Added -u flag to start capture with promiscuous mode disabled

ntop · May 9, 2015 · acb313f · acb313f
1 parent c9bcd0a
commit acb313f
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 16 deletions.
diff --git a/include/NtopGlobals.h b/include/NtopGlobals.h
@@ -28,7 +28,6 @@ class NtopGlobals {
   bool is_shutdown, do_decode_tunnels;
   time_t start_time;
   u_int ifMTU, snaplen;
-  u_int8_t promiscuousMode;
   Trace *trace;
   u_int32_t detection_tick_resolution;
   Mutex *mutex;
@@ -40,7 +39,6 @@ class NtopGlobals {
 
   inline u_int getUptime()             { return((u_int)(time(NULL)-start_time+1)); };
   inline u_int getIfMTU()              { return(ifMTU);             };
-  inline u_int8_t getPromiscuousMode() { return(promiscuousMode);   };
   inline u_int getSnaplen()            { return(snaplen);           };
   inline Trace *getTrace()             { return(trace);             };
   inline bool  isShutdown()            { return(is_shutdown);       };

diff --git a/include/Prefs.h b/include/Prefs.h
@@ -40,7 +40,7 @@ class Prefs {
   Ntop *ntop;
   bool enable_dns_resolution, sniff_dns_responses, disable_host_persistency,
     categorization_enabled, httpbl_enabled, resolve_all_host_ip, change_user, daemonize,
-    dump_timeline, shorten_aggregation_names, enable_auto_logout,
+    dump_timeline, shorten_aggregation_names, enable_auto_logout, use_promiscuous_mode,
     disable_alerts, enable_ixia_timestamps, enable_vss_apcon_timestamps,
     enable_users_login, disable_localhost_login;
   LocationPolicy dump_hosts_to_db, dump_aggregations_to_db, sticky_hosts;
@@ -187,6 +187,8 @@ class Prefs {
   inline char* get_es_pwd()   { return(es_pwd);   };
   inline bool shutdownWhenDone() { return(shutdown_when_done); }
   inline bool are_taps_enabled() { return(enable_taps); };
+  inline void set_promiscuous_mode(bool mode)  { use_promiscuous_mode = mode; };
+  inline bool use_promiscuous()  { return(use_promiscuous_mode); };
 };
 
 #endif /* _PREFS_H_ */
diff --git a/ntopng.8 b/ntopng.8
@@ -40,6 +40,7 @@ or
 .IR <categorization_key> ]
 .RB [ \-m
 .IR <local_subnets> ]
+.RB [ \-u | \-\-no\-promisc ]
 .RB [ \-p
 .IR <protocols> ]
 .RB [ \-P ]
@@ -80,7 +81,7 @@ or
 .IR <mode> ]
 .RB [ \-Z
 .IR <prefix> ]
-.RB [ \-\-shutdown-when-done ]
+.RB [ \-\-shutdown\-when\-done ]
 .RB [ \-v ]
 .RB [ \-V ]
 .RB [ \-h ]
@@ -225,6 +226,9 @@ Commas separate multiple network values.
 Both netmask and CIDR notation may be used, even mixed together, for instance
 "131.114.21.0/24,10.0.0.0/255.0.0.0".
 
+.It \-u|\-\-no\-promisc
+Disable promiscous mode when capturing from network interfaces (by default promiscuous mode is used).
+
 .It \-p|\-\-ndpi\-protocols\ <file>.protos
 This parameter is used to specify a nDPI protocol file.
 The format is <tcp|udp>:<port>,<tcp|udp>:<port>,.....@<proto> where

diff --git a/src/NtopGlobals.cpp b/src/NtopGlobals.cpp
@@ -25,9 +25,7 @@
 
 NtopGlobals::NtopGlobals() {
   start_time = time(NULL);
-  ifMTU = 1514;
-  promiscuousMode = 1;
-  snaplen = 1514;
+  ifMTU = snaplen = 1514;
   file_id = 0;
   detection_tick_resolution = 1000;
   trace = new Trace();  

diff --git a/src/PF_RINGInterface.cpp b/src/PF_RINGInterface.cpp
@@ -30,7 +30,7 @@
 /* **************************************************** */
 
