int main(int argc, char *argv[])
{
wtap *wth = NULL;
wtap_dumper *pdh = NULL;
Buffer buf;
int err;
gchar *err_info;
gint64 data_offset;
const struct wtap_pkthdr *phdr;
guint wrong_order_count = 0;
gboolean write_output_regardless = TRUE;
guint i;
wtapng_section_t *shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
GPtrArray *frames;
FrameRecord_t *prevFrame = NULL;
int opt;
int file_count;
char *infile;
char *outfile;
/* Process the options first */
while ((opt = getopt(argc, argv, "hn")) != -1) {
switch (opt) {
case 'n':
write_output_regardless = FALSE;
break;
case 'h':
usage(FALSE);
exit(0);
case '?':
usage(TRUE);
exit(1);
}
}
/* Remaining args are file names */
file_count = argc - optind;
if (file_count == 2) {
infile = argv[optind];
outfile = argv[optind+1];
}
else {
usage(TRUE);
exit(1);
}
init_open_routines();
/* Open infile */
wth = wtap_open_offline(infile, WTAP_TYPE_AUTO, &err, &err_info, TRUE);
if (wth == NULL) {
fprintf(stderr, "reordercap: Can't open %s: %s\n", infile,
wtap_strerror(err));
switch (err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
exit(1);
}
DEBUG_PRINT("file_type_subtype is %u\n", wtap_file_type_subtype(wth));
shb_hdr = wtap_file_get_shb_info(wth);
idb_inf = wtap_file_get_idb_info(wth);
/* Open outfile (same filetype/encap as input file) */
pdh = wtap_dump_open_ng(outfile, wtap_file_type_subtype(wth), wtap_file_encap(wth),
65535, FALSE, shb_hdr, idb_inf, &err);
g_free(idb_inf);
if (pdh == NULL) {
fprintf(stderr, "reordercap: Failed to open output file: (%s) - error %s\n",
outfile, wtap_strerror(err));
g_free(shb_hdr);
exit(1);
}
/* Allocate the array of frame pointers. */
frames = g_ptr_array_new();
/* Read each frame from infile */
while (wtap_read(wth, &err, &err_info, &data_offset)) {
FrameRecord_t *newFrameRecord;
phdr = wtap_phdr(wth);
newFrameRecord = g_slice_new(FrameRecord_t);
newFrameRecord->num = frames->len + 1;
newFrameRecord->offset = data_offset;
newFrameRecord->time = phdr->ts;
if (prevFrame && frames_compare(&newFrameRecord, &prevFrame) < 0) {
wrong_order_count++;
}
g_ptr_array_add(frames, newFrameRecord);
prevFrame = newFrameRecord;
}
if (err != 0) {
/* Print a message noting that the read failed somewhere along the line. */
fprintf(stderr,
"reordercap: An error occurred while reading \"%s\": %s.\n",
infile, wtap_strerror(err));
switch (err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
}
printf("%u frames, %u out of order\n", frames->len, wrong_order_count);
/* Sort the frames */
if (wrong_order_count > 0) {
g_ptr_array_sort(frames, frames_compare);
}
/* Write out each sorted frame in turn */
buffer_init(&buf, 1500);
for (i = 0; i < frames->len; i++) {
FrameRecord_t *frame = (FrameRecord_t *)frames->pdata[i];
/* Avoid writing if already sorted and configured to */
if (write_output_regardless || (wrong_order_count > 0)) {
frame_write(frame, wth, pdh, &buf, infile);
}
g_slice_free(FrameRecord_t, frame);
}
buffer_free(&buf);
if (!write_output_regardless && (wrong_order_count == 0)) {
printf("Not writing output file because input file is already in order!\n");
}
/* Free the whole array */
g_ptr_array_free(frames, TRUE);
/* Close outfile */
if (!wtap_dump_close(pdh, &err)) {
fprintf(stderr, "reordercap: Error closing %s: %s\n", outfile,
wtap_strerror(err));
g_free(shb_hdr);
exit(1);
}
g_free(shb_hdr);
/* Finally, close infile */
wtap_fdclose(wth);
return 0;
}
static int
process_cap_file(wtap *wth, const char *filename)
{
int err;
gchar *err_info;
gint64 size;
gint64 data_offset;
guint32 packet = 0;
gint64 bytes = 0;
guint32 snaplen_min_inferred = 0xffffffff;
guint32 snaplen_max_inferred = 0;
const struct wtap_pkthdr *phdr;
capture_info cf_info;
gboolean have_times = TRUE;
double start_time = 0;
double stop_time = 0;
double cur_time = 0;
double prev_time = 0;
gboolean know_order = FALSE;
order_t order = IN_ORDER;
wtapng_section_t *shb_inf;
gchar *p;
cf_info.encap_counts = g_new0(int,WTAP_NUM_ENCAP_TYPES);
/* Tally up data that we need to parse through the file to find */
