*
* (c) Copyright 2001 Ashok Narayanan <ashokn@cisco.com>
*
- * $Id: text2pcap.c,v 1.26 2003/04/27 00:41:50 guy Exp $
+ * $Id$
*
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@ethereal.com>
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* exactly 32 bytes must have been read into this packet before this. If the offset
* is wrong, the packet is immediately terminated
*
- * A packet start is signalled by a zero offset.
+ * A packet start is signaled by a zero offset.
*
* Lines starting with #TEXT2PCAP are directives. These allow the user
* to embed instructions into the capture file which allows text2pcap
# include "config.h"
#endif
+/*
+ * Just make sure we include the prototype for strptime as well
+ * (needed for glibc 2.2) but make sure we do this only if not
+ * yet defined.
+ */
+#ifndef __USE_XOPEN
+# define __USE_XOPEN
+#endif
+#ifndef _XOPEN_SOURCE
+# define _XOPEN_SOURCE 600
+#endif
+
+/*
+ * Defining _XOPEN_SOURCE is needed on some platforms, e.g. platforms
+ * using glibc, to expand the set of things system header files define.
+ *
+ * Unfortunately, on other platforms, such as some versions of Solaris
+ * (including Solaris 10), it *reduces* that set as well, causing
+ * strptime() not to be declared, presumably because the version of the
+ * X/Open spec that _XOPEN_SOURCE implies doesn't include strptime() and
+ * blah blah blah namespace pollution blah blah blah.
+ *
+ * So we define __EXTENSIONS__ so that "strptime()" is declared.
+ */
+#ifndef __EXTENSIONS__
+# define __EXTENSIONS__
+#endif
+
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-
-/*
- * Just make sure we include the prototype for strptime as well
- * (needed for glibc 2.2)
- */
-#define __USE_XOPEN
+#include <wsutil/file_util.h>
#include <time.h>
#include <glib.h>
#include <errno.h>
#include <assert.h>
-#ifdef NEED_GETOPT_H
-# include "getopt.h"
+#ifndef HAVE_GETOPT
+#include "wsutil/wsgetopt.h"
#endif
#ifdef NEED_STRPTIME_H
-# include "strptime.h"
+# include "wsutil/strptime.h"
#endif
#include "text2pcap.h"
+#include "svnversion.h"
+
+#ifdef _WIN32
+#include <wsutil/unicode-utils.h>
+#endif /* _WIN32 */
/*--- Options --------------------------------------------------------------------*/
/* Dummy IP header */
static int hdr_ip = FALSE;
-static unsigned long hdr_ip_proto = 0;
+static long hdr_ip_proto = 0;
/* Dummy UDP header */
static int hdr_udp = FALSE;
static unsigned short hdr_data_chunk_ssn = 0;
static unsigned long hdr_data_chunk_ppid = 0;
+/* ASCII text dump identification */
+static int identify_ascii = FALSE;
/*--- Local date -----------------------------------------------------------------*/
static unsigned long num_packets_written = 0;
/* Time code of packet, derived from packet_preamble */
-static gint32 ts_sec = 0;
+static time_t ts_sec = 0;
static guint32 ts_usec = 0;
static char *ts_fmt = NULL;
+static struct tm timecode_default;
+
+static char new_date_fmt = 0;
+static unsigned char* pkt_lnstart;
/* Input file */
-static char *input_filename;
+static const char *input_filename;
static FILE *input_file = NULL;
/* Output file */
