net/ids.h Source File

00001 
00022 #ifndef _NET_IDS_H_
00023 #define _NET_IDS_H_
00024 
00025 //maintain correct linkage
00026 #ifdef __cplusplus
00027  #undef __cplusplus  //pcap.h mangles linkage if we leave this alone, so undef it for now
00028  #include <pcap.h>
00029  #define __cplusplus
00030 #else
00031  #include <pcap.h>
00032 #endif //__cplusplus
00033 
00034 #define  IFACE    "eth0"
00035 #define  SNAPLEN  1600       /*  Ethernet II segment max is like 1500 
00036                                  -- Need to change for other L2 protocols ? */
00037 #define  PROMISC  0          /*  Set device into promiscuous mode */
00038 #define  TIMEOUT  1000       /*  Timeout in ms */
00039 #define  COUNT    50         /*  How many packets to process in a loop */
00040 
00041 #include "prohandler.h"
00042 
00053 class netIDS
00054 {
00055     public:
00056         netIDS();
00057         ~netIDS();
00058         int startSniffer(void *device);  //passed from a thread, so must
00059                         // be void.
00060         int stopSniffer();
00061         int loadProtocolHandler(proHan *pro_handler);
00062         int unloadProtocolHandler(int pro);
00063     private:
00064         pcap_t *open(char *pcap_device);
00066         unsigned int  protocols_loaded;
00068         pcap_t       *pcap_structure;
00070         char          pcap_error[10000];
00072         void         *protocol[];
00073 
00074 };
00075 
00076 /*void agent_packet_process(u_char *pcap_data, const struct pcap_pkthdr *packet_header,
00077     const u_char *packet);*/
00078 
00079 #endif