while (wtap_read(wth, &err, &err_info, &data_offset)) {
phdr = wtap_phdr(wth);
if (phdr->presence_flags & WTAP_HAS_TS) {
prev_time = cur_time;
cur_time = secs_nsecs(&phdr->ts);
if(packet==0) {
start_time = cur_time;
stop_time = cur_time;
prev_time = cur_time;
}
if (cur_time < prev_time) {
order = NOT_IN_ORDER;
}
if (cur_time < start_time) {
start_time = cur_time;
}
if (cur_time > stop_time) {
stop_time = cur_time;
}
} else {
have_times = FALSE; /* at least one packet has no time stamp */
if (order != NOT_IN_ORDER)
order = ORDER_UNKNOWN;
}
bytes+=phdr->len;
packet++;
/* If caplen < len for a rcd, then presumably */
/* 'Limit packet capture length' was done for this rcd. */
/* Keep track as to the min/max actual snapshot lengths */
/* seen for this file. */
if (phdr->caplen < phdr->len) {
if (phdr->caplen < snaplen_min_inferred)
snaplen_min_inferred = phdr->caplen;
if (phdr->caplen > snaplen_max_inferred)
snaplen_max_inferred = phdr->caplen;
}
/* Per-packet encapsulation */
if (wtap_file_encap(wth) == WTAP_ENCAP_PER_PACKET) {
if ((phdr->pkt_encap > 0) && (phdr->pkt_encap < WTAP_NUM_ENCAP_TYPES)) {
cf_info.encap_counts[phdr->pkt_encap] += 1;
} else {
fprintf(stderr, "capinfos: Unknown per-packet encapsulation: %d [frame number: %d]\n", phdr->pkt_encap, packet);
}
}
} /* while */
if (err != 0) {
fprintf(stderr,
"capinfos: An error occurred after reading %u packets from \"%s\": %s.\n",
packet, filename, wtap_strerror(err));
switch (err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
case WTAP_ERR_DECOMPRESS:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
g_free(cf_info.encap_counts);
return 1;
}
/* File size */
size = wtap_file_size(wth, &err);
if (size == -1) {
fprintf(stderr,
"capinfos: Can't get size of \"%s\": %s.\n",
filename, g_strerror(err));
g_free(cf_info.encap_counts);
return 1;
}
cf_info.filesize = size;
/* File Type */
cf_info.file_type = wtap_file_type(wth);
cf_info.iscompressed = wtap_iscompressed(wth);
/* File Encapsulation */
cf_info.file_encap = wtap_file_encap(wth);
/* Packet size limit (snaplen) */
cf_info.snaplen = wtap_snapshot_length(wth);
if(cf_info.snaplen > 0)
cf_info.snap_set = TRUE;
else
cf_info.snap_set = FALSE;
cf_info.snaplen_min_inferred = snaplen_min_inferred;
cf_info.snaplen_max_inferred = snaplen_max_inferred;
/* # of packets */
cf_info.packet_count = packet;
/* File Times */
cf_info.times_known = have_times;
cf_info.start_time = start_time;
cf_info.stop_time = stop_time;
cf_info.duration = stop_time-start_time;
cf_info.know_order = know_order;
cf_info.order = order;
/* Number of packet bytes */
cf_info.packet_bytes = bytes;
cf_info.data_rate = 0.0;
cf_info.packet_rate = 0.0;
cf_info.packet_size = 0.0;
if (packet > 0) {
if (cf_info.duration > 0.0) {
cf_info.data_rate = (double)bytes / (stop_time-start_time); /* Data rate per second */
cf_info.packet_rate = (double)packet / (stop_time-start_time); /* packet rate per second */
}
cf_info.packet_size = (double)bytes / packet; /* Avg packet size */
}
cf_info.comment = NULL;
shb_inf = wtap_file_get_shb_info(wth);
if (shb_inf) {
/* opt_comment is always 0-terminated by pcapng_read_section_header_block */
cf_info.comment = g_strdup(shb_inf->opt_comment);
}
g_free(shb_inf);
if (cf_info.comment) {
/* multi-line comments would conflict with the formatting that capinfos uses
we replace linefeeds with spaces */
p = cf_info.comment;
while (*p != '\0') {
if (*p=='\n')
*p=' ';
p++;
}
}
if(long_report) {
print_stats(filename, &cf_info);
} else {
print_stats_table(filename, &cf_info);
}
g_free(cf_info.encap_counts);
g_free(cf_info.comment);
return 0;
}
void
summary_fill_in(capture_file *cf, summary_tally *st)
{
frame_data *first_frame, *cur_frame;
guint32 framenum;
wtapng_section_t* shb_inf;
iface_options iface;
guint i;
wtapng_iface_descriptions_t* idb_info;
wtapng_if_descr_t wtapng_if_descr;
wtapng_if_stats_t *if_stats;
st->packet_count_ts = 0;
st->start_time = 0;
st->stop_time = 0;
st->bytes = 0;
st->filtered_count = 0;