-static char *output_filename;
+static const char *output_filename;
static FILE *output_file = NULL;
/* Offset base to parse */
START_OF_LINE, /* Starting from beginning of line */
READ_OFFSET, /* Just read the offset */
READ_BYTE, /* Just read a byte */
- READ_TEXT, /* Just read text - ignore until EOL */
+ READ_TEXT /* Just read text - ignore until EOL */
} parser_state_t;
static parser_state_t state = INIT;
} hdr_ethernet_t;
static hdr_ethernet_t HDR_ETHERNET = {
- {0x02, 0x02, 0x02, 0x02, 0x02, 0x02},
- {0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+ {0x0a, 0x02, 0x02, 0x02, 0x02, 0x02},
+ {0x0a, 0x01, 0x01, 0x01, 0x01, 0x01},
0};
typedef struct {
guint32 dest_addr;
} hdr_ip_t;
-static hdr_ip_t HDR_IP = {0x45, 0, 0, 0x3412, 0, 0, 0xff, 0, 0, 0x01010101, 0x02020202};
+static hdr_ip_t HDR_IP = {0x45, 0, 0, 0x3412, 0, 0, 0xff, 0, 0,
+#ifdef WORDS_BIGENDIAN
+0x0a010101, 0x0a020202
+#else
+0x0101010a, 0x0202020a
+#endif
+};
static struct { /* pseudo header for checksum calculation */
guint32 src_addr;
/* "libpcap" record header. */
struct pcaprec_hdr {
- gint32 ts_sec; /* timestamp seconds */
+ guint32 ts_sec; /* timestamp seconds */
guint32 ts_usec; /* timestamp microseconds */
guint32 incl_len; /* number of octets of packet saved in file */
guint32 orig_len; /* actual length of packet */
* Pass in TRUE if this is an offset, FALSE if not
*/
static unsigned long
-parse_num (char *str, int offset)
+parse_num (const char *str, int offset)
{
unsigned long num;
char *c;
* Write this byte into current packet
*/
static void
-write_byte (char *str)
+write_byte (const char *str)
{
unsigned long num;
num = parse_num(str, FALSE);
- packet_buf[curr_offset] = num;
+ packet_buf[curr_offset] = (unsigned char) num;
curr_offset ++;
if (curr_offset >= max_offset) /* packet full */
start_new_packet();
while (sum>>16)
sum = (sum & 0xffff) + (sum >> 16);
- return g_htons(~sum);
+ sum = ~sum;
+ return g_htons(sum);
}
/* The CRC32C code is taken from draft-ietf-tsvwg-sctpcsum-01.txt.
}
}
- /* Write PCap header */
- ph.ts_sec = ts_sec;
+ /* Write PCAP header */
+ ph.ts_sec = (guint32)ts_sec;
ph.ts_usec = ts_usec;
if (ts_fmt == NULL) { ts_usec++; } /* fake packet counter */
ph.incl_len = length;
ph.orig_len = length;
- fwrite(&ph, sizeof(ph), 1, output_file);
+ if (fwrite(&ph, sizeof(ph), 1, output_file) != 1)
+ goto write_current_packet_err;
/* Write Ethernet header */
if (hdr_ethernet) {
HDR_ETHERNET.l3pid = g_htons(hdr_ethernet_proto);
- fwrite(&HDR_ETHERNET, sizeof(HDR_ETHERNET), 1, output_file);
+ if (fwrite(&HDR_ETHERNET, sizeof(HDR_ETHERNET), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* Write IP header */
if (hdr_ip) {
HDR_IP.packet_length = g_htons(ip_length);
- HDR_IP.protocol = hdr_ip_proto;
+ HDR_IP.protocol = (guint8) hdr_ip_proto;
HDR_IP.hdr_checksum = 0;
HDR_IP.hdr_checksum = in_checksum(&HDR_IP, sizeof(HDR_IP));
- fwrite(&HDR_IP, sizeof(HDR_IP), 1, output_file);
+ if (fwrite(&HDR_IP, sizeof(HDR_IP), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* initialize pseudo header for checksum calculation */
pseudoh.src_addr = HDR_IP.src_addr;
