Пример #1
0
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
    int   import_file_fd;
    char *tmpname, *capfile_name, *comment;
    int   err;

    /* Choose a random name for the temporary import buffer */
    import_file_fd = create_tempfile(&tmpname, "Wireshark_PDU_", NULL);
    capfile_name = g_strdup(tmpname);

    comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
    err = exp_pdu_open(exp_pdu_tap_data, import_file_fd, comment);
    if (err != 0) {
        g_free(comment);
        cfile_dump_open_failure_alert_box(capfile_name ? capfile_name : "temporary file",
                                          err, WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
        goto end;
    }

    /* Run the tap */
    cf_retap_packets(&cfile);

    err = exp_pdu_close(exp_pdu_tap_data);
    if (err!= 0) {
        cfile_close_failure_alert_box(capfile_name, err);
    }

    /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
    if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
        /* cf_open() has put up a dialog box for the error */
        goto end;
    }

    switch (cf_read(&cfile, FALSE)) {
    case CF_READ_OK:
    case CF_READ_ERROR:
        /* Just because we got an error, that doesn't mean we were unable
        to read any of the file; we handle what we could get from the
        file. */
        break;

    case CF_READ_ABORTED:
        /* The user bailed out of re-reading the capture file; the
        capture file has been closed - just free the capture file name
        string and return (without changing the last containing
        directory). */
        break;
    }

end:
    g_free(capfile_name);
}
Пример #2
0
static void
dnd_merge_files(int in_file_count, char **in_filenames)
{
    char *tmpname;
    cf_status_t merge_status;
    int err;

    /* merge the files in chonological order */
    tmpname = NULL;
    merge_status = cf_merge_files(&tmpname, in_file_count, in_filenames,
                              WTAP_FILE_PCAP, FALSE);

    if (merge_status != CF_OK) {
        /* merge failed */
        g_free(tmpname);
        return;
    }

    cf_close(&cfile);

    /* Try to open the merged capture file. */
    if (cf_open(&cfile, tmpname, TRUE /* temporary file */, &err) != CF_OK) {
        /* We couldn't open it; don't dismiss the open dialog box,
           just leave it around so that the user can, after they
           dismiss the alert box popped up for the open error,
           try again. */
        g_free(tmpname);
        return;
    }
    g_free(tmpname);

    switch (cf_read(&cfile, FALSE)) {

    case CF_READ_OK:
    case CF_READ_ERROR:
        /* Just because we got an error, that doesn't mean we were unable
           to read any of the file; we handle what we could get from the
           file. */
        break;

    case CF_READ_ABORTED:
        /* The user bailed out of re-reading the capture file; the
           capture file has been closed - just free the capture file name
           string and return (without changing the last containing
           directory). */
        return;
    }
}
Пример #3
0
/* open the file corresponding to the given fileset entry */
static void
fs_open_entry(fileset_entry *entry)
{
    char *fname;
    int   err;


    /* make a copy of the filename (cf_close will indirectly destroy it right now) */
    fname = g_strdup(entry->fullname);

    /* close the old and open the new file */
    cf_close(&cfile);
    if (cf_open(&cfile, fname, FALSE, &err) == CF_OK) {
        cf_read(&cfile, FALSE);
    }

    g_free(fname);
}
Пример #4
0
    cf_uint32 ReadPid()
    {
        char p [MAX_SIZE];
        GetPathByPathNameExt(_filePathName.c_str(), _filePathName.size() , p);
        if(0==IsFileExist(p))
        {
            _THROW_FMT(RuntimeWarning, "Failed access file %s !",p);
        }

        _fd =cf_open(_filePathName.c_str(),O_RDWR,S_IRWXU | S_IRWXG | S_IROTH);
        if(-1==_fd)
        {
            _THROW(SyscallExecuteError, "Failed to execute cf_open !");
        }
        char buf[8] = {0};
        ssize_t nr =cf_read(_fd,buf,sizeof(buf));
        if(nr<=0)
        {
            _THROW_FMT(ValueError, "Failed cf_read ! nr=%d ",int(nr));
        }
        return cf_uint32(atoi(buf));
    }
Пример #5
0
static int configure_collectd(struct cmdline_config *config) {
  /*
   * Read options from the config file, the environment and the command
   * line (in that order, with later options overwriting previous ones in
   * general).
   * Also, this will automatically load modules.
   */
  if (cf_read(config->configfile)) {
    fprintf(stderr, "Error: Reading the config file failed!\n"
                    "Read the logs for details.\n");
    return 1;
  }

