #ifdef __linux__ #include #include #include #include #include #include int set_all_promisc() { struct ifreq * ifaces; int ifaces_size=8 * sizeof(struct ifreq); struct ifconf param; int sock; unsigned int i; sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); if (sock <= 0) return 0; do { ifaces_size*=2; ifaces=alloca(ifaces_size); param.ifc_len = ifaces_size; param.ifc_req = ifaces; if (ioctl(sock, SIOCGIFCONF, ¶m)) goto err; } while (param.ifc_len>=ifaces_size); for (i = 0; i < param.ifc_len / sizeof(struct ifreq); i++) { if (ioctl(sock, SIOCGIFFLAGS, ifaces + i)) goto err; ifaces[i].ifr_flags |= IFF_PROMISC; if (ioctl(sock, SIOCSIFFLAGS, ifaces + i)) goto err; } close(sock); return 1; err: close(sock); return 0; } #endif libnids-1.26/src/checksum.c000066400000000000000000000162151415573252600156420ustar00rootroot00000000000000 #include #include #include #include #include #include #include "nids.h" static struct nids_chksum_ctl * nchk; static int nrnochksum=0; void nids_register_chksum_ctl(struct nids_chksum_ctl * ptr, int nr) { nchk=ptr; nrnochksum=nr; } static int dontchksum(unsigned int ip) { int i; for (i=0;i, adapted for linux by Arnt Gulbrandsen. */ inline u_short ip_fast_csum(u_char * iph, u_int ihl) { u_int sum; if (dontchksum(((struct ip*)iph)->ip_src.s_addr)) return 0; __asm__ __volatile__( " movl (%1), %0 \n" " subl $4, %2 \n" " jbe 2f \n" " addl 4(%1), %0 \n" " adcl 8(%1), %0 \n" " adcl 12(%1), %0 \n" "1: adcl 16(%1), %0 \n" " lea 4(%1), %1 \n" " decl %2 \n" " jne 1b \n" " adcl $0, %0 \n" " movl %0, %2 \n" " shrl $16, %0 \n" " addw %w2, %w0 \n" " adcl $0, %0 \n" " notl %0 \n" "2: \n" /* Since the input registers which are loaded with iph and ipl are modified, we must also specify them as outputs, or gcc will assume they contain their original values. */ : "=r" (sum), "=r" (iph), "=r" (ihl) : "1" (iph), "2" (ihl) : "cc"); return (sum); } /* Fold a partial checksum. */ static inline u_int csum_fold(u_int sum) { __asm__( " addl %1, %0 \n" " adcl $0xffff, %0 \n" : "=r" (sum) : "r" (sum << 16), "0" (sum & 0xffff0000) : "cc" ); return ((~sum) >> 16); } /* computes the checksum of the TCP/UDP pseudo-header returns a 16-bit checksum, already complemented */ static inline u_short csum_tcpudp_magic(u_int saddr, u_int daddr, u_short len, u_short proto, u_int sum) { __asm__( " addl %1, %0 \n" " adcl %2, %0 \n" " adcl %3, %0 \n" " adcl $0, %0 \n" : "=r" (sum) : "g" (daddr), "g"(saddr), "g"((ntohs(len) << 16) + proto * 256), "0"(sum) : "cc"); return (csum_fold(sum)); } /* this routine is used for miscellaneous IP-like checksums, mainly in icmp.c */ inline u_short ip_compute_csum(u_char * buff, int len) { return (csum_fold(csum_partial(buff, len, 0))); } inline u_short my_tcp_check(struct tcphdr *th, int len, u_int saddr, u_int daddr) { if (dontchksum(saddr)) return 0; return csum_tcpudp_magic(saddr, daddr, len, IPPROTO_TCP, csum_partial((u_char *)th, len, 0)); } inline u_short my_udp_check(void *u, int len, u_int saddr, u_int daddr) { if (dontchksum(saddr)) return 0; return csum_tcpudp_magic(saddr, daddr, len, IPPROTO_UDP, csum_partial((u_char *)u, len, 0)); } #else /* !i386 */ struct psuedo_hdr { u_int saddr; u_int daddr; u_char zero; u_char protocol; u_short len; }; u_short ip_check_ext(register u_short *addr, register int len, int addon) { register int nleft = len; register u_short *w = addr; register int sum = addon; u_short answer = 0; /* * Our algorithm is simple, using a 32 bit accumulator (sum), * we add sequential 16 bit words to it, and at the end, fold * back all the carry bits from the top 16 bits into the lower * 16 bits. */ while (nleft > 1) { sum += *w++; nleft -= 2; } /* mop up an odd byte, if necessary */ if (nleft == 1) { *(u_char *)(&answer) = *(u_char *)w; sum += answer; } /* add back carry outs from top 16 bits to low 16 bits */ sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ sum += (sum >> 16); /* add carry */ answer = ~sum; /* truncate to 16 bits */ return (answer); } u_short ip_fast_csum(u_short *addr, int len) { if (dontchksum(((struct ip*)addr)->ip_src.s_addr)) return 0; return ip_check_ext(addr, len << 2, 0); } u_short ip_compute_csum(u_short *addr, int len) { return ip_check_ext(addr, len, 0); } u_short my_tcp_check(struct tcphdr *th, int len, u_int saddr, u_int daddr) { unsigned int i; int sum = 0; struct psuedo_hdr hdr; if (dontchksum(saddr)) return 0; hdr.saddr = saddr; hdr.daddr = daddr; hdr.zero = 0; hdr.protocol = IPPROTO_TCP; hdr.len = htons(len); for (i = 0; i < sizeof(hdr); i += 2) sum += *(u_short *)((char *)(&hdr) + i); return (ip_check_ext((u_short *)th, len, sum)); } u_short my_udp_check(void *u, int len, u_int saddr, u_int daddr) { unsigned int i; int sum = 0; struct psuedo_hdr hdr; if (dontchksum(saddr)) return 0; hdr.saddr = saddr; hdr.daddr = daddr; hdr.zero = 0; hdr.protocol = IPPROTO_UDP; hdr.len = htons(len); for (i = 0; i < sizeof(hdr); i += 2) sum += *(u_short *)((char *)(&hdr) + i); return (ip_check_ext((u_short *)u, len, sum)); } #endif /* !i386 */ libnids-1.26/src/checksum.h000066400000000000000000000004261415573252600156440ustar00rootroot00000000000000 #ifndef _NIDS_CHECKSUM_H #define _NIDS_CHECKSUM_H u_short ip_fast_csum(u_char *, u_int); extern u_short ip_compute_csum(char *, int len); u_short my_tcp_check(struct tcphdr *, int, u_int, u_int); u_short my_udp_check(void *, int, u_int, u_int); #endif /* _NIDS_CHECKSUM_H */ libnids-1.26/src/config.h.in000066400000000000000000000045121415573252600157140ustar00rootroot00000000000000/* src/config.h.in. Generated from configure.in by autoheader. */ /* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `gthread-2.0' library (-lgthread-2.0). */ #undef HAVE_LIBGTHREAD_2_0 /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* if unaligned access fails */ #undef LBL_ALIGN /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define to 1 if you can safely include both and . */ #undef TIME_WITH_SYS_TIME /* Define to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel and VAX). */ #undef WORDS_BIGENDIAN /* Define to empty if `const' does not conform to ANSI C. */ #undef const /* Define to `__inline__' or `__inline' if that's what the C compiler calls it, or to nothing if 'inline' is not supported under any name. */ #ifndef __cplusplus #undef inline #endif libnids-1.26/src/hash.c000066400000000000000000000024121415573252600147550ustar00rootroot00000000000000#include #include #include #include #include #include static u_char xor[12]; static u_char perm[12]; static void getrnd () { struct timeval s; u_int *ptr; int fd = open ("/dev/urandom", O_RDONLY); if (fd > 0) { read (fd, xor, 12); read (fd, perm, 12); close (fd); return; } gettimeofday (&s, 0); srand (s.tv_usec); ptr = (u_int *) xor; *ptr = rand (); *(ptr + 1) = rand (); *(ptr + 2) = rand (); ptr = (u_int *) perm; *ptr = rand (); *(ptr + 1) = rand (); *(ptr + 2) = rand (); } void init_hash () { int i, n, j; int p[12]; getrnd (); for (i = 0; i < 12; i++) p[i] = i; for (i = 0; i < 12; i++) { n = perm[i] % (12 - i); perm[i] = p[n]; for (j = 0; j < 11 - n; j++) p[n + j] = p[n + j + 1]; } } u_int mkhash (u_int src, u_short sport, u_int dest, u_short dport) { u_int res = 0; int i; u_char data[12]; u_int *stupid_strict_aliasing_warnings=(u_int*)data; *stupid_strict_aliasing_warnings = src; *(u_int *) (data + 4) = dest; *(u_short *) (data + 8) = sport; *(u_short *) (data + 10) = dport; for (i = 0; i < 12; i++) res = ( (res << 8) + (data[perm[i]] ^ xor[i])) % 0xff100f; return res; } libnids-1.26/src/hash.h000066400000000000000000000001041415573252600147560ustar00rootroot00000000000000void init_hash(); u_int mkhash (u_int , u_short , u_int , u_short); libnids-1.26/src/ip_fragment.c000066400000000000000000000447321415573252600163400ustar00rootroot00000000000000/* This file is taken from Linux 2.0.36 kernel source. Modified in Jun 99 by Nergal. */ #include #include #include #include #include #include #include #include #include #include #include #include "checksum.h" #include "ip_fragment.h" #include "tcp.h" #include "util.h" #include "nids.h" #define IP_CE 0x8000 /* Flag: "Congestion" */ #define IP_DF 0x4000 /* Flag: "Don't Fragment" */ #define IP_MF 0x2000 /* Flag: "More Fragments" */ #define IP_OFFSET 0x1FFF /* "Fragment Offset" part */ #define IP_FRAG_TIME (30 * 1000) /* fragment lifetime */ #define UNUSED 314159 #define FREE_READ UNUSED #define FREE_WRITE UNUSED #define GFP_ATOMIC UNUSED #define NETDEBUG(x) struct sk_buff { char *data; int truesize; }; struct timer_list { struct timer_list *prev; struct timer_list *next; int expires; void (*function)(); unsigned long data; // struct ipq *frags; }; struct hostfrags { struct ipq *ipqueue; int ip_frag_mem; u_int ip; int hash_index; struct hostfrags *prev; struct hostfrags *next; }; /* Describe an IP fragment. */ struct ipfrag { int offset; /* offset of fragment in IP datagram */ int end; /* last byte of data in datagram */ int len; /* length of this fragment */ struct sk_buff *skb; /* complete received fragment */ unsigned char *ptr; /* pointer into real fragment data */ struct ipfrag *next; /* linked list pointers */ struct ipfrag *prev; }; /* Describe an entry in the "incomplete datagrams" queue. */ struct ipq { unsigned char *mac; /* pointer to MAC header */ struct ip *iph; /* pointer to IP header */ int len; /* total length of original datagram */ short ihlen; /* length of the IP header */ short maclen; /* length of the MAC header */ struct timer_list timer; /* when will this queue expire? */ struct ipfrag *fragments; /* linked list of received fragments */ struct hostfrags *hf; struct ipq *next; /* linked list pointers */ struct ipq *prev; // struct device *dev; /* Device - for icmp replies */ }; /* Fragment cache limits. We will commit 256K at one time. Should we cross that limit we will prune down to 192K. This should cope with even the most extreme cases without allowing an attacker to measurably harm machine performance. */ #define IPFRAG_HIGH_THRESH (256*1024) #define IPFRAG_LOW_THRESH (192*1024) /* This fragment handler is a bit of a heap. On the other hand it works quite happily and handles things quite well. */ static struct hostfrags **fragtable; static struct hostfrags *this_host; static int numpack = 0; static int hash_size; static int timenow; static unsigned int time0; static struct timer_list *timer_head = 0, *timer_tail = 0; #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) static int jiffies() { struct timeval tv; if (timenow) return timenow; gettimeofday(&tv, 0); timenow = (tv.tv_sec - time0) * 1000 + tv.tv_usec / 1000; return timenow; } /* Memory Tracking Functions */ static void atomic_sub(int ile, int *co) { *co -= ile; } static void atomic_add(int ile, int *co) { *co += ile; } static void kfree_skb(struct sk_buff * skb, int type) { (void)type; free(skb); } static void panic(char *str) { fprintf(stderr, "%s", str); exit(1); } static void add_timer(struct timer_list * x) { if (timer_tail) { timer_tail->next = x; x->prev = timer_tail; x->next = 0; timer_tail = x; } else { x->prev = 0; x->next = 0; timer_tail = timer_head = x; } } static void del_timer(struct timer_list * x) { if (x->prev) x->prev->next = x->next; else timer_head = x->next; if (x->next) x->next->prev = x->prev; else timer_tail = x->prev; } static void frag_kfree_skb(struct sk_buff * skb, int type) { if (this_host) atomic_sub(skb->truesize, &this_host->ip_frag_mem); kfree_skb(skb, type); } static void frag_kfree_s(void *ptr, int len) { if (this_host) atomic_sub(len, &this_host->ip_frag_mem); free(ptr); } static void * frag_kmalloc(int size, int dummy) { void *vp = (void *) malloc(size); (void)dummy; if (!vp) return NULL; atomic_add(size, &this_host->ip_frag_mem); return vp; } /* Create a new fragment entry. */ static struct ipfrag * ip_frag_create(int offset, int end, struct sk_buff * skb, unsigned char *ptr) { struct ipfrag *fp; fp = (struct ipfrag *) frag_kmalloc(sizeof(struct ipfrag), GFP_ATOMIC); if (fp == NULL) { // NETDEBUG(printk("IP: frag_create: no memory left !\n")); nids_params.no_mem("ip_frag_create"); return (NULL); } memset(fp, 0, sizeof(struct ipfrag)); /* Fill in the structure. */ fp->offset = offset; fp->end = end; fp->len = end - offset; fp->skb = skb; fp->ptr = ptr; /* Charge for the SKB as well. */ this_host->ip_frag_mem += skb->truesize; return (fp); } static int frag_index(struct ip * iph) { unsigned int ip = ntohl(iph->ip_dst.s_addr); return (ip % hash_size); } static int hostfrag_find(struct ip * iph) { int hash_index = frag_index(iph); struct hostfrags *hf; this_host = 0; for (hf = fragtable[hash_index]; hf; hf = hf->next) if (hf->ip == iph->ip_dst.s_addr) { this_host = hf; break; } if (!this_host) return 0; else return 1; } static void hostfrag_create(struct ip * iph) { struct hostfrags *hf = mknew(struct hostfrags); int hash_index = frag_index(iph); hf->prev = 0; hf->next = fragtable[hash_index]; if (hf->next) hf->next->prev = hf; fragtable[hash_index] = hf; hf->ip = iph->ip_dst.s_addr; hf->ipqueue = 0; hf->ip_frag_mem = 0; hf->hash_index = hash_index; this_host = hf; } static void rmthis_host() { int hash_index = this_host->hash_index; if (this_host->prev) { this_host->prev->next = this_host->next; if (this_host->next) this_host->next->prev = this_host->prev; } else { fragtable[hash_index] = this_host->next; if (this_host->next) this_host->next->prev = 0; } free(this_host); this_host = 0; } /* Find the correct entry in the "incomplete datagrams" queue for this IP datagram, and return the queue entry address if found. */ static struct ipq * ip_find(struct ip * iph) { struct ipq *qp; struct ipq *qplast; qplast = NULL; for (qp = this_host->ipqueue; qp != NULL; qplast = qp, qp = qp->next) { if (iph->ip_id == qp->iph->ip_id && iph->ip_src.s_addr == qp->iph->ip_src.s_addr && iph->ip_dst.s_addr == qp->iph->ip_dst.s_addr && iph->ip_p == qp->iph->ip_p) { del_timer(&qp->timer); /* So it doesn't vanish on us. The timer will be reset anyway */ return (qp); } } return (NULL); } /* Remove an entry from the "incomplete datagrams" queue, either because we completed, reassembled and processed it, or because it timed out. */ static void ip_free(struct ipq * qp) { struct ipfrag *fp; struct ipfrag *xp; /* Stop the timer for this entry. */ del_timer(&qp->timer); /* Remove this entry from the "incomplete datagrams" queue. */ if (qp->prev == NULL) { this_host->ipqueue = qp->next; if (this_host->ipqueue != NULL) this_host->ipqueue->prev = NULL; else rmthis_host(); } else { qp->prev->next = qp->next; if (qp->next != NULL) qp->next->prev = qp->prev; } /* Release all fragment data. */ fp = qp->fragments; while (fp != NULL) { xp = fp->next; frag_kfree_skb(fp->skb, FREE_READ); frag_kfree_s(fp, sizeof(struct ipfrag)); fp = xp; } /* Release the IP header. */ frag_kfree_s(qp->iph, 64 + 8); /* Finally, release the queue descriptor itself. */ frag_kfree_s(qp, sizeof(struct ipq)); } /* Oops- a fragment queue timed out. Kill it and send an ICMP reply. */ static void ip_expire(unsigned long arg) { struct ipq *qp; qp = (struct ipq *) arg; /* Nuke the fragment queue. */ ip_free(qp); } /* Memory limiting on fragments. Evictor trashes the oldest fragment queue until we are back under the low threshold. */ static void ip_evictor(void) { // fprintf(stderr, "ip_evict:numpack=%i\n", numpack); while (this_host && this_host->ip_frag_mem > IPFRAG_LOW_THRESH) { if (!this_host->ipqueue) panic("ip_evictor: memcount"); ip_free(this_host->ipqueue); } } /* Add an entry to the 'ipq' queue for a newly received IP datagram. We will (hopefully :-) receive all other fragments of this datagram in time, so we just create a queue for this datagram, in which we will insert the received fragments at their respective positions. */ static struct ipq * ip_create(struct ip * iph) { struct ipq *qp; int ihlen; qp = (struct ipq *) frag_kmalloc(sizeof(struct ipq), GFP_ATOMIC); if (qp == NULL) { // NETDEBUG(printk("IP: create: no memory left !