ruby-libnids 1.0-i486-linux
Sign up to get free protection for your applications and to get access to all the features.
- data/COPYING +403 -0
- data/COPYING.ruby +56 -0
- data/README +51 -0
- data/extconf.rb +18 -0
- data/ruby-libnids.c +525 -0
- metadata +49 -0
data/COPYING
ADDED
@@ -0,0 +1,403 @@
|
|
1
|
+
GNU LESSER GENERAL PUBLIC LICENSE
|
2
|
+
Version 2.1, February 1999
|
3
|
+
|
4
|
+
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
5
|
+
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
6
|
+
Everyone is permitted to copy and distribute verbatim copies
|
7
|
+
of this license document, but changing it is not allowed.
|
8
|
+
|
9
|
+
[This is the first released version of the Lesser GPL. It also counts
|
10
|
+
as the successor of the GNU Library Public License, version 2, hence
|
11
|
+
the version number 2.1.]
|
12
|
+
|
13
|
+
Preamble
|
14
|
+
|
15
|
+
The licenses for most software are designed to take away your
|
16
|
+
freedom to share and change it. By contrast, the GNU General Public
|
17
|
+
Licenses are intended to guarantee your freedom to share and change
|
18
|
+
free software--to make sure the software is free for all its users.
|
19
|
+
|
20
|
+
This license, the Lesser General Public License, applies to some
|
21
|
+
specially designated software packages--typically libraries--of the
|
22
|
+
Free Software Foundation and other authors who decide to use it. You
|
23
|
+
can use it too, but we suggest you first think carefully about whether
|
24
|
+
this license or the ordinary General Public License is the better
|
25
|
+
strategy to use in any particular case, based on the explanations below.
|
26
|
+
|
27
|
+
When we speak of free software, we are referring to freedom of use,
|
28
|
+
not price. Our General Public Licenses are designed to make sure that
|
29
|
+
you have the freedom to distribute copies of free software (and charge
|
30
|
+
for this service if you wish); that you receive source code or can get
|
31
|
+
it if you want it; that you can change the software and use pieces of
|
32
|
+
it in new free programs; and that you are informed that you can do
|
33
|
+
these things.
|
34
|
+
|
35
|
+
To protect your rights, we need to make restrictions that forbid
|
36
|
+
distributors to deny you these rights or to ask you to surrender these
|
37
|
+
rights. These restrictions translate to certain responsibilities for
|
38
|
+
you if you distribute copies of the library or if you modify it.
|
39
|
+
|
40
|
+
For example, if you distribute copies of the library, whether gratis
|
41
|
+
or for a fee, you must give the recipients all the rights that we gave
|
42
|
+
you. You must make sure that they, too, receive or can get the source
|
43
|
+
code. If you link other code with the library, you must provide
|
44
|
+
complete object files to the recipients, so that they can relink them
|
45
|
+
with the library after making changes to the library and recompiling
|
46
|
+
it. And you must show them these terms so they know their rights.
|
47
|
+
|
48
|
+
We protect your rights with a two-step method: (1) we copyright the
|
49
|
+
library, and (2) we offer you this license, which gives you legal
|
50
|
+
permission to copy, distribute and/or modify the library.
|
51
|
+
|
52
|
+
To protect each distributor, we want to make it very clear that
|
53
|
+
there is no warranty for the free library. Also, if the library is
|
54
|
+
modified by someone else and passed on, the recipients should know
|
55
|
+
that what they have is not the original version, so that the original
|
56
|
+
author's reputation will not be affected by problems that might be
|
57
|
+
introduced by others.
|
58
|
+
|
59
|
+
Finally, software patents pose a constant threat to the existence of
|
60
|
+
any free program. We wish to make sure that a company cannot
|
61
|
+
effectively restrict the users of a free program by obtaining a
|
62
|
+
restrictive license from a patent holder. Therefore, we insist that
|
63
|
+
any patent license obtained for a version of the library must be
|
64
|
+
consistent with the full freedom of use specified in this license.
|
65
|
+
|
66
|
+
Most GNU software, including some libraries, is covered by the
|
67
|
+
ordinary GNU General Public License. This license, the GNU Lesser
|
68
|
+
General Public License, applies to certain designated libraries, and
|
69
|
+
is quite different from the ordinary General Public License. We use
|
70
|
+
this license for certain libraries in order to permit linking those
|
71
|
+
libraries into non-free programs.
|
72
|
+
|
73
|
+
When a program is linked with a library, whether statically or using
|
74
|
+
a shared library, the combination of the two is legally speaking a
|
75
|
+
combined work, a derivative of the original library. The ordinary
|
76
|
+
General Public License therefore permits such linking only if the
|
77
|
+
entire combination fits its criteria of freedom. The Lesser General
|
78
|
+
Public License permits more lax criteria for linking other code with
|
79
|
+
the library.
|
80
|
+
|
81
|
+
We call this license the "Lesser" General Public License because it
|
82
|
+
does Less to protect the user's freedom than the ordinary General
|
83
|
+
Public License. It also provides other free software developers Less
|
84
|
+
of an advantage over competing non-free programs. These disadvantages
|
85
|
+
are the reason we use the ordinary General Public License for many
|
86
|
+
libraries. However, the Lesser license provides advantages in certain
|
87
|
+
special circumstances.
|
88
|
+
|
89
|
+
For example, on rare occasions, there may be a special need to
|
90
|
+
encourage the widest possible use of a certain library, so that it becomes
|
91
|
+
a de-facto standard. To achieve this, non-free programs must be
|
92
|
+
allowed to use the library. A more frequent case is that a free
|
93
|
+
library does the same job as widely used non-free libraries. In this
|
94
|
+
case, there is little to gain by limiting the free library to free
|
95
|
+
software only, so we use the Lesser General Public License.
|
96
|
+
|
97
|
+
In other cases, permission to use a particular library in non-free
|
98
|
+
programs enables a greater number of people to use a large body of
|
99
|
+
free software. For example, permission to use the GNU C Library in
|
100
|
+
non-free programs enables many more people to use the whole GNU
|
101
|
+
operating system, as well as its variant, the GNU/Linux operating
|
102
|
+
system.
|
103
|
+
|
104
|
+
Although the Lesser General Public License is Less protective of the
|
105
|
+
users' freedom, it does ensure that the user of a program that is
|
106
|
+
linked with the Library has the freedom and the wherewithal to run
|
107
|
+
that program using a modified version of the Library.
|
108
|
+
|
109
|
+
The precise terms and conditions for copying, distribution and
|
110
|
+
modification follow. Pay close attention to the difference between a
|
111
|
+
"work based on the library" and a "work that uses the library". The
|
112
|
+
former contains code derived from the library, whereas the latter must
|
113
|
+
be combined with the library in order to run.
|
114
|
+
|
115
|
+
GNU LESSER GENERAL PUBLIC LICENSE
|
116
|
+
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
117
|
+
|
118
|
+
0. This License Agreement applies to any software library or other
|
119
|
+
program which contains a notice placed by the copyright holder or
|
120
|
+
other authorized party saying it may be distributed under the terms of
|
121
|
+
this Lesser General Public License (also called "this License").
|
122
|
+
Each licensee is addressed as "you".
|
123
|
+
|
124
|
+
A "library" means a collection of software functions and/or data
|
125
|
+
prepared so as to be conveniently linked with application programs
|
126
|
+
(which use some of those functions and data) to form executables.