  /*
   * Change directory. We do this _after_ reading the config and loading
   * modules to relative paths work as expected.
   */
  const char *basedir;
  if ((basedir = global_option_get("BaseDir")) == NULL) {
    fprintf(stderr,
            "Don't have a basedir to use. This should not happen. Ever.");
    return 1;
  } else if (change_basedir(basedir, config->create_basedir)) {
    fprintf(stderr, "Error: Unable to change to directory `%s'.\n", basedir);
    return 1;
  }

  /*
   * Set global variables or, if that fails, exit. We cannot run with
   * them being uninitialized. If nothing is configured, then defaults
   * are being used. So this means that the user has actually done
   * something wrong.
   */
  if (init_global_variables() != 0)
    return 1;

  return 0;
}
Пример #6
0
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
    int   import_file_fd;
    char *tmpname, *capfile_name;
    int   err;

    /* pcapng defs */
    wtapng_section_t            *shb_hdr;
    wtapng_iface_descriptions_t *idb_inf;
    wtapng_if_descr_t            int_data;
    GString                     *os_info_str;
    char                        *appname;

    /* Choose a random name for the temporary import buffer */
    import_file_fd = create_tempfile(&tmpname, "Wireshark_PDU_");
    capfile_name = g_strdup(tmpname);

    /* Create data for SHB  */
    os_info_str = g_string_new("");
    get_os_version_info(os_info_str);

    appname = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());

    shb_hdr = g_new(wtapng_section_t,1);
    shb_hdr->section_length = -1;
    /* options */
    shb_hdr->opt_comment    = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
    shb_hdr->shb_hardware   = NULL;                    /* UTF-8 string containing the
                                                       * description of the hardware used to create this section.
                                                       */
    shb_hdr->shb_os         = os_info_str->str;        /* UTF-8 string containing the name
                                                       * of the operating system used to create this section.
                                                       */
    g_string_free(os_info_str, FALSE);                /* The actual string is not freed */
    shb_hdr->shb_user_appl  = appname;                /* UTF-8 string containing the name
                                                       *  of the application used to create this section.
                                                       */


    /* Create fake IDB info */
    idb_inf = g_new(wtapng_iface_descriptions_t,1);
    idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t));

    /* create the fake interface data */
    int_data.wtap_encap            = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
    int_data.time_units_per_second = 1000000; /* default microsecond resolution */
    int_data.link_type             = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
    int_data.snap_len              = WTAP_MAX_PACKET_SIZE;
    int_data.if_name               = g_strdup("Fake IF, PDU->Export");
    int_data.opt_comment           = NULL;
    int_data.if_description        = NULL;
    int_data.if_speed              = 0;
    int_data.if_tsresol            = 6;
    int_data.if_filter_str         = NULL;
    int_data.bpf_filter_len        = 0;
    int_data.if_filter_bpf_bytes   = NULL;
    int_data.if_os                 = NULL;
    int_data.if_fcslen             = -1;
    int_data.num_stat_entries      = 0;          /* Number of ISB:s */
    int_data.interface_statistics  = NULL;

    g_array_append_val(idb_inf->interface_data, int_data);

    exp_pdu_tap_data->wdh = wtap_dump_fdopen_ng(import_file_fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, &err);
    if (exp_pdu_tap_data->wdh == NULL) {
        open_failure_alert_box(capfile_name, err, TRUE);
        goto end;
    }


    /* Run the tap */
    cf_retap_packets(&cfile);


    if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
        write_failure_alert_box(capfile_name, err);
    }

    remove_tap_listener(exp_pdu_tap_data);

