diff --git a/src/pfparser.c b/src/pfparser.c index 3274629..775e800 100644 --- a/src/pfparser.c +++ b/src/pfparser.c @@ -1,6 +1,7 @@ #include #include #include "pfparser.h" +#include "helpers.h" #include "geo.h" @@ -365,21 +366,6 @@ int pfdata_to_json(pf_data* data, json_object* obj) { } } - GeoIPRecord* ginfo = (data->ipversion == 4 ? geo_get(data->src_addr) - : geo_get6(data->src_addr)); - if(ginfo != NULL) { - json_object* srcloc = json_object_new_object(); - json_object_object_add(obj, "srcloc", srcloc); - add_doublefield(srcloc, "lat", ginfo->latitude); - add_doublefield(srcloc, "lon", ginfo->longitude); - add_strfield(obj, "src_country", (char*)null_unknown(geo_country_name(ginfo))); - add_strfield(obj, "src_country_code", (char*)null_unknown(ginfo->country_code)); - add_strfield(obj, "src_region", (char*)null_unknown(ginfo->region)); - add_strfield(obj, "src_state", (char*)null_unknown(GeoIP_region_name_by_code(ginfo->country_code, ginfo->region))); - add_strfield(obj, "src_city", (char*)null_unknown(ginfo->city)); - } - - GeoIPRecord_delete(ginfo); - return 0; } + diff --git a/src/pfparser.h b/src/pfparser.h index ccb3762..dba94b3 100644 --- a/src/pfparser.h +++ b/src/pfparser.h @@ -110,3 +110,7 @@ void add_intfield(json_object* obj, char* name, int value); void add_strfield(json_object* obj, char* name, char* value); int pfdata_to_json(pf_data* data, json_object* obj); + +void add_doublefield(json_object* obj, char* name, double value); + +const char* null_unknown(const char* p); diff --git a/src/server.c b/src/server.c index 5bcc4c9..41443b5 100644 --- a/src/server.c +++ b/src/server.c @@ -206,6 +206,24 @@ int handle_message(char* msg, struct sockaddr_in* sender) { add_strfield(jobj, "endpoint", sender_ip); pfdata_to_json(&fwdata, jobj); + + GeoIPRecord* ginfo = (fwdata.ipversion == 4 ? geo_get(fwdata.src_addr) + : geo_get6(fwdata.src_addr)); + if(ginfo != NULL) { + json_object* srcloc = json_object_new_object(); + json_object_object_add(jobj, "srcloc", srcloc); + add_doublefield(srcloc, "lat", ginfo->latitude); + add_doublefield(srcloc, "lon", ginfo->longitude); + add_strfield(jobj, "src_country", (char*)null_unknown(geo_country_name(ginfo))); + add_strfield(jobj, "src_country_code", (char*)null_unknown(ginfo->country_code)); + add_strfield(jobj, "src_region", (char*)null_unknown(ginfo->region)); + add_strfield(jobj, "src_state", (char*)null_unknown(GeoIP_region_name_by_code(ginfo->country_code, ginfo->region))); + add_strfield(jobj, "src_city", (char*)null_unknown(ginfo->city)); + } + + GeoIPRecord_delete(ginfo); + + const char* json_msg = json_object_to_json_string(jobj); // printf("%s\n", json_msg); { diff --git a/src/sysparser.c b/src/sysparser.c index f7d4585..75c5891 100644 --- a/src/sysparser.c +++ b/src/sysparser.c @@ -138,3 +138,33 @@ int month2num(char* month) { } return -1; } + + +#ifdef AFL + +int main() { + char *buffer; + size_t bufsize = 4096; + size_t characters; + + buffer = (char *)malloc(bufsize * sizeof(char)); + if (buffer == NULL) + die("Unable to allocate buffer"); + + characters = getline(&buffer,&bufsize,stdin); + + struct SysMessage data = {0}; + int result = sysmsg_parse(&data, buffer); + printf("sysparser result: %d\n", result); + + if(result == 0) { + pf_data fwdata = {0}; + result = pfdata_parse(buffer, &fwdata); + printf("pfparser result: %d\n", result); + } + + return result; +} + +#endif +