static ssh_channel run_ssh_command(ssh_session sshs, const char* capture_bin, const char* iface, const char* cfilter,
unsigned long int count)
{
gchar* cmdline;
ssh_channel channel;
char* quoted_bin;
char* quoted_iface;
char* default_filter;
char* quoted_filter;
char* count_str = NULL;
unsigned int remote_port = 22;
if (!capture_bin)
capture_bin = DEFAULT_CAPTURE_BIN;
if (!iface)
iface = "eth0";
channel = ssh_channel_new(sshs);
if (!channel)
return NULL;
if (ssh_channel_open_session(channel) != SSH_OK) {
ssh_channel_free(channel);
return NULL;
}
ssh_options_get_port(sshs, &remote_port);
/* escape parameters to go save with the shell */
quoted_bin = g_shell_quote(capture_bin);
quoted_iface = g_shell_quote(iface);
default_filter = local_interfaces_to_filter(remote_port);
if (!cfilter)
cfilter = default_filter;
quoted_filter = g_shell_quote(cfilter);
if (count > 0)
count_str = g_strdup_printf("-c %lu", count);
cmdline = g_strdup_printf("%s -i %s -P -w - -f %s %s", quoted_bin, quoted_iface, quoted_filter,
count_str ? count_str : "");
verbose_print("Running: %s\n", cmdline);
if (ssh_channel_request_exec(channel, cmdline) != SSH_OK) {
ssh_channel_close(channel);
ssh_channel_free(channel);
channel = NULL;
}
g_free(quoted_bin);
g_free(quoted_iface);
g_free(default_filter);
g_free(quoted_filter);
g_free(cmdline);
if (count_str)
g_free(count_str);
return channel;
}
static int list_config(char *interface, unsigned int remote_port)
{
unsigned inc = 0;
char* ipfilter;
if (!interface) {
g_warning("No interface specified.");
return EXIT_FAILURE;
}
if (g_strcmp0(interface, CISCODUMP_EXTCAP_INTERFACE)) {
g_warning("interface must be %s", CISCODUMP_EXTCAP_INTERFACE);
return EXIT_FAILURE;
}
ipfilter = local_interfaces_to_filter(remote_port);
printf("arg {number=%u}{call=--remote-host}{display=Remote SSH server address}"
"{type=string}{tooltip=The remote SSH host. It can be both "
"an IP address or a hostname}{required=true}{group=Server}\n", inc++);
printf("arg {number=%u}{call=--remote-port}{display=Remote SSH server port}"
"{type=unsigned}{default=22}{tooltip=The remote SSH host port (1-65535)}"
"{range=1,65535}{group=Server}\n", inc++);
printf("arg {number=%u}{call=--remote-username}{display=Remote SSH server username}"
"{type=string}{default=%s}{tooltip=The remote SSH username. If not provided, "
"the current user will be used}{group=Authentication}\n", inc++, g_get_user_name());
printf("arg {number=%u}{call=--remote-password}{display=Remote SSH server password}"
"{type=password}{tooltip=The SSH password, used when other methods (SSH agent "
"or key files) are unavailable.}{group=Authentication}\n", inc++);
printf("arg {number=%u}{call=--sshkey}{display=Path to SSH private key}"
"{type=fileselect}{tooltip=The path on the local filesystem of the private ssh key}"
"{group=Authentication}\n", inc++);
printf("arg {number=%u}{call=--proxycommand}{display=ProxyCommand}"
"{type=string}{tooltip=The command to use as proxy for the SSH connection}"
"{group=Authentication}\n", inc++);
printf("arg {number=%u}{call--sshkey-passphrase}{display=SSH key passphrase}"
"{type=password}{tooltip=Passphrase to unlock the SSH private key}"
"{group=Authentication\n", inc++);
printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}"
"{type=string}{required=true}{tooltip=The remote network interface used for capture"
"}{group=Capture}\n", inc++);
printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}"
"{type=string}{tooltip=The remote capture filter}", inc++);
if (ipfilter)
printf("{default=%s}", ipfilter);
printf("{group=Capture}\n");
printf("arg {number=%u}{call=--remote-count}{display=Packets to capture}"
"{type=unsigned}{required=true}{tooltip=The number of remote packets to capture.}"
"{group=Capture}\n", inc++);
extcap_config_debug(&inc);
g_free(ipfilter);
return EXIT_SUCCESS;
}
static int list_config(char *interface, unsigned int remote_port)
{
unsigned inc = 0;
char* ipfilter;
if (!interface) {
g_fprintf(stderr, "ERROR: No interface specified.\n");
return EXIT_FAILURE;
}
if (g_strcmp0(interface, SSH_EXTCAP_INTERFACE)) {
errmsg_print("ERROR: interface must be %s\n", SSH_EXTCAP_INTERFACE);
return EXIT_FAILURE;
}
ipfilter = local_interfaces_to_filter(remote_port);
printf("arg {number=%u}{call=--remote-host}{display=Remote SSH server address}"
"{type=string}{tooltip=The remote SSH host. It can be both "
"an IP address or a hostname}{required=true}\n", inc++);
printf("arg {number=%u}{call=--remote-port}{display=Remote SSH server port}"
"{type=unsigned}{default=22}{tooltip=The remote SSH host port (1-65535)}"
"{range=1,65535}\n", inc++);
printf("arg {number=%u}{call=--remote-username}{display=Remote SSH server username}"
"{type=string}{default=%s}{tooltip=The remote SSH username. If not provided, "
"the current user will be used}\n", inc++, g_get_user_name());
printf("arg {number=%u}{call=--remote-password}{display=Remote SSH server password}"
"{type=password}{tooltip=The SSH password, used when other methods (SSH agent "
"or key files) are unavailable.}\n", inc++);
printf("arg {number=%u}{call=--sshkey}{display=Path to SSH private key}"
"{type=fileselect}{tooltip=The path on the local filesystem of the private ssh key}\n",
inc++);
printf("arg {number=%u}{call=--sshkey-passphrase}{display=SSH key passphrase}"
"{type=password}{tooltip=Passphrase to unlock the SSH private key}\n",
inc++);
printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}"
"{type=string}{default=eth0}{tooltip=The remote network interface used for capture"
"}\n", inc++);
printf("arg {number=%u}{call=--remote-capture-bin}{display=Remote capture binary}"
"{type=string}{default=%s}{tooltip=The remote dumpcap binary used "
"for capture.}\n", inc++, DEFAULT_CAPTURE_BIN);
printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}"
"{type=string}{tooltip=The remote capture filter}", inc++);
if (ipfilter)
printf("{default=%s}", ipfilter);
printf("\n");
printf("arg {number=%u}{call=--remote-count}{display=Packets to capture}"
"{type=unsigned}{default=0}{tooltip=The number of remote packets to capture. (Default: inf)}\n",
inc++);
g_free(ipfilter);
return EXIT_SUCCESS;
}
