/* Returns 0 if we could write the specified encapsulation type,
an error indication otherwise. */
int libpcap_dump_can_write_encap(int encap)
{
/* Per-packet encapsulations aren't supported. */
if (encap == WTAP_ENCAP_PER_PACKET)
return WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED;
if (wtap_wtap_encap_to_pcap_encap(encap) == -1)
return WTAP_ERR_UNWRITABLE_ENCAP;
return 0;
}
ImportTextDialog::ImportTextDialog(QWidget *parent) :
QDialog(parent),
ti_ui_(new Ui::ImportTextDialog),
import_info_()
{
int encap;
int i;
ti_ui_->setupUi(this);
memset(&import_info_, 0, sizeof(import_info_));
ok_button_ = ti_ui_->buttonBox->button(QDialogButtonBox::Ok);
ok_button_->setEnabled(false);
#ifdef Q_OS_MAC
// The grid layout squishes each line edit otherwise.
int le_height = ti_ui_->textFileLineEdit->sizeHint().height();
ti_ui_->ethertypeLineEdit->setMinimumHeight(le_height);
ti_ui_->protocolLineEdit->setMinimumHeight(le_height);
ti_ui_->sourcePortLineEdit->setMinimumHeight(le_height);
ti_ui_->destinationPortLineEdit->setMinimumHeight(le_height);
ti_ui_->tagLineEdit->setMinimumHeight(le_height);
ti_ui_->ppiLineEdit->setMinimumHeight(le_height);
#endif
on_dateTimeLineEdit_textChanged(ti_ui_->dateTimeLineEdit->text());
for (i = 0; i < ti_ui_->headerGridLayout->count(); i++) {
QRadioButton *rb = qobject_cast<QRadioButton *>(ti_ui_->headerGridLayout->itemAt(i)->widget());
if (rb) encap_buttons_.append(rb);
}
/* Scan all Wiretap encapsulation types */
import_info_.encapsulation = WTAP_ENCAP_ETHERNET;
for (encap = import_info_.encapsulation; encap < wtap_get_num_encap_types(); encap++)
{
/* Check if we can write to a PCAP file
*
* Exclude wtap encapsulations that require a pseudo header,
* because we won't setup one from the text we import and
* wiretap doesn't allow us to write 'raw' frames
*/
if ((wtap_wtap_encap_to_pcap_encap(encap) > 0) && !wtap_encap_requires_phdr(encap)) {
const char *name;
/* If it has got a name */
if ((name = wtap_encap_string(encap)))
{
ti_ui_->encapComboBox->addItem(name, QVariant(encap));
}
}
}
ti_ui_->encapComboBox->model()->sort(0);
}
void ExportPDUDialog::on_buttonBox_accepted()
{
exp_pdu_t exp_pdu_data;
exp_pdu_data.pkt_encap = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
const QByteArray& filter = ui->displayFilterLineEdit->text().toUtf8();
const QByteArray& tap_name = ui->comboBox->currentText().toUtf8();
do_export_pdu(filter.constData(), (gchar *)tap_name.constData(), &exp_pdu_data);
}
char *
exp_pdu_pre_open(const char *tap_name, const char *filter, exp_pdu_t *exp_pdu_tap_data)
{
GString *error_string;
/* XXX: can we always assume WTAP_ENCAP_WIRESHARK_UPPER_PDU? */
exp_pdu_tap_data->pkt_encap = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
/* Register this tap listener now */
error_string = register_tap_listener(tap_name, /* The name of the tap we want to listen to */
exp_pdu_tap_data, /* instance identifier/pointer to a struct holding
* all state variables */
filter, /* pointer to a filter string */
TL_REQUIRES_PROTO_TREE, /* flags for the tap listener */
NULL,
export_pdu_packet,
NULL);
if (error_string != NULL)
return g_string_free(error_string, FALSE);
return NULL;
}
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
int import_file_fd;
char *tmpname, *capfile_name;
int err;
/* pcapng defs */
wtapng_section_t *shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtapng_if_descr_t int_data;
GString *os_info_str;
char *appname;
/* Choose a random name for the temporary import buffer */
import_file_fd = create_tempfile(&tmpname, "Wireshark_PDU_");
capfile_name = g_strdup(tmpname);
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
appname = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
shb_hdr = g_new(wtapng_section_t,1);
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
shb_hdr->shb_hardware = NULL; /* UTF-8 string containing the
* description of the hardware used to create this section.
