/**
* Ideally, this effectively un-does operations in sharktools_init()
*/
int sharktools_cleanup(void)
{
dprintf("%s: called\n", __FUNCTION__);
epan_cleanup();
return 0;
}
int
main(int argc, char **argv)
{
char *init_progfile_dir_error;
char *text;
char *gpf_path, *pf_path;
int gpf_open_errno, gpf_read_errno;
int pf_open_errno, pf_read_errno;
dfilter_t *df;
/*
* Get credential information for later use.
*/
init_process_policies();
/*
* Attempt to get the pathname of the executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "dftest: Can't get pathname of dftest program: %s.\n",
init_progfile_dir_error);
}
timestamp_set_type(TS_RELATIVE);
timestamp_set_seconds_type(TS_SECONDS_DEFAULT);
/* Register all dissectors; we must do this before checking for the
"-g" flag, as the "-g" flag dumps a list of fields registered
by the dissectors, and we must do it before we read the preferences,
in case any dissectors register preferences. */
epan_init(register_all_protocols,
register_all_protocol_handoffs, NULL, NULL,
failure_message, open_failure_message, read_failure_message,
write_failure_message);
/* now register the preferences for any non-dissector modules.
we must do that before we read the preferences as well. */
prefs_register_modules();
/* set the c-language locale to the native environment. */
setlocale(LC_ALL, "");
read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
if (gpf_path != NULL) {
if (gpf_open_errno != 0) {
fprintf(stderr,
"can't open global preferences file \"%s\": %s.\n",
pf_path, g_strerror(gpf_open_errno));
}
if (gpf_read_errno != 0) {
fprintf(stderr,
"I/O error reading global preferences file \"%s\": %s.\n",
pf_path, g_strerror(gpf_read_errno));
}
}
if (pf_path != NULL) {
if (pf_open_errno != 0) {
fprintf(stderr,
"can't open your preferences file \"%s\": %s.\n",
pf_path, g_strerror(pf_open_errno));
}
if (pf_read_errno != 0) {
fprintf(stderr,
"I/O error reading your preferences file \"%s\": %s.\n",
pf_path, g_strerror(pf_read_errno));
}
}
/* notify all registered modules that have had any of their preferences
changed either from one of the preferences file or from the command
line that its preferences have changed. */
prefs_apply_all();
/* Check for filter on command line */
if (argc <= 1) {
fprintf(stderr, "Usage: dftest <filter>\n");
exit(1);
}
/* Get filter text */
text = get_args_as_string(argc, argv, 1);
printf("Filter: \"%s\"\n", text);
/* Compile it */
if (!dfilter_compile(text, &df)) {
fprintf(stderr, "dftest: %s\n", dfilter_error_msg);
epan_cleanup();
exit(2);
}
printf("dfilter ptr = 0x%08x\n", GPOINTER_TO_INT(df));
printf("\n\n");
if (df == NULL)
printf("Filter is empty\n");
else
dfilter_dump(df);
dfilter_free(df);
epan_cleanup();
exit(0);
}
/**
Wrapper for top level dissection structures cleanup
*/
extern "C" __declspec(dllexport) void hf_dissect_cleanup()
{
epan_cleanup();
}
int
main(int argc, char **argv)
{
char *init_progfile_dir_error;
char *text;
dfilter_t *df;
gchar *err_msg;
/*
* Get credential information for later use.
