/** * Sharktools Initialization * * This function will subsequently initialize Wireshark and associated mechanisms. */ int sharktools_init(void) { // NOTE: VERSION is a #define from config.h. examples: "0.99.7" or "1.0.8" if(strcmp(epan_get_version(), VERSION)) { printf("ERROR: sharktools was compiled using version %s of libwireshark.\n", VERSION); printf("However, the libwireshark installed on this system is version %s.\n", epan_get_version()); printf("Please recompile sharktools with headers from libwireshark version %s,\n", epan_get_version()); printf("or modify LD_LIBRARY_PATH to point to version %s of libwireshark.\n", VERSION); printf("Consult sharktools' README file for more information on using a different version of libwireshark.\n"); return -1; } // FIXME: Hacky; see note above. sharktools_preload_libs(); #if (WIRESHARK_1_0_0 || WIRESHARK_1_2_0 || WIRESHARK_1_4_0) /* * Get credential information for later use. */ get_credential_info(); #endif dprintf("%s: initializing...\n", __FUNCTION__); #if WIRESHARK_0_99_5 epan_init(register_all_protocols, register_all_protocol_handoffs, failure_message, open_failure_message, read_failure_message); #elif WIRESHARK_1_0_0 epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL, failure_message, open_failure_message, read_failure_message); #elif (WIRESHARK_1_2_0 || WIRESHARK_1_4_0) epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL, failure_message, open_failure_message, read_failure_message, write_failure_message); #endif //register_all_plugin_tap_listeners(); //register_all_tap_listeners(); // Set this global variable to NULL G_native_types = NULL; dprintf("%s: initialized.\n", __FUNCTION__); return 0; }
int main(int argc, char *argv[]) { char *init_progfile_dir_error; int opt, i; extern char *optarg; gboolean arg_error = FALSE; #ifdef _WIN32 WSADATA wsaData; #endif /* _WIN32 */ char *gpf_path, *pf_path; char *gdp_path, *dp_path; int gpf_open_errno, gpf_read_errno; int pf_open_errno, pf_read_errno; int gdp_open_errno, gdp_read_errno; int dp_open_errno, dp_read_errno; int err; gchar *pipe_name = NULL; gchar *rfilters[64]; e_prefs *prefs; char badopt; GLogLevelFlags log_flags; GPtrArray *disp_fields = g_ptr_array_new(); guint fc; gboolean skip_pcap_header = FALSE; #define OPTSTRING_INIT "d:F:hlnN:o:r:R:sS:t:v" static const char optstring[] = OPTSTRING_INIT; /* * Get credential information for later use. */ get_credential_info(); /* * Clear the filters arrays */ memset(rfilters, 0, sizeof(rfilters)); memset(rfcodes, 0, sizeof(rfcodes)); n_rfilters = 0; n_rfcodes = 0; /* * Initialize our string format */ string_fmts = g_ptr_array_new(); /* * Attempt to get the pathname of the executable file. */ init_progfile_dir_error = init_progfile_dir(argv[0], main); if (init_progfile_dir_error != NULL) { fprintf(stderr, "rawshark: Can't get pathname of rawshark program: %s.\n", init_progfile_dir_error); } /* * Get credential information for later use. */ get_credential_info(); /* nothing more than the standard GLib handler, but without a warning */ log_flags = G_LOG_LEVEL_WARNING | G_LOG_LEVEL_MESSAGE | G_LOG_LEVEL_INFO | G_LOG_LEVEL_DEBUG; g_log_set_handler(NULL, log_flags, log_func_ignore, NULL /* user_data */); g_log_set_handler(LOG_DOMAIN_CAPTURE_CHILD, log_flags, log_func_ignore, NULL /* user_data */); timestamp_set_type(TS_RELATIVE); timestamp_set_precision(TS_PREC_AUTO); /* Register all dissectors; we must do this before checking for the "-G" flag, as the "-G" flag dumps information registered by the dissectors, and we must do it before we read the preferences, in case any dissectors register preferences. */ epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL, failure_message, open_failure_message, read_failure_message, write_failure_message); /* Now register the preferences for any non-dissector modules. We must do that before we read the preferences as well. */ prefs_register_modules(); /* Set the C-language locale to the native environment. */ setlocale(LC_ALL, ""); prefs = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path, &pf_open_errno, &pf_read_errno, &pf_path); if (gpf_path != NULL) { if (gpf_open_errno != 0) { cmdarg_err("Can't open global preferences file \"%s\": %s.", pf_path, strerror(gpf_open_errno)); } if (gpf_read_errno != 0) { cmdarg_err("I/O error reading global preferences file \"%s\": %s.", pf_path, strerror(gpf_read_errno)); } } if (pf_path != NULL) { if (pf_open_errno != 0) { cmdarg_err("Can't open your preferences file \"%s\": %s.", pf_path, strerror(pf_open_errno)); } if (pf_read_errno != 0) { cmdarg_err("I/O error reading your preferences file \"%s\": %s.", pf_path, strerror(pf_read_errno)); } g_free(pf_path); pf_path = NULL; } /* Set the name resolution code's flags from the preferences. */ g_resolv_flags = prefs->name_resolve; /* Read the disabled protocols file. */ read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno, &dp_path, &dp_open_errno, &dp_read_errno); if (gdp_path != NULL) { if (gdp_open_errno != 0) { cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.", gdp_path, strerror(gdp_open_errno)); } if (gdp_read_errno != 0) { cmdarg_err("I/O error reading global disabled protocols file\n\"%s\": %s.", gdp_path, strerror(gdp_read_errno)); } g_free(gdp_path); } if (dp_path != NULL) { if (dp_open_errno != 0) { cmdarg_err( "Could not open your disabled protocols file\n\"%s\": %s.", dp_path, strerror(dp_open_errno)); } if (dp_read_errno != 0) { cmdarg_err( "I/O error reading your disabled protocols file\n\"%s\": %s.", dp_path, strerror(dp_read_errno)); } g_free(dp_path); } #ifdef _WIN32 /* Load Wpcap, if possible */ load_wpcap(); #endif init_cap_file(&cfile); /* Assemble the compile-time version information string */ comp_info_str = g_string_new("Compiled "); get_compiled_version_info(comp_info_str, get_epan_compiled_version_info); /* Assemble the run-time version information string */ runtime_info_str = g_string_new("Running "); get_runtime_version_info(runtime_info_str, NULL); /* Print format defaults to this. */ print_format = PR_FMT_TEXT; /* Initialize our encapsulation type */ encap = WTAP_ENCAP_UNKNOWN; /* Now get our args */ /* XXX - We should probably have an option to dump libpcap link types */ while ((opt = getopt(argc, argv, optstring)) != -1) { switch (opt) { case 'd': /* Payload type */ if (!set_link_type(optarg)) { cmdarg_err("Invalid link type or protocol \"%s\"", optarg); exit(1); } break; case 'F': /* Read field to display */ g_ptr_array_add(disp_fields, g_strdup(optarg)); break; case 'h': /* Print help and exit */ print_usage(TRUE); exit(0); break; case 'l': /* "Line-buffer" standard output */ /* This isn't line-buffering, strictly speaking, it's just flushing the standard output after the information for each packet is printed; however, that should be good enough for all the purposes to which "-l" is put (and is probably actually better for "-V", as it does fewer writes). See the comment in "process_packet()" for an explanation of why we do that, and why we don't just use "setvbuf()" to make the standard output line-buffered (short version: in Windows, "line-buffered" is the same as "fully-buffered", and the output buffer is only flushed when it fills up). */ line_buffered = TRUE; break; case 'n': /* No name resolution */ g_resolv_flags = RESOLV_NONE; break; case 'N': /* Select what types of addresses/port #s to resolve */ if (g_resolv_flags == RESOLV_ALL) g_resolv_flags = RESOLV_NONE; badopt = string_to_name_resolve(optarg, &g_resolv_flags); if (badopt != '\0') { cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'", badopt); exit(1); } break; case 'o': /* Override preference from command line */ switch (prefs_set_pref(optarg)) { case PREFS_SET_OK: break; case PREFS_SET_SYNTAX_ERR: cmdarg_err("Invalid -o flag \"%s\"", optarg); exit(1); break; case PREFS_SET_NO_SUCH_PREF: case PREFS_SET_OBSOLETE: cmdarg_err("-o flag \"%s\" specifies unknown preference", optarg); exit(1); break; } break; case 'r': /* Read capture file xxx */ pipe_name = g_strdup(optarg); break; case 'R': /* Read file filter */ if(n_rfilters < (int) sizeof(rfilters) / (int) sizeof(rfilters[0])) { rfilters[n_rfilters++] = optarg; } else { cmdarg_err("Too many display filters"); exit(1); } break; case 's': /* Skip PCAP header */ skip_pcap_header = TRUE; break; case 'S': /* Print string representations */ if (!parse_field_string_format(optarg)) { cmdarg_err("Invalid field string format"); exit(1); } break; case 't': /* Time stamp type */ if (strcmp(optarg, "r") == 0) timestamp_set_type(TS_RELATIVE); else if (strcmp(optarg, "a") == 0) timestamp_set_type(TS_ABSOLUTE); else if (strcmp(optarg, "ad") == 0) timestamp_set_type(TS_ABSOLUTE_WITH_DATE); else if (strcmp(optarg, "d") == 0) timestamp_set_type(TS_DELTA); else if (strcmp(optarg, "dd") == 0) timestamp_set_type(TS_DELTA_DIS); else if (strcmp(optarg, "e") == 0) timestamp_set_type(TS_EPOCH); else { cmdarg_err("Invalid time stamp type \"%s\"", optarg); cmdarg_err_cont("It must be \"r\" for relative, \"a\" for absolute,"); cmdarg_err_cont("\"ad\" for absolute with date, or \"d\" for delta."); exit(1); } break; case 'v': /* Show version and exit */ printf("Rawshark " VERSION "%s\n" "\n" "%s" "\n" "%s" "\n" "%s", wireshark_svnversion, get_copyright_info(), comp_info_str->str, runtime_info_str->str); exit(0); break; default: case '?': /* Bad flag - print usage message */ print_usage(TRUE); exit(1); break; } } /* Notify all registered modules that have had any of their preferences changed either from one of the preferences file or from the command line that their preferences have changed. Initialize preferences before display filters, otherwise modules like MATE won't work. */ prefs_apply_all(); /* Initialize our display fields */ for (fc = 0; fc < disp_fields->len; fc++) { protocolinfo_init(g_ptr_array_index(disp_fields, fc)); } g_ptr_array_free(disp_fields, TRUE); printf("\n"); fflush(stdout); /* If no capture filter or read filter has been specified, and there are still command-line arguments, treat them as the tokens of a capture filter (if no "-r" flag was specified) or a read filter (if a "-r" flag was specified. */ if (optind < argc) { if (pipe_name != NULL) { if (n_rfilters != 0) { cmdarg_err("Read filters were specified both with \"-R\" " "and with additional command-line arguments"); exit(1); } rfilters[n_rfilters] = get_args_as_string(argc, argv, optind); } } /* Make sure we got a dissector handle for our payload. */ if (encap == WTAP_ENCAP_UNKNOWN) { cmdarg_err("No valid payload dissector specified."); exit(1); } if (arg_error) { print_usage(FALSE); exit(1); } #ifdef _WIN32 /* Start windows sockets */ WSAStartup( MAKEWORD( 1, 1 ), &wsaData ); #endif /* _WIN32 */ /* At this point MATE will have registered its field array so we can have a tap filter with one of MATE's late-registered fields as part of the filter. We can now process all the "-z" arguments. */ start_requested_stats(); /* disabled protocols as per configuration file */ if (gdp_path == NULL && dp_path == NULL) { set_disabled_protos_list(); } /* Build the column format array */ col_setup(&cfile.cinfo, prefs->num_cols); for (i = 0; i < cfile.cinfo.num_cols; i++) { cfile.cinfo.col_fmt[i] = get_column_format(i); cfile.cinfo.col_title[i] = g_strdup(get_column_title(i)); cfile.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) * NUM_COL_FMTS); get_column_format_matches(cfile.cinfo.fmt_matx[i], cfile.cinfo.col_fmt[i]); cfile.cinfo.col_data[i] = NULL; if (cfile.cinfo.col_fmt[i] == COL_INFO) cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_INFO_LEN); else cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN); cfile.cinfo.col_fence[i] = 0; cfile.cinfo.col_expr.col_expr[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN); cfile.cinfo.col_expr.col_expr_val[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN); } for (i = 0; i < cfile.cinfo.num_cols; i++) { int j; for (j = 0; j < NUM_COL_FMTS; j++) { if (!cfile.cinfo.fmt_matx[i][j]) continue; if (cfile.cinfo.col_first[j] == -1) cfile.cinfo.col_first[j] = i; cfile.cinfo.col_last[j] = i; } } if (n_rfilters != 0) { for (i = 0; i < n_rfilters; i++) { if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes])) { cmdarg_err("%s", dfilter_error_msg); epan_cleanup(); exit(2); } n_rfcodes++; } } if (pipe_name) { /* * We're reading a pipe (or capture file). */ /* * Immediately relinquish any special privileges we have; we must not * be allowed