.TITLE NETSPY Probe for statistics .NLIST BEX .ENABL LC ; ; Probe for statistics ; ; External symbols ; .GLOBL CTRL,NETMSG,RTNMSG ;network routines .GLOBL RNAME ;domain-name server .GLOBL RDDEC,RDASC,HASH,PRDEC,PROCB ;i/o utilities ; ; Entry symbols ; .GLOBL RDBYT ;char input .GLOBL PRBYT ;char output ; ; System definitions ; .ASECT .MCALL .COM,.CHR,.WIND ;dcnlib macros .MCALL .TTYIN,.TTYOU,.EXIT,.QSET ;rt-11 macroni .MCALL .SPND,.RSUM,.MRKT,.CMKT,.SCCA .MCALL $DFIH,$DFUH,$DFMH,$DFSIG ;moslib macroni .MCALL CALL,FORMAT ;netlib macros .COM ;define common data .CHR ;define ascii character codes $DFIH ;define internet header $DFUH ;define user datagram header $DFMH ;define ntp control message header $DFSIG ;define interprocess signals ; ; Module definitions ; ; Assembly parameters ; QUESIZ = 20. ;max elements on completion queue TCBSIZ = 256. ;size of tcb NTPPRT = 123.*400 ;ntp server port CLIPRT = 133.*400 ;statistics server port RTXTIM = 10. ;retry timeout (seconds) STRTIM = 1. ;straggler timeout (seconds) RTXMAX = 3 ;max retries ; ; Procedure segment ; .PSECT $BOSI,RO,I ; ; Statistics query program ; START: BIS #40000,@#44 ;disable folding .QSET #QUEUE,#QUESIZ ;allocate space for completion queue MOV #512,R1 ;is argument in chain area TSTB @R1 BEQ 1$ ;branch if no CALL RNAME,R1,#CCBADR,#0 ;yes. fetch Internet address TST R0 BEQ 2$ ;branch if found JSR PC,PRIDNT ;error. display message JSR PC,RTNMSG 1$: .EXIT ; 2$: CLR SCCA ;disable control-c .SCCA #ARGBLK,#SCCA CLR SEQNBR 3$: TST SCCA ;is there more BEQ 4$ ;branch if yes .EXIT ;no. turn out the lights ; 4$: CLRB CHAR ;get command MOV #CLIPRT,CCBADR+4 ;assume netspy MOV #'*,R0 JSR PC,PRBYT JSR PC,HASH BEQ 3$ ;ignore empty line MOV #CMDBUF,R1 ;construct command CMP R0,#^RNTP ;is this ntp BNE 5$ ;branch if no MOV #NTPPRT,CCBADR+4 ;yes. specify ntp control message MOVB #NX.VER*10+NX.CTL,(R1)+ ;(nm.mod) JSR PC,RDDEC ;get command MOVB R0,(R1)+ ;(nm.opc) INC SEQNBR ;get sequence number MOV SEQNBR,(R1)+ ;(nm.seq) CLR (R1)+ ;(nm.sta) JSR PC,RDDEC ;get association id MOV R0,(R1)+ ;(nm.aid) CLR (R1)+ ;(nm.ofs) CLR (R1)+ ;(nm.cnt) 5$: JSR PC,RDASC ;copy command string BEQ 6$ ;branch if no more MOVB R0,(R1)+ ;stash BR 5$ ; 6$: SUB #CMDBUF,R1 ;compute length BEQ 3$ ;branch if empty MOV R1,COUNT MOV #RTXMAX,RETRY CLR TCB ;(pass check in open) CALL CTRL,#CM.OPN,#CCB,#TCB ;open connection TST R0 BEQ 7$ ;branch if no error JSR PC,PRIDNT ;error. display message JSR PC,RTNMSG .EXIT ; 7$: .SPND ;lots happen in there BR 3$ ; ; Net trap routine ; NCA: MOV SD.ADR(R0),R1 ;get signal particulars MOV SD.CHN(R0),R0 BIC #^C17,R0 ;decode signal MOV R0,R2 ASL R2 ADD R2,PC BR SIGOPN ;0 open BR SIGERR ;1 connection error BR SIGERR ;2 host not responding BR SIGCLS ;3 closed BR SIG56 ;4 data available BR SIGERR ;5 connection reset BR SIGERR ;6 send complete BR SIGERR ;7 remote disconnect BR SIGERR ;10 remote interrupt BR SIGERR ;11 nsp (decnet) ; SIG56: JMP SIGDAT ;handrail ; SIGERR: JSR PC,PRIDNT ;net error. display message JSR PC,NETMSG RTS PC ; SIGCLS: .RSUM ;close complete. unlock mainline RTS PC ; SIGOPN: TST SCCA ;is control-c pending BNE SIGERY ;branch if yes CALL CTRL,#CM.GET,#TEMP,#TCB ;no. allocate and init ip datagram TST R0 BEQ 3$ ;branch if no error JSR PC,PRIDNT ;display error message JSR PC,RTNMSG BR 6$ ; 3$: MOV TEMP,R2 ;get packet pointers BISB #300+TQ.DLY,IH.TOS(R2) ;give it a good spank ADD PH.OFS(R2),R2 MOV R2,R3 ADD #UH.LEN,R3 MOV COUNT,R0 MOV #CMDBUF,R1 ;copy command 4$: MOVB (R1)+,(R3)+ SOB R0,4$ CLRB @R3 ;(backstop for display) MOV TEMP,R1 ;compute length MOV COUNT,PH.LNG(R1) ADD #UH.LEN,PH.LNG(R1) CMP #NTPPRT,CCBADR+4 ;is this ntp control message BNE 5$ ;branch if no MOV COUNT,NM.CNT(R2) ;yes. complete the job SUB #NM.LEN-UH.LEN,NM.CNT(R2) SWAB NM.SEQ(R2) ;swab decks SWAB NM.AID(R2) SWAB NM.CNT(R2) 5$: CALL CTRL,#CM.UDP,R1,#TCB ;send udp packet TST R0 BEQ 6$ ;branch if no error JSR PC,PRIDNT ;display error message JSR PC,RTNMSG 6$: .MRKT #ARGBLK,#TIME1,#SMPSRV,#1 ;arm watchdog bark RTS PC ; SMPSRV: DEC RETRY ;has max retries been reached BNE SIGOPN ;branch if no FORMAT #COM20 ;timeout SIGERY: CALL CTRL,#CM.CLS,#0,#TCB ;udp close RTS PC ; SIGDAT: CLR R0 ;map packet into user space .WIND MOV PH.LNG(R1),R3 ;is format correct CMP R3,#UH.LEN BHIS 1$ ;branch if yes FORMAT #COM21 ;invalid packet format CALL CTRL,#CM.FRE,R1,#TCB ;free ip packet RTS PC ; 1$: .CMKT #ARGBLK,#1,#0 ;kill timeout MOV R1,R2 ;shuffle packet pointers ADD PH.OFS(R1),R2 BIT #IH.OFF,IH.FRG(R1) ;is this first ip fragment BNE 5$ ;branch if no CLR FLAGS ;yes. is this ntp control message CMP #NTPPRT,CCBADR+4 BNE 5$ ;branch if no SWAB NM.SEQ(R2) ;yes. swab decks SWAB NM.AID(R2) BNE 2$ MOVB NM.OPC(R2),FLAGS ;save system opcode for later BICB #NY.MOR,FLAGS 2$: SWAB NM.CNT(R2) SWAB NM.OFS(R2) ;is this first ntp fragment BNE 3$ ;branch if no FORMAT #COM10,R2 ;yes. reveal header 3$: SUB #NM.LEN-UH.LEN,R3 ;reset pointers CMP NM.CNT(R2),R3 BHI 4$ MOV NM.CNT(R2),R3 4$: ADD #NM.LEN,R2 ;skip header BR 6$ ; 5$: SUB #UH.LEN,R3 ;spy. reset pointers ADD #UH.LEN,R2 6$: TST R3 ;be real careful BLE 10$ ;branch if nothing there CMPB FLAGS,#NY.RDS+NY.RSP ;is this ntp read system status BNE 8$ ;branch if no 7$: FORMAT #COM99,R2 ;yes. display association CMP (R2)+,(R2)+ ;advance to next entry SUB #4,R3 BGT 7$ BR 10$ ; 8$: MOVB (R2)+,R0 ;display reply JSR PC,PRBYT SOB R3,8$ 10$: CALL CTRL,#CM.FRE,R1,#TCB ;free ip packet .MRKT #ARGBLK,#TIME2,#SIGERY,#1 ;arm straggler delay RTS PC ; ; Subroutine to read byte ; returns r0 = byte ; RDBYT: CLR R0 ;presume eor CMPB CHAR,#ETX ;does this end the game BEQ 1$ ;branch if yes CMPB CHAR,#SUB BNE 2$ ;branch if no 1$: INC SCCA ;yes. bum out here, too BR 3$ ; 2$: CMPB CHAR,#LF ;is char eor BEQ 3$ ;branch if yes .TTYIN ;no. put byte BIC #^C177,R0 MOVB R0,CHAR 3$: TST R0 ;just in case RTS PC ; ; Subroutine to write byte ; R0 = byte ; PRBYT: .TTYOU ;put byte RTS PC ; ; Subroutine to display program ident ; PRIDNT: MOV R0,-(SP) ;appear transparent MOV #COM00,R0 ;display program ident JSR PC,FORMAT MOV (SP)+,R0 RTS PC ; ; Data segment ; .PSECT $BOSD,RO,D ;read-only data ; TIME1: .WORD 0,RTXTIM*60. ;reply timeout TIME2: .WORD 0,STRTIM*60. ;straggler timeout PROMPT: .ASCII '*'<200> COM00: .ASCIZ '?SPY-^+' COM20: .ASCIZ '?SPY-F-Reply timeout' COM21: .ASCIZ '?SPY-W-Invalid packet format' COM99: .ASCIZ '^XI'<0>' 0x^XH'<2> COM10: .ASCII 'header=0x^XH'', sequence=^I' .ASCII ', ident=^I'', status=0x^XH' .ASCIZ ', count=^I' .EVEN ; .PSECT $DATA,RW,I ;initialized read/write data ; ; Connection control block ; CCB: .WORD TCBSIZ ;ccb length .WORD NCA ;completion routine .BYTE P.UDP,0 ;protocol, flags .WORD 0,0,0 ;local socket (default) CCBADR: .WORD 0,0,0 ;remote socket .WORD 0,0 ;max datagram size, options (default) ; .PSECT $ERAS,RW,I ;read/write data ; STOBGN = . ;format fence TEMP: .BLKW 1 ;temporary COUNT: .BLKW 1 ;command buffer count FLAGS: .BLKW 1 ;switches and things ARGBLK: .BLKW 5 ;rt-11 argument block SCCA: .BLKW 1 ;control-c switch RETRY: .BLKW 1 ;retry count SEQNBR: .BLKW 1 ;message sequence number CMDBUF: .BLKW 128. ;command buffer CHAR: .BLKB 1 ;last char read .EVEN QUEUE: .BLKW QUESIZ.*7. ;space for completion queue TCB: .BLKW TCBSIZ ;transmission control block ; .END START