void wtap_write_shb_comment(wtap *wth, gchar *comment) { if ((wth != NULL) && (wth->shb_hdrs != NULL) && (wth->shb_hdrs->len > 0)) { wtap_optionblock_set_option_string(g_array_index(wth->shb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, (gsize)(comment ? strlen(comment) : 0)); } }
/* creates a section header block for the new output file */ static wtap_optionblock_t create_shb_header(const merge_in_file_t *in_files, const guint in_file_count, const gchar *app_name) { wtap_optionblock_t shb_hdr; GString *comment_gstr; GString *os_info_str; guint i; char* shb_comment = NULL; wtapng_mandatory_section_t* shb_data; shb_hdr = wtap_file_get_shb_for_new_file(in_files[0].wth); comment_gstr = g_string_new(""); /* TODO: merge comments from all files */ wtap_optionblock_get_option_string(shb_hdr, OPT_COMMENT, &shb_comment); /* very lame way to save comments - does not save them from the other files */ if (shb_comment && strlen(shb_comment) > 0) { g_string_append_printf(comment_gstr, "%s \n",shb_comment); } g_string_append_printf(comment_gstr, "File created by merging: \n"); for (i = 0; i < in_file_count; i++) { g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename); } os_info_str = g_string_new(""); get_os_version_info(os_info_str); shb_data = (wtapng_mandatory_section_t*)wtap_optionblock_get_mandatory_data(shb_hdr); shb_data->section_length = -1; /* TODO: handle comments from each file being merged */ wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, g_string_free(comment_gstr, TRUE)); /* section comment */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_HARDWARE, NULL ); /* NULL if not available, UTF-8 string containing the */ /* description of the hardware used to create this section. */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE)); /* UTF-8 string containing the name */ /* of the operating system used to create this section. */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, (char*)app_name ); /* NULL if not available, UTF-8 string containing the name */ /* of the application used to create this section. */ return shb_hdr; }
void wtap_write_nrb_comment(wtap *wth, gchar *comment) { wtap_optionblock_t nrb; g_assert(wth); if (wth == NULL) return; if (wth->nrb_hdrs == NULL) { wth->nrb_hdrs = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t)); nrb = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_NRB); g_array_append_val(wth->nrb_hdrs, nrb); } wtap_optionblock_set_option_string(g_array_index(wth->nrb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, (gsize)(comment ? strlen(comment) : 0)); }
wtap_open_return_val lanalyzer_open(wtap *wth, int *err, gchar **err_info) { LA_RecordHeader rec_header; char header_fixed[2]; char *comment; char summary[210]; guint16 board_type, mxslc; guint16 record_type, record_length; guint8 cr_day, cr_month; guint16 cr_year; struct tm tm; lanalyzer_t *lanalyzer; if (!wtap_read_bytes(wth->fh, &rec_header, LA_RecordHeaderSize, err, err_info)) { if (*err != WTAP_ERR_SHORT_READ) return WTAP_OPEN_ERROR; return WTAP_OPEN_NOT_MINE; } record_type = pletoh16(rec_header.record_type); record_length = pletoh16(rec_header.record_length); /* make sure to do this for while() loop */ if (record_type != RT_HeaderRegular && record_type != RT_HeaderCyclic) { return WTAP_OPEN_NOT_MINE; } /* Read the major and minor version numbers */ if (record_length < 2) { /* * Not enough room for the major and minor version numbers. * Just treat that as a "not a LANalyzer file" indication. */ return WTAP_OPEN_NOT_MINE; } if (!wtap_read_bytes(wth->fh, &header_fixed, sizeof header_fixed, err, err_info)) { if (*err != WTAP_ERR_SHORT_READ) return WTAP_OPEN_ERROR; return WTAP_OPEN_NOT_MINE; } record_length -= sizeof header_fixed; if (record_length != 0) { /* Read the rest of the record as a comment. */ comment = (char *)g_malloc(record_length + 1); if (!wtap_read_bytes(wth->fh, comment, record_length, err, err_info)) { if (*err != WTAP_ERR_SHORT_READ) { g_free(comment); return WTAP_OPEN_ERROR; } g_free(comment); return WTAP_OPEN_NOT_MINE; } wtap_optionblock_set_option_string(g_array_index(wth->shb_hdrs, wtap_optionblock_t, 0), OPT_COMMENT, comment, record_length); g_free(comment); } /* If we made it this far, then the file is a LANAlyzer file. * Let's get some info from it. Note that we get wth->snapshot_length * from a record later in the file. */ wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_LANALYZER; lanalyzer = (lanalyzer_t *)g_malloc(sizeof(lanalyzer_t)); wth->priv = (void *)lanalyzer; wth->subtype_read = lanalyzer_read; wth->subtype_seek_read = lanalyzer_seek_read; wth->snapshot_length = 0; wth->file_tsprec = WTAP_TSPREC_NSEC; /* Read records until we find the start of packets */ while (1) { if (!wtap_read_bytes_or_eof(wth->fh, &rec_header, LA_RecordHeaderSize, err, err_info)) { if (*err == 0) { /* * End of file and no packets; * accept this file. */ return WTAP_OPEN_MINE; } return WTAP_OPEN_ERROR; } record_type = pletoh16(rec_header.record_type); record_length = pletoh16(rec_header.record_length); /*g_message("Record 0x%04X Length %d", record_type, record_length);*/ switch (record_type) { /* Trace Summary Record */ case RT_Summary: if (!wtap_read_bytes(wth->fh, summary, sizeof summary, err, err_info)) return WTAP_OPEN_ERROR; /* Assume that the date of the creation of the trace file * is the same date of the trace. Lanalyzer doesn't * store the creation date/time of the trace, but only of * the file. Unless you traced at 11:55 PM and saved at 00:05 * AM, the assumption that trace.date == file.date is true. */ cr_day = summary[0]; cr_month = summary[1]; cr_year = pletoh16(&summary[2]); /*g_message("Day %d Month %d Year %d (%04X)", cr_day, cr_month, cr_year, cr_year);*/ /* Get capture start time. I learned how to do * this from Guy's code in ngsniffer.c */ tm.tm_year = cr_year - 1900; tm.tm_mon = cr_month - 1; tm.tm_mday = cr_day; tm.tm_hour = 0; tm.tm_min = 0; tm.tm_sec = 0; tm.tm_isdst = -1; lanalyzer->start = mktime(&tm); /*g_message("Day %d Month %d Year %d", tm.tm_mday, tm.tm_mon, tm.tm_year);*/ mxslc = pletoh16(&summary[30]); wth->snapshot_length = mxslc; board_type = pletoh16(&summary[188]); switch (board_type) { case BOARD_325: wth->file_encap = WTAP_ENCAP_ETHERNET; break; case BOARD_325TR: wth->file_encap = WTAP_ENCAP_TOKEN_RING; break; default: *err = WTAP_ERR_UNSUPPORTED; *err_info = g_strdup_printf("lanalyzer: board type %u unknown", board_type); return WTAP_OPEN_ERROR; } break; /* Trace Packet Data Record */ case RT_PacketData: /* Go back header number of bytes so that lanalyzer_read * can read this header */ if (file_seek(wth->fh, -LA_RecordHeaderSize, SEEK_CUR, err) == -1) { return WTAP_OPEN_ERROR; } return WTAP_OPEN_MINE; default: if (file_seek(wth->fh, record_length, SEEK_CUR, err) == -1) { return WTAP_OPEN_ERROR; } break; } } }
static void exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data) { char *tmpname, *capfile_name; int err; /* pcapng defs */ wtap_optionblock_t shb_hdr; wtapng_iface_descriptions_t *idb_inf; wtap_optionblock_t int_data; wtapng_if_descr_mandatory_t *int_data_mand; GString *os_info_str; gchar *opt_comment, *wireshark_ver; /* Create data for SHB */ os_info_str = g_string_new(""); get_os_version_info(os_info_str); shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION); /* options */ opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename); wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment); g_free(opt_comment); /* * UTF-8 string containing the name of the operating system used to create * this section. */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE)); /* * UTF-8 string containing the name of the application used to create * this section. */ wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info()); wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver); g_free(wireshark_ver); /* Create fake IDB info */ idb_inf = g_new(wtapng_iface_descriptions_t,1); idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t)); /* create the fake interface data */ int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR); int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data); int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU; int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */ int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU); int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE; wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export"); wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9); g_array_append_val(idb_inf->interface_data, int_data); /* Use a random name for the temporary import buffer */ exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_", WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &err); capfile_name = g_strdup(tmpname); if (exp_pdu_tap_data->wdh == NULL) { open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE); goto end; } /* Run the tap */ cf_retap_packets(&cfile); if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) { write_failure_alert_box(capfile_name, err); } remove_tap_listener(exp_pdu_tap_data); /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */ if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) { open_failure_alert_box(capfile_name, err, FALSE); goto end; } switch (cf_read(&cfile, FALSE)) { case CF_READ_OK: case CF_READ_ERROR: /* Just because we got an error, that doesn't mean we were unable to read any of the file; we handle what we could get from the file. */ break; case CF_READ_ABORTED: /* The user bailed out of re-reading the capture file; the capture file has been closed - just free the capture file name string and return (without changing the last containing directory). */ break; } end: g_free(capfile_name); wtap_optionblock_free(shb_hdr); wtap_free_idb_info(idb_inf); }
int exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int fd, char *comment) { int err; /* pcapng defs */ wtap_optionblock_t shb_hdr; wtapng_iface_descriptions_t *idb_inf; wtap_optionblock_t int_data; wtapng_if_descr_mandatory_t *int_data_mand; GString *os_info_str; gchar *opt_comment, *wireshark_ver; /* Create data for SHB */ os_info_str = g_string_new(""); get_os_version_info(os_info_str); shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION); /* options */ opt_comment = comment; wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment); g_free(opt_comment); /* * UTF-8 string containing the name of the operating system used to create * this section. */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE)); /* * UTF-8 string containing the name of the application used to create * this section. */ wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info()); wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver); g_free(wireshark_ver); /* Create fake IDB info */ idb_inf = g_new(wtapng_iface_descriptions_t,1); idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t)); /* create the fake interface data */ int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR); int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data); int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU; int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */ int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU); int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE; wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export"); wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9); g_array_append_val(idb_inf->interface_data, int_data); /* Use a random name for the temporary import buffer */ exp_pdu_tap_data->wdh = wtap_dump_fdopen_ng(fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &err); if (exp_pdu_tap_data->wdh == NULL) { g_assert(err != 0); return err; } return 0; }