static void
list_capture_types(void) {
int i;
struct string_elem *captypes;
GSList *list = NULL;
captypes = g_malloc(sizeof(struct string_elem) * WTAP_NUM_FILE_TYPES);
fprintf(stderr, "editcap: The available capture file types for the \"-F\" flag are:\n");
for (i = 0; i < WTAP_NUM_FILE_TYPES; i++) {
if (wtap_dump_can_open(i)) {
captypes[i].sstr = wtap_file_type_short_string(i);
captypes[i].lstr = wtap_file_type_string(i);
list = g_slist_insert_sorted(list, &captypes[i], string_compare);
}
}
g_slist_foreach(list, string_elem_print, NULL);
g_slist_free(list);
g_free(captypes);
}
void CaptureFileDialog::append_file_type(QStringList &filters, int ft)
{
QString filter;
bool first;
GSList *extensions_list, *extension;
filter = wtap_file_type_string(ft);
filter += " (";
extensions_list = wtap_get_file_extensions_list(ft, TRUE);
if (extensions_list == NULL) {
/* This file type doesn't have any particular extension
conventionally used for it, so we'll just use "*.*"
as the pattern; on Windows, that matches all file names
- even those with no extension - so we don't need to
worry about compressed file extensions. (It does not
do so on UN*X; the right pattern on UN*X would just
be "*".) */
filter += "*.*";
} else {
/* Construct the list of patterns. */
first = true;
for (extension = extensions_list; extension != NULL;
extension = g_slist_next(extension)) {
/* XXX - the documentation says the separator is a blank */
if (!first)
filter += ';';
filter += "*.";
filter += (char *)extension->data;
first = false;
}
wtap_free_file_extensions_list(extensions_list);
}
filter += ')';
filters += filter;
/* XXX - does QStringList's destructor destroy the strings in the list? */
}
int
main(int argc, char *argv[])
{
int opt;
gboolean do_append = FALSE;
gboolean verbose = FALSE;
int in_file_count = 0;
guint snaplen = 0;
#ifdef PCAP_NG_DEFAULT
int file_type = WTAP_FILE_PCAPNG; /* default to pcap format */
#else
int file_type = WTAP_FILE_PCAP; /* default to pcapng format */
#endif
int frame_type = -2;
int out_fd;
merge_in_file_t *in_files = NULL, *in_file;
int i;
struct wtap_pkthdr *phdr, snap_phdr;
wtap_dumper *pdh;
int open_err, read_err = 0, write_err, close_err;
gchar *err_info;
int err_fileno;
char *out_filename = NULL;
gboolean got_read_error = FALSE, got_write_error = FALSE;
int count;
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
/* Process the options first */
while ((opt = getopt(argc, argv, "aF:hs:T:vw:")) != -1) {
switch (opt) {
case 'a':
do_append = !do_append;
break;
case 'F':
file_type = wtap_short_string_to_file_type(optarg);
if (file_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid capture file type\n",
optarg);
list_capture_types();
exit(1);
}
break;
case 'h':
usage();
exit(0);
break;
case 's':
snaplen = get_positive_int(optarg, "snapshot length");
break;
case 'T':
frame_type = wtap_short_string_to_encap(optarg);
if (frame_type < 0) {
fprintf(stderr, "mergecap: \"%s\" isn't a valid encapsulation type\n",
optarg);
list_encap_types();
exit(1);
}
break;
case 'v':
verbose = TRUE;
break;
case 'w':
out_filename = optarg;
break;
case '?': /* Bad options if GNU getopt */
switch(optopt) {
case'F':
list_capture_types();
break;
case'T':
list_encap_types();
break;
default:
usage();
}
exit(1);
break;
}
}
/* check for proper args; at a minimum, must have an output
* filename and one input file
*/
in_file_count = argc - optind;
if (!out_filename) {
fprintf(stderr, "mergecap: an output filename must be set with -w\n");
fprintf(stderr, " run with -h for help\n");
return 1;
}
if (in_file_count < 1) {
fprintf(stderr, "mergecap: No input files were specified\n");
return 1;
}
/* open the input files */
if (!merge_open_in_files(in_file_count, &argv[optind], &in_files,
&open_err, &err_info, &err_fileno)) {
fprintf(stderr, "mergecap: Can't open %s: %s\n", argv[optind + err_fileno],
wtap_strerror(open_err));
switch (open_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
return 2;
}
if (verbose) {
for (i = 0; i < in_file_count; i++)
fprintf(stderr, "mergecap: %s is type %s.\n", argv[optind + i],
wtap_file_type_string(wtap_file_type(in_files[i].wth)));
}
if (snaplen == 0) {
/*
* Snapshot length not specified - default to the maximum of the
* snapshot lengths of the input files.
