ImportTextDialog::ImportTextDialog(QWidget *parent) :
QDialog(parent),
ti_ui_(new Ui::ImportTextDialog),
import_info_()
{
int encap;
int i;
ti_ui_->setupUi(this);
memset(&import_info_, 0, sizeof(import_info_));
ok_button_ = ti_ui_->buttonBox->button(QDialogButtonBox::Ok);
ok_button_->setEnabled(false);
#ifdef Q_OS_MAC
// The grid layout squishes each line edit otherwise.
int le_height = ti_ui_->textFileLineEdit->sizeHint().height();
ti_ui_->ethertypeLineEdit->setMinimumHeight(le_height);
ti_ui_->protocolLineEdit->setMinimumHeight(le_height);
ti_ui_->sourcePortLineEdit->setMinimumHeight(le_height);
ti_ui_->destinationPortLineEdit->setMinimumHeight(le_height);
ti_ui_->tagLineEdit->setMinimumHeight(le_height);
ti_ui_->ppiLineEdit->setMinimumHeight(le_height);
#endif
on_dateTimeLineEdit_textChanged(ti_ui_->dateTimeLineEdit->text());
for (i = 0; i < ti_ui_->headerGridLayout->count(); i++) {
QRadioButton *rb = qobject_cast<QRadioButton *>(ti_ui_->headerGridLayout->itemAt(i)->widget());
if (rb) encap_buttons_.append(rb);
}
/* Scan all Wiretap encapsulation types */
import_info_.encapsulation = WTAP_ENCAP_ETHERNET;
for (encap = import_info_.encapsulation; encap < wtap_get_num_encap_types(); encap++)
{
/* Check if we can write to a PCAP file
*
* Exclude wtap encapsulations that require a pseudo header,
* because we won't setup one from the text we import and
* wiretap doesn't allow us to write 'raw' frames
*/
if ((wtap_wtap_encap_to_pcap_encap(encap) > 0) && !wtap_encap_requires_phdr(encap)) {
const char *name;
/* If it has got a name */
if ((name = wtap_encap_string(encap)))
{
ti_ui_->encapComboBox->addItem(name, QVariant(encap));
}
}
}
ti_ui_->encapComboBox->model()->sort(0);
}
static void
list_encap_types(void) {
int i;
struct string_elem *encaps;
GSList *list = NULL;
encaps = g_malloc(sizeof(struct string_elem) * WTAP_NUM_ENCAP_TYPES);
fprintf(stderr, "editcap: The available encapsulation types for the \"-T\" flag are:\n");
for (i = 0; i < WTAP_NUM_ENCAP_TYPES; i++) {
encaps[i].sstr = wtap_encap_short_string(i);
if (encaps[i].sstr != NULL) {
encaps[i].lstr = wtap_encap_string(i);
list = g_slist_insert_sorted(list, &encaps[i], string_compare);
}
}
g_slist_foreach(list, string_elem_print, NULL);
g_slist_free(list);
g_free(encaps);
}
if (summary.iscompressed) {
format_str.append(tr(" (gzip compressed)"));
}
out << table_row_begin
<< table_vheader_tmpl.arg(tr("Format"))
<< table_data_tmpl.arg(format_str)
<< table_row_end;
QString encaps_str;
if (summary.file_encap_type == WTAP_ENCAP_PER_PACKET) {
for (guint i = 0; i < summary.packet_encap_types->len; i++)
{
encaps_str = QString(wtap_encap_string(g_array_index(summary.packet_encap_types, int, i)));
}
} else {
encaps_str = QString(wtap_encap_string(summary.file_encap_type));
}
out << table_row_begin
<< table_vheader_tmpl.arg(tr("Encapsulation"))
<< table_data_tmpl.arg(encaps_str)
<< table_row_end;
out << table_end;
// Time Section
if (summary.packet_count_ts == summary.packet_count &&
summary.packet_count >= 1)
{
out << section_tmpl.arg(tr("Time"));
out << table_begin;
static void
print_stats(const gchar *filename, capture_info *cf_info)
{
const gchar *file_type_string, *file_encap_string;
gchar *size_string;
/* Build printable strings for various stats */
file_type_string = wtap_file_type_subtype_string(cf_info->file_type);
file_encap_string = wtap_encap_string(cf_info->file_encap);
if (filename) printf ("File name: %s\n", filename);
if (cap_file_type) printf ("File type: %s%s\n",
file_type_string,
cf_info->iscompressed ? " (gzip compressed)" : "");
if (cap_file_encap) {
printf ("File encapsulation: %s\n", file_encap_string);
if (cf_info->file_encap == WTAP_ENCAP_PER_PACKET) {
int i;
printf ("Encapsulation in use by packets (# of pkts):\n");
for (i=0; i<WTAP_NUM_ENCAP_TYPES; i++) {
if (cf_info->encap_counts[i] > 0)
printf(" %s (%d)\n",
wtap_encap_string(i), cf_info->encap_counts[i]);
}
}
}
if (cap_file_more_info) {
printf ("File timestamp precision: %s (%d)\n",
wtap_tsprec_string(cf_info->file_tsprec), cf_info->file_tsprec);
}
if (cap_snaplen && cf_info->snap_set)
printf ("Packet size limit: file hdr: %u bytes\n", cf_info->snaplen);
else if (cap_snaplen && !cf_info->snap_set)
printf ("Packet size limit: file hdr: (not set)\n");
if (cf_info->snaplen_max_inferred > 0) {
if (cf_info->snaplen_min_inferred == cf_info->snaplen_max_inferred)
printf ("Packet size limit: inferred: %u bytes\n", cf_info->snaplen_min_inferred);
else
printf ("Packet size limit: inferred: %u bytes - %u bytes (range)\n",
cf_info->snaplen_min_inferred, cf_info->snaplen_max_inferred);
}
if (cap_packet_count) {
printf ("Number of packets: ");
if (machine_readable) {
printf ("%u\n", cf_info->packet_count);
} else {
size_string = format_size(cf_info->packet_count, format_size_unit_none);
printf ("%s\n", size_string);
g_free(size_string);
}
}
if (cap_file_size) {
printf ("File size: ");
if (machine_readable) {
printf ("%" G_GINT64_MODIFIER "d bytes\n", cf_info->filesize);
} else {
size_string = format_size(cf_info->filesize, format_size_unit_bytes);
printf ("%s\n", size_string);
g_free(size_string);
}
}
if (cap_data_size) {
printf ("Data size: ");
if (machine_readable) {
printf ("%" G_GINT64_MODIFIER "u bytes\n", cf_info->packet_bytes);
} else {
size_string = format_size(cf_info->packet_bytes, format_size_unit_bytes);
printf ("%s\n", size_string);
g_free(size_string);
