regcomp(&re, "\\.zip$", REG_EXTENDED);
output.push_back(inflater(re, "unzip -p '%s'"));
// bz2
regcomp(&re, "\\.bz2$", REG_EXTENDED);
output.push_back(inflater(re, "bunzip2 -c '%s'"));
// xz
regcomp(&re, "\\.xz$", REG_EXTENDED);
output.push_back(inflater(re, "unxz -c '%s'"));
// lzma
regcomp(&re, "\\.lzma$", REG_EXTENDED);
output.push_back(inflater(re, "unlzma -c '%s'"));
return output;
}
static std::vector<inflater> inflaters = build_inflaters();
#define HAVE_INFLATER
#endif
/*
* process an input file or device
* May be repeated.
* If start is false, do not initiate new connections
*/
static void process_infile(const std::string &expression,const char *device,const std::string &infile)
{
char error[PCAP_ERRBUF_SIZE];
pcap_t *pd=0;
int dlt=0;
pcap_handler handler;
static void process_infile(const std::string &expression,const char *device,const std::string &infile)
{
char error[PCAP_ERRBUF_SIZE];
pcap_t *pd=0;
int dlt=0;
pcap_handler handler;
#ifdef HAVE_INFLATER
if(inflaters==0) inflaters = build_inflaters();
#endif
if (infile!=""){
std::string file_path = infile;
// decompress input if necessary
#ifdef HAVE_INFLATER
for(inflaters_t::const_iterator it = inflaters->begin(); it != inflaters->end(); it++) {
if((*it)->appropriate(infile)) {
int fd = (*it)->invoke(infile);
file_path = ssprintf("/dev/fd/%d", fd);
if(fd < 0) {
std::cerr << "decompression of '" << infile << "' failed" << std::endl;
exit(1);
}
if(access(file_path.c_str(), R_OK)) {
std::cerr << "decompression of '" << infile << "' is not available on this system" << std::endl;
exit(1);
}
break;
}
}
#endif
if ((pd = pcap_open_offline(file_path.c_str(), error)) == NULL){ /* open the capture file */
die("%s", error);
}
dlt = pcap_datalink(pd); /* get the handler for this kind of packets */
handler = find_handler(dlt, infile.c_str());
} else {
/* if the user didn't specify a device, try to find a reasonable one */
if (device == NULL){
if ((device = pcap_lookupdev(error)) == NULL){
die("%s", error);
}
}
/* make sure we can open the device */
if ((pd = pcap_open_live(device, SNAPLEN, !opt_no_promisc, 1000, error)) == NULL){
die("%s", error);
}
#if defined(HAVE_SETUID) && defined(HAVE_GETUID)
/* drop root privileges - we don't need them any more */
if(setuid(getuid())){
perror("setuid");
}
#endif
/* get the handler for this kind of packets */
dlt = pcap_datalink(pd);
handler = find_handler(dlt, device);
}
DEBUG(20) ("filter expression: '%s'",expression.c_str());
/* install the filter expression in libpcap */
struct bpf_program fcode;
if (pcap_compile(pd, &fcode, expression.c_str(), 1, 0) < 0){
die("%s", pcap_geterr(pd));
}
if (pcap_setfilter(pd, &fcode) < 0){
die("%s", pcap_geterr(pd));
}
/* initialize our flow state structures */
/* set up signal handlers for graceful exit (pcap uses onexit to put
* interface back into non-promiscuous mode
*/
portable_signal(SIGTERM, terminate);
portable_signal(SIGINT, terminate);
#ifdef SIGHUP
portable_signal(SIGHUP, terminate);
#endif
/* start listening or reading from the input file */
if (infile == "") DEBUG(1) ("listening on %s", device);
if (pcap_loop(pd, -1, handler, (u_char *)tcpdemux::getInstance()) < 0){
die("%s: %s", infile.c_str(),pcap_geterr(pd));
}
}