to read any capture files the user running Rawshark * can't open. */ relinquish_special_privs_perm(); if (raw_cf_open(&cfile, pipe_name) != CF_OK) { epan_cleanup(); exit(2); } /* Do we need to PCAP header and magic? */ if (skip_pcap_header) { guint bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32); gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)]; while (bytes_left > 0) { guint bytes = read(fd, buf, bytes_left); if (bytes <= 0) { cmdarg_err("Not enough bytes for pcap header."); exit(2); } bytes_left -= bytes; } } /* Set timestamp precision; there should arguably be a command-line option to let the user set this. */ #if 0 switch(wtap_file_tsprecision(cfile.wth)) { case(WTAP_FILE_TSPREC_SEC): timestamp_set_precision(TS_PREC_AUTO_SEC); break; case(WTAP_FILE_TSPREC_DSEC): timestamp_set_precision(TS_PREC_AUTO_DSEC); break; case(WTAP_FILE_TSPREC_CSEC): timestamp_set_precision(TS_PREC_AUTO_CSEC); break; case(WTAP_FILE_TSPREC_MSEC): timestamp_set_precision(TS_PREC_AUTO_MSEC); break; case(WTAP_FILE_TSPREC_USEC): timestamp_set_precision(TS_PREC_AUTO_USEC); break; case(WTAP_FILE_TSPREC_NSEC): timestamp_set_precision(TS_PREC_AUTO_NSEC); break; default: g_assert_not_reached(); } #else timestamp_set_precision(TS_PREC_AUTO_USEC); #endif /* Process the packets in the file */ err = load_cap_file(&cfile); if (err != 0) { epan_cleanup(); exit(2); } } else { /* If you want to capture live packets, use TShark. */ cmdarg_err("Input file or pipe name not specified."); exit(2); } epan_cleanup(); return 0; }
int main(int argc, char **argv) { char *init_progfile_dir_error; char *text; char *gpf_path, *pf_path; int gpf_open_errno, gpf_read_errno; int pf_open_errno, pf_read_errno; e_prefs *prefs_p; dfilter_t *df; /* * Get credential information for later use. */ get_credential_info(); /* * Attempt to get the pathname of the executable file. */ init_progfile_dir_error = init_progfile_dir(argv[0], main); if (init_progfile_dir_error != NULL) { fprintf(stderr, "dftest: Can't get pathname of dftest program: %s.\n", init_progfile_dir_error); } timestamp_set_type(TS_RELATIVE); /* Register all dissectors; we must do this before checking for the "-g" flag, as the "-g" flag dumps a list of fields registered by the dissectors, and we must do it before we read the preferences, in case any dissectors register preferences. */ epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL, failure_message, open_failure_message, read_failure_message, write_failure_message); /* now register the preferences for any non-dissector modules. we must do that before we read the preferences as well. */ prefs_register_modules(); /* set the c-language locale to the native environment. */ setlocale(LC_ALL, ""); prefs_p = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path, &pf_open_errno, &pf_read_errno, &pf_path); if (gpf_path != NULL) { if (gpf_open_errno != 0) { fprintf(stderr, "can't open global preferences file \"%s\": %s.\n", pf_path, strerror(gpf_open_errno)); } if (gpf_read_errno != 0) { fprintf(stderr, "I/O error reading global preferences file \"%s\": %s.\n", pf_path, strerror(gpf_read_errno)); } } if (pf_path != NULL) { if (pf_open_errno != 0) { fprintf(stderr, "can't open your preferences file \"%s\": %s.\n", pf_path, strerror(pf_open_errno)); } if (pf_read_errno != 0) { fprintf(stderr, "I/O error reading your preferences file \"%s\": %s.\n", pf_path, strerror(pf_read_errno)); } } /* notify all registered modules that have had any of their preferences changed either from one of the preferences file or from the command line that its preferences have changed. */ prefs_apply_all(); /* Check for filter on command line */ if (argc <= 1) { fprintf(stderr, "Usage: dftest <filter>\n"); exit(1); } /* Get filter text */ text = get_args_as_string(argc, argv, 1); printf("Filter: \"%s\"\n", text); /* Compile it */ if (!dfilter_compile(text, &df)) { fprintf(stderr, "dftest: %s\n", dfilter_error_msg); epan_cleanup(); exit(2); } printf("dfilter ptr = 0x%08x\n", GPOINTER_TO_INT(df)); printf("\n\n"); if (df == NULL) printf("Filter is empty\n"); else dfilter_dump(df); dfilter_free(df); epan_cleanup(); exit(0); }