    /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
    if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
        open_failure_alert_box(capfile_name, err, FALSE);
        goto end;
    }

    switch (cf_read(&cfile, FALSE)) {
    case CF_READ_OK:
    case CF_READ_ERROR:
    /* Just because we got an error, that doesn't mean we were unable
       to read any of the file; we handle what we could get from the
       file. */
    break;

    case CF_READ_ABORTED:
    /* The user bailed out of re-reading the capture file; the
       capture file has been closed - just free the capture file name
       string and return (without changing the last containing
       directory). */
    break;
    }

end:
    g_free(capfile_name);
    g_free(shb_hdr);
    g_free(appname);
}
Пример #7
0
/* open/merge the dnd file */
void
dnd_open_file_cmd(gchar *cf_names_freeme)
{
    int       err;
    gchar     *cf_name;
    int       in_file_count;
    int       files_work;
    char      **in_filenames;
    char      *tmpname;

    if (cf_names_freeme == NULL) return;

    /* DND_TARGET_URL:
     * The cf_name_freeme is a single string, containing one or more URI's,
     * terminated by CR/NL chars. The length of the whole field can be found
     * in the selection_data->length field. If it contains one file, simply open it,
     * If it contains more than one file, ask to merge these files. */

    /* count the number of input files */
    cf_name = cf_names_freeme;
    for(in_file_count = 0; (cf_name = strstr(cf_name, "\r\n")) != NULL; ) {
        cf_name += 2;
        in_file_count++;
    }
    if (in_file_count == 0) {
      g_free(cf_names_freeme);
      return;
    }

    in_filenames = (char **)g_malloc(sizeof(char*) * in_file_count);

    /* store the starts of the file entries in a gchar array */
    cf_name = cf_names_freeme;
    in_filenames[0] = cf_name;
    for(files_work = 1; (cf_name = strstr(cf_name, "\r\n")) != NULL && files_work < in_file_count; ) {
        cf_name += 2;
        in_filenames[files_work] = cf_name;
        files_work++;
    }

    /* replace trailing CR NL simply with zeroes (in place), so we get valid terminated strings */
    cf_name = cf_names_freeme;
    g_strdelimit(cf_name, "\r\n", '\0');

    /* convert all filenames from URI to local filename (in place) */
    for(files_work = 0; files_work < in_file_count; files_work++) {
        in_filenames[files_work] = dnd_uri2filename(in_filenames[files_work]);
    }

    if (in_file_count == 1) {
        /* open and read the capture file (this will close an existing file) */
        if (cf_open(&cfile, in_filenames[0], FALSE, &err) == CF_OK) {
            /* XXX - add this to the menu if the read fails? */
            cf_read(&cfile, FALSE);
            add_menu_recent_capture_file(in_filenames[0]);
        } else {
            /* the capture file couldn't be read (doesn't exist, file format unknown, ...) */
        }
    } else {
        /* merge the files in chronological order */
        tmpname = NULL;
        if (cf_merge_files(&tmpname, in_file_count, in_filenames,
                           WTAP_FILE_TYPE_SUBTYPE_PCAP, FALSE) == CF_OK) {
            /* Merge succeeded; close the currently-open file and try
               to open the merged capture file. */
            cf_close(&cfile);
            if (cf_open(&cfile, tmpname, TRUE /* temporary file */, &err) == CF_OK) {
                g_free(tmpname);
                cf_read(&cfile, FALSE);
            } else {
                /* The merged file couldn't be read. */
                g_free(tmpname);
            }
        } else {
            /* merge failed */
            g_free(tmpname);
        }
    }

    g_free(in_filenames);
    g_free(cf_names_freeme);
}
Пример #8
0
/* open/merge the dnd file */
void
dnd_open_file_cmd(gchar *cf_names_freeme)
{
    int       err;
    gchar     *cf_name;
    int       in_files;
    GString   *dialog_text;
    int       files_work;
    char      **in_filenames;

    if (cf_names_freeme == NULL) return;

    /* DND_TARGET_URL:
     * The cf_name_freeme is a single string, containing one or more URI's,
     * terminated by CR/NL chars. The length of the whole field can be found
     * in the selection_data->length field. If it contains one file, simply open it,
     * If it contains more than one file, ask to merge these files. */