pseudoh.dest_addr = HDR_IP.dest_addr;
pseudoh.zero = 0;
- pseudoh.protocol = hdr_ip_proto;
+ pseudoh.protocol = (guint8) hdr_ip_proto;
pseudoh.length = g_htons(proto_length);
/* Write UDP header */
if (hdr_udp) {
+ guint16 x16;
HDR_UDP.source_port = g_htons(hdr_src_port);
HDR_UDP.dest_port = g_htons(hdr_dest_port);
HDR_UDP.length = g_htons(proto_length);
+ /* Note: g_ntohs()/g_htons() macro arg may be eval'd twice so calc value before invoking macro */
HDR_UDP.checksum = 0;
- u = g_ntohs(in_checksum(&pseudoh, sizeof(pseudoh))) +
- g_ntohs(in_checksum(&HDR_UDP, sizeof(HDR_UDP))) +
- g_ntohs(in_checksum(packet_buf, curr_offset));
- HDR_UDP.checksum = g_htons((u & 0xffff) + (u>>16));
- if (HDR_UDP.checksum == 0) /* differenciate between 'none' and 0 */
+ x16 = in_checksum(&pseudoh, sizeof(pseudoh));
+ u = g_ntohs(x16);
+ x16 = in_checksum(&HDR_UDP, sizeof(HDR_UDP));
+ u += g_ntohs(x16);
+ x16 = in_checksum(packet_buf, curr_offset);
+ u += g_ntohs(x16);
+ x16 = (u & 0xffff) + (u>>16);
+ HDR_UDP.checksum = g_htons(x16);
+ if (HDR_UDP.checksum == 0) /* differentiate between 'none' and 0 */
HDR_UDP.checksum = g_htons(1);
- fwrite(&HDR_UDP, sizeof(HDR_UDP), 1, output_file);
+ if (fwrite(&HDR_UDP, sizeof(HDR_UDP), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* Write TCP header */
if (hdr_tcp) {
+ guint16 x16;
HDR_TCP.source_port = g_htons(hdr_src_port);
HDR_TCP.dest_port = g_htons(hdr_dest_port);
/* HDR_TCP.seq_num already correct */
HDR_TCP.window = g_htons(0x2000);
+ /* Note: g_ntohs()/g_htons() macro arg may be eval'd twice so calc value before invoking macro */
HDR_TCP.checksum = 0;
- u = g_ntohs(in_checksum(&pseudoh, sizeof(pseudoh))) +
- g_ntohs(in_checksum(&HDR_TCP, sizeof(HDR_TCP))) +
- g_ntohs(in_checksum(packet_buf, curr_offset));
- HDR_TCP.checksum = g_htons((u & 0xffff) + (u>>16));
- if (HDR_TCP.checksum == 0) /* differenciate between 'none' and 0 */
- HDR_TCP.checksum = g_htons(1);
-
- fwrite(&HDR_TCP, sizeof(HDR_TCP), 1, output_file);
+ x16 = in_checksum(&pseudoh, sizeof(pseudoh));
+ u = g_ntohs(x16);
+ x16 = in_checksum(&HDR_TCP, sizeof(HDR_TCP));
+ u += g_ntohs(x16);
+ x16 = in_checksum(packet_buf, curr_offset);
+ u += g_ntohs(x16);
+ x16 = (u & 0xffff) + (u>>16);
+ HDR_TCP.checksum = g_htons(x16);
+ if (HDR_TCP.checksum == 0) /* differentiate between 'none' and 0 */
+ HDR_TCP.checksum = g_htons(1);
+
+ if (fwrite(&HDR_TCP, sizeof(HDR_TCP), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* Compute DATA chunk header and append padding */
/* Write SCTP header */
if (hdr_sctp) {
+ guint32 x32;
HDR_SCTP.src_port = g_htons(hdr_sctp_src);
HDR_SCTP.dest_port = g_htons(hdr_sctp_dest);
HDR_SCTP.tag = g_htonl(hdr_sctp_tag);
HDR_SCTP.checksum = crc32c((guint8 *)&HDR_SCTP, sizeof(HDR_SCTP), ~0L);
if (hdr_data_chunk)
HDR_SCTP.checksum = crc32c((guint8 *)&HDR_DATA_CHUNK, sizeof(HDR_DATA_CHUNK), HDR_SCTP.checksum);
- HDR_SCTP.checksum = g_htonl(finalize_crc32c(crc32c(packet_buf, curr_offset, HDR_SCTP.checksum)));
+ /* Note: g_ntohl() macro arg may be eval'd twice so calc value before invoking macro */
+ x32 = finalize_crc32c(crc32c(packet_buf, curr_offset, HDR_SCTP.checksum));
