void
wtap_write_shb_comment(wtap *wth, gchar *comment)
{
if ((wth != NULL) && (wth->shb_hdrs != NULL) && (wth->shb_hdrs->len > 0)) {
wtap_optionblock_set_option_string(g_array_index(wth->shb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, (gsize)(comment ? strlen(comment) : 0));
}
}
/* creates a section header block for the new output file */
static wtap_optionblock_t
create_shb_header(const merge_in_file_t *in_files, const guint in_file_count,
const gchar *app_name)
{
wtap_optionblock_t shb_hdr;
GString *comment_gstr;
GString *os_info_str;
guint i;
char* shb_comment = NULL;
wtapng_mandatory_section_t* shb_data;
shb_hdr = wtap_file_get_shb_for_new_file(in_files[0].wth);
comment_gstr = g_string_new("");
/* TODO: merge comments from all files */
wtap_optionblock_get_option_string(shb_hdr, OPT_COMMENT, &shb_comment);
/* very lame way to save comments - does not save them from the other files */
if (shb_comment && strlen(shb_comment) > 0) {
g_string_append_printf(comment_gstr, "%s \n",shb_comment);
}
g_string_append_printf(comment_gstr, "File created by merging: \n");
for (i = 0; i < in_file_count; i++) {
g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename);
}
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_data = (wtapng_mandatory_section_t*)wtap_optionblock_get_mandatory_data(shb_hdr);
shb_data->section_length = -1;
/* TODO: handle comments from each file being merged */
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, g_string_free(comment_gstr, TRUE)); /* section comment */
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_HARDWARE, NULL ); /* NULL if not available, UTF-8 string containing the */
/* description of the hardware used to create this section. */
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE)); /* UTF-8 string containing the name */
/* of the operating system used to create this section. */
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, (char*)app_name ); /* NULL if not available, UTF-8 string containing the name */
/* of the application used to create this section. */
return shb_hdr;
}
void
wtap_write_nrb_comment(wtap *wth, gchar *comment)
{
wtap_optionblock_t nrb;
g_assert(wth);
if (wth == NULL)
return;
if (wth->nrb_hdrs == NULL) {
wth->nrb_hdrs = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
nrb = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_NRB);
g_array_append_val(wth->nrb_hdrs, nrb);
}
wtap_optionblock_set_option_string(g_array_index(wth->nrb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, (gsize)(comment ? strlen(comment) : 0));
}
wtap_open_return_val lanalyzer_open(wtap *wth, int *err, gchar **err_info)
{
LA_RecordHeader rec_header;
char header_fixed[2];
char *comment;
char summary[210];
guint16 board_type, mxslc;
guint16 record_type, record_length;
guint8 cr_day, cr_month;
guint16 cr_year;
struct tm tm;
lanalyzer_t *lanalyzer;
if (!wtap_read_bytes(wth->fh, &rec_header, LA_RecordHeaderSize,
err, err_info)) {
if (*err != WTAP_ERR_SHORT_READ)
return WTAP_OPEN_ERROR;
return WTAP_OPEN_NOT_MINE;
}
record_type = pletoh16(rec_header.record_type);
record_length = pletoh16(rec_header.record_length); /* make sure to do this for while() loop */
if (record_type != RT_HeaderRegular && record_type != RT_HeaderCyclic) {
return WTAP_OPEN_NOT_MINE;
}
/* Read the major and minor version numbers */
if (record_length < 2) {
/*
* Not enough room for the major and minor version numbers.
* Just treat that as a "not a LANalyzer file" indication.
*/
return WTAP_OPEN_NOT_MINE;
}
if (!wtap_read_bytes(wth->fh, &header_fixed, sizeof header_fixed,
err, err_info)) {
if (*err != WTAP_ERR_SHORT_READ)
return WTAP_OPEN_ERROR;
return WTAP_OPEN_NOT_MINE;
}
record_length -= sizeof header_fixed;
if (record_length != 0) {
/* Read the rest of the record as a comment. */
comment = (char *)g_malloc(record_length + 1);
if (!wtap_read_bytes(wth->fh, comment, record_length,
err, err_info)) {
if (*err != WTAP_ERR_SHORT_READ) {
g_free(comment);
return WTAP_OPEN_ERROR;
}
g_free(comment);
return WTAP_OPEN_NOT_MINE;
}
wtap_optionblock_set_option_string(g_array_index(wth->shb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, record_length);
g_free(comment);
}
/* If we made it this far, then the file is a LANAlyzer file.
* Let's get some info from it. Note that we get wth->snapshot_length
* from a record later in the file. */
wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_LANALYZER;
lanalyzer = (lanalyzer_t *)g_malloc(sizeof(lanalyzer_t));
wth->priv = (void *)lanalyzer;
wth->subtype_read = lanalyzer_read;
wth->subtype_seek_read = lanalyzer_seek_read;
wth->snapshot_length = 0;
wth->file_tsprec = WTAP_TSPREC_NSEC;
/* Read records until we find the start of packets */
while (1) {
if (!wtap_read_bytes_or_eof(wth->fh, &rec_header,
LA_RecordHeaderSize, err, err_info)) {
if (*err == 0) {
/*
* End of file and no packets;
* accept this file.