st->filtered_count_ts = 0;
st->filtered_start = 0;
st->filtered_stop = 0;
st->filtered_bytes = 0;
st->marked_count = 0;
st->marked_count_ts = 0;
st->marked_start = 0;
st->marked_stop = 0;
st->marked_bytes = 0;
st->ignored_count = 0;
/* initialize the tally */
if (cf->count != 0) {
first_frame = frame_data_sequence_find(cf->frames, 1);
st->start_time = nstime_to_sec(&first_frame->abs_ts);
st->stop_time = nstime_to_sec(&first_frame->abs_ts);
for (framenum = 1; framenum <= cf->count; framenum++) {
cur_frame = frame_data_sequence_find(cf->frames, framenum);
tally_frame_data(cur_frame, st);
}
}
st->filename = cf->filename;
st->file_length = cf->f_datalen;
st->file_type = cf->cd_t;
st->iscompressed = cf->iscompressed;
st->is_tempfile = cf->is_tempfile;
st->file_encap_type = cf->lnk_t;
st->packet_encap_types = cf->linktypes;
st->has_snap = cf->has_snap;
st->snap = cf->snap;
st->elapsed_time = nstime_to_sec(&cf->elapsed_time);
st->packet_count = cf->count;
st->drops_known = cf->drops_known;
st->drops = cf->drops;
st->dfilter = cf->dfilter;
/* Get info from SHB */
shb_inf = wtap_file_get_shb_info(cf->wth);
if(shb_inf == NULL){
st->opt_comment = NULL;
st->shb_hardware = NULL;
st->shb_os = NULL;
st->shb_user_appl = NULL;
}else{
st->opt_comment = shb_inf->opt_comment;
st->shb_hardware = shb_inf->shb_hardware;
st->shb_os = shb_inf->shb_os;
st->shb_user_appl = shb_inf->shb_user_appl;
g_free(shb_inf);
}
st->ifaces = g_array_new(FALSE, FALSE, sizeof(iface_options));
idb_info = wtap_file_get_idb_info(cf->wth);
for (i = 0; i < idb_info->interface_data->len; i++) {
wtapng_if_descr = g_array_index(idb_info->interface_data, wtapng_if_descr_t, i);
iface.cfilter = g_strdup(wtapng_if_descr.if_filter_str);
iface.name = g_strdup(wtapng_if_descr.if_name);
iface.descr = g_strdup(wtapng_if_descr.if_description);
iface.drops_known = FALSE;
iface.drops = 0;
iface.snap = wtapng_if_descr.snap_len;
iface.has_snap = (iface.snap != 65535);
iface.encap_type = wtapng_if_descr.wtap_encap;
if(wtapng_if_descr.num_stat_entries == 1){
/* dumpcap only writes one ISB, only handle that for now */
if_stats = &g_array_index(wtapng_if_descr.interface_statistics, wtapng_if_stats_t, 0);
iface.drops_known = TRUE;
iface.drops = if_stats->isb_ifdrop;
iface.isb_comment = if_stats->opt_comment;
}
g_array_append_val(st->ifaces, iface);
}
g_free(idb_info);
}
void
summary_fill_in(capture_file *cf, summary_tally *st)
{
frame_data *first_frame, *cur_frame;
guint32 framenum;
wtapng_section_t* shb_inf;
st->packet_count_ts = 0;
st->start_time = 0;
st->stop_time = 0;
st->bytes = 0;
st->filtered_count = 0;
st->filtered_count_ts = 0;
st->filtered_start = 0;
st->filtered_stop = 0;
st->filtered_bytes = 0;
st->marked_count = 0;
st->marked_count_ts = 0;
st->marked_start = 0;
st->marked_stop = 0;
st->marked_bytes = 0;
st->ignored_count = 0;
/* initialize the tally */
if (cf->count != 0) {
first_frame = frame_data_sequence_find(cf->frames, 1);
st->start_time = nstime_to_sec(&first_frame->abs_ts);
st->stop_time = nstime_to_sec(&first_frame->abs_ts);
for (framenum = 1; framenum <= cf->count; framenum++) {
cur_frame = frame_data_sequence_find(cf->frames, framenum);
tally_frame_data(cur_frame, st);
}
}
st->filename = cf->filename;
st->file_length = cf->f_datalen;
st->file_type = cf->cd_t;
st->is_tempfile = cf->is_tempfile;
st->encap_type = cf->lnk_t;
st->has_snap = cf->has_snap;
st->snap = cf->snap;
st->elapsed_time = nstime_to_sec(&cf->elapsed_time);
st->packet_count = cf->count;
st->drops_known = cf->drops_known;
st->drops = cf->drops;
st->dfilter = cf->dfilter;
/* Get info from SHB */
shb_inf = wtap_file_get_shb_info(cf->wth);
if(shb_inf == NULL){
st->opt_comment = NULL;
st->shb_hardware = NULL;
st->shb_os = NULL;
st->shb_user_appl = NULL;
}else{
st->opt_comment = shb_inf->opt_comment;
st->shb_hardware = shb_inf->shb_hardware;
st->shb_os = shb_inf->shb_os;
st->shb_user_appl = shb_inf->shb_user_appl;
g_free(shb_inf);
}
st->ifaces = g_array_new(FALSE, FALSE, sizeof(iface_options));
}