*/
snaplen = merge_max_snapshot_length(in_file_count, in_files);
}
/* set the outfile frame type */
if (frame_type == -2) {
/*
* Default to the appropriate frame type for the input files.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
if (verbose) {
if (frame_type == WTAP_ENCAP_PER_PACKET) {
/*
* Find out why we had to choose WTAP_ENCAP_PER_PACKET.
*/
int first_frame_type, this_frame_type;
first_frame_type = wtap_file_encap(in_files[0].wth);
for (i = 1; i < in_file_count; i++) {
this_frame_type = wtap_file_encap(in_files[i].wth);
if (first_frame_type != this_frame_type) {
fprintf(stderr, "mergecap: multiple frame encapsulation types detected\n");
fprintf(stderr, " defaulting to WTAP_ENCAP_PER_PACKET\n");
fprintf(stderr, " %s had type %s (%s)\n",
in_files[0].filename,
wtap_encap_string(first_frame_type),
wtap_encap_short_string(first_frame_type));
fprintf(stderr, " %s had type %s (%s)\n",
in_files[i].filename,
wtap_encap_string(this_frame_type),
wtap_encap_short_string(this_frame_type));
break;
}
}
}
fprintf(stderr, "mergecap: selected frame_type %s (%s)\n",
wtap_encap_string(frame_type),
wtap_encap_short_string(frame_type));
}
}
/* open the outfile */
if (strncmp(out_filename, "-", 2) == 0) {
/* use stdout as the outfile */
out_fd = 1 /*stdout*/;
} else {
/* open the outfile */
out_fd = ws_open(out_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (out_fd == -1) {
fprintf(stderr, "mergecap: Couldn't open output file %s: %s\n",
out_filename, g_strerror(errno));
exit(1);
}
}
/* prepare the outfile */
if(file_type == WTAP_FILE_PCAPNG ){
wtapng_section_t *shb_hdr;
GString *comment_gstr;
shb_hdr = g_new(wtapng_section_t,1);
comment_gstr = g_string_new("File created by merging: \n");
for (i = 0; i < in_file_count; i++) {
g_string_append_printf(comment_gstr, "File%d: %s \n",i+1,in_files[i].filename);
}
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = comment_gstr->str; /* NULL if not available */
shb_hdr->shb_hardware = NULL; /* NULL if not available, UTF-8 string containing the description of the hardware used to create this section. */
shb_hdr->shb_os = NULL; /* NULL if not available, UTF-8 string containing the name of the operating system used to create this section. */
shb_hdr->shb_user_appl = "mergecap"; /* NULL if not available, UTF-8 string containing the name of the application used to create this section. */
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdr, NULL /* wtapng_iface_descriptions_t *idb_inf */, &open_err);
g_string_free(comment_gstr, TRUE);
} else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, &open_err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
fprintf(stderr, "mergecap: Can't open or create %s: %s\n", out_filename,
wtap_strerror(open_err));
exit(1);
}
/* do the merge (or append) */
count = 1;
for (;;) {
if (do_append)
in_file = merge_append_read_packet(in_file_count, in_files, &read_err,
&err_info);
else
in_file = merge_read_packet(in_file_count, in_files, &read_err,
&err_info);
if (in_file == NULL) {
/* EOF */
break;
}
if (read_err != 0) {
/* I/O error reading from in_file */
got_read_error = TRUE;
break;
}
if (verbose)
fprintf(stderr, "Record: %u\n", count++);
/* We simply write it, perhaps after truncating it; we could do other
* things, like modify it. */
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), &write_err)) {
got_write_error = TRUE;
break;
}
}
merge_close_in_files(in_file_count, in_files);
if (!got_read_error && !got_write_error) {
if (!wtap_dump_close(pdh, &write_err))
got_write_error = TRUE;
} else
wtap_dump_close(pdh, &close_err);
if (got_read_error) {
/*
* Find the file on which we got the error, and report the error.
