static void sll_print_full(struct pkt_buff *pkt)
{
struct sockaddr_ll *sll = pkt->sll;
char addr_str[40] = {};
tprintf(" [ Linux \"cooked\"");
tprintf(" Pkt Type %d (%s)", sll->sll_pkttype,
pkt_type2str(sll->sll_pkttype));
tprintf(", If Type %d (%s)", sll->sll_hatype,
device_type2str(sll->sll_hatype));
tprintf(", Addr Len %d", sll->sll_halen);
tprintf(", Src (%s)", device_addr2str(sll->sll_addr, sll->sll_halen,
sll->sll_hatype, addr_str, sizeof(addr_str)));
tprintf(", Proto 0x%x", ntohs(sll->sll_protocol));
tprintf(" ]\n");
switch (pcap_devtype_to_linktype(sll->sll_hatype)) {
case LINKTYPE_EN10MB:
case ___constant_swab32(LINKTYPE_EN10MB):
pkt_set_dissector(pkt, ð_lay2, ntohs(sll->sll_protocol));
break;
case LINKTYPE_NETLINK:
case ___constant_swab32(LINKTYPE_NETLINK):
pkt->dissector = &nlmsg_ops;
break;
default:
tprintf(" [ Unknown protocol ]\n");
}
}
int main(int argc, char **argv)
{
char *ptr;
int c, i, j, cpu_tmp, opt_index, ops_touched = 0, vals[4] = {0};
bool prio_high = false, setsockmem = true;
void (*main_loop)(struct ctx *ctx) = NULL;
struct ctx ctx;
init_ctx(&ctx);
srand(time(NULL));
while ((c = getopt_long(argc, argv, short_options, long_options,
&opt_index)) != EOF) {
switch (c) {
case 'd':
case 'i':
ctx.device_in = xstrdup(optarg);
break;
case 'o':
ctx.device_out = xstrdup(optarg);
break;
case 'P':
ctx.prefix = xstrdup(optarg);
break;
case 'R':
ctx.link_type = LINKTYPE_IEEE802_11;
ctx.rfraw = 1;
break;
case 'r':
ctx.randomize = true;
break;
case 'J':
ctx.jumbo = true;
break;
case 'T':
ctx.magic = (uint32_t) strtoul(optarg, NULL, 0);
pcap_check_magic(ctx.magic);
break;
case 'f':
ctx.filter = xstrdup(optarg);
break;
case 'M':
ctx.promiscuous = false;
break;
case 'A':
setsockmem = false;
break;
case 'u':
ctx.uid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 'g':
ctx.gid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 't':
if (!strncmp(optarg, "host", strlen("host")))
ctx.packet_type = PACKET_HOST;
else if (!strncmp(optarg, "broadcast", strlen("broadcast")))
ctx.packet_type = PACKET_BROADCAST;
else if (!strncmp(optarg, "multicast", strlen("multicast")))
ctx.packet_type = PACKET_MULTICAST;
else if (!strncmp(optarg, "others", strlen("others")))
ctx.packet_type = PACKET_OTHERHOST;
else if (!strncmp(optarg, "outgoing", strlen("outgoing")))
ctx.packet_type = PACKET_OUTGOING;
else
ctx.packet_type = -1;
break;
case 'S':
ptr = optarg;
ctx.reserve_size = 0;
for (j = i = strlen(optarg); i > 0; --i) {
if (!isdigit(optarg[j - i]))
break;
ptr++;
}
if (!strncmp(ptr, "KiB", strlen("KiB")))
ctx.reserve_size = 1 << 10;
else if (!strncmp(ptr, "MiB", strlen("MiB")))
ctx.reserve_size = 1 << 20;
else if (!strncmp(ptr, "GiB", strlen("GiB")))
ctx.reserve_size = 1 << 30;
else
panic("Syntax error in ring size param!\n");
*ptr = 0;
ctx.reserve_size *= strtol(optarg, NULL, 0);
break;
case 'b':
cpu_tmp = strtol(optarg, NULL, 0);
cpu_affinity(cpu_tmp);
if (ctx.cpu != -2)
ctx.cpu = cpu_tmp;
break;
case 'H':
prio_high = true;
break;
case 'c':
ctx.pcap = PCAP_OPS_RW;
ops_touched = 1;
break;
case 'm':
ctx.pcap = PCAP_OPS_MM;
ops_touched = 1;
break;
case 'G':
ctx.pcap = PCAP_OPS_SG;
ops_touched = 1;
break;
case 'Q':
ctx.cpu = -2;
break;
case 's':
ctx.print_mode = PRINT_NONE;
break;
case 'q':
ctx.print_mode = PRINT_LESS;
break;
case 'X':
ctx.print_mode =
(ctx.print_mode == PRINT_ASCII) ?
PRINT_HEX_ASCII : PRINT_HEX;
break;
case 'l':
ctx.print_mode =
(ctx.print_mode == PRINT_HEX) ?