*/
init_process_policies();
/*
* Attempt to get the pathname of the directory containing the
* executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "dftest: Can't get pathname of directory containing the dftest program: %s.\n",
init_progfile_dir_error);
g_free(init_progfile_dir_error);
}
init_report_message(failure_warning_message, failure_warning_message,
open_failure_message, read_failure_message,
write_failure_message);
timestamp_set_type(TS_RELATIVE);
timestamp_set_seconds_type(TS_SECONDS_DEFAULT);
#ifdef HAVE_PLUGINS
/* Register all the plugin types we have. */
epan_register_plugin_types(); /* Types known to libwireshark */
/* Scan for plugins. This does *not* call their registration routines;
that's done later. */
scan_plugins(REPORT_LOAD_FAILURE);
#endif
wtap_init();
/* Register all dissectors; we must do this before checking for the
"-g" flag, as the "-g" flag dumps a list of fields registered
by the dissectors, and we must do it before we read the preferences,
in case any dissectors register preferences. */
if (!epan_init(register_all_protocols, register_all_protocol_handoffs,
NULL, NULL))
return 2;
/* set the c-language locale to the native environment. */
setlocale(LC_ALL, "");
/* Load libwireshark settings from the current profile. */
epan_load_settings();
/* notify all registered modules that have had any of their preferences
changed either from one of the preferences file or from the command
line that its preferences have changed. */
prefs_apply_all();
/* Check for filter on command line */
if (argc <= 1) {
fprintf(stderr, "Usage: dftest <filter>\n");
exit(1);
}
/* Get filter text */
text = get_args_as_string(argc, argv, 1);
printf("Filter: \"%s\"\n", text);
/* Compile it */
if (!dfilter_compile(text, &df, &err_msg)) {
fprintf(stderr, "dftest: %s\n", err_msg);
g_free(err_msg);
epan_cleanup();
exit(2);
}
printf("\n");
if (df == NULL)
printf("Filter is empty\n");
else
dfilter_dump(df);
dfilter_free(df);
epan_cleanup();
exit(0);
}
int
main(int argc, char *argv[])
{
char *init_progfile_dir_error;
int opt, i;
extern char *optarg;
gboolean arg_error = FALSE;
#ifdef _WIN32
WSADATA wsaData;
#endif /* _WIN32 */
char *gpf_path, *pf_path;
char *gdp_path, *dp_path;
int gpf_open_errno, gpf_read_errno;
int pf_open_errno, pf_read_errno;
int gdp_open_errno, gdp_read_errno;
int dp_open_errno, dp_read_errno;
int err;
gchar *pipe_name = NULL;
gchar *rfilters[64];
e_prefs *prefs;
char badopt;
GLogLevelFlags log_flags;
GPtrArray *disp_fields = g_ptr_array_new();
guint fc;
gboolean skip_pcap_header = FALSE;
#define OPTSTRING_INIT "d:F:hlnN:o:r:R:sS:t:v"
static const char optstring[] = OPTSTRING_INIT;
/*
* Get credential information for later use.
*/
get_credential_info();
/*
* Clear the filters arrays
*/
memset(rfilters, 0, sizeof(rfilters));
memset(rfcodes, 0, sizeof(rfcodes));
n_rfilters = 0;
n_rfcodes = 0;
/*
* Initialize our string format
*/
string_fmts = g_ptr_array_new();
/*
* Attempt to get the pathname of the executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "rawshark: Can't get pathname of rawshark program: %s.\n",
init_progfile_dir_error);
}
/*
* Get credential information for later use.
*/
get_credential_info();
/* nothing more than the standard GLib handler, but without a warning */
log_flags =
G_LOG_LEVEL_WARNING |
G_LOG_LEVEL_MESSAGE |
G_LOG_LEVEL_INFO |
G_LOG_LEVEL_DEBUG;
g_log_set_handler(NULL,
log_flags,
log_func_ignore, NULL /* user_data */);
g_log_set_handler(LOG_DOMAIN_CAPTURE_CHILD,
log_flags,
log_func_ignore, NULL /* user_data */);
timestamp_set_type(TS_RELATIVE);
timestamp_set_precision(TS_PREC_AUTO);
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL,
failure_message, open_failure_message, read_failure_message,
write_failure_message);
/* Now register the preferences for any non-dissector modules.
We must do that before we read the preferences as well. */
prefs_register_modules();
/* Set the C-language locale to the native environment. */
setlocale(LC_ALL, "");
prefs = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
if (gpf_path != NULL) {
if (gpf_open_errno != 0) {
cmdarg_err("Can't open global preferences file \"%s\": %s.",
pf_path, strerror(gpf_open_errno));
}
if (gpf_read_errno != 0) {
cmdarg_err("I/O error reading global preferences file \"%s\": %s.",
pf_path, strerror(gpf_read_errno));
}
}
if (pf_path != NULL) {
if (pf_open_errno != 0) {
cmdarg_err("Can't open your preferences file \"%s\": %s.", pf_path,
strerror(pf_open_errno));
}
if (pf_read_errno != 0) {
cmdarg_err("I/O error reading your preferences file \"%s\": %s.",
pf_path, strerror(pf_read_errno));
}
g_free(pf_path);
pf_path = NULL;
}
/* Set the name resolution code's flags from the preferences. */
g_resolv_flags = prefs->name_resolve;
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
if (gdp_path != NULL) {
if (gdp_open_errno != 0) {
cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_open_errno));
}
if (gdp_read_errno != 0) {
cmdarg_err("I/O error reading global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_read_errno));
}
g_free(gdp_path);
}
if (dp_path != NULL) {
if (dp_open_errno != 0) {
cmdarg_err(
"Could not open your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_open_errno));
}
if (dp_read_errno != 0) {
cmdarg_err(
"I/O error reading your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_read_errno));
}
g_free(dp_path);
}
#ifdef _WIN32
/* Load Wpcap, if possible */
load_wpcap();
#endif
init_cap_file(&cfile);
/* Assemble the compile-time version information string */
comp_info_str = g_string_new("Compiled ");
get_compiled_version_info(comp_info_str, get_epan_compiled_version_info);
/* Assemble the run-time version information string */
runtime_info_str = g_string_new("Running ");
get_runtime_version_info(runtime_info_str, NULL);
/* Print format defaults to this. */
print_format = PR_FMT_TEXT;
/* Initialize our encapsulation type */
encap = WTAP_ENCAP_UNKNOWN;
/* Now get our args */
/* XXX - We should probably have an option to dump libpcap link types */
while ((opt = getopt(argc, argv, optstring)) != -1) {
switch (opt) {
case 'd': /* Payload type */
if (!set_link_type(optarg)) {
cmdarg_err("Invalid link type or protocol \"%s\"", optarg);
exit(1);
}
break;
case 'F': /* Read field to display */
g_ptr_array_add(disp_fields, g_strdup(optarg));
break;
case 'h': /* Print help and exit */
print_usage(TRUE);
exit(0);
break;
case 'l': /* "Line-buffer" standard output */
/* This isn't line-buffering, strictly speaking, it's just
flushing the standard output after the information for
each packet is printed; however, that should be good
enough for all the purposes to which "-l" is put (and
is probably actually better for "-V", as it does fewer
writes).