+ HDR_SCTP.checksum = g_htonl(x32);
- fwrite(&HDR_SCTP, sizeof(HDR_SCTP), 1, output_file);
+ if (fwrite(&HDR_SCTP, sizeof(HDR_SCTP), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* Write DATA chunk header */
if (hdr_data_chunk) {
- fwrite(&HDR_DATA_CHUNK, sizeof(HDR_DATA_CHUNK), 1, output_file);
+ if (fwrite(&HDR_DATA_CHUNK, sizeof(HDR_DATA_CHUNK), 1, output_file) != 1)
+ goto write_current_packet_err;
}
/* Write packet */
- fwrite(packet_buf, curr_offset, 1, output_file);
+ if (fwrite(packet_buf, curr_offset, 1, output_file) != 1)
+ goto write_current_packet_err;
/* Write Ethernet trailer */
if (hdr_ethernet && eth_trailer_length > 0) {
memset(tempbuf, 0, eth_trailer_length);
- fwrite(tempbuf, eth_trailer_length, 1, output_file);
+ if (fwrite(tempbuf, eth_trailer_length, 1, output_file) != 1)
+ goto write_current_packet_err;
}
if (!quiet)
fprintf(stderr, "Wrote packet of %lu bytes at %u\n", curr_offset, g_ntohl(HDR_TCP.seq_num));
num_packets_written ++;
}
-
- HDR_TCP.seq_num = g_htonl(g_ntohl(HDR_TCP.seq_num) + curr_offset);
+ HDR_TCP.seq_num = g_ntohl(HDR_TCP.seq_num) + curr_offset;
+ HDR_TCP.seq_num = g_htonl(HDR_TCP.seq_num);
packet_start += curr_offset;
curr_offset = 0;
+ return;
+
+write_current_packet_err:
+ fprintf(stderr, "File write error [%s] : %s\n",
+ output_filename, g_strerror(errno));
+ exit(-1);
}
/*----------------------------------------------------------------------
fh.snaplen = 102400;
fh.network = pcap_link_type;
- fwrite(&fh, sizeof(fh), 1, output_file);
+ if (fwrite(&fh, sizeof(fh), 1, output_file) != 1) {
+ fprintf(stderr, "File write error [%s] : %s\n",
+ output_filename, g_strerror(errno));
+ exit(-1);
+ }
}
/*----------------------------------------------------------------------
if (toklen != 0) {
if (packet_preamble_len + toklen > PACKET_PREAMBLE_MAX_LEN)
return; /* no room to add the token to the preamble */
- strcpy(&packet_preamble[packet_preamble_len], str);
- packet_preamble_len += toklen;
+ g_strlcpy(&packet_preamble[packet_preamble_len], str, PACKET_PREAMBLE_MAX_LEN);
+ packet_preamble_len += (int) toklen;
+ if (debug >= 2) {
+ char *c;
+ char xs[PACKET_PREAMBLE_MAX_LEN];
+ g_strlcpy(xs, packet_preamble, PACKET_PREAMBLE_MAX_LEN);
+ while ((c = strchr(xs, '\r')) != NULL) *c=' ';
+ fprintf (stderr, "[[append_to_preamble: \"%s\"]]", xs);
+ }
}
}
/*----------------------------------------------------------------------
* Parse the preamble to get the timecode.
*/
+
static void
parse_preamble (void)
{
if (ts_fmt == NULL)
return;
- ts_sec = 0;
+ /*
+ * Initialize to today localtime, just in case not all fields
+ * of the date and time are specified.
+ */
+
+ timecode = timecode_default;
ts_usec = 0;
/*
*/
packet_preamble[packet_preamble_len] = '\0';
- /* Ensure preamble has more than two chars before atempting to parse.
+ /* Ensure preamble has more than two chars before attempting to parse.
* This should cover line breaks etc that get counted.
*/
if ( strlen(packet_preamble) > 2 ) {
- /*
- * Initialize to the Epoch, just in case not all fields
- * of the date and time are specified.