PRINT_HEX_ASCII : PRINT_ASCII;
break;
case 'k':
ctx.kpull = strtol(optarg, NULL, 0);
break;
case 'n':
frame_count_max = strtol(optarg, NULL, 0);
break;
case 'F':
ptr = optarg;
ctx.dump_interval = 0;
for (j = i = strlen(optarg); i > 0; --i) {
if (!isdigit(optarg[j - i]))
break;
ptr++;
}
if (!strncmp(ptr, "KiB", strlen("KiB"))) {
ctx.dump_interval = 1 << 10;
ctx.dump_mode = DUMP_INTERVAL_SIZE;
} else if (!strncmp(ptr, "MiB", strlen("MiB"))) {
ctx.dump_interval = 1 << 20;
ctx.dump_mode = DUMP_INTERVAL_SIZE;
} else if (!strncmp(ptr, "GiB", strlen("GiB"))) {
ctx.dump_interval = 1 << 30;
ctx.dump_mode = DUMP_INTERVAL_SIZE;
} else if (!strncmp(ptr, "sec", strlen("sec"))) {
ctx.dump_interval = 1;
ctx.dump_mode = DUMP_INTERVAL_TIME;
} else if (!strncmp(ptr, "min", strlen("min"))) {
ctx.dump_interval = 60;
ctx.dump_mode = DUMP_INTERVAL_TIME;
} else if (!strncmp(ptr, "hrs", strlen("hrs"))) {
ctx.dump_interval = 60 * 60;
ctx.dump_mode = DUMP_INTERVAL_TIME;
} else if (!strncmp(ptr, "s", strlen("s"))) {
ctx.dump_interval = 1;
ctx.dump_mode = DUMP_INTERVAL_TIME;
} else {
panic("Syntax error in time/size param!\n");
}
*ptr = 0;
ctx.dump_interval *= strtol(optarg, NULL, 0);
break;
case 'V':
ctx.verbose = 1;
break;
case 'B':
ctx.dump_bpf = true;
break;
case 'D':
pcap_dump_type_features();
die();
break;
case 'U':
update_geoip();
die();
break;
case 'v':
version();
break;
case 'h':
help();
break;
case '?':
switch (optopt) {
case 'd':
case 'i':
case 'o':
case 'f':
case 't':
case 'P':
case 'F':
case 'n':
case 'S':
case 'b':
case 'k':
case 'T':
case 'u':
case 'g':
case 'e':
panic("Option -%c requires an argument!\n",
optopt);
default:
if (isprint(optopt))
printf("Unknown option character `0x%X\'!\n", optopt);
die();
}
default:
break;
}
}
if (!ctx.filter && optind != argc) {
int ret;
off_t offset = 0;
for (i = optind; i < argc; ++i) {
size_t alen = strlen(argv[i]) + 2;
size_t flen = ctx.filter ? strlen(ctx.filter) : 0;
ctx.filter = xrealloc(ctx.filter, 1, flen + alen);
ret = slprintf(ctx.filter + offset, strlen(argv[i]) + 2, "%s ", argv[i]);
if (ret < 0)
panic("Cannot concatenate filter string!\n");
else
offset += ret;
}
}
if (!ctx.device_in)
ctx.device_in = xstrdup("any");
register_signal(SIGINT, signal_handler);
register_signal(SIGHUP, signal_handler);
tprintf_init();
if (prio_high) {
set_proc_prio(-20);
set_sched_status(SCHED_FIFO, sched_get_priority_max(SCHED_FIFO));
}
if (ctx.device_in && (device_mtu(ctx.device_in) ||
!strncmp("any", ctx.device_in, strlen(ctx.device_in)))) {
if (!ctx.rfraw)
ctx.link_type = pcap_devtype_to_linktype(ctx.device_in);
if (!ctx.device_out) {
ctx.dump = 0;
main_loop = recv_only_or_dump;
} else if (device_mtu(ctx.device_out)) {
register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO);
main_loop = receive_to_xmit;
} else {
ctx.dump = 1;
register_signal_f(SIGALRM, timer_next_dump, SA_SIGINFO);
main_loop = recv_only_or_dump;
if (!ops_touched)
ctx.pcap = PCAP_OPS_SG;
}
} else {
if (ctx.device_out && device_mtu(ctx.device_out)) {
register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO);
main_loop = pcap_to_xmit;
if (!ops_touched)
ctx.pcap = PCAP_OPS_MM;
} else {
main_loop = read_pcap;
if (!ops_touched)
ctx.pcap = PCAP_OPS_SG;
}
}
bug_on(!main_loop);
init_geoip(0);
if (setsockmem)
set_system_socket_memory(vals, array_size(vals));
if (!ctx.enforce)
xlockme();
main_loop(&ctx);
if (!ctx.enforce)
xunlockme();
if (setsockmem)
reset_system_socket_memory(vals, array_size(vals));
destroy_geoip();
device_restore_irq_affinity_list();
tprintf_cleanup();
destroy_ctx(&ctx);
return 0;
}