\n")); nids_params.no_mem("ip_create"); return (NULL); } memset(qp, 0, sizeof(struct ipq)); /* Allocate memory for the IP header (plus 8 octets for ICMP). */ ihlen = iph->ip_hl * 4; qp->iph = (struct ip *) frag_kmalloc(64 + 8, GFP_ATOMIC); if (qp->iph == NULL) { //NETDEBUG(printk("IP: create: no memory left !\n")); nids_params.no_mem("ip_create"); frag_kfree_s(qp, sizeof(struct ipq)); return (NULL); } memcpy(qp->iph, iph, ihlen + 8); qp->len = 0; qp->ihlen = ihlen; qp->fragments = NULL; qp->hf = this_host; /* Start a timer for this entry. */ qp->timer.expires = jiffies() + IP_FRAG_TIME; /* about 30 seconds */ qp->timer.data = (unsigned long) qp; /* pointer to queue */ qp->timer.function = ip_expire; /* expire function */ add_timer(&qp->timer); /* Add this entry to the queue. */ qp->prev = NULL; qp->next = this_host->ipqueue; if (qp->next != NULL) qp->next->prev = qp; this_host->ipqueue = qp; return (qp); } /* See if a fragment queue is complete. */ static int ip_done(struct ipq * qp) { struct ipfrag *fp; int offset; /* Only possible if we received the final fragment. */ if (qp->len == 0) return (0); /* Check all fragment offsets to see if they connect. */ fp = qp->fragments; offset = 0; while (fp != NULL) { if (fp->offset > offset) return (0); /* fragment(s) missing */ offset = fp->end; fp = fp->next; } /* All fragments are present. */ return (1); } /* Build a new IP datagram from all its fragments. FIXME: We copy here because we lack an effective way of handling lists of bits on input. Until the new skb data handling is in I'm not going to touch this with a bargepole. */ static char * ip_glue(struct ipq * qp) { char *skb; struct ip *iph; struct ipfrag *fp; unsigned char *ptr; int count, len; /* Allocate a new buffer for the datagram. */ len = qp->ihlen + qp->len; if (len > 65535) { // NETDEBUG(printk("Oversized IP packet from %s.\n", int_ntoa(qp->iph->ip_src.s_addr))); nids_params.syslog(NIDS_WARN_IP, NIDS_WARN_IP_OVERSIZED, qp->iph, 0); ip_free(qp); return NULL; } if ((skb = (char *) malloc(len)) == NULL) { // NETDEBUG(printk("IP: queue_glue: no memory for gluing queue %p\n", qp)); nids_params.no_mem("ip_glue"); ip_free(qp); return (NULL); } /* Fill in the basic details. */ ptr = (unsigned char *)skb; memcpy(ptr, ((unsigned char *) qp->iph), qp->ihlen); ptr += qp->ihlen; count = 0; /* Copy the data portions of all fragments into the new buffer. */ fp = qp->fragments; while (fp != NULL) { if (fp->len < 0 || fp->offset + qp->ihlen + fp->len > len) { //NETDEBUG(printk("Invalid fragment list: Fragment over size.\n")); nids_params.syslog(NIDS_WARN_IP, NIDS_WARN_IP_INVLIST, qp->iph, 0); ip_free(qp); //kfree_skb(skb, FREE_WRITE); //ip_statistics.IpReasmFails++; free(skb); return NULL; } memcpy((ptr + fp->offset), fp->ptr, fp->len); count += fp->len; fp = fp->next; } /* We glued together all fragments, so remove the queue entry. */ ip_free(qp); /* Done with all fragments. Fixup the new IP header. */ iph = (struct ip *) skb; iph->ip_off = 0; iph->ip_len = htons((iph->ip_hl * 4) + count); // skb->ip_hdr = iph; return (skb); } /* Process an incoming IP datagram fragment. */ static char * ip_defrag(struct ip *iph, struct sk_buff *skb) { struct ipfrag *prev, *next, *tmp; struct ipfrag *tfp; struct ipq *qp; char *skb2; unsigned char *ptr; int flags, offset; int i, ihl, end; if (!hostfrag_find(iph) && skb) hostfrag_create(iph); /* Start by cleaning up the memory. */ if (this_host) if (this_host->ip_frag_mem > IPFRAG_HIGH_THRESH) ip_evictor(); /* Find the entry of this IP datagram in the "incomplete datagrams" queue. */ if (this_host) qp = ip_find(iph); else qp = 0; /* Is this a non-fragmented datagram? */ offset = ntohs(iph->ip_off); flags = offset & ~IP_OFFSET; offset &= IP_OFFSET; if (((flags & IP_MF) == 0) && (offset == 0)) { if (qp != NULL) ip_free(qp); /* Fragmented frame replaced by full unfragmented copy */ return 0; } /* ip_evictor() could have removed all queues for the current host */ if (!this_host) hostfrag_create(iph); offset <<= 3; /* offset is in 8-byte chunks */ ihl = iph->ip_hl * 4; /* If the queue already existed, keep restarting its timer as long as we still are receiving fragments. Otherwise, create a fresh queue entry. */ if (qp != NULL) { /* ANK. If the first fragment is received, we should remember the correct IP header (with options) */ if (offset == 0) { qp->ihlen = ihl; memcpy(qp->iph, iph, ihl + 8); } del_timer(&qp->timer); qp->timer.expires = jiffies() + IP_FRAG_TIME; /* about 30 seconds */ qp->timer.data = (unsigned long) qp; /* pointer to queue */ qp->timer.function = ip_expire; /* expire function */ add_timer(&qp->timer); } else { /* If we failed to create it, then discard the frame. */ if ((qp = ip_create(iph)) == NULL) { kfree_skb(skb, FREE_READ); return NULL; } } /* Attempt to construct an oversize packet. */ if (ntohs(iph->ip_len) + (int) offset > 65535) { // NETDEBUG(printk("Oversized packet received from %s\n", int_ntoa(iph->ip_src.s_addr))); nids_params.syslog(NIDS_WARN_IP, NIDS_WARN_IP_OVERSIZED, iph, 0); kfree_skb(skb, FREE_READ); return NULL; } /* Determine the position of this fragment. */ end = offset + ntohs(iph->ip_len) - ihl; /* Point into the IP datagram 'data' part. */ ptr = (unsigned char *)(skb->data + ihl); /* Is this the final fragment? */ if ((flags & IP_MF) == 0) qp->len = end; /* Find out which fragments are in front and at the back of us in the chain of fragments so far. We must know where to put this fragment, right? */ prev = NULL; for (next = qp->fragments; next != NULL; next = next->next) { if (next->offset >= offset) break; /* bingo! */ prev = next; } /* We found where to put this one. Check for overlap with preceding fragment, and, if needed, align things so that any overlaps are eliminated. */ if (prev != NULL && offset < prev->end) { nids_params.syslog(NIDS_WARN_IP, NIDS_WARN_IP_OVERLAP, iph, 0); i = prev->end - offset; offset += i; /* ptr into datagram */ ptr += i; /* ptr into fragment data */ } /* Look for overlap with succeeding segments. If we can merge fragments, do it. */ for (tmp = next; tmp != NULL; tmp = tfp) { tfp = tmp->next; if (tmp->offset >= end) break; /* no overlaps at all */ nids_params.syslog(NIDS_WARN_IP, NIDS_WARN_IP_OVERLAP, iph, 0); i = end - next->offset; /* overlap is 'i' bytes */ tmp->len -= i; /* so reduce size of */ tmp->offset += i; /* next fragment */ tmp->ptr += i; /* If we get a frag size of <= 0, remove it and the packet that it goes with. We never throw the new frag away, so the frag being dumped has always been charged for. */ if (tmp->len <= 0) { if (tmp->prev != NULL) tmp->prev->next = tmp->next; else qp->fragments = tmp->next; if (tmp->next != NULL) tmp->next->prev = tmp->prev; next = tfp; /* We have killed the original next frame */ frag_kfree_skb(tmp->skb, FREE_READ); frag_kfree_s(tmp, sizeof(struct ipfrag)); } } /* Insert this fragment in the chain of fragments. */ tfp = NULL; tfp = ip_frag_create(offset, end, skb, ptr); /* No memory to save the fragment - so throw the lot. If we failed the frag_create we haven't charged the queue. */ if (!tfp) { nids_params.no_mem("ip_defrag"); kfree_skb(skb, FREE_READ); return NULL; } /* From now on our buffer is charged to the queues. */ tfp->prev = prev; tfp->next = next; if (prev != NULL) prev->next = tfp; else qp->fragments = tfp; if (next != NULL) next->prev = tfp; /* OK, so we inserted this new fragment into the chain. Check if we now have a full IP datagram which we can bump up to the IP layer... */ if (ip_done(qp)) { skb2 = ip_glue(qp); /* glue together the fragments */ return (skb2); } return (NULL); } int ip_defrag_stub(struct ip *iph, struct ip **defrag) { int offset, flags, tot_len; struct sk_buff *skb; numpack++; timenow = 0; while (timer_head && timer_head->expires < jiffies()) { this_host = ((struct ipq *) (timer_head->data))->hf; timer_head->function(timer_head->data); } offset = ntohs(iph->ip_off); flags = offset & ~IP_OFFSET; offset &= IP_OFFSET; if (((flags & IP_MF) == 0) && (offset == 0)) { ip_defrag(iph, 0); return IPF_NOTF; } tot_len = ntohs(iph->ip_len); skb = (struct sk_buff *) malloc(tot_len + sizeof(struct sk_buff)); if (!skb) nids_params.no_mem("ip_defrag_stub"); skb->data = (char *) (skb + 1); memcpy(skb->data, iph, tot_len); skb->truesize = tot_len + 16 + nids_params.dev_addon; skb->truesize = (skb->truesize + 15) & ~15; skb->truesize += nids_params.sk_buff_size; if ((*defrag = (struct ip *)ip_defrag((struct ip *) (skb->data), skb))) return IPF_NEW; return IPF_ISF; } void ip_frag_init(int n) { struct timeval tv; gettimeofday(&tv, 0); time0 = tv.tv_sec; fragtable = (struct hostfrags **) calloc(n, sizeof(struct hostfrags *)); if (!fragtable) nids_params.no_mem("ip_frag_init"); hash_size = n; } void ip_frag_exit(void) { if (fragtable) { free(fragtable); fragtable = NULL; } /* FIXME: do we need to free anything else? */ } libnids-1.26/src/ip_fragment.h000066400000000000000000000005661415573252600163420ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #ifndef _NIDS_IP_FRAGMENT_H #define _NIDS_IP_FRAGMENT_H #define IPF_NOTF 1 #define IPF_NEW 2 #define IPF_ISF 3 void ip_frag_init(int); void ip_frag_exit(void); int ip_defrag_stub(struct ip *, struct ip **); #endif /* _NIDS_IP_FRAGMENT_H */ libnids-1.26/src/ip_options.c000066400000000000000000000140461415573252600162230ustar00rootroot00000000000000/* This file is taken from Linux 2.0.36 kernel source. Modified in Jun 99 by Nergal. */ #include #include #define __u8 unsigned char #define __u16 unsigned short #define __u32 unsigned int #define IPOPT_END 0 #define IPOPT_NOOP 1 #define IPOPT_SEC 130 #define IPOPT_LSRR 131 #define IPOPT_SSRR 137 #define IPOPT_RR 7 #define IPOPT_SID 136 #define IPOPT_TIMESTAMP 68 #define MAXTTL 255 struct timestamp { __u8 len; __u8 ptr; #ifdef WORDS_BIGENDIAN __u8 overflow:4, flags:4; #else __u8 flags:4, overflow:4; #endif __u32 data[9]; }; #define MAX_ROUTE 16 struct route { char route_size; char pointer; unsigned long route[MAX_ROUTE]; }; #define IPOPT_OPTVAL 0 #define IPOPT_OLEN 1 #define IPOPT_OFFSET 2 #define IPOPT_MINOFF 4 #define MAX_IPOPTLEN 40 #define IPOPT_NOP IPOPT_NOOP #define IPOPT_EOL IPOPT_END #define IPOPT_TS IPOPT_TIMESTAMP #define IPOPT_TS_TSONLY 0 /* timestamps only */ #define IPOPT_TS_TSANDADDR 1 /* timestamps and addresses */ #define IPOPT_TS_PRESPEC 3 /* specified modules only */ struct options { __u32 faddr; /* Saved first hop address */ unsigned char optlen; unsigned char srr; unsigned char rr; unsigned char ts; unsigned char is_setbyuser:1, /* Set by setsockopt? */ is_data:1, /* Options in __data, rather than skb */ is_strictroute:1, /* Strict source route */ srr_is_hit:1, /* Packet destination addr was our one */ is_changed:1, /* IP checksum more not valid */ rr_needaddr:1, /* Need to record addr of outgoing dev */ ts_needtime:1, /* Need to record timestamp */ ts_needaddr:1; /* Need to record addr of outgoing dev */ unsigned char __pad1; unsigned char __pad2; unsigned char __pad3; unsigned char __data[]; }; struct iphdr { #ifdef WORDS_BIGENDIAN __u8 version:4, ihl:4; #else __u8 ihl:4, version:4; #endif __u8 tos; __u16 tot_len; __u16 id; __u16 frag_off; __u8 ttl; __u8 protocol; __u16 check; __u32 saddr; __u32 daddr; /* The options start here. */ }; #define ip_chk_addr(x) 0 int ip_options_compile(unsigned char *iph) { int l; unsigned char *optptr; int optlen; unsigned char *pp_ptr = 0; char optholder[16]; struct options *opt; int skb = 1; int skb_pa_addr = 314159; opt = (struct options *) optholder; memset(opt, 0, sizeof(struct options)); opt->optlen = ((struct iphdr *) iph)->ihl * 4 - sizeof(struct iphdr); optptr = iph + sizeof(struct iphdr); opt->is_data = 0; for (l = opt->optlen; l > 0;) { switch (*optptr) { case IPOPT_END: for (optptr++, l--; l > 0; l--) { if (*optptr != IPOPT_END) { *optptr = IPOPT_END; opt->is_changed = 1; } } goto eol; case IPOPT_NOOP: l--; optptr++; continue; } optlen = optptr[1]; if (optlen < 2 || optlen > l) { pp_ptr = optptr; goto error; } switch (*optptr) { case IPOPT_SSRR: case IPOPT_LSRR: if (optlen < 3) { pp_ptr = optptr + 1; goto error; } if (optptr[2] < 4) { pp_ptr = optptr + 2; goto error; } /* NB: cf RFC-1812 5.2.4.1 */ if (opt->srr) { pp_ptr = optptr; goto error; } if (!skb) { if (optptr[2] != 4 || optlen < 7 || ((optlen - 3) & 3)) { pp_ptr = optptr + 1; goto error; } memcpy(&opt->faddr, &optptr[3], 4); if (optlen > 7) memmove(&optptr[3], &optptr[7], optlen - 7); } opt->is_strictroute = (optptr[0] == IPOPT_SSRR); opt->srr = optptr - iph; break; case IPOPT_RR: if (opt->rr) { pp_ptr = optptr; goto error; } if (optlen < 3) { pp_ptr = optptr + 1; goto error; } if (optptr[2] < 4) { pp_ptr = optptr + 2; goto error; } if (optptr[2] <= optlen) { if (optptr[2] + 3 > optlen) { pp_ptr = optptr + 2; goto error; } if (skb) { memcpy(&optptr[optptr[2] - 1], &skb_pa_addr, 4); opt->is_changed = 1; } optptr[2] += 4; opt->rr_needaddr = 1; } opt->rr = optptr - iph; break; case IPOPT_TIMESTAMP: if (opt->ts) { pp_ptr = optptr; goto error; } if (optlen < 4) { pp_ptr = optptr + 1; goto error; } if (optptr[2] < 5) { pp_ptr = optptr + 2; goto error; } if (optptr[2] <= optlen) { struct timestamp *ts = (struct timestamp *) (optptr + 1); __u32 *timeptr = 0; if (ts->ptr + 3 > ts->len) { pp_ptr = optptr + 2; goto error; } switch (ts->flags) { case IPOPT_TS_TSONLY: opt->ts = optptr - iph; if (skb) timeptr = (__u32 *) & optptr[ts->ptr - 1]; opt->ts_needtime = 1; ts->ptr += 4; break; case IPOPT_TS_TSANDADDR: if (ts->ptr + 7 > ts->len) { pp_ptr = optptr + 2; goto error; } opt->ts = optptr - iph; if (skb) { memcpy(&optptr[ts->ptr - 1], &skb_pa_addr, 4); timeptr = (__u32 *) & optptr[ts->ptr + 3]; } opt->ts_needaddr = 1; opt->ts_needtime = 1; ts->ptr += 8; break; case IPOPT_TS_PRESPEC: if (ts->ptr + 7 > ts->len) { pp_ptr = optptr + 2; goto error; } opt->ts = optptr - iph; { __u32 addr; memcpy(&addr, &optptr[ts->ptr - 1], 4); if (ip_chk_addr(addr) == 0) break; if (skb) timeptr = (__u32 *) & optptr[ts->ptr + 3]; } opt->ts_needaddr = 1; opt->ts_needtime = 1; ts->ptr += 8; break; default: pp_ptr = optptr + 3; goto error; } if (timeptr) { //struct timeval tv; __u32 midtime = 1; //do_gettimeofday(&tv); //midtime = htonl((tv.tv_sec % 86400) * 1000 + tv.tv_usec / 1000); memcpy(timeptr, &midtime, sizeof(__u32)); opt->is_changed = 1; } } else { struct timestamp *ts = (struct timestamp *) (optptr + 1); if (ts->overflow == 15) { pp_ptr = optptr + 3; goto error; } opt->ts = optptr - iph; if (skb) { ts->overflow++; opt->is_changed = 1; } } break; case IPOPT_SEC: case IPOPT_SID: default: if (!skb) { pp_ptr = optptr; goto error; } break; } l -= optlen; optptr += optlen; } eol: opt = (struct options *) optholder; if (!pp_ptr) if (!opt->srr) return 0; error: return -1; } libnids-1.26/src/killtcp.c000066400000000000000000000064561415573252600155100ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include "tcp.h" #include "util.h" #include "nids.h" #if LIBNET_VER == 0 #include static int libnetsock = 0; void nids_killtcp_seq(struct tcp_stream *a_tcp, int seqoff) { char buf[IP_H + TCP_H]; if (libnetsock == 0) return; libnet_build_ip(TCP_H, 0, 12345, 0, 64, IPPROTO_TCP, a_tcp->addr.saddr, a_tcp->addr.daddr, 0, 0, buf); libnet_build_tcp(a_tcp->addr.source, a_tcp->addr.dest, a_tcp->client.first_data_seq + a_tcp->server.count + a_tcp->server.urg_count + (seqoff?