int main(int argc, char *argv[]) { /* This is essentially the same main function from readdemo.c */ libtrace_t *trace = NULL; libtrace_packet_t *packet = NULL; /* Ensure we have at least one argument after the program name */ if (argc < 2) { fprintf(stderr, "Usage: %s inputURI\n", argv[0]); return 1; } packet = trace_create_packet(); if (packet == NULL) { perror("Creating libtrace packet"); libtrace_cleanup(trace, packet); return 1; } trace = trace_create(argv[1]); if (trace_is_err(trace)) { trace_perror(trace,"Opening trace file"); libtrace_cleanup(trace, packet); return 1; } if (trace_start(trace) == -1) { trace_perror(trace,"Starting trace"); libtrace_cleanup(trace, packet); return 1; } while (trace_read_packet(trace,packet)>0) { per_packet(packet); } if (trace_is_err(trace)) { trace_perror(trace,"Reading packets"); libtrace_cleanup(trace, packet); return 1; } /* Print the stats for the final reporting period that was probably * not complete when the trace finished */ printf("%u\t", next_report); printf("%.2f\t\t", ((double)wire_count) / packet_count); printf("%.2f\n", ((double)capture_count) / packet_count); libtrace_cleanup(trace, packet); return 0; }
int main(int argc, char *argv[]) { /* This is essentially the same main function from readdemo.c */ libtrace_t *trace = NULL; libtrace_packet_t *packet = NULL; /* Ensure we have at least one argument after the program name */ if (argc < 2) { fprintf(stderr, "Usage: %s inputURI\n", argv[0]); return 1; } packet = trace_create_packet(); if (packet == NULL) { perror("Creating libtrace packet"); libtrace_cleanup(trace, packet); return 1; } trace = trace_create(argv[1]); if (trace_is_err(trace)) { trace_perror(trace,"Opening trace file"); libtrace_cleanup(trace, packet); return 1; } if (trace_start(trace) == -1) { trace_perror(trace,"Starting trace"); libtrace_cleanup(trace, packet); return 1; } while (trace_read_packet(trace,packet)>0) { per_packet(packet); } if (trace_is_err(trace)) { trace_perror(trace,"Reading packets"); libtrace_cleanup(trace, packet); return 1; } printf("Packet Count = %" PRIu64 "\n", count); libtrace_cleanup(trace, packet); return 0; }
qfTraceSource_t *qfTraceOpen(const char *uri, const char *bpf, int snaplen, GError **err) { qfTraceSource_t *lts; libtrace_err_t terr; lts = g_new0(qfTraceSource_t, 1); if (!(lts->packet = trace_create_packet())) { g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO, "Could not initialize libtrace packet"); goto err; } lts->trace = trace_create(uri); if (trace_is_err(lts->trace)) { terr = trace_get_err(lts->trace); g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO, "Could not open libtrace URI %s: %s", uri, terr.problem); goto err; } if (trace_config(lts->trace, TRACE_OPTION_SNAPLEN, &snaplen) == -1) { terr = trace_get_err(lts->trace); g_set_error(err, YAF_ERROR_DOMAIN, YAF_ERROR_IO, "Could not set snaplen on libtrace URI %s: %s", uri, terr.problem); goto err; } if (bpf) { if (!(lts->filter = trace_create_filter(bpf))) { g_warning("Could not compile libtrace BPF %s", bpf); goto err; } if (trace_config(lts->trace, TRACE_OPTION_FILTER, lts->filter) == -1) { terr = trace_get_err(lts->trace); g_warning("Could not set libtrace filter: %s", terr.problem); goto err; } } /* start processing */ if (trace_start(lts->trace) == -1) { terr = trace_get_err(lts->trace); g_warning("libtrace trace_start() error: %s", terr.problem); goto err; } return lts; err: qfTraceClose(lts); return NULL; }