|
127
|
+
|
128
|
+
The "Library", below, refers to any such software library or work
|
129
|
+
which has been distributed under these terms. A "work based on the
|
130
|
+
Library" means either the Library or any derivative work under
|
131
|
+
copyright law: that is to say, a work containing the Library or a
|
132
|
+
portion of it, either verbatim or with modifications and/or translated
|
133
|
+
straightforwardly into another language. (Hereinafter, translation is
|
134
|
+
included without limitation in the term "modification".)
|
135
|
+
|
136
|
+
"Source code" for a work means the preferred form of the work for
|
137
|
+
making modifications to it. For a library, complete source code means
|
138
|
+
all the source code for all modules it contains, plus any associated
|
139
|
+
interface definition files, plus the scripts used to control compilation
|
140
|
+
and installation of the library.
|
141
|
+
|
142
|
+
Activities other than copying, distribution and modification are not
|
143
|
+
covered by this License; they are outside its scope. The act of
|
144
|
+
running a program using the Library is not restricted, and output from
|
145
|
+
such a program is covered only if its contents constitute a work based
|
146
|
+
on the Library (independent of the use of the Library in a tool for
|
147
|
+
writing it). Whether that is true depends on what the Library does
|
148
|
+
and what the program that uses the Library does.
|
149
|
+
|
150
|
+
1. You may copy and distribute verbatim copies of the Library's
|
151
|
+
complete source code as you receive it, in any medium, provided that
|
152
|
+
you conspicuously and appropriately publish on each copy an
|
153
|
+
appropriate copyright notice and disclaimer of warranty; keep intact
|
154
|
+
all the notices that refer to this License and to the absence of any
|
155
|
+
warranty; and distribute a copy of this License along with the
|
156
|
+
Library.
|
157
|
+
|
158
|
+
You may charge a fee for the physical act of transferring a copy,
|
159
|
+
and you may at your option offer warranty protection in exchange for a
|
160
|
+
fee.
|
161
|
+
|
162
|
+
2. You may modify your copy or copies of the Library or any portion
|
163
|
+
of it, thus forming a work based on the Library, and copy and
|
164
|
+
distribute such modifications or work under the terms of Section 1
|
165
|
+
above, provided that you also meet all of these conditions:
|
166
|
+
|
167
|
+
a) The modified work must itself be a software library.
|
168
|
+
|
169
|
+
b) You must cause the files modified to carry prominent notices
|
170
|
+
stating that you changed the files and the date of any change.
|
171
|
+
|
172
|
+
c) You must cause the whole of the work to be licensed at no
|
173
|
+
charge to all third parties under the terms of this License.
|
174
|
+
|
175
|
+
d) If a facility in the modified Library refers to a function or a
|
176
|
+
table of data to be supplied by an application program that uses
|
177
|
+
the facility, other than as an argument passed when the facility
|
178
|
+
is invoked, then you must make a good faith effort to ensure that,
|
179
|
+
in the event an application does not supply such function or
|
180
|
+
table, the facility still operates, and performs whatever part of
|
181
|
+
its purpose remains meaningful.
|
182
|
+
|
183
|
+
(For example, a function in a library to compute square roots has
|
184
|
+
a purpose that is entirely well-defined independent of the
|
185
|
+
application. Therefore, Subsection 2d requires that any
|
186
|
+
application-supplied function or table used by this function must
|
187
|
+
be optional: if the application does not supply it, the square
|
188
|
+
root function must still compute square roots.)
|
189
|
+
|
190
|
+
These requirements apply to the modified work as a whole. If
|
191
|
+
identifiable sections of that work are not derived from the Library,
|
192
|
+
and can be reasonably considered independent and separate works in
|
193
|
+
themselves, then this License, and its terms, do not apply to those
|
194
|
+
sections when you distribute them as separate works. But when you
|
195
|
+
distribute the same sections as part of a whole which is a work based
|
196
|
+
on the Library, the distribution of the whole must be on the terms of
|
197
|
+
this License, whose permissions for other licensees extend to the
|
198
|
+
entire whole, and thus to each and every part regardless of who wrote
|
199
|
+
it.
|
200
|
+
|
201
|
+
Thus, it is not the intent of this section to claim rights or contest
|
202
|
+
your rights to work written entirely by you; rather, the intent is to
|
203
|
+
exercise the right to control the distribution of derivative or
|
204
|
+
collective works based on the Library.
|
205
|
+
|
206
|
+
In addition, mere aggregation of another work not based on the Library
|
207
|
+
with the Library (or with a work based on the Library) on a volume of
|
208
|
+
a storage or distribution medium does not bring the other work under
|
209
|
+
the scope of this License.
|
210
|
+
|
211
|
+
3. You may opt to apply the terms of the ordinary GNU General Public
|
212
|
+
License instead of this License to a given copy of the Library. To do
|
213
|
+
this, you must alter all the notices that refer to this License, so
|
214
|
+
that they refer to the ordinary GNU General Public License, version 2,
|
215
|
+
instead of to this License. (If a newer version than version 2 of the
|
216
|
+
ordinary GNU General Public License has appeared, then you can specify
|
217
|
+
that version instead if you wish.) Do not make any other change in
|
218
|
+
these notices.
|
219
|
+
|
220
|
+
Once this change is made in a given copy, it is irreversible for
|
221
|
+
that copy, so the ordinary GNU General Public License applies to all
|
222
|
+
subsequent copies and derivative works made from that copy.
|
223
|
+
|
224
|
+
This option is useful when you wish to copy part of the code of
|
225
|
+
the Library into a program that is not a library.
|
226
|
+
|
227
|
+
4. You may copy and distribute the Library (or a portion or
|
228
|
+
derivative of it, under Section 2) in object code or executable form
|
229
|
+
under the terms of Sections 1 and 2 above provided that you accompany
|
230
|
+
it with the complete corresponding machine-readable source code, which
|
231
|
+
must be distributed under the terms of Sections 1 and 2 above on a
|
232
|
+
medium customarily used for software interchange.
|
233
|
+
|
234
|
+
If distribution of object code is made by offering access to copy
|
235
|
+
from a designated place, then offering equivalent access to copy the
|
236
|
+
source code from the same place satisfies the requirement to
|
237
|
+
distribute the source code, even though third parties are not
|
238
|
+
compelled to copy the source along with the object code.
|
239
|
+
|
240
|
+
5. A program that contains no derivative of any portion of the
|
241
|
+
Library, but is designed to work with the Library by being compiled or
|
242
|
+
linked with it, is called a "work that uses the Library". Such a
|
243
|
+
work, in isolation, is not a derivative work of the Library, and
|
244
|
+
therefore falls outside the scope of this License.
|
245
|
+
|
246
|
+
However, linking a "work that uses the Library" with the Library
|
247
|
+
creates an executable that is a derivative of the Library (because it
|
248
|
+
contains portions of the Library), rather than a "work that uses the
|
249
|
+
library". The executable is therefore covered by this License.
|
250
|
+
Section 6 states terms for distribution of such executables.
|
251
|
+
|
252
|
+
When a "work that uses the Library" uses material from a header file
|
253
|
+
that is part of the Library, the object code for the work may be a
|
254
|
+
derivative work of the Library even though the source code is not.
|
255
|
+
Whether this is true is especially significant if the work can be
|
256
|
+
linked without the Library, or if the work is itself a library. The
|
257
|
+
threshold for this to be true is not precisely defined by law.