*/
return WTAP_OPEN_MINE;
}
return WTAP_OPEN_ERROR;
}
record_type = pletoh16(rec_header.record_type);
record_length = pletoh16(rec_header.record_length);
/*g_message("Record 0x%04X Length %d", record_type, record_length);*/
switch (record_type) {
/* Trace Summary Record */
case RT_Summary:
if (!wtap_read_bytes(wth->fh, summary,
sizeof summary, err, err_info))
return WTAP_OPEN_ERROR;
/* Assume that the date of the creation of the trace file
* is the same date of the trace. Lanalyzer doesn't
* store the creation date/time of the trace, but only of
* the file. Unless you traced at 11:55 PM and saved at 00:05
* AM, the assumption that trace.date == file.date is true.
*/
cr_day = summary[0];
cr_month = summary[1];
cr_year = pletoh16(&summary[2]);
/*g_message("Day %d Month %d Year %d (%04X)", cr_day, cr_month,
cr_year, cr_year);*/
/* Get capture start time. I learned how to do
* this from Guy's code in ngsniffer.c
*/
tm.tm_year = cr_year - 1900;
tm.tm_mon = cr_month - 1;
tm.tm_mday = cr_day;
tm.tm_hour = 0;
tm.tm_min = 0;
tm.tm_sec = 0;
tm.tm_isdst = -1;
lanalyzer->start = mktime(&tm);
/*g_message("Day %d Month %d Year %d", tm.tm_mday,
tm.tm_mon, tm.tm_year);*/
mxslc = pletoh16(&summary[30]);
wth->snapshot_length = mxslc;
board_type = pletoh16(&summary[188]);
switch (board_type) {
case BOARD_325:
wth->file_encap = WTAP_ENCAP_ETHERNET;
break;
case BOARD_325TR:
wth->file_encap = WTAP_ENCAP_TOKEN_RING;
break;
default:
*err = WTAP_ERR_UNSUPPORTED;
*err_info = g_strdup_printf("lanalyzer: board type %u unknown",
board_type);
return WTAP_OPEN_ERROR;
}
break;
/* Trace Packet Data Record */
case RT_PacketData:
/* Go back header number of bytes so that lanalyzer_read
* can read this header */
if (file_seek(wth->fh, -LA_RecordHeaderSize, SEEK_CUR, err) == -1) {
return WTAP_OPEN_ERROR;
}
return WTAP_OPEN_MINE;
default:
if (file_seek(wth->fh, record_length, SEEK_CUR, err) == -1) {
return WTAP_OPEN_ERROR;
}
break;
}
}
}
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
char *tmpname, *capfile_name;
int err;
/* pcapng defs */
wtap_optionblock_t shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtap_optionblock_t int_data;
wtapng_if_descr_mandatory_t *int_data_mand;
GString *os_info_str;
gchar *opt_comment, *wireshark_ver;
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);
/* options */
opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
g_free(opt_comment);
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
g_free(wireshark_ver);
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
/* create the fake interface data */
int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE;
wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);
g_array_append_val(idb_inf->interface_data, int_data);
/* Use a random name for the temporary import buffer */
exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_",
WTAP_FILE_TYPE_SUBTYPE_PCAPNG,
WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE,
FALSE, shb_hdr, idb_inf, NULL, &err);
capfile_name = g_strdup(tmpname);
if (exp_pdu_tap_data->wdh == NULL) {
open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE);
goto end;
}
/* Run the tap */
cf_retap_packets(&cfile);
if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
write_failure_alert_box(capfile_name, err);
}
remove_tap_listener(exp_pdu_tap_data);
/* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
open_failure_alert_box(capfile_name, err, FALSE);
goto end;
}
switch (cf_read(&cfile, FALSE)) {
case CF_READ_OK:
case CF_READ_ERROR:
/* Just because we got an error, that doesn't mean we were unable
to read any of the file; we handle what we could get from the
file. */
break;
case CF_READ_ABORTED:
/* The user bailed out of re-reading the capture file; the
capture file has been closed - just free the capture file name
string and return (without changing the last containing
directory). */
break;
}
end:
g_free(capfile_name);
wtap_optionblock_free(shb_hdr);
wtap_free_idb_info(idb_inf);
}
int
exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment)
{
int err;
/* pcapng defs */
wtap_optionblock_t shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtap_optionblock_t int_data;
wtapng_if_descr_mandatory_t *int_data_mand;
GString *os_info_str;
gchar *opt_comment, *wireshark_ver;
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);
/* options */
opt_comment = comment;
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
g_free(opt_comment);
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
g_free(wireshark_ver);
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
/* create the fake interface data */
int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE;
wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);
g_array_append_val(idb_inf->interface_data, int_data);
/* Use a random name for the temporary import buffer */
exp_pdu_tap_data->wdh = wtap_dump_fdopen_ng(fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE,
shb_hdr, idb_inf, NULL, &err);
if (exp_pdu_tap_data->wdh == NULL) {
g_assert(err != 0);
return err;
}
return 0;
}
