guint32 get_guint32(const char *string, const char *name) { guint32 number; if (!ws_strtou32(string, NULL, &number)) { if (errno == EINVAL) { cmdarg_err("The specified %s \"%s\" isn't a decimal number", name, string); exit(1); } cmdarg_err("The specified %s \"%s\" is too large (greater than %d)", name, string, number); exit(1); } return number; }
/* * RFC2428 states... * * AF Number Protocol * --------- -------- * 1 Internet Protocol, Version 4 * 2 Internet Protocol, Version 6 * * AF Number Address Format Example * --------- -------------- ------- * 1 dotted decimal 132.235.1.2 * 2 IPv6 string 1080::8:800:200C:417A * representations * defined in * * The following are sample EPRT commands: * EPRT |1|132.235.1.2|6275| * EPRT |2|1080::8:800:200C:417A|5282| * * The first command specifies that the server should use IPv4 to open a * data connection to the host "132.235.1.2" on TCP port 6275. The * second command specifies that the server should use the IPv6 network * protocol and the network address "1080::8:800:200C:417A" to open a * TCP data connection on port 5282. * * ... which means in fact that RFC2428 is capable to handle both, * IPv4 and IPv6 so we have to care about the address family and properly * act depending on it. * */ static gboolean parse_eprt_request(const guchar* line, gint linelen, guint32 *eprt_af, guint32 *eprt_ip, guint16 *eprt_ipv6, guint16 *ftp_port, guint32 *eprt_ip_len, guint32 *ftp_port_len) { gint delimiters_seen = 0; gchar delimiter; gint fieldlen; gchar *field; gint n; gint lastn; char *args, *p; gboolean ret = TRUE; /* line contains the EPRT parameters, we need at least the 4 delimiters */ if (!line || linelen<4) return FALSE; /* Copy the rest of the line into a null-terminated buffer. */ args = wmem_strndup(wmem_packet_scope(), line, linelen); p = args; /* * Handle a NUL being in the line; if there's a NUL in the line, * strlen(args) will terminate at the NUL and will thus return * a value less than linelen. */ if ((gint)strlen(args) < linelen) linelen = (gint)strlen(args); /* * RFC2428 sect. 2 states ... * * The EPRT command keyword MUST be followed by a single space (ASCII * 32). Following the space, a delimiter character (<d>) MUST be * specified. * * ... the preceding <space> is already stripped so we know that the first * character must be the delimiter and has just to be checked to be valid. */ if (!isvalid_rfc2428_delimiter(*p)) return FALSE; /* EPRT command does not follow a vaild delimiter; * malformed EPRT command - immediate escape */ delimiter = *p; /* Validate that the delimiter occurs 4 times in the string */ for (n = 0; n < linelen; n++) { if (*(p+n) == delimiter) delimiters_seen++; } if (delimiters_seen != 4) return FALSE; /* delimiter doesn't occur 4 times * probably no EPRT request - immediate escape */ /* we know that the first character is a delimiter... */ delimiters_seen = 1; lastn = 0; /* ... so we can start searching from the 2nd onwards */ for (n=1; n < linelen; n++) { if (*(p+n) != delimiter) continue; /* we found a delimiter */ delimiters_seen++; fieldlen = n - lastn - 1; if (fieldlen<=0) return FALSE; /* all fields must have data in them */ field = p + lastn + 1; if (delimiters_seen == 2) { /* end of address family field */ gchar *af_str; af_str = wmem_strndup(wmem_packet_scope(), field, fieldlen); if (!ws_strtou32(af_str, NULL, eprt_af)) return FALSE; } else if (delimiters_seen == 3) {/* end of IP address field */ gchar *ip_str; ip_str = wmem_strndup(wmem_packet_scope(), field, fieldlen); if (*eprt_af == EPRT_AF_IPv4) { if (str_to_ip(ip_str, eprt_ip)) ret = TRUE; else ret = FALSE; } else if (*eprt_af == EPRT_AF_IPv6) { if (str_to_ip6(ip_str, eprt_ipv6)) ret = TRUE; else ret = FALSE; } else return FALSE; /* invalid/unknown address family */ *eprt_ip_len = fieldlen; } else if (delimiters_seen == 4) {/* end of port field */ gchar *pt_str; pt_str = wmem_strndup(wmem_packet_scope(), field, fieldlen); if (!ws_strtou16(pt_str, NULL, ftp_port)) return FALSE; *ftp_port_len = fieldlen; } lastn = n; } return ret; }