}
}
if (cf_info->times_known) {
if (cap_duration) /* XXX - shorten to hh:mm:ss */
printf("Capture duration: %s\n", relative_time_string(&cf_info->duration, cf_info->duration_tsprec, cf_info, TRUE));
if (cap_start_time)
printf("First packet time: %s\n", absolute_time_string(&cf_info->start_time, cf_info->start_time_tsprec, cf_info));
if (cap_end_time)
printf("Last packet time: %s\n", absolute_time_string(&cf_info->stop_time, cf_info->stop_time_tsprec, cf_info));
if (cap_data_rate_byte) {
printf("Data byte rate: ");
if (machine_readable) {
print_value("", 2, " bytes/sec", cf_info->data_rate);
} else {
size_string = format_size((gint64)cf_info->data_rate, format_size_unit_bytes_s);
printf ("%s\n", size_string);
g_free(size_string);
}
}
if (cap_data_rate_bit) {
printf("Data bit rate: ");
if (machine_readable) {
print_value("", 2, " bits/sec", cf_info->data_rate*8);
} else {
size_string = format_size((gint64)(cf_info->data_rate*8), format_size_unit_bits_s);
printf ("%s\n", size_string);
g_free(size_string);
}
}
}
if (cap_packet_size) printf("Average packet size: %.2f bytes\n", cf_info->packet_size);
if (cf_info->times_known) {
if (cap_packet_rate) {
printf("Average packet rate: ");
if (machine_readable) {
print_value("", 2, " packets/sec", cf_info->packet_rate);
} else {
size_string = format_size((gint64)cf_info->packet_rate, format_size_unit_packets_s);
printf ("%s\n", size_string);
g_free(size_string);
}
}
}
#ifdef HAVE_LIBGCRYPT
if (cap_file_hashes) {
printf ("SHA1: %s\n", file_sha1);
printf ("RIPEMD160: %s\n", file_rmd160);
printf ("MD5: %s\n", file_md5);
}
#endif /* HAVE_LIBGCRYPT */
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
if (cap_comment && cf_info->comment)
printf ("Capture comment: %s\n", cf_info->comment);
if (cap_file_more_info) {
if (cf_info->hardware)
printf ("Capture hardware: %s\n", cf_info->hardware);
if (cf_info->os)
printf ("Capture oper-sys: %s\n", cf_info->os);
if (cf_info->usr_appl)
printf ("Capture application: %s\n", cf_info->usr_appl);
}
if (cap_file_idb && cf_info->num_interfaces != 0) {
guint i;
g_assert(cf_info->num_interfaces == cf_info->idb_info_strings->len);
printf ("Number of interfaces in file: %u\n", cf_info->num_interfaces);
for (i = 0; i < cf_info->idb_info_strings->len; i++) {
gchar *s = g_array_index(cf_info->idb_info_strings, gchar*, i);
printf ("Interface #%u info:\n", i);
printf ("%s", s);
printf (" Number of packets = %u\n", cf_info->interface_ids[i]);
}
}
int
main(int argc, char *argv[])
{
int opt;
gboolean do_append = FALSE;
gboolean verbose = FALSE;
int in_file_count = 0;
guint snaplen = 0;
#ifdef PCAP_NG_DEFAULT
int file_type = WTAP_FILE_PCAPNG; /* default to pcap format */
#else
int file_type = WTAP_FILE_PCAP; /* default to pcapng format */
#endif
int frame_type = -2;
int out_fd;
merge_in_file_t *in_files = NULL, *in_file;
int i;
struct wtap_pkthdr *phdr, snap_phdr;
wtap_dumper *pdh;
int open_err, read_err = 0, write_err, close_err;
gchar *err_info;
int err_fileno;
char *out_filename = NULL;
gboolean got_read_error = FALSE, got_write_error = FALSE;
int count;
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
/* Process the options first */
while ((opt = getopt(argc, argv, "aF:hs:T:vw:")) != -1) {
switch (opt) {
case 'a':
do_append = !do_append;
break;
case 'F':
file_type = wtap_short_string_to_file_type(optarg);
if (file_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid capture file type\n",
optarg);
list_capture_types();
exit(1);
}
break;
case 'h':
usage();
exit(0);
break;
case 's':
snaplen = get_positive_int(optarg, "snapshot length");
break;
case 'T':
frame_type = wtap_short_string_to_encap(optarg);
if (frame_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid encapsulation type\n",
optarg);
list_encap_types();
exit(1);
}
break;
case 'v':
verbose = TRUE;
break;
case 'w':
out_filename = optarg;
break;
case '?': /* Bad options if GNU getopt */
switch(optopt) {
case'F':
list_capture_types();
break;
case'T':
list_encap_types();
break;
default:
usage();
}
exit(1);
break;
}
}
/* check for proper args; at a minimum, must have an output
* filename and one input file
*/
in_file_count = argc - optind;
if (!out_filename) {
fprintf(stderr, "mergecap: an output filename must be set with -w\n");
fprintf(stderr, " run with -h for help\n");
return 1;
}
if (in_file_count < 1) {
fprintf(stderr, "mergecap: No input files were specified\n");
return 1;
}
/* open the input files */
if (!merge_open_in_files(in_file_count, &argv[optind], &in_files,
&open_err, &err_info, &err_fileno)) {
fprintf(stderr, "mergecap: Can't open %s: %s\n", argv[optind + err_fileno],
wtap_strerror(open_err));
switch (open_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
return 2;
}
if (verbose) {
for (i = 0; i < in_file_count; i++)
fprintf(stderr, "mergecap: %s is type %s.\n", argv[optind + i],
wtap_file_type_string(wtap_file_type(in_files[i].wth)));
}
if (snaplen == 0) {
/*
* Snapshot length not specified - default to the maximum of the
* snapshot lengths of the input files.
*/
snaplen = merge_max_snapshot_length(in_file_count, in_files);
}
/* set the outfile frame type */
if (frame_type == -2) {
/*
* Default to the appropriate frame type for the input files.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
if (verbose) {
if (frame_type == WTAP_ENCAP_PER_PACKET) {
/*
* Find out why we had to choose WTAP_ENCAP_PER_PACKET.