*/
for (i = 0; i < in_file_count; i++) {
if (in_files[i].state == GOT_ERROR) {
fprintf(stderr, "mergecap: Error reading %s: %s\n",
in_files[i].filename, wtap_strerror(read_err));
switch (read_err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
}
}
}
if (got_write_error) {
switch (write_err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
/*
* This is a problem with the particular frame we're writing;
* note that, and give the frame number.
*/
fprintf(stderr, "mergecap: Frame %u of \"%s\" has a network type that can't be saved in a file with that format\n.",
in_file->packet_num, in_file->filename);
break;
default:
fprintf(stderr, "mergecap: Error writing to outfile: %s\n",
wtap_strerror(write_err));
break;
}
}
g_free(in_files);
return (!got_read_error && !got_write_error) ? 0 : 2;
}
static void
print_stats_table(const gchar *filename, capture_info *cf_info)
{
const gchar *file_type_string, *file_encap_string;
time_t start_time_t;
time_t stop_time_t;
/* Build printable strings for various stats */
file_type_string = wtap_file_type_string(cf_info->file_type);
file_encap_string = wtap_encap_string(cf_info->file_encap);
start_time_t = (time_t)cf_info->start_time;
stop_time_t = (time_t)cf_info->stop_time;
if (filename) {
putquote();
printf("%s", filename);
putquote();
}
if (cap_file_type) {
putsep();
putquote();
printf("%s", file_type_string);
putquote();
}
/* ToDo: If WTAP_ENCAP_PER_PACKET, show the list of encapsulations encountered;
* Output a line for each different encap with all fields repeated except
* the encapsulation field which has "Per Packet: ..." for each
* encapsulation type seen ?
*/
if (cap_file_encap) {
putsep();
putquote();
printf("%s", file_encap_string);
putquote();
}
if (cap_snaplen) {
putsep();
putquote();
if(cf_info->snap_set)
printf("%u", cf_info->snaplen);
else
printf("(not set)");
putquote();
if (cf_info->snaplen_max_inferred > 0) {
putsep();
putquote();
printf("%u", cf_info->snaplen_min_inferred);
putquote();
putsep();
putquote();
printf("%u", cf_info->snaplen_max_inferred);
putquote();
}
else {
putsep();
putquote();
printf("n/a");
putquote();
putsep();
putquote();
printf("n/a");
putquote();
}
}
if (cap_packet_count) {
putsep();
putquote();
printf("%u", cf_info->packet_count);
putquote();
}
if (cap_file_size) {
putsep();
putquote();
printf("%" G_GINT64_MODIFIER "d", cf_info->filesize);
putquote();
}
if (cap_data_size) {
putsep();
putquote();
printf("%" G_GINT64_MODIFIER "u", cf_info->packet_bytes);
putquote();
}
if (cap_duration) {
putsep();
putquote();
if (cf_info->times_known)
printf("%f", cf_info->duration);
else
printf("n/a");
putquote();
}
if (cap_start_time) {
putsep();
putquote();
printf("%s", time_string(start_time_t, cf_info, FALSE));
putquote();
}
if (cap_end_time) {
putsep();
putquote();
printf("%s", time_string(stop_time_t, cf_info, FALSE));
putquote();
}
if (cap_data_rate_byte) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->data_rate);
else
printf("n/a");
putquote();
}
if (cap_data_rate_bit) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->data_rate*8);
else
printf("n/a");
putquote();
}
if (cap_packet_size) {
putsep();
putquote();
printf("%.2f", cf_info->packet_size);
putquote();
}
if (cap_packet_rate) {