/* Dissect details of packet */ static void rlogin_display(rlogin_hash_entry_t *hash_info, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, struct tcpinfo *tcpinfo) { /* Display the proto tree */ int offset = 0; proto_tree *rlogin_tree, *user_info_tree, *window_tree; proto_item *ti; guint length; int str_len; gint ti_offset; proto_item *user_info_item, *window_info_item; /* Create rlogin subtree */ ti = proto_tree_add_item(tree, proto_rlogin, tvb, 0, -1, ENC_NA); rlogin_tree = proto_item_add_subtree(ti, ett_rlogin); /* Return if data empty */ length = tvb_captured_length(tvb); if (length == 0) { return; } /* * XXX - this works only if the urgent pointer points to something * in this segment; to make it work if the urgent pointer points * to something past this segment, we'd have to remember the urgent * pointer setting for this conversation. */ if (tcpinfo && IS_TH_URG(tcpinfo->flags) && /* if urgent pointer set */ length >= tcpinfo->urgent_pointer) /* and it's in this frame */ { /* Get urgent byte into Temp */ int urgent_offset = tcpinfo->urgent_pointer - 1; guint8 control_byte; /* Check for text data in front */ if (urgent_offset > offset) { proto_tree_add_item(rlogin_tree, hf_data, tvb, offset, urgent_offset, ENC_ASCII|ENC_NA); } /* Show control byte */ proto_tree_add_item(rlogin_tree, hf_control_message, tvb, urgent_offset, 1, ENC_BIG_ENDIAN); control_byte = tvb_get_guint8(tvb, urgent_offset); col_append_fstr(pinfo->cinfo, COL_INFO, " (%s)", val_to_str_const(control_byte, control_message_vals, "Unknown")); offset = urgent_offset + 1; /* adjust offset */ } else if (tvb_get_guint8(tvb, offset) == '\0') { /* Startup */ if (pinfo->srcport == RLOGIN_PORT) /* from server */ { proto_tree_add_item(rlogin_tree, hf_startup_info_received_flag, tvb, offset, 1, ENC_BIG_ENDIAN); } else { proto_tree_add_item(rlogin_tree, hf_client_startup_flag, tvb, offset, 1, ENC_BIG_ENDIAN); } ++offset; } if (!tvb_offset_exists(tvb, offset)) { /* No more data to check */ return; } if (hash_info->info_framenum == pinfo->num) { gint info_len; gint slash_offset; /* First frame of conversation, assume user info... */ info_len = tvb_captured_length_remaining(tvb, offset); if (info_len <= 0) return; /* User info tree */ user_info_item = proto_tree_add_string_format(rlogin_tree, hf_user_info, tvb, offset, info_len, FALSE, "User info (%s)", tvb_format_text(tvb, offset, info_len)); user_info_tree = proto_item_add_subtree(user_info_item, ett_rlogin_user_info); /* Client user name. */ str_len = tvb_strsize(tvb, offset); proto_tree_add_item(user_info_tree, hf_user_info_client_user_name, tvb, offset, str_len, ENC_ASCII|ENC_NA); offset += str_len; /* Server user name. */ str_len = tvb_strsize(tvb, offset); proto_tree_add_item(user_info_tree, hf_user_info_server_user_name, tvb, offset, str_len, ENC_ASCII|ENC_NA); offset += str_len; /* Terminal type/speed. */ slash_offset = tvb_find_guint8(tvb, offset, -1, '/'); if (slash_offset != -1) { guint8* str = NULL; guint32 term_len = 0; gboolean term_len_valid; proto_item* pi = NULL; /* Terminal type */ proto_tree_add_item(user_info_tree, hf_user_info_terminal_type, tvb, offset, slash_offset-offset, ENC_ASCII|ENC_NA); offset = slash_offset + 1; /* Terminal speed */ str_len = tvb_strsize(tvb, offset); str = tvb_get_string_enc(wmem_packet_scope(), tvb, offset, str_len, ENC_NA|ENC_ASCII); term_len_valid = ws_strtou32(str, NULL, &term_len); pi = proto_tree_add_uint(user_info_tree, hf_user_info_terminal_speed, tvb, offset, str_len, term_len); if (!term_len_valid) expert_add_info(pinfo, pi, &ei_rlogin_termlen_invalid); offset += str_len; } } if (!tvb_offset_exists(tvb, offset)) { /* No more data to check */ return; } /* Test for terminal information, the data will have 2 0xff bytes */ /* look for first 0xff byte */ ti_offset = tvb_find_guint8(tvb, offset, -1, 0xff); /* Next byte must also be 0xff */ if (ti_offset != -1 && tvb_bytes_exist(tvb, ti_offset + 1, 1) && tvb_get_guint8(tvb, ti_offset + 1) == 0xff) { guint16 rows, columns; /* Have found terminal info. */ if (ti_offset > offset) { /* There's data before the terminal info. */ proto_tree_add_item(rlogin_tree, hf_data, tvb, offset, ti_offset - offset, ENC_ASCII|ENC_NA); } /* Create window info tree */ window_info_item = proto_tree_add_item(rlogin_tree, hf_window_info, tvb, offset, 12, ENC_NA); window_tree = proto_item_add_subtree(window_info_item, ett_rlogin_window); /* Cookie */ proto_tree_add_item(window_tree, hf_magic_cookie, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* These bytes should be "ss" */ proto_tree_add_item(window_tree, hf_window_info_ss, tvb, offset, 2, ENC_ASCII|ENC_NA); offset += 2; /* Character rows */ rows = tvb_get_ntohs(tvb, offset); proto_tree_add_item(window_tree, hf_window_info_rows, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* Characters per row */ columns = tvb_get_ntohs(tvb, offset); proto_tree_add_item(window_tree, hf_window_info_cols, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* x pixels */ proto_tree_add_item(window_tree, hf_window_info_x_pixels, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* y pixels */ proto_tree_add_item(window_tree, hf_window_info_y_pixels, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* Show setting highlights in info column */ col_append_fstr(pinfo->cinfo, COL_INFO, " (rows=%u, cols=%u)", rows, columns); } if (tvb_offset_exists(tvb, offset)) { /* There's more data in the frame. */ proto_tree_add_item(rlogin_tree, hf_data, tvb, offset, -1, ENC_ASCII|ENC_NA); } }
int main(int argc, char **argv) { int result; int option_idx = 0; char* remote_host = NULL; guint16 remote_port = 22; char* remote_username = NULL; char* remote_password = NULL; char* remote_interface = NULL; char* sshkey = NULL; char* sshkey_passphrase = NULL; char* remote_filter = NULL; guint32 count = 0; int ret = EXIT_FAILURE; extcap_parameters * extcap_conf = g_new0(extcap_parameters, 1); char* help_url; char* help_header = NULL; #ifdef _WIN32 WSADATA wsaData; attach_parent_console(); #endif /* _WIN32 */ help_url = data_file_url("ciscodump.html"); extcap_base_set_util_info(extcap_conf, argv[0], CISCODUMP_VERSION_MAJOR, CISCODUMP_VERSION_MINOR, CISCODUMP_VERSION_RELEASE, help_url); g_free(help_url); extcap_base_register_interface(extcap_conf, CISCODUMP_EXTCAP_INTERFACE, "Cisco remote capture", 147, "Remote capture dependent DLT"); help_header = g_strdup_printf( " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n" " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 " "--remote-username myuser --remote-interface gigabit0/0 " "--fifo=FILENAME --capture\n", argv[0], argv[0], CISCODUMP_EXTCAP_INTERFACE, argv[0], CISCODUMP_EXTCAP_INTERFACE, argv[0], CISCODUMP_EXTCAP_INTERFACE); extcap_help_add_header(extcap_conf, help_header); g_free(help_header); extcap_help_add_option(extcap_conf, "--help", "print this help"); extcap_help_add_option(extcap_conf, "--version", "print the version"); extcap_help_add_option(extcap_conf, "--remote-host <host>", "the remote SSH host"); extcap_help_add_option(extcap_conf, "--remote-port <port>", "the remote SSH port (default: 22)"); extcap_help_add_option(extcap_conf, "--remote-username <username>", "the remote SSH username (default: the current user)"); extcap_help_add_option(extcap_conf, "--remote-password <password>", "the remote SSH password. " "If not specified, ssh-agent and