*/
shb_hdr->shb_os = os_info_str->str; /* UTF-8 string containing the name
* of the operating system used to create this section.
*/
g_string_free(os_info_str, FALSE); /* The actual string is not freed */
shb_hdr->shb_user_appl = appname; /* UTF-8 string containing the name
* of the application used to create this section.
*/
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t));
/* create the fake interface data */
int_data.wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data.time_units_per_second = 1000000; /* default microsecond resolution */
int_data.link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data.snap_len = WTAP_MAX_PACKET_SIZE;
int_data.if_name = g_strdup("Fake IF, PDU->Export");
int_data.opt_comment = NULL;
int_data.if_description = NULL;
int_data.if_speed = 0;
int_data.if_tsresol = 6;
int_data.if_filter_str = NULL;
int_data.bpf_filter_len = 0;
int_data.if_filter_bpf_bytes = NULL;
int_data.if_os = NULL;
int_data.if_fcslen = -1;
int_data.num_stat_entries = 0; /* Number of ISB:s */
int_data.interface_statistics = NULL;
g_array_append_val(idb_inf->interface_data, int_data);
exp_pdu_tap_data->wdh = wtap_dump_fdopen_ng(import_file_fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, &err);
if (exp_pdu_tap_data->wdh == NULL) {
open_failure_alert_box(capfile_name, err, TRUE);
goto end;
}
/* Run the tap */
cf_retap_packets(&cfile);
if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
write_failure_alert_box(capfile_name, err);
}
remove_tap_listener(exp_pdu_tap_data);
/* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
open_failure_alert_box(capfile_name, err, FALSE);
goto end;
}
switch (cf_read(&cfile, FALSE)) {
case CF_READ_OK:
case CF_READ_ERROR:
/* Just because we got an error, that doesn't mean we were unable
to read any of the file; we handle what we could get from the
file. */
break;
case CF_READ_ABORTED:
/* The user bailed out of re-reading the capture file; the
capture file has been closed - just free the capture file name
string and return (without changing the last containing
directory). */
break;
}
end:
g_free(capfile_name);
g_free(shb_hdr);
g_free(appname);
}
/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on
failure */
gboolean libpcap_dump_open(wtap_dumper *wdh, int *err)
{
guint32 magic;
struct pcap_hdr file_hdr;
/* This is a libpcap file */
wdh->subtype_write = libpcap_dump;
wdh->subtype_close = NULL;
/* Write the file header. */
switch (wdh->file_type_subtype) {
case WTAP_FILE_TYPE_SUBTYPE_PCAP:
case WTAP_FILE_TYPE_SUBTYPE_PCAP_SS990417: /* modified, but with the old magic, sigh */
case WTAP_FILE_TYPE_SUBTYPE_PCAP_NOKIA: /* Nokia libpcap of some sort */
magic = PCAP_MAGIC;
wdh->tsprecision = WTAP_TSPREC_USEC;
break;
case WTAP_FILE_TYPE_SUBTYPE_PCAP_SS990915: /* new magic, extra crap */
case WTAP_FILE_TYPE_SUBTYPE_PCAP_SS991029:
magic = PCAP_MODIFIED_MAGIC;
wdh->tsprecision = WTAP_TSPREC_USEC;
break;
case WTAP_FILE_TYPE_SUBTYPE_PCAP_NSEC: /* same as WTAP_FILE_TYPE_SUBTYPE_PCAP, but nsec precision */
magic = PCAP_NSEC_MAGIC;
wdh->tsprecision = WTAP_TSPREC_NSEC;
break;
default:
/* We should never get here - our open routine
should only get called for the types above. */
*err = WTAP_ERR_UNWRITABLE_FILE_TYPE;
return FALSE;
}
if (!wtap_dump_file_write(wdh, &magic, sizeof magic, err))
return FALSE;
wdh->bytes_dumped += sizeof magic;
/* current "libpcap" format is 2.4 */
file_hdr.version_major = 2;
file_hdr.version_minor = 4;
file_hdr.thiszone = 0; /* XXX - current offset? */
file_hdr.sigfigs = 0; /* unknown, but also apparently unused */
/*
* Tcpdump cannot handle capture files with a snapshot length of 0,
* as BPF filters return either 0 if they fail or the snapshot length
* if they succeed, and a snapshot length of 0 means success is
* indistinguishable from failure and the filter expression would
* reject all packets.