|
258
|
+
|
259
|
+
If such an object file uses only numerical parameters, data
|
260
|
+
structure layouts and accessors, and small macros and small inline
|
261
|
+
functions (ten lines or less in length), then the use of the object
|
262
|
+
file is unrestricted, regardless of whether it is legally a derivative
|
263
|
+
work. (Executables containing this object code plus portions of the
|
264
|
+
Library will still fall under Section 6.)
|
265
|
+
|
266
|
+
Otherwise, if the work is a derivative of the Library, you may
|
267
|
+
distribute the object code for the work under the terms of Section 6.
|
268
|
+
Any executables containing that work also fall under Section 6,
|
269
|
+
whether or not they are linked directly with the Library itself.
|
270
|
+
|
271
|
+
6. As an exception to the Sections above, you may also combine or
|
272
|
+
link a "work that uses the Library" with the Library to produce a
|
273
|
+
work containing portions of the Library, and distribute that work
|
274
|
+
under terms of your choice, provided that the terms permit
|
275
|
+
modification of the work for the customer's own use and reverse
|
276
|
+
engineering for debugging such modifications.
|
277
|
+
|
278
|
+
You must give prominent notice with each copy of the work that the
|
279
|
+
Library is used in it and that the Library and its use are covered by
|
280
|
+
this License. You must supply a copy of this License. If the work
|
281
|
+
during execution displays copyright notices, you must include the
|
282
|
+
copyright notice for the Library among them, as well as a reference
|
283
|
+
directing the user to the copy of this License. Also, you must do one
|
284
|
+
of these things:
|
285
|
+
|
286
|
+
a) Accompany the work with the complete corresponding
|
287
|
+
machine-readable source code for the Library including whatever
|
288
|
+
changes were used in the work (which must be distributed under
|
289
|
+
Sections 1 and 2 above); and, if the work is an executable linked
|
290
|
+
with the Library, with the complete machine-readable "work that
|
291
|
+
uses the Library", as object code and/or source code, so that the
|
292
|
+
user can modify the Library and then relink to produce a modified
|
293
|
+
executable containing the modified Library. (It is understood
|
294
|
+
that the user who changes the contents of definitions files in the
|
295
|
+
Library will not necessarily be able to recompile the application
|
296
|
+
to use the modified definitions.)
|
297
|
+
|
298
|
+
b) Use a suitable shared library mechanism for linking with the
|
299
|
+
Library. A suitable mechanism is one that (1) uses at run time a
|
300
|
+
copy of the library already present on the user's computer system,
|
301
|
+
rather than copying library functions into the executable, and (2)
|
302
|
+
will operate properly with a modified version of the library, if
|
303
|
+
the user installs one, as long as the modified version is
|
304
|
+
interface-compatible with the version that the work was made with.
|
305
|
+
|
306
|
+
c) Accompany the work with a written offer, valid for at
|
307
|
+
least three years, to give the same user the materials
|
308
|
+
specified in Subsection 6a, above, for a charge no more
|
309
|
+
than the cost of performing this distribution.
|
310
|
+
|
311
|
+
d) If distribution of the work is made by offering access to copy
|
312
|
+
from a designated place, offer equivalent access to copy the above
|
313
|
+
specified materials from the same place.
|
314
|
+
|
315
|
+
e) Verify that the user has already received a copy of these
|
316
|
+
materials or that you have already sent this user a copy.
|
317
|
+
|
318
|
+
For an executable, the required form of the "work that uses the
|
319
|
+
Library" must include any data and utility programs needed for
|
320
|
+
reproducing the executable from it. However, as a special exception,
|
321
|
+
the materials to be distributed need not include anything that is
|
322
|
+
normally distributed (in either source or binary form) with the major
|
323
|
+
components (compiler, kernel, and so on) of the operating system on
|
324
|
+
which the executable runs, unless that component itself accompanies
|
325
|
+
the executable.
|
326
|
+
|
327
|
+
It may happen that this requirement contradicts the license
|
328
|
+
restrictions of other proprietary libraries that do not normally
|
329
|
+
accompany the operating system. Such a contradiction means you cannot
|
330
|
+
use both them and the Library together in an executable that you
|
331
|
+
distribute.
|
332
|
+
|
333
|
+
7. You may place library facilities that are a work based on the
|
334
|
+
Library side-by-side in a single library together with other library
|
335
|
+
facilities not covered by this License, and distribute such a combined
|
336
|
+
library, provided that the separate distribution of the work based on
|
337
|
+
the Library and of the other library facilities is otherwise
|
338
|
+
permitted, and provided that you do these two things:
|
339
|
+
|
340
|
+
a) Accompany the combined library with a copy of the same work
|
341
|
+
based on the Library, uncombined with any other library
|
342
|
+
facilities. This must be distributed under the terms of the
|
343
|
+
Sections above.
|
344
|
+
|
345
|
+
b) Give prominent notice with the combined library of the fact
|
346
|
+
that part of it is a work based on the Library, and explaining
|
347
|
+
where to find the accompanying uncombined form of the same work.
|
348
|
+
|
349
|
+
8. You may not copy, modify, sublicense, link with, or distribute
|
350
|
+
the Library except as expressly provided under this License. Any
|
351
|
+
attempt otherwise to copy, modify, sublicense, link with, or
|
352
|
+
distribute the Library is void, and will automatically terminate your
|
353
|
+
rights under this License. However, parties who have received copies,
|
354
|
+
or rights, from you under this License will not have their licenses
|
355
|
+
terminated so long as such parties remain in full compliance.
|
356
|
+
|
357
|
+
9. You are not required to accept this License, since you have not
|
358
|
+
signed it. However, nothing else grants you permission to modify or
|
359
|
+
distribute the Library or its derivative works. These actions are
|
360
|
+
prohibited by law if you do not accept this License. Therefore, by
|
361
|
+
modifying or distributing the Library (or any work based on the
|
362
|
+
Library), you indicate your acceptance of this License to do so, and
|
363
|
+
all its terms and conditions for copying, distributing or modifying
|
364
|
+
the Library or works based on it.
|
365
|
+
|
366
|
+
10. Each time you redistribute the Library (or any work based on the
|
367
|
+
Library), the recipient automatically receives a license from the
|
368
|
+
original licensor to copy, distribute, link with or modify the Library
|
369
|
+
subject to these terms and conditions. You may not impose any further
|
370
|
+
restrictions on the recipients' exercise of the rights granted herein.
|
371
|
+
You are not responsible for enforcing compliance by third parties with
|
372
|
+
this License.
|
373
|
+
|
374
|
+
11. If, as a consequence of a court judgment or allegation of patent
|
375
|
+
infringement or for any other reason (not limited to patent issues),
|
376
|
+
conditions are imposed on you (whether by court order, agreement or
|
377
|
+
otherwise) that contradict the conditions of this License, they do not
|
378
|
+
excuse you from the conditions of this License. If you cannot
|
379
|
+
distribute so as to satisfy simultaneously your obligations under this
|
380
|
+
License and any other pertinent obligations, then as a consequence you
|
381
|
+
may not distribute the Library at all. For example, if a patent
|
382
|
+
license would not permit royalty-free redistribution of the Library by
|
383
|
+
all those who receive copies directly or indirectly through you, then
|
384
|
+
the only way you could satisfy both it and this License would be to
|
385
|
+
refrain entirely from distribution of the Library.