ssh-key are used"); extcap_help_add_option(extcap_conf, "--sshkey <public key path>", "the path of the ssh key"); extcap_help_add_option(extcap_conf, "--sshkey-passphrase <public key passphrase>", "the passphrase to unlock public ssh"); extcap_help_add_option(extcap_conf, "--remote-interface <iface>", "the remote capture interface"); extcap_help_add_option(extcap_conf, "--remote-filter <filter>", "a filter for remote capture " "(default: don't capture data for lal interfaces IPs)"); opterr = 0; optind = 0; if (argc == 1) { extcap_help_print(extcap_conf); goto end; } while ((result = getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) { switch (result) { case OPT_HELP: extcap_help_print(extcap_conf); ret = EXIT_SUCCESS; goto end; case OPT_VERSION: printf("%s\n", extcap_conf->version); goto end; case OPT_REMOTE_HOST: g_free(remote_host); remote_host = g_strdup(optarg); break; case OPT_REMOTE_PORT: if (!ws_strtou16(optarg, NULL, &remote_port) || remote_port == 0) { g_warning("Invalid port: %s", optarg); goto end; } break; case OPT_REMOTE_USERNAME: g_free(remote_username); remote_username = g_strdup(optarg); break; case OPT_REMOTE_PASSWORD: g_free(remote_password); remote_password = g_strdup(optarg); memset(optarg, 'X', strlen(optarg)); break; case OPT_SSHKEY: g_free(sshkey); sshkey = g_strdup(optarg); break; case OPT_SSHKEY_PASSPHRASE: g_free(sshkey_passphrase); sshkey_passphrase = g_strdup(optarg); memset(optarg, 'X', strlen(optarg)); break; case OPT_REMOTE_INTERFACE: g_free(remote_interface); remote_interface = g_strdup(optarg); break; case OPT_REMOTE_FILTER: g_free(remote_filter); remote_filter = g_strdup(optarg); break; case OPT_REMOTE_COUNT: if (!ws_strtou32(optarg, NULL, &count)) { g_warning("Invalid packet count: %s", optarg); goto end; } break; case ':': /* missing option argument */ g_warning("Option '%s' requires an argument", argv[optind - 1]); break; default: if (!extcap_base_parse_options(extcap_conf, result - EXTCAP_OPT_LIST_INTERFACES, optarg)) { g_warning("Invalid option: %s", argv[optind - 1]); goto end; } } } extcap_cmdline_debug(argv, argc); if (optind != argc) { g_warning("Unexpected extra option: %s", argv[optind]); goto end; } if (extcap_base_handle_interface(extcap_conf)) { ret = EXIT_SUCCESS; goto end; } if (extcap_conf->show_config) { ret = list_config(extcap_conf->interface, remote_port); goto end; } #ifdef _WIN32 result = WSAStartup(MAKEWORD(1,1), &wsaData); if (result != 0) { g_warning("ERROR: WSAStartup failed with error: %d", result); goto end; } #endif /* _WIN32 */ if (extcap_conf->capture) { if (!remote_host) { g_warning("Missing parameter: --remote-host"); goto end; } if (!remote_interface) { g_warning("ERROR: No interface specified (--remote-interface)"); goto end; } if (count == 0) { g_warning("ERROR: count of packets must be specified (--remote-count)"); goto end; } ret = ssh_open_remote_connection(remote_host, remote_port, remote_username, remote_password, sshkey, sshkey_passphrase, remote_interface, remote_filter, count, extcap_conf->fifo); } else { g_debug("You should not come here... maybe some parameter missing?"); ret = EXIT_FAILURE; } end: g_free(remote_host); g_free(remote_username); g_free(remote_password); g_free(remote_interface); g_free(sshkey); g_free(sshkey_passphrase); g_free(remote_filter); extcap_base_cleanup(&extcap_conf); return ret; }