*
* A snapshot length of 0, inside Wiretap, means "snapshot length
* unknown"; if the snapshot length supplied to us is 0, we make
* the snapshot length in the header file WTAP_MAX_PACKET_SIZE.
*/
file_hdr.snaplen = (wdh->snaplen != 0) ? wdh->snaplen :
WTAP_MAX_PACKET_SIZE;
file_hdr.network = wtap_wtap_encap_to_pcap_encap(wdh->encap);
if (!wtap_dump_file_write(wdh, &file_hdr, sizeof file_hdr, err))
return FALSE;
wdh->bytes_dumped += sizeof file_hdr;
return TRUE;
}
/*
* Opens an .xml file with Trace data formated according to 3GPP TS 32.423 and converts it to
* an "Exported PDU type file with the entire xml file as the first "packet" appending the
* raw messages as subsequent packages to be dissected by wireshark.
*/
static wtap_open_return_val
create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_423_file_info_t *file_info)
{
int import_file_fd;
wtap_dumper* wdh_exp_pdu;
int exp_pdu_file_err;
/* pcapng defs */
wtapng_section_t *shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtapng_if_descr_t int_data;
GString *os_info_str;
char *appname;
gint64 file_size;
int packet_size;
guint8 *packet_buf;
int wrt_err;
gchar *wrt_err_info;
struct wtap_pkthdr phdr;
gboolean do_random = FALSE;
char *curr_pos, *next_pos;
import_file_fd = create_tempfile(&(file_info->tmpname), "Wireshark_PDU_");
/* Now open a file and dump to it */
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
appname = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
shb_hdr = g_new(wtapng_section_t, 1);
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = g_strdup_printf("File converted to Exported PDU format during opening");
/*
* UTF-8 string containing the description of the hardware used to create
* this section.
*/
shb_hdr->shb_hardware = NULL;
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
shb_hdr->shb_os = g_string_free(os_info_str, FALSE);
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
shb_hdr->shb_user_appl = appname;
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t, 1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t));
/* create the fake interface data */
int_data.wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data.time_units_per_second = 1000000; /* default microsecond resolution */
int_data.link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data.snap_len = WTAP_MAX_PACKET_SIZE;
int_data.if_name = g_strdup("Fake IF");
int_data.opt_comment = NULL;
int_data.if_description = NULL;
int_data.if_speed = 0;
int_data.if_tsresol = 6;
int_data.if_filter_str = NULL;
int_data.bpf_filter_len = 0;
int_data.if_filter_bpf_bytes = NULL;
int_data.if_os = NULL;
int_data.if_fcslen = -1;
int_data.num_stat_entries = 0; /* Number of ISB:s */
int_data.interface_statistics = NULL;
g_array_append_val(idb_inf->interface_data, int_data);
wdh_exp_pdu = wtap_dump_fdopen_ng(import_file_fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU,
WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &exp_pdu_file_err);
if (wdh_exp_pdu == NULL) {
return WTAP_OPEN_ERROR;
}
g_free(shb_hdr);
g_free(appname);
/* OK we've opend a new pcap-ng file and written the headers, time to do the packets, strt by finding the file size */
if ((file_size = wtap_file_size(wth, err)) == -1)
return WTAP_OPEN_ERROR;
if (file_size > MAX_FILE_SIZE) {
/*
* Don't blow up trying to allocate space for an
* immensely-large file.