/* If you don't specify O_WONLY or O_RDWR on the fileflags, then this should * fail. */ void test_forgotten_wronly() { libtrace_out_t *out; libtrace_t *trace; libtrace_packet_t *packet; int err; int zero = 0; out = trace_create_output("pcapfile:traces/100_packets_out.pcap"); assert(out); assert (!trace_is_err_output(out)); /* Note: no WRONLY/RDWR */ err = trace_config_output(out,TRACE_OPTION_OUTPUT_FILEFLAGS,&zero); assert(err==0); assert(!trace_is_err_output(out)); err = trace_start_output(out); assert(err == 0); assert(!trace_is_err_output(out)); trace = trace_create("pcapfile:traces/100_packets.pcap"); assert(trace); assert(!trace_is_err(trace)); err = trace_start(trace); assert(!trace_is_err(trace)); assert(err == 0); packet = trace_create_packet(); assert(packet); err = trace_read_packet(trace, packet); assert(err>0); err = trace_write_packet(out,packet); assert(err == -1); /* Should fail */ assert(trace_is_err_output(out)); trace_destroy_output(out); trace_destroy_packet(packet); trace_destroy(trace); }
gboolean qfTraceMain(qfContext_t *ctx) { gboolean ok = TRUE; qfTraceSource_t *lts = ctx->ictx.pktsrc; yfPBuf_t *pbuf; libtrace_err_t terr; int i, trv; /* process input until we're done */ while (!yaf_quit) { i = 0; while (i < TRACE_PACKET_GROUP && !yaf_quit) { /* get next spot in ring buffer */ pbuf = (yfPBuf_t *)rgaNextHead(ctx->pbufring); g_assert(pbuf); /* and try to parse packets into it until we get one */ do { trv = trace_read_packet(lts->trace, lts->packet); if (trv <= 0) goto TRACE_END; } while (!qfTraceHandlePacket(lts, pbuf, ctx)); i++; } TRACE_END: /* Check for error */ if (trace_is_err(lts->trace)) { terr = trace_get_err(lts->trace); g_warning("libtrace error: %s", terr.problem); ok = FALSE; break; } /* Check for quit or EOF */ if (yaf_quit || trv == 0) break; /* Process the packet buffer */ if (ok && !yfProcessPBufRing(ctx, &(ctx->err))) { ok = FALSE; break; } /* Do periodic export as necessary */ qfTracePeriodicExport(ctx, yfFlowTabCurrentTime(ctx->flowtab)); } return yfFinalFlush(ctx, ok, &(ctx->err)); }
/* Sets the trace format for the packet to match the format it was originally * captured in, rather than the RT format */ static int rt_set_format(libtrace_t *libtrace, libtrace_packet_t *packet) { /* We need to assign the packet to a "dead" trace */ /* Try to minimize the number of corrupt packets that slip through * while making it easy to identify new pcap DLTs */ if (packet->type > TRACE_RT_DATA_DLT && packet->type < TRACE_RT_DATA_DLT_END) { if (!RT_INFO->dummy_pcap) { RT_INFO->dummy_pcap = trace_create_dead("pcap:-"); } packet->trace = RT_INFO->dummy_pcap; return 0; } if (packet->type > TRACE_RT_DATA_BPF && packet->type < TRACE_RT_DATA_BPF_END) { if (!RT_INFO->dummy_bpf) { RT_INFO->dummy_bpf = trace_create_dead("bpf:-"); /* This may fail on a non-BSD machine */ if (trace_is_err(RT_INFO->dummy_bpf)) { trace_perror(RT_INFO->dummy_bpf, "Creating dead bpf trace"); return -1; } } packet->trace = RT_INFO->dummy_bpf; return 0; } switch (packet->type) { case TRACE_RT_DUCK_2_4: case TRACE_RT_DUCK_2_5: if (!RT_INFO->dummy_duck) { RT_INFO->dummy_duck = trace_create_dead("duck:dummy"); } packet->trace = RT_INFO->dummy_duck; break; case TRACE_RT_DATA_ERF: if (!RT_INFO->dummy_erf) { RT_INFO->dummy_erf = trace_create_dead("erf:-"); } packet->trace = RT_INFO->dummy_erf; break; case TRACE_RT_DATA_LINUX_NATIVE: if (!RT_INFO->dummy_linux) { RT_INFO->dummy_linux = trace_create_dead("int:"); /* This may fail on a non-Linux machine */ if (trace_is_err(RT_INFO->dummy_linux)) { trace_perror(RT_INFO->dummy_linux, "Creating dead int trace"); return -1; } } packet->trace = RT_INFO->dummy_linux; break; case TRACE_RT_DATA_LINUX_RING: if (!RT_INFO->dummy_ring) { RT_INFO->dummy_ring = trace_create_dead("ring:"); /* This may fail on a non-Linux machine */ if (trace_is_err(RT_INFO->dummy_ring)) { trace_perror(RT_INFO->dummy_ring, "Creating dead int trace"); return -1; } } packet->trace = RT_INFO->dummy_ring; break; case TRACE_RT_STATUS: case TRACE_RT_METADATA: /* Just use the RT trace! */ packet->trace = libtrace; break; case TRACE_RT_DATA_LEGACY_ETH: case TRACE_RT_DATA_LEGACY_ATM: case TRACE_RT_DATA_LEGACY_POS: printf("Sending legacy over RT is currently not supported\n"); trace_set_err(libtrace, TRACE_ERR_BAD_PACKET, "Legacy packet cannot be sent over rt"); return -1; default: printf("Unrecognised format: %u\n", packet->type); trace_set_err(libtrace, TRACE_ERR_BAD_PACKET, "Unrecognised packet format"); return -1; } return 0; /* success */ }
/* Process a trace, counting packets that match filter(s) */ static void run_trace(char *uri, libtrace_filter_t *filter, int count) { struct libtrace_packet_t *packet = trace_create_packet(); /* Already read the maximum number of packets - don't need to read * anything from this trace */ if ((count >= 0 && packets_read >= count) || done) return; trace = trace_create(uri); if (trace_is_err(trace)) { trace_perror(trace,"trace_create"); return; } if (filter) { trace_config(trace,TRACE_OPTION_FILTER,filter); } if (trace_start(trace)==-1) { trace_perror(trace,"trace_start"); return; } while (1) { int psize; if (count >= 0 && packets_read >= count) break; if (done) break; if ((psize = trace_read_packet(trace, packet)) <1) { break; } if (IS_LIBTRACE_META_PACKET(packet)) continue; if (reports_required & REPORT_TYPE_MISC) misc_per_packet(packet); if (reports_required & REPORT_TYPE_ERROR) error_per_packet(packet); if (reports_required & REPORT_TYPE_PORT) port_per_packet(packet); if (reports_required & REPORT_TYPE_PROTO) protocol_per_packet(packet); if (reports_required & REPORT_TYPE_TOS) tos_per_packet(packet); if (reports_required & REPORT_TYPE_TTL) ttl_per_packet(packet); if (reports_required & REPORT_TYPE_FLOW) flow_per_packet(packet); if (reports_required & REPORT_TYPE_TCPOPT) tcpopt_per_packet(packet); if (reports_required & REPORT_TYPE_SYNOPT) synopt_per_packet(packet); if (reports_required & REPORT_TYPE_NLP) nlp_per_packet(packet); if (reports_required & REPORT_TYPE_DIR) dir_per_packet(packet); if (reports_required & REPORT_TYPE_ECN) ecn_per_packet(packet); if (reports_required & REPORT_TYPE_TCPSEG) tcpseg_per_packet(packet); packets_read ++; } if (reports_required & REPORT_TYPE_DROPS) drops_per_trace(trace); trace_destroy_packet(packet); trace_destroy(trace); }
int main(int argc, char *argv[]) { libtrace_t *trace; libtrace_packet_t *packet; libtrace_filter_t *filter=NULL; int snaplen=-1; int promisc=-1; while(1) { int option_index; struct option long_options[] = { { "filter", 1, 0, 'f' }, { "snaplen", 1, 0, 's' }, { "promisc", 1, 0, 'p' }, { "help", 0, 0, 'h' }, { "libtrace-help", 0, 0, 'H' }, { NULL, 0, 0, 0 } }; int c= getopt_long(argc, argv, "f:s:p:hH", long_options, &option_index); if (c==-1) break; switch (c) { case 'f': filter=trace_create_filter(optarg); break; case 's': snaplen=atoi(optarg); break; case 'p': promisc=atoi(optarg); break; case 'H': trace_help(); return 1; default: fprintf(stderr,"Unknown option: %c\n",c); /* FALL THRU */ case 'h': usage(argv[0]); return 1; } } if (optind>=argc) { fprintf(stderr,"Missing input uri\n"); usage(argv[0]); return 1; } while (optind<argc) { trace = trace_create(argv[optind]); ++optind; if (trace_is_err(trace)) { trace_perror(trace,"Opening trace file"); return 1; } if (snaplen>0) if (trace_config(trace,TRACE_OPTION_SNAPLEN,&snaplen)) { trace_perror(trace,"ignoring: "); } if (filter) if (trace_config(trace,TRACE_OPTION_FILTER,filter)) { trace_perror(trace,"ignoring: "); } if (promisc!=-1) { if (trace_config(trace,TRACE_OPTION_PROMISC,&promisc)) { trace_perror(trace,"ignoring: "); } } if (trace_start(trace)) { trace_perror(trace,"Starting trace"); trace_destroy(trace); return 1; } packet = trace_create_packet(); while (trace_read_packet(trace,packet)>0) { per_packet(packet); } trace_destroy_packet(packet); if (trace_is_err(trace)) { trace_perror(trace,"Reading packets"); } trace_destroy(trace); } return 0; }