putsep();
putquote();
if (cf_info->times_known)
printf("%.2f", cf_info->packet_rate);
else
printf("n/a");
putquote();
}
#ifdef HAVE_LIBGCRYPT
if (cap_file_hashes) {
putsep();
putquote();
printf("%s", file_sha1);
putquote();
putsep();
putquote();
printf("%s", file_rmd160);
putquote();
putsep();
putquote();
printf("%s", file_md5);
putquote();
}
#endif /* HAVE_LIBGCRYPT */
if (cap_order) {
putsep();
putquote();
printf("%s", order_string(cf_info->order));
putquote();
}
printf("\n");
}
static void
print_stats(const gchar *filename, capture_info *cf_info)
{
const gchar *file_type_string, *file_encap_string;
time_t start_time_t;
time_t stop_time_t;
/* Build printable strings for various stats */
file_type_string = wtap_file_type_string(cf_info->file_type);
file_encap_string = wtap_encap_string(cf_info->file_encap);
start_time_t = (time_t)cf_info->start_time;
stop_time_t = (time_t)cf_info->stop_time;
if (filename) printf ("File name: %s\n", filename);
if (cap_file_type) printf ("File type: %s%s\n",
file_type_string,
cf_info->iscompressed ? " (gzip compressed)" : "");
if (cap_file_encap) printf ("File encapsulation: %s\n", file_encap_string);
if (cap_file_encap && (cf_info->file_encap == WTAP_ENCAP_PER_PACKET)) {
int i;
for (i=0; i<WTAP_NUM_ENCAP_TYPES; i++) {
if (cf_info->encap_counts[i] > 0)
printf(" %s\n", wtap_encap_string(i));
}
}
if (cap_snaplen && cf_info->snap_set)
printf ("Packet size limit: file hdr: %u bytes\n", cf_info->snaplen);
else if(cap_snaplen && !cf_info->snap_set)
printf ("Packet size limit: file hdr: (not set)\n");
if (cf_info->snaplen_max_inferred > 0) {
if (cf_info->snaplen_min_inferred == cf_info->snaplen_max_inferred)
printf ("Packet size limit: inferred: %u bytes\n", cf_info->snaplen_min_inferred);
else
printf ("Packet size limit: inferred: %u bytes - %u bytes (range)\n",
cf_info->snaplen_min_inferred, cf_info->snaplen_max_inferred);
}
if (cap_packet_count) printf ("Number of packets: %u\n", cf_info->packet_count);
if (cap_file_size) printf ("File size: %" G_GINT64_MODIFIER "d bytes\n", cf_info->filesize);
if (cap_data_size) printf ("Data size: %" G_GINT64_MODIFIER "u bytes\n", cf_info->packet_bytes);
if (cf_info->times_known) {
if (cap_duration)
print_value("Capture duration: ", 0, " seconds", cf_info->duration);
if (cap_start_time)
printf ("Start time: %s", time_string(start_time_t, cf_info, TRUE));
if (cap_end_time)
printf ("End time: %s", time_string(stop_time_t, cf_info, TRUE));
if (cap_data_rate_byte)
print_value("Data byte rate: ", 2, " bytes/sec", cf_info->data_rate);
if (cap_data_rate_bit)
print_value("Data bit rate: ", 2, " bits/sec", cf_info->data_rate*8);
}
if (cap_packet_size) printf ("Average packet size: %.2f bytes\n", cf_info->packet_size);
if (cf_info->times_known) {
if (cap_packet_rate)
print_value("Average packet rate: ", 2, " packets/sec", cf_info->packet_rate);
}
#ifdef HAVE_LIBGCRYPT
if (cap_file_hashes) {
printf ("SHA1: %s\n", file_sha1);
printf ("RIPEMD160: %s\n", file_rmd160);
printf ("MD5: %s\n", file_md5);
}
#endif /* HAVE_LIBGCRYPT */
if (cap_order) printf ("Strict time order: %s\n", order_string(cf_info->order));
}
static const char *cf_open_error_message(int err, gchar *err_info, int file_type)
{
