void PacketList::writeRecent(FILE *rf) {
gint col, width, col_fmt;
gchar xalign;
fprintf (rf, "%s:", RECENT_KEY_COL_WIDTH);
for (col = 0; col < packet_list_model_->columnCount(); col++) {
if (col > 0) {
fprintf (rf, ",");
}
col_fmt = get_column_format(col);
if (col_fmt == COL_CUSTOM) {
fprintf (rf, " %%Cus:%s,", get_column_custom_field(col));
} else {
fprintf (rf, " %s,", col_format_to_string(col_fmt));
}
width = columnWidth(col);
xalign = recent_get_column_xalign (col);
if (width == 0) {
/* We have not initialized the packet list yet, use old values */
width = recent_get_column_width (col);
}
fprintf (rf, " %d", width);
if (xalign != COLUMN_XALIGN_DEFAULT) {
fprintf (rf, ":%c", xalign);
}
}
fprintf (rf, "\n");
}
void
build_column_format_array(column_info *cinfo, const gint num_cols, const gboolean reset_fences)
{
int i;
/* Build the column format array */
col_setup(cinfo, num_cols);
for (i = 0; i < cinfo->num_cols; i++) {
cinfo->col_fmt[i] = get_column_format(i);
cinfo->col_title[i] = g_strdup(get_column_title(i));
if (cinfo->col_fmt[i] == COL_CUSTOM) {
cinfo->col_custom_field[i] = g_strdup(get_column_custom_field(i));
if(!dfilter_compile(cinfo->col_custom_field[i], &cinfo->col_custom_dfilter[i])) {
/* XXX: Should we issue a warning? */
g_free(cinfo->col_custom_field[i]);
cinfo->col_custom_field[i] = NULL;
cinfo->col_custom_dfilter[i] = NULL;
}
} else {
cinfo->col_custom_field[i] = NULL;
cinfo->col_custom_dfilter[i] = NULL;
}
cinfo->fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) * NUM_COL_FMTS);
get_column_format_matches(cinfo->fmt_matx[i], cinfo->col_fmt[i]);
cinfo->col_data[i] = NULL;
if (cinfo->col_fmt[i] == COL_INFO)
cinfo->col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_INFO_LEN);
else
cinfo->col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
if(reset_fences)
cinfo->col_fence[i] = 0;
cinfo->col_expr.col_expr[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cinfo->col_expr.col_expr_val[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
}
cinfo->col_expr.col_expr[i] = NULL;
cinfo->col_expr.col_expr_val[i] = NULL;
for (i = 0; i < cinfo->num_cols; i++) {
int j;
for (j = 0; j < NUM_COL_FMTS; j++) {
if (!cinfo->fmt_matx[i][j])
continue;
if (cinfo->col_first[j] == -1)
cinfo->col_first[j] = i;
cinfo->col_last[j] = i;
}
}
}
void PacketList::showEvent (QShowEvent *event) {
Q_UNUSED(event);
for (int i = 0; i < prefs.num_cols; i++) {
int fmt, col_width;
const char *long_str;
fmt = get_column_format(i);
long_str = get_column_width_string(fmt, i);
if (long_str) {
col_width = packet_list_model_->columnTextSize(long_str);
} else {
col_width = packet_list_model_->columnTextSize(MIN_COL_WIDTH_STR);
}
setColumnWidth(i, col_width);
}
setColumnVisibility();
}
void PacketList::showEvent (QShowEvent *event) {
Q_UNUSED(event);
if (!cap_file_) return;
for (int i = 0; i < cap_file_->cinfo.num_cols; i++) {
int fmt, col_width;
const char *long_str;
fmt = get_column_format(i);
long_str = get_column_width_string(fmt, i);
if (long_str) {
col_width = wsApp->monospaceTextSize(long_str);
} else {
col_width = wsApp->monospaceTextSize(MIN_COL_WIDTH_STR);
}
setColumnWidth(i, col_width);
}
}
int
main(int argc, char *argv[])
{
char *init_progfile_dir_error;
int opt, i;
extern char *optarg;
gboolean arg_error = FALSE;
#ifdef _WIN32
WSADATA wsaData;
#endif /* _WIN32 */
char *gpf_path, *pf_path;
char *gdp_path, *dp_path;
int gpf_open_errno, gpf_read_errno;
int pf_open_errno, pf_read_errno;
int gdp_open_errno, gdp_read_errno;
int dp_open_errno, dp_read_errno;
int err;
gchar *pipe_name = NULL;
gchar *rfilters[64];
e_prefs *prefs;
char badopt;
GLogLevelFlags log_flags;
GPtrArray *disp_fields = g_ptr_array_new();
guint fc;
gboolean skip_pcap_header = FALSE;
#define OPTSTRING_INIT "d:F:hlnN:o:r:R:sS:t:v"
static const char optstring[] = OPTSTRING_INIT;
/*
* Get credential information for later use.