 PF_RINGInterface::PF_RINGInterface(const char *name) : NetworkInterface(name) {
-  u_int flags = ntop->getGlobals()->getPromiscuousMode() ? PF_RING_PROMISC : 0;
+  u_int flags = ntop->getPrefs()->use_promiscuous() ? PF_RING_PROMISC : 0;
 
   flags |= PF_RING_LONG_HEADER;
   flags |= PF_RING_DNA_SYMMETRIC_RSS;  /* Note that symmetric RSS is ignored by non-DNA drivers */

diff --git a/src/PcapInterface.cpp b/src/PcapInterface.cpp
@@ -60,7 +60,7 @@ PcapInterface::PcapInterface(const char *name) : NetworkInterface(name) {
     }
   } else {
     pcap_handle = pcap_open_live(ifname, ntop->getGlobals()->getSnaplen(),
-				 ntop->getGlobals()->getPromiscuousMode(),
+				 ntop->getPrefs()->use_promiscuous(),
 				 500, pcap_error_buffer);  
 
     if(pcap_handle) {

diff --git a/src/Prefs.cpp b/src/Prefs.cpp
@@ -30,7 +30,7 @@ Prefs::Prefs(Ntop *_ntop) {
   local_networks = strdup(CONST_DEFAULT_HOME_NET","CONST_DEFAULT_LOCAL_NETS);
   local_networks_set = false, shutdown_when_done = false;
   enable_users_login = true, disable_localhost_login = false;
-  enable_dns_resolution = sniff_dns_responses = true;
+  enable_dns_resolution = sniff_dns_responses = true, use_promiscuous_mode = true;
   categorization_enabled = false, httpbl_enabled = false, resolve_all_host_ip = false;
   max_num_hosts = MAX_NUM_INTERFACE_HOSTS, max_num_flows = MAX_NUM_INTERFACE_HOSTS;
   data_dir = strdup(CONST_DEFAULT_DATA_DIR);
@@ -160,6 +160,7 @@ void usage() {
 	 "[--callbacks-dir|-3] <path>         | Callbacks directory.\n"
 	 "                                    | Default: %s\n"
 	 "[--dump-timeline|-C]                | Enable timeline dump.\n"
+	 "[--no-promisc|-u]                   | Don't set the interface in promiscuous mode.\n"
 	 "[--categorization-key|-c] <key>     | Key used to access host categorization\n"
 	 "                                    | services (default: disabled). \n"
 	 "                                    | Please read README.categorization for\n"
@@ -319,22 +320,23 @@ void Prefs::loadNagiosDefaults() {
 /* ******************************************* */
 
 static const struct option long_options[] = {
-  { "dns-mode",                          required_argument, NULL, 'n' },
-  { "interface",                         required_argument, NULL, 'i' },
+  { "categorization-key",                required_argument, NULL, 'c' },
 #ifndef WIN32
   { "data-dir",                          required_argument, NULL, 'd' },
 #endif
-  { "categorization-key",                required_argument, NULL, 'c' },
-  { "httpbl-key",                        required_argument, NULL, 'k' },
   { "daemon",                            no_argument,       NULL, 'e' },
   { "core-affinity",                     required_argument, NULL, 'g' },
   { "help",                              no_argument,       NULL, 'h' },
-  { "disable-login",                     required_argument, NULL, 'l' },
+  { "interface",                         required_argument, NULL, 'i' },
   { "local-networks",                    required_argument, NULL, 'm' },
+  { "dns-mode",                          required_argument, NULL, 'n' },
+  { "httpbl-key",                        required_argument, NULL, 'k' },
+  { "disable-login",                     required_argument, NULL, 'l' },
   { "ndpi-protocols",                    required_argument, NULL, 'p' },
   { "disable-autologout",                no_argument,       NULL, 'q' },
   { "redis",                             required_argument, NULL, 'r' },
   { "dont-change-user",                  no_argument,       NULL, 's' },
+  { "no-promisc",                        no_argument,       NULL, 'u' },
   { "verbose",                           no_argument,       NULL, 'v' },
   { "max-num-hosts",                     required_argument, NULL, 'x' },
   { "http-port",                         required_argument, NULL, 'w' },
@@ -414,6 +416,10 @@ int Prefs::setOption(int optkey, char *optarg) {
     dump_timeline = true;
     break;
 
+  case 'u':
+    use_promiscuous_mode = false;
+    break;
+
 #ifndef WIN32
   case 'd':
     ntop->setWorkingDir(optarg);
@@ -756,7 +762,7 @@ int Prefs::loadFromCLI(int argc, char *argv[]) {
   u_char c;
 
   while((c = getopt_long(argc, argv,
-			 "c:k:eg:hi:w:r:sg:m:n:p:qd:x:1:2:3:l:vA:B:CD:E:F:G:HI:S:TU:X:W:VZ:",
+			 "c:k:eg:hi:w:r:sg:m:n:p:qd:x:1:2:3:l:uvA:B:CD:E:F:G:HI:S:TU:X:W:VZ:",
 			 long_options, NULL)) != '?') {
     if(c == 255) break;
     setOption(c, optarg);