*/
int first_frame_type, this_frame_type;
first_frame_type = wtap_file_encap(in_files[0].wth);
for (i = 1; i < in_file_count; i++) {
this_frame_type = wtap_file_encap(in_files[i].wth);
if (first_frame_type != this_frame_type) {
fprintf(stderr, "mergecap: multiple frame encapsulation types detected\n");
fprintf(stderr, " defaulting to WTAP_ENCAP_PER_PACKET\n");
fprintf(stderr, " %s had type %s (%s)\n",
in_files[0].filename,
wtap_encap_string(first_frame_type),
wtap_encap_short_string(first_frame_type));
fprintf(stderr, " %s had type %s (%s)\n",
in_files[i].filename,
wtap_encap_string(this_frame_type),
wtap_encap_short_string(this_frame_type));
break;
}
}
}
fprintf(stderr, "mergecap: selected frame_type %s (%s)\n",
wtap_encap_string(frame_type),
wtap_encap_short_string(frame_type));
}
}
/* open the outfile */
if (strncmp(out_filename, "-", 2) == 0) {
/* use stdout as the outfile */
out_fd = 1 /*stdout*/;
} else {
/* open the outfile */
out_fd = ws_open(out_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (out_fd == -1) {
fprintf(stderr, "mergecap: Couldn't open output file %s: %s\n",
out_filename, g_strerror(errno));
exit(1);
}
}
/* prepare the outfile */
if(file_type == WTAP_FILE_PCAPNG ){
wtapng_section_t *shb_hdr;
GString *comment_gstr;
shb_hdr = g_new(wtapng_section_t,1);
comment_gstr = g_string_new("File created by merging: \n");
for (i = 0; i < in_file_count; i++) {
g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename);
}
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = comment_gstr->str; /* NULL if not available */
shb_hdr->shb_hardware = NULL; /* NULL if not available, UTF-8 string containing the description of the hardware used to create this section. */
shb_hdr->shb_os = NULL; /* NULL if not available, UTF-8 string containing the name of the operating system used to create this section. */
shb_hdr->shb_user_appl = "mergecap"; /* NULL if not available, UTF-8 string containing the name of the application used to create this section. */
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdr, NULL /* wtapng_iface_descriptions_t *idb_inf */, &open_err);
g_string_free(comment_gstr, TRUE);
} else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, &open_err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
fprintf(stderr, "mergecap: Can't open or create %s: %s\n", out_filename,
wtap_strerror(open_err));
exit(1);
}
/* do the merge (or append) */
count = 1;
for (;;) {
if (do_append)
in_file = merge_append_read_packet(in_file_count, in_files, &read_err,
&err_info);
else
in_file = merge_read_packet(in_file_count, in_files, &read_err,
&err_info);
if (in_file == NULL) {
/* EOF */
break;
}
if (read_err != 0) {
/* I/O error reading from in_file */
got_read_error = TRUE;
break;
}
if (verbose)
fprintf(stderr, "Record: %u\n", count++);
/* We simply write it, perhaps after truncating it; we could do other
* things, like modify it. */
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), &write_err)) {
got_write_error = TRUE;
break;
}
}
merge_close_in_files(in_file_count, in_files);
if (!got_read_error && !got_write_error) {
if (!wtap_dump_close(pdh, &write_err))
got_write_error = TRUE;
} else
wtap_dump_close(pdh, &close_err);
if (got_read_error) {
/*
* Find the file on which we got the error, and report the error.
*/
for (i = 0; i < in_file_count; i++) {
if (in_files[i].state == GOT_ERROR) {
fprintf(stderr, "mergecap: Error reading %s: %s\n",
in_files[i].filename, wtap_strerror(read_err));
switch (read_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
}
}
}
if (got_write_error) {
switch (write_err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
/*
* This is a problem with the particular frame we're writing;
* note that, and give the frame number.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" has a network type that can't be saved in a file with that format\n.",
in_file->packet_num, in_file->filename);
break;
default:
fprintf(stderr, "mergecap: Error writing to outfile: %s\n",
wtap_strerror(write_err));
break;
}
}
g_free(in_files);
return (!got_read_error && !got_write_error) ? 0 : 2;
}
static void
print_stats_table(const gchar *filename, capture_info *cf_info)
{
const gchar *file_type_string, *file_encap_string;
time_t start_time_t;
time_t stop_time_t;
/* Build printable strings for various stats */
file_type_string = wtap_file_type_string(cf_info->file_type);
file_encap_string = wtap_encap_string(cf_info->file_encap);
start_time_t = (time_t)cf_info->start_time;
stop_time_t = (time_t)cf_info->stop_time;
if (filename) {
putquote();
printf("%s", filename);
putquote();
}
if (cap_file_type) {
putsep();
putquote();
printf("%s", file_type_string);
putquote();
}
/* ToDo: If WTAP_ENCAP_PER_PACKET, show the list of encapsulations encountered;
* Output a line for each different encap with all fields repeated except
* the encapsulation field which has "Per Packet: ..." for each
* encapsulation type seen ?
*/
if (cap_file_encap) {
putsep();
putquote();
printf("%s", file_encap_string);
putquote();
}
if (cap_snaplen) {
putsep();
putquote();
if(cf_info->snap_set)
printf("%u", cf_info->snaplen);
else
printf("(not set)");
putquote();
if (cf_info->snaplen_max_inferred > 0) {
putsep();
putquote();
printf("%u", cf_info->snaplen_min_inferred);
putquote();
putsep();
putquote();
printf("%u", cf_info->snaplen_max_inferred);
putquote();
}
else {
putsep();
putquote();
printf("n/a");
putquote();
putsep();
putquote();
printf("n/a");
putquote();
}
}
if (cap_packet_count) {
putsep();
putquote();
printf("%u", cf_info->packet_count);
putquote();
}
if (cap_file_size) {
putsep();
putquote();
printf("%" G_GINT64_MODIFIER "d", cf_info->filesize);
putquote();
}
if (cap_data_size) {
putsep();
putquote();
printf("%" G_GINT64_MODIFIER "u", cf_info->packet_bytes);
putquote();
}
if (cap_duration) {
putsep();
putquote();
if (cf_info->times_known)
printf("%f", cf_info->duration);
else
printf("n/a");
putquote();
}
if (cap_start_time) {
putsep();
putquote();
printf("%s", time_string(start_time_t, cf_info, FALSE));
putquote();
}
if (cap_end_time) {
putsep();
putquote();
printf("%s", time_string(stop_time_t, cf_info, FALSE));
putquote();
}
if (cap_data_rate_byte) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->data_rate);
else
printf("n/a");
putquote();
}
if (cap_data_rate_bit) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->data_rate*8);
else
printf("n/a");
putquote();
}
if (cap_packet_size) {
putsep();
putquote();
printf("%.2f", cf_info->packet_size);
putquote();
}
if (cap_packet_rate) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->packet_rate);
