| 1 | /*
|
|---|
| 2 | * traffic-analyzer VFS module. Measure the smb traffic users create
|
|---|
| 3 | * on the net.
|
|---|
| 4 | *
|
|---|
| 5 | * Copyright (C) Holger Hetterich, 2008
|
|---|
| 6 | * Copyright (C) Jeremy Allison, 2008
|
|---|
| 7 | *
|
|---|
| 8 | * This program is free software; you can redistribute it and/or modify
|
|---|
| 9 | * it under the terms of the GNU General Public License as published by
|
|---|
| 10 | * the Free Software Foundation; either version 3 of the License, or
|
|---|
| 11 | * (at your option) any later version.
|
|---|
| 12 | *
|
|---|
| 13 | * This program is distributed in the hope that it will be useful,
|
|---|
| 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 16 | * GNU General Public License for more details.
|
|---|
| 17 | *
|
|---|
| 18 | * You should have received a copy of the GNU General Public License
|
|---|
| 19 | * along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|---|
| 20 | */
|
|---|
| 21 |
|
|---|
| 22 | /**
|
|---|
| 23 | * Protocol version 2.0 description
|
|---|
| 24 | *
|
|---|
| 25 | * The following table shows the exact assembly of the 2.0 protocol.
|
|---|
| 26 | *
|
|---|
| 27 | * -->Header<--
|
|---|
| 28 | * The protocol header is always send first, and contains various
|
|---|
| 29 | * information about the data block to come.
|
|---|
| 30 | * The header is always of fixed length, and will be send unencrypted.
|
|---|
| 31 | *
|
|---|
| 32 | * Byte Number/Bytes Description
|
|---|
| 33 | * 00-02 Contains always the string "V2."
|
|---|
| 34 | * 03 This byte contains a possible subrelease number of the
|
|---|
| 35 | * protocol. This enables the receiver to make a version
|
|---|
| 36 | * check to ensure the compatibility and allows us to
|
|---|
| 37 | * release 2.x versions of the protocol with bugfixes or
|
|---|
| 38 | * enhancements.
|
|---|
| 39 | * 04 This byte is reserved for possible future extensions.
|
|---|
| 40 | * 05 Usually, this byte contains the character '0'. If the
|
|---|
| 41 | * VFS module is configured for encryption of the data,
|
|---|
| 42 | * this byte is set to 'E'.
|
|---|
| 43 | * 06-09 These bytes contain the character '0' by default, and
|
|---|
| 44 | * are reserved for possible future extensions. They have
|
|---|
| 45 | * no function in 2.0.
|
|---|
| 46 | * 10-27 17 bytes containing a string representation of the
|
|---|
| 47 | * number of bytes to come in the following data block.
|
|---|
| 48 | * It is right aligned and filled from the left with '0'.
|
|---|
| 49 | *
|
|---|
| 50 | * -->Data Block<--
|
|---|
| 51 | * The data block is send immediately after the header was send. It's length
|
|---|
| 52 | * is exactly what was given in bytes 11-28 from in the header.
|
|---|
| 53 | *
|
|---|
| 54 | * The data block may be send encrypted.
|
|---|
| 55 | *
|
|---|
| 56 | * To make the data block easy for the receiver to read, it is divided into
|
|---|
| 57 | * several sub-blocks, each with it's own header of four byte length. In each
|
|---|
| 58 | * of the sub-headers, a string representation of the length of this block is
|
|---|
| 59 | * to be found.
|
|---|
| 60 | *
|
|---|
| 61 | * Thus the formal structure is very simple:
|
|---|
| 62 | *
|
|---|
| 63 | * [HEADER]data[HEADER]data[HEADER]data[END]
|
|---|
| 64 | *
|
|---|
| 65 | * whereas [END] is exactly at the position given in bytes 11-28 of the
|
|---|
| 66 | * header.
|
|---|
| 67 | *
|
|---|
| 68 | * Some data the VFS module is capturing is of use for any VFS operation.
|
|---|
| 69 | * Therefore, there is a "common set" of data, that will be send with any
|
|---|
| 70 | * data block. The following provides a list of this data.
