void capture_opts_trim_ring_num_files(capture_options *capture_opts)
{
/* Check the value range of the ring_num_files parameter */
if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
} else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
}
#if RINGBUFFER_MIN_NUM_FILES > 0
else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
#endif
}
guint32
get_guint32(const char *string, const char *name)
{
guint32 number;
if (!ws_strtou32(string, NULL, &number)) {
if (errno == EINVAL) {
cmdarg_err("The specified %s \"%s\" isn't a decimal number", name, string);
exit(1);
}
cmdarg_err("The specified %s \"%s\" is too large (greater than %d)",
name, string, number);
exit(1);
}
return number;
}
gboolean capture_opts_trim_iface(capture_options *capture_opts, const char *capture_device)
{
GList *if_list;
if_info_t *if_info;
int err;
gchar *err_str;
/* Did the user specify an interface to use? */
if (capture_opts->iface == NULL) {
/* No - is a default specified in the preferences file? */
if (capture_device != NULL) {
/* Yes - use it. */
capture_opts->iface = g_strdup(capture_device);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
} else {
/* No - pick the first one from the list of interfaces. */
if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
return FALSE;
}
if_info = (if_info_t *)if_list->data; /* first interface */
capture_opts->iface = g_strdup(if_info->name);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
free_interface_list(if_list);
}
}
return TRUE;
}
static int
load_cap_file(capture_file *cf)
{
int err;
gchar *err_info;
gint64 data_offset = 0;
struct wtap_pkthdr phdr;
guchar pd[WTAP_MAX_PACKET_SIZE];
while (raw_pipe_read(&phdr, pd, &err, &err_info, &data_offset)) {
process_packet(cf, data_offset, &phdr, pd);
}
if (err != 0) {
/* Print a message noting that the read failed somewhere along the line. */
switch (err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
cmdarg_err("\"%s\" has a packet with a network type that Rawshark doesn't support.\n(%s)",
cf->filename, err_info);
break;
case WTAP_ERR_CANT_READ:
cmdarg_err("An attempt to read from \"%s\" failed for some unknown reason.",
cf->filename);
break;
case WTAP_ERR_SHORT_READ:
cmdarg_err("\"%s\" appears to have been cut short in the middle of a packet.",
cf->filename);
break;
case WTAP_ERR_BAD_RECORD:
cmdarg_err("\"%s\" appears to be damaged or corrupt.\n(%s)",
cf->filename, err_info);
break;
default:
cmdarg_err("An error occurred while reading \"%s\": %s.",
cf->filename, wtap_strerror(err));
break;
}
}
return err;
}
int
get_natural_int(const char *string, const char *name)
{
long number;
char *p;
number = strtol(string, &p, 10);
if (p == string || *p != '\0') {
cmdarg_err("The specified %s \"%s\" isn't a decimal number", name, string);
exit(1);
}
if (number < 0) {
cmdarg_err("The specified %s \"%s\" is a negative number", name, string);
exit(1);
}
if (number > INT_MAX) {
cmdarg_err("The specified %s \"%s\" is too large (greater than %d)",
name, string, INT_MAX);
exit(1);
}
return (int)number;
}
int
get_positive_int(const char *string, const char *name)
{
int number;
number = get_natural_int(string, name);
if (number == 0) {
cmdarg_err("The specified %s is zero", name);
exit(1);
}
return number;
}
guint32
get_nonzero_guint32(const char *string, const char *name)
{
guint32 number;
number = get_guint32(string, name);
if (number == 0) {
cmdarg_err("The specified %s is zero", name);
exit(1);
}
return number;
}
int
get_natural_int(const char *string, const char *name)
{
gint32 number;
if (!ws_strtoi32(string, NULL, &number)) {
if (errno == EINVAL) {
cmdarg_err("The specified %s \"%s\" isn't a decimal number", name, string);
exit(1);
}
if (number < 0) {
cmdarg_err("The specified %s \"%s\" is a negative number", name, string);
exit(1);
}
cmdarg_err("The specified %s \"%s\" is too large (greater than %d)",
name, string, number);
exit(1);
}
if (number < 0) {
cmdarg_err("The specified %s \"%s\" is a negative number", name, string);
exit(1);
}
return (int)number;
}
void init_iousers(struct register_ct *ct, const char *filter)
{
io_users_t *iu;
GString *error_string;
iu = g_new0(io_users_t, 1);
iu->type = proto_get_protocol_short_name(find_protocol_by_id(get_conversation_proto_id(ct)));
iu->filter = g_strdup(filter);
iu->hash.user_data = iu;
error_string = register_tap_listener(proto_get_protocol_filter_name(get_conversation_proto_id(ct)), &iu->hash, filter, 0, NULL, get_conversation_packet_func(ct), iousers_draw, NULL);
if (error_string) {
g_free(iu);
cmdarg_err("Couldn't register conversations tap: %s",
error_string->str);
g_string_free(error_string, TRUE);
exit(1);
}
}
static void
init_srt_tables(register_srt_t* srt, const char *filter)
{
srt_t *ui;
GString *error_string;
ui = g_new0(srt_t, 1);
ui->type = proto_get_protocol_short_name(find_protocol_by_id(get_srt_proto_id(srt)));
ui->filter = g_strdup(filter);
ui->data.srt_array = global_srt_array;
ui->data.user_data = ui;
error_string = register_tap_listener(get_srt_tap_listener_name(srt), &ui->data, filter, 0, NULL, get_srt_packet_func(srt), srt_draw, NULL);
if (error_string) {
free_srt_table(srt, global_srt_array);
g_free(ui);
cmdarg_err("Couldn't register srt tap: %s", error_string->str);
g_string_free(error_string, TRUE);
exit(1);
}
}
static void
dissector_srt_init(const char *opt_arg, void* userdata)
{
register_srt_t *srt = (register_srt_t*)userdata;
const char *filter=NULL;
char* err;
srt_table_get_filter(srt, opt_arg, &filter, &err);
if (err != NULL)
{
gchar* cmd_str = srt_table_get_tap_string(srt);
cmdarg_err("invalid \"-z %s,%s\" argument", cmd_str, err);
g_free(cmd_str);
g_free(err);
exit(1);
}
/* Need to create the SRT array now */
global_srt_array = g_array_new(FALSE, TRUE, sizeof(srt_stat_table*));
srt_table_dissector_init(srt, global_srt_array);
init_srt_tables(srt, filter);
}
int
capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p, gboolean *start_capture)
{
int status, snaplen;
switch(opt) {
case 'a': /* autostop criteria */
if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
return 1;
}
break;
#ifdef HAVE_PCAP_REMOTE
case 'A':
if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
return 1;
}
break;
#endif
case 'b': /* Ringbuffer option */
capture_opts->multi_files_on = TRUE;
if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
return 1;
}
break;
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
case 'B': /* Buffer size */
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.buffer_size = get_positive_int(optarg_str_p, "buffer size");
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
}
break;
#endif
case 'c': /* Capture n packets */
capture_opts->has_autostop_packets = TRUE;
capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
break;
case 'f': /* capture filter */
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
g_free(interface_opts.cfilter);
interface_opts.cfilter = g_strdup(optarg_str_p);
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
g_free(capture_opts->default_options.cfilter);
capture_opts->default_options.cfilter = g_strdup(optarg_str_p);
}
break;
case 'H': /* Hide capture info dialog box */
capture_opts->show_info = FALSE;
break;
case 'i': /* Use interface x */
status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
if (status != 0) {
return status;
}
break;
#ifdef HAVE_PCAP_CREATE
case 'I': /* Capture in monitor mode */
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.monitor_mode = TRUE;
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.monitor_mode = TRUE;
}
break;
#endif
case 'k': /* Start capture immediately */
*start_capture = TRUE;
break;
/*case 'l':*/ /* Automatic scrolling in live capture mode */
#ifdef HAVE_PCAP_SETSAMPLING
case 'm':
if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
return 1;
}
break;
#endif
case 'n': /* Use pcapng format */
capture_opts->use_pcapng = TRUE;
break;
case 'p': /* Don't capture in promiscuous mode */
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.promisc_mode = FALSE;
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.promisc_mode = FALSE;
}
break;
case 'P': /* Use pcap format */
capture_opts->use_pcapng = FALSE;
break;
#ifdef HAVE_PCAP_REMOTE
case 'r':
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.nocap_rpcap = FALSE;
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.nocap_rpcap = FALSE;
}
break;
#endif
case 's': /* Set the snapshot (capture) length */
snaplen = get_natural_int(optarg_str_p, "snapshot length");
/*
* Make a snapshot length of 0 equivalent to the maximum packet
* length, mirroring what tcpdump does.
*/
if (snaplen == 0)
snaplen = WTAP_MAX_PACKET_SIZE;
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.has_snaplen = TRUE;
interface_opts.snaplen = snaplen;
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.snaplen = snaplen;
capture_opts->default_options.has_snaplen = TRUE;
}
break;
case 'S': /* "Real-Time" mode: used for following file ala tail -f */
capture_opts->real_time_mode = TRUE;
break;
#ifdef HAVE_PCAP_REMOTE
case 'u':
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.datatx_udp = TRUE;
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.datatx_udp = TRUE;
}
break;
#endif
case 'w': /* Write to capture file x */
capture_opts->saving_to_file = TRUE;
g_free(capture_opts->save_file);
capture_opts->save_file = g_strdup(optarg_str_p);
status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
return status;
case 'g': /* enable group read access on the capture file(s) */
capture_opts->group_read_access = TRUE;
break;
case 'y': /* Set the pcap data link type */
if (capture_opts->ifaces->len > 0) {
interface_options interface_opts;
interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
interface_opts.linktype = linktype_name_to_val(optarg_str_p);
if (interface_opts.linktype == -1) {
cmdarg_err("The specified data link type \"%s\" isn't valid",
optarg_str_p);
return 1;
}
g_array_append_val(capture_opts->ifaces, interface_opts);
} else {
capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
if (capture_opts->default_options.linktype == -1) {
cmdarg_err("The specified data link type \"%s\" isn't valid",
optarg_str_p);
return 1;
}
}
break;
default:
/* the caller is responsible to send us only the right opt's */
g_assert_not_reached();
}
return 0;
}
static int
capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
{
long adapter_index;
char *p;
GList *if_list;
if_info_t *if_info;
int err;
gchar *err_str;
interface_options interface_opts;
/*
* If the argument is a number, treat it as an index into the list
* of adapters, as printed by "tshark -D".
*
* This should be OK on UNIX systems, as interfaces shouldn't have
* names that begin with digits. It can be useful on Windows, where
* more than one interface can have the same name.
*/
adapter_index = strtol(optarg_str_p, &p, 10);
if (p != NULL && *p == '\0') {
if (adapter_index < 0) {
cmdarg_err("The specified adapter index is a negative number");
return 1;
}
if (adapter_index > INT_MAX) {
cmdarg_err("The specified adapter index is too large (greater than %d)",
INT_MAX);
return 1;
}
if (adapter_index == 0) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
if_list = capture_interface_list(&err, &err_str, NULL);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
case DONT_HAVE_PCAP:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
return 2;
}
if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
if (if_info == NULL) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
interface_opts.name = g_strdup(if_info->name);
if (if_info->friendly_name != NULL) {
/*
* We have a friendly name for the interface, so display that
* instead of the interface name/guid.
*
* XXX - on UN*X, the interface name is not quite so ugly,
* and might be more familiar to users; display them both?
*/
interface_opts.console_display_name = g_strdup(if_info->friendly_name);
} else {
/* fallback to the interface name */
interface_opts.console_display_name = g_strdup(if_info->name);
}
free_interface_list(if_list);
} else if (capture_opts->capture_child) {
/* In Wireshark capture child mode, thus proper device name is supplied. */
/* No need for trying to match it for friendly names. */
interface_opts.name = g_strdup(optarg_str_p);
interface_opts.console_display_name = g_strdup(optarg_str_p);
} else {
/*
* Retrieve the interface list so that we can search for the
* specified option amongst both the interface names and the
* friendly names and so that we find the friendly name even
* if an interface name was specified.
*
* If we can't get the list, just use the specified option as
* the interface name, so that the user can try specifying an
* interface explicitly for testing purposes.
*/
if_list = capture_interface_list(&err, NULL, NULL);
if (if_list != NULL) {
/* try and do an exact match (case insensitive) */
GList *if_entry;
gboolean matched;
matched = FALSE;
for (if_entry = g_list_first(if_list); if_entry != NULL;
if_entry = g_list_next(if_entry))
{
if_info = (if_info_t *)if_entry->data;
/* exact name check */
if (g_ascii_strcasecmp(if_info->name, optarg_str_p) == 0) {
/* exact match on the interface name, use that for displaying etc */
interface_opts.name = g_strdup(if_info->name);
if (if_info->friendly_name != NULL) {
/*
* If we have a friendly name, use that for the
* console display name, as it is the basis for
* the auto generated temp filename.