int main(int argc, char *argv[]) { struct libtrace_t *input = NULL; struct libtrace_out_t *in_write = NULL; struct libtrace_out_t *out_write = NULL; libtrace_err_t trace_err; struct libtrace_packet_t *packet = trace_create_packet(); if (argc < 3) { usage(argv[0]); return 1; } input = trace_create(argv[1]); if (trace_is_err(input)) { trace_err = trace_get_err(input); printf("Problem reading input trace: %s\n", trace_err.problem); return 1; } if (trace_start(input)==-1) { trace_perror(input,"Unable to start trace: %s",argv[1]); return 1; } while(1) { if (trace_read_packet(input, packet) < 1) break; switch(trace_get_direction(packet)) { case TRACE_DIR_INCOMING: if (!out_write) { out_write = create_output(argv[3]); if (!out_write) return 1; } if (trace_write_packet(out_write, packet)==-1){ trace_perror_output(in_write,"write"); return 1; } break; case TRACE_DIR_OUTGOING: if (!in_write) { in_write = create_output(argv[2]); if (!in_write) return 1; } if (trace_write_packet(in_write, packet)==-1) { trace_perror_output(in_write,"write"); return 1; } break; default: ignored++; } } if (out_write) trace_destroy_output(out_write); if (in_write) trace_destroy_output(in_write); trace_destroy(input); trace_destroy_packet(packet); if (ignored) fprintf(stderr,"warning: Ignored %" PRIu64 " packets with unknown directions\n", ignored); return 0; }
int main(int argc, char *argv[]) { char *uri = 0; int psize = 0; struct libtrace_ip *ipptr = 0; struct libtrace_packet_t *packet = trace_create_packet(); libtrace_err_t trace_err; uint32_t last_second = 0; double ts = 0.0; if (argc == 2) { uri = strdup(argv[1]); } // create an trace to uri trace = trace_create(uri); if (trace_is_err(trace)) { trace_err = trace_get_err(trace); printf("Error in trace_create: %s\n", trace_err.problem); return -1; } trace_start(trace); if (trace_is_err(trace)) { trace_err = trace_get_err(trace); printf("Error in trace_start: %s\n", trace_err.problem); return -1; } for (;;) { if ((psize = trace_read_packet(trace,packet)) < 1) { // terminate break; } if (psize == 0) { continue; } if((ipptr = trace_get_ip(packet)) == 0) { continue; } counter[BYTES][INSTANT] += ntohs(ipptr->ip_len); counter[PACKETS][INSTANT] ++; ts = trace_get_seconds(packet); if(last_second == 0) { last_second = ts; } else if (last_second < ts) { last_second = ts; docalc++; } if(docalc) { secondreport(); } } trace_destroy(trace); return 0; }
corsaro_file_in_t *corsaro_file_ropen(const char *filename) { corsaro_file_in_t *f = NULL; char buffer[1024]; int len; /* 2013-01-22 AK has removed all of the logging output on failures this is because i dont want to need a corsaro_t object to open a file. but also because i think it should be up to the caller to log the errors. logs from this deep in corsaro just confuse people when somewhat common errors occur (file not found etc). */ if((f = malloc(sizeof(corsaro_file_in_t))) == NULL) { return NULL; } /* we need to try and guess the mode... */ /* if there is a : in the uri, we guess it is a libtrace file */ /* this should be refined to do something more intelligent */ if(strchr(filename, ':') != NULL) { f->mode = CORSARO_FILE_MODE_TRACE; /* open this as a trace file */ f->trace_io = trace_create(filename); if(trace_is_err(f->trace_io)) { free(f); return NULL; } if (trace_start(f->trace_io) == -1) { free(f); return NULL; } /* trace is set to go! */ return f; } else { /* lets open the file and take