|
386
|
+
|
387
|
+
If any portion of this section is held invalid or unenforceable under any
|
388
|
+
particular circumstance, the balance of the section is intended to apply,
|
389
|
+
and the section as a whole is intended to apply in other circumstances.
|
390
|
+
|
391
|
+
It is not the purpose of this section to induce you to infringe any
|
392
|
+
patents or other property right claims or to contest validity of any
|
393
|
+
such claims; this section has the sole purpose of protecting the
|
394
|
+
integrity of the free software distribution system which is
|
395
|
+
implemented by public license practices. Many people have made
|
396
|
+
generous contributions to the wide range of software distributed
|
397
|
+
through that system in reliance on consistent application of that
|
398
|
+
system; it is up to the author/donor to decide if he or she is willing
|
399
|
+
to distribute software through any other system and a licensee cannot
|
400
|
+
impose that choice.
|
401
|
+
|
402
|
+
This section is intended to make thoroughly clear what is believed to
|
403
|
+
b
|
data/COPYING.ruby
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
|
2
|
+
You can redistribute it and/or modify it under either the terms of the GPL
|
3
|
+
(see the file GPL), or the conditions below:
|
4
|
+
|
5
|
+
1. You may make and give away verbatim copies of the source form of the
|
6
|
+
software without restriction, provided that you duplicate all of the
|
7
|
+
original copyright notices and associated disclaimers.
|
8
|
+
|
9
|
+
2. You may modify your copy of the software in any way, provided that
|
10
|
+
you do at least ONE of the following:
|
11
|
+
|
12
|
+
a) place your modifications in the Public Domain or otherwise
|
13
|
+
make them Freely Available, such as by posting said
|
14
|
+
modifications to Usenet or an equivalent medium, or by allowing
|
15
|
+
the author to include your modifications in the software.
|
16
|
+
|
17
|
+
b) use the modified software only within your corporation or
|
18
|
+
organization.
|
19
|
+
|
20
|
+
c) give non-standard binaries non-standard names, with
|
21
|
+
instructions on where to get the original software distribution.
|
22
|
+
|
23
|
+
d) make other distribution arrangements with the author.
|
24
|
+
|
25
|
+
3. You may distribute the software in object code or binary form,
|
26
|
+
provided that you do at least ONE of the following:
|
27
|
+
|
28
|
+
a) distribute the binaries and library files of the software,
|
29
|
+
together with instructions (in the manual page or equivalent)
|
30
|
+
on where to get the original distribution.
|
31
|
+
|
32
|
+
b) accompany the distribution with the machine-readable source of
|
33
|
+
the software.
|
34
|
+
|
35
|
+
c) give non-standard binaries non-standard names, with
|
36
|
+
instructions on where to get the original software distribution.
|
37
|
+
|
38
|
+
d) make other distribution arrangements with the author.
|
39
|
+
|
40
|
+
4. You may modify and include the part of the software into any other
|
41
|
+
software (possibly commercial). But some files in the distribution
|
42
|
+
are not written by the author, so that they are not under these terms.
|
43
|
+
|
44
|
+
For the list of those files and their copying conditions, see the
|
45
|
+
file LEGAL.
|
46
|
+
|
47
|
+
5. The scripts and library files supplied as input to or produced as
|
48
|
+
output from the software do not automatically fall under the
|
49
|
+
copyright of the software, but belong to whomever generated them,
|
50
|
+
and may be sold commercially, and may be aggregated with this
|
51
|
+
software.
|
52
|
+
|
53
|
+
6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
|
54
|
+
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
55
|
+
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
56
|
+
PURPOSE.
|
data/README
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
* Introduction
|
2
|
+
|
3
|
+
ruby-libnids is a Ruby binding for libnids library written in C
|
4
|
+
programming language.
|
5
|
+
|
6
|
+
Libnids is an implementation of an E-component of Network Intrusion
|
7
|
+
Detection System. It emulates the IP stack of Linux 2.0.x.
|
8
|
+
Libnids offers IP defragmentation, TCP stream assembly and TCP
|
9
|
+
port scan detection.
|
10
|
+
|
11
|
+
libnids homepage: http://libnids.sourceforge.net
|
12
|
+
|
13
|
+
* Homepage
|
14
|
+
|
15
|
+
http://ruby-libnids.rubyforge.org
|
16
|
+
|
17
|
+
* Requirements
|
18
|
+
|
19
|
+
Ruby (Tested on 1.8.x)
|
20
|
+
libnids (Tested on 1.21)
|
21
|
+
|
22
|
+
* Source
|
23
|
+
|
24
|
+
svn checkout svn://rubyforge.org/var/svn/ruby-libnids
|
25
|
+
|
26
|
+
* Compile
|
27
|
+
If ruby supports dynamic link of extension module on your OS,
|
28
|
+
following commands will install ruby-libnids:
|
29
|
+
|
30
|
+
ruby extconf.rb
|
31
|
+
make
|
32
|
+
make install
|
33
|
+
|
34
|
+
* Usage
|
35
|
+
|
36
|
+
See the documentation under the directory 'doc'.
|
37
|
+
Directory 'examples' contains some simple scripts.
|
38
|
+
|
39
|
+
* Bug Reports
|
40
|
+
|
41
|
+
Abhisek Datta <abhisek@rubyforge.org>
|
42
|
+
|
43
|
+
You can redistribute it and/or modify it under the terms of
|
44
|
+
the LGPL (GNU LESSER GENERAL PUBLIC LICENSE). See COPYING file about LGPL.
|
45
|
+
|
46
|
+
THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
|
47
|
+
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
48
|
+
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. See the GPL for
|
49
|
+
more details.
|
50
|
+
|
51
|
+
|
data/extconf.rb
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'mkmf'
|
2
|
+
|
3
|
+
$CFLAGS = "-DDEBUG"
|
4
|
+
|
5
|
+
unless have_library('nids') and have_header('nids.h')
|
6
|
+
crash('need libnids')
|
7
|
+
end
|
8
|
+
|
9
|
+
unless have_library('gthread-2.0')
|
10
|
+
crash('need glib')
|
11
|
+
end
|
12
|
+
|
13
|
+
unless have_library('pcap')
|
14
|
+
crash('need libpcap')
|
15
|
+
end
|
16
|
+
|
17
|
+
create_makefile('libnids')
|
18
|
+
|
data/ruby-libnids.c
ADDED
@@ -0,0 +1,525 @@
|
|
1
|
+
/*
|
2
|
+
* Copyright (c) 2006 Abhisek Datta <abhisek@rubyforge.org>
|
3
|
+
* All rights reserved.
|
4
|
+
*
|
5
|
+
* Redistribution and use in source and binary form, with or without
|
6
|
+
* modification may not be used for commercial purposes in any way without
|
7
|
+
* written permission from the author including but is not limited to products,
|
8
|
+
* training, and consulting.
|
9
|
+
*
|
10
|
+
* Redistribution and use in source and binary form, with or without
|
11
|
+
* modification, are permitted provided that the following conditions are met:
|
12
|
+
*
|
13
|
+
* Redistributions of source code or binaries must retain the above copyright
|
14
|
+
* notice, this list of conditions and the following disclaimer.
