gchar *follow_filter;
const gchar *previous_filter;
int filter_out_filter_len;
const char *hostname0, *hostname1;
char *port0, *port1;
gchar *server_to_client_string = NULL;
gchar *client_to_server_string = NULL;
gchar *both_directions_string = NULL;
follow_info_t *follow_info;
gtk_follow_info_t *gtk_follow_info;
GString *msg;
gboolean is_follow = FALSE;
guint32 ignore_stream;
char stream_window_title[256];
is_follow = proto_is_frame_protocol(cfile.edt->pi.layers, proto_get_protocol_filter_name(get_follow_proto_id(follower)));
if (!is_follow) {
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
"Error following stream. Please make\n"
"sure you have a %s packet selected.", proto_get_protocol_short_name(find_protocol_by_id(get_follow_proto_id(follower))));
return;
}
gtk_follow_info = g_new0(gtk_follow_info_t, 1);
follow_info = g_new0(follow_info_t, 1);
gtk_follow_info->read_stream = read_stream_func;
follow_info->gui_data = gtk_follow_info;
/* Create a new filter that matches all packets in the TCP stream,
and set the display filter entry accordingly */
const gchar *previous_filter;
int filter_out_filter_len;
const char *hostname0, *hostname1;
char *port0, *port1;
gchar *server_to_client_string = NULL;
gchar *client_to_server_string = NULL;
gchar *both_directions_string = NULL;
follow_stats_t stats;
follow_info_t *follow_info;
tcp_stream_chunk sc;
size_t nchars;
gchar *data_out_filename;
char stream_window_title[256];
gboolean is_tcp = FALSE;
is_tcp = proto_is_frame_protocol(cfile.edt->pi.layers, "tcp");
if (!is_tcp) {
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
"Error following stream. Please make\n"
"sure you have a TCP packet selected.");
return;
}
follow_info = g_new0(follow_info_t, 1);
follow_info->follow_type = FOLLOW_TCP;
/* Create a new filter that matches all packets in the TCP stream,
and set the display filter entry accordingly */
reset_tcp_reassembly();
follow_filter = build_follow_conv_filter(&cfile.edt->pi);
bool FollowStreamDialog::follow(QString previous_filter, bool use_stream_index, int stream_num)
{
QString follow_filter;
const char *hostname0 = NULL, *hostname1 = NULL;
char *port0 = NULL, *port1 = NULL;
QString server_to_client_string;
QString client_to_server_string;
QString both_directions_string;
gboolean is_follower = FALSE;
resetStream();
if (file_closed_)
{
QMessageBox::warning(this, tr("No capture file."), tr("Please make sure you have a capture file opened."));
return false;
}
if (cap_file_.capFile()->edt == NULL)
{
QMessageBox::warning(this, tr("Error following stream."), tr("Capture file invalid."));
return false;
}
is_follower = proto_is_frame_protocol(cap_file_.capFile()->edt->pi.layers, proto_get_protocol_filter_name(get_follow_proto_id(follower_)));
if (!is_follower) {
QMessageBox::warning(this, tr("Error following stream."), tr("Please make sure you have a %1 packet selected.").arg
(proto_get_protocol_short_name(find_protocol_by_id(get_follow_proto_id(follower_)))));
return false;
}
if (follow_type_ == FOLLOW_SSL)
{
/* we got ssl so we can follow */
removeStreamControls();
}
follow_reset_stream(&follow_info_);
/* Create a new filter that matches all packets in the TCP stream,
and set the display filter entry accordingly */
if (use_stream_index) {
follow_filter = gchar_free_to_qstring(get_follow_index_func(follower_)(stream_num));
} else {