else
printf("n/a");
putquote();
}
#ifdef HAVE_LIBGCRYPT
if (cap_file_hashes) {
putsep();
putquote();
printf("%s", file_sha1);
putquote();
putsep();
putquote();
printf("%s", file_rmd160);
putquote();
putsep();
putquote();
printf("%s", file_md5);
putquote();
}
#endif /* HAVE_LIBGCRYPT */
if (cap_order) {
putsep();
putquote();
printf("%s", order_string(cf_info->order));
putquote();
}
printf("\n");
}
static void
print_stats(const gchar *filename, capture_info *cf_info)
{
const gchar *file_type_string, *file_encap_string;
time_t start_time_t;
time_t stop_time_t;
/* Build printable strings for various stats */
file_type_string = wtap_file_type_string(cf_info->file_type);
file_encap_string = wtap_encap_string(cf_info->file_encap);
start_time_t = (time_t)cf_info->start_time;
stop_time_t = (time_t)cf_info->stop_time;
if (filename) printf ("File name: %s\n", filename);
if (cap_file_type) printf ("File type: %s%s\n",
file_type_string,
cf_info->iscompressed ? " (gzip compressed)" : "");
if (cap_file_encap) printf ("File encapsulation: %s\n", file_encap_string);
if (cap_file_encap && (cf_info->file_encap == WTAP_ENCAP_PER_PACKET)) {
int i;
for (i=0; i<WTAP_NUM_ENCAP_TYPES; i++) {
if (cf_info->encap_counts[i] > 0)
printf(" %s\n", wtap_encap_string(i));
}
}
if (cap_snaplen && cf_info->snap_set)
printf ("Packet size limit: file hdr: %u bytes\n", cf_info->snaplen);
else if(cap_snaplen && !cf_info->snap_set)
printf ("Packet size limit: file hdr: (not set)\n");
if (cf_info->snaplen_max_inferred > 0) {
if (cf_info->snaplen_min_inferred == cf_info->snaplen_max_inferred)
printf ("Packet size limit: inferred: %u bytes\n", cf_info->snaplen_min_inferred);
else
printf ("Packet size limit: inferred: %u bytes - %u bytes (range)\n",
cf_info->snaplen_min_inferred, cf_info->snaplen_max_inferred);
}
if (cap_packet_count) printf ("Number of packets: %u\n", cf_info->packet_count);
if (cap_file_size) printf ("File size: %" G_GINT64_MODIFIER "d bytes\n", cf_info->filesize);
if (cap_data_size) printf ("Data size: %" G_GINT64_MODIFIER "u bytes\n", cf_info->packet_bytes);
if (cf_info->times_known) {
if (cap_duration)
print_value("Capture duration: ", 0, " seconds", cf_info->duration);
if (cap_start_time)
printf ("Start time: %s", time_string(start_time_t, cf_info, TRUE));
if (cap_end_time)
printf ("End time: %s", time_string(stop_time_t, cf_info, TRUE));
if (cap_data_rate_byte)
print_value("Data byte rate: ", 2, " bytes/sec", cf_info->data_rate);
if (cap_data_rate_bit)
print_value("Data bit rate: ", 2, " bits/sec", cf_info->data_rate*8);
}
if (cap_packet_size) printf ("Average packet size: %.2f bytes\n", cf_info->packet_size);
if (cf_info->times_known) {
if (cap_packet_rate)
print_value("Average packet rate: ", 2, " packets/sec", cf_info->packet_rate);
}
#ifdef HAVE_LIBGCRYPT
if (cap_file_hashes) {
printf ("SHA1: %s\n", file_sha1);
printf ("RIPEMD160: %s\n", file_rmd160);
printf ("MD5: %s\n", file_md5);
}
#endif /* HAVE_LIBGCRYPT */
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
}
add_string_to_table(table, &row, "File", "");
/* filename */
g_snprintf(string_buff, SUM_STR_MAX, "%s", summary.filename);
add_string_to_table(table, &row, "Name:", string_buff);
/* length */
g_snprintf(string_buff, SUM_STR_MAX, "%" G_GINT64_MODIFIER "d bytes", summary.file_length);
add_string_to_table(table, &row, "Length:", string_buff);
/* format */
g_snprintf(string_buff, SUM_STR_MAX, "%s", wtap_file_type_string(summary.file_type));
add_string_to_table(table, &row, "Format:", string_buff);
/* encapsulation */
g_snprintf(string_buff, SUM_STR_MAX, "%s", wtap_encap_string(summary.encap_type));
add_string_to_table(table, &row, "Encapsulation:", string_buff);
if (summary.has_snap) {
/* snapshot length */
g_snprintf(string_buff, SUM_STR_MAX, "%u bytes", summary.snap);
add_string_to_table(table, &row, "Packet size limit:", string_buff);
}
/* Time */
add_string_to_table(table, &row, "", "");
add_string_to_table(table, &row, "Time", "");
/* start time */
ti_time = (time_t)summary.start_time;
void
proto_register_frame(void)
{
static hf_register_info hf[] = {
{ &hf_frame_arrival_time,
{ "Arrival Time", "frame.time",
FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
"Absolute time when this frame was captured", HFILL }},
{ &hf_frame_shift_offset,
{ "Time shift for this packet", "frame.offset_shift",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time shift applied to this packet", HFILL }},
{ &hf_frame_arrival_time_epoch,
{ "Epoch Time", "frame.time_epoch",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Epoch time when this frame was captured", HFILL }},
{ &hf_frame_time_delta,
{ "Time delta from previous captured frame", "frame.time_delta",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_delta_displayed,
{ "Time delta from previous displayed frame", "frame.time_delta_displayed",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_relative,
{ "Time since reference or first frame", "frame.time_relative",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time relative to time reference or first frame", HFILL }},
{ &hf_frame_time_reference,
{ "This is a Time Reference frame", "frame.ref_time",
FT_NONE, BASE_NONE, NULL, 0x0,
"This frame is a Time Reference frame", HFILL }},
{ &hf_frame_number,
{ "Frame Number", "frame.number",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_len,
{ "Frame length on the wire", "frame.len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_capture_len,
{ "Frame length stored into the capture file", "frame.cap_len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_md5_hash,
{ "Frame MD5 Hash", "frame.md5_hash",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_p2p_dir,
{ "Point-to-Point Direction", "frame.p2p_dir",
FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
NULL, HFILL }},
{ &hf_link_number,
{ "Link Number", "frame.link_nr",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_file_off,
{ "File Offset", "frame.file_off",
FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_marked,
{ "Frame is marked", "frame.marked",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is marked in the GUI", HFILL }},
{ &hf_frame_ignored,
{ "Frame is ignored", "frame.ignored",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is ignored by the dissectors", HFILL }},
{ &hf_frame_protocols,
{ "Protocols in frame", "frame.protocols",
FT_STRING, BASE_NONE, NULL, 0x0,
"Protocols carried by this frame", HFILL }},
{ &hf_frame_color_filter_name,
{ "Coloring Rule Name", "frame.coloring_rule.name",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched the coloring rule with this name", HFILL }},