See the comment in "process_packet()" for an explanation of
why we do that, and why we don't just use "setvbuf()" to
make the standard output line-buffered (short version: in
Windows, "line-buffered" is the same as "fully-buffered",
and the output buffer is only flushed when it fills up). */
line_buffered = TRUE;
break;
case 'n': /* No name resolution */
g_resolv_flags = RESOLV_NONE;
break;
case 'N': /* Select what types of addresses/port #s to resolve */
if (g_resolv_flags == RESOLV_ALL)
g_resolv_flags = RESOLV_NONE;
badopt = string_to_name_resolve(optarg, &g_resolv_flags);
if (badopt != '\0') {
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'",
badopt);
exit(1);
}
break;
case 'o': /* Override preference from command line */
switch (prefs_set_pref(optarg)) {
case PREFS_SET_OK:
break;
case PREFS_SET_SYNTAX_ERR:
cmdarg_err("Invalid -o flag \"%s\"", optarg);
exit(1);
break;
case PREFS_SET_NO_SUCH_PREF:
case PREFS_SET_OBSOLETE:
cmdarg_err("-o flag \"%s\" specifies unknown preference", optarg);
exit(1);
break;
}
break;
case 'r': /* Read capture file xxx */
pipe_name = g_strdup(optarg);
break;
case 'R': /* Read file filter */
if(n_rfilters < (int) sizeof(rfilters) / (int) sizeof(rfilters[0])) {
rfilters[n_rfilters++] = optarg;
}
else {
cmdarg_err("Too many display filters");
exit(1);
}
break;
case 's': /* Skip PCAP header */
skip_pcap_header = TRUE;
break;
case 'S': /* Print string representations */
if (!parse_field_string_format(optarg)) {
cmdarg_err("Invalid field string format");
exit(1);
}
break;
case 't': /* Time stamp type */
if (strcmp(optarg, "r") == 0)
timestamp_set_type(TS_RELATIVE);
else if (strcmp(optarg, "a") == 0)
timestamp_set_type(TS_ABSOLUTE);
else if (strcmp(optarg, "ad") == 0)
timestamp_set_type(TS_ABSOLUTE_WITH_DATE);
else if (strcmp(optarg, "d") == 0)
timestamp_set_type(TS_DELTA);
else if (strcmp(optarg, "dd") == 0)
timestamp_set_type(TS_DELTA_DIS);
else if (strcmp(optarg, "e") == 0)
timestamp_set_type(TS_EPOCH);
else {
cmdarg_err("Invalid time stamp type \"%s\"",
optarg);
cmdarg_err_cont("It must be \"r\" for relative, \"a\" for absolute,");
cmdarg_err_cont("\"ad\" for absolute with date, or \"d\" for delta.");
exit(1);
}
break;
case 'v': /* Show version and exit */
printf("Rawshark " VERSION "%s\n"
"\n"
"%s"
"\n"
"%s"
"\n"
"%s",
wireshark_svnversion, get_copyright_info(), comp_info_str->str,
runtime_info_str->str);
exit(0);
break;
default:
case '?': /* Bad flag - print usage message */
print_usage(TRUE);
exit(1);
break;
}
}
/* Notify all registered modules that have had any of their preferences
changed either from one of the preferences file or from the command
line that their preferences have changed.