*/
get_credential_info();
/*
* Clear the filters arrays
*/
memset(rfilters, 0, sizeof(rfilters));
memset(rfcodes, 0, sizeof(rfcodes));
n_rfilters = 0;
n_rfcodes = 0;
/*
* Initialize our string format
*/
string_fmts = g_ptr_array_new();
/*
* Attempt to get the pathname of the executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "rawshark: Can't get pathname of rawshark program: %s.\n",
init_progfile_dir_error);
}
/*
* Get credential information for later use.
*/
get_credential_info();
/* nothing more than the standard GLib handler, but without a warning */
log_flags =
G_LOG_LEVEL_WARNING |
G_LOG_LEVEL_MESSAGE |
G_LOG_LEVEL_INFO |
G_LOG_LEVEL_DEBUG;
g_log_set_handler(NULL,
log_flags,
log_func_ignore, NULL /* user_data */);
g_log_set_handler(LOG_DOMAIN_CAPTURE_CHILD,
log_flags,
log_func_ignore, NULL /* user_data */);
timestamp_set_type(TS_RELATIVE);
timestamp_set_precision(TS_PREC_AUTO);
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL,
failure_message, open_failure_message, read_failure_message,
write_failure_message);
/* Now register the preferences for any non-dissector modules.
We must do that before we read the preferences as well. */
prefs_register_modules();
/* Set the C-language locale to the native environment. */
setlocale(LC_ALL, "");
prefs = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
if (gpf_path != NULL) {
if (gpf_open_errno != 0) {
cmdarg_err("Can't open global preferences file \"%s\": %s.",
pf_path, strerror(gpf_open_errno));
}
if (gpf_read_errno != 0) {
cmdarg_err("I/O error reading global preferences file \"%s\": %s.",
pf_path, strerror(gpf_read_errno));
}
}
if (pf_path != NULL) {
if (pf_open_errno != 0) {
cmdarg_err("Can't open your preferences file \"%s\": %s.", pf_path,
strerror(pf_open_errno));
}
if (pf_read_errno != 0) {
cmdarg_err("I/O error reading your preferences file \"%s\": %s.",
pf_path, strerror(pf_read_errno));
}
g_free(pf_path);
pf_path = NULL;
}
/* Set the name resolution code's flags from the preferences. */
g_resolv_flags = prefs->name_resolve;
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
if (gdp_path != NULL) {
if (gdp_open_errno != 0) {
cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_open_errno));
}
if (gdp_read_errno != 0) {
cmdarg_err("I/O error reading global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_read_errno));
}
g_free(gdp_path);
}
if (dp_path != NULL) {
if (dp_open_errno != 0) {
cmdarg_err(
"Could not open your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_open_errno));
}
if (dp_read_errno != 0) {
cmdarg_err(
"I/O error reading your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_read_errno));
}
g_free(dp_path);
}
#ifdef _WIN32
/* Load Wpcap, if possible */
load_wpcap();
#endif
init_cap_file(&cfile);
/* Assemble the compile-time version information string */
comp_info_str = g_string_new("Compiled ");
get_compiled_version_info(comp_info_str, get_epan_compiled_version_info);
/* Assemble the run-time version information string */
runtime_info_str = g_string_new("Running ");
get_runtime_version_info(runtime_info_str, NULL);
/* Print format defaults to this. */
print_format = PR_FMT_TEXT;
/* Initialize our encapsulation type */
encap = WTAP_ENCAP_UNKNOWN;
/* Now get our args */
/* XXX - We should probably have an option to dump libpcap link types */
while ((opt = getopt(argc, argv, optstring)) != -1) {
switch (opt) {
case 'd': /* Payload type */
if (!set_link_type(optarg)) {
cmdarg_err("Invalid link type or protocol \"%s\"", optarg);
exit(1);
}
break;
case 'F': /* Read field to display */
g_ptr_array_add(disp_fields, g_strdup(optarg));
break;
case 'h': /* Print help and exit */
print_usage(TRUE);
exit(0);
break;
case 'l': /* "Line-buffer" standard output */
/* This isn't line-buffering, strictly speaking, it's just
flushing the standard output after the information for
each packet is printed; however, that should be good
enough for all the purposes to which "-l" is put (and
is probably actually better for "-V", as it does fewer
writes).