*/
*err = WTAP_ERR_BAD_FILE;
*err_info = g_strdup_printf("mime_file: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u",
file_size, MAX_FILE_SIZE);
return WTAP_OPEN_ERROR;
}
packet_size = (int)file_size;
/* Allocate the packet buffer
* (the whole file + Exported PDU tag "protocol" and
* the string "xml" + 1 filler to end on 4 byte boundary for the tag
* + End of options 4 bytes
*/
/* XXX add the length of exported bdu tag(s) here */
packet_buf = (guint8 *)g_malloc(packet_size + 12);
packet_buf[0] = 0;
packet_buf[1] = 12; /* EXP_PDU_TAG_PROTO_NAME */
packet_buf[2] = 0;
packet_buf[3] = 4;
packet_buf[4] = 0x78; /* "x" */
packet_buf[5] = 0x6d; /* "m" */
packet_buf[6] = 0x6c; /* "l" */
packet_buf[7] = 0;
/* End of options */
packet_buf[8] = 0;
packet_buf[9] = 0;
packet_buf[10] = 0;
packet_buf[11] = 0;
if (!wtap_read_bytes(wth->fh, packet_buf + 12, packet_size, &wrt_err, &wrt_err_info)){
return WTAP_OPEN_ERROR;
}
/* Create the packet header */
memset(&phdr, 0, sizeof(struct wtap_pkthdr));
phdr.rec_type = REC_TYPE_PACKET;
phdr.presence_flags = 0; /* yes, we have no bananas^Wtime stamp */
phdr.caplen = packet_size + 12;
phdr.len = packet_size + 12;
phdr.ts.secs = 0;
phdr.ts.nsecs = 0;
/* XXX: report errors! */
if (!wtap_dump(wdh_exp_pdu, &phdr, packet_buf, &wrt_err, &wrt_err_info)) {
switch (wrt_err) {
case WTAP_ERR_UNWRITABLE_REC_DATA:
g_free(wrt_err_info);
break;
default:
break;
}
g_free(packet_buf);
return WTAP_OPEN_ERROR;
}
/* Advance *packet_buf to point at the raw file data */
curr_pos = packet_buf + 12;
/* Lets add the raw messages as packets after the main "packet" with the whole file */
while ((curr_pos = strstr(curr_pos, "<msg")) != NULL){
wtap_open_return_val temp_val;
curr_pos = curr_pos + 4;
next_pos = strstr(curr_pos, "</msg>");
if (!next_pos){
/* Somethings wrong, bail out */
break;
}
next_pos = next_pos + 6;
/* Do we have a raw msg?) */
curr_pos = strstr(curr_pos, "<rawMsg");
if (!curr_pos){
/* No rawMsg, continue */
curr_pos = next_pos;
continue;
}
curr_pos = curr_pos + 7;
/* Add the raw msg*/
temp_val = write_packet_data(wdh_exp_pdu, &phdr, &wrt_err, &wrt_err_info, curr_pos);
if (temp_val != WTAP_OPEN_MINE){
g_free(packet_buf);
return temp_val;
}
curr_pos = next_pos;
}
/* Close the written file*/
if (!wtap_dump_close(wdh_exp_pdu, err)){
g_free(packet_buf);
return WTAP_OPEN_ERROR;
}
g_free(packet_buf);
/* Now open the file for reading */
/* Find out if random read was requested */
if (wth->random_fh){
do_random = TRUE;
}
file_info->wth_tmp_file =
wtap_open_offline(file_info->tmpname, WTAP_TYPE_AUTO, err, err_info, do_random);
if (!file_info->wth_tmp_file){
return WTAP_OPEN_ERROR;
}
return WTAP_OPEN_MINE;
}
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
char *tmpname, *capfile_name;
int err;
/* pcapng defs */
wtap_optionblock_t shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtap_optionblock_t int_data;
wtapng_if_descr_mandatory_t *int_data_mand;
GString *os_info_str;
gchar *opt_comment, *wireshark_ver;
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);
/* options */
opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
g_free(opt_comment);
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
g_free(wireshark_ver);
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
/* create the fake interface data */
int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE;
wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);
g_array_append_val(idb_inf->interface_data, int_data);
/* Use a random name for the temporary import buffer */
exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_",
WTAP_FILE_TYPE_SUBTYPE_PCAPNG,
WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE,
FALSE, shb_hdr, idb_inf, NULL, &err);