Initialize preferences before display filters, otherwise modules
like MATE won't work. */
prefs_apply_all();
/* Initialize our display fields */
for (fc = 0; fc < disp_fields->len; fc++) {
protocolinfo_init(g_ptr_array_index(disp_fields, fc));
}
g_ptr_array_free(disp_fields, TRUE);
printf("\n");
fflush(stdout);
/* If no capture filter or read filter has been specified, and there are
still command-line arguments, treat them as the tokens of a capture
filter (if no "-r" flag was specified) or a read filter (if a "-r"
flag was specified. */
if (optind < argc) {
if (pipe_name != NULL) {
if (n_rfilters != 0) {
cmdarg_err("Read filters were specified both with \"-R\" "
"and with additional command-line arguments");
exit(1);
}
rfilters[n_rfilters] = get_args_as_string(argc, argv, optind);
}
}
/* Make sure we got a dissector handle for our payload. */
if (encap == WTAP_ENCAP_UNKNOWN) {
cmdarg_err("No valid payload dissector specified.");
exit(1);
}
if (arg_error) {
print_usage(FALSE);
exit(1);
}
#ifdef _WIN32
/* Start windows sockets */
WSAStartup( MAKEWORD( 1, 1 ), &wsaData );
#endif /* _WIN32 */
/* At this point MATE will have registered its field array so we can
have a tap filter with one of MATE's late-registered fields as part
of the filter. We can now process all the "-z" arguments. */
start_requested_stats();
/* disabled protocols as per configuration file */
if (gdp_path == NULL && dp_path == NULL) {
set_disabled_protos_list();
}
/* Build the column format array */
col_setup(&cfile.cinfo, prefs->num_cols);
for (i = 0; i < cfile.cinfo.num_cols; i++) {
cfile.cinfo.col_fmt[i] = get_column_format(i);
cfile.cinfo.col_title[i] = g_strdup(get_column_title(i));
cfile.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) *
NUM_COL_FMTS);
get_column_format_matches(cfile.cinfo.fmt_matx[i], cfile.cinfo.col_fmt[i]);
cfile.cinfo.col_data[i] = NULL;
if (cfile.cinfo.col_fmt[i] == COL_INFO)
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_INFO_LEN);
else
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_fence[i] = 0;
cfile.cinfo.col_expr.col_expr[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_expr.col_expr_val[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
}
for (i = 0; i < cfile.cinfo.num_cols; i++) {
int j;
for (j = 0; j < NUM_COL_FMTS; j++) {
if (!cfile.cinfo.fmt_matx[i][j])
continue;
if (cfile.cinfo.col_first[j] == -1)
cfile.cinfo.col_first[j] = i;
cfile.cinfo.col_last[j] = i;
}
}
if (n_rfilters != 0) {
for (i = 0; i < n_rfilters; i++) {
if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes])) {
cmdarg_err("%s", dfilter_error_msg);
epan_cleanup();
exit(2);
}
n_rfcodes++;
}
}
if (pipe_name) {
/*
* We're reading a pipe (or capture file).
*/
/*
* Immediately relinquish any special privileges we have; we must not
* be allowed to read any capture files the user running Rawshark
* can't open.
*/
relinquish_special_privs_perm();
if (raw_cf_open(&cfile, pipe_name) != CF_OK) {
epan_cleanup();
exit(2);
}
/* Do we need to PCAP header and magic? */
if (skip_pcap_header) {
guint bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32);
gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)];
while (bytes_left > 0) {
guint bytes = read(fd, buf, bytes_left);
if (bytes <= 0) {
cmdarg_err("Not enough bytes for pcap header.");
exit(2);
}
bytes_left -= bytes;
}
}
/* Set timestamp precision; there should arguably be a command-line
option to let the user set this. */
#if 0
switch(wtap_file_tsprecision(cfile.wth)) {
case(WTAP_FILE_TSPREC_SEC):
timestamp_set_precision(TS_PREC_AUTO_SEC);
break;
case(WTAP_FILE_TSPREC_DSEC):
timestamp_set_precision(TS_PREC_AUTO_DSEC);
break;
case(WTAP_FILE_TSPREC_CSEC):
timestamp_set_precision(TS_PREC_AUTO_CSEC);
break;
case(WTAP_FILE_TSPREC_MSEC):
timestamp_set_precision(TS_PREC_AUTO_MSEC);
break;
case(WTAP_FILE_TSPREC_USEC):
timestamp_set_precision(TS_PREC_AUTO_USEC);
break;
case(WTAP_FILE_TSPREC_NSEC):
timestamp_set_precision(TS_PREC_AUTO_NSEC);
break;
default:
g_assert_not_reached();
}
#else
timestamp_set_precision(TS_PREC_AUTO_USEC);
#endif
/* Process the packets in the file */
err = load_cap_file(&cfile);
if (err != 0) {
epan_cleanup();
exit(2);
}
} else {
/* If you want to capture live packets, use TShark. */
cmdarg_err("Input file or pipe name not specified.");
exit(2);
}
epan_cleanup();
return 0;
}