- */
- timecode.tm_sec = 0;
- timecode.tm_min = 0;
- timecode.tm_hour = 0;
- timecode.tm_mday = 1;
- timecode.tm_mon = 0;
- timecode.tm_year = 70;
- timecode.tm_wday = 0;
- timecode.tm_yday = 0;
- timecode.tm_isdst = -1;
-
/* Get Time leaving subseconds */
subsecs = strptime( packet_preamble, ts_fmt, &timecode );
if (subsecs != NULL) {
/* Get the long time from the tm structure */
- ts_sec = (gint32)mktime( &timecode );
+ /* (will return -1 if failure) */
+ ts_sec = mktime( &timecode );
} else
ts_sec = -1; /* we failed to parse it */
/* This will ensure incorrectly parsed dates get set to zero */
if ( -1 == ts_sec )
{
- ts_sec = 0;
+ /* Sanitize - remove all '\r' */
+ char *c;
+ while ((c = strchr(packet_preamble, '\r')) != NULL) *c=' ';
+ fprintf (stderr, "Failure processing time \"%s\" using time format \"%s\"\n (defaulting to Jan 1,1970 00:00:00 GMT)\n",
+ packet_preamble, ts_fmt);
+ if (debug >= 2) {
+ fprintf(stderr, "timecode: %02d/%02d/%d %02d:%02d:%02d %d\n",
+ timecode.tm_mday, timecode.tm_mon, timecode.tm_year,
+ timecode.tm_hour, timecode.tm_min, timecode.tm_sec, timecode.tm_isdst);
+ }
+ ts_sec = 0; /* Jan 1,1970: 00:00 GMT; tshark/wireshark will display date/time as adjusted by timezone */
ts_usec = 0;
}
else
* 10^-6 seconds, we multiply by
* 10^(6-N).
*/
- subseclen = p - subsecs;
+ subseclen = (int) (p - subsecs);
if (subseclen > 6) {
/*
* *More* than 6 digits; 6-N is
}
}
}
+ if (debug >= 2) {
+ char *c;
+ while ((c = strchr(packet_preamble, '\r')) != NULL) *c=' ';
+ fprintf(stderr, "[[parse_preamble: \"%s\"]]\n", packet_preamble);
+ fprintf(stderr, "Format(%s), time(%u), subsecs(%u)\n", ts_fmt, (guint32)ts_sec, ts_usec);
+ }
- /*printf("Format(%s), time(%u), subsecs(%u)\n\n", ts_fmt, ts_sec, ts_usec);*/
-
/* Clear Preamble */
packet_preamble_len = 0;
}
parse_token (token_t token, char *str)
{
unsigned long num;
+ int by_eol;
+ int rollback = 0;
+ int line_size;
+ int i;
+ char* s2;
+ char tmp_str[3];
/*
* This is implemented as a simple state machine of five states.
state_str[state], token_str[token], str ? str : "");
}
+ /* First token must be treated as a timestamp if time strip format is
+ not empty */
+ if (state == INIT || state == START_OF_LINE) {
+ if (ts_fmt != NULL && new_date_fmt) {
+ token = T_TEXT;
+ }
+ }
+
switch(state) {
/* ----- Waiting for new packet -------------------------------------------*/
/* New packet starts here */
start_new_packet();
state = READ_OFFSET;
+ pkt_lnstart = packet_buf + num;
}
break;
+ case T_EOL:
+ /* Some describing text may be parsed as offset, but the invalid
+ offset will be checked in the state of START_OF_LINE, so
+ we add this transition to gain flexibility */
+ state = START_OF_LINE;
+ break;
default:
break;
}
}
} else
state = READ_OFFSET;
+ pkt_lnstart = packet_buf + num;
+ break;
+ case T_EOL:
+ state = START_OF_LINE;
break;
default:
break;
case T_TEXT:
case T_DIRECTIVE:
case T_OFFSET:
- state = READ_TEXT;
- break;
case T_EOL:
- state = START_OF_LINE;
+ by_eol = 0;
+ state = READ_TEXT;
+ if (token == T_EOL) {
+ by_eol = 1;
+ state = START_OF_LINE;
+ }
+ if (identify_ascii) {
+ /* Here a line of pkt bytes reading is finished
+ compare the ascii and hex to avoid such situation:
+ "61 62 20 ab ", when ab is ascii dump then it should
+ not be treat as byte */
+ rollback = 0;
+ /* s2 is the ASCII string, s1 is the HEX string, e.g, when
+ s2 = "ab ", s1 = "616220"
+ we should find out the largest tail of s1 matches the head
+ of s2, it means the matched part in tail is the ASCII dump
+ of the head byte. These matched should be rollback */
+ line_size = curr_offset-(int)(pkt_lnstart-packet_buf);
+ s2 = (char*)g_malloc((line_size+1)/4+1);
+ /* gather the possible pattern */
+ for(i=0; i<(line_size+1)/4; i++) {
+ tmp_str[0] = pkt_lnstart[i*3];
+ tmp_str[1] = pkt_lnstart[i*3+1];
+ tmp_str[2] = '\0';
+ /* it is a valid convertable string */
+ if (!isxdigit(tmp_str[0]) || !isxdigit(tmp_str[0])) {
+ break;
+ }
+ s2[i] = (char)strtoul(tmp_str, (char **)NULL, 16);
+ rollback++;
+ /* the 3rd entry is not a delimiter, so the possible byte pattern will not shown */
+ if (!(pkt_lnstart[i*3+2] == ' ')) {
+ if (by_eol != 1)
+ rollback--;
+ break;
+ }
+ }
+ /* If packet line start contains possible byte pattern, the line end
+ should contain the matched pattern if the user open the -a flag.