/* Parses a packet record. */ static gboolean parse_vms_packet(FILE_T fh, wtap_rec *rec, Buffer *buf, int *err, gchar **err_info) { char line[VMS_LINE_LENGTH + 1]; int num_items_scanned; guint32 pkt_len = 0; int pktnum; int csec = 101; struct tm tm; char mon[4] = {'J', 'A', 'N', 0}; gchar *p; const gchar *endp; static const gchar months[] = "JANFEBMARAPRMAYJUNJULAUGSEPOCTNOVDEC"; guint32 i; int offset = 0; guint8 *pd; tm.tm_year = 1970; tm.tm_mon = 0; tm.tm_mday = 1; tm.tm_hour = 1; tm.tm_min = 1; tm.tm_sec = 1; /* Skip lines until one starts with a hex number */ do { if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) { *err = file_error(fh, err_info); if ((*err == 0) && (csec != 101)) { *err = WTAP_ERR_SHORT_READ; } return FALSE; } line[VMS_LINE_LENGTH] = '\0'; if ((csec == 101) && (p = strstr(line, "packet ")) != NULL && (! strstr(line, "could not save "))) { /* Find text in line starting with "packet ". */ /* First look for the Format 1 type sequencing */ num_items_scanned = sscanf(p, "packet %9d at %2d-%3s-%4d %2d:%2d:%2d.%9d", &pktnum, &tm.tm_mday, mon, &tm.tm_year, &tm.tm_hour, &tm.tm_min, &tm.tm_sec, &csec); /* Next look for the Format 2 type sequencing */ if (num_items_scanned != 8) { num_items_scanned = sscanf(p, "packet seq # = %9d at %2d-%3s-%4d %2d:%2d:%2d.%9d", &pktnum, &tm.tm_mday, mon, &tm.tm_year, &tm.tm_hour, &tm.tm_min, &tm.tm_sec, &csec); } /* if unknown format then exit with error */ /* We will need to add code to handle new format */ if (num_items_scanned != 8) { *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup("vms: header line not valid"); return FALSE; } } if ( (! pkt_len) && (p = strstr(line, "Length"))) { p += sizeof("Length "); while (*p && ! g_ascii_isdigit(*p)) p++; if ( !*p ) { *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup("vms: Length field not valid"); return FALSE; } if (!ws_strtou32(p, &endp, &pkt_len) || (*endp != '\0' && !g_ascii_isspace(*endp))) { *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup_printf("vms: Length field '%s' not valid", p); return FALSE; } break; } } while (! isdumpline(line)); if (pkt_len > WTAP_MAX_PACKET_SIZE_STANDARD) { /* * Probably a corrupt capture file; return an error, * so that our caller doesn't blow up trying to allocate * space for an immensely-large packet. */ *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup_printf("vms: File has %u-byte packet, bigger than maximum of %u", pkt_len, WTAP_MAX_PACKET_SIZE_STANDARD); return FALSE; } p = strstr(months, mon); if (p) tm.tm_mon = (int) (p - months) / 3; tm.tm_year -= 1900; tm.tm_isdst = -1; rec->rec_type = REC_TYPE_PACKET; rec->presence_flags = WTAP_HAS_TS; rec->ts.secs = mktime(&tm); rec->ts.nsecs = csec * 10000000; rec->rec_header.packet_header.caplen = pkt_len; rec->rec_header.packet_header.len = pkt_len; /* Make sure we have enough room for the packet */ ws_buffer_assure_space(buf, pkt_len); pd = ws_buffer_start_ptr(buf); /* Convert the ASCII hex dump to binary data */ for (i = 0; i < pkt_len; i += 16) { if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) { *err = file_error(fh, err_info); if (*err == 0) { *err = WTAP_ERR_SHORT_READ; } return FALSE; } line[VMS_LINE_LENGTH] = '\0'; if (i == 0) { while (! isdumpline(line)) { /* advance to start of hex data */ if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) { *err = file_error(fh, err_info); if (*err == 0) { *err = WTAP_ERR_SHORT_READ; } return FALSE; } line[VMS_LINE_LENGTH] = '\0'; } while (line[offset] && !g_ascii_isxdigit(line[offset])) offset++; } if (!parse_single_hex_dump_line(line, pd, i, offset, pkt_len - i)) { *err = WTAP_ERR_BAD_FILE; *err_info = g_strdup("vms: hex dump not valid"); return FALSE; } } /* Avoid TCPIPTRACE-W-BUFFERSFUL, TCPIPtrace could not save n packets. * errors. * * XXX - when we support packet drop report information in the * Wiretap API, we should parse those lines and return "n" as * a packet drop count. */ if (!file_gets(line, VMS_LINE_LENGTH, fh)) { *err = file_error(fh, err_info); if (*err == 0) { /* There is no next line, so there's no "TCPIPtrace could not * save n packets" line; not an error. */ return TRUE; } return FALSE; } return TRUE; }