(a_tcp->server.window/2):0), 0, 0x4, 32000, 0, 0, 0, buf + IP_H); libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); libnet_write_ip(libnetsock, buf, TCP_H + IP_H); libnet_build_ip(TCP_H, 0, 12345, 0, 64, IPPROTO_TCP, a_tcp->addr.daddr, a_tcp->addr.saddr, 0, 0, buf); libnet_build_tcp(a_tcp->addr.dest, a_tcp->addr.source, a_tcp->server.first_data_seq + a_tcp->client.count + a_tcp->client.urg_count + (seqoff?(a_tcp->client.window/2):0), 0, 0x4, 32000, 0, 0, 0, buf + IP_H); libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); libnet_write_ip(libnetsock, buf, TCP_H + IP_H); } void nids_killtcp(struct tcp_stream *a_tcp) { nids_killtcp_seq(a_tcp, 0); nids_killtcp_seq(a_tcp, 1); } int raw_init() { libnetsock = libnet_open_raw_sock(IPPROTO_RAW); if (libnetsock <= 0) return 0; else return 1; } #elif LIBNET_VER == 1 #include static libnet_ptag_t tcp_tag = LIBNET_PTAG_INITIALIZER, ip_tag = LIBNET_PTAG_INITIALIZER; static libnet_t *l = 0; int raw_init() { char errbuf[1024]; l = libnet_init(LIBNET_RAW4, /* injection type */ NULL, /* network interface */ errbuf); /* error buffer */ if (!l) { printf("%s\n", errbuf); return 0; } else return 1; } void nids_killtcp_seq(struct tcp_stream *a_tcp, int seqoff) { if (!l) return; tcp_tag = libnet_build_tcp(a_tcp->addr.source, a_tcp->addr.dest, a_tcp->client.first_data_seq + a_tcp->server.count + a_tcp->server.urg_count + (seqoff?(a_tcp->server.window/2):0), 0, 0x4, 32000, 0, 0, LIBNET_TCP_H, NULL, 0, l, tcp_tag); ip_tag = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H, 0, 12345, 0, 64, IPPROTO_TCP, 0, a_tcp->addr.saddr, a_tcp->addr.daddr, 0, 0, l, ip_tag); libnet_write(l); tcp_tag = libnet_build_tcp(a_tcp->addr.dest, a_tcp->addr.source, a_tcp->server.first_data_seq + a_tcp->client.count + a_tcp->client.urg_count + (seqoff?(a_tcp->client.window/2):0), 0, 0x4, 32000, 0, 0, LIBNET_TCP_H, NULL, 0, l, tcp_tag); ip_tag = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H, 0, 12345, 0, 64, IPPROTO_TCP, 0, a_tcp->addr.daddr, a_tcp->addr.saddr, 0, 0, l, ip_tag); libnet_write(l); } void nids_killtcp(struct tcp_stream *a_tcp) { nids_killtcp_seq(a_tcp, 0); nids_killtcp_seq(a_tcp, 1); } #elif LIBNET_VER == -1 static int initialized = 0; int raw_init() { initialized = 1; return 1; } void nids_killtcp(struct tcp_stream *a_tcp) { (void)a_tcp; if (initialized) abort(); } #else #error Something wrong with LIBNET_VER #endif libnids-1.26/src/libnids-track-established.patch000066400000000000000000000302561415573252600217310ustar00rootroot00000000000000diff --git a/configure.in b/configure.in index 86f32b8..910b1ec 100644 --- a/configure.in +++ b/configure.in @@ -98,6 +98,13 @@ AC_ARG_WITH(libpcap, AC_SUBST(PCAP_CFLAGS) AC_SUBST(PCAPLIB) +AC_ARG_ENABLE(tcpreasm, +[ --enable-tcpreasm enable tcp reassembly support], +, +[ enable_tcpreasm="no"] +) +test "${enable_tcpreasm}" = "yes" && CFLAGS="${CFLAGS} -DENABLE_TCPREASM" + dnl Checks for libglib2.8 AC_ARG_ENABLE(libglib, [ --disable-libglib use glib2 for multiprocessing support], diff --git a/src/libnids.c b/src/libnids.c index 42b5f96..4d0273e 100644 --- a/src/libnids.c +++ b/src/libnids.c @@ -47,6 +47,9 @@ static struct proc_node *ip_procs; static struct proc_node *udp_procs; struct proc_node *tcp_procs; +#ifdef ENABLE_TCPREASM +struct proc_node *tcp_resume_procs; +#endif static int linktype; static pcap_t *desc = NULL; @@ -109,6 +112,10 @@ struct nids_prm nids_params = { 20000, /* queue_limit */ 0, /* tcp_workarounds */ NULL /* pcap_desc */ +#ifdef ENABLE_TCPREASM + , + 1 /* tcp_resume_wscale */ +#endif }; static int nids_ip_filter(struct ip *x, int len) @@ -470,6 +477,9 @@ static void init_procs() ip_procs->item = gen_ip_proc; ip_procs->next = 0; tcp_procs = 0; +#ifdef ENABLE_TCPREASM + tcp_resume_procs = 0; +#endif udp_procs = 0; } diff --git a/src/nids.h b/src/nids.h index c44f131..b703c9d 100644 --- a/src/nids.h +++ b/src/nids.h @@ -48,10 +48,19 @@ enum # define NIDS_RESET 4 # define NIDS_TIMED_OUT 5 # define NIDS_EXITING 6 /* nids is exiting; last chance to get data */ +#ifdef ENABLE_TCPREASM +# define NIDS_RESUME 7 +#endif # define NIDS_DO_CHKSUM 0 # define NIDS_DONT_CHKSUM 1 +#ifdef ENABLE_TCPREASM +# define NIDS_TCP_RESUME_NONE 0 +# define NIDS_TCP_RESUME_CLIENT 1 +# define NIDS_TCP_RESUME_SERVER 2 +#endif + struct tuple4 { u_short source; @@ -63,6 +72,10 @@ struct tuple4 struct half_stream { char state; +#ifdef ENABLE_TCPREASM + char resume_second_half; +#endif + char collect; char collect_urg; @@ -131,6 +144,9 @@ struct nids_prm int queue_limit; int tcp_workarounds; pcap_t *pcap_desc; +#ifdef ENABLE_TCPREASM + int tcp_resume_wscale; +#endif }; struct tcp_timeout @@ -148,6 +164,10 @@ void nids_register_ip (void (*)); void nids_unregister_ip (void (*)); void nids_register_tcp (void (*)); void nids_unregister_tcp (void (*x)); +#ifdef ENABLE_TCPREASM +void nids_register_tcp_resume (void (*)); +void nids_unregister_tcp_resume (void (*x)); +#endif void nids_register_udp (void (*)); void nids_unregister_udp (void (*)); void nids_killtcp (struct tcp_stream *); diff --git a/src/tcp.c b/src/tcp.c index f0ee031..08360b6 100644 --- a/src/tcp.c +++ b/src/tcp.c @@ -48,6 +48,9 @@ enum { #define EXP_SEQ (snd->first_data_seq + rcv->count + rcv->urg_count) extern struct proc_node *tcp_procs; +#ifdef ENABLE_TCPREASM +extern struct proc_node *tcp_resume_procs; +#endif static struct tcp_stream **tcp_stream_table; static struct tcp_stream *streams_pool; @@ -248,7 +251,103 @@ static int get_wscale(struct tcphdr * this_tcphdr, unsigned int * ws) return ret; } - +#ifdef ENABLE_TCPREASM +static struct tcp_stream * +initiate_tcp_resume(struct tcphdr * this_tcphdr, struct ip * this_iphdr, int direction) +{ + struct tcp_stream *tolink; + struct tcp_stream *a_tcp; + int hash_index; + struct tuple4 addr; + struct half_stream *half; + struct half_stream *other_half; + + switch (direction) + { + case NIDS_TCP_RESUME_CLIENT: + addr.source = ntohs(this_tcphdr->th_sport); + addr.dest = ntohs(this_tcphdr->th_dport); + addr.saddr = this_iphdr->ip_src.s_addr; + addr.daddr = this_iphdr->ip_dst.s_addr; + break; + case NIDS_TCP_RESUME_SERVER: + addr.source = ntohs(this_tcphdr->th_dport); + addr.dest = ntohs(this_tcphdr->th_sport); + addr.saddr = this_iphdr->ip_dst.s_addr; + addr.daddr = this_iphdr->ip_src.s_addr; + break; + default: + return NULL; + } + hash_index = mk_hash_index(addr); + + if (tcp_num > max_stream) { + struct lurker_node *i; + + tcp_oldest->nids_state = NIDS_TIMED_OUT; + for (i = tcp_oldest->listeners; i; i = i->next) + (i->item) (tcp_oldest, &i->data); + nids_free_tcp_stream(tcp_oldest); + nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_TOOMUCH, ugly_iphdr, this_tcphdr); + } + a_tcp = free_streams; + if (!a_tcp) { + fprintf(stderr, "gdb me ...\n"); + pause(); + } + free_streams = a_tcp->next_free; + + tcp_num++; + tolink = tcp_stream_table[hash_index]; + memset(a_tcp, 0, sizeof(struct tcp_stream)); + a_tcp->hash_index = hash_index; + a_tcp->addr = addr; + if (direction == NIDS_TCP_RESUME_CLIENT) + { + half = &a_tcp->client; + other_half = &a_tcp->server; + } + else + { + half = &a_tcp->server; + other_half = &a_tcp->client; + } + half->state = TCP_ESTABLISHED; + half->seq = ntohl(this_tcphdr->th_seq) + 1; + half->first_data_seq = half->seq - 1; + half->window = ntohs(this_tcphdr->th_win); + half->ts_on = 0; + half->wscale = nids_params.tcp_resume_wscale; + if (this_tcphdr->th_flags & TH_ACK) + half->ack_seq = ntohl(this_tcphdr->th_ack); + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("new connection: seq = %u, ack_seq = %u\n", + half->seq, half->ack_seq); +#endif + + other_half->ack_seq = half->seq; + other_half->state = TCP_ESTABLISHED; + other_half->resume_second_half = 1; + other_half->ts_on = 0; + other_half->window = half->window; + other_half->wscale = nids_params.tcp_resume_wscale; + a_tcp->next_node = tolink; + a_tcp->prev_node = 0; + if (tolink) + tolink->prev_node = a_tcp; + tcp_stream_table[hash_index] = a_tcp; + a_tcp->next_time = tcp_latest; + a_tcp->prev_time = 0; + if (!tcp_oldest) + tcp_oldest = a_tcp; + if (tcp_latest) + tcp_latest->prev_time = a_tcp; + tcp_latest = a_tcp; + + return a_tcp; +} +#endif static void @@ -712,6 +811,9 @@ process_tcp(u_char * data, int skblen) unsigned int tmp_ts; struct tcp_stream *a_tcp; struct half_stream *snd, *rcv; +#ifdef ENABLE_TCPREASM + int resumed_tcp = 0; +#endif ugly_iphdr = this_iphdr; iplen = ntohs(this_iphdr->ip_len); @@ -743,6 +845,22 @@ process_tcp(u_char * data, int skblen) this_tcphdr); return; } + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("process_tcp starting: packet is %u.%u.%u.%u:%u->%u.%u.%u.%u:%u\n", + (ntohl(this_iphdr->ip_src.s_addr) >> 24) & 0xff, + (ntohl(this_iphdr->ip_src.s_addr) >> 16) & 0xff, + (ntohl(this_iphdr->ip_src.s_addr) >> 8) & 0xff, + (ntohl(this_iphdr->ip_src.s_addr)) & 0xff, + ntohs(this_tcphdr->th_sport), + (ntohl(this_iphdr->ip_dst.s_addr) >> 24) & 0xff, + (ntohl(this_iphdr->ip_dst.s_addr) >> 16) & 0xff, + (ntohl(this_iphdr->ip_dst.s_addr) >> 8) & 0xff, + (ntohl(this_iphdr->ip_dst.s_addr)) & 0xff, + ntohs(this_tcphdr->th_dport) + ); +#endif + #if 0 check_flags(this_iphdr, this_tcphdr); //ECN @@ -750,10 +868,64 @@ process_tcp(u_char * data, int skblen) if (!(a_tcp = find_stream(this_tcphdr, this_iphdr, &from_client))) { if ((this_tcphdr->th_flags & TH_SYN) && !(this_tcphdr->th_flags & TH_ACK) && - !(this_tcphdr->th_flags & TH_RST)) + !(this_tcphdr->th_flags & TH_RST)) { add_new_tcp(this_tcphdr, this_iphdr); + return; + } + +#ifdef ENABLE_TCPREASM +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("packet is not in stream context: SYN %u, RST %u, ACK %u\n", + this_tcphdr->th_flags & TH_SYN, + this_tcphdr->th_flags & TH_RST, + this_tcphdr->th_flags & TH_ACK + ); +#endif + + /* does this look like a stream we should try to resume? + * the conditions for it are: + * - No SYN (that's the whole point) + * - No RST or FIN (no point in doing that) + * - we have a resume callback to identify direction + */ + if ((this_tcphdr->th_flags & TH_SYN) != 0 || + (this_tcphdr->th_flags & TH_RST) != 0 || + (this_tcphdr->th_flags & TH_FIN) != 0) { + return; + } + else { + struct proc_node *i; + for (i = tcp_resume_procs; i; i = i->next) { + int resume; + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("trying to resume stream\n"); +#endif + + i->item(this_tcphdr, this_iphdr, &resume); + from_client = (resume == NIDS_TCP_RESUME_CLIENT); + a_tcp = initiate_tcp_resume(this_tcphdr, this_iphdr, resume); + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("a_tcp = %p, from_client = %u, resume = %u\n", + a_tcp, from_client, resume); +#endif + + if (a_tcp) { + resumed_tcp = 1; + break; + } + } + } + + if (!resumed_tcp) + return; + } +#else return; } +#endif + if (from_client) { snd = &a_tcp->client; rcv = &a_tcp->server; @@ -762,6 +934,38 @@ process_tcp(u_char * data, int skblen) rcv = &a_tcp->client; snd = &a_tcp->server; } + +#ifdef ENABLE_TCPREASM +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("processing packet: seq = %u, ack = %u, snd->seq = %u, rcv->ack_seq = %u\n", + ntohl(this_tcphdr->th_seq), + ntohl(this_tcphdr->th_ack), + snd->seq, rcv->ack_seq); +#endif + + /* are we the 2nd half of the resume? */ + if (snd->resume_second_half) { + snd->seq = ntohl(this_tcphdr->th_seq) + 1; + snd->first_data_seq = snd->seq - 1; + snd->window = ntohs(this_tcphdr->th_win); + snd->resume_second_half = 0; + snd->ack_seq = rcv->seq; + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("second half resumed, seq = %u, first = %u, ack = %u\n", + snd->seq, snd->first_data_seq, snd->ack_seq); +#endif + + } + + if (resumed_tcp) { + snd->state = TCP_ESTABLISHED; + a_tcp->nids_state = NIDS_RESUME; + goto do_lurkers; + } +#endif + + /* normal SYN+ACK processing */ if ((this_tcphdr->th_flags & TH_SYN)) { if (from_client || a_tcp->client.state != TCP_SYN_SENT || a_tcp->server.state != TCP_CLOSE || !(this_tcphdr->th_flags & TH_ACK)) @@ -797,8 +1001,15 @@ process_tcp(u_char * data, int skblen) ( !before(ntohl(this_tcphdr->th_seq), rcv->ack_seq + rcv->window*rcv->wscale) || before(ntohl(this_tcphdr->th_seq) + datalen, rcv->ack_seq) ) - ) + ) { +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("packet is ignored: " + "datalen=%u, seq=%u, rcv->ack_seq=%u, rcv->window=%u, rcv->wscale=%u\n", + datalen, ntohl(this_tcphdr->th_seq), + rcv->ack_seq, rcv->window, rcv->wscale); +#endif return; + } if ((this_tcphdr->th_flags & TH_RST)) { if (a_tcp->nids_state == NIDS_DATA) { @@ -830,13 +1041,24 @@ process_tcp(u_char * data, int skblen) a_tcp->server.state = TCP_ESTABLISHED; a_tcp->nids_state = NIDS_JUST_EST; +#ifdef ENABLE_TCPREASM +do_lurkers: +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("notifying lurkers of new stream\n"); +#endif +#endif + for (i = tcp_procs; i; i = i->next) { char whatto = 0; char cc = a_tcp->client.collect; char sc = a_tcp->server.collect; char ccu = a_tcp->client.collect_urg; char scu = a_tcp->server.collect_urg; - + +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY(" %p, nids_state = %u\n", i, a_tcp->nids_state); +#endif + (i->item) (a_tcp, &data); if (cc < a_tcp->client.collect) whatto |= COLLECT_cc; @@ -866,6 +1088,10 @@ process_tcp(u_char * data, int skblen) } } if (!a_tcp->listeners) { +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("no listeners, killing stream\n"); +#endif + nids_free_tcp_stream(a_tcp); return; } @@ -890,9 +1116,16 @@ process_tcp(u_char * data, int skblen) } } if (datalen + (this_tcphdr->th_flags & TH_FIN) > 0) + { +#ifdef ENABLE_TCPREASM_DEBUG + DEBUG_REASSEMBLY("calling tcp_queue, datalen = %u, data = %.*s...\n", + datalen, datalen > 10 ? 10 : datalen, (char *) (this_tcphdr) + 4 * this_tcphdr->th_off); +#endif + tcp_queue(a_tcp, this_tcphdr, snd, rcv, (char *) (this_tcphdr) + 4 * this_tcphdr->th_off, datalen, skblen); + } snd->window = ntohs(this_tcphdr->th_win); if (rcv->rmem_alloc > 65535) prune_queue(rcv, this_tcphdr); @@ -919,6 +1152,20 @@ nids_unregister_tcp(void (*x)) unregister_callback(&tcp_procs, x); } +#ifdef ENABLE_TCPREASM +void +nids_register_tcp_resume(void (*x)) +{ + register_callback(&tcp_resume_procs, x); +} + +void +nids_unregister_tcp_resume(void (*x)) +{ + unregister_callback(&tcp_resume_procs, x); +} +#endif + int tcp_init(int size) { libnids-1.26/src/libnids.3000066400000000000000000000332221415573252600154010ustar00rootroot00000000000000.