DWORD request_sniffer_capture_dump(Remote *remote, Packet *packet) { Packet *response = packet_create_response(packet); unsigned int ifid; unsigned int rbuf,mbuf; unsigned int *tmp; CaptureJob *j; DWORD result,pcnt,bcnt,rcnt,i; DWORD thi, tlo; check_pssdk(); dprintf("sniffer>> capture_dump()"); ifid = packet_get_tlv_value_uint(packet,TLV_TYPE_SNIFFER_INTERFACE_ID); dprintf("sniffer>> capture_dump(0x%.8x)", ifid); result = ERROR_SUCCESS; EnterCriticalSection(&sniffercs); do { // the interface is invalid if(ifid == 0 || ifid >= SNIFFER_MAX_INTERFACES) { result = ERROR_INVALID_PARAMETER; break; } j = &open_captures[ifid]; // the interface was not captured if(! j->adp) { result = ERROR_INVALID_PARAMETER; break; } // Free any existing packet buffer if(j->dbuf) { free(j->dbuf); j->dbuf = NULL; j->dlen = 0; j->didx = 0; } // Add basic stats pcnt = 0; bcnt = 0; rcnt = 0; mbuf = (1024*1024); j->dbuf = malloc(mbuf); rbuf = 0; for(i=0; i<j->max_pkts; i++) { if(!j->pkts[i]) break; rbuf += (8 + 8 + 4 + PktGetPacketSize(j->pkts[i])); if(mbuf < rbuf) { mbuf += (1024*1024); j->dbuf = realloc(j->dbuf, mbuf); if(!j->dbuf) { dprintf("sniffer>> realloc of %d bytes failed!", rbuf); result = ERROR_NOT_ENOUGH_MEMORY; break; } } tmp = (unsigned int *)( j->dbuf + rcnt ); tlo = PktGetId(j->pkts[i], &thi); *tmp = htonl(thi); tmp++; *tmp = htonl(tlo); tmp++; tlo = PktGetTimeStamp(j->pkts[i], &thi); *tmp = htonl(thi); tmp++; *tmp = htonl(tlo); tmp++; tlo = PktGetPacketSize(j->pkts[i]); *tmp = htonl(tlo); tmp++; memcpy(j->dbuf+rcnt+20, PktGetPacketData(j->pkts[i]), tlo); rcnt += 20 + tlo; pcnt++; PktDestroy(j->pkts[i]); j->pkts[i] = NULL; } j->dlen = rcnt; packet_add_tlv_uint(response, TLV_TYPE_SNIFFER_PACKET_COUNT, pcnt); packet_add_tlv_uint(response, TLV_TYPE_SNIFFER_BYTE_COUNT, rcnt); dprintf("sniffer>> finished processing packets"); j->cur_bytes = 0; j->cur_pkts = 0; j->idx_pkts = 0; } while(0); LeaveCriticalSection(&sniffercs); packet_transmit_response(result, remote, response); return ERROR_SUCCESS; }
DWORD request_sniffer_capture_dump(Remote *remote, Packet *packet) { Packet *response = packet_create_response(packet); unsigned int ifid; unsigned int rbuf, mbuf; unsigned int *tmp; CaptureJob *j; DWORD result, pcnt, rcnt, i; #ifdef _WIN64 ULONGLONG thilo; #endif DWORD thi, tlo; check_pssdk(); dprintf("sniffer>> capture_dump()"); ifid = packet_get_tlv_value_uint(packet, TLV_TYPE_SNIFFER_INTERFACE_ID); dprintf("sniffer>> capture_dump(0x%.8x)", ifid); result = ERROR_SUCCESS; lock_acquire(snifferm); do { // the interface is invalid if (ifid == 0 || ifid >= SNIFFER_MAX_INTERFACES) { result = ERROR_INVALID_PARAMETER; break; } j = &open_captures[ifid]; // the interface was not captured #ifdef _WIN32 if (!j->adp) #else if(! j->pcap) #endif { result = ERROR_INVALID_PARAMETER; break; } // Free any existing packet buffer if (j->dbuf) { free(j->dbuf); j->dbuf = NULL; j->dlen = 0; j->didx = 0; } // Add basic stats pcnt = 0; rcnt = 0; mbuf = (1024 * 1024); j->dbuf = malloc(mbuf); rbuf = 0; for (i = 0; i < j->max_pkts; i++) { if (!j->pkts[i]) break; rbuf += (8 + 8 + 4 + PktGetPacketSize(j->pkts[i])); if (mbuf < rbuf) { mbuf += (1024 * 1024); j->dbuf = realloc(j->dbuf, mbuf); if (!j->dbuf) { dprintf("sniffer>> realloc of %d bytes failed!", rbuf); result = ERROR_NOT_ENOUGH_MEMORY; break; } } tmp = (unsigned int *)(j->dbuf + rcnt); #ifdef _WIN64 thilo = PktGetId(j->pkts[i]); thi = (DWORD)(thilo >> 32); tlo = (DWORD)(thilo & 0xFFFFFFFF); #else tlo = PktGetId(j->pkts[i], &thi); #endif *tmp = htonl(thi); tmp++; *tmp = htonl(tlo); tmp++; #ifdef _WIN64 thilo = PktGetTimeStamp(j->pkts[i]); thi = (DWORD)(thilo >> 32); tlo = (DWORD)(thilo & 0xFFFFFFFF); #else tlo = PktGetTimeStamp(j->pkts[i], &thi); #endif *tmp = htonl(thi); tmp++; *tmp = htonl(tlo); tmp++; tlo = PktGetPacketSize(j->pkts[i]); *tmp = htonl(tlo); tmp++; memcpy(j->dbuf + rcnt + 20, PktGetPacketData(j->pkts[i]), tlo); rcnt += 20 + tlo; pcnt++; PktDestroy(j->pkts[i]); j->pkts[i] = NULL; } j->dlen = rcnt; packet_add_tlv_uint(response, TLV_TYPE_SNIFFER_PACKET_COUNT, pcnt); packet_add_tlv_uint(response, TLV_TYPE_SNIFFER_BYTE_COUNT, rcnt); // add capture datalink, needed when saving capture file, use TLV_TYPE_SNIFFER_INTERFACE_ID not to create a new TLV type packet_add_tlv_uint(response, TLV_TYPE_SNIFFER_INTERFACE_ID, j->capture_linktype); dprintf("sniffer>> finished processing packets"); j->cur_bytes = 0; j->cur_pkts = 0; j->idx_pkts = 0; } while (0); lock_release(snifferm); packet_transmit_response(result, remote, response); return ERROR_SUCCESS; }