See the comment in "process_packet()" for an explanation of
why we do that, and why we don't just use "setvbuf()" to
make the standard output line-buffered (short version: in
Windows, "line-buffered" is the same as "fully-buffered",
and the output buffer is only flushed when it fills up). */
line_buffered = TRUE;
break;
case 'n': /* No name resolution */
g_resolv_flags = RESOLV_NONE;
break;
case 'N': /* Select what types of addresses/port #s to resolve */
if (g_resolv_flags == RESOLV_ALL)
g_resolv_flags = RESOLV_NONE;
badopt = string_to_name_resolve(optarg, &g_resolv_flags);
if (badopt != '\0') {
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'",
badopt);
exit(1);
}
break;
case 'o': /* Override preference from command line */
switch (prefs_set_pref(optarg)) {
case PREFS_SET_OK:
break;
case PREFS_SET_SYNTAX_ERR:
cmdarg_err("Invalid -o flag \"%s\"", optarg);
exit(1);
break;
case PREFS_SET_NO_SUCH_PREF:
case PREFS_SET_OBSOLETE:
cmdarg_err("-o flag \"%s\" specifies unknown preference", optarg);
exit(1);
break;
}
break;
case 'r': /* Read capture file xxx */
pipe_name = g_strdup(optarg);
break;
case 'R': /* Read file filter */
if(n_rfilters < (int) sizeof(rfilters) / (int) sizeof(rfilters[0])) {
rfilters[n_rfilters++] = optarg;
}
else {
cmdarg_err("Too many display filters");
exit(1);
}
break;
case 's': /* Skip PCAP header */
skip_pcap_header = TRUE;
break;
case 'S': /* Print string representations */
if (!parse_field_string_format(optarg)) {
cmdarg_err("Invalid field string format");
exit(1);
}
break;
case 't': /* Time stamp type */
if (strcmp(optarg, "r") == 0)
timestamp_set_type(TS_RELATIVE);
else if (strcmp(optarg, "a") == 0)
timestamp_set_type(TS_ABSOLUTE);
else if (strcmp(optarg, "ad") == 0)
timestamp_set_type(TS_ABSOLUTE_WITH_DATE);
else if (strcmp(optarg, "d") == 0)
timestamp_set_type(TS_DELTA);
else if (strcmp(optarg, "dd") == 0)
timestamp_set_type(TS_DELTA_DIS);
else if (strcmp(optarg, "e") == 0)
timestamp_set_type(TS_EPOCH);
else {
cmdarg_err("Invalid time stamp type \"%s\"",
optarg);
cmdarg_err_cont("It must be \"r\" for relative, \"a\" for absolute,");
cmdarg_err_cont("\"ad\" for absolute with date, or \"d\" for delta.");
exit(1);
}
break;
case 'v': /* Show version and exit */
printf("Rawshark " VERSION "%s\n"
"\n"
"%s"
"\n"
"%s"
"\n"
"%s",
wireshark_svnversion, get_copyright_info(), comp_info_str->str,
runtime_info_str->str);
exit(0);
break;
default:
case '?': /* Bad flag - print usage message */
print_usage(TRUE);
exit(1);
break;
}
}
/* Notify all registered modules that have had any of their preferences
changed either from one of the preferences file or from the command
line that their preferences have changed.