\" libnids manpage by Dug Song .\" tmac.an sux, tmac.doc rules .TH LIBNIDS 3 .SH NAME libnids \- network intrusion detection system E-box library .SH SYNOPSIS .nf #include extern struct nids_prm \fInids_params\fR; extern char \fInids_errbuf\fR[]; int \fBnids_init\fR(void); void \fBnids_register_ip_frag\fR(void (*ip_frag_func)(struct ip *pkt, int len)); void \fBnids_unregister_ip_frag\fR(void (*ip_frag_func)(struct ip *pkt, int len)); void \fBnids_register_ip\fR(void (*ip_func)(struct ip *pkt, int len)); void \fBnids_unregister_ip\fR(void (*ip_func)(struct ip *pkt, int len)); void \fBnids_register_udp\fR(void (*udp_func)(struct tuple4 *addr, u_char *data, int len, struct ip *pkt)); void \fBnids_unregister_udp\fR(void (*udp_func)(struct tuple4 *addr, u_char *data, int len, struct ip *pkt)); void \fBnids_register_tcp\fR(void (*tcp_func)(struct tcp_stream *ts, void **param)); void \fBnids_unregister_tcp\fR(void (*tcp_func)(struct tcp_stream *ts, void **param)); void \fBnids_killtcp\fR(struct tcp_stream *ts); void \fBnids_discard\fR(struct tcp_stream *ts, int numbytes); void \fBnids_run\fR(void); int \fBnids_dispatch\fR(int cnt); int \fBnids_next\fR(void); int \fBnids_getfd\fR(void); int \fBnids_register_chksum_ctl\fR(struct nids_chksum_ctl *, int); void \fBnids_pcap_handler\fR(u_char *par, struct pcap_pkthdr *hdr, u_char *data); struct tcp_stream * \fBnids_find_tcp_stream\fR(struct tuple4 *addr); .fi .SH DESCRIPTION .B libnids provides the functionality of a network intrusion detection system (NIDS) E-box component. It currently performs: .LP .nf 1. IP defragmentation 2. TCP stream reassembly 3. TCP port scan detection .fi .PP .B libnids performs TCP/IP reassembly in exactly the same way as Linux 2.0.36 kernels, and correctly handles all of the attacks implemented in fragrouter(8) (plus many other attacks as well). .SH ROUTINES .PP .BR nids_init () initializes the application for sniffing, based on the values set in the global variable \fInids_params\fR, declared as follows: .LP .nf struct nids_prm { int n_tcp_streams; int n_hosts; char *device; char *filename; int sk_buff_size; int dev_addon; void (*syslog)(int type, int err, struct ip *iph, void *data); int syslog_level; int scan_num_hosts; int scan_num_ports; int scan_delay; void (*no_mem)(void); int (*ip_filter)(struct ip *iph); char *pcap_filter; int promisc; int one_loop_less; int pcap_timeout; int multiproc; int queue_limit; int tcp_workarounds; pcap_t *pcap_desc; } nids_params; .fi .PP The members of this structure are: .TP .I n_tcp_streams Size of the hash table used for storing TCP connection information ( a maximum of 3/4 * \fIn_tcp_streams\fR TCP connections will be followed simultaneously). Default value: 1024 .TP .I n_hosts Size of the hash table used for storing IP defragmentation information. Default value: 256 .TP .I filename It this variable is set, libnids will call pcap_open_offline with this variable as the argument (instead of pcap_open_live()). Default value: NULL .TP .I device Interface to monitor. Default value: NULL (in which case an appropriate device is determined automatically). If this variable is assigned value \fBall\fR, libnids will attempt to capture packets on all interfaces (which works on Linux only) .TP .I sk_buff_size Size of \fIstruct sk_buff\fR (used for queuing packets), which should be set to match the value on the hosts being monitored. Default value: 168 .TP .I dev_addon Number of bytes in \fIstruct sk_buff\fR reserved for link-layer information. Default value: -1 (in which case an appropriate offset if determined automatically based on link-layer type) .TP .I syslog Syslog callback function, used to report unusual conditions, such as port scan attempts, invalid TCP header flags, etc. Default value: \fInids_syslog\fR (which logs messages via syslog(3) without regard for message rate per second or free disk space) .TP .I syslog_level Log level used by \fInids_syslog\fR for reporting events via syslog(3). Default value: LOG_ALERT .TP .I scan_num_hosts Size of hash table used for storing portscan information (the maximum number portscans that will be detected simultaneously). If set to 0, portscan detection will be disabled. Default value: 256 .TP .I scan_num_ports Minimum number of ports that must be scanned from the same source host before it is identifed as a portscan. Default value: 10 .TP .I scan_delay Maximum delay (in milliseconds) between connections to different ports for them to be identified as part of a portscan. Default value: 3000 .TP .I no_mem Out-of-memory callback function, used to terminate the calling process gracefully. .TP .I ip_filter IP filtering callback function, used to selectively discard IP packets, inspected after reassembly. If the function returns a non-zero value, the packet is processed; otherwise, it is discarded. Default value: \fInids_ip_filter\fR (which always returns 1) .TP .I pcap_filter pcap(3) filter string applied to the link-layer (raw, unassembled) packets. \fBNote\fR: filters like ``tcp dst port 23'' will NOT correctly handle appropriately fragmented traffic, e.g. 8-byte IP fragments; one should add "or (ip[6:2] & 0x1fff != 0)" at the end of the filter to process reassembled packets. Default value: NULL .TP .I promisc If non-zero, libnids will set the interface(s) it listens on to promiscuous mode. Default value: 1 .TP .I one_loop_less Disabled by default; see comments in API.html file .TP .I pcap_timeout Sets the pcap read timeout, which may or may not be supported by your platform. Default value: 1024. .TP .I multiproc If nonzero, creates a separate thread for packets processing. See API.html. Default value: 0. .TP .I queue_limit If multiproc is nonzero, this is the maximum number of packets queued in the thread which reads packets from libpcap. Default value: 20000 .TP .I tcp_workarounds Enables extra checks for faulty implementations of TCP such as the ones which allow connections to be closed despite the fact that there should be retransmissions for lost packets first (as stated by RFC 793, section 3.5). If non-zero, libnids will set the NIDS_TIMED_OUT state for savagely closed connections. Default value: 0 .TP .I pcap_desc It this variable is set, libnids will call neither pcap_open_live nor pcap_open_offline, but will use a pre-opened PCAP descriptor; use this with nids_pcap_handler() in order to interactively feed packets to libnids. Default value: NULL .PP Returns 1 on success, 0 on failure (in which case \fBnids_errbuf\fR contains an appropriate error message). .PP .BR nids_register_ip_frag () registers a user-defined callback function to process all incoming IP packets (including IP fragments, packets with invalid checksums, etc.). .PP .BR nids_unregister_ip_frag () unregisters a user-defined callback function to process all incoming IP packets. .PP .BR nids_register_ip () registers a user-defined callback function to process IP packets validated and reassembled by \fBlibnids\fR. .PP .BR nids_unregister_ip () unregisters a user-defined callback function to process IP packets. .PP .BR nids_register_udp () registers a user-defined callback function to process UDP packets validated and reassembled by \fBlibnids\fR. .PP .BR nids_unregister_udp () unregisters a user-defined callback function to process UDP packets. .PP .BR nids_register_tcp () registers a user-defined callback function to process TCP streams validated and reassembled by \fBlibnids\fR. The \fItcp_stream\fR structure is defined as follows: .LP .nf struct tcp_stream { struct tuple4 { u_short source; u_short dest; u_int saddr; u_int daddr; } addr; char nids_state; struct half_stream { char state; char collect; char collect_urg; char *data; u_char urgdata; int count; int offset; int count_new; char count_new_urg; ... } client; struct half_stream server; ... void *user; }; .fi .PP The members of the \fItuple4\fR structure identify a unique TCP connection: .TP \fIsource\fR, \fIdest\fR Client and server port numbers .TP \fIsaddr\fR, \fIdaddr\fR Client and server IP addresses .PP The members of the \fIhalf_stream\fR structure describe each half of a TCP connection (client and server): .TP .I state Socket state (e.g. TCP_ESTABLISHED). .TP .I collect A boolean which specifies whether to collect data for this half of the connection in the \fIdata\fR buffer. .TP .I collect_urg A boolean which specifies whether to collect urgent data pointed to by the TCP urgent pointer for this half of the connection in the \fIurgdata\fR buffer. .TP .I data Buffer for normal data. .TP .I urgdata One-byte buffer for urgent data. .TP .I count The number of bytes appended to \fIdata\fR since the creation of the connection. .TP .I offset The current offset from the first byte stored in the \fIdata\fR buffer, identifying the start of newly received data. .TP .I count_new The number of bytes appended to \fIdata\fR since the last invocation of the TCP callback function (if 0, no new data arrived). .TP .I count_new_urg The number of bytes appended to \fIurgdata\fR since the last invocation of the TCP callback function (if 0, no new urgent data arrived). .PP The value of the \fInids_state\fR field provides information about the state of the TCP connection, to be used by the TCP callback function: .TP NIDS_JUST_EST Connection just established. Connection parameters in the \fIaddr\fR structure are available for inspection. If the connection is interesting, the TCP callback function may specify which data it wishes to receive in the future by setting non-zero values for the \fIcollect\fR or \fIcollect_urg\fR variables in the appropriate \fIclient\fR or \fIserver\fR half_stream structure members. .TP NIDS_DATA New data has arrived on a connection. The \fIhalf_stream\fR structures contain buffers of data. .TP NIDS_CLOSE, NIDS_RESET, NIDS_TIMED_OUT Connection has closed. The TCP callback function should free any resources it may have allocated for this connection. .PP The \fIparam\fR pointer passed by libnids as argument to the TCP callback function may be set to save a pointer to user-defined connection-specific data to pass to subsequent invocations of the TCP callback function (ex. the current working directory for an FTP control connection, etc.). .PP The \fIuser\fR pointer in the tcp_stream structure has the same purpose except it is global to the stream, whereas the \fIparam\fR pointer is different from one callback function to the other even though they were called for the same stream. .PP .BR nids_unregister_tcp () unregisters a user-defined callback function to process TCP streams. .PP .BR nids_killtcp () tears down the specified TCP connection with symmetric RST packets between client and server. .PP .BR nids_discard () may be called from the TCP callback function to specify the number of bytes to discard from the beginning of the \fIdata\fR buffer (updating the \fIoffset\fR value accordingly) after the TCP callback function exits. Otherwise, the new data (totalling \fIcount_new\fR bytes) will be discarded by default. .PP .BR nids_run () starts the packet-driven application, reading packets in an endless loop, and invoking registered callback functions to handle new data as it arrives. This function does not return. .PP .BR nids_dispatch () attempts to process \fBcnt\fR packets before returning, with a cnt of -1 understood as all packets available in one pcap buffer, or all packets in a file when reading offline. On success, returns the count of packets processed, which may be zero upon EOF (offline read) or upon hitting \fIpcap_timeout\fR (if supported by your platform). On failure, returns -1, putting an appropriate error message in \fBnids_errbuf\fR. .PP .BR nids_next () process the next available packet before returning. Returns 1 on success, 0 if no packet was processed, setting \fBnids_effbuf\fR appropriately if an error prevented packet processing. .PP .BR nids_getfd () may be used by an application sleeping in select(2) to snoop for a socket file descriptor present in the read fd_set. Returns the file descriptor on success, -1 on failure (in which case \fBnids_errbuf\fR contains an appropriate error message). .PP .BR nids_register_chksum_ctl () takes as arguments an array of \fIstruct nids_chksum_ctl\fR elements and the number of elements in the array. A \fInids_chksum_ctl\fR element is defined as follows: .LP .nf struct nids_chksum_ctl { u_int netaddr; u_int mask; u_int action; /* private members */ }; .fi .PP Internal checksumming functions will first check elements of this array one by one, and if the source ip SRCIP of the current packet satisfies condition (SRCIP&chksum_ctl_array[i].mask)==chksum_ctl_array[i].netaddr then if the \fIaction\fR field is \fBNIDS_DO_CHKSUM\fR, the packet will be checksummed; if the \fIaction\fR field is \fBNIDS_DONT_CHKSUM\fR, the packet will not be checksummed. If the packet matches none of the array elements, the default action is to perform checksumming. .PP .BR nids_pcap_handler () may be used by an application already running a capture with libpcap, in order to pass frames to libnids interactively (frame per frame) instead of having libnids itself do the capture. .PP .BR nids_find_tcp_stream () returns a pointer to the tcp_stream structure corresponding to the tuple passed as argument if libnids knows about this TCP connection already, otherwise it returns NULL. .PP .BR nids_free_tcp_stream () removes the given tcp_stream from the list of streams tracked by libnids. Warning: its usage can result in crashes! See comments in the API.html file. .SH SEE ALSO pcap(3), libnet(3), fragrouter(8) .SH AUTHOR Rafal Wojtczuk .PP Manpage by Dug Song , minor updates by Michael Pomraning libnids-1.26/src/libnids.3.mdoc000066400000000000000000000255741415573252600163350ustar00rootroot00000000000000.