    /* count the number of input files */
    cf_name = cf_names_freeme;
    for(in_files = 0; (cf_name = strstr(cf_name, "\r\n")) != NULL; ) {
        cf_name += 2;
        in_files++;
    }
    if (in_files == 0) {
      g_free(cf_names_freeme);
      return;
    }

    in_filenames = g_malloc(sizeof(char*) * in_files);

    /* store the starts of the file entries in a gchar array */
    cf_name = cf_names_freeme;
    in_filenames[0] = cf_name;
    for(files_work = 1; (cf_name = strstr(cf_name, "\r\n")) != NULL && files_work < in_files; ) {
        cf_name += 2;
        in_filenames[files_work] = cf_name;
        files_work++;
    }

    /* replace trailing CR NL simply with zeroes (in place), so we get valid terminated strings */
    cf_name = cf_names_freeme;
    g_strdelimit(cf_name, "\r\n", '\0');

    /* convert all filenames from URI to local filename (in place) */
    for(files_work = 0; files_work < in_files; files_work++) {
        in_filenames[files_work] = dnd_uri2filename(in_filenames[files_work]);
    }

    if (in_files == 1) {
        /* open and read the capture file (this will close an existing file) */
        if (cf_open(&cfile, in_filenames[0], FALSE, &err) == CF_OK) {
            /* XXX - add this to the menu if the read fails? */
            cf_read(&cfile, FALSE);
            add_menu_recent_capture_file(in_filenames[0]);
        } else {
            /* the capture file couldn't be read (doesn't exist, file format unknown, ...) */
        }
    } else {
        /* build and show the info dialog */
        dialog_text = g_string_sized_new(200);
        g_string_printf(dialog_text, "%sMerging the following files:%s\n\n",
            simple_dialog_primary_start(), simple_dialog_primary_end());
        for(files_work = 0; files_work < in_files; files_work++) {
            g_string_append(dialog_text, in_filenames[files_work]);
            g_string_append(dialog_text, "\n");
        }
        g_string_append(dialog_text, "\nThe packets in these files will be merged chronologically into a new temporary file.");
        simple_dialog(ESD_TYPE_CONFIRMATION, ESD_BTN_OK, "%s",
                      dialog_text->str);
        g_string_free(dialog_text, TRUE);

        /* actually merge the files now */
        dnd_merge_files(in_files, in_filenames);
    }

    g_free(in_filenames);
    g_free(cf_names_freeme);
}
Пример #9
0
static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
    char *tmpname, *capfile_name;
    int   err;

    /* pcapng defs */
    wtap_optionblock_t           shb_hdr;
    wtapng_iface_descriptions_t *idb_inf;
    wtap_optionblock_t           int_data;
    wtapng_if_descr_mandatory_t *int_data_mand;
    GString                     *os_info_str;
    gchar                       *opt_comment, *wireshark_ver;

    /* Create data for SHB  */
    os_info_str = g_string_new("");
    get_os_version_info(os_info_str);

    shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);

    /* options */
    opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
    wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
    g_free(opt_comment);

    /*
     * UTF-8 string containing the name of the operating system used to create
     * this section.
     */
    wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
    /*
     * UTF-8 string containing the name of the application used to create
     * this section.
     */
    wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
    wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
    g_free(wireshark_ver);

    /* Create fake IDB info */
    idb_inf = g_new(wtapng_iface_descriptions_t,1);
    idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));

    /* create the fake interface data */
    int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
    int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
    int_data_mand->wtap_encap      = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
    int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
    int_data_mand->link_type       = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
    int_data_mand->snap_len        = WTAP_MAX_PACKET_SIZE;

    wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
    wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);

    g_array_append_val(idb_inf->interface_data, int_data);

    /* Use a random name for the temporary import buffer */
    exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_",
                            WTAP_FILE_TYPE_SUBTYPE_PCAPNG,
                            WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE,
                            FALSE, shb_hdr, idb_inf, NULL, &err);
    capfile_name = g_strdup(tmpname);
    if (exp_pdu_tap_data->wdh == NULL) {
        open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE);
        goto end;
    }

    /* Run the tap */
    cf_retap_packets(&cfile);


    if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
        write_failure_alert_box(capfile_name, err);
    }

    remove_tap_listener(exp_pdu_tap_data);