*/
interface_opts.console_display_name = g_strdup(if_info->friendly_name);
} else {
interface_opts.console_display_name = g_strdup(if_info->name);
}
matched = TRUE;
break;
}
/* exact friendly name check */
if (if_info->friendly_name != NULL &&
g_ascii_strcasecmp(if_info->friendly_name, optarg_str_p) == 0) {
/* exact match - use the friendly name for display */
interface_opts.name = g_strdup(if_info->name);
interface_opts.console_display_name = g_strdup(if_info->friendly_name);
matched = TRUE;
break;
}
}
/* didn't find, attempt a case insensitive prefix match of the friendly name*/
if (!matched) {
size_t prefix_length;
prefix_length = strlen(optarg_str_p);
for (if_entry = g_list_first(if_list); if_entry != NULL;
if_entry = g_list_next(if_entry))
{
if_info = (if_info_t *)if_entry->data;
if (if_info->friendly_name != NULL &&
g_ascii_strncasecmp(if_info->friendly_name, optarg_str_p, prefix_length) == 0) {
/* prefix match - use the friendly name for display */
interface_opts.name = g_strdup(if_info->name);
interface_opts.console_display_name = g_strdup(if_info->friendly_name);
matched = TRUE;
break;
}
}
}
if (!matched) {
/*
* We didn't find the interface in the list; just use
* the specified name, so that, for example, if an
* interface doesn't show up in the list for some
* reason, the user can try specifying it explicitly
* for testing purposes.
*/
interface_opts.name = g_strdup(optarg_str_p);
interface_opts.console_display_name = g_strdup(optarg_str_p);
}
free_interface_list(if_list);
} else {
interface_opts.name = g_strdup(optarg_str_p);
interface_opts.console_display_name = g_strdup(optarg_str_p);
}
}
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
interface_opts.descr = g_strdup(capture_opts->default_options.descr);
interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
interface_opts.snaplen = capture_opts->default_options.snaplen;
interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
interface_opts.linktype = capture_opts->default_options.linktype;
interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
interface_opts.buffer_size = capture_opts->default_options.buffer_size;
#endif
interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
#ifdef HAVE_PCAP_REMOTE
interface_opts.src_type = capture_opts->default_options.src_type;
interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
interface_opts.auth_type = capture_opts->default_options.auth_type;
interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
interface_opts.nocap_local = capture_opts->default_options.nocap_local;
#endif
#ifdef HAVE_PCAP_SETSAMPLING
interface_opts.sampling_method = capture_opts->default_options.sampling_method;
interface_opts.sampling_param = capture_opts->default_options.sampling_param;
#endif
g_array_append_val(capture_opts->ifaces, interface_opts);
return 0;
}
static int
capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
{
long adapter_index;
char *p;
GList *if_list;
if_info_t *if_info;
int err;
gchar *err_str;
interface_options interface_opts;
/*
* If the argument is a number, treat it as an index into the list
* of adapters, as printed by "tshark -D".
*
* This should be OK on UNIX systems, as interfaces shouldn't have
* names that begin with digits. It can be useful on Windows, where
* more than one interface can have the same name.
*/
adapter_index = strtol(optarg_str_p, &p, 10);
if (p != NULL && *p == '\0') {
if (adapter_index < 0) {
cmdarg_err("The specified adapter index is a negative number");
return 1;
}
if (adapter_index > INT_MAX) {
cmdarg_err("The specified adapter index is too large (greater than %d)",
INT_MAX);
return 1;
}
if (adapter_index == 0) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
case DONT_HAVE_PCAP:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
return 2;
}
if_info = (if_info_t *)g_list_nth_data(if_list, adapter_index - 1);
if (if_info == NULL) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
interface_opts.name = g_strdup(if_info->name);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
free_interface_list(if_list);
} else {
interface_opts.name = g_strdup(optarg_str_p);
}
interface_opts.descr = g_strdup(capture_opts->default_options.descr);
interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
interface_opts.snaplen = capture_opts->default_options.snaplen;
interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
interface_opts.linktype = capture_opts->default_options.linktype;
interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
interface_opts.buffer_size = capture_opts->default_options.buffer_size;
#endif
interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
#ifdef HAVE_PCAP_REMOTE
interface_opts.src_type = capture_opts->default_options.src_type;
interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
interface_opts.auth_type = capture_opts->default_options.auth_type;
interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
interface_opts.nocap_local = capture_opts->default_options.nocap_local;
#endif
#ifdef HAVE_PCAP_SETSAMPLING
interface_opts.sampling_method = capture_opts->default_options.sampling_method;
interface_opts.sampling_param = capture_opts->default_options.sampling_param;
#endif
g_array_append_val(capture_opts->ifaces, interface_opts);
return 0;
}
/* And now our feature presentation... [ fade to music ] */
int main(int argc, char *argv[])
{
WiresharkApplication a(argc, argv);
MainWindow *w;
char *init_progfile_dir_error;
char *s;
int opt;
gboolean arg_error = FALSE;
extern int info_update_freq; /* Found in about_dlg.c. */
const gchar *filter;
#ifdef _WIN32
WSADATA wsaData;
#endif /* _WIN32 */
char *rf_path;
int rf_open_errno;
char *gdp_path, *dp_path;
int err;
#ifdef HAVE_LIBPCAP
gboolean start_capture = FALSE;
gboolean list_link_layer_types = FALSE;
GList *if_list;
gchar *err_str;
#else
gboolean capture_option_specified = FALSE;
#ifdef _WIN32
#ifdef HAVE_AIRPCAP
gchar *err_str;
#endif
#endif
#endif
gint pl_size = 280, tv_size = 95, bv_size = 75;
gchar *rc_file, *cf_name = NULL, *rfilter = NULL, *jfilter = NULL;
dfilter_t *rfcode = NULL;
gboolean rfilter_parse_failed = FALSE;
e_prefs *prefs_p;
char badopt;
//GtkWidget *splash_win = NULL;
GLogLevelFlags log_flags;
guint go_to_packet = 0;
gboolean jump_backwards = FALSE;
dfilter_t *jump_to_filter = NULL;
int optind_initial;
int status;
//initialize language !