+ The packet will be possible invalid if the byte pattern cannot find
+ a matched one in the line of packet buffer.*/
+ if (rollback > 0) {
+ if (strncmp(pkt_lnstart+line_size-rollback, s2, rollback) == 0) {
+ unwrite_bytes(rollback);
+ }
+ /* Not matched. This line contains invalid packet bytes, so
+ discard the whole line */
+ else {
+ unwrite_bytes(line_size);
+ }
+ }
+ g_free(s2);
+ }
break;
default:
break;
}
/*----------------------------------------------------------------------
- * Print helpstring and exit
+ * Print usage string and exit
*/
static void
-help (char *progname)
+usage (void)
{
fprintf(stderr,
+ "Text2pcap %s"
+#ifdef SVNVERSION
+ " (" SVNVERSION " from " SVNPATH ")"
+#endif
+ "\n"
+ "Generate a capture file from an ASCII hexdump of packets.\n"
+ "See http://www.wireshark.org for more information.\n"
+ "\n"
+ "Usage: text2pcap [options] <infile> <outfile>\n"
"\n"
- "Usage: %s [-h] [-d] [-q] [-o h|o] [-l typenum] [-e l3pid] [-i proto] \n"
- " [-m max-packet] [-u srcp,destp] [-T srcp,destp] [-s srcp,destp,tag]\n"
- " [-S srcp,destp,tag] [-t timefmt] <input-filename> <output-filename>\n"
+ "where <infile> specifies input filename (use - for standard input)\n"
+ " <outfile> specifies output filename (use - for standard output)\n"
"\n"
- "where <input-filename> specifies input filename (use - for standard input)\n"
- " <output-filename> specifies output filename (use - for standard output)\n"
+ "Input:\n"
+ " -o hex|oct|dec parse offsets as (h)ex, (o)ctal or (d)ecimal;\n"
+ " default is hex.\n"
+ " -t <timefmt> treat the text before the packet as a date/time code;\n"
+ " the specified argument is a format string of the sort\n"
+ " supported by strptime.\n"
+ " Example: The time \"10:15:14.5476\" has the format code\n"
+ " \"%%H:%%M:%%S.\"\n"
+ " NOTE: The subsecond component delimiter, '.', must be\n"
+ " given, but no pattern is required; the remaining\n"
+ " number is assumed to be fractions of a second.\n"
+ " NOTE: Date/time fields from the current date/time are\n"
+ " used as the default for unspecified fields.\n"
+ " -a enable ASCII text dump identification.\n"
+ " It allows to identify the start of the ASCII text\n"
+ " dump and not include it in the packet even if it\n"
+ " looks like HEX dump.\n"
+ " NOTE: Do not enable it if the input file does not\n"
+ " contain the ASCII text dump.\n"
"\n"
- "[options] are one or more of the following \n"
+ "Output:\n"
+ " -l <typenum> link-layer type number; default is 1 (Ethernet).\n"
+ " See the file net/bpf.h for list of numbers.\n"
+ " Use this option if your dump is a complete hex dump\n"
+ " of an encapsulated packet and you wish to specify\n"
+ " the exact type of encapsulation.\n"
+ " Example: -l 7 for ARCNet packets.\n"
+ " -m <max-packet> max packet length in output; default is %d\n"
"\n"
- " -h : Display this help message \n"
- " -d : Generate detailed debug of parser states \n"
- " -o hex|oct : Parse offsets as (h)ex or (o)ctal. Default is hex\n"
- " -l typenum : Specify link-layer type number. Default is 1 (Ethernet). \n"
- " See net/bpf.h for list of numbers.\n"
- " -q : Generate no output at all (automatically turns off -d)\n"
- " -e l3pid : Prepend dummy Ethernet II header with specified L3PID (in\n"
- " HEX)\n"
- " Example: -e 0x800\n"
- " -i proto : Prepend dummy IP header with specified IP protocol (in\n"
- " DECIMAL). \n"
- " Automatically prepends Ethernet header as well.\n"