|
15
|
+
*
|
16
|
+
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
17
|
+
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
18
|
+
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND COPYRIGHT
|
19
|
+
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
20
|
+
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
22
|
+
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
23
|
+
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
24
|
+
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
25
|
+
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
*
|
27
|
+
*/
|
28
|
+
|
29
|
+
#include <ruby.h>
|
30
|
+
#include <nids.h>
|
31
|
+
#include <sys/socket.h>
|
32
|
+
#include <sys/types.h>
|
33
|
+
#include <netinet/in.h>
|
34
|
+
#include <netinet/ip.h>
|
35
|
+
|
36
|
+
#ifdef DEBUG
|
37
|
+
#define DEBUG_PRINT(x, ...) \
|
38
|
+
((RTEST(ruby_debug) && RTEST(ruby_verbose))? \
|
39
|
+
(fprintf(stderr, "libnids: "x"\n", ##__VA_ARGS__),fflush(stderr)) : 0)
|
40
|
+
#else
|
41
|
+
#define DEBUG_PRINT(x, ...) (0)
|
42
|
+
#endif
|
43
|
+
|
44
|
+
/*
|
45
|
+
* TCP States
|
46
|
+
*/
|
47
|
+
#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
|
48
|
+
#include <netinet/tcp.h>
|
49
|
+
#else
|
50
|
+
enum
|
51
|
+
{
|
52
|
+
TCP_ESTABLISHED = 1,
|
53
|
+
TCP_SYN_SENT,
|
54
|
+
TCP_SYN_RECV,
|
55
|
+
TCP_FIN_WAIT1,
|
56
|
+
TCP_FIN_WAIT2,
|
57
|
+
TCP_TIME_WAIT,
|
58
|
+
TCP_CLOSE,
|
59
|
+
TCP_CLOSE_WAIT,
|
60
|
+
TCP_LAST_ACK,
|
61
|
+
TCP_LISTEN,
|
62
|
+
TCP_CLOSING
|
63
|
+
};
|
64
|
+
#endif
|
65
|
+
|
66
|
+
extern struct nids_prm nids_params;
|
67
|
+
extern char nids_errbuf[];
|
68
|
+
|
69
|
+
VALUE cLibnids;
|
70
|
+
VALUE mLibnids;
|
71
|
+
static VALUE rb_object_ip_frag_cb = (VALUE) NULL;
|
72
|
+
static VALUE rb_object_ip_frag_cb_klass = (VALUE) NULL;
|
73
|
+
static VALUE rb_object_ip_cb = (VALUE) NULL;
|
74
|
+
static VALUE rb_object_ip_cb_klass = (VALUE) NULL;
|
75
|
+
static VALUE rb_object_tcp_cb = (VALUE) NULL;
|
76
|
+
static VALUE rb_object_tcp_cb_klass = (VALUE) NULL;
|
77
|
+
static VALUE rb_object_udp_cb = (VALUE) NULL;
|
78
|
+
static VALUE rb_object_udp_cb_klass = (VALUE) NULL;
|
79
|
+
|
80
|
+
static VALUE libnids_init(int argc, VALUE *argv, VALUE self)
|
81
|
+
{
|
82
|
+
VALUE v = Qnil;
|
83
|
+
VALUE opts = Qnil;
|
84
|
+
|
85
|
+
DEBUG_PRINT("Initializing");
|
86
|
+
|
87
|
+
if(argc > 0)
|
88
|
+
opts = argv[0];
|
89
|
+
|
90
|
+
if(TYPE(opts) != T_NIL && TYPE(opts) != T_HASH)
|
91
|
+
rb_raise(rb_eTypeError, "libnids_init: expected hash object");
|
92
|
+
|
93
|
+
if(TYPE(opts) == T_HASH) {
|
94
|
+
v = rb_hash_aref(opts, rb_str_new2("n_tcp_streams"));
|
95
|
+
if(TYPE(v) == T_FIXNUM)
|
96
|
+
nids_params.n_tcp_streams = INT2FIX(v);
|
97
|
+
|
98
|
+
v = rb_hash_aref(opts, rb_str_new2("filename"));
|
99
|
+
if(TYPE(v) == T_STRING)
|
100
|
+
nids_params.filename = strdup(StringValuePtr(v));
|
101
|
+
|
102
|
+
v = rb_hash_aref(opts, rb_str_new2("n_hosts"));
|
103
|
+
if(TYPE(v) == T_FIXNUM)
|
104
|
+
nids_params.n_hosts = INT2FIX(v);
|
105
|
+
|
106
|
+
v = rb_hash_aref(opts, rb_str_new2("device"));
|
107
|
+
if(TYPE(v) == T_STRING)
|
108
|
+
nids_params.device = StringValuePtr(v);
|
109
|
+
|
110
|
+
v = rb_hash_aref(opts, rb_str_new2("sk_buff_size"));
|
111
|
+
if(TYPE(v) == T_FIXNUM)
|
112
|
+
nids_params.sk_buff_size = INT2FIX(v);
|
113
|
+
|
114
|
+
v = rb_hash_aref(opts, rb_str_new2("dev_addon"));
|
115
|
+
if(TYPE(v) == T_FIXNUM)
|
116
|
+
nids_params.dev_addon = INT2FIX(v);
|
117
|
+
|
118
|
+
v = rb_hash_aref(opts, rb_str_new2("scan_num_hosts"));
|
119
|
+
if(TYPE(v) == T_FIXNUM)
|
120
|
+
nids_params.scan_num_hosts = INT2FIX(v);
|
121
|
+
|
122
|
+
v = rb_hash_aref(opts, rb_str_new2("scan_num_ports"));
|
123
|
+
if(TYPE(v) == T_FIXNUM)
|
124
|
+
nids_params.scan_num_ports = INT2FIX(v);
|
125
|
+
|
126
|
+
v = rb_hash_aref(opts, rb_str_new2("scan_delay"));
|
127
|
+
if(TYPE(v) == T_FIXNUM)
|
128
|
+
nids_params.scan_delay = INT2FIX(v);
|
129
|
+
|
130
|
+
v = rb_hash_aref(opts, rb_str_new2("pcap_filter"));
|
131
|
+
if(TYPE(v) == T_STRING)
|
132
|
+
nids_params.pcap_filter = StringValuePtr(v);
|
133
|
+
|
134
|
+
v = rb_hash_aref(opts, rb_str_new2("promisc"));
|
135
|
+
if(TYPE(v) == T_FIXNUM)
|
136
|
+
nids_params.promisc = INT2FIX(v);
|
137
|
+
|
138
|
+
v = rb_hash_aref(opts, rb_str_new2("one_loop_less"));
|
139
|
+
if(TYPE(v) == T_FIXNUM)
|
140
|
+
nids_params.one_loop_less = INT2FIX(v);
|
141
|
+
|
142
|
+
}
|
143
|
+
|
144
|
+
if(!nids_init())
|
145
|
+
rb_raise(rb_eRuntimeError, "nids_init() failed");
|
146
|
+
|
147
|
+
return self;
|
148
|
+
}
|
149
|
+
|
150
|
+
static void libnids_internal_register_ip_frag(struct ip *pkt)
|
151
|
+
{
|
152
|
+
VALUE ip_pkt;
|
153
|
+
char *p;
|
154
|
+
|
155
|
+
DEBUG_PRINT("IP frag callback triggered");
|
156
|
+
|
157
|
+