int main(int argc, char *argv[]) { char* err_msg; int result; int option_idx = 0; ssh_params_t* ssh_params = ssh_params_new(); char* remote_interface = NULL; char* remote_filter = NULL; guint32 count = 0; int ret = EXIT_FAILURE; extcap_parameters * extcap_conf = g_new0(extcap_parameters, 1); char* help_url; char* help_header = NULL; /* * Get credential information for later use. */ init_process_policies(); /* * Attempt to get the pathname of the directory containing the * executable file. */ err_msg = init_progfile_dir(argv[0]); if (err_msg != NULL) { g_warning("Can't get pathname of directory containing the captype program: %s.", err_msg); g_free(err_msg); } help_url = data_file_url("ciscodump.html"); extcap_base_set_util_info(extcap_conf, argv[0], CISCODUMP_VERSION_MAJOR, CISCODUMP_VERSION_MINOR, CISCODUMP_VERSION_RELEASE, help_url); g_free(help_url); extcap_base_register_interface(extcap_conf, CISCODUMP_EXTCAP_INTERFACE, "Cisco remote capture", 147, "Remote capture dependent DLT"); help_header = g_strdup_printf( " %s --extcap-interfaces\n" " %s --extcap-interface=%s --extcap-dlts\n" " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 " "--remote-username myuser --remote-interface gigabit0/0 " "--fifo=FILENAME --capture\n", argv[0], argv[0], CISCODUMP_EXTCAP_INTERFACE, argv[0], CISCODUMP_EXTCAP_INTERFACE, argv[0], CISCODUMP_EXTCAP_INTERFACE); extcap_help_add_header(extcap_conf, help_header); g_free(help_header); extcap_help_add_option(extcap_conf, "--help", "print this help"); extcap_help_add_option(extcap_conf, "--version", "print the version"); extcap_help_add_option(extcap_conf, "--remote-host <host>", "the remote SSH host"); extcap_help_add_option(extcap_conf, "--remote-port <port>", "the remote SSH port (default: 22)"); extcap_help_add_option(extcap_conf, "--remote-username <username>", "the remote SSH username (default: the current user)"); extcap_help_add_option(extcap_conf, "--remote-password <password>", "the remote SSH password. " "If not specified, ssh-agent and ssh-key are used"); extcap_help_add_option(extcap_conf, "--sshkey <public key path>", "the path of the ssh key"); extcap_help_add_option(extcap_conf, "--sshkey-passphrase <public key passphrase>", "the passphrase to unlock public ssh"); extcap_help_add_option(extcap_conf, "--proxycommand <proxy command>", "the command to use as proxy the the ssh connection"); extcap_help_add_option(extcap_conf, "--remote-interface <iface>", "the remote capture interface"); extcap_help_add_option(extcap_conf, "--remote-filter <filter>", "a filter for remote capture " "(default: don't capture data for lal interfaces IPs)"); opterr = 0; optind = 0; if (argc == 1) { extcap_help_print(extcap_conf); goto end; } while ((result = getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) { switch (result) { case OPT_HELP: extcap_help_print(extcap_conf); ret = EXIT_SUCCESS; goto end; case OPT_VERSION: printf("%s\n", extcap_conf->version); goto end; case OPT_REMOTE_HOST: g_free(ssh_params->host); ssh_params->host = g_strdup(optarg); break; case OPT_REMOTE_PORT: if (!ws_strtou16(optarg, NULL, &ssh_params->port) || ssh_params->port == 0) { g_warning("Invalid port: %s", optarg); goto end; } break; case OPT_REMOTE_USERNAME: g_free(ssh_params->username); ssh_params->username = g_strdup(optarg); break; case OPT_REMOTE_PASSWORD: g_free(ssh_params->password); ssh_params->password = g_strdup(optarg); memset(optarg, 'X', strlen(optarg)); break; case OPT_SSHKEY: g_free(ssh_params->sshkey_path); ssh_params->sshkey_path = g_strdup(optarg); break; case OPT_SSHKEY_PASSPHRASE: g_free(ssh_params->sshkey_passphrase); ssh_params->sshkey_passphrase = g_strdup(optarg); memset(optarg, 'X', strlen(optarg)); break; case OPT_PROXYCOMMAND: g_free(ssh_params->proxycommand); ssh_params->proxycommand = g_strdup(optarg); break; case OPT_REMOTE_INTERFACE: g_free(remote_interface); remote_interface = g_strdup(optarg); break; case OPT_REMOTE_FILTER: g_free(remote_filter); remote_filter = g_strdup(optarg); break; case OPT_REMOTE_COUNT: if (!ws_strtou32(optarg, NULL, &count)) { g_warning("Invalid packet count: %s", optarg); goto end; } break; case ':': /* missing option argument */ g_warning("Option '%s' requires an argument", argv[optind - 1]); break; default: if (!extcap_base_parse_options(extcap_conf, result - EXTCAP_OPT_LIST_INTERFACES, optarg)) { g_warning("Invalid option: %s", argv[optind - 1]); goto end; } } } extcap_cmdline_debug(argv, argc); if (optind != argc) { g_warning("Unexpected extra option: %s", argv[optind]); goto end; } if (extcap_base_handle_interface(extcap_conf)) { ret = EXIT_SUCCESS; goto end; } if (extcap_conf->show_config) { ret = list_config(extcap_conf->interface, ssh_params->port); goto end; } err_msg = ws_init_sockets(); if (err_msg != NULL) { g_warning("ERROR: %s", err_msg); g_free(err_msg); g_warning("%s", please_report_bug()); goto end; } if (extcap_conf->capture) { if (!ssh_params->host) { g_warning("Missing parameter: --remote-host"); goto end; } if (!remote_interface) { g_warning("ERROR: No interface specified (--remote-interface)"); goto end; } if (count == 0) { g_warning("ERROR: count of packets must be specified (--remote-count)"); goto end; } ssh_params->debug = extcap_conf->debug; ret = ssh_open_remote_connection(ssh_params, remote_interface, remote_filter, count, extcap_conf->fifo); } else { g_debug("You should not come here... maybe some parameter missing?"); ret = EXIT_FAILURE; } end: ssh_params_free(ssh_params); g_free(remote_interface); g_free(remote_filter); extcap_base_cleanup(&extcap_conf); return ret; }
static void dissect_quakeworld_ConnectionlessPacket(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int direction) { proto_tree *cl_tree; proto_tree *text_tree = NULL; proto_item *pi = NULL; guint8 *text; int len; int offset; guint32 marker; int command_len; const char *command = ""; gboolean command_finished = FALSE; marker = tvb_get_ntohl(tvb, 0); cl_tree = proto_tree_add_subtree(tree, tvb, 0, -1, ett_quakeworld_connectionless, NULL, "Connectionless"); proto_tree_add_uint(cl_tree, hf_quakeworld_connectionless_marker, tvb, 0, 4, marker); /* all the rest of the packet is just text */ offset = 4; text = tvb_get_stringz_enc(wmem_packet_scope(), tvb, offset, &len, ENC_ASCII|ENC_NA); /* actually, we should look for a eol char and stop already there */ if (cl_tree) { proto_item *text_item; text_item = proto_tree_add_string(cl_tree, hf_quakeworld_connectionless_text, tvb, offset, len, text); text_tree = proto_item_add_subtree(text_item, ett_quakeworld_connectionless_text); } if (direction == DIR_C2S) { /* client to server commands */ const char *c; Cmd_TokenizeString(text, len); c = Cmd_Argv(0); /* client to sever commands */ if (strcmp(c,"ping") == 0) { command = "Ping"; command_len = 4; } else if (strcmp(c,"status") == 0) { command = "Status"; command_len = 6; } else if (strcmp(c,"log") == 0) { command = "Log"; command_len = 3; } else if (strcmp(c,"connect") == 0) { guint32 version = 0; guint16 qport = 0; guint32 challenge = 0; gboolean version_valid = TRUE; gboolean qport_valid = TRUE; gboolean challenge_valid = TRUE; const char *infostring; proto_tree *argument_tree = NULL; command = "Connect"; command_len = Cmd_Argv_length(0); if (text_tree) { proto_item *argument_item; pi = proto_tree_add_string(text_tree, hf_quakeworld_connectionless_command, tvb, offset, command_len, command); argument_item = proto_tree_add_string(text_tree, hf_quakeworld_connectionless_arguments, tvb, offset + Cmd_Argv_start(1), len + 1 - Cmd_Argv_start(1), text + Cmd_Argv_start(1)); argument_tree = proto_item_add_subtree(argument_item, ett_quakeworld_connectionless_arguments); command_finished=TRUE; } version_valid = ws_strtou32(Cmd_Argv(1), NULL, &version); qport_valid = ws_strtou16(Cmd_Argv(2), NULL, &qport); challenge_valid = ws_strtou32(Cmd_Argv(3), NULL, &challenge); infostring = Cmd_Argv(4); if (text_tree && (!version_valid || !qport_valid || !challenge_valid)) expert_add_info(pinfo, pi, &ei_quakeworld_connectionless_command_invalid); if (argument_tree) { proto_item *info_item; proto_tree *info_tree; proto_tree_add_uint(argument_tree, hf_quakeworld_connectionless_connect_version, tvb, offset + Cmd_Argv_start(1), Cmd_Argv_length(1), version); proto_tree_add_uint(argument_tree, hf_quakeworld_connectionless_connect_qport, tvb, offset + Cmd_Argv_start(2), Cmd_Argv_length(2), qport); proto_tree_add_int(argument_tree, hf_quakeworld_connectionless_connect_challenge, tvb, offset + Cmd_Argv_start(3), Cmd_Argv_length(3), challenge); info_item = proto_tree_add_string(argument_tree, hf_quakeworld_connectionless_connect_infostring, tvb, offset + Cmd_Argv_start(4), Cmd_Argv_length(4), infostring); info_tree = proto_item_add_subtree( info_item, ett_quakeworld_connectionless_connect_infostring); dissect_id_infostring(tvb, info_tree, offset + Cmd_Argv_start(4), wmem_strdup(wmem_packet_scope(), infostring), ett_quakeworld_connectionless_connect_infostring_key_value, hf_quakeworld_connectionless_connect_infostring_key_value, hf_quakeworld_connectionless_connect_infostring_key, hf_quakeworld_connectionless_connect_infostring_value); } } else if (strcmp(c,"getchallenge") == 0) { command = "Get Challenge"; command_len = Cmd_Argv_length(0); } else if (strcmp(c,"rcon") == 0) { const char* password; int i; char remaining[MAX_TEXT_SIZE+1]; proto_tree *argument_tree = NULL; command = "Remote Command"; command_len = Cmd_Argv_length(0); if (text_tree) { proto_item *argument_item; proto_tree_add_string(text_tree, hf_quakeworld_connectionless_command, tvb, offset, command_len, command); argument_item = proto_tree_add_string(text_tree, hf_quakeworld_connectionless_arguments, tvb, offset + Cmd_Argv_start(1), len - Cmd_Argv_start(1), text + Cmd_Argv_start(1)); argument_tree = proto_item_add_subtree(argument_item, ett_quakeworld_connectionless_arguments); command_finished=TRUE; } password = Cmd_Argv(1); if (argument_tree) { proto_tree_add_string(argument_tree, hf_quakeworld_connectionless_rcon_password, tvb, offset + Cmd_Argv_start(1), Cmd_Argv_length(1), password); } remaining[0] = '\0'; for (i=2; i<Cmd_Argc() ; i++) { g_strlcat (remaining, Cmd_Argv(i), MAX_TEXT_SIZE+1); g_strlcat (remaining, " ", MAX_TEXT_SIZE+1); } if (text_tree) { proto_tree_add_string(argument_tree, hf_quakeworld_connectionless_rcon_command, tvb, offset + Cmd_Argv_start(2), Cmd_Argv_start(Cmd_Argc()-1) + Cmd_Argv_length(Cmd_Argc()-1) - Cmd_Argv_start(2), remaining); } } else if (c[0]==A2A_PING && ( c[1]=='\0' || c[1]=='\n')) { command = "Ping"; command_len = 1; } else if (c[0]==A2A_ACK && ( c[1]=='\0' || c[1]=='\n')) { command = "Ack"; command_len = 1; } else { command = "Unknown"; command_len = len - 1; } } else { /* server to client commands */ if (text[0] == S2C_CONNECTION) { command = "Connected"; command_len = 1; } else if (text[0] == A2C_CLIENT_COMMAND) { command = "Client Command"; command_len = 1; /* stringz (command), stringz (localid) */ } else if (text[0] == A2C_PRINT) { command = "Print"; command_len = 1; /* string */ } else if (text[0] == A2A_PING) { command = "Ping"; command_len = 1; } else if (text[0] == S2C_CHALLENGE) { command = "Challenge"; command_len = 1; /* string, conversion */ } else { command = "Unknown"; command_len = len - 1; } } col_append_fstr(pinfo->cinfo, COL_INFO, " %s", command); if (!command_finished) { proto_tree_add_string(text_tree, hf_quakeworld_connectionless_command, tvb, offset, command_len, command); } /*offset += len;*/ }