QString locale = QLocale::system().name();
g_log(NULL, G_LOG_LEVEL_DEBUG, "Translator %s", locale.toStdString().c_str());
QTranslator translator;
translator.load(QString(":/i18n/qtshark_") + locale);
a.installTranslator(&translator);
// Hopefully we won't have to use QString::fromUtf8() in as many places.
QTextCodec *utf8codec = QTextCodec::codecForName("UTF-8");
QTextCodec::setCodecForCStrings(utf8codec);
QTextCodec::setCodecForTr(utf8codec);
#ifdef HAVE_LIBPCAP
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
#define OPTSTRING_B "B:"
#else
#define OPTSTRING_B ""
#endif /* _WIN32 or HAVE_PCAP_CREATE */
#else /* HAVE_LIBPCAP */
#define OPTSTRING_B ""
#endif /* HAVE_LIBPCAP */
#ifdef HAVE_PCAP_CREATE
#define OPTSTRING_I "I"
#else
#define OPTSTRING_I ""
#endif
#define OPTSTRING "a:b:" OPTSTRING_B "c:C:Df:g:Hhi:" OPTSTRING_I "jJ:kK:lLm:nN:o:P:pQr:R:Ss:t:u:vw:X:y:z:"
static const char optstring[] = OPTSTRING;
/*
* Get credential information for later use, and drop privileges
* before doing anything else.
* Let the user know if anything happened.
*/
init_process_policies();
relinquish_special_privs_perm();
/*
* Attempt to get the pathname of the executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
g_log(NULL, G_LOG_LEVEL_DEBUG, "progfile_dir: %s", get_progfile_dir());
/* initialize the funnel mini-api */
// xxx qtshark
//initialize_funnel_ops();
AirPDcapInitContext(&airpdcap_ctx);
// xxx qtshark
#ifdef _WIN32
/* Load wpcap if possible. Do this before collecting the run-time version information */
load_wpcap();
/* ... and also load the packet.dll from wpcap */
wpcap_packet_load();
#ifdef HAVE_AIRPCAP
/* Load the airpcap.dll. This must also be done before collecting
* run-time version information. */
airpcap_dll_ret_val = load_airpcap();
switch (airpcap_dll_ret_val) {
case AIRPCAP_DLL_OK:
/* load the airpcap interfaces */
airpcap_if_list = get_airpcap_interface_list(&err, &err_str);
if (airpcap_if_list == NULL || g_list_length(airpcap_if_list) == 0){
if (err == CANT_GET_AIRPCAP_INTERFACE_LIST && err_str != NULL) {
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s", "Failed to open Airpcap Adapters!");
g_free(err_str);
}
airpcap_if_active = NULL;
} else {
/* select the first ad default (THIS SHOULD BE CHANGED) */
airpcap_if_active = airpcap_get_default_if(airpcap_if_list);
}
break;
#if 0
/*
* XXX - Maybe we need to warn the user if one of the following happens???
*/
case AIRPCAP_DLL_OLD:
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s","AIRPCAP_DLL_OLD\n");
break;
case AIRPCAP_DLL_ERROR:
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s","AIRPCAP_DLL_ERROR\n");
break;
case AIRPCAP_DLL_NOT_FOUND:
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s","AIRPCAP_DDL_NOT_FOUND\n");
break;
#endif
}
#endif /* HAVE_AIRPCAP */
/* Start windows sockets */
WSAStartup( MAKEWORD( 1, 1 ), &wsaData );
#endif /* _WIN32 */
profile_store_persconffiles (TRUE);
/* Assemble the compile-time version information string */
comp_info_str = g_string_new("Compiled ");
// xxx qtshark
get_compiled_version_info(comp_info_str, get_qt_compiled_info, get_gui_compiled_info);
/* Assemble the run-time version information string */
runtime_info_str = g_string_new("Running ");
// xxx qtshark
get_runtime_version_info(runtime_info_str, get_gui_runtime_info);
/* Read the profile independent recent file. We have to do this here so we can */
/* set the profile before it can be set from the command line parameterts */
// xxx qtshark
//recent_read_static(&rf_path, &rf_open_errno);
//if (rf_path != NULL && rf_open_errno != 0) {
// simple_dialog(ESD_TYPE_WARN, ESD_BTN_OK,
// "Could not open common recent file\n\"%s\": %s.",
// rf_path, strerror(rf_open_errno));
//}
/* "pre-scan" the command line parameters, if we have "console only"
parameters. We do this so we don't start GTK+ if we're only showing
command-line help or version information.
XXX - this pre-scan is done before we start GTK+, so we haven't
run gtk_init() on the arguments. That means that GTK+ arguments
have not been removed from the argument list; those arguments
begin with "--", and will be treated as an error by getopt().
We thus ignore errors - *and* set "opterr" to 0 to suppress the
error messages. */
opterr = 0;
optind_initial = optind;
while ((opt = getopt(argc, argv, optstring)) != -1) {
switch (opt) {
case 'C': /* Configuration Profile */
if (profile_exists (optarg, FALSE)) {
set_profile_name (optarg);
} else {
cmdarg_err("Configuration Profile \"%s\" does not exist", optarg);
exit(1);
}
break;
case 'D': /* Print a list of capture devices and exit */
#ifdef HAVE_LIBPCAP
if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
exit(2);
}
capture_opts_print_interfaces(if_list);
free_interface_list(if_list);
exit(0);
#else
capture_option_specified = TRUE;
arg_error = TRUE;
#endif
break;
case 'h': /* Print help and exit */
print_usage(TRUE);
exit(0);
break;
#ifdef _WIN32
case 'i':
if (strcmp(optarg, "-") == 0)
stdin_capture = TRUE;
break;
#endif
case 'P': /* Path settings - change these before the Preferences and alike are processed */
status = filesystem_opt(opt, optarg);
if(status != 0) {
cmdarg_err("-P flag \"%s\" failed (hint: is it quoted and existing?)", optarg);
exit(status);
}
break;
case 'v': /* Show version and exit */
show_version();
exit(0);
break;
case 'X':
/*
* Extension command line options have to be processed before
* we call epan_init() as they are supposed to be used by dissectors
* or taps very early in the registration process.
*/
ex_opt_add(optarg);
break;
case '?': /* Ignore errors - the "real" scan will catch them. */
break;
}
}
cf_callback_add(main_cf_callback, NULL);
/* Arrange that if we have no console window, and a GLib message logging
routine is called to log a message, we pop up a console window.