Initialize preferences before display filters, otherwise modules
like MATE won't work. */
prefs_apply_all();
/* Initialize our display fields */
for (fc = 0; fc < disp_fields->len; fc++) {
protocolinfo_init(g_ptr_array_index(disp_fields, fc));
}
g_ptr_array_free(disp_fields, TRUE);
printf("\n");
fflush(stdout);
/* If no capture filter or read filter has been specified, and there are
still command-line arguments, treat them as the tokens of a capture
filter (if no "-r" flag was specified) or a read filter (if a "-r"
flag was specified. */
if (optind < argc) {
if (pipe_name != NULL) {
if (n_rfilters != 0) {
cmdarg_err("Read filters were specified both with \"-R\" "
"and with additional command-line arguments");
exit(1);
}
rfilters[n_rfilters] = get_args_as_string(argc, argv, optind);
}
}
/* Make sure we got a dissector handle for our payload. */
if (encap == WTAP_ENCAP_UNKNOWN) {
cmdarg_err("No valid payload dissector specified.");
exit(1);
}
if (arg_error) {
print_usage(FALSE);
exit(1);
}
#ifdef _WIN32
/* Start windows sockets */
WSAStartup( MAKEWORD( 1, 1 ), &wsaData );
#endif /* _WIN32 */
/* At this point MATE will have registered its field array so we can
have a tap filter with one of MATE's late-registered fields as part
of the filter. We can now process all the "-z" arguments. */
start_requested_stats();
/* disabled protocols as per configuration file */
if (gdp_path == NULL && dp_path == NULL) {
set_disabled_protos_list();
}
/* Build the column format array */
col_setup(&cfile.cinfo, prefs->num_cols);
for (i = 0; i < cfile.cinfo.num_cols; i++) {
cfile.cinfo.col_fmt[i] = get_column_format(i);
cfile.cinfo.col_title[i] = g_strdup(get_column_title(i));
cfile.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) *
NUM_COL_FMTS);
get_column_format_matches(cfile.cinfo.fmt_matx[i], cfile.cinfo.col_fmt[i]);
cfile.cinfo.col_data[i] = NULL;
if (cfile.cinfo.col_fmt[i] == COL_INFO)
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_INFO_LEN);
else
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_fence[i] = 0;
cfile.cinfo.col_expr.col_expr[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_expr.col_expr_val[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
}
for (i = 0; i < cfile.cinfo.num_cols; i++) {
int j;
for (j = 0; j < NUM_COL_FMTS; j++) {
if (!cfile.cinfo.fmt_matx[i][j])
continue;
if (cfile.cinfo.col_first[j] == -1)
cfile.cinfo.col_first[j] = i;
cfile.cinfo.col_last[j] = i;
}
}
if (n_rfilters != 0) {
for (i = 0; i < n_rfilters; i++) {
if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes])) {
cmdarg_err("%s", dfilter_error_msg);
epan_cleanup();
exit(2);
}
n_rfcodes++;
}
}
if (pipe_name) {
/*
* We're reading a pipe (or capture file).
*/
/*
* Immediately relinquish any special privileges we have; we must not
* be allowed to read any capture files the user running Rawshark
* can't open.
*/
relinquish_special_privs_perm();
if (raw_cf_open(&cfile, pipe_name) != CF_OK) {
epan_cleanup();
exit(2);
}
/* Do we need to PCAP header and magic? */
if (skip_pcap_header) {
guint bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32);
gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)];
while (bytes_left > 0) {
guint bytes = read(fd, buf, bytes_left);
if (bytes <= 0) {
cmdarg_err("Not enough bytes for pcap header.");
exit(2);
}
bytes_left -= bytes;
}
}
/* Set timestamp precision; there should arguably be a command-line
option to let the user set this. */
#if 0
switch(wtap_file_tsprecision(cfile.wth)) {
case(WTAP_FILE_TSPREC_SEC):
timestamp_set_precision(TS_PREC_AUTO_SEC);
break;
case(WTAP_FILE_TSPREC_DSEC):
timestamp_set_precision(TS_PREC_AUTO_DSEC);
break;
case(WTAP_FILE_TSPREC_CSEC):
timestamp_set_precision(TS_PREC_AUTO_CSEC);
break;
case(WTAP_FILE_TSPREC_MSEC):
timestamp_set_precision(TS_PREC_AUTO_MSEC);
break;
case(WTAP_FILE_TSPREC_USEC):
timestamp_set_precision(TS_PREC_AUTO_USEC);
break;
case(WTAP_FILE_TSPREC_NSEC):
timestamp_set_precision(TS_PREC_AUTO_NSEC);
break;
default:
g_assert_not_reached();
}
#else
timestamp_set_precision(TS_PREC_AUTO_USEC);
#endif
/* Process the packets in the file */
err = load_cap_file(&cfile);
if (err != 0) {
epan_cleanup();
exit(2);
}
} else {
/* If you want to capture live packets, use TShark. */
cmdarg_err("Input file or pipe name not specified.");
exit(2);
}
epan_cleanup();
return 0;
}