{ &hf_frame_color_filter_text,
{ "Coloring Rule String", "frame.coloring_rule.string",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched this coloring rule string", HFILL }},
{ &hf_frame_interface_id,
{ "Interface id", "frame.interface_id",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_pack_flags,
{ "Packet flags", "frame.packet_flags",
FT_UINT32, BASE_HEX, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_pack_direction,
{ "Direction", "frame.packet_flags_direction",
FT_UINT32, BASE_HEX, VALS(packet_word_directions), PACKET_WORD_DIRECTION_MASK,
NULL, HFILL }},
{ &hf_frame_pack_reception_type,
{ "Reception type", "frame.packet_flags_reception_type",
FT_UINT32, BASE_DEC, VALS(packet_word_reception_types), PACKET_WORD_RECEPTION_TYPE_MASK,
NULL, HFILL }},
{ &hf_frame_pack_fcs_length,
{ "FCS length", "frame.packet_flags_fcs_length",
FT_UINT32, BASE_DEC, NULL, PACKET_WORD_FCS_LENGTH_MASK,
NULL, HFILL }},
{ &hf_frame_pack_reserved,
{ "Reserved", "frame.packet_flags_reserved",
FT_UINT32, BASE_DEC, NULL, PACKET_WORD_RESERVED_MASK,
NULL, HFILL }},
{ &hf_frame_pack_crc_error,
{ "CRC error", "frame.packet_flags_crc_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_CRC_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_packet_too_long_error,
{ "Packet too long error", "frame.packet_flags_packet_too_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_LONG_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_packet_too_short_error,
{ "Packet too short error", "frame.packet_flags_packet_too_short_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PACKET_TOO_SHORT_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_wrong_inter_frame_gap_error,
{ "Wrong interframe gap error", "frame.packet_flags_wrong_inter_frame_gap_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_WRONG_INTER_FRAME_GAP_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_unaligned_frame_error,
{ "Unaligned frame error", "frame.packet_flags_unaligned_frame_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_UNALIGNED_FRAME_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_start_frame_delimiter_error,
{ "Start frame delimiter error", "frame.packet_flags_start_frame_delimiter_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_START_FRAME_DELIMITER_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_preamble_error,
{ "Preamble error", "frame.packet_flags_preamble_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_PREAMBLE_ERR_MASK,
NULL, HFILL }},
{ &hf_frame_pack_symbol_error,
{ "Symbol error", "frame.packet_flags_symbol_error",
FT_BOOLEAN, 32, TFS(&tfs_set_notset), PACKET_WORD_SYMBOL_ERR_MASK,
NULL, HFILL }},
{ &hf_comments_text,
{ "Comment", "frame.comment",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
};
static hf_register_info hf_encap =
{ &hf_frame_wtap_encap,
{ "Encapsulation type", "frame.encap_type",
FT_INT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }};
static gint *ett[] = {
&ett_frame,
&ett_flags,
&ett_comments
};
static ei_register_info ei[] = {
{ &ei_comments_text, { "frame.comment.expert", PI_COMMENTS_GROUP, PI_COMMENT, "Formatted comment", EXPFILL }},
{ &ei_arrive_time_out_of_range, { "frame.time_invalid", PI_SEQUENCE, PI_NOTE, "Arrival Time: Fractional second out of range (0-1000000000)", EXPFILL }},
};
module_t *frame_module;
expert_module_t* expert_frame;
if (hf_encap.hfinfo.strings == NULL) {
int encap_count = wtap_get_num_encap_types();
value_string *arr;
int i;
hf_encap.hfinfo.strings = arr = g_new(value_string, encap_count+1);
for (i = 0; i < encap_count; i++) {
arr[i].value = i;
arr[i].strptr = wtap_encap_string(i);
}
arr[encap_count].value = 0;
arr[encap_count].strptr = NULL;
}
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
wtap_fts_rec_dissector_table = register_dissector_table("wtap_fts_rec",
"Wiretap file type for file-type-specific records", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
proto_register_field_array(proto_frame, hf, array_length(hf));
proto_register_field_array(proto_frame, &hf_encap, 1);
proto_register_subtree_array(ett, array_length(ett));
expert_frame = expert_register_protocol(proto_frame);
expert_register_field_array(expert_frame, ei, array_length(ei));
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
/* Our preferences */
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
prefs_register_bool_preference(frame_module, "force_docsis_encap",
"Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
prefs_register_bool_preference(frame_module, "generate_md5_hash",
"Generate an MD5 hash of each frame",
"Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
&generate_md5_hash);
prefs_register_bool_preference(frame_module, "generate_epoch_time",
"Generate an epoch time entry for each frame",
"Whether or not an Epoch time entry should be generated for each frame.",
&generate_epoch_time);
prefs_register_bool_preference(frame_module, "generate_bits_field",
"Show the number of bits in the frame",
"Whether or not the number of bits in the frame should be shown.",
&generate_bits_field);
frame_tap=register_tap("frame");
}
gchar *
wtap_get_debug_if_descr(const wtapng_if_descr_t *if_descr,
const int indent,
const char* line_end)
{
GString *info = g_string_new("");
g_assert(if_descr);
g_string_printf(info,
"%*cName = %s%s", indent, ' ',
if_descr->if_name ? if_descr->if_name : "UNKNOWN",
line_end);
g_string_append_printf(info,
"%*cDescription = %s%s", indent, ' ',
if_descr->if_description ? if_descr->if_description : "NONE",
line_end);
g_string_append_printf(info,
"%*cEncapsulation = %s (%d/%u - %s)%s", indent, ' ',
wtap_encap_string(if_descr->wtap_encap),
if_descr->wtap_encap,
if_descr->link_type,
wtap_encap_short_string(if_descr->wtap_encap),
line_end);
g_string_append_printf(info,
"%*cSpeed = %" G_GINT64_MODIFIER "u%s", indent, ' ',
if_descr->if_speed,
line_end);
g_string_append_printf(info,
"%*cCapture length = %u%s", indent, ' ',
if_descr->snap_len,
line_end);
g_string_append_printf(info,
"%*cFCS length = %d%s", indent, ' ',
if_descr->if_fcslen,
line_end);
g_string_append_printf(info,
"%*cTime precision = %s (%d)%s", indent, ' ',
wtap_tsprec_string(if_descr->tsprecision),
if_descr->tsprecision,
line_end);
g_string_append_printf(info,
"%*cTime ticks per second = %" G_GINT64_MODIFIER "u%s", indent, ' ',
if_descr->time_units_per_second,
line_end);
g_string_append_printf(info,
"%*cTime resolution = 0x%.2x%s", indent, ' ',
if_descr->if_tsresol,
line_end);
g_string_append_printf(info,