|
|---|
| 71 | * - the VFS function identifier (see VFS function ifentifier table below).
|
|---|
| 72 | * - a timestamp to the millisecond.
|
|---|
| 73 | * - the username (as text) who runs the VFS operation.
|
|---|
| 74 | * - the SID of the user who run the VFS operation.
|
|---|
| 75 | * - the domain under which the VFS operation has happened.
|
|---|
| 76 | *
|
|---|
| 77 | */
|
|---|
| 78 |
|
|---|
| 79 | /* Protocol subrelease number */
|
|---|
| 80 | #define SMBTA_SUBRELEASE '0'
|
|---|
| 81 |
|
|---|
| 82 | /*
|
|---|
| 83 | * Every data block sends a number of blocks sending common data
|
|---|
| 84 | * we send the number of "common data blocks" to come very first
|
|---|
| 85 | * so that if the receiver is using an older version of the protocol
|
|---|
| 86 | * it knows which blocks it can ignore.
|
|---|
| 87 | */
|
|---|
| 88 | #define SMBTA_COMMON_DATA_COUNT "00017"
|
|---|
| 89 |
|
|---|
| 90 | /*
|
|---|
| 91 | * VFS Functions identifier table. In protocol version 2, every vfs
|
|---|
| 92 | * function is given a unique id.
|
|---|
| 93 | */
|
|---|
| 94 | enum vfs_id {
|
|---|
| 95 | /*
|
|---|
| 96 | * care for the order here, required for compatibility
|
|---|
| 97 | * with protocol version 1.
|
|---|
| 98 | */
|
|---|
| 99 | vfs_id_read,
|
|---|
| 100 | vfs_id_pread,
|
|---|
| 101 | vfs_id_write,
|
|---|
| 102 | vfs_id_pwrite,
|
|---|
| 103 | /* end of protocol version 1 identifiers. */
|
|---|
| 104 | vfs_id_mkdir,
|
|---|
| 105 | vfs_id_rmdir,
|
|---|
| 106 | vfs_id_rename,
|
|---|
| 107 | vfs_id_chdir,
|
|---|
| 108 | vfs_id_open,
|
|---|
| 109 | vfs_id_close
|
|---|
| 110 | };
|
|---|
| 111 |
|
|---|
| 112 |
|
|---|
| 113 |
|
|---|
| 114 | /*
|
|---|
| 115 | * Specific data sets for the VFS functions.
|
|---|
| 116 | * A compatible receiver has to have the exact same dataset.
|
|---|
| 117 | */
|
|---|
| 118 | struct open_data {
|
|---|
| 119 | const char *filename;
|
|---|
| 120 | mode_t mode;
|
|---|
| 121 | int result;
|
|---|
| 122 | };
|
|---|
| 123 |
|
|---|
| 124 | struct close_data {
|
|---|
| 125 | const char *filename;
|
|---|
| 126 | int result;
|
|---|
| 127 | };
|
|---|
| 128 |
|
|---|
| 129 | struct mkdir_data {
|
|---|
| 130 | const char *path;
|
|---|
| 131 | mode_t mode;
|
|---|
| 132 | int result;
|
|---|
| 133 | };
|
|---|
| 134 |
|
|---|
| 135 | struct rmdir_data {
|
|---|
| 136 | const char *path;
|
|---|
| 137 | int result;
|
|---|
| 138 | };
|
|---|
| 139 |
|
|---|
| 140 | struct rename_data {
|
|---|
| 141 | const char *src;
|
|---|
| 142 | const char *dst;
|
|---|
| 143 | int result;
|
|---|
| 144 | };
|
|---|
| 145 |
|
|---|
| 146 | struct chdir_data {
|
|---|
| 147 | const char *path;
|
|---|
| 148 | int result;
|
|---|
| 149 | };
|
|---|
| 150 |
|
|---|
| 151 | /* rw_data used for read/write/pread/pwrite */
|
|---|
| 152 | struct rw_data {
|
|---|
| 153 | char *filename;
|
|---|
| 154 | size_t len;
|
|---|
| 155 | };
|
|---|
| 156 |
|
|---|
| 157 |
|
|---|