    /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
    if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
        open_failure_alert_box(capfile_name, err, FALSE);
        goto end;
    }

    switch (cf_read(&cfile, FALSE)) {
    case CF_READ_OK:
    case CF_READ_ERROR:
        /* Just because we got an error, that doesn't mean we were unable
           to read any of the file; we handle what we could get from the
           file. */
        break;

    case CF_READ_ABORTED:
        /* The user bailed out of re-reading the capture file; the
           capture file has been closed - just free the capture file name
           string and return (without changing the last containing
           directory). */
        break;
    }

end:
    g_free(capfile_name);
    wtap_optionblock_free(shb_hdr);
    wtap_free_idb_info(idb_inf);
}
Пример #10
0
/* We've succeeded in doing a (non real-time) capture; try to read it into a new capture file */
static gboolean
capture_input_read_all(capture_session *cap_session, gboolean is_tempfile,
                       gboolean drops_known, guint32 drops)
{
  capture_options *capture_opts = cap_session->capture_opts;
  int err;

  /* Capture succeeded; attempt to open the capture file. */
  if (cf_open((capture_file *)cap_session->cf, capture_opts->save_file, is_tempfile, &err) != CF_OK) {
    /* We're not doing a capture any more, so we don't have a save file. */
    return FALSE;
  }

  /* Set the read filter to NULL. */
  /* XXX - this is odd here; try to put it somewhere where it fits better */
  cf_set_rfcode((capture_file *)cap_session->cf, NULL);

  /* Get the packet-drop statistics.

     XXX - there are currently no packet-drop statistics stored
     in libpcap captures, and that's what we're reading.

     At some point, we will add support in Wiretap to return
     packet-drop statistics for capture file formats that store it,
     and will make "cf_read()" get those statistics from Wiretap.
     We clear the statistics (marking them as "not known") in
     "cf_open()", and "cf_read()" will only fetch them and mark
     them as known if Wiretap supplies them, so if we get the
     statistics now, after calling "cf_open()" but before calling
     "cf_read()", the values we store will be used by "cf_read()".

     If a future libpcap capture file format stores the statistics,
     we'll put them into the capture file that we write, and will
     thus not have to set them here - "cf_read()" will get them from
     the file and use them. */
  if (drops_known) {
    cf_set_drops_known((capture_file *)cap_session->cf, TRUE);

    /* XXX - on some systems, libpcap doesn't bother filling in
       "ps_ifdrop" - it doesn't even set it to zero - so we don't
       bother looking at it.

       Ideally, libpcap would have an interface that gave us
       several statistics - perhaps including various interface
       error statistics - and would tell us which of them it
       supplies, allowing us to display only the ones it does. */
    cf_set_drops((capture_file *)cap_session->cf, drops);
  }

  /* read in the packet data */
  switch (cf_read((capture_file *)cap_session->cf, FALSE)) {

  case CF_READ_OK:
  case CF_READ_ERROR:
    /* Just because we got an error, that doesn't mean we were unable
       to read any of the file; we handle what we could get from the
       file. */
    break;

  case CF_READ_ABORTED:
    /* User wants to quit program. Exit by leaving the main loop,
       so that any quit functions we registered get called. */
    main_window_nested_quit();
    return FALSE;
  }

  /* if we didn't capture even a single packet, close the file again */
  if(cf_get_packet_count((capture_file *)cap_session->cf) == 0 && !capture_opts->restart) {
    simple_dialog(ESD_TYPE_INFO, ESD_BTN_OK,
"%sNo packets captured!%s\n"
"\n"
"As no data was captured, closing the %scapture file!\n"
"\n"
"\n"
"Help about capturing can be found at:\n"
"\n"
"       http://wiki.wireshark.org/CaptureSetup"
#ifdef _WIN32
"\n\n"
"Wireless (Wi-Fi/WLAN):\n"
"Try to switch off promiscuous mode in the Capture Options!"
#endif
"",
    simple_dialog_primary_start(), simple_dialog_primary_end(),
    (cf_is_tempfile((capture_file *)cap_session->cf)) ? "temporary " : "");
    cf_close((capture_file *)cap_session->cf);
  }
  return TRUE;
}