- " Example: -i 46\n"
- " -m max-packet : Max packet length in output, default is %d\n"
- " -u srcp,destp : Prepend dummy UDP header with specified dest and source ports\n"
- " (in DECIMAL).\n"
- " Automatically prepends Ethernet and IP headers as well\n"
- " Example: -u 30,40\n"
- " -T srcp,destp : Prepend dummy TCP header with specified dest and source ports\n"
- " (in DECIMAL).\n"
- " Automatically prepends Ethernet and IP headers as well\n"
- " Example: -T 50,60\n"
- " -s srcp,dstp,tag: Prepend dummy SCTP header with specified dest/source ports\n"
- " and verification tag (in DECIMAL).\n"
- " Automatically prepends Ethernet and IP headers as well\n"
- " Example: -s 30,40,34\n"
- " -S srcp,dstp,ppi: Prepend dummy SCTP header with specified dest/source ports\n"
- " and verification tag 0. It also prepends a dummy SCTP DATA\n"
- " chunk header with payload protocol identifier ppi.\n"
- " Example: -S 30,40,34\n"
- " -t timefmt : Treats the text before the packet as a date/time code; the\n"
- " specified argument is a format string of the sort supported\n"
- " by strptime.\n"
- " Example: The time \"10:15:14.5476\" has the format code\n"
- " \"%%H:%%M:%%S.\"\n"
- " NOTE: The subsecond component delimiter must be specified\n"
- " (.) but no pattern is required; the remaining number\n"
- " is assumed to be fractions of a second.\n"
+ "Prepend dummy header:\n"
+ " -e <l3pid> prepend dummy Ethernet II header with specified L3PID\n"
+ " (in HEX).\n"
+ " Example: -e 0x806 to specify an ARP packet.\n"
+ " -i <proto> prepend dummy IP header with specified IP protocol\n"
+ " (in DECIMAL).\n"
+ " Automatically prepends Ethernet header as well.\n"
+ " Example: -i 46\n"
+ " -u <srcp>,<destp> prepend dummy UDP header with specified\n"
+ " dest and source ports (in DECIMAL).\n"
+ " Automatically prepends Ethernet & IP headers as well.\n"
+ " Example: -u 1000,69 to make the packets look like\n"
+ " TFTP/UDP packets.\n"
+ " -T <srcp>,<destp> prepend dummy TCP header with specified\n"
+ " dest and source ports (in DECIMAL).\n"
+ " Automatically prepends Ethernet & IP headers as well.\n"
+ " Example: -T 50,60\n"
+ " -s <srcp>,<dstp>,<tag> prepend dummy SCTP header with specified\n"
+ " dest/source ports and verification tag (in DECIMAL).\n"
+ " Automatically prepends Ethernet & IP headers as well.\n"
+ " Example: -s 30,40,34\n"
+ " -S <srcp>,<dstp>,<ppi> prepend dummy SCTP header with specified\n"
+ " dest/source ports and verification tag 0.\n"
+ " Automatically prepends a dummy SCTP DATA\n"
+ " chunk header with payload protocol identifier ppi.\n"
+ " Example: -S 30,40,34\n"
+ "\n"
+ "Miscellaneous:\n"
+ " -h display this help and exit.\n"
+ " -d show detailed debug of parser states.\n"
+ " -q generate no output at all (automatically turns off -d).\n"
"",
- progname, MAX_PACKET);
+ VERSION, MAX_PACKET);
exit(-1);
}
int c;
char *p;
+#ifdef _WIN32
+ arg_list_utf_16to8(argc, argv);
+#endif /* _WIN32 */
+
/* Scan CLI parameters */
- while ((c = getopt(argc, argv, "dhqe:i:l:m:o:u:s:S:t:T:")) != -1) {
+ while ((c = getopt(argc, argv, "Ddhqe:i:l:m:o:u:s:S:t:T:a")) != -1) {
switch(c) {
- case '?': help(argv[0]); break;
- case 'h': help(argv[0]); break;
+ case '?': usage(); break;
+ case 'h': usage(); break;
+ case 'D': new_date_fmt = 1; break;
case 'd': if (!quiet) debug++; break;
case 'q': quiet = TRUE; debug = FALSE; break;
case 'l': pcap_link_type = strtol(optarg, NULL, 0); break;