capfile_name = g_strdup(tmpname);
if (exp_pdu_tap_data->wdh == NULL) {
open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE);
goto end;
}
/* Run the tap */
cf_retap_packets(&cfile);
if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
write_failure_alert_box(capfile_name, err);
}
remove_tap_listener(exp_pdu_tap_data);
/* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
open_failure_alert_box(capfile_name, err, FALSE);
goto end;
}
switch (cf_read(&cfile, FALSE)) {
case CF_READ_OK:
case CF_READ_ERROR:
/* Just because we got an error, that doesn't mean we were unable
to read any of the file; we handle what we could get from the
file. */
break;
case CF_READ_ABORTED:
/* The user bailed out of re-reading the capture file; the
capture file has been closed - just free the capture file name
string and return (without changing the last containing
directory). */
break;
}
end:
g_free(capfile_name);
wtap_optionblock_free(shb_hdr);
wtap_free_idb_info(idb_inf);
}
int
exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
{
int err;
/* pcapng defs */
wtap_optionblock_t shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtap_optionblock_t int_data;
wtapng_if_descr_mandatory_t *int_data_mand;
GString *os_info_str;
gchar *opt_comment, *wireshark_ver;
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);
/* options */
opt_comment = comment;
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
g_free(opt_comment);
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
g_free(wireshark_ver);
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
/* create the fake interface data */
int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE;
wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);
g_array_append_val(idb_inf->interface_data, int_data);
/* Use a random name for the temporary import buffer */
exp_pdu_tap_data->wdh = wtap_dump_fdopen_ng(fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE,
shb_hdr, idb_inf, NULL, &err);
if (exp_pdu_tap_data->wdh == NULL) {
g_assert(err != 0);
return err;
}
return 0;
}
int
main(int argc, char *argv[])
{
int opt;
gboolean do_append = FALSE;
gboolean verbose = FALSE;
int in_file_count = 0;
guint snaplen = 0;
#ifdef PCAP_NG_DEFAULT
int file_type = WTAP_FILE_TYPE_SUBTYPE_PCAPNG; /* default to pcap format */
#else
int file_type = WTAP_FILE_TYPE_SUBTYPE_PCAP; /* default to pcapng format */
#endif
int frame_type = -2;
int out_fd;
merge_in_file_t *in_files = NULL, *in_file;
int i;
struct wtap_pkthdr *phdr, snap_phdr;
wtap_dumper *pdh;
int open_err, read_err = 0, write_err, close_err;
gchar *err_info;
int err_fileno;
char *out_filename = NULL;
gboolean got_read_error = FALSE, got_write_error = FALSE;
int count;
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
/* Process the options first */
while ((opt = getopt(argc, argv, "aF:hs:T:vw:")) != -1) {
switch (opt) {
case 'a':
do_append = !do_append;
break;
case 'F':
file_type = wtap_short_string_to_file_type_subtype(optarg);
if (file_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid capture file type\n",
optarg);
list_capture_types();
exit(1);
}
break;
case 'h':
usage(FALSE);
exit(0);
break;
case 's':
snaplen = get_positive_int(optarg, "snapshot length");
break;
case 'T':
frame_type = wtap_short_string_to_encap(optarg);
if (frame_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid encapsulation type\n",
optarg);
list_encap_types();
exit(1);
}
break;
case 'v':
verbose = TRUE;
break;
case 'w':
out_filename = optarg;
break;
case '?': /* Bad options if GNU getopt */
switch(optopt) {
case'F':
list_capture_types();
break;
case'T':
list_encap_types();
break;
default:
usage(TRUE);
}
exit(1);
break;
}
}
/* check for proper args; at a minimum, must have an output