We do that by inserting our own handler for all messages logged
to the default domain; that handler pops up a console if necessary,
and then calls the default handler. */
/* We might want to have component specific log levels later ... */
log_flags = (GLogLevelFlags) (
G_LOG_LEVEL_ERROR|
G_LOG_LEVEL_CRITICAL|
G_LOG_LEVEL_WARNING|
G_LOG_LEVEL_MESSAGE|
G_LOG_LEVEL_INFO|
G_LOG_LEVEL_DEBUG|
G_LOG_FLAG_FATAL|G_LOG_FLAG_RECURSION );
g_log_set_handler(NULL,
log_flags,
console_log_handler, NULL /* user_data */);
g_log_set_handler(LOG_DOMAIN_MAIN,
log_flags,
console_log_handler, NULL /* user_data */);
#ifdef HAVE_LIBPCAP
g_log_set_handler(LOG_DOMAIN_CAPTURE,
log_flags,
console_log_handler, NULL /* user_data */);
g_log_set_handler(LOG_DOMAIN_CAPTURE_CHILD,
log_flags,
console_log_handler, NULL /* user_data */);
/* Set the initial values in the capture options. This might be overwritten
by preference settings and then again by the command line parameters. */
capture_opts_init(&global_capture_opts, &cfile);
#endif
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
epan_init(register_all_protocols,register_all_protocol_handoffs,
NULL, NULL,
// splash_update, (gpointer) splash_win,
failure_alert_box,open_failure_alert_box,read_failure_alert_box,
write_failure_alert_box
);
// splash_update(RA_LISTENERS, NULL, (gpointer)splash_win);
/* Register all tap listeners; we do this before we parse the arguments,
as the "-z" argument can specify a registered tap. */
/* we register the plugin taps before the other taps because
stats_tree taps plugins will be registered as tap listeners
by stats_tree_stat.c and need to registered before that */
g_log(NULL, G_LOG_LEVEL_DEBUG, "plugin_dir: %s", get_plugin_dir());
#ifdef HAVE_PLUGINS
register_all_plugin_tap_listeners();
#endif
// register_all_tap_listeners();
// splash_update(RA_PREFERENCES, NULL, (gpointer)splash_win);
prefs_p = read_configuration_files (&gdp_path, &dp_path);
/* Removed thread code:
* http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=35027
*/
g_log(NULL, G_LOG_LEVEL_DEBUG, "FIX: timestamp types should be set elsewhere");
timestamp_set_type(TS_RELATIVE);
timestamp_set_precision(TS_PREC_AUTO_USEC);
timestamp_set_seconds_type(TS_SECONDS_DEFAULT);
/////////
build_column_format_array(&cfile.cinfo, prefs_p->num_cols, TRUE);
font_init();
////////
/* Read the dynamic part of the recent file, as we have the gui now ready for
it. */
recent_read_dynamic(&rf_path, &rf_open_errno);
if (rf_path != NULL && rf_open_errno != 0) {
simple_dialog(ESD_TYPE_WARN, ESD_BTN_OK,
"Could not open recent file\n\"%s\": %s.",
rf_path, g_strerror(rf_open_errno));
}
color_filters_enable(recent.packet_list_colorize);
g_log(NULL, G_LOG_LEVEL_DEBUG, "FIX: fetch recent color settings");
color_filters_enable(TRUE);
////////
switch (user_font_apply()) {
case FA_SUCCESS:
break;
case FA_FONT_NOT_RESIZEABLE:
/* "user_font_apply()" popped up an alert box. */
/* turn off zooming - font can't be resized */
case FA_FONT_NOT_AVAILABLE:
/* XXX - did we successfully load the un-zoomed version earlier?
If so, this *probably* means the font is available, but not at
this particular zoom level, but perhaps some other failure
occurred; I'm not sure you can determine which is the case,
however. */
/* turn off zooming - zoom level is unavailable */
default:
/* in any other case than FA_SUCCESS, turn off zooming */
// recent.gui_zoom_level = 0;
/* XXX: would it be a good idea to disable zooming (insensitive GUI)? */
break;
}
////////
color_filters_init();
////////
w = new(MainWindow);
w->show();
return a.exec();
}
int
capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p, gboolean *start_capture)
{
int status;
switch(opt) {
case 'a': /* autostop criteria */
if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
return 1;
}
break;
#ifdef HAVE_PCAP_REMOTE
case 'A':
if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
return 1;
}
break;
#endif
case 'b': /* Ringbuffer option */
capture_opts->multi_files_on = TRUE;
if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
return 1;
}
break;
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
case 'B': /* Buffer size */
capture_opts->buffer_size = get_positive_int(optarg_str_p, "buffer size");
break;
#endif
case 'c': /* Capture n packets */
capture_opts->has_autostop_packets = TRUE;
capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
break;
case 'f': /* capture filter */
if (capture_opts->has_cfilter) {
cmdarg_err("More than one -f argument specified");
return 1;
}
capture_opts->has_cfilter = TRUE;
g_free(capture_opts->cfilter);
capture_opts->cfilter = g_strdup(optarg_str_p);
break;
case 'H': /* Hide capture info dialog box */
capture_opts->show_info = FALSE;
break;
case 'i': /* Use interface x */
status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
if(status != 0) {
return status;
}
break;
#ifdef HAVE_PCAP_CREATE
case 'I': /* Capture in monitor mode */
capture_opts->monitor_mode = TRUE;
break;
#endif
case 'k': /* Start capture immediately */
*start_capture = TRUE;
break;
/*case 'l':*/ /* Automatic scrolling in live capture mode */
#ifdef HAVE_PCAP_SETSAMPLING
case 'm':
if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
return 1;
}
break;
#endif
case 'n': /* Use pcapng format */
capture_opts->use_pcapng = TRUE;
break;
case 'p': /* Don't capture in promiscuous mode */
capture_opts->promisc_mode = FALSE;
break;
case 'Q': /* Quit after capture (just capture to file) */
capture_opts->quit_after_cap = TRUE;
*start_capture = TRUE; /*** -Q implies -k !! ***/
break;
#ifdef HAVE_PCAP_REMOTE
case 'r':
capture_opts->nocap_rpcap = FALSE;
break;
#endif
case 's': /* Set the snapshot (capture) length */
capture_opts->has_snaplen = TRUE;
capture_opts->snaplen = get_natural_int(optarg_str_p, "snapshot length");
/*
* Make a snapshot length of 0 equivalent to the maximum packet
* length, mirroring what tcpdump does.