follow_filter = gchar_free_to_qstring(get_follow_conv_func(follower_)(&cap_file_.capFile()->edt->pi, &stream_num));
}
if (follow_filter.isEmpty()) {
QMessageBox::warning(this,
tr("Error creating filter for this stream."),
tr("A transport or network layer header is needed."));
return false;
}
/* append the negation */
if(!previous_filter.isEmpty()) {
filter_out_filter_ = QString("%1 and !(%2)")
.arg(previous_filter).arg(follow_filter);
}
else
{
filter_out_filter_ = QString("!(%1)").arg(follow_filter);
}
/* data will be passed via tap callback*/
if (!registerTapListener(get_follow_tap_string(follower_), &follow_info_,
follow_filter.toUtf8().constData(),
0, NULL, get_follow_tap_handler(follower_), NULL)) {
return false;
}
switch (follow_type_)
{
case FOLLOW_TCP:
{
int stream_count = get_tcp_stream_count();
ui->streamNumberSpinBox->blockSignals(true);
ui->streamNumberSpinBox->setMaximum(stream_count-1);
ui->streamNumberSpinBox->setValue(stream_num);
ui->streamNumberSpinBox->blockSignals(false);
ui->streamNumberSpinBox->setToolTip(tr("%Ln total stream(s).", "", stream_count));
ui->streamNumberLabel->setToolTip(ui->streamNumberSpinBox->toolTip());
break;
}
case FOLLOW_UDP:
{
int stream_count = get_udp_stream_count();
ui->streamNumberSpinBox->blockSignals(true);
ui->streamNumberSpinBox->setMaximum(stream_count-1);
ui->streamNumberSpinBox->setValue(stream_num);
ui->streamNumberSpinBox->blockSignals(false);
ui->streamNumberSpinBox->setToolTip(tr("%Ln total stream(s).", "", stream_count));
ui->streamNumberLabel->setToolTip(ui->streamNumberSpinBox->toolTip());
break;
}
case FOLLOW_SSL:
case FOLLOW_HTTP:
/* No extra handling */
break;
}
beginRetapPackets();
updateWidgets(true);
/* Run the display filter so it goes in effect - even if it's the
same as the previous display filter. */
emit updateFilter(follow_filter, TRUE);
removeTapListeners();
hostname0 = address_to_name(&follow_info_.client_ip);
hostname1 = address_to_name(&follow_info_.server_ip);
port0 = get_follow_port_to_display(follower_)(NULL, follow_info_.client_port);
port1 = get_follow_port_to_display(follower_)(NULL, follow_info_.server_port);
server_to_client_string =
QString("%1:%2 %3 %4:%5 (%6)")
.arg(hostname0).arg(port0)
.arg(UTF8_RIGHTWARDS_ARROW)
.arg(hostname1).arg(port1)
.arg(gchar_free_to_qstring(format_size(
follow_info_.bytes_written[0],
format_size_unit_bytes|format_size_prefix_si)));
client_to_server_string =
QString("%1:%2 %3 %4:%5 (%6)")
.arg(hostname1).arg(port1)
.arg(UTF8_RIGHTWARDS_ARROW)
.arg(hostname0).arg(port0)
.arg(gchar_free_to_qstring(format_size(
follow_info_.bytes_written[1],
format_size_unit_bytes|format_size_prefix_si)));
wmem_free(NULL, port0);
wmem_free(NULL, port1);
both_directions_string = QString("Entire conversation (%1)")
.arg(gchar_free_to_qstring(format_size(
follow_info_.bytes_written[0] + follow_info_.bytes_written[1],
format_size_unit_bytes|format_size_prefix_si)));
setWindowSubtitle(tr("Follow %1 Stream (%2)").arg(proto_get_protocol_short_name(find_protocol_by_id(get_follow_proto_id(follower_))))
.arg(follow_filter));
ui->cbDirections->clear();
ui->cbDirections->addItem(both_directions_string);
ui->cbDirections->addItem(client_to_server_string);
ui->cbDirections->addItem(server_to_client_string);
followStream();
fillHintLabel(-1);
updateWidgets(false);
endRetapPackets();
return true;
}