\" libnids manpage by Dug Song .Dd Dec 21, 1999 .Dt PCAP 3 .Os .Sh NAME .Nm libnids .Nd network intrusion detection system E-box library .Sh SYNOPSIS .Fd #include .Pp .Dv extern struct nids_prm nids_params; .Lp .Dv extern char *nids_warnings[]; .Lp .Dv extern char nids_errbuf[]; .Ft int .Fn nids_init "void" .Ft void .Fn nids_register_ip_frag "void (*ip_frag_func)(struct ip *pkt)" .Ft void .Fn nids_register_ip "void (*ip_func)(struct ip *pkt)" .Ft void .Fn nids_register_udp "void (*udp_func)(struct tuple4 *addr, u_char *data, int len, struct ip *pkt))" .Ft void .Fn nids_register_tcp "void (*tcp_func)(struct tcp_stream *ts, void **param)" .Ft void .Fn nids_killtcp "struct tcp_stream *ts" .Ft void .Fn nids_discard "struct tcp_stream *ts, int numbytes" .Ft void .Fn nids_run "void" .Ft int .Fn nids_dispatch "int" .Ft int .Fn nids_next "void" .Ft int .Fn nids_getfd "void" .Ft void .Fn nids_register_chksum_ctl "struct nids_chksum_ctl *, int" .Sh DESCRIPTION .Nm provides the functionality of a network intrusion detection system (NIDS) E-box component. It currently performs .Lp .Bl -enum -offset indent -compact .It IP defragmentation .It TCP stream reassembly .It TCP port scan detection .El .Lp .Nm performs TCP/IP reassembly in exactly the same way as Linux 2.0.36 kernels, and correctly handles all of the attacks implemented in .Xr fragrouter 8 (plus many other attacks as well). .Sh ROUTINES .Fn nids_init initializes the application for sniffing, based on the values set in the global variable .Va nids_params , declared as follows: .Bd -literal struct nids_prm { int n_tcp_streams; int n_hosts; char *device; int sk_buff_size; int dev_addon; void (*syslog)(int type, int err, struct ip *iph, void *data); int syslog_level; int scan_num_hosts; int scan_num_ports; int scan_delay; void (*no_mem)(void); int (*ip_filter)(struct ip *iph); char *pcap_filter; int pcap_timeout; } nids_params; .Ed .Pp The members of this structure are: .Bl -tag -width scan_num_hosts .It Fa n_tcp_streams Size of the hash table used for storing TCP connection information ( a maximum of 3/4 * .Fa n_tcp_streams TCP connections will be followed simultaneously). Default value: 1024 .It Fa n_hosts Size of the hash table used for storing IP defragmentation information. Default value: 256 .It Fa filename It this variable is set, libnids will call pcap_open_offline with this variable as the argument (instead of pcap_open_live()). Default value: NULL .It Fa device Interface to monitor. Default value: .Dv NULL (in which case an appropriate device is determined automatically). If this variable is assigned value .Nm all, libnids will attempt to capture packets on all interfaces (which works on Linux only) .It Fa sk_buff_size Size of .Fa struct sk_buff (used for queuing packets), which should be set to match the value on the hosts being monitored. Default value: 168 .It Fa dev_addon Number of bytes in .Fa struct sk_buff reserved for link-layer information. Default value: -1 (in which case an appropriate offset if determined automatically based on link-layer type) .It Fa syslog Syslog callback function, used to report unusual conditions, such as port scan attempts, invalid TCP header flags, etc. Default value: .Fa nids_syslog (which logs messages via .Xr syslog 3 without regard for message rate per second or free disk space) .It Fa syslog_level Log level used by .Fa nids_syslog for reporting events via .Xr syslog 3 . Default value: .Dv LOG_ALERT .It Fa scan_num_hosts Size of hash table used for storing portscan information (the maximum number portscans that will be detected simultaneously). If set to 0, portscan detection will be disabled. Default value: 256 .It Fa scan_num_ports Minimum number of ports that must be scanned from the same source host before it is identifed as a portscan. Default value: 10 .It Fa scan_delay Maximum delay (in milliseconds) between connections to different ports for them to be identified as part of a portscan. Default value: 3000 .It Fa no_mem Out-of-memory callback function, used to terminate the calling process gracefully. .It Fa ip_filter IP filtering callback function, used to selectively discard IP packets, inspected after reassembly. If the function returns a non-zero value, the packet is processed; otherwise, it is discarded. Default value: .Fn nids_ip_filter (which always returns 1) .It Fa pcap_filter .Xr pcap 3 filter string applied to the link-layer (raw, unassembled) packets. .Sy Note: filters like ``tcp dst port 23'' will NOT correctly handle appropriately fragmented traffic, e.g. 8-byte IP fragments. One should add "or (ip[6:2] & 0x1fff != 0)" at the end of the filter to process reassembled packets. Default value: .Dv NULL .lt Fa promisc If non-zero, libnids will set the interface(s) it listens on to promiscuous mode. Default value: 1 .It Fa one_loop_less Disabled by default see comments in API.html file .It Fa pcap_timeout Sets the pcap read timeout, which may or may not be supported by your platform. Default value: 1024. .El .Pp Returns 1 on success, 0 on failure (in which case .Va nids_errbuf contains an appropriate error message). .Pp .Fn nids_register_ip_frag registers a user-defined callback function to process all incoming IP packets (including IP fragments, packets with invalid checksums, etc.). .Pp .Fn nids_register_ip registers a user-defined callback function to process IP packets validated and reassembled by .Nm libnids . .Pp .Fn nids_register_udp registers a user-defined callback function to process UDP packets validated and reassembled by .Nm libnids . .Pp .Fn nids_register_tcp registers a user-defined callback function to process TCP streams validated and reassembled by .Nm libnids . The .Va tcp_stream structure is defined as follows: .Bd -literal struct tcp_stream { struct tuple4 { u_short source; u_short dest; u_int saddr; u_int daddr; } addr; char nids_state; struct half_stream { char state; char collect; char collect_urg; char *data; u_char urgdata; int count; int offset; int count_new; char count_new_urg; ... } client; struct half_stream server; ... }; .Ed .Pp The members of the .Va tuple4 structure identify a unique TCP connection: .Bl -tag -width source_,_dest .It Fa source , dest Client and server port numbers .It Fa saddr , daddr Client and server IP addresses .El .Pp The members of the .Va half_stream structure describe each half of a TCP connection (client and server): .Bl -tag -width count_new_urg .It Fa state Socket state (e.g. .Dv TCP_ESTABLISHED ). .It Fa collect A boolean which specifies whether to collect data for this half of the connection in the .Va data buffer. .It Fa collect_urg A boolean which specifies whether to collect urgent data pointed to by the TCP urgent pointer for this half of the connection in the .Va urgdata buffer. .It Fa data Buffer for normal data. .It Fa urgdata One-byte buffer for urgent data. .It Fa count The number of bytes appended to .Va data since the creation of the connection. .It Fa offset The current offset from the first byte stored in the .Va data buffer, identifying the start of newly received data. .It Fa count_new The number of bytes appended to .Va data since the last invocation of the TCP callback function (if 0, no new data arrived). .It Fa count_new_urg The number of bytes appended to .Va urgdata since the last invocation of the TCP callback function (if 0, no new urgent data arrived). .El .Pp The .Va nids_state field provides information about the state of the TCP connection, to be used by the TCP callback function: .Bl -tag -width NIDS_TIMED_OUT .It Dv NIDS_JUST_EST Connection just established. Connection parameters in the .Va addr structure are available for inspection. If the connection is interesting, the TCP callback function may specify which data it wishes to receive in the future by setting non-zero values for the .Va collect or .Va collect_urg variables in the appropriate .Va client or .Va server half_stream structure members. .It Dv NIDS_DATA New data has arrived on a connection. The .Va half_stream structures contain buffers of data. .It Dv NIDS_CLOSE , NIDS_RESET , NIDS_TIMED_OUT Connection has closed. The TCP callback function should free any resources it may have allocated for this connection. .El .Pp The .Va param pointer may be set to save a pointer to user-defined connection-specific data to pass to subsequent invocations of the TCP callback function (ex. the current working directory for an FTP control connection, etc.). .Pp .Fn nids_killtcp tears down the specified TCP connection with symmetric .Dv RST packets between client and server. .Pp .Fn nids_discard may be called from the TCP callback function to specify the number of bytes to discard from the beginning of the .Va data buffer (updating the .Va offset value accordingly) after the TCP callback function exists. Otherwise, the new data (totalling .Va count_new bytes) will be discarded by default. .Pp .Fn nids_run starts the packet-driven application, reading packets in an endless loop, and invoking registered callback functions to handle new data as it arrives. This function does not return. .Pp .Fn nids_dispatch attempts to process .Va cnt packets before returning, with a cnt of -1 understood as all packets available in one pcap buffer, or all packets in a file when reading offline. On success, returns the count of packets processed, which may be zero upon EOF (offline read) or upon hitting .Va pcap_timeout (if supported by your platform). On failure, returns -1, putting an appropriate error message in .Va nids_errbuf . .Pp .Fn nids_next process the next available packet before returning. Returns 1 on success, 0 if no packet was processed, setting .Va nids_effbuf appropriately if an error prevented packet processing. .Pp .Fn nids_getfd may be used by an application sleeping in .Xr select 2 to snoop for a socket file descriptor present in the read .Dv fd_set . Returns the file descriptor on success, -1 on failure (in which case .Va nids_errbuf contains an appropriate error message). .Pp .Fn nids_register_chksum_ctl takes as arguments an array of .Va struct nids_chksum_ctl elements and the number of elements in the array. A .Va nids_chksum_ctl element is defined as follows: .Bd -literal struct nids_chksum_ctl { u_int netaddr; u_int mask; u_int action; /* private members */ }; .Ed .Pp Internal checksumming functions will first check elements of this array one by one, and if the source ip SRCIP of the current packet satisfies condition (SRCIP&chksum_ctl_array[i].mask)==chksum_ctl_array[i].netaddr then if the .Va action field is NIDS_DO_CHKSUM, the packet will be checksummed; if the .Va action field is NIDS_DONT_CHKSUM, the packet will not be checksummed. If the packet matches none of the array elements, the default action is to perform checksumming. .Sh SEE ALSO .Xr pcap 3 , .Xr libnet 3 , .Xr fragrouter 8 .Sh AUTHOR Rafal Wojtczuk .Pp Manpage by Dug Song , minor updates by Michael Pomraning libnids-1.26/src/libnids.c000066400000000000000000000474411415573252600154710ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #if (HAVE_UNISTD_H) #include #endif #include #include "checksum.h" #include "ip_fragment.h" #include "scan.h" #include "tcp.h" #include "util.h" #include "nids.h" #ifdef HAVE_LIBGTHREAD_2_0 #include #endif #ifdef __linux__ extern int set_all_promisc(); #endif #define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x)) extern int ip_options_compile(unsigned char *); extern int raw_init(); static void nids_syslog(int, int, struct ip *, void *); static int nids_ip_filter(struct ip *, int); static struct proc_node *ip_frag_procs; static struct proc_node *ip_procs; static struct proc_node *udp_procs; struct proc_node *tcp_procs; static int linktype; static pcap_t *desc = NULL; #ifdef HAVE_LIBGTHREAD_2_0 /* async queue for multiprocessing - mcree */ static GAsyncQueue *cap_queue; /* items in the queue */ struct cap_queue_item { void *data; bpf_u_int32 caplen; }; /* marks end of queue */ static struct cap_queue_item EOF_item; /* error buffer for glib calls */ static GError *gerror = NULL; #endif char nids_errbuf[PCAP_ERRBUF_SIZE]; struct pcap_pkthdr * nids_last_pcap_header = NULL; u_char *nids_last_pcap_data = NULL; u_int nids_linkoffset = 0; char *nids_warnings[] = { "Murphy - you never should see this message !", "Oversized IP packet", "Invalid IP fragment list: fragment over size", "Overlapping IP fragments", "Invalid IP header", "Source routed IP frame", "Max number of TCP streams reached", "Invalid TCP header", "Too much data in TCP receive queue", "Invalid TCP flags" }; struct nids_prm nids_params = { 1040, /* n_tcp_streams */ 256, /* n_hosts */ NULL, /* device */ NULL, /* filename */ 168, /* sk_buff_size */ -1, /* dev_addon */ nids_syslog, /* syslog() */ LOG_ALERT, /* syslog_level */ 256, /* scan_num_hosts */ 3000, /* scan_delay */ 10, /* scan_num_ports */ nids_no_mem, /* no_mem() */ nids_ip_filter, /* ip_filter() */ NULL, /* pcap_filter */ 1, /* promisc */ 0, /* one_loop_less */ 1024, /* pcap_timeout */ 0, /* multiproc */ 20000, /* queue_limit */ 0, /* tcp_workarounds */ NULL, /* pcap_desc */ 3600 /* tcp_flow_timeout */ }; static int nids_ip_filter(struct ip *x, int len) { (void)x; (void)len; return 1; } static void nids_syslog(int type, int errnum, struct ip *iph, void *data) { char saddr[20], daddr[20]; char buf[1024]; struct host *this_host; unsigned char flagsand = 255, flagsor = 0; int i; switch (type) { case NIDS_WARN_IP: if (errnum != NIDS_WARN_IP_HDR) { strcpy(saddr, int_ntoa(iph->ip_src.s_addr)); strcpy(daddr, int_ntoa(iph->ip_dst.s_addr)); syslog(nids_params.syslog_level, "%s, packet (apparently) from %s to %s\n", nids_warnings[errnum], saddr, daddr); } else syslog(nids_params.syslog_level, "%s\n", nids_warnings[errnum]); break; case NIDS_WARN_TCP: strcpy(saddr, int_ntoa(iph->ip_src.s_addr)); strcpy(daddr, int_ntoa(iph->ip_dst.s_addr)); if (errnum != NIDS_WARN_TCP_HDR) syslog(nids_params.syslog_level, "%s,from %s:%hu to %s:%hu\n", nids_warnings[errnum], saddr, ntohs(((struct tcphdr *) data)->th_sport), daddr, ntohs(((struct tcphdr *) data)->th_dport)); else syslog(nids_params.syslog_level, "%s,from %s to %s\n", nids_warnings[errnum], saddr, daddr); break; case NIDS_WARN_SCAN: this_host = (struct host *) data; sprintf(buf, "Scan from %s. Scanned ports: ", int_ntoa(this_host->addr)); for (i = 0; i < this_host->n_packets; i++) { strcat(buf, int_ntoa(this_host->packets[i].addr)); sprintf(buf + strlen(buf), ":%hu,", this_host->packets[i].port); flagsand &= this_host->packets[i].flags; flagsor |= this_host->packets[i].flags; } if (flagsand == flagsor) { i = flagsand; switch (flagsand) { case 2: strcat(buf, "scan type: SYN"); break; case 0: strcat(buf, "scan type: NULL"); break; case 1: strcat(buf, "scan type: FIN"); break; default: sprintf(buf + strlen(buf), "flags=0x%x", i); } } else strcat(buf, "various flags"); syslog(nids_params.syslog_level, "%s", buf); break; default: syslog(nids_params.syslog_level, "Unknown warning number ?