*/
if (capture_opts->snaplen == 0)
capture_opts->snaplen = WTAP_MAX_PACKET_SIZE;
break;
case 'S': /* "Real-Time" mode: used for following file ala tail -f */
capture_opts->real_time_mode = TRUE;
break;
#ifdef HAVE_PCAP_REMOTE
case 'u':
capture_opts->datatx_udp = TRUE;
break;
#endif
case 'w': /* Write to capture file x */
capture_opts->saving_to_file = TRUE;
g_free(capture_opts->save_file);
#if defined _WIN32 && GLIB_CHECK_VERSION(2,6,0)
/* since GLib 2.6, we need to convert filenames to utf8 for Win32 */
capture_opts->save_file = g_locale_to_utf8(optarg_str_p, -1, NULL, NULL, NULL);
#else
capture_opts->save_file = g_strdup(optarg_str_p);
#endif
status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
return status;
case 'y': /* Set the pcap data link type */
capture_opts->linktype = linktype_name_to_val(optarg_str_p);
if (capture_opts->linktype == -1) {
cmdarg_err("The specified data link type \"%s\" isn't valid",
optarg_str_p);
return 1;
}
break;
default:
/* the caller is responsible to send us only the right opt's */
g_assert_not_reached();
}
return 0;
}
static int
capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
{
long adapter_index;
char *p;
GList *if_list;
if_info_t *if_info;
int err;
gchar *err_str;
/*
* If the argument is a number, treat it as an index into the list
* of adapters, as printed by "tshark -D".
*
* This should be OK on UNIX systems, as interfaces shouldn't have
* names that begin with digits. It can be useful on Windows, where
* more than one interface can have the same name.
*/
adapter_index = strtol(optarg_str_p, &p, 10);
if (p != NULL && *p == '\0') {
if (adapter_index < 0) {
cmdarg_err("The specified adapter index is a negative number");
return 1;
}
if (adapter_index > INT_MAX) {
cmdarg_err("The specified adapter index is too large (greater than %d)",
INT_MAX);
return 1;
}
if (adapter_index == 0) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
return 2;
}
if_info = (if_info_t *)g_list_nth_data(if_list, adapter_index - 1);
if (if_info == NULL) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
capture_opts->iface = g_strdup(if_info->name);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
free_interface_list(if_list);
} else {
capture_opts->iface = g_strdup(optarg_str_p);
}
return 0;
}
int
main(int argc, char *argv[])
{
char *init_progfile_dir_error;
int opt, i;
extern char *optarg;
gboolean arg_error = FALSE;
#ifdef _WIN32
WSADATA wsaData;
#endif /* _WIN32 */
char *gpf_path, *pf_path;
char *gdp_path, *dp_path;
int gpf_open_errno, gpf_read_errno;
int pf_open_errno, pf_read_errno;
int gdp_open_errno, gdp_read_errno;
int dp_open_errno, dp_read_errno;
int err;
gchar *pipe_name = NULL;
gchar *rfilters[64];
e_prefs *prefs;
char badopt;
GLogLevelFlags log_flags;
GPtrArray *disp_fields = g_ptr_array_new();
guint fc;
gboolean skip_pcap_header = FALSE;
#define OPTSTRING_INIT "d:F:hlnN:o:r:R:sS:t:v"
static const char optstring[] = OPTSTRING_INIT;
/*
* Get credential information for later use.
*/
get_credential_info();
/*
* Clear the filters arrays
*/
memset(rfilters, 0, sizeof(rfilters));
memset(rfcodes, 0, sizeof(rfcodes));
n_rfilters = 0;
n_rfcodes = 0;
/*
* Initialize our string format
*/
string_fmts = g_ptr_array_new();
/*
* Attempt to get the pathname of the executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "rawshark: Can't get pathname of rawshark program: %s.\n",
init_progfile_dir_error);
}
/*
* Get credential information for later use.
*/
get_credential_info();
/* nothing more than the standard GLib handler, but without a warning */
log_flags =
G_LOG_LEVEL_WARNING |
G_LOG_LEVEL_MESSAGE |
G_LOG_LEVEL_INFO |
G_LOG_LEVEL_DEBUG;
g_log_set_handler(NULL,
log_flags,
log_func_ignore, NULL /* user_data */);
g_log_set_handler(LOG_DOMAIN_CAPTURE_CHILD,
log_flags,
log_func_ignore, NULL /* user_data */);
timestamp_set_type(TS_RELATIVE);
timestamp_set_precision(TS_PREC_AUTO);
/* Register all dissectors; we must do this before checking for the
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL,
failure_message, open_failure_message, read_failure_message,
write_failure_message);
/* Now register the preferences for any non-dissector modules.