if(rb_object_ip_frag_cb == (VALUE) NULL || rb_object_ip_frag_cb_klass == (VALUE) NULL) {
|
158
|
+
DEBUG_PRINT("IP frag callback method not set");
|
159
|
+
return;
|
160
|
+
}
|
161
|
+
|
162
|
+
p = malloc((pkt->ip_hl << 2) + 1);
|
163
|
+
if(!p) {
|
164
|
+
perror("malloc");
|
165
|
+
abort();
|
166
|
+
}
|
167
|
+
|
168
|
+
memcpy(p, pkt, pkt->ip_hl << 2);
|
169
|
+
ip_pkt = rb_str_new(p, pkt->ip_hl << 2);
|
170
|
+
|
171
|
+
rb_funcall(rb_object_ip_frag_cb_klass,
|
172
|
+
rb_intern("send"),
|
173
|
+
2,
|
174
|
+
rb_object_ip_frag_cb,
|
175
|
+
ip_pkt);
|
176
|
+
|
177
|
+
free(p);
|
178
|
+
|
179
|
+
return;
|
180
|
+
}
|
181
|
+
|
182
|
+
static VALUE libnids_register_ip_frag(VALUE self, VALUE klass, VALUE cbFunc)
|
183
|
+
{
|
184
|
+
DEBUG_PRINT("Registering IP frag callback");
|
185
|
+
|
186
|
+
rb_object_ip_frag_cb_klass = klass;
|
187
|
+
rb_object_ip_frag_cb = cbFunc;
|
188
|
+
nids_register_ip_frag(&libnids_internal_register_ip_frag);
|
189
|
+
|
190
|
+
return Qnil;
|
191
|
+
}
|
192
|
+
|
193
|
+
static void libnids_internal_register_ip(struct ip *pkt)
|
194
|
+
{
|
195
|
+
VALUE ip_pkt;
|
196
|
+
char *p;
|
197
|
+
|
198
|
+
DEBUG_PRINT("IP callback triggered");
|
199
|
+
|
200
|
+
if(rb_object_ip_cb == (VALUE) NULL || rb_object_ip_cb_klass == (VALUE) NULL) {
|
201
|
+
DEBUG_PRINT("IP callback method not set");
|
202
|
+
return;
|
203
|
+
}
|
204
|
+
|
205
|
+
p = malloc((pkt->ip_hl << 2) + 1);
|
206
|
+
if(!p) {
|
207
|
+
perror("malloc");
|
208
|
+
abort();
|
209
|
+
}
|
210
|
+
|
211
|
+
memcpy(p, pkt, pkt->ip_hl << 2);
|
212
|
+
ip_pkt = rb_str_new(p, pkt->ip_hl << 2);
|
213
|
+
|
214
|
+
rb_funcall(rb_object_ip_cb_klass,
|
215
|
+
rb_intern("send"),
|
216
|
+
2,
|
217
|
+
rb_object_ip_cb,
|
218
|
+
ip_pkt);
|
219
|
+
|
220
|
+
free(p);
|
221
|
+
|
222
|
+
return;
|
223
|
+
}
|
224
|
+
|
225
|
+
static VALUE libnids_register_ip(VALUE self, VALUE klass, VALUE cbFunc)
|
226
|
+
{
|
227
|
+
DEBUG_PRINT("Registering IP callback");
|
228
|
+
|
229
|
+
rb_object_ip_cb_klass = klass;
|
230
|
+
rb_object_ip_cb = cbFunc;
|
231
|
+
nids_register_ip(&libnids_internal_register_ip);
|
232
|
+
|
233
|
+
return Qnil;
|
234
|
+
}
|
235
|
+
|
236
|
+
static void libnids_internal_register_udp(struct tuple4 *addr, u_char *data, size_t len, struct ip *pkt)
|
237
|
+
{
|
238
|
+
VALUE src_addr;
|
239
|
+
VALUE dst_addr;
|
240
|
+
VALUE src_port;
|
241
|
+
VALUE dst_port;
|
242
|
+
VALUE payload;
|
243
|
+
VALUE payload_len;
|
244
|
+
VALUE ip_pkt;
|
245
|
+
VALUE hash;
|
246
|
+
char *p;
|
247
|
+
|
248
|
+
DEBUG_PRINT("UDP callback triggered");
|
249
|
+
|
250
|
+
if(rb_object_udp_cb == (VALUE) NULL || rb_object_udp_cb_klass == (VALUE) NULL) {
|
251
|
+
DEBUG_PRINT("UDP callback method not set");
|
252
|
+
return;
|
253
|
+
}
|
254
|
+
|
255
|
+
src_addr = rb_str_new2((char*)inet_ntoa(*((struct in_addr*)&(addr->saddr))));
|
256
|
+
dst_addr = rb_str_new2((char*)inet_ntoa(*((struct in_addr*)&(addr->daddr))));
|
257
|
+
src_port = INT2FIX(addr->source);
|
258
|
+
dst_port = INT2FIX(addr->dest);
|
259
|
+
payload_len = INT2FIX(len);
|
260
|
+
|
261
|
+
payload = rb_tainted_str_new((char *)data, len);
|
262
|
+
|
263
|
+
p = malloc((pkt->ip_hl << 2) + 1);
|
264
|
+
if(!p) {
|
265
|
+
perror("malloc");
|
266
|
+
abort();
|
267
|
+
}
|
268
|
+
|
269
|
+
memcpy(p, pkt, pkt->ip_hl << 2);
|
270
|
+
ip_pkt = rb_str_new(p, pkt->ip_hl << 2);
|
271
|
+
|
272
|
+
hash = rb_hash_new();
|
273
|
+
|
274
|
+
rb_hash_aset(hash, rb_str_new2("saddress"), src_addr);
|
275
|
+
rb_hash_aset(hash, rb_str_new2("daddress"), dst_addr);
|
276
|
+
rb_hash_aset(hash, rb_str_new2("sport"), src_port);
|
277
|
+
rb_hash_aset(hash, rb_str_new2("dport"), dst_port);
|
278
|
+
rb_hash_aset(hash, rb_str_new2("payload"), payload);
|
279
|
+
rb_hash_aset(hash, rb_str_new2("payload_len"), payload_len);
|
280
|
+
rb_hash_aset(hash, rb_str_new2("ip_packet"), ip_pkt);
|
281
|
+
|
282
|
+
|
283
|
+
rb_funcall(rb_object_udp_cb_klass,
|
284
|
+
rb_intern("send"),
|
285
|
+
2,
|
286
|
+
rb_object_udp_cb,
|
287
|
+
hash);
|
288
|
+
|
289
|
+
free(p);
|
290
|
+
|
291
|
+
return;
|
292
|
+
}
|
293
|
+
|
294
|
+
static VALUE libnids_register_udp(VALUE self, VALUE klass, VALUE cbFunc)
|
295
|
+
{
|
296
|
+
DEBUG_PRINT("Registering UDP callback");
|
297
|
+
|
298
|
+
rb_object_udp_cb_klass = klass;
|
299
|
+
rb_object_udp_cb = cbFunc;
|
300
|
+
nids_register_udp(&libnids_internal_register_udp);
|
301
|
+
|
302
|
+
return Qnil;
|
303
|
+
}
|
304
|
+
|
305
|
+
static void libnids_internal_register_tcp(struct tcp_stream *ts, void **param)
|
306
|
+
{
|
307
|
+
VALUE client_data;
|
308
|
+
VALUE client_data_offset;
|
309
|
+
VALUE client_data_len;
|
310
|
+
VALUE client_data_new_len;
|
311
|
+
VALUE client_state;
|
312
|
+
VALUE server_data;
|
313
|
+
VALUE server_data_offset;
|
314
|
+
VALUE server_data_len;
|
315
|
+
VALUE server_data_new_len;
|
316
|
+