\n"); } } /* called either directly from pcap_hand() or from cap_queue_process_thread() * depending on the value of nids_params.multiproc - mcree */ static void call_ip_frag_procs(void *data,bpf_u_int32 caplen) { struct proc_node *i; for (i = ip_frag_procs; i; i = i->next) (i->item) (data, caplen); } /* wireless frame types, mostly from tcpdump (wam) */ #define FC_TYPE(fc) (((fc) >> 2) & 0x3) #define FC_SUBTYPE(fc) (((fc) >> 4) & 0xF) #define DATA_FRAME_IS_QOS(x) ((x) & 0x08) #define FC_WEP(fc) ((fc) & 0x4000) #define FC_TO_DS(fc) ((fc) & 0x0100) #define FC_FROM_DS(fc) ((fc) & 0x0200) #define T_MGMT 0x0 /* management */ #define T_CTRL 0x1 /* control */ #define T_DATA 0x2 /* data */ #define T_RESV 0x3 /* reserved */ #define EXTRACT_LE_16BITS(p) \ ((unsigned short)*((const unsigned char *)(p) + 1) << 8 | \ (unsigned short)*((const unsigned char *)(p) + 0)) #define EXTRACT_16BITS(p) ((unsigned short)ntohs(*(const unsigned short *)(p))) #define LLC_FRAME_SIZE 8 #define LLC_OFFSET_TO_TYPE_FIELD 6 #define ETHERTYPE_IP 0x0800 void nids_pcap_handler(u_char * par, struct pcap_pkthdr *hdr, u_char * data) { u_char *data_aligned; #ifdef HAVE_LIBGTHREAD_2_0 struct cap_queue_item *qitem; #endif #ifdef DLT_IEEE802_11 unsigned short fc; int linkoffset_tweaked_by_prism_code = 0; int linkoffset_tweaked_by_radio_code = 0; #endif /* * Check for savagely closed TCP connections. Might * happen only when nids_params.tcp_workarounds is non-zero; * otherwise nids_tcp_timeouts is always NULL. */ if (NULL != nids_tcp_timeouts) tcp_check_timeouts(&hdr->ts); nids_last_pcap_header = hdr; nids_last_pcap_data = data; (void)par; /* warnings... */ switch (linktype) { case DLT_EN10MB: if (hdr->caplen < 14) return; /* Only handle IP packets and 802.1Q VLAN tagged packets below. */ if (data[12] == 8 && data[13] == 0) { /* Regular ethernet */ nids_linkoffset = 14; } else if (data[12] == 0x81 && data[13] == 0) { /* Skip 802.1Q VLAN and priority information */ nids_linkoffset = 18; } else /* non-ip frame */ return; break; #ifdef DLT_PRISM_HEADER #ifndef DLT_IEEE802_11 #error DLT_PRISM_HEADER is defined, but DLT_IEEE802_11 is not ??? #endif case DLT_PRISM_HEADER: nids_linkoffset = 144; //sizeof(prism2_hdr); linkoffset_tweaked_by_prism_code = 1; //now let DLT_IEEE802_11 do the rest #endif #ifdef DLT_IEEE802_11_RADIO case DLT_IEEE802_11_RADIO: // just get rid of the radio tap header if (!linkoffset_tweaked_by_prism_code) { nids_linkoffset = EXTRACT_LE_16BITS(data + 2); // skip radiotap header linkoffset_tweaked_by_radio_code = 1; } //now let DLT_IEEE802_11 do the rest #endif #ifdef DLT_IEEE802_11 case DLT_IEEE802_11: /* I don't know why frame control is always little endian, but it * works for tcpdump, so who am I to complain? (wam) */ if (!linkoffset_tweaked_by_prism_code && !linkoffset_tweaked_by_radio_code) nids_linkoffset = 0; fc = EXTRACT_LE_16BITS(data + nids_linkoffset); if (FC_TYPE(fc) != T_DATA || FC_WEP(fc)) { return; } if (FC_TO_DS(fc) && FC_FROM_DS(fc)) { /* a wireless distribution system packet will have another * MAC addr in the frame */ nids_linkoffset += 30; } else { nids_linkoffset += 24; } if (DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) nids_linkoffset += 2; if (hdr->len < nids_linkoffset + LLC_FRAME_SIZE) return; if (ETHERTYPE_IP != EXTRACT_16BITS(data + nids_linkoffset + LLC_OFFSET_TO_TYPE_FIELD)) { /* EAP, LEAP, and other 802.11 enhancements can be * encapsulated within a data packet too. Look only at * encapsulated IP packets (Type field of the LLC frame). */ return; } nids_linkoffset += LLC_FRAME_SIZE; break; #endif default:; } if (hdr->caplen < nids_linkoffset) return; /* * sure, memcpy costs. But many EXTRACT_{SHORT, LONG} macros cost, too. * Anyway, libpcap tries to ensure proper layer 3 alignment (look for * handle->offset in pcap sources), so memcpy should not be called. */ #ifdef LBL_ALIGN if ((unsigned long) (data + nids_linkoffset) & 0x3) { data_aligned = alloca(hdr->caplen - nids_linkoffset + 4); data_aligned -= (unsigned long) data_aligned % 4; memcpy(data_aligned, data + nids_linkoffset, hdr->caplen - nids_linkoffset); } else #endif data_aligned = data + nids_linkoffset; #ifdef HAVE_LIBGTHREAD_2_0 if(nids_params.multiproc) { /* * Insert received fragment into the async capture queue. * We hope that the overhead of memcpy * will be saturated by the benefits of SMP - mcree */ qitem=malloc(sizeof(struct cap_queue_item)); if (qitem && (qitem->data=malloc(hdr->caplen - nids_linkoffset))) { qitem->caplen=hdr->caplen - nids_linkoffset; memcpy(qitem->data,data_aligned,qitem->caplen); g_async_queue_lock(cap_queue); /* ensure queue does not overflow */ if(g_async_queue_length_unlocked(cap_queue) > nids_params.queue_limit) { /* queue limit reached: drop packet - should we notify user via syslog? */ free(qitem->data); free(qitem); } else { /* insert packet to queue */ g_async_queue_push_unlocked(cap_queue,qitem); } g_async_queue_unlock(cap_queue); } } else { /* user requested simple passthru - no threading */ call_ip_frag_procs(data_aligned,hdr->caplen - nids_linkoffset); } #else call_ip_frag_procs(data_aligned,hdr->caplen - nids_linkoffset); #endif } static void gen_ip_frag_proc(u_char * data, int len) { struct proc_node *i; struct ip *iph = (struct ip *) data; int need_free = 0; int skblen; void (*glibc_syslog_h_workaround)(int, int, struct ip *, void*)= nids_params.syslog; if (!nids_params.ip_filter(iph, len)) return; if (len < (int)sizeof(struct ip) || iph->ip_hl < 5 || iph->ip_v != 4 || ip_fast_csum((unsigned char *) iph, iph->ip_hl) != 0 || len < ntohs(iph->ip_len) || ntohs(iph->ip_len) < iph->ip_hl << 2) { glibc_syslog_h_workaround(NIDS_WARN_IP, NIDS_WARN_IP_HDR, iph, 0); return; } if (iph->ip_hl > 5 && ip_options_compile((unsigned char *)data)) { glibc_syslog_h_workaround(NIDS_WARN_IP, NIDS_WARN_IP_SRR, iph, 0); return; } switch (ip_defrag_stub((struct ip *) data, &iph)) { case IPF_ISF: return; case IPF_NOTF: need_free = 0; iph = (struct ip *) data; break; case IPF_NEW: need_free = 1; break; default:; } skblen = ntohs(iph->ip_len) + 16; if (!need_free) skblen += nids_params.dev_addon; skblen = (skblen + 15) & ~15; skblen += nids_params.sk_buff_size; for (i = ip_procs; i; i = i->next) (i->item) (iph, skblen); if (need_free) free(iph); } #if HAVE_BSD_UDPHDR #define UH_ULEN uh_ulen #define UH_SPORT uh_sport #define UH_DPORT uh_dport #else #define UH_ULEN len #define UH_SPORT source #define UH_DPORT dest #endif static void process_udp(char *data) { struct proc_node *ipp = udp_procs; struct ip *iph = (struct ip *) data; struct udphdr *udph; struct tuple4 addr; int hlen = iph->ip_hl << 2; int len = ntohs(iph->ip_len); int ulen; if (len - hlen < (int)sizeof(struct udphdr)) return; udph = (struct udphdr *) (data + hlen); ulen = ntohs(udph->UH_ULEN); if (len - hlen < ulen || ulen < (int)sizeof(struct udphdr)) return; /* According to RFC768 a checksum of 0 is not an error (Sebastien Raveau) */ if (udph->uh_sum && my_udp_check ((void *) udph, ulen, iph->ip_src.s_addr, iph->ip_dst.s_addr)) return; addr.source = ntohs(udph->UH_SPORT); addr.dest = ntohs(udph->UH_DPORT); addr.saddr = iph->ip_src.s_addr; addr.daddr = iph->ip_dst.s_addr; while (ipp) { ipp->item(&addr, ((char *) udph) + sizeof(struct udphdr), ulen - sizeof(struct udphdr), data); ipp = ipp->next; } } static void gen_ip_proc(u_char * data, int skblen) { switch (((struct ip *) data)->ip_p) { case IPPROTO_TCP: process_tcp(data, skblen); break; case IPPROTO_UDP: process_udp((char *)data); break; case IPPROTO_ICMP: if (nids_params.n_tcp_streams) process_icmp(data); break; default: break; } } static void init_procs() { ip_frag_procs = mknew(struct proc_node); ip_frag_procs->item = gen_ip_frag_proc; ip_frag_procs->next = 0; ip_procs = mknew(struct proc_node); ip_procs->item = gen_ip_proc; ip_procs->next = 0; tcp_procs = 0; udp_procs = 0; } void nids_register_udp(void (*x)) { register_callback(&udp_procs, x); } void nids_unregister_udp(void (*x)) { unregister_callback(&udp_procs, x); } void nids_register_ip(void (*x)) { register_callback(&ip_procs, x); } void nids_unregister_ip(void (*x)) { unregister_callback(&ip_procs, x); } void nids_register_ip_frag(void (*x)) { register_callback(&ip_frag_procs, x); } void nids_unregister_ip_frag(void (*x)) { unregister_callback(&ip_frag_procs, x); } static int open_live() { char *device; int promisc = 0; if (nids_params.device == NULL) nids_params.device = pcap_lookupdev(nids_errbuf); if (nids_params.device == NULL) return 0; device = nids_params.device; if (!strcmp(device, "all")) device = "any"; else promisc = (nids_params.promisc != 0); if ((desc = pcap_open_live(device, 16384, promisc, nids_params.pcap_timeout, nids_errbuf)) == NULL) return 0; #ifdef __linux__ if (!strcmp(device, "any") && nids_params.promisc && !set_all_promisc()) { nids_errbuf[0] = 0; strncat(nids_errbuf, strerror(errno), sizeof(nids_errbuf) - 1); return 0; } #endif if (!raw_init()) { nids_errbuf[0] = 0; strncat(nids_errbuf, strerror(errno), sizeof(nids_errbuf) - 1); return 0; } return 1; } #ifdef HAVE_LIBGTHREAD_2_0 #define START_CAP_QUEUE_PROCESS_THREAD() \ if(nids_params.multiproc) { /* threading... */ \ if(!(g_thread_create_full((GThreadFunc)cap_queue_process_thread,NULL,0,FALSE,TRUE,G_THREAD_PRIORITY_LOW,&gerror))) { \ strcpy(nids_errbuf, "thread: "); \ strncat(nids_errbuf, gerror->message, sizeof(nids_errbuf) - 8); \ return 0; \ }; \ } #define STOP_CAP_QUEUE_PROCESS_THREAD() \ if(nids_params.multiproc) { /* stop the capture process thread */ \ g_async_queue_push(cap_queue,&EOF_item); \ } /* thread entry point * pops capture queue items and feeds them to * the ip fragment processors - mcree */ static void cap_queue_process_thread() { struct cap_queue_item *qitem; while(1) { /* loop "forever" */ qitem=g_async_queue_pop(cap_queue); if (qitem==&EOF_item) break; /* EOF item received: we should exit */ call_ip_frag_procs(qitem->data,qitem->caplen); free(qitem->data); free(qitem); } g_thread_exit(NULL); } #else #define START_CAP_QUEUE_PROCESS_THREAD() #define STOP_CAP_QUEUE_PROCESS_THREAD() #endif int nids_init() { /* free resources that previous usages might have allocated */ nids_exit(); if (nids_params.pcap_desc) desc = nids_params.pcap_desc; else if (nids_params.filename) { if ((desc = pcap_open_offline(nids_params.filename, nids_errbuf)) == NULL) return 0; } else if (!open_live()) return 0; if (nids_params.pcap_filter != NULL) { u_int mask = 0; struct bpf_program fcode; if (pcap_compile(desc, &fcode, nids_params.pcap_filter, 1, mask) < 0) return 0; if (pcap_setfilter(desc, &fcode) == -1) return 0; } switch ((linktype = pcap_datalink(desc))) { #ifdef DLT_IEEE802_11 #ifdef DLT_PRISM_HEADER case DLT_PRISM_HEADER: #endif #ifdef DLT_IEEE802_11_RADIO case DLT_IEEE802_11_RADIO: #endif case DLT_IEEE802_11: /* wireless, need to calculate offset per frame */ break; #endif #ifdef DLT_NULL case DLT_NULL: nids_linkoffset = 4; break; #endif case DLT_EN10MB: nids_linkoffset = 14; break; case DLT_PPP: nids_linkoffset = 4; break; /* Token Ring Support by vacuum@technotronic.com, thanks dugsong! */ case DLT_IEEE802: nids_linkoffset = 22; break; case DLT_RAW: case DLT_SLIP: nids_linkoffset = 0; break; #define DLT_LINUX_SLL 113 case DLT_LINUX_SLL: nids_linkoffset = 16; break; #ifdef DLT_FDDI case DLT_FDDI: nids_linkoffset = 21; break; #endif #ifdef DLT_PPP_SERIAL case DLT_PPP_SERIAL: nids_linkoffset = 4; break; #endif default: strcpy(nids_errbuf, "link type unknown"); return 0; } if (nids_params.dev_addon == -1) { if (linktype == DLT_EN10MB) nids_params.dev_addon = 16; else nids_params.dev_addon = 0; } if (nids_params.syslog == nids_syslog) openlog("libnids", 0, LOG_LOCAL0); init_procs(); tcp_init(nids_params.n_tcp_streams); ip_frag_init(nids_params.n_hosts); scan_init(); if(nids_params.multiproc) { #ifdef HAVE_LIBGTHREAD_2_0 g_thread_init(NULL); cap_queue=g_async_queue_new(); #else strcpy(nids_errbuf, "libnids was compiled without threads support"); return 0; #endif } return 1; } int nids_run() { if (!desc) { strcpy(nids_errbuf, "Libnids not initialized"); return 0; } START_CAP_QUEUE_PROCESS_THREAD(); /* threading... */ pcap_loop(desc, -1, (pcap_handler) nids_pcap_handler, 0); /* FIXME: will this code ever be called? Don't think so - mcree */ STOP_CAP_QUEUE_PROCESS_THREAD(); nids_exit(); return 0; } void nids_exit() { if (!desc) { strcpy(nids_errbuf, "Libnids not initialized"); return; } #ifdef HAVE_LIBGTHREAD_2_0 if (nids_params.multiproc) { /* I have no portable sys_sched_yield, and I don't want to add more synchronization... */ while (g_async_queue_length(cap_queue)>0) usleep(100000); } #endif tcp_exit(); ip_frag_exit(); scan_exit(); strcpy(nids_errbuf, "loop: "); strncat(nids_errbuf, pcap_geterr(desc), sizeof nids_errbuf - 7); if (!nids_params.pcap_desc) pcap_close(desc); desc = NULL; free(ip_procs); free(ip_frag_procs); } int nids_getfd() { if (!desc) { strcpy(nids_errbuf, "Libnids not initialized"); return -1; } return pcap_get_selectable_fd(desc); } int nids_next() { struct pcap_pkthdr h; char *data; if (!desc) { strcpy(nids_errbuf, "Libnids not initialized"); return 0; } if (!(data = (char *) pcap_next(desc, &h))) { strcpy(nids_errbuf, "next: "); strncat(nids_errbuf, pcap_geterr(desc), sizeof(nids_errbuf) - 7); return 0; } /* threading is quite useless (harmful) in this case - should we do an API change? */ START_CAP_QUEUE_PROCESS_THREAD(); nids_pcap_handler(0, &h, (u_char *)data); STOP_CAP_QUEUE_PROCESS_THREAD(); return 1; } int nids_dispatch(int cnt) { int r; if (!desc) { strcpy(nids_errbuf, "Libnids not initialized"); return -1; } START_CAP_QUEUE_PROCESS_THREAD(); /* threading... */ if ((r = pcap_dispatch(desc, cnt, (pcap_handler) nids_pcap_handler, NULL)) == -1) { strcpy(nids_errbuf, "dispatch: "); strncat(nids_errbuf, pcap_geterr(desc), sizeof(nids_errbuf) - 11); } STOP_CAP_QUEUE_PROCESS_THREAD(); return r; } libnids-1.26/src/nids.h000066400000000000000000000071301415573252600147760ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #ifndef _NIDS_NIDS_H # define _NIDS_NIDS_H # include #include #include # include # include # include # ifdef __cplusplus extern "C" { # endif # define NIDS_MAJOR 1 # define NIDS_MINOR 26 enum { NIDS_WARN_IP = 1, NIDS_WARN_TCP, NIDS_WARN_UDP, NIDS_WARN_SCAN }; enum { NIDS_WARN_UNDEFINED = 0, NIDS_WARN_IP_OVERSIZED, NIDS_WARN_IP_INVLIST, NIDS_WARN_IP_OVERLAP, NIDS_WARN_IP_HDR, NIDS_WARN_IP_SRR, NIDS_WARN_TCP_TOOMUCH, NIDS_WARN_TCP_HDR, NIDS_WARN_TCP_BIGQUEUE, NIDS_WARN_TCP_BADFLAGS }; # define NIDS_JUST_EST 1 # define NIDS_DATA 2 # define NIDS_CLOSE 3 # define NIDS_RESET 4 # define NIDS_TIMED_OUT 5 # define NIDS_EXITING 6 /* nids is exiting; last chance to get data */ # define NIDS_DO_CHKSUM 0 # define NIDS_DONT_CHKSUM 1 struct tuple4 { u_short source; u_short dest; u_int saddr; u_int daddr; }; struct half_stream { char state; char collect; char collect_urg; char *data; int offset; int count; int count_new; int bufsize; int rmem_alloc; int urg_count; u_int acked; u_int seq; u_int ack_seq; u_int first_data_seq; u_char urgdata; u_char count_new_urg; u_char urg_seen; u_int urg_ptr; u_short window; u_char ts_on; u_char wscale_on; u_int curr_ts; u_int wscale; struct skbuff *list; struct skbuff *listtail; }; struct tcp_stream { struct tuple4 addr; char nids_state; struct lurker_node *listeners; struct half_stream client; struct half_stream server; struct tcp_stream *next_node; struct tcp_stream *prev_node; int hash_index; struct tcp_stream *next_time; struct tcp_stream *prev_time; int read; struct tcp_stream *next_free; void *user; long ts; }; struct nids_prm { int n_tcp_streams; int n_hosts; char *device; char *filename; int sk_buff_size; int dev_addon; void (*syslog) (); int syslog_level; int scan_num_hosts; int scan_delay; int scan_num_ports; void (*no_mem) (char *); int (*ip_filter) (); char *pcap_filter; int promisc; int one_loop_less; int pcap_timeout; int multiproc; int queue_limit; int tcp_workarounds; pcap_t *pcap_desc; int tcp_flow_timeout; }; struct tcp_timeout { struct tcp_stream *a_tcp; struct timeval timeout; struct tcp_timeout *next; struct tcp_timeout *prev; }; int nids_init (void); void nids_register_ip_frag (void (*)); void nids_unregister_ip_frag (void (*)); void nids_register_ip (void (*)); void nids_unregister_ip (void (*)); void nids_register_tcp (void (*)); void nids_unregister_tcp (void (*x)); void nids_register_udp (void (*)); void nids_unregister_udp (void (*)); void nids_killtcp (struct tcp_stream *); void nids_discard (struct tcp_stream *, int); int nids_run (void); void nids_exit(void); int nids_getfd (void); int nids_dispatch (int); int nids_next (void); void nids_pcap_handler(u_char *, struct pcap_pkthdr *, u_char *); struct tcp_stream *nids_find_tcp_stream(struct tuple4 *); void nids_free_tcp_stream(struct tcp_stream *); extern struct nids_prm nids_params; extern char *nids_warnings[]; extern char nids_errbuf[]; extern struct pcap_pkthdr *nids_last_pcap_header; extern u_char *nids_last_pcap_data; extern u_int nids_linkoffset; extern struct tcp_timeout *nids_tcp_timeouts; struct nids_chksum_ctl { u_int netaddr; u_int mask; u_int action; u_int reserved; }; extern void nids_register_chksum_ctl(struct nids_chksum_ctl *, int); # ifdef __cplusplus } # endif #endif /* _NIDS_NIDS_H */ libnids-1.26/src/scan.c000066400000000000000000000057521415573252600147700ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include #include #include #include #include "nids.h" #include "scan.h" static struct host **hashhost; static int time0; static int timenow; static int gettime() { struct timeval tv; if (timenow) return timenow; gettimeofday(&tv, 0); timenow = (tv.tv_sec - time0) * 1000 + tv.tv_usec / 1000; return timenow; } void scan_init(void) { struct timeval tv; if (nids_params.scan_num_hosts > 0) { gettimeofday(&tv, 0); time0 = tv.tv_sec; hashhost = (struct host **) calloc(nids_params.scan_num_hosts, sizeof(struct host *)); if (!hashhost) nids_params.no_mem("scan_init"); } } void scan_exit(void) { if (hashhost) { free(hashhost); hashhost = NULL; } } static int scan_hash(int addr) { return ((addr % 65536) ^ (addr >> 16)) % (nids_params.scan_num_hosts); } void detect_scan(struct ip * iph) { int i; struct tcphdr *th; int hash; struct host *this_host; struct host *oldest; int mtime = 2147483647; if (nids_params.scan_num_hosts <= 0) return; th = (struct tcphdr *) (((char *) iph) + 4 * iph->ip_hl); hash = scan_hash(iph->ip_src.s_addr); this_host = hashhost[hash]; oldest = 0; timenow = 0; for (i = 0; this_host && this_host->addr != iph->ip_src.s_addr; i++) { if (this_host->modtime < mtime) { mtime = this_host->modtime; oldest = this_host; } this_host = this_host->next; } if (!this_host) { if (i == 10) this_host = oldest; else { this_host = (struct host *) malloc(sizeof(struct host) + \ (nids_params.scan_num_ports + 1) * sizeof(struct scan)); if (!this_host) nids_params.no_mem("detect_scan"); this_host->packets = (struct scan *) (((char *) this_host) + sizeof(struct host)); if (hashhost[hash]) { hashhost[hash]->prev = this_host; this_host->next = hashhost[hash]; } else this_host->next = 0; this_host->prev = 0; hashhost[hash] = this_host; } this_host->addr = iph->ip_src.s_addr; this_host->modtime = gettime(); this_host->n_packets = 0; } if (this_host->modtime - gettime() > nids_params.scan_delay) this_host->n_packets = 0; this_host->modtime = gettime(); for (i = 0; i < this_host->n_packets; i++) if (this_host->packets[i].addr == iph->ip_dst.s_addr && this_host->packets[i].port == ntohs(th->th_dport)) return; this_host->packets[this_host->n_packets].addr = iph->ip_dst.s_addr; this_host->packets[this_host->n_packets].port = ntohs(th->th_dport); this_host->packets[this_host->n_packets].flags = *((unsigned char *) (th) + 13); this_host->n_packets++; if (this_host->n_packets > nids_params.scan_num_ports) { nids_params.syslog(NIDS_WARN_SCAN, 0, 0, this_host); this_host->n_packets = 0; } } libnids-1.26/src/scan.h000066400000000000000000000007331415573252600147670ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #ifndef _NIDS_SCAN_H #define _NIDS_SCAN_H struct scan { u_int addr; unsigned short port; u_char flags; }; struct host { struct host *next; struct host *prev; u_int addr; int modtime; int n_packets; struct scan *packets; }; void scan_init(void); void scan_exit(void); void detect_scan(struct ip *); #endif /* _NIDS_SCAN_H */ libnids-1.26/src/tcp.c000066400000000000000000000657751415573252600146450ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include #include #include #include #include #include #include #include "checksum.h" #include "scan.h" #include "tcp.h" #include "util.h" #include "nids.h" #include "hash.h" #if ! HAVE_TCP_STATES enum { TCP_ESTABLISHED = 1, TCP_SYN_SENT, TCP_SYN_RECV, TCP_FIN_WAIT1, TCP_FIN_WAIT2, TCP_TIME_WAIT, TCP_CLOSE, TCP_CLOSE_WAIT, TCP_LAST_ACK, TCP_LISTEN, TCP_CLOSING /* now a valid state */ }; #endif #define FIN_SENT 120 #define FIN_CONFIRMED 121 #define COLLECT_cc 1 #define COLLECT_sc 2 #define COLLECT_ccu 4 #define COLLECT_scu 8 #define EXP_SEQ (snd->first_data_seq + rcv->count + rcv->urg_count) extern struct proc_node *tcp_procs; static struct tcp_stream **tcp_stream_table; static struct tcp_stream *streams_pool; static int tcp_num = 0; static int tcp_stream_table_size; static int max_stream; static struct tcp_stream *tcp_latest = 0, *tcp_oldest = 0; static struct tcp_stream *free_streams; static struct ip *ugly_iphdr; struct tcp_timeout *nids_tcp_timeouts = 0; static void purge_queue(struct half_stream * h) { struct skbuff *tmp, *p = h->list; while (p) { free(p->data); tmp = p->next; free(p); p = tmp; } h->list = h->listtail = 0; h->rmem_alloc = 0; } static void add_tcp_closing_timeout(struct tcp_stream * a_tcp) { struct tcp_timeout *to; struct tcp_timeout *newto; if (!nids_params.tcp_workarounds) return; newto = malloc(sizeof (struct tcp_timeout)); if (!newto) nids_params.no_mem("add_tcp_closing_timeout"); newto->a_tcp = a_tcp; newto->timeout.tv_sec = nids_last_pcap_header->ts.tv_sec + 10; newto->prev = 0; for (newto->next = to = nids_tcp_timeouts; to; newto->next = to = to->next) { if (to->a_tcp == a_tcp) { free(newto); return; } if (to->timeout.tv_sec > newto->timeout.tv_sec) break; newto->prev = to; } if (!newto->prev) nids_tcp_timeouts = newto; else newto->prev->next = newto; if (newto->next) newto->next->prev = newto; } static void del_tcp_closing_timeout(struct tcp_stream * a_tcp) { struct tcp_timeout *to; if (!nids_params.tcp_workarounds) return; for (to = nids_tcp_timeouts; to; to = to->next) if (to->a_tcp == a_tcp) break; if (!to) return; if (!to->prev) nids_tcp_timeouts = to->next; else to->prev->next = to->next; if (to->next) to->next->prev = to->prev; free(to); } void nids_free_tcp_stream(struct tcp_stream * a_tcp) { int hash_index = a_tcp->hash_index; struct lurker_node *i, *j; del_tcp_closing_timeout(a_tcp); purge_queue(&a_tcp->server); purge_queue(&a_tcp->client); if (a_tcp->next_node) a_tcp->next_node->prev_node = a_tcp->prev_node; if (a_tcp->prev_node) a_tcp->prev_node->next_node = a_tcp->next_node; else tcp_stream_table[hash_index] = a_tcp->next_node; if (a_tcp->client.data) free(a_tcp->client.data); if (a_tcp->server.data) free(a_tcp->server.data); if (a_tcp->next_time) a_tcp->next_time->prev_time = a_tcp->prev_time; if (a_tcp->prev_time) a_tcp->prev_time->next_time = a_tcp->next_time; if (a_tcp == tcp_oldest) tcp_oldest = a_tcp->prev_time; if (a_tcp == tcp_latest) tcp_latest = a_tcp->next_time; i = a_tcp->listeners; while (i) { j = i->next; free(i); i = j; } a_tcp->next_free = free_streams; free_streams = a_tcp; tcp_num--; } void tcp_check_timeouts(struct timeval *now) { struct tcp_timeout *to; struct tcp_timeout *next; struct lurker_node *i; for (to = nids_tcp_timeouts; to; to = next) { if (now->tv_sec < to->timeout.tv_sec) return; to->a_tcp->nids_state = NIDS_TIMED_OUT; for (i = to->a_tcp->listeners; i; i = i->next) (i->item) (to->a_tcp, &i->data); next = to->next; nids_free_tcp_stream(to->a_tcp); } } static int mk_hash_index(struct tuple4 addr) { int hash=mkhash(addr.saddr, addr.source, addr.daddr, addr.dest); return hash % tcp_stream_table_size; } static int get_ts(struct tcphdr * this_tcphdr, unsigned int * ts) { int len = 4 * this_tcphdr->th_off; unsigned int tmp_ts; unsigned char * options = (unsigned char*)(this_tcphdr + 1); int ind = 0, ret = 0; while (ind <= len - (int)sizeof (struct tcphdr) - 10 ) switch (options[ind]) { case 0: /* TCPOPT_EOL */ return ret; case 1: /* TCPOPT_NOP */ ind++; continue; case 8: /* TCPOPT_TIMESTAMP */ memcpy((char*)&tmp_ts, options + ind + 2, 4); *ts=ntohl(tmp_ts); ret = 1; /* no break, intentionally */ default: if (options[ind+1] < 2 ) /* "silly option" */ return ret; ind += options[ind+1]; } return ret; } static int get_wscale(struct tcphdr * this_tcphdr, unsigned int * ws) { int len = 4 * this_tcphdr->th_off; unsigned int tmp_ws; unsigned char * options = (unsigned char*)(this_tcphdr + 1); int ind = 0, ret = 0; *ws=1; while (ind <= len - (int)sizeof (struct tcphdr) - 3 ) switch (options[ind]) { case 0: /* TCPOPT_EOL */ return ret; case 1: /* TCPOPT_NOP */ ind++; continue; case 3: /* TCPOPT_WSCALE */ tmp_ws=options[ind+2]; if (tmp_ws>14) tmp_ws=14; *ws=1<th_sport); addr.dest = ntohs(this_tcphdr->th_dport); addr.saddr = this_iphdr->ip_src.s_addr; addr.daddr = this_iphdr->ip_dst.s_addr; hash_index = mk_hash_index(addr); if (tcp_num > max_stream) { struct lurker_node *i; int orig_client_state=tcp_oldest->client.state; tcp_oldest->nids_state = NIDS_TIMED_OUT; for (i = tcp_oldest->listeners; i; i = i->next) (i->item) (tcp_oldest, &i->data); nids_free_tcp_stream(tcp_oldest); if (orig_client_state!=TCP_SYN_SENT) nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_TOOMUCH, ugly_iphdr, this_tcphdr); } a_tcp = free_streams; if (!a_tcp) { fprintf(stderr, "gdb me ...\n"); pause(); } free_streams = a_tcp->next_free; tcp_num++; tolink = tcp_stream_table[hash_index]; memset(a_tcp, 0, sizeof(struct tcp_stream)); a_tcp->hash_index = hash_index; a_tcp->addr = addr; a_tcp->client.state = TCP_SYN_SENT; a_tcp->client.seq = ntohl(this_tcphdr->th_seq) + 1; a_tcp->client.first_data_seq = a_tcp->client.seq; a_tcp->client.window = ntohs(this_tcphdr->th_win); a_tcp->client.ts_on = get_ts(this_tcphdr, &a_tcp->client.curr_ts); a_tcp->client.wscale_on = get_wscale(this_tcphdr, &a_tcp->client.wscale); a_tcp->server.state = TCP_CLOSE; a_tcp->next_node = tolink; a_tcp->prev_node = 0; a_tcp->ts = nids_last_pcap_header->ts.tv_sec; if (tolink) tolink->prev_node = a_tcp; tcp_stream_table[hash_index] = a_tcp; a_tcp->next_time = tcp_latest; a_tcp->prev_time = 0; if (!tcp_oldest) tcp_oldest = a_tcp; if (tcp_latest) tcp_latest->prev_time = a_tcp; tcp_latest = a_tcp; } static void add2buf(struct half_stream * rcv, char *data, int datalen) { int toalloc; if (datalen + rcv->count - rcv->offset > rcv->bufsize) { if (!rcv->data) { if (datalen < 2048) toalloc = 4096; else toalloc = datalen * 2; rcv->data = malloc(toalloc); rcv->bufsize = toalloc; } else { if (datalen < rcv->bufsize) toalloc = 2 * rcv->bufsize; else toalloc = rcv->bufsize + 2*datalen; rcv->data = realloc(rcv->data, toalloc); rcv->bufsize = toalloc; } if (!rcv->data) nids_params.no_mem("add2buf"); } memcpy(rcv->data + rcv->count - rcv->offset, data, datalen); rcv->count_new = datalen; rcv->count += datalen; } static void ride_lurkers(struct tcp_stream * a_tcp, char mask) { struct lurker_node *i; char cc, sc, ccu, scu; for (i = a_tcp->listeners; i; i = i->next) if (i->whatto & mask) { cc = a_tcp->client.collect; sc = a_tcp->server.collect; ccu = a_tcp->client.collect_urg; scu = a_tcp->server.collect_urg; (i->item) (a_tcp, &i->data); if (cc < a_tcp->client.collect) i->whatto |= COLLECT_cc; if (ccu < a_tcp->client.collect_urg) i->whatto |= COLLECT_ccu; if (sc < a_tcp->server.collect) i->whatto |= COLLECT_sc; if (scu < a_tcp->server.collect_urg) i->whatto |= COLLECT_scu; if (cc > a_tcp->client.collect) i->whatto &= ~COLLECT_cc; if (ccu > a_tcp->client.collect_urg) i->whatto &= ~COLLECT_ccu; if (sc > a_tcp->server.collect) i->whatto &= ~COLLECT_sc; if (scu > a_tcp->server.collect_urg) i->whatto &= ~COLLECT_scu; } } static void notify(struct tcp_stream * a_tcp, struct half_stream * rcv) { struct lurker_node *i, **prev_addr; char mask; if (rcv->count_new_urg) { if (!rcv->collect_urg) return; if (rcv == &a_tcp->client) mask = COLLECT_ccu; else mask = COLLECT_scu; ride_lurkers(a_tcp, mask); goto prune_listeners; } if (rcv->collect) { if (rcv == &a_tcp->client) mask = COLLECT_cc; else mask = COLLECT_sc; do { int total; a_tcp->read = rcv->count - rcv->offset; total=a_tcp->read; ride_lurkers(a_tcp, mask); if (a_tcp->read>total-rcv->count_new) rcv->count_new=total-a_tcp->read; if (a_tcp->read > 0) { memmove(rcv->data, rcv->data + a_tcp->read, rcv->count - rcv->offset - a_tcp->read); rcv->offset += a_tcp->read; } }while (nids_params.one_loop_less && a_tcp->read>0 && rcv->count_new); // we know that if one_loop_less!=0, we have only one callback to notify rcv->count_new=0; } prune_listeners: prev_addr = &a_tcp->listeners; i = a_tcp->listeners; while (i) if (!i->whatto) { *prev_addr = i->next; free(i); i = *prev_addr; } else { prev_addr = &i->next; i = i->next; } } static void add_from_skb(struct tcp_stream * a_tcp, struct half_stream * rcv, struct half_stream * snd, u_char *data, int datalen, u_int this_seq, char fin, char urg, u_int urg_ptr) { u_int lost = EXP_SEQ - this_seq; int to_copy, to_copy2; if (urg && after(urg_ptr, EXP_SEQ - 1) && (!rcv->urg_seen || after(urg_ptr, rcv->urg_ptr))) { rcv->urg_ptr = urg_ptr; rcv->urg_seen = 1; } if (rcv->urg_seen && after(rcv->urg_ptr + 1, this_seq + lost) && before(rcv->urg_ptr, this_seq + datalen)) { to_copy = rcv->urg_ptr - (this_seq + lost); if (to_copy > 0) { if (rcv->collect) { add2buf(rcv, (char *)(data + lost), to_copy); notify(a_tcp, rcv); } else { rcv->count += to_copy; rcv->offset = rcv->count; /* clear the buffer */ } } rcv->urgdata = data[rcv->urg_ptr - this_seq]; rcv->count_new_urg = 1; notify(a_tcp, rcv); rcv->count_new_urg = 0; rcv->urg_seen = 0; rcv->urg_count++; to_copy2 = this_seq + datalen - rcv->urg_ptr - 1; if (to_copy2 > 0) { if (rcv->collect) { add2buf(rcv, (char *)(data + lost + to_copy + 1), to_copy2); notify(a_tcp, rcv); } else { rcv->count += to_copy2; rcv->offset = rcv->count; /* clear the buffer */ } } } else { if (datalen - lost > 0) { if (rcv->collect) { add2buf(rcv, (char *)(data + lost), datalen - lost); notify(a_tcp, rcv); } else { rcv->count += datalen - lost; rcv->offset = rcv->count; /* clear the buffer */ } } } if (fin) { snd->state = FIN_SENT; if (rcv->state == TCP_CLOSING) add_tcp_closing_timeout(a_tcp); } } static void tcp_queue(struct tcp_stream * a_tcp, struct tcphdr * this_tcphdr, struct half_stream * snd, struct half_stream * rcv, char *data, int datalen, int skblen ) { u_int this_seq = ntohl(this_tcphdr->th_seq); struct skbuff *pakiet, *tmp; /* * Did we get anything new to ack? */ if (!after(this_seq, EXP_SEQ)) { if (after(this_seq + datalen + (this_tcphdr->th_flags & TH_FIN), EXP_SEQ)) { /* the packet straddles our window end */ get_ts(this_tcphdr, &snd->curr_ts); add_from_skb(a_tcp, rcv, snd, (u_char *)data, datalen, this_seq, (this_tcphdr->th_flags & TH_FIN), (this_tcphdr->th_flags & TH_URG), ntohs(this_tcphdr->th_urp) + this_seq - 1); /* * Do we have any old packets to ack that the above * made visible? (Go forward from skb) */ pakiet = rcv->list; while (pakiet) { if (after(pakiet->seq, EXP_SEQ)) break; if (after(pakiet->seq + pakiet->len + pakiet->fin, EXP_SEQ)) { add_from_skb(a_tcp, rcv, snd, pakiet->data, pakiet->len, pakiet->seq, pakiet->fin, pakiet->urg, pakiet->urg_ptr + pakiet->seq - 1); } rcv->rmem_alloc -= pakiet->truesize; if (pakiet->prev) pakiet->prev->next = pakiet->next; else rcv->list = pakiet->next; if (pakiet->next) pakiet->next->prev = pakiet->prev; else rcv->listtail = pakiet->prev; tmp = pakiet->next; free(pakiet->data); free(pakiet); pakiet = tmp; } } else return; } else { struct skbuff *p = rcv->listtail; pakiet = mknew(struct skbuff); pakiet->truesize = skblen; rcv->rmem_alloc += pakiet->truesize; pakiet->len = datalen; pakiet->data = malloc(datalen); if (!pakiet->data) nids_params.no_mem("tcp_queue"); memcpy(pakiet->data, data, datalen); pakiet->fin = (this_tcphdr->th_flags & TH_FIN); /* Some Cisco - at least - hardware accept to close a TCP connection * even though packets were lost before the first TCP FIN packet and * never retransmitted; this violates RFC 793, but since it really * happens, it has to be dealt with... The idea is to introduce a 10s * timeout after TCP FIN packets were sent by both sides so that * corresponding libnids resources can be released instead of waiting * for retransmissions which will never happen. -- Sebastien Raveau */ if (pakiet->fin) { snd->state = TCP_CLOSING; if (rcv->state == FIN_SENT || rcv->state == FIN_CONFIRMED) add_tcp_closing_timeout(a_tcp); } pakiet->seq = this_seq; pakiet->urg = (this_tcphdr->th_flags & TH_URG); pakiet->urg_ptr = ntohs(this_tcphdr->th_urp); for (;;) { if (!p || !after(p->seq, this_seq)) break; p = p->prev; } if (!p) { pakiet->prev = 0; pakiet->next = rcv->list; if (rcv->list) rcv->list->prev = pakiet; rcv->list = pakiet; if (!rcv->listtail) rcv->listtail = pakiet; } else { pakiet->next = p->next; p->next = pakiet; pakiet->prev = p; if (pakiet->next) pakiet->next->prev = pakiet; else rcv->listtail = pakiet; } } } static void prune_queue(struct half_stream * rcv, struct tcphdr * this_tcphdr) { struct skbuff *tmp, *p = rcv->list; nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_BIGQUEUE, ugly_iphdr, this_tcphdr); while (p) { free(p->data); tmp = p->next; free(p); p = tmp; } rcv->list = rcv->listtail = 0; rcv->rmem_alloc = 0; } static void handle_ack(struct half_stream * snd, u_int acknum) { int ackdiff; ackdiff = acknum - snd->ack_seq; if (ackdiff > 0) { snd->ack_seq = acknum; } } #if 0 static void check_flags(struct ip * iph, struct tcphdr * th) { u_char flag = *(((u_char *) th) + 13); if (flag & 0x40 || flag & 0x80) nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_BADFLAGS, iph, th); //ECN is really the only cause of these warnings... } #endif struct tcp_stream * find_stream(struct tcphdr * this_tcphdr, struct ip * this_iphdr, int *from_client) { struct tuple4 this_addr, reversed; struct tcp_stream *a_tcp; this_addr.source = ntohs(this_tcphdr->th_sport); this_addr.dest = ntohs(this_tcphdr->th_dport); this_addr.saddr = this_iphdr->ip_src.s_addr; this_addr.daddr = this_iphdr->ip_dst.s_addr; a_tcp = nids_find_tcp_stream(&this_addr); if (a_tcp) { *from_client = 1; return a_tcp; } reversed.source = ntohs(this_tcphdr->th_dport); reversed.dest = ntohs(this_tcphdr->th_sport); reversed.saddr = this_iphdr->ip_dst.s_addr; reversed.daddr = this_iphdr->ip_src.s_addr; a_tcp = nids_find_tcp_stream(&reversed); if (a_tcp) { *from_client = 0; return a_tcp; } return 0; } struct tcp_stream * nids_find_tcp_stream(struct tuple4 *addr) { int hash_index; struct tcp_stream *a_tcp; hash_index = mk_hash_index(*addr); for (a_tcp = tcp_stream_table[hash_index]; a_tcp && memcmp(&a_tcp->addr, addr, sizeof (struct tuple4)); a_tcp = a_tcp->next_node); return a_tcp ? a_tcp : 0; } void tcp_exit(void) { int i; struct lurker_node *j; struct tcp_stream *a_tcp, *t_tcp; if (!tcp_stream_table || !streams_pool) return; for (i = 0; i < tcp_stream_table_size; i++) { a_tcp = tcp_stream_table[i]; while(a_tcp) { t_tcp = a_tcp; a_tcp = a_tcp->next_node; for (j = t_tcp->listeners; j; j = j->next) { t_tcp->nids_state = NIDS_EXITING; (j->item)(t_tcp, &j->data); } nids_free_tcp_stream(t_tcp); } } free(tcp_stream_table); tcp_stream_table = NULL; free(streams_pool); streams_pool = NULL; /* FIXME: anything else we should free? */ /* yes plz.. */ tcp_latest = tcp_oldest = NULL; tcp_num = 0; } void process_tcp(u_char * data, int skblen) { struct ip *this_iphdr = (struct ip *)data; struct tcphdr *this_tcphdr = (struct tcphdr *)(data + 4 * this_iphdr->ip_hl); int datalen, iplen; int from_client = 1; unsigned int tmp_ts; struct tcp_stream *a_tcp; struct half_stream *snd, *rcv; ugly_iphdr = this_iphdr; iplen = ntohs(this_iphdr->ip_len); if ((unsigned)iplen < 4 * this_iphdr->ip_hl + sizeof(struct tcphdr)) { nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_HDR, this_iphdr, this_tcphdr); return; } // ktos sie bawi datalen = iplen - 4 * this_iphdr->ip_hl - 4 * this_tcphdr->th_off; if (datalen < 0) { nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_HDR, this_iphdr, this_tcphdr); return; } // ktos sie bawi if ((this_iphdr->ip_src.s_addr | this_iphdr->ip_dst.s_addr) == 0) { nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_HDR, this_iphdr, this_tcphdr); return; } if (!(this_tcphdr->th_flags & TH_ACK)) detect_scan(this_iphdr); if (!nids_params.n_tcp_streams) return; if (my_tcp_check(this_tcphdr, iplen - 4 * this_iphdr->ip_hl, this_iphdr->ip_src.s_addr, this_iphdr->ip_dst.s_addr)) { nids_params.syslog(NIDS_WARN_TCP, NIDS_WARN_TCP_HDR, this_iphdr, this_tcphdr); return; } #if 0 check_flags(this_iphdr, this_tcphdr); //ECN #endif if (!(a_tcp = find_stream(this_tcphdr, this_iphdr, &from_client))) { if ((this_tcphdr->th_flags & TH_SYN) && !(this_tcphdr->th_flags & TH_ACK) && !(this_tcphdr->th_flags & TH_RST)) add_new_tcp(this_tcphdr, this_iphdr); return; } if (from_client) { snd = &a_tcp->client; rcv = &a_tcp->server; } else { rcv = &a_tcp->client; snd = &a_tcp->server; } if ((this_tcphdr->th_flags & TH_SYN)) { if (from_client) { // if timeout since previous if (nids_params.tcp_flow_timeout > 0 && (a_tcp->ts + nids_params.tcp_flow_timeout < nids_last_pcap_header->ts.tv_sec)) { if (!(this_tcphdr->th_flags & TH_ACK) && !(this_tcphdr->th_flags & TH_RST)) { // cleanup previous nids_free_tcp_stream(a_tcp); // start new add_new_tcp(this_tcphdr, this_iphdr); } } return; } if (a_tcp->client.state != TCP_SYN_SENT || a_tcp->server.state != TCP_CLOSE || !(this_tcphdr->th_flags & TH_ACK)) return; if (a_tcp->client.seq != ntohl(this_tcphdr->th_ack)) return; a_tcp->ts = nids_last_pcap_header->ts.tv_sec; a_tcp->server.state = TCP_SYN_RECV; a_tcp->server.seq = ntohl(this_tcphdr->th_seq) + 1; a_tcp->server.first_data_seq = a_tcp->server.seq; a_tcp->server.ack_seq = ntohl(this_tcphdr->th_ack); a_tcp->server.window = ntohs(this_tcphdr->th_win); if (a_tcp->client.ts_on) { a_tcp->server.ts_on = get_ts(this_tcphdr, &a_tcp->server.curr_ts); if (!a_tcp->server.ts_on) a_tcp->client.ts_on = 0; } else a_tcp->server.ts_on = 0; if (a_tcp->client.wscale_on) { a_tcp->server.wscale_on = get_wscale(this_tcphdr, &a_tcp->server.wscale); if (!a_tcp->server.wscale_on) { a_tcp->client.wscale_on = 0; a_tcp->client.wscale = 1; a_tcp->server.wscale = 1; } } else { a_tcp->server.wscale_on = 0; a_tcp->server.wscale = 1; } return; } if ( ! ( !datalen && ntohl(this_tcphdr->th_seq) == rcv->ack_seq ) && ( !before(ntohl(this_tcphdr->th_seq), rcv->ack_seq + rcv->window*rcv->wscale) || before(ntohl(this_tcphdr->th_seq) + datalen, rcv->ack_seq) ) ) return; if ((this_tcphdr->th_flags & TH_RST)) { if (a_tcp->nids_state == NIDS_DATA) { struct lurker_node *i; a_tcp->nids_state = NIDS_RESET; for (i = a_tcp->listeners; i; i = i->next) (i->item) (a_tcp, &i->data); } nids_free_tcp_stream(a_tcp); return; } /* PAWS check */ if (rcv->ts_on && get_ts(this_tcphdr, &tmp_ts) && before(tmp_ts, snd->curr_ts)) return; if ((this_tcphdr->th_flags & TH_ACK)) { if (from_client && a_tcp->client.state == TCP_SYN_SENT && a_tcp->server.state == TCP_SYN_RECV) { if (ntohl(this_tcphdr->th_ack) == a_tcp->server.seq) { a_tcp->client.state = TCP_ESTABLISHED; a_tcp->client.ack_seq = ntohl(this_tcphdr->th_ack); a_tcp->ts = nids_last_pcap_header->ts.tv_sec; { struct proc_node *i; struct lurker_node *j; void *data; a_tcp->server.state = TCP_ESTABLISHED; a_tcp->nids_state = NIDS_JUST_EST; for (i = tcp_procs; i; i = i->next) { char whatto = 0; char cc = a_tcp->client.collect; char sc = a_tcp->server.collect; char ccu = a_tcp->client.collect_urg; char scu = a_tcp->server.collect_urg; (i->item) (a_tcp, &data); if (cc < a_tcp->client.collect) whatto |= COLLECT_cc; if (ccu < a_tcp->client.collect_urg) whatto |= COLLECT_ccu; if (sc < a_tcp->server.collect) whatto |= COLLECT_sc; if (scu < a_tcp->server.collect_urg) whatto |= COLLECT_scu; if (nids_params.one_loop_less) { if (a_tcp->client.collect >=2) { a_tcp->client.collect=cc; whatto&=~COLLECT_cc; } if (a_tcp->server.collect >=2 ) { a_tcp->server.collect=sc; whatto&=~COLLECT_sc; } } if (whatto) { j = mknew(struct lurker_node); j->item = i->item; j->data = data; j->whatto = whatto; j->next = a_tcp->listeners; a_tcp->listeners = j; } } if (!a_tcp->listeners) { nids_free_tcp_stream(a_tcp); return; } a_tcp->nids_state = NIDS_DATA; } } // return; } } if ((this_tcphdr->th_flags & TH_ACK)) { handle_ack(snd, ntohl(this_tcphdr->th_ack)); if (rcv->state == FIN_SENT) rcv->state = FIN_CONFIRMED; if (rcv->state == FIN_CONFIRMED && snd->state == FIN_CONFIRMED) { struct lurker_node *i; a_tcp->nids_state = NIDS_CLOSE; for (i = a_tcp->listeners; i; i = i->next) (i->item) (a_tcp, &i->data); nids_free_tcp_stream(a_tcp); return; } } if (datalen + (this_tcphdr->th_flags & TH_FIN) > 0) tcp_queue(a_tcp, this_tcphdr, snd, rcv, (char *) (this_tcphdr) + 4 * this_tcphdr->th_off, datalen, skblen); snd->window = ntohs(this_tcphdr->th_win); if (rcv->rmem_alloc > 65535) prune_queue(rcv, this_tcphdr); if (!a_tcp->listeners) nids_free_tcp_stream(a_tcp); } void nids_discard(struct tcp_stream * a_tcp, int num) { if (num < a_tcp->read) a_tcp->read = num; } void nids_register_tcp(void (*x)) { register_callback(&tcp_procs, x); } void nids_unregister_tcp(void (*x)) { unregister_callback(&tcp_procs, x); } int tcp_init(int size) { int i; struct tcp_timeout *tmp; if (!size) return 0; tcp_stream_table_size = size; tcp_stream_table = calloc(tcp_stream_table_size, sizeof(char *)); if (!tcp_stream_table) { nids_params.no_mem("tcp_init"); return -1; } max_stream = 3 * tcp_stream_table_size / 4; streams_pool = (struct tcp_stream *) malloc((max_stream + 1) * sizeof(struct tcp_stream)); if (!streams_pool) { nids_params.no_mem("tcp_init"); return -1; } for (i = 0; i < max_stream; i++) streams_pool[i].next_free = &(streams_pool[i + 1]); streams_pool[max_stream].next_free = 0; free_streams = streams_pool; init_hash(); while (nids_tcp_timeouts) { tmp = nids_tcp_timeouts->next; free(nids_tcp_timeouts); nids_tcp_timeouts = tmp; } return 0; } #if HAVE_ICMPHDR #define STRUCT_ICMP struct icmphdr #define ICMP_CODE code #define ICMP_TYPE type #else #define STRUCT_ICMP struct icmp #define ICMP_CODE icmp_code #define ICMP_TYPE icmp_type #endif #ifndef ICMP_DEST_UNREACH #define ICMP_DEST_UNREACH ICMP_UNREACH #define ICMP_PROT_UNREACH ICMP_UNREACH_PROTOCOL #define ICMP_PORT_UNREACH ICMP_UNREACH_PORT #define NR_ICMP_UNREACH ICMP_MAXTYPE #endif void process_icmp(u_char * data) { struct ip *iph = (struct ip *) data; struct ip *orig_ip; STRUCT_ICMP *pkt; struct tcphdr *th; struct half_stream *hlf; int match_addr; struct tcp_stream *a_tcp; struct lurker_node *i; int from_client; /* we will use unsigned, to suppress warning; we must be careful with possible wrap when substracting the following is ok, as the ip header has already been sanitized */ unsigned int len = ntohs(iph->ip_len) - (iph->ip_hl << 2); if (len < sizeof(STRUCT_ICMP)) return; pkt = (STRUCT_ICMP *) (data + (iph->ip_hl << 2)); if (ip_compute_csum((char *) pkt, len)) return; if (pkt->ICMP_TYPE != ICMP_DEST_UNREACH) return; /* ok due to check 7 lines above */ len -= sizeof(STRUCT_ICMP); // sizeof(struct icmp) is not what we want here if (len < sizeof(struct ip)) return; orig_ip = (struct ip *) (((char *) pkt) + 8); if (len < (unsigned)(orig_ip->ip_hl << 2) + 8) return; /* subtraction ok due to the check above */ len -= orig_ip->ip_hl << 2; if ((pkt->ICMP_CODE & 15) == ICMP_PROT_UNREACH || (pkt->ICMP_CODE & 15) == ICMP_PORT_UNREACH) match_addr = 1; else match_addr = 0; if (pkt->ICMP_CODE > NR_ICMP_UNREACH) return; if (match_addr && (iph->ip_src.s_addr != orig_ip->ip_dst.s_addr)) return; if (orig_ip->ip_p != IPPROTO_TCP) return; th = (struct tcphdr *) (((char *) orig_ip) + (orig_ip->ip_hl << 2)); if (!(a_tcp = find_stream(th, orig_ip, &from_client))) return; if (a_tcp->addr.dest == iph->ip_dst.s_addr) hlf = &a_tcp->server; else hlf = &a_tcp->client; if (hlf->state != TCP_SYN_SENT && hlf->state != TCP_SYN_RECV) return; a_tcp->nids_state = NIDS_RESET; for (i = a_tcp->listeners; i; i = i->next) (i->item) (a_tcp, &i->data); nids_free_tcp_stream(a_tcp); } libnids-1.26/src/tcp.h000066400000000000000000000010401415573252600146210ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #ifndef _NIDS_TCP_H #define _NIDS_TCP_H #include struct skbuff { struct skbuff *next; struct skbuff *prev; void *data; u_int len; u_int truesize; u_int urg_ptr; char fin; char urg; u_int seq; u_int ack; }; int tcp_init(int); void tcp_exit(void); void process_tcp(u_char *, int); void process_icmp(u_char *); void tcp_check_timeouts(struct timeval *); #endif /* _NIDS_TCP_H */ libnids-1.26/src/util.c000066400000000000000000000020761415573252600150150ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #include #include #include #include #include "tcp.h" #include "util.h" #include "nids.h" void nids_no_mem(char *func) { fprintf(stderr, "Out of memory in %s.\n", func); exit(1); } char * test_malloc(int x) { char *ret = malloc(x); if (!ret) nids_params.no_mem("test_malloc"); return ret; } void register_callback(struct proc_node **procs, void (*x)) { struct proc_node *ipp; for (ipp = *procs; ipp; ipp = ipp->next) if (x == ipp->item) return; ipp = mknew(struct proc_node); ipp->item = x; ipp->next = *procs; *procs = ipp; } void unregister_callback(struct proc_node **procs, void (*x)) { struct proc_node *ipp; struct proc_node *ipp_prev = 0; for (ipp = *procs; ipp; ipp = ipp->next) { if (x == ipp->item) { if (ipp_prev) ipp_prev->next = ipp->next; else *procs = ipp->next; free(ipp); return; } ipp_prev = ipp; } } libnids-1.26/src/util.h000066400000000000000000000014601415573252600150160ustar00rootroot00000000000000/* Copyright (c) 1999 Rafal Wojtczuk . All rights reserved. See the file COPYING for license details. */ #ifndef _NIDS_UTIL_H #define _NIDS_UTIL_H #define mknew(x) (x *)test_malloc(sizeof(x)) #define b_comp(x,y) (!memcmp(&(x), &(y), sizeof(x))) struct proc_node { void (*item)(); struct proc_node *next; }; struct lurker_node { void (*item)(); void *data; char whatto; struct lurker_node *next; }; void nids_no_mem(char *); char *test_malloc(int); void register_callback(struct proc_node **procs, void (*x)); void unregister_callback(struct proc_node **procs, void (*x)); static inline int before(u_int seq1, u_int seq2) { return ((int)(seq1 - seq2) < 0); } static inline int after(u_int seq1, u_int seq2) { return ((int)(seq2 - seq1) < 0); } #endif /* _NIDS_UTIL_H */