int main (int argc, char *argv[])
{
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t *dh;
struct bpf_program filter;
char filter_app[] = "ip and tcp";
bpf_u_int32 mask;
bpf_u_int32 net;
struct pcap_pkthdr header;
const u_char *packet;
if (parse_config (argv[0]))
{
printf ("Failed to parse config file, leaving\n");
return -1;
}
if (process_parms (argc,argv))
{
printf ("Bad parameters, leaving\n");
return -1;
}
if (devname==NULL)
{
#ifdef WIN32
printf ("A device number is required. Run with -list to get a list.\n");
#else
printf ("A device name (such as eth0) is required\n");
#endif
exit (-1);
}
if (daemonize && debuglogdir[0]==0)
{
printf ("In daemon mode at least a debug log directory (-dd) must be used\n");
exit (-1);
}
#ifndef WIN32
if (daemonize)
{
switch (go_daemon())
{
case -1:
daemonize=0;
log_debug (0, "Failed to become a daemon!");
exit (-1);
case 1:
// We are the parent. Exit and let the child on its own
exit (0);
case 0:
log_debug (3, "Successfully became a daemon.");
break;
default:
daemonize=0;
log_debug (0, "This is a bug!");
exit (-1);
}
}
#endif
#ifdef WIN32
pcap_if_t *alldevs;
int inum = atoi (devname);
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
int devnum=0;
pcap_if_t *d;
for(d=alldevs; d; d=d->next)
{
devnum++;
printf("%d. %s", devnum, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(devnum==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
if(inum < 1 || inum > devnum)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, devnum=0; devnum< inum-1 ;d=d->next, devnum++) {;}
strcpymalloc ( (u_char **) &devname, (u_char *) d->name);
#endif
log_debug (3, "Getting address and mask for device %s...",devname);
if (pcap_lookupnet(devname, &net, &mask, errbuf)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Opening device...");
#ifdef WIN32
/* At this point, we don't need any more the device list. Free it */
dh = pcap_open (devname, 65535, promisc?PCAP_OPENFLAG_PROMISCUOUS:0, 1000, NULL, errbuf);
pcap_freealldevs(alldevs);
#else
// dh = pcap_open_live (devname, 65535, promisc, 1000, errbuf);
dh = pcap_open_offline(input_file, errbuf);
#endif
if (dh==NULL)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
if (data_offset == -1) /* User didn't force an offset, try to find out */
{
char *dln;
log_debug (3, "Checking datalink type...");
if (get_datalink_info (dh, &dln, &data_offset))
{
log_debug (0, "not supported. Please play with the -offset option (see docs)");
exit (-1);
}
log_debug (3, "OK, %s, offset = %d", dln, data_offset);
}
else
{
log_debug (1, "Using an user defined offset [%d], for datalink type [%d], good luck!",
data_offset, get_datalink_type(dh));
}
log_debug (3, "Compiling filter [%s]...",filter_app);
if (pcap_compile(dh, &filter, filter_app, 0, net)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Setting filter...");
if (pcap_setfilter(dh, &filter)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Entering capture loop...");
if (chatlogdir[0]!=0)
#ifdef WIN32
mkdir (chatlogdir);
#else
mkdir (chatlogdir,0700);
#endif
if (debuglogdir[0]!=0)
#ifdef WIN32
mkdir (debuglogdir);
#else
mkdir (debuglogdir,0700);
#endif
long packet_count = 0;
while (1)
{
packet = pcap_next(dh, &header);
if (packet==NULL)
{
log_debug (5, "No packet received");
continue;
}
process_packet (++packet_count, &header,packet);
}
}
int main (int argc, char *argv[])
{
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t *dh;
struct bpf_program filter;
bpf_u_int32 mask;
bpf_u_int32 net;
struct pcap_pkthdr header;
const u_char *packet;
if (parse_config (argv[0]))
{
printf ("Failed to parse config file, leaving\n");
return -1;
}
if (process_parms (argc,argv))
{
printf ("Bad parameters, leaving\n");
return -1;
}
if (devname==NULL)
{
printf ("A device name (such as eth0) is required\n");
exit (-1);
}
if (daemonize)
{
switch (go_daemon())
{
case -1:
daemonize=0;
log_debug (0, "Failed to become a daemon!");
exit (-1);
case 1:
// We are the parent. Exit and let the child on its own
exit (0);
case 0:
log_debug (3, "Successfully became a daemon.");
break;
default:
daemonize=0;
log_debug (0, "This is a bug!");
exit (-1);
}
}
else strcpy (debuglogdir,"");
log_debug (3, "Getting address and mask for device %s...",devname);
if (pcap_lookupnet(devname, &net, &mask, errbuf)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Opening device...");
dh = pcap_open_live (devname, 65535, promisc, 1000, errbuf);
if (dh==NULL)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
if (data_offset == -1) /* User didn't force an offset, try to find out */
{
char *dln;
log_debug (3, "Checking datalink type...");
if (get_datalink_info (dh, &dln, &data_offset))
{
log_debug (0, "not supported. Please play with the -offset option (see docs)");
exit (-1);
}
log_debug (3, "OK, %s, offset = %d", dln, data_offset);
}
else
{
log_debug (1, "Using an user defined offset [%d], for datalink type [%d], good luck!",
data_offset, get_datalink_type(dh));
}
log_debug (3, "Compiling filter [%s]...",filter_app);
if (pcap_compile(dh, &filter, filter_app, 0, net)==-1)
{
log_debug (0, "error: Couldn't parse filter %s", filter_app);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Setting filter...");
if (pcap_setfilter(dh, &filter)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Entering capture loop...");
if (chatlogdir[0]!=0) mkdir (chatlogdir,0700);
if (debuglogdir[0]!=0) mkdir (debuglogdir,0700);
long packet_count = 0;
while (1)
{
packet = pcap_next(dh, &header);
if (packet==NULL)
{
log_debug (5, "No packet received");
continue;
}
process_packet (++packet_count, &header,packet);
}
}