VALUE server_state;
|
317
|
+
VALUE nids_state;
|
318
|
+
VALUE src_addr;
|
319
|
+
VALUE dst_addr;
|
320
|
+
VALUE src_port;
|
321
|
+
VALUE dst_port;
|
322
|
+
VALUE stream;
|
323
|
+
VALUE hash;
|
324
|
+
|
325
|
+
DEBUG_PRINT("TCP callback triggered");
|
326
|
+
|
327
|
+
if(rb_object_tcp_cb == (VALUE) NULL || rb_object_tcp_cb_klass == (VALUE) NULL) {
|
328
|
+
DEBUG_PRINT("TCP callback method not set");
|
329
|
+
return;
|
330
|
+
}
|
331
|
+
|
332
|
+
stream = Data_Wrap_Struct(rb_cStruct,
|
333
|
+
0,
|
334
|
+
0,
|
335
|
+
ts);
|
336
|
+
|
337
|
+
src_addr = rb_tainted_str_new2((char*)inet_ntoa(*((struct in_addr*)&(ts->addr.saddr))));
|
338
|
+
dst_addr = rb_tainted_str_new2((char*)inet_ntoa(*((struct in_addr*)&(ts->addr.daddr))));
|
339
|
+
src_port = INT2FIX(ts->addr.source);
|
340
|
+
dst_port = INT2FIX(ts->addr.dest);
|
341
|
+
|
342
|
+
client_data_offset = INT2FIX(0);
|
343
|
+
client_data_len = INT2FIX(0);
|
344
|
+
client_data_new_len = INT2FIX(0);
|
345
|
+
server_data_offset = INT2FIX(0);
|
346
|
+
server_data_len = INT2FIX(0);
|
347
|
+
server_data_new_len = INT2FIX(0);
|
348
|
+
|
349
|
+
nids_state = INT2FIX(ts->nids_state);
|
350
|
+
client_state = INT2FIX(ts->client.state);
|
351
|
+
server_state = INT2FIX(ts->server.state);
|
352
|
+
|
353
|
+
switch(ts->nids_state) {
|
354
|
+
case NIDS_JUST_EST:
|
355
|
+
case NIDS_DATA:
|
356
|
+
case NIDS_RESET:
|
357
|
+
case NIDS_TIMED_OUT:
|
358
|
+
case NIDS_EXITING:
|
359
|
+
case NIDS_CLOSE:
|
360
|
+
client_data = rb_tainted_str_new(ts->client.data, ts->client.count_new);
|
361
|
+
client_data_offset = INT2FIX(ts->client.offset);
|
362
|
+
client_data_len = INT2FIX(ts->client.count);
|
363
|
+
client_data_new_len = INT2FIX(ts->client.count_new);
|
364
|
+
|
365
|
+
server_data = rb_tainted_str_new(ts->server.data, ts->server.count_new);
|
366
|
+
server_data_offset = INT2FIX(ts->server.offset);
|
367
|
+
server_data_len = INT2FIX(ts->server.count);
|
368
|
+
server_data_new_len = INT2FIX(ts->server.count_new);
|
369
|
+
|
370
|
+
break;
|
371
|
+
|
372
|
+
default:
|
373
|
+
DEBUG_PRINT("Unknown nids state from TCP callback");
|
374
|
+
return;
|
375
|
+
}
|
376
|
+
|
377
|
+
hash = rb_hash_new();
|
378
|
+
|
379
|
+
rb_hash_aset(hash, rb_str_new2("saddress"), src_addr);
|
380
|
+
rb_hash_aset(hash, rb_str_new2("daddress"), dst_addr);
|
381
|
+
rb_hash_aset(hash, rb_str_new2("sport"), src_port);
|
382
|
+
rb_hash_aset(hash, rb_str_new2("dport"), dst_port);
|
383
|
+
rb_hash_aset(hash, rb_str_new2("nids_state"), nids_state);
|
384
|
+
rb_hash_aset(hash, rb_str_new2("client_state"), client_state);
|
385
|
+
rb_hash_aset(hash, rb_str_new2("client_data"), client_data);
|
386
|
+
rb_hash_aset(hash, rb_str_new2("client_data_offset"), client_data_offset);
|
387
|
+
rb_hash_aset(hash, rb_str_new2("client_data_len"), client_data_len);
|
388
|
+
rb_hash_aset(hash, rb_str_new2("client_data_new_len"), client_data_new_len);
|
389
|
+
rb_hash_aset(hash, rb_str_new2("server_state"), server_state);
|
390
|
+
rb_hash_aset(hash, rb_str_new2("server_data"), server_data);
|
391
|
+
rb_hash_aset(hash, rb_str_new2("server_data_offset"), server_data_offset);
|
392
|
+
rb_hash_aset(hash, rb_str_new2("server_data_len"), server_data_len);
|
393
|
+
rb_hash_aset(hash, rb_str_new2("server_data_new_len"), server_data_new_len);
|
394
|
+
|
395
|
+
rb_funcall(rb_object_tcp_cb_klass,
|
396
|
+
rb_intern("send"),
|
397
|
+
3,
|
398
|
+
rb_object_tcp_cb,
|
399
|
+
hash,
|
400
|
+
stream);
|
401
|
+
|
402
|
+
return;
|
403
|
+
}
|
404
|
+
|
405
|
+
static VALUE libnids_collect_tcp_client(VALUE self, VALUE stream)
|
406
|
+
{
|
407
|
+
struct tcp_stream *ts;
|
408
|
+
|
409
|
+
Data_Get_Struct(stream, struct tcp_stream, ts);
|
410
|
+
ts->client.collect++;
|
411
|
+
|
412
|
+
return Qnil;
|
413
|
+
}
|
414
|
+
|
415
|
+
static VALUE libnids_collect_tcp_server(VALUE self, VALUE stream)
|
416
|
+
{
|
417
|
+
struct tcp_stream *ts;
|
418
|
+
|
419
|
+
Data_Get_Struct(stream, struct tcp_stream, ts);
|
420
|
+
ts->server.collect++;
|
421
|
+
|
422
|
+
return Qnil;
|
423
|
+
}
|
424
|
+
|
425
|
+
static VALUE libnids_register_tcp(VALUE self, VALUE klass, VALUE cbFunc)
|
426
|
+
{
|
427
|
+
DEBUG_PRINT("Registering tcp callback");
|
428
|
+
|
429
|
+
rb_object_tcp_cb_klass = klass;
|
430
|
+
rb_object_tcp_cb = cbFunc;
|
431
|
+
nids_register_tcp(&libnids_internal_register_tcp);
|
432
|
+
|
433
|
+
return Qnil;
|
434
|
+
}
|
435
|
+
|
436
|
+
static VALUE libnids_run(VALUE self)
|
437
|
+
{
|
438
|
+
DEBUG_PRINT("Starting to capture packet");
|
439
|
+
|
440
|
+
// no need to check permissions when running in offline mode
|
441
|
+
if(nids_params.filename) {
|
442
|
+
nids_run();
|
443
|
+
return Qnil;
|
444
|
+
}
|
445
|
+
|
446
|
+
if((getuid() == 0) || (geteuid() == 0))
|
447
|
+
nids_run();
|
448
|
+
else
|
449
|
+
rb_raise(rb_eSecurityError, "Not enough privilege");