a peek to see what we find */ if((f->wand_io = wandio_create(filename)) == NULL) { free(f); return NULL; } len = wandio_peek(f->wand_io, buffer, sizeof(buffer)); /* an ASCII corsaro file will start with "# CORSARO_VERSION" */ if(len >= strlen(CORSARO_FILE_ASCII_CHECK) && memcmp(CORSARO_FILE_ASCII_CHECK, buffer, strlen(CORSARO_FILE_ASCII_CHECK)) == 0) { f->mode = CORSARO_FILE_MODE_ASCII; } /* a binary corsaro file will start with an corsaro header "EDGRHEAD" but, it is possible that an old binary corsaro file can just start with an interval header - "EDGRINTR", so we will only look for "EDGR" */ else if(len >= 4 && buffer[0] == 'E' && buffer[1] == 'D' && buffer[2] == 'G' && buffer[3] == 'R') { f->mode = CORSARO_FILE_MODE_BINARY; } else { /* who knows, but maybe someone wants to read a non-corsaro file */ f->mode = CORSARO_FILE_MODE_UNKNOWN; } } return f; }
int main(int argc, char *argv[]) { char *compress_type_str=NULL; struct libtrace_filter_t *filter=NULL; struct libtrace_t *input = NULL; struct libtrace_packet_t *packet = trace_create_packet(); struct sigaction sigact; int i; if (argc<2) { usage(argv[0]); return 1; } /* Parse command line options */ while(1) { int option_index; struct option long_options[] = { { "filter", 1, 0, 'f' }, { "count", 1, 0, 'c' }, { "bytes", 1, 0, 'b' }, { "starttime", 1, 0, 's' }, { "endtime", 1, 0, 'e' }, { "interval", 1, 0, 'i' }, { "libtrace-help", 0, 0, 'H' }, { "maxfiles", 1, 0, 'm' }, { "snaplen", 1, 0, 'S' }, { "verbose", 0, 0, 'v' }, { "compress-level", 1, 0, 'z' }, { "compress-type", 1, 0, 'Z' }, { NULL, 0, 0, 0 }, }; int c=getopt_long(argc, argv, "f:c:b:s:e:i:m:S:Hvz:Z:", long_options, &option_index); if (c==-1) break; switch (c) { case 'f': filter=trace_create_filter(optarg); break; case 'c': count=atoi(optarg); break; case 'b': bytes=atoi(optarg); break; case 's': starttime=atof(optarg); /* FIXME: use getdate */ break; case 'e': endtime=atof(optarg); break; case 'i': interval=atoi(optarg); break; case 'm': maxfiles=atoi(optarg); break; case 'S': snaplen=atoi(optarg); break; case 'H': trace_help(); exit(1); break; case 'v': verbose++; break; case 'z': compress_level=atoi(optarg); if (compress_level<0 || compress_level>9) { usage(argv[0]); exit(1); } break; case 'Z': compress_type_str=optarg; break; default: fprintf(stderr,"Unknown option: %c\n",c); usage(argv[0]); return 1; } } if (compress_type_str == NULL && compress_level >= 0) { fprintf(stderr, "Compression level set, but no compression type was defined, setting to gzip\n"); compress_type = TRACE_OPTION_COMPRESSTYPE_ZLIB; } else if (compress_type_str == NULL) { /* If a level or type is not specified, use the "none" * compression module */ compress_type = TRACE_OPTION_COMPRESSTYPE_NONE; } /* I decided to be fairly generous in what I accept for the * compression type string */ else if (strncmp(compress_type_str, "gz", 2) == 0 || strncmp(compress_type_str, "zlib", 4) == 0) { compress_type = TRACE_OPTION_COMPRESSTYPE_ZLIB; } else if (strncmp(compress_type_str, "bz", 2) == 0) { compress_type = TRACE_OPTION_COMPRESSTYPE_BZ2; } else if (strncmp(compress_type_str, "lzo", 3) == 0) { compress_type = TRACE_OPTION_COMPRESSTYPE_LZO; } else if (strncmp(compress_type_str, "no", 2) == 0) { compress_type = TRACE_OPTION_COMPRESSTYPE_NONE; } else { fprintf(stderr, "Unknown compression type: %s\n", compress_type_str); return 1; } if (optind+2>argc) { fprintf(stderr,"missing inputuri or outputuri\n"); usage(argv[0]); } output_base = argv[argc - 1]; sigact.sa_handler = cleanup_signal; sigemptyset(&sigact.sa_mask); sigact.sa_flags = SA_RESTART; sigaction(SIGINT, &sigact, NULL); sigaction(SIGTERM, &sigact, NULL); output=NULL; signal(SIGINT,&cleanup_signal); signal(SIGTERM,&cleanup_signal); for (i = optind; i < argc - 1; i++) { input = trace_create(argv[i]); if (trace_is_err(input)) { trace_perror(input,"%s",argv[i]); return 1; } if (filter && trace_config(input, TRACE_OPTION_FILTER, filter) == 1) { trace_perror(input, "Configuring filter for %s", argv[i]); return 1; } if (trace_start(input)==-1) { trace_perror(input,"%s",argv[i]); return 1; } while (trace_read_packet(input,packet)>0) { if (per_packet(packet) < 1) done = 1; if (done) break; } if (done) break; if (trace_is_err(input)) { trace_perror(input,"Reading packets"); trace_destroy(input); break; } trace_destroy(input); } if (verbose) { uint64_t f; f=trace_get_received_packets(input); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets on input\n",f); f=trace_get_filtered_packets(input); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets filtered\n",f); f=trace_get_dropped_packets(input); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets dropped\n",f); f=trace_get_accepted_packets(input); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets accepted\n",f); } if (output) trace_destroy_output(output); trace_destroy_packet(packet); return 0; }
int main(int argc, char *argv[]) { libtrace_t *trace; libtrace_packet_t *packet; libtrace_filter_t *filter=NULL; session_manager_t *sm; uint64_t f; while(1) { int option_index; struct option long_options[] = { { "filter", 1, 0, 'f' }, { "interval", 1, 0, 'i' }, { "count", 1, 0, 'c' }, { "exit", 1, 0, 'e' }, { "relative", 0, 0, 'r' }, { "help", 0, 0, 'h' }, { "libtrace-help",0, 0, 'H' }, { NULL, 0, 0, 0 } }; int c= getopt_long(argc, argv, "c:e:f:i:hHr", long_options, &option_index); if (c==-1) break; switch (c) { case 'f': filter=trace_create_filter(optarg); break; case 'i': packet_interval=atof(optarg); break; case 'c': packet_count=atoi(optarg); packet_interval=UINT32_MAX; // make sure only one is defined break; case 'e': report_periods=atoi(optarg); break; case 'r': report_rel_time = 1; break; case 'H': trace_help(); return 1; default: fprintf(stderr,"Unknown option: %c\n",c); /* FALL THRU */ case 'h': usage(argv[0]); return 1; } } if (optind>=argc) { fprintf(stderr,"Missing input uri\n"); usage(argv[0]); return 1; } while (optind<argc) { // create tcp session manager sm = session_manager_create(); // create and register the data-ack based RTT module session_manager_register_module(sm,rtt_n_sequence_module()); fprintf(stderr, "Processing %s\n",argv[optind]); trace = trace_create(argv[optind]); ++optind; if (trace_is_err(trace)) { trace_perror(trace,"Opening trace file"); return 1; } if (filter && trace_config(trace,TRACE_OPTION_FILTER,filter)==1) { trace_perror(trace,"Configuring filter"); } if (trace_start(trace)) { trace_perror(trace,"Starting trace"); trace_destroy(trace); return 1; } packet = trace_create_packet(); print_report_hdr(); reset_report(); last_report_ts = 0; last_packet_ts = 0; while (trace_read_packet(trace,packet)>0) { per_packet(packet,session_manager_update(sm,packet)); if (report_periods != UINT64_MAX && reported >= report_periods) { break; } } // remaining pkts (or all if no period set) if ((reports[OUT].count+reports[IN].count) > 0 || (packet_interval == UINT32_MAX && packet_count == UINT64_MAX)) { double ts = trace_get_seconds(packet); if (report_rel_time) { print_report(ts-last_report_ts); } else { print_report(ts); } } trace_destroy_packet(packet); if (trace_is_err(trace)) { trace_perror(trace,"Reading packets"); } // some stats f=trace_get_received_packets(trace); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets on input\n",f); f=trace_get_filtered_packets(trace); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets filtered\n",f); f=trace_get_dropped_packets(trace); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets dropped\n",f); f=trace_get_accepted_packets(trace); if (f!=UINT64_MAX) fprintf(stderr,"%" PRIu64 " packets accepted\n",f); trace_destroy(trace); session_manager_destroy(sm); } return 0; }