* filename and one input file
*/
in_file_count = argc - optind;
if (!out_filename) {
fprintf(stderr, "mergecap: an output filename must be set with -w\n");
fprintf(stderr, " run with -h for help\n");
return 1;
}
if (in_file_count < 1) {
fprintf(stderr, "mergecap: No input files were specified\n");
return 1;
}
/* open the input files */
if (!merge_open_in_files(in_file_count, &argv[optind], &in_files,
&open_err, &err_info, &err_fileno)) {
fprintf(stderr, "mergecap: Can't open %s: %s\n", argv[optind + err_fileno],
wtap_strerror(open_err));
switch (open_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
return 2;
}
if (verbose) {
for (i = 0; i < in_file_count; i++)
fprintf(stderr, "mergecap: %s is type %s.\n", argv[optind + i],
wtap_file_type_subtype_string(wtap_file_type_subtype(in_files[i].wth)));
}
if (snaplen == 0) {
/*
* Snapshot length not specified - default to the maximum of the
* snapshot lengths of the input files.
*/
snaplen = merge_max_snapshot_length(in_file_count, in_files);
}
/* set the outfile frame type */
if (frame_type == -2) {
/*
* Default to the appropriate frame type for the input files.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
if (verbose) {
if (frame_type == WTAP_ENCAP_PER_PACKET) {
/*
* Find out why we had to choose WTAP_ENCAP_PER_PACKET.
*/
int first_frame_type, this_frame_type;
first_frame_type = wtap_file_encap(in_files[0].wth);
for (i = 1; i < in_file_count; i++) {
this_frame_type = wtap_file_encap(in_files[i].wth);
if (first_frame_type != this_frame_type) {
fprintf(stderr, "mergecap: multiple frame encapsulation types detected\n");
fprintf(stderr, " defaulting to WTAP_ENCAP_PER_PACKET\n");
fprintf(stderr, " %s had type %s (%s)\n",
in_files[0].filename,
wtap_encap_string(first_frame_type),
wtap_encap_short_string(first_frame_type));
fprintf(stderr, " %s had type %s (%s)\n",
in_files[i].filename,
wtap_encap_string(this_frame_type),
wtap_encap_short_string(this_frame_type));
break;
}
}
}
fprintf(stderr, "mergecap: selected frame_type %s (%s)\n",
wtap_encap_string(frame_type),
wtap_encap_short_string(frame_type));
}
}
/* open the outfile */
if (strncmp(out_filename, "-", 2) == 0) {
/* use stdout as the outfile */
out_fd = 1 /*stdout*/;
} else {
/* open the outfile */
out_fd = ws_open(out_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (out_fd == -1) {
fprintf(stderr, "mergecap: Couldn't open output file %s: %s\n",
out_filename, g_strerror(errno));
exit(1);
}
}
/* prepare the outfile */
if(file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG ){
wtapng_section_t *shb_hdr;
GString *comment_gstr;
wtapng_iface_descriptions_t *idb_inf = NULL, *idb_inf_merge_file;
wtapng_if_descr_t int_data, *file_int_data;
guint8 if_tsresol = 6;
guint64 time_units_per_second = 1000000;
shb_hdr = g_new(wtapng_section_t,1);
comment_gstr = g_string_new("File created by merging: \n");
for (i = 0; i < in_file_count; i++) {
g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename);
}
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = comment_gstr->str; /* NULL if not available */
shb_hdr->shb_hardware = NULL; /* NULL if not available, UTF-8 string containing the description of the hardware used to create this section. */
shb_hdr->shb_os = NULL; /* NULL if not available, UTF-8 string containing the name of the operating system used to create this section. */
shb_hdr->shb_user_appl = "mergecap"; /* NULL if not available, UTF-8 string containing the name of the application used to create this section. */
for (i = 0; i < in_file_count; i++) {
idb_inf_merge_file = wtap_file_get_idb_info(in_files[i].wth);
file_int_data = &g_array_index (idb_inf_merge_file->interface_data, wtapng_if_descr_t, 0);