const char *errmsg;
static char errmsg_errno[1024+1];
if (err < 0)
{
/* Wiretap error. */
switch (err)
{
case WTAP_ERR_NOT_REGULAR_FILE:
errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
break;
case WTAP_ERR_FILE_UNKNOWN_FORMAT:
/* Seen only when opening a capture file for reading. */
errmsg = "The file \"%s\" isn't a capture file in a format Sharktools understands.";
break;
case WTAP_ERR_UNSUPPORTED:
/* Seen only when opening a capture file for reading. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" isn't a capture file in a format Sharktools understands.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
break;
case WTAP_ERR_CANT_WRITE_TO_PIPE:
/* Seen only when opening a capture file for writing. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" is a pipe, and %s capture files can't be "
"written to a pipe.", wtap_file_type_string(file_type));
errmsg = errmsg_errno;
break;
case WTAP_ERR_UNSUPPORTED_FILE_TYPE:
/* Seen only when opening a capture file for writing. */
errmsg = "Sharktools doesn't support writing capture files in that format.";
break;
case WTAP_ERR_UNSUPPORTED_ENCAP:
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" is a capture for a network type that Sharktools doesn't support.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
break;
case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
errmsg = "The file \"%s\" is a capture for a network type that Sharktools doesn't support.";
break;
case WTAP_ERR_BAD_RECORD:
/* Seen only when opening a capture file for reading. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" appears to be damaged or corrupt.\n"
"(%s)", err_info);
g_free(err_info);
errmsg = errmsg_errno;
break;
case WTAP_ERR_CANT_OPEN:
errmsg = "The file \"%s\" could not be opened for some unknown reason.";
break;
case WTAP_ERR_SHORT_READ:
errmsg = "The file \"%s\" appears to have been cut short"
" in the middle of a packet or other data.";
break;
case WTAP_ERR_SHORT_WRITE:
errmsg = "A full header couldn't be written to the file \"%s\".";
break;
default:
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
"The file \"%%s\" could not be opened: %s.",
wtap_strerror(err));
errmsg = errmsg_errno;
break;
}
}
else
// FALSE == for_writing == FALSE
errmsg = file_open_error_message(err, FALSE);
return errmsg;
}
row = 0;
/* File */
add_string_to_table(table, &row, "File", "");
/* filename */
g_snprintf(string_buff, SUM_STR_MAX, "%s", summary.filename);
add_string_to_table(table, &row, "Name:", string_buff);
/* length */
g_snprintf(string_buff, SUM_STR_MAX, "%" G_GINT64_MODIFIER "d bytes", summary.file_length);
add_string_to_table(table, &row, "Length:", string_buff);
/* format */
g_snprintf(string_buff, SUM_STR_MAX, "%s", wtap_file_type_string(summary.file_type));
add_string_to_table(table, &row, "Format:", string_buff);
/* encapsulation */
g_snprintf(string_buff, SUM_STR_MAX, "%s", wtap_encap_string(summary.encap_type));
add_string_to_table(table, &row, "Encapsulation:", string_buff);
if (summary.has_snap) {
/* snapshot length */
g_snprintf(string_buff, SUM_STR_MAX, "%u bytes", summary.snap);
add_string_to_table(table, &row, "Packet size limit:", string_buff);
}
/* Time */
add_string_to_table(table, &row, "", "");