|
450
|
+
|
451
|
+
DEBUG_PRINT("Error: nids_run() returned");
|
452
|
+
|
453
|
+
return Qnil;
|
454
|
+
}
|
455
|
+
|
456
|
+
static VALUE libnids_discard(VALUE self, VALUE stream, VALUE count)
|
457
|
+
{
|
458
|
+
struct tcp_stream *ts;
|
459
|
+
|
460
|
+
DEBUG_PRINT("Discarding tcp packet");
|
461
|
+
|
462
|
+
if(TYPE(stream) != T_STRUCT || TYPE(count) != T_FIXNUM) {
|
463
|
+
rb_raise(rb_eTypeError,"libnids_discard: expected struct object and fixnum");
|
464
|
+
}
|
465
|
+
|
466
|
+
Data_Get_Struct(stream, struct tcp_stream, ts);
|
467
|
+
nids_discard(ts, NUM2INT(count));
|
468
|
+
|
469
|
+
return Qnil;
|
470
|
+
}
|
471
|
+
|
472
|
+
static VALUE libnids_kill(VALUE self, VALUE stream)
|
473
|
+
{
|
474
|
+
struct tcp_stream *ts;
|
475
|
+
|
476
|
+
DEBUG_PRINT("Killing TCP stream");
|
477
|
+
|
478
|
+
if(TYPE(stream) != T_STRUCT) {
|
479
|
+
rb_raise(rb_eTypeError,"libnids_discard: expected struct object");
|
480
|
+
}
|
481
|
+
|
482
|
+
Data_Get_Struct(stream, struct tcp_stream, ts);
|
483
|
+
nids_killtcp(ts);
|
484
|
+
|
485
|
+
return Qnil;
|
486
|
+
}
|
487
|
+
|
488
|
+
void Init_libnids()
|
489
|
+
{
|
490
|
+
|
491
|
+
mLibnids = rb_define_module("NIDS");
|
492
|
+
|
493
|
+
rb_define_const(mLibnids, "STATE_JUST_EST", INT2FIX(NIDS_JUST_EST));
|
494
|
+
rb_define_const(mLibnids, "STATE_DATA", INT2FIX(NIDS_DATA));
|
495
|
+
rb_define_const(mLibnids, "STATE_RESET", INT2FIX(NIDS_RESET));
|
496
|
+
rb_define_const(mLibnids, "STATE_CLOSE", INT2FIX(NIDS_CLOSE));
|
497
|
+
rb_define_const(mLibnids, "STATE_TIMED_OUT", INT2FIX(NIDS_TIMED_OUT));
|
498
|
+
rb_define_const(mLibnids, "STATE_EXITING", INT2FIX(NIDS_EXITING));
|
499
|
+
|
500
|
+
rb_define_const(mLibnids, "TCP_ESTABLISHED", INT2FIX(TCP_ESTABLISHED));
|
501
|
+
rb_define_const(mLibnids, "TCP_SYN_SENT", INT2FIX(TCP_SYN_SENT));
|
502
|
+
rb_define_const(mLibnids, "TCP_SYN_RECV", INT2FIX(TCP_SYN_RECV));
|
503
|
+
rb_define_const(mLibnids, "TCP_FIN_WAIT1", INT2FIX(TCP_FIN_WAIT1));
|
504
|
+
rb_define_const(mLibnids, "TCP_FIN_WAIT2", INT2FIX(TCP_FIN_WAIT2));
|
505
|
+
rb_define_const(mLibnids, "TCP_TIME_WAIT", INT2FIX(TCP_TIME_WAIT));
|
506
|
+
rb_define_const(mLibnids, "TCP_CLOSE", INT2FIX(TCP_CLOSE));
|
507
|
+
rb_define_const(mLibnids, "TCP_CLOSE_WAIT", INT2FIX(TCP_CLOSE_WAIT));
|
508
|
+
rb_define_const(mLibnids, "TCP_LAST_ACK", INT2FIX(TCP_LAST_ACK));
|
509
|
+
rb_define_const(mLibnids, "TCP_LISTEN", INT2FIX(TCP_LISTEN));
|
510
|
+
rb_define_const(mLibnids, "TCP_CLOSING", INT2FIX(TCP_CLOSING));
|
511
|
+
|
512
|
+
cLibnids = rb_define_class_under(mLibnids, "Sniffer", rb_cObject);
|
513
|
+
|
514
|
+
rb_define_method(cLibnids, "initialize", libnids_init, -1);
|
515
|
+
rb_define_method(cLibnids, "register_ip_frag", libnids_register_ip_frag, 2);
|
516
|
+
rb_define_method(cLibnids, "register_ip", libnids_register_ip, 2);
|
517
|
+
rb_define_method(cLibnids, "register_tcp", libnids_register_tcp, 2);
|
518
|
+
rb_define_method(cLibnids, "register_udp", libnids_register_udp, 2);
|
519
|
+
rb_define_method(cLibnids, "collect_tcp_client", libnids_collect_tcp_client, 1);
|
520
|
+
rb_define_method(cLibnids, "collect_tcp_server", libnids_collect_tcp_server, 1);
|
521
|
+
rb_define_method(cLibnids, "discard", libnids_discard, 1);
|
522
|
+
rb_define_method(cLibnids, "kill", libnids_kill, 1);
|
523
|
+
rb_define_method(cLibnids, "run", libnids_run, 0);
|
524
|
+
|
525
|
+
}
|
metadata
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
rubygems_version: 0.9.4
|
3
|
+
specification_version: 1
|
4
|
+
name: ruby-libnids
|
5
|
+
version: !ruby/object:Gem::Version
|
6
|
+
version: "1.0"
|
7
|
+
date: 2008-10-04 00:00:00 +05:30
|
8
|
+
summary: Ruby binding for libnids
|
9
|
+
require_paths:
|
10
|
+
- lib
|
11
|
+
email: abhisek@rubyforge.org
|
12
|
+
homepage: http://ruby-libnids.rubyforge.org
|
13
|
+
rubyforge_project: ruby-libnids
|
14
|
+
description: "ruby-libnids is a Ruby binding for libnids library written in C programming language. libnids homepage: http://libnids.sourceforge.net libnids author: Rafal Wojtczuk"
|
15
|
+
autorequire:
|
16
|
+
default_executable:
|
17
|
+
bindir: bin
|
18
|
+
has_rdoc: true
|
19
|
+
required_ruby_version: !ruby/object:Gem::Version::Requirement
|
20
|
+
requirements:
|
21
|
+
- - ">"
|
22
|
+
- !ruby/object:Gem::Version
|
23
|
+
version: 0.0.0
|
24
|
+
version:
|
25
|
+
platform: i486-linux
|
26
|
+
signing_key:
|
27
|
+
cert_chain:
|
28
|
+
post_install_message:
|
29
|
+
authors: []
|
30
|
+
|
31
|
+
files:
|
32
|
+
- ruby-libnids.c
|
33
|
+
- README
|
34
|
+
- COPYING
|
35
|
+
- COPYING.ruby
|
36
|
+
test_files: []
|
37
|
+
|
38
|
+
rdoc_options: []
|
39
|
+
|
40
|
+
extra_rdoc_files: []
|
41
|
+
|
42
|
+
executables: []
|
43
|
+
|
44
|
+
extensions:
|
45
|
+
- extconf.rb
|
46
|
+
requirements: []
|
47
|
+
|
48
|
+
dependencies: []
|
49
|
+
|