/* Process a trace, counting packets that match filter(s) */ static void run_trace(char *uri) { struct libtrace_packet_t *packet = trace_create_packet(); int i; uint64_t count = 0; uint64_t bytes = 0; uint64_t packets; fprintf(stderr,"%s:\n",uri); trace = trace_create(uri); if (trace_is_err(trace)) { trace_perror(trace,"Failed to create trace"); return; } if (trace_start(trace)==-1) { trace_perror(trace,"Failed to start trace"); return; } for (;;) { int psize; int wlen; int match = 0; if ((psize = trace_read_packet(trace, packet)) <1) { break; } if (done) break; wlen = trace_get_wire_length(packet); for(i=0; i<filter_count; ++i) { if (filters[i].filter == NULL) continue; if(trace_apply_filter(filters[i].filter,packet) > 0) { ++filters[i].count; filters[i].bytes+=wlen; match = 1; } if (trace_is_err(trace)) { trace_perror(trace, "trace_apply_filter"); fprintf(stderr, "Removing filter from filterlist\n"); filters[i].filter = NULL; } } if(match == 1 || filter_count == 0) { libtrace_ip_t *ip_hdr = trace_get_ip(packet); if(ip_hdr != NULL) { char src_ip[INET_ADDRSTRLEN]; char dst_ip[INET_ADDRSTRLEN]; inet_ntop(AF_INET, &ip_hdr->ip_src, &src_ip[0], INET_ADDRSTRLEN); inet_ntop(AF_INET, &ip_hdr->ip_dst, &dst_ip[0], INET_ADDRSTRLEN); printf("%f\t%s\t%s\t%"PRIu16"\t%"PRIu16"\t" "%"PRIu8"\t%"PRIu16"\t%"PRIu16"\n", trace_get_seconds(packet), src_ip, dst_ip, trace_get_source_port(packet), trace_get_destination_port(packet), ip_hdr->ip_p, ntohs(ip_hdr->ip_id), ntohs(ip_hdr->ip_len) ); } } ++count; bytes+=wlen; } fprintf(stderr, "%-30s\t%12s\t%12s\t%7s\n","filter","count","bytes","%"); for(i=0; i<filter_count; ++i) { fprintf(stderr, "%30s:\t%12"PRIu64"\t%12"PRIu64"\t%7.03f\n", filters[i].expr,filters[i].count, filters[i].bytes,filters[i].count*100.0/count); filters[i].bytes=0; filters[i].count=0; } packets=trace_get_received_packets(trace); if (packets!=UINT64_MAX) fprintf(stderr,"%30s:\t%12" PRIu64"\n", "Input packets", packets); packets=trace_get_filtered_packets(trace); if (packets!=UINT64_MAX) fprintf(stderr,"%30s:\t%12" PRIu64"\n", "Filtered packets", packets); packets=trace_get_dropped_packets(trace); if (packets!=UINT64_MAX) fprintf(stderr,"%30s:\t%12" PRIu64"\n", "Dropped packets",packets); packets=trace_get_accepted_packets(trace); if (packets!=UINT64_MAX) fprintf(stderr,"%30s:\t%12" PRIu64 "\n", "Accepted Packets",packets); fprintf(stderr, "%30s:\t%12"PRIu64"\t%12" PRIu64 "\n","Total",count,bytes); totcount+=count; totbytes+=bytes; if (trace_is_err(trace)) trace_perror(trace,"%s",uri); trace_destroy(trace); }
int main(int argc, char *argv[]) { clock_t start; clock_t end; double function_time; struct time_adjust_record time_adjust_flow1 = {"0.0.0.0", 0, "0.0.0.0", 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1}; char * p = NULL; FILE * fp_time_adjust = NULL; FILE * fp_write = NULL; char time_adjust_file[128]; char file_write[256]; char input_file[256]; char buffer[256]; if (argc < 4) { printf("Please enter two parameters: read_file and write_file\n"); return 1; } strcpy(input_file, argv[1]); strcpy(time_adjust_file, argv[2]); strcpy(file_write, argv[3]); if((fp_time_adjust = fopen(time_adjust_file, "r")) == NULL) //open the file to read { fprintf(stderr, "Open time adjust file: %s failed\n", time_adjust_file); exit(1); } memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); p = strtok(buffer, " "); if(p) { strcpy( time_adjust_flow1.src_ip, p); } p = strtok(NULL, " "); if(p) { time_adjust_flow1.src_port = atoi(p); } p = strtok(NULL, " "); if(p) { strcpy( time_adjust_flow1.dest_ip, p); } p = strtok(NULL, " "); if(p) { time_adjust_flow1.dest_port = atoi(p); } //printf("flow: %s:%d %s:%d\n", time_adjust_flow1.src_ip, time_adjust_flow1.src_port, time_adjust_flow1.dest_ip, time_adjust_flow1.dest_port); memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); if( Set_Time_Adjust(buffer, &time_adjust_flow1.first_pkt_sec, &time_adjust_flow1.first_pkt_usec) != 0 ) { printf("line: %d\n", __LINE__); exit(1); } //printf("First packet second: %d, usecond: %d\n", time_adjust_flow1.first_pkt_sec, time_adjust_flow1.first_pkt_usec); memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); if( Set_Time_Adjust(buffer, &time_adjust_flow1.client_inter_sec, &time_adjust_flow1.client_inter_usec) != 0 ) { printf("line: %d\n", __LINE__); exit(1); } //printf("Client packet inter arrival second: %d, usecond: %d\n", time_adjust_flow1.client_inter_sec, time_adjust_flow1.client_inter_usec); memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); if( Set_Time_Adjust(buffer, &time_adjust_flow1.server_inter_sec, &time_adjust_flow1.server_inter_usec) != 0 ) { printf("line: %d\n", __LINE__); exit(1); } //printf("Server packet inter arrival second: %d, usecond: %d\n", time_adjust_flow1.server_inter_sec, time_adjust_flow1.server_inter_usec); memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); if( Set_Time_Adjust(buffer, &time_adjust_flow1.reaction_sec, &time_adjust_flow1.reaction_usec) != 0 ) { printf("line: %d\n", __LINE__); exit(1); } //printf("Client reaction second: %d, usecond: %d\n", time_adjust_flow1.reaction_sec, time_adjust_flow1.reaction_usec); memset(buffer, '\0', sizeof(buffer)); fgets(buffer, sizeof(buffer), fp_time_adjust); if( Set_Time_Adjust(buffer, &time_adjust_flow1.rtt_sec, &time_adjust_flow1.rtt_usec) != 0 ) { printf("line: %d\n", __LINE__); exit(1); } //time_adjust_flow1.rtt_usec = time_adjust_flow1.rtt_sec*1000 + time_adjust_flow1.rtt_usec*1000; //time_adjust_flow1.rtt_sec = time_adjust_flow1.rtt_sec/1000; //printf("Client RTT second: %d, usecond: %d\n", time_adjust_flow1.rtt_sec, time_adjust_flow1.rtt_usec); fclose(fp_time_adjust); if((fp_write=fopen(file_write, "w")) == NULL) //open the file to read { fprintf(stderr, "Open write file: %s failed\n", file_write); exit(1); } libtrace_t *trace = 0; libtrace_out_t *writer = 0; libtrace_packet_t *pkt = trace_create_packet(); // Open traces for reading and writing. trace = trace_create(input_file); if (trace_is_err(trace)) { trace_perror(trace, "trace_create"); trace_destroy(trace); return 1; } if (trace_start(trace) == -1) { trace_perror(trace,"Starting trace"); //libtrace_cleanup(trace, output, packet); return 1; } //char output_file[] = "pcap:ttt.pcap"; //writer = trace_create_output("pcap:testcp"); /*writer = trace_create_output(output_file); if (trace_is_err_output(writer)) { trace_perror_output(writer, "trace_create_output"); trace_destroy_output(writer); trace_destroy(trace); trace_destroy_packet(pkt); return 1; } if (trace_start_output(writer) == -1) { trace_perror_output(writer,"Starting output trace"); //libtrace_cleanup(trace, output, packet); return 1; }*/ int psize = 0; int pkt_count = 0; for (;;) { psize = trace_read_packet(trace, pkt); if (psize == 0) { break; } if (psize < 0) { trace_perror(trace, "read_packet"); break; } //if(pkt_count < 50) { //printf("packet: %d\n", pkt_count); if ((per_packet(pkt, fp_write, &time_adjust_flow1)) == -1) { fprintf(stderr, "Something went wrong in per_packet.\n"); break; } } pkt_count++; } trace_destroy_packet(pkt); trace_destroy(trace); //trace_destroy_output(writer); fclose(fp_write); return 0; }