Any C lib for stateful inspection of network sessions? - c

Is there any C/C++ lib(of course Open-sourced) for developing applications of stateful inspection on network session, for instance, following the FTP session state?
I know there is a pre-processor module in Snort namely stream4. But an independent lib is more flexible for us which implemented in C is preferred.
Thanks.

I'm not sure how applicable this will be to whatever you're doing, but you could try to extract the Linux NAT connection tracking code and adapting it to your needs. It's not a nice pre-made library, but it's a start.

Related

D-Bus API or C library to control firewalld

I'm working on a project, implementing everything in C language. As a part of the project, we need to be able to control and configure firewalld, firewall of the current system.
firewalld is implemented in Python and an interface is available. However, we don't want to make Python calls from C or vice versa.
There are command line tools to configure firewalld (e.g. firewall-cmd) but we don't want to make such calls from C either.
I recently started working on firewalld, I don't know much about its internals. I've read that it uses D-Bus, I also don't know much about D-Bus.
There is a C library developed by Thomas Woerner: libfirewall.
However, it's been more than a year and a half since the last commit so it's not maintained. Other than libfirewall, I don't know any firewalld interface in C.
I gave libfirewall a shot. It got me some problems when both compiling and running the examples and I still have problems to resolve. Is it worth to continue with libfirewall? Should I use it?
Is there any other interface that I'm not aware of?
Possibly naive question due to lack of understanding of D-Bus: I thought, maybe, with a D-Bus interface, I can issue commands to firewalld. Can it be done? (i.e. Does D-Bus work like that?) Can we write a program that mimics, say firewall-cmd, and interacts with D-Bus in the same way and at the end allows us to control firewalld?
If this is possible, how to do it and what to use? libdbus and GDBus have relatively good documentation although libdbus requires good deal of effort. They even said "If you use this low-level API directly, you're signing up for some pain." in the documentation. In any case I'll be in need of examples or any kind of text demonstrating their usage.
How should I approach this problem?
Yes, you can issue commands to firewalld via D-Bus. I haven't checked but expect that firewall-cmd is itself implemented as a D-Bus client.
The D-Bus API is extensively documented: https://firewalld.org/documentation/man-pages/firewalld.dbus.html. The documentation should give you a rough idea what can be accomplished through the API. You could try the D-Bus debugger d-feet to interact with firewalld without any code.
GDBus is definitely the easiest way use D-Bus from C but it's still not trivial and firewalld is a fairly complex API: Using it may require some expertise (completely depending on what you need to do).

Custom protocol support

I am not finding documentation for custom protocol support.
From what I understand, Gatling has core engine that does scheduling, thread management etc, and protocol support is designed as an Actor ?
I am trying to develop a custom protocol (thats basically a shell script that will talk to an external service). The latest reference documentation does not seem to have any reference to how to do this ? Any pointers will be greatly appreciated.
If you need to stress test something that is implemented in a shell script, then Gatling probably isn't the best fit. Gatling is designed for stress testing networking protocols. So unless you can duplicate what your shell script is doing in Gatling expressed in networking protocols, you then might want to use something else.
Secondly, if you did implement it, I would check with the core developers of Gatling if it's something that they would consider including (use a github issue to ask). Since the applications of this might not be widespread, they may choose to not include it in their project. If that's the case you would have to either run your own fork with the implementation or add some sort of plugin architecture to Gatling for 3rd part extensibility.
So my suggestions are:
Decompose your shell script into the specific network protocol parts you're interested in stress testing implementing in Gatling.
Use a different tool that's designed to running multiple shell scripts at once for stress testings. Something like GNU Parallel if you're on a Linux box.
Implement it yourself. There's no documentation on how to do this. However a good starting example would be the JMS Protocol Implementation to give you an idea of all that's involved.