"%*cFilter string = %s%s", indent, ' ',
if_descr->if_filter_str ? if_descr->if_filter_str : "NONE",
line_end);
g_string_append_printf(info,
"%*cOperating system = %s%s", indent, ' ',
if_descr->if_os ? if_descr->if_os : "UNKNOWN",
line_end);
g_string_append_printf(info,
"%*cComment = %s%s", indent, ' ',
if_descr->opt_comment ? if_descr->opt_comment : "NONE",
line_end);
g_string_append_printf(info,
"%*cBPF filter length = %u%s", indent, ' ',
if_descr->bpf_filter_len,
line_end);
g_string_append_printf(info,
"%*cNumber of stat entries = %u%s", indent, ' ',
if_descr->num_stat_entries,
line_end);
return g_string_free(info, FALSE);
}
void
proto_register_frame(void)
{
static hf_register_info hf[] = {
{ &hf_frame_arrival_time,
{ "Arrival Time", "frame.time",
FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
"Absolute time when this frame was captured", HFILL }},
{ &hf_frame_shift_offset,
{ "Time shift for this packet", "frame.offset_shift",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time shift applied to this packet", HFILL }},
{ &hf_frame_arrival_time_epoch,
{ "Epoch Time", "frame.time_epoch",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Epoch time when this frame was captured", HFILL }},
{ &hf_frame_time_invalid,
{ "Arrival Timestamp invalid", "frame.time_invalid",
FT_NONE, BASE_NONE, NULL, 0x0,
"The timestamp from the capture is out of the valid range", HFILL }},
{ &hf_frame_time_delta,
{ "Time delta from previous captured frame", "frame.time_delta",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_delta_displayed,
{ "Time delta from previous displayed frame", "frame.time_delta_displayed",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_time_relative,
{ "Time since reference or first frame", "frame.time_relative",
FT_RELATIVE_TIME, BASE_NONE, NULL, 0x0,
"Time relative to time reference or first frame", HFILL }},
{ &hf_frame_time_reference,
{ "This is a Time Reference frame", "frame.ref_time",
FT_NONE, BASE_NONE, NULL, 0x0,
"This frame is a Time Reference frame", HFILL }},
{ &hf_frame_number,
{ "Frame Number", "frame.number",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_len,
{ "Frame length on the wire", "frame.len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_capture_len,
{ "Frame length stored into the capture file", "frame.cap_len",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_md5_hash,
{ "Frame MD5 Hash", "frame.md5_hash",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_p2p_dir,
{ "Point-to-Point Direction", "frame.p2p_dir",
FT_INT8, BASE_DEC, VALS(p2p_dirs), 0x0,
NULL, HFILL }},
{ &hf_link_number,
{ "Link Number", "frame.link_nr",
FT_UINT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_file_off,
{ "File Offset", "frame.file_off",
FT_INT64, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_frame_marked,
{ "Frame is marked", "frame.marked",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is marked in the GUI", HFILL }},
{ &hf_frame_ignored,
{ "Frame is ignored", "frame.ignored",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"Frame is ignored by the dissectors", HFILL }},
{ &hf_frame_protocols,
{ "Protocols in frame", "frame.protocols",
FT_STRING, BASE_NONE, NULL, 0x0,
"Protocols carried by this frame", HFILL }},
{ &hf_frame_color_filter_name,
{ "Coloring Rule Name", "frame.coloring_rule.name",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched the coloring rule with this name", HFILL }},
{ &hf_frame_color_filter_text,
{ "Coloring Rule String", "frame.coloring_rule.string",
FT_STRING, BASE_NONE, NULL, 0x0,
"The frame matched this coloring rule string", HFILL }},
{ &hf_frame_interface_id,
{ "Interface id", "frame.interface_id",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_comments_text,
{ "Comment", "frame.comment",
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }},
};
static hf_register_info hf_encap =
{ &hf_frame_wtap_encap,
{ "Encapsulation type", "frame.encap_type",
FT_INT16, BASE_DEC, NULL, 0x0,
NULL, HFILL }};
static gint *ett[] = {
&ett_frame,
&ett_comments
};
module_t *frame_module;
if (hf_encap.hfinfo.strings == NULL) {
int encap_count = wtap_get_num_encap_types();
value_string *arr;
int i;
hf_encap.hfinfo.strings = arr = g_new(value_string, encap_count+1);
for (i = 0; i < encap_count; i++) {
arr[i].value = i;
arr[i].strptr = wtap_encap_string(i);
}
arr[encap_count].value = 0;
arr[encap_count].strptr = NULL;
}
wtap_encap_dissector_table = register_dissector_table("wtap_encap",
"Wiretap encapsulation type", FT_UINT32, BASE_DEC);
proto_frame = proto_register_protocol("Frame", "Frame", "frame");
proto_pkt_comment = proto_register_protocol("Packet comments", "Pkt_Comment", "pkt_comment");
proto_register_field_array(proto_frame, hf, array_length(hf));
proto_register_field_array(proto_frame, &hf_encap, 1);
proto_register_subtree_array(ett, array_length(ett));
register_dissector("frame",dissect_frame,proto_frame);
/* You can't disable dissection of "Frame", as that would be
tantamount to not doing any dissection whatsoever. */
proto_set_cant_toggle(proto_frame);
proto_short = proto_register_protocol("Short Frame", "Short frame", "short");
proto_malformed = proto_register_protocol("Malformed Packet",
"Malformed packet", "malformed");
proto_unreassembled = proto_register_protocol(
"Unreassembled Fragmented Packet",
"Unreassembled fragmented packet", "unreassembled");
/* "Short Frame", "Malformed Packet", and "Unreassembled Fragmented
Packet" aren't really protocols, they're error indications;
disabling them makes no sense. */
proto_set_cant_toggle(proto_short);
proto_set_cant_toggle(proto_malformed);
proto_set_cant_toggle(proto_unreassembled);
/* Our preferences */
frame_module = prefs_register_protocol(proto_frame, NULL);
prefs_register_bool_preference(frame_module, "show_file_off",
"Show File Offset", "Show offset of frame in capture file", &show_file_off);
prefs_register_bool_preference(frame_module, "force_docsis_encap",
"Treat all frames as DOCSIS frames", "Treat all frames as DOCSIS Frames", &force_docsis_encap);
prefs_register_bool_preference(frame_module, "generate_md5_hash",
"Generate an MD5 hash of each frame",
"Whether or not MD5 hashes should be generated for each frame, useful for finding duplicate frames.",
&generate_md5_hash);
prefs_register_bool_preference(frame_module, "generate_epoch_time",
"Generate an epoch time entry for each frame",
"Whether or not an Epoch time entry should be generated for each frame.",
&generate_epoch_time);
prefs_register_bool_preference(frame_module, "generate_bits_field",
"Show the number of bits in the frame",