if (file_int_data->time_units_per_second > time_units_per_second) {
time_units_per_second = file_int_data->time_units_per_second;
if_tsresol = file_int_data->if_tsresol;
}
g_free(idb_inf_merge_file);
}
if (time_units_per_second > 1000000) {
/* We are using a better than microsecond precision; let's create a fake IDB */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t));
int_data.wtap_encap = frame_type;
int_data.time_units_per_second = time_units_per_second;
int_data.link_type = wtap_wtap_encap_to_pcap_encap(frame_type);
int_data.snap_len = snaplen;
int_data.if_name = g_strdup("Unknown/not available in original file format(libpcap)");
int_data.opt_comment = NULL;
int_data.if_description = NULL;
int_data.if_speed = 0;
int_data.if_tsresol = if_tsresol;
int_data.if_filter_str = NULL;
int_data.bpf_filter_len = 0;
int_data.if_filter_bpf_bytes = NULL;
int_data.if_os = NULL;
int_data.if_fcslen = -1;
int_data.num_stat_entries = 0; /* Number of ISB:s */
int_data.interface_statistics = NULL;
g_array_append_val(idb_inf->interface_data, int_data);
}
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdr, idb_inf, &open_err);
g_string_free(comment_gstr, TRUE);
} else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, &open_err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
fprintf(stderr, "mergecap: Can't open or create %s: %s\n", out_filename,
wtap_strerror(open_err));
exit(1);
}
/* do the merge (or append) */
count = 1;
for (;;) {
if (do_append)
in_file = merge_append_read_packet(in_file_count, in_files, &read_err,
&err_info);
else
in_file = merge_read_packet(in_file_count, in_files, &read_err,
&err_info);
if (in_file == NULL) {
/* EOF */
break;
}
if (read_err != 0) {
/* I/O error reading from in_file */
got_read_error = TRUE;
break;
}
if (verbose)
fprintf(stderr, "Record: %u\n", count++);
/* We simply write it, perhaps after truncating it; we could do other
* things, like modify it. */
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), &write_err)) {
got_write_error = TRUE;
break;
}
}
merge_close_in_files(in_file_count, in_files);
if (!got_write_error) {
if (!wtap_dump_close(pdh, &write_err))
got_write_error = TRUE;
} else {
/*
* We already got a write error; no need to report another
* write error on close.
*
* Don't overwrite the earlier write error.
*/
(void)wtap_dump_close(pdh, &close_err);
}
if (got_read_error) {
/*
* Find the file on which we got the error, and report the error.
*/
for (i = 0; i < in_file_count; i++) {
if (in_files[i].state == GOT_ERROR) {
fprintf(stderr, "mergecap: Error reading %s: %s\n",
in_files[i].filename, wtap_strerror(read_err));
switch (read_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
}
}
}
if (got_write_error) {
switch (write_err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
/*
* This is a problem with the particular frame we're writing and
* the file type and subtype we're wwriting; note that, and
* report the frame number and file type/subtype.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" has a network type that can't be saved in a \"%s\" file.\n",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type));
break;
case WTAP_ERR_PACKET_TOO_LARGE:
/*
* This is a problem with the particular frame we're writing and
* the file type and subtype we're wwriting; note that, and
* report the frame number and file type/subtype.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" is too large for a \"%s\" file\n.",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type));
break;
default:
fprintf(stderr, "mergecap: Error writing to outfile: %s\n",
wtap_strerror(write_err));
break;
}
}
g_free(in_files);
return (!got_read_error && !got_write_error) ? 0 : 2;
}