We must do that before we read the preferences as well. */
prefs_register_modules();
/* Set the C-language locale to the native environment. */
setlocale(LC_ALL, "");
prefs = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
if (gpf_path != NULL) {
if (gpf_open_errno != 0) {
cmdarg_err("Can't open global preferences file \"%s\": %s.",
pf_path, strerror(gpf_open_errno));
}
if (gpf_read_errno != 0) {
cmdarg_err("I/O error reading global preferences file \"%s\": %s.",
pf_path, strerror(gpf_read_errno));
}
}
if (pf_path != NULL) {
if (pf_open_errno != 0) {
cmdarg_err("Can't open your preferences file \"%s\": %s.", pf_path,
strerror(pf_open_errno));
}
if (pf_read_errno != 0) {
cmdarg_err("I/O error reading your preferences file \"%s\": %s.",
pf_path, strerror(pf_read_errno));
}
g_free(pf_path);
pf_path = NULL;
}
/* Set the name resolution code's flags from the preferences. */
g_resolv_flags = prefs->name_resolve;
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
if (gdp_path != NULL) {
if (gdp_open_errno != 0) {
cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_open_errno));
}
if (gdp_read_errno != 0) {
cmdarg_err("I/O error reading global disabled protocols file\n\"%s\": %s.",
gdp_path, strerror(gdp_read_errno));
}
g_free(gdp_path);
}
if (dp_path != NULL) {
if (dp_open_errno != 0) {
cmdarg_err(
"Could not open your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_open_errno));
}
if (dp_read_errno != 0) {
cmdarg_err(
"I/O error reading your disabled protocols file\n\"%s\": %s.", dp_path,
strerror(dp_read_errno));
}
g_free(dp_path);
}
#ifdef _WIN32
/* Load Wpcap, if possible */
load_wpcap();
#endif
init_cap_file(&cfile);
/* Assemble the compile-time version information string */
comp_info_str = g_string_new("Compiled ");
get_compiled_version_info(comp_info_str, get_epan_compiled_version_info);
/* Assemble the run-time version information string */
runtime_info_str = g_string_new("Running ");
get_runtime_version_info(runtime_info_str, NULL);
/* Print format defaults to this. */
print_format = PR_FMT_TEXT;
/* Initialize our encapsulation type */
encap = WTAP_ENCAP_UNKNOWN;
/* Now get our args */
/* XXX - We should probably have an option to dump libpcap link types */
while ((opt = getopt(argc, argv, optstring)) != -1) {
switch (opt) {
case 'd': /* Payload type */
if (!set_link_type(optarg)) {
cmdarg_err("Invalid link type or protocol \"%s\"", optarg);
exit(1);
}
break;
case 'F': /* Read field to display */
g_ptr_array_add(disp_fields, g_strdup(optarg));
break;
case 'h': /* Print help and exit */
print_usage(TRUE);
exit(0);
break;
case 'l': /* "Line-buffer" standard output */
/* This isn't line-buffering, strictly speaking, it's just
flushing the standard output after the information for
each packet is printed; however, that should be good
enough for all the purposes to which "-l" is put (and
is probably actually better for "-V", as it does fewer
writes).
See the comment in "process_packet()" for an explanation of
why we do that, and why we don't just use "setvbuf()" to
make the standard output line-buffered (short version: in
Windows, "line-buffered" is the same as "fully-buffered",
and the output buffer is only flushed when it fills up). */
line_buffered = TRUE;
break;
case 'n': /* No name resolution */
g_resolv_flags = RESOLV_NONE;
break;
case 'N': /* Select what types of addresses/port #s to resolve */
if (g_resolv_flags == RESOLV_ALL)
g_resolv_flags = RESOLV_NONE;
badopt = string_to_name_resolve(optarg, &g_resolv_flags);
if (badopt != '\0') {
cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'",
badopt);
exit(1);
}
break;
case 'o': /* Override preference from command line */
switch (prefs_set_pref(optarg)) {
case PREFS_SET_OK:
break;
case PREFS_SET_SYNTAX_ERR:
cmdarg_err("Invalid -o flag \"%s\"", optarg);
exit(1);
break;
case PREFS_SET_NO_SUCH_PREF:
case PREFS_SET_OBSOLETE:
cmdarg_err("-o flag \"%s\" specifies unknown preference", optarg);
exit(1);
break;
}
break;
case 'r': /* Read capture file xxx */
pipe_name = g_strdup(optarg);
break;
case 'R': /* Read file filter */
if(n_rfilters < (int) sizeof(rfilters) / (int) sizeof(rfilters[0])) {
rfilters[n_rfilters++] = optarg;
}
else {
cmdarg_err("Too many display filters");
exit(1);
}
break;
case 's': /* Skip PCAP header */
skip_pcap_header = TRUE;
break;
case 'S': /* Print string representations */
if (!parse_field_string_format(optarg)) {
cmdarg_err("Invalid field string format");
exit(1);
}
break;
case 't': /* Time stamp type */
if (strcmp(optarg, "r") == 0)
timestamp_set_type(TS_RELATIVE);
else if (strcmp(optarg, "a") == 0)
timestamp_set_type(TS_ABSOLUTE);
else if (strcmp(optarg, "ad") == 0)
timestamp_set_type(TS_ABSOLUTE_WITH_DATE);
else if (strcmp(optarg, "d") == 0)
timestamp_set_type(TS_DELTA);
else if (strcmp(optarg, "dd") == 0)
timestamp_set_type(TS_DELTA_DIS);
else if (strcmp(optarg, "e") == 0)
timestamp_set_type(TS_EPOCH);
else {
cmdarg_err("Invalid time stamp type \"%s\"",
optarg);
cmdarg_err_cont("It must be \"r\" for relative, \"a\" for absolute,");
cmdarg_err_cont("\"ad\" for absolute with date, or \"d\" for delta.");
exit(1);
}
break;
case 'v': /* Show version and exit */
printf("Rawshark " VERSION "%s\n"
"\n"
"%s"
"\n"
"%s"
"\n"
"%s",
wireshark_svnversion, get_copyright_info(), comp_info_str->str,
runtime_info_str->str);
exit(0);
break;
default:
case '?': /* Bad flag - print usage message */
print_usage(TRUE);
exit(1);
break;
}
}
/* Notify all registered modules that have had any of their preferences
changed either from one of the preferences file or from the command
line that their preferences have changed.