finite state machine compiler for C to simulate network protocols

I was looking for a good state machine compiler so as to test some custom networking protocols. I looked at a few tools already such as Yakindu, Ragel(compiler), SCXML(language) but I was not sure if any of them could be used for networking protocols.
SCXML(language) looks good but I could not find any compilers specifically for C (scxmlcc is for C++). Does anyone know a compiler for C based on SCXML?
Yakindu tool looks promising, but I am not sure if network protocols like BGP/OSPF could be tested. Can anyone please give any pointers on this?
Ragel also looks good, but again I am not sure if complex network protocol clients can be generated using this compiler.
The reason I mentioned network protocols specifically is that I also want to be able to perform custom routines such as packet_create/packet_send (with custom packet sizes) etc as part of 'actions' after an 'event' occurs.
Do I need to always generate code from the state graph or Is there a way to directly interact with the states?
I am very new to FSMs, any help/advice/suggestion/links will be greatly appreciated.
The default Yakindu SCT C code generator generates plain C code that is agnostic of the concrete execution environment. This means you get a piece of standard C code that you can integrate into you own application manually. This manual integration means mapping events, operations, and variables between your application and the state machine. Additionally you have to trigger the state machine execution properly.
You can find some information on that in the user guide. You could also customize the code generators in order to match your needs but that makes only sense if the integration into the application always look the same and you want to integrate more than one or two state machines.
So if you provide some more information about the application side API that i could provide some hints how to integrate with the state machine.
We just finished our SCXML -> ANSI C transformation. Currently, it does everything but invocations. Here is a sample of generated ANSI C code, with user-supplied callbacks and the general scaffolding here. Performance measurements for a single microstep on a late 2015 MacBook Pro#3.1GHz are here.
Note that the scaffolding is in C++98 as we had to connect to a data-model implementation to pass the SCXML IRP tests. Generated source is ANSI C though. If you want to transform a SCXML state-chart you can use uscxml-transform as:
$ uscxml-transform -tc -i FILE_OR_URL -o GENERATED_HERE
For example, to print the generated C code for test144 from the SCXML IRP suite on STDOUT:
$ uscxml-transform -tc -i https://raw.githubusercontent.com/tklab-tud/uscxml/master/test/w3c/ecma/test144.scxml
Generated ANSI-C code passes all SCXML IRP tests but those for invocations and custom I/O processors.
LOKI is a new application designed to provide an easy way for programmers and system admistrators to interact with BGP networks. Use it to test your OSPF/BGP connections as well

How to programmatically create ssh tunnel in C/C++ cross-platform?

I need to connect via TCP to a port that's behind a firewall, accessible through an SSH tunnel. I can achieve connection by opening a tunnel and hittting that port, but I want to build this tunneling in to my application.
Additionally, I want to be able to provide automatic login by use of having authorized keys on the server
This must work on the following platforms (in order of importance)
iOS (trickiest because I can't fork an ssh tunnel like I can on other platforms)
OS X
Linux
Windows
What's the easy way to do this? I don't want to spend a great deal of effort obviously since this isn't the meat of my application. But I'll reuse it so I may care enough to "do things right"
But libssh2 is BSD-licensed and appears to have the functionality needed
Looks like: libssh2_channel_direct_tcpip_ex will be the call
Note that the LGPL'd libssh is a problem because on iOS apps you MUST statically link and CANNOT dynamically link to libraries. Therefore, using an LGPL'd library means my source becomes open source.
Libssh is a very good client implementation for SSH protocol. I have written a blog on this. There is also a sample application demonstrating the same. We use the same technique in MONyog (MySQL monitor).
There is a commercial LIB if you want to have a look at, www.chilkatsoft.com/, it is a genric C++ lib for all languages, in it there is a support for SSH tunneling for IOS.
Does the LGPL differentiate between linking dynamically and statically? I don't think so.
The library code (i.e. embedding your own SSH implementation) looks most versatile to me. Except the fact that you might inherit security problems.
On MacOSX/Linux/Unix, you can simply invoke 'ssh' and assume it exists (or make it as a precondition). On Windows, you would rely on putty and friends. I don't think that's a good idea.

Good portable wiimote library with sound support?

I'm lookin for a portable wiimote library. I want to use the wiimote for the hardware it has (but I don't need to access any data stored on it).
Required features:
access to all the buttons (as an exception, no use of the power button is OK)
make the wiimote play sound
talk to nunchuks and classic controllers
preferably: make the wiimote rumble.
interface with C. Preferably native C. Bonus points for bindings with Haskell or python.
The library should port to Linux, Windows and OS X (in order of importance) and should be agnostic with respect to CPU architecture.
Anyone got a good suggestion?
Haven't use it (I've only read about the managed Wiimote library really), but you may want to check out wiiuse. It seems like the most complete of the native libararies.
Others include:
GlovePIE
WiiYourself
You can use my WiiMouse program to do this (which is based on the wiimotelib open source project), it allows you to connect via named pipes and play PCM sounds and use all the attachments including the MotionPlus, it even calculates the MotionPLus vectors for you, you can get it here:
http://home.exetel.com.au/amurgshere/wiimouse.phtml
See the download for an example on how to connect to a wiimote via named pipes and play sounds and stuff.

Resources