"Whether or not the number of bits in the frame should be shown.",
&generate_bits_field);
frame_tap=register_tap("frame");
}
gchar *
wtap_get_debug_if_descr(const wtap_optionblock_t if_descr,
const int indent,
const char* line_end)
{
char* tmp_content;
wtapng_if_descr_mandatory_t* if_descr_mand;
GString *info = g_string_new("");
guint64 tmp64;
gint8 itmp8;
guint8 tmp8;
wtapng_if_descr_filter_t* if_filter;
g_assert(if_descr);
if_descr_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(if_descr);
wtap_optionblock_get_option_string(if_descr, OPT_IDB_NAME, &tmp_content);
g_string_printf(info,
"%*cName = %s%s", indent, ' ',
tmp_content ? tmp_content : "UNKNOWN",
line_end);
wtap_optionblock_get_option_string(if_descr, OPT_IDB_DESCR, &tmp_content);
g_string_append_printf(info,
"%*cDescription = %s%s", indent, ' ',
tmp_content ? tmp_content : "NONE",
line_end);
g_string_append_printf(info,
"%*cEncapsulation = %s (%d/%u - %s)%s", indent, ' ',
wtap_encap_string(if_descr_mand->wtap_encap),
if_descr_mand->wtap_encap,
if_descr_mand->link_type,
wtap_encap_short_string(if_descr_mand->wtap_encap),
line_end);
wtap_optionblock_get_option_uint64(if_descr, OPT_IDB_SPEED, &tmp64);
g_string_append_printf(info,
"%*cSpeed = %" G_GINT64_MODIFIER "u%s", indent, ' ',
tmp64,
line_end);
g_string_append_printf(info,
"%*cCapture length = %u%s", indent, ' ',
if_descr_mand->snap_len,
line_end);
wtap_optionblock_get_option_uint8(if_descr, OPT_IDB_FCSLEN, &itmp8);
g_string_append_printf(info,
"%*cFCS length = %d%s", indent, ' ',
itmp8,
line_end);
g_string_append_printf(info,
"%*cTime precision = %s (%d)%s", indent, ' ',
wtap_tsprec_string(if_descr_mand->tsprecision),
if_descr_mand->tsprecision,
line_end);
g_string_append_printf(info,
"%*cTime ticks per second = %" G_GINT64_MODIFIER "u%s", indent, ' ',
if_descr_mand->time_units_per_second,
line_end);
wtap_optionblock_get_option_uint8(if_descr, OPT_IDB_TSRESOL, &tmp8);
g_string_append_printf(info,
"%*cTime resolution = 0x%.2x%s", indent, ' ',
tmp8,
line_end);
wtap_optionblock_get_option_custom(if_descr, OPT_IDB_FILTER, (void**)&if_filter);
g_string_append_printf(info,
"%*cFilter string = %s%s", indent, ' ',
if_filter->if_filter_str ? if_filter->if_filter_str : "NONE",
line_end);
wtap_optionblock_get_option_string(if_descr, OPT_IDB_OS, &tmp_content);
g_string_append_printf(info,
"%*cOperating system = %s%s", indent, ' ',
tmp_content ? tmp_content : "UNKNOWN",
line_end);
wtap_optionblock_get_option_string(if_descr, OPT_COMMENT, &tmp_content);
g_string_append_printf(info,
"%*cComment = %s%s", indent, ' ',
tmp_content ? tmp_content : "NONE",
line_end);
g_string_append_printf(info,
"%*cBPF filter length = %u%s", indent, ' ',
if_filter->bpf_filter_len,
line_end);
g_string_append_printf(info,
"%*cNumber of stat entries = %u%s", indent, ' ',
if_descr_mand->num_stat_entries,
line_end);
return g_string_free(info, FALSE);
}
int
main(int argc, char *argv[])
{
GString *comp_info_str;
GString *runtime_info_str;
int opt;
DIAG_OFF(cast-qual)
static const struct option long_options[] = {
{(char *)"help", no_argument, NULL, 'h'},
{(char *)"version", no_argument, NULL, 'V'},
{0, 0, 0, 0 }
};
DIAG_ON(cast-qual)
gboolean do_append = FALSE;
gboolean verbose = FALSE;
int in_file_count = 0;
guint snaplen = 0;
#ifdef PCAP_NG_DEFAULT
int file_type = WTAP_FILE_TYPE_SUBTYPE_PCAPNG; /* default to pcap format */
#else
int file_type = WTAP_FILE_TYPE_SUBTYPE_PCAP; /* default to pcapng format */
#endif
int frame_type = -2;
int out_fd;
merge_in_file_t *in_files = NULL, *in_file;
int i;
struct wtap_pkthdr *phdr, snap_phdr;
wtap_dumper *pdh;
int open_err, read_err = 0, write_err, close_err;
gchar *err_info, *write_err_info = NULL;
int err_fileno;
char *out_filename = NULL;
gboolean got_read_error = FALSE, got_write_error = FALSE;
int count;
cmdarg_err_init(mergecap_cmdarg_err, mergecap_cmdarg_err_cont);
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
/* Get the compile-time version information string */
comp_info_str = get_compiled_version_info(NULL, get_mergecap_compiled_info);
/* Get the run-time version information string */
runtime_info_str = get_runtime_version_info(get_mergecap_runtime_info);
/* Add it to the information to be reported on a crash. */
ws_add_crash_info("Mergecap (Wireshark) %s\n"
"\n"
"%s"
"\n"
"%s",
get_ws_vcs_version_info(), comp_info_str->str, runtime_info_str->str);
/* Process the options first */
while ((opt = getopt_long(argc, argv, "aF:hs:T:vVw:", long_options, NULL)) != -1) {
switch (opt) {
case 'a':
do_append = !do_append;
break;
case 'F':
file_type = wtap_short_string_to_file_type_subtype(optarg);
if (file_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid capture file type\n",
optarg);
list_capture_types();
exit(1);
}
break;
case 'h':
printf("Mergecap (Wireshark) %s\n"
"Merge two or more capture files into one.\n"
"See http://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
exit(0);
break;
case 's':
snaplen = get_positive_int(optarg, "snapshot length");
break;
case 'T':
frame_type = wtap_short_string_to_encap(optarg);
if (frame_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid encapsulation type\n",
optarg);
list_encap_types();
exit(1);
}
break;
case 'v':
verbose = TRUE;
break;
case 'V':
show_version("Mergecap (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
exit(0);
break;
case 'w':
out_filename = optarg;
break;
case '?': /* Bad options if GNU getopt */
switch(optopt) {
case'F':
list_capture_types();
break;
case'T':
list_encap_types();
break;
default:
print_usage(stderr);
}
exit(1);
break;
}
}
/* check for proper args; at a minimum, must have an output
* filename and one input file
*/
in_file_count = argc - optind;
if (!out_filename) {
fprintf(stderr, "mergecap: an output filename must be set with -w\n");
fprintf(stderr, " run with -h for help\n");
return 1;
}
if (in_file_count < 1) {
fprintf(stderr, "mergecap: No input files were specified\n");
return 1;
}
/* open the input files */
if (!merge_open_in_files(in_file_count, &argv[optind], &in_files,
&open_err, &err_info, &err_fileno)) {
fprintf(stderr, "mergecap: Can't open %s: %s\n", argv[optind + err_fileno],
wtap_strerror(open_err));
if (err_info != NULL) {
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
}
return 2;
}
if (verbose) {
for (i = 0; i < in_file_count; i++)
fprintf(stderr, "mergecap: %s is type %s.\n", argv[optind + i],
wtap_file_type_subtype_string(wtap_file_type_subtype(in_files[i].wth)));
}
if (snaplen == 0) {
/*
* Snapshot length not specified - default to the maximum of the
* snapshot lengths of the input files.