Initialize preferences before display filters, otherwise modules
like MATE won't work. */
prefs_apply_all();
/* Initialize our display fields */
for (fc = 0; fc < disp_fields->len; fc++) {
protocolinfo_init(g_ptr_array_index(disp_fields, fc));
}
g_ptr_array_free(disp_fields, TRUE);
printf("\n");
fflush(stdout);
/* If no capture filter or read filter has been specified, and there are
still command-line arguments, treat them as the tokens of a capture
filter (if no "-r" flag was specified) or a read filter (if a "-r"
flag was specified. */
if (optind < argc) {
if (pipe_name != NULL) {
if (n_rfilters != 0) {
cmdarg_err("Read filters were specified both with \"-R\" "
"and with additional command-line arguments");
exit(1);
}
rfilters[n_rfilters] = get_args_as_string(argc, argv, optind);
}
}
/* Make sure we got a dissector handle for our payload. */
if (encap == WTAP_ENCAP_UNKNOWN) {
cmdarg_err("No valid payload dissector specified.");
exit(1);
}
if (arg_error) {
print_usage(FALSE);
exit(1);
}
#ifdef _WIN32
/* Start windows sockets */
WSAStartup( MAKEWORD( 1, 1 ), &wsaData );
#endif /* _WIN32 */
/* At this point MATE will have registered its field array so we can
have a tap filter with one of MATE's late-registered fields as part
of the filter. We can now process all the "-z" arguments. */
start_requested_stats();
/* disabled protocols as per configuration file */
if (gdp_path == NULL && dp_path == NULL) {
set_disabled_protos_list();
}
/* Build the column format array */
col_setup(&cfile.cinfo, prefs->num_cols);
for (i = 0; i < cfile.cinfo.num_cols; i++) {
cfile.cinfo.col_fmt[i] = get_column_format(i);
cfile.cinfo.col_title[i] = g_strdup(get_column_title(i));
cfile.cinfo.fmt_matx[i] = (gboolean *) g_malloc0(sizeof(gboolean) *
NUM_COL_FMTS);
get_column_format_matches(cfile.cinfo.fmt_matx[i], cfile.cinfo.col_fmt[i]);
cfile.cinfo.col_data[i] = NULL;
if (cfile.cinfo.col_fmt[i] == COL_INFO)
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_INFO_LEN);
else
cfile.cinfo.col_buf[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_fence[i] = 0;
cfile.cinfo.col_expr.col_expr[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
cfile.cinfo.col_expr.col_expr_val[i] = (gchar *) g_malloc(sizeof(gchar) * COL_MAX_LEN);
}
for (i = 0; i < cfile.cinfo.num_cols; i++) {
int j;
for (j = 0; j < NUM_COL_FMTS; j++) {
if (!cfile.cinfo.fmt_matx[i][j])
continue;
if (cfile.cinfo.col_first[j] == -1)
cfile.cinfo.col_first[j] = i;
cfile.cinfo.col_last[j] = i;
}
}
if (n_rfilters != 0) {
for (i = 0; i < n_rfilters; i++) {
if (!dfilter_compile(rfilters[i], &rfcodes[n_rfcodes])) {
cmdarg_err("%s", dfilter_error_msg);
epan_cleanup();
exit(2);
}
n_rfcodes++;
}
}
if (pipe_name) {
/*
* We're reading a pipe (or capture file).
*/
/*
* Immediately relinquish any special privileges we have; we must not
* be allowed to read any capture files the user running Rawshark
* can't open.
*/
relinquish_special_privs_perm();
if (raw_cf_open(&cfile, pipe_name) != CF_OK) {
epan_cleanup();
exit(2);
}
/* Do we need to PCAP header and magic? */
if (skip_pcap_header) {
guint bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32);
gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)];
while (bytes_left > 0) {
guint bytes = read(fd, buf, bytes_left);
if (bytes <= 0) {
cmdarg_err("Not enough bytes for pcap header.");
exit(2);
}
bytes_left -= bytes;
}
}
/* Set timestamp precision; there should arguably be a command-line
option to let the user set this. */
#if 0
switch(wtap_file_tsprecision(cfile.wth)) {
case(WTAP_FILE_TSPREC_SEC):
timestamp_set_precision(TS_PREC_AUTO_SEC);
break;
case(WTAP_FILE_TSPREC_DSEC):
timestamp_set_precision(TS_PREC_AUTO_DSEC);
break;
case(WTAP_FILE_TSPREC_CSEC):
timestamp_set_precision(TS_PREC_AUTO_CSEC);
break;
case(WTAP_FILE_TSPREC_MSEC):
timestamp_set_precision(TS_PREC_AUTO_MSEC);
break;
case(WTAP_FILE_TSPREC_USEC):
timestamp_set_precision(TS_PREC_AUTO_USEC);
break;
case(WTAP_FILE_TSPREC_NSEC):
timestamp_set_precision(TS_PREC_AUTO_NSEC);
break;
default:
g_assert_not_reached();
}
#else
timestamp_set_precision(TS_PREC_AUTO_USEC);
#endif
/* Process the packets in the file */
err = load_cap_file(&cfile);
if (err != 0) {
epan_cleanup();
exit(2);
}
} else {
/* If you want to capture live packets, use TShark. */
cmdarg_err("Input file or pipe name not specified.");
exit(2);
}
epan_cleanup();
return 0;
}
/*
* Write errors are reported with an console message in oss-fuzzshark.
*/
static void
write_failure_message(const char *filename, int err)
{
cmdarg_err("An error occurred while writing to the file \"%s\": %s.", filename, g_strerror(err));
}
gboolean capture_opts_trim_iface(capture_options *capture_opts, const char *capture_device)
{
GList *if_list;
if_info_t *if_info;
int err;
gchar *err_str;
interface_options interface_opts;
/* Did the user specify an interface to use? */
if (capture_opts->num_selected == 0 && capture_opts->ifaces->len == 0) {
/* No - is a default specified in the preferences file? */
if (capture_device != NULL) {
/* Yes - use it. */
interface_opts.name = g_strdup(capture_device);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
} else {
/* No - pick the first one from the list of interfaces. */
if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
case CANT_GET_INTERFACE_LIST:
case DONT_HAVE_PCAP:
cmdarg_err("%s", err_str);
g_free(err_str);
break;
case NO_INTERFACES_FOUND:
cmdarg_err("There are no interfaces on which a capture can be done");
break;
}
return FALSE;
}
if_info = (if_info_t *)if_list->data; /* first interface */
interface_opts.name = g_strdup(if_info->name);
/* We don't set iface_descr here because doing so requires
* capture_ui_utils.c which requires epan/prefs.c which is
* probably a bit too much dependency for here...
*/
free_interface_list(if_list);
}
if (capture_opts->default_options.descr) {
interface_opts.descr = g_strdup(capture_opts->default_options.descr);
} else {
interface_opts.descr = NULL;
}
interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
interface_opts.snaplen = capture_opts->default_options.snaplen;
interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
interface_opts.linktype = capture_opts->default_options.linktype;
interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
interface_opts.buffer_size = capture_opts->default_options.buffer_size;
#endif
interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
#ifdef HAVE_PCAP_REMOTE
interface_opts.src_type = capture_opts->default_options.src_type;
interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
interface_opts.auth_type = capture_opts->default_options.auth_type;
interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
interface_opts.nocap_local = capture_opts->default_options.nocap_local;
#endif
#ifdef HAVE_PCAP_SETSAMPLING
interface_opts.sampling_method = capture_opts->default_options.sampling_method;
interface_opts.sampling_param = capture_opts->default_options.sampling_param;
#endif
g_array_append_val(capture_opts->ifaces, interface_opts);
}
return TRUE;
}
/*
* Read errors are reported with an console message in oss-fuzzshark.
*/
static void
read_failure_message(const char *filename, int err)
{
cmdarg_err("An error occurred while reading from the file \"%s\": %s.", filename, g_strerror(err));
}