*/
snaplen = merge_max_snapshot_length(in_file_count, in_files);
}
/* set the outfile frame type */
if (frame_type == -2) {
/*
* Default to the appropriate frame type for the input files.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
if (verbose) {
if (frame_type == WTAP_ENCAP_PER_PACKET) {
/*
* Find out why we had to choose WTAP_ENCAP_PER_PACKET.
*/
int first_frame_type, this_frame_type;
first_frame_type = wtap_file_encap(in_files[0].wth);
for (i = 1; i < in_file_count; i++) {
this_frame_type = wtap_file_encap(in_files[i].wth);
if (first_frame_type != this_frame_type) {
fprintf(stderr, "mergecap: multiple frame encapsulation types detected\n");
fprintf(stderr, " defaulting to WTAP_ENCAP_PER_PACKET\n");
fprintf(stderr, " %s had type %s (%s)\n",
in_files[0].filename,
wtap_encap_string(first_frame_type),
wtap_encap_short_string(first_frame_type));
fprintf(stderr, " %s had type %s (%s)\n",
in_files[i].filename,
wtap_encap_string(this_frame_type),
wtap_encap_short_string(this_frame_type));
break;
}
}
}
fprintf(stderr, "mergecap: selected frame_type %s (%s)\n",
wtap_encap_string(frame_type),
wtap_encap_short_string(frame_type));
}
}
/* open the outfile */
if (strncmp(out_filename, "-", 2) == 0) {
/* use stdout as the outfile */
out_fd = 1 /*stdout*/;
} else {
/* open the outfile */
out_fd = ws_open(out_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (out_fd == -1) {
fprintf(stderr, "mergecap: Couldn't open output file %s: %s\n",
out_filename, g_strerror(errno));
exit(1);
}
}
/* prepare the outfile */
if(file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG ){
wtapng_section_t *shb_hdr;
GString *comment_gstr;
shb_hdr = g_new(wtapng_section_t,1);
comment_gstr = g_string_new("File created by merging: \n");
for (i = 0; i < in_file_count; i++) {
g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename);
}
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = comment_gstr->str; /* NULL if not available */
shb_hdr->shb_hardware = NULL; /* NULL if not available, UTF-8 string containing the description of the hardware used to create this section. */
shb_hdr->shb_os = NULL; /* NULL if not available, UTF-8 string containing the name of the operating system used to create this section. */
shb_hdr->shb_user_appl = g_strdup("mergecap"); /* NULL if not available, UTF-8 string containing the name of the application used to create this section. */
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdr, NULL /* wtapng_iface_descriptions_t *idb_inf */, &open_err);
g_string_free(comment_gstr, TRUE);
} else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, &open_err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
fprintf(stderr, "mergecap: Can't open or create %s: %s\n", out_filename,
wtap_strerror(open_err));
exit(1);
}
/* do the merge (or append) */
count = 1;
for (;;) {
if (do_append)
in_file = merge_append_read_packet(in_file_count, in_files, &read_err,
&err_info);
else
in_file = merge_read_packet(in_file_count, in_files, &read_err,
&err_info);
if (in_file == NULL) {
/* EOF */
break;
}
if (read_err != 0) {
/* I/O error reading from in_file */
got_read_error = TRUE;
break;
}
if (verbose)
fprintf(stderr, "Record: %d\n", count++);
/* We simply write it, perhaps after truncating it; we could do other
* things, like modify it. */
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), &write_err, &write_err_info)) {
got_write_error = TRUE;
break;
}
}
merge_close_in_files(in_file_count, in_files);
if (!got_write_error) {
if (!wtap_dump_close(pdh, &write_err))
got_write_error = TRUE;
} else {
/*
* We already got a write error; no need to report another
* write error on close.
*
* Don't overwrite the earlier write error.
*/
(void)wtap_dump_close(pdh, &close_err);
}
if (got_read_error) {
/*
* Find the file on which we got the error, and report the error.
*/
for (i = 0; i < in_file_count; i++) {
if (in_files[i].state == GOT_ERROR) {
fprintf(stderr, "mergecap: Error reading %s: %s\n",
in_files[i].filename, wtap_strerror(read_err));
if (err_info != NULL) {
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
}
}
}
}
if (got_write_error) {
switch (write_err) {
case WTAP_ERR_UNWRITABLE_ENCAP:
/*
* This is a problem with the particular frame we're writing and
* the file type and subtype we're wwriting; note that, and
* report the frame number and file type/subtype.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" has a network type that can't be saved in a \"%s\" file.\n",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type));
break;
case WTAP_ERR_PACKET_TOO_LARGE:
/*
* This is a problem with the particular frame we're writing and
* the file type and subtype we're wwriting; note that, and
* report the frame number and file type/subtype.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" is too large for a \"%s\" file.\n",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type));
break;
case WTAP_ERR_UNWRITABLE_REC_TYPE:
/*
* This is a problem with the particular record we're writing and
* the file type and subtype we're wwriting; note that, and
* report the record number and file type/subtype.
*/
fprintf(stderr, "mergecap: Record %u of \"%s\" has a record type that can't be saved in a \"%s\" file.\n",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type));
break;
case WTAP_ERR_UNWRITABLE_REC_DATA:
/*
* This is a problem with the particular record we're writing and
* the file type and subtype we're wwriting; note that, and
* report the record number and file type/subtype.
*/
fprintf(stderr, "mergecap: Record %u of \"%s\" has data that can't be saved in a \"%s\" file.\n(%s)\n",
in_file ? in_file->packet_num : 0, in_file ? in_file->filename : "UNKNOWN",
wtap_file_type_subtype_string(file_type),
write_err_info != NULL ? write_err_info : "no information supplied");
g_free(write_err_info);
break;
default:
fprintf(stderr, "mergecap: Error writing to outfile: %s\n",
wtap_strerror(write_err));
break;
}
}
g_free(in_files);
return (!got_read_error && !got_write_error) ? 0 : 2;
}