case 'm': max_offset = strtol(optarg, NULL, 0); break;
case 'o':
- if (optarg[0]!='h' && optarg[0] != 'o') {
- fprintf(stderr, "Bad argument for '-e': %s\n", optarg);
- help(argv[0]);
+ if (optarg[0]!='h' && optarg[0] != 'o' && optarg[0] != 'd') {
+ fprintf(stderr, "Bad argument for '-o': %s\n", optarg);
+ usage();
}
- offset_base = (optarg[0]=='o') ? 8 : 16;
+ switch(optarg[0]) {
+ case 'o': offset_base = 8; break;
+ case 'h': offset_base = 16; break;
+ case 'd': offset_base = 10; break;
+ }
break;
case 'e':
hdr_ethernet = TRUE;
if (sscanf(optarg, "%lx", &hdr_ethernet_proto) < 1) {
fprintf(stderr, "Bad argument for '-e': %s\n", optarg);
- help(argv[0]);
+ usage();
}
break;
case 'i':
hdr_ip = TRUE;
- if (sscanf(optarg, "%ld", &hdr_ip_proto) < 1) {
+ hdr_ip_proto = strtol(optarg, &p, 10);
+ if (p == optarg || *p != '\0' || hdr_ip_proto < 0 ||
+ hdr_ip_proto > 255) {
fprintf(stderr, "Bad argument for '-i': %s\n", optarg);
- help(argv[0]);
+ usage();
}
hdr_ethernet = TRUE;
hdr_ethernet_proto = 0x800;
hdr_sctp_src = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad src port for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
if (*p == '\0') {
fprintf(stderr, "No dest port specified for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_sctp_dest = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad dest port for '-s'\n");
- help(argv[0]);
+ usage();
}
if (*p == '\0') {
fprintf(stderr, "No tag specified for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_sctp_tag = strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
fprintf(stderr, "Bad tag for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
hdr_ip = TRUE;
hdr_sctp_src = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad src port for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
if (*p == '\0') {
fprintf(stderr, "No dest port specified for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_sctp_dest = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad dest port for '-s'\n");
- help(argv[0]);
- } if (*p == '\0') {
+ usage();
+ }
+ if (*p == '\0') {
fprintf(stderr, "No ppi specified for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_data_chunk_ppid = strtoul(optarg, &p, 10);
if (p == optarg || *p != '\0') {
fprintf(stderr, "Bad ppi for '-%c'\n", c);
- help(argv[0]);
+ usage();
}
hdr_ip = TRUE;
hdr_src_port = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad src port for '-u'\n");
- help(argv[0]);
+ usage();
}
if (*p == '\0') {
fprintf(stderr, "No dest port specified for '-u'\n");
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_dest_port = strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
fprintf(stderr, "Bad dest port for '-u'\n");
- help(argv[0]);
+ usage();
}
hdr_ip = TRUE;
hdr_ip_proto = 17;
hdr_src_port = strtol(optarg, &p, 10);
if (p == optarg || (*p != ',' && *p != '\0')) {
fprintf(stderr, "Bad src port for '-T'\n");
- help(argv[0]);
+ usage();
}
if (*p == '\0') {
fprintf(stderr, "No dest port specified for '-u'\n");
- help(argv[0]);
+ usage();
}
p++;
optarg = p;
hdr_dest_port = strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
fprintf(stderr, "Bad dest port for '-T'\n");
- help(argv[0]);
+ usage();
}
hdr_ip = TRUE;
hdr_ip_proto = 6;
hdr_ethernet_proto = 0x800;
break;
+ case 'a':
+ identify_ascii = TRUE;
+ break;
+
default:
- help(argv[0]);
+ usage();
}
}
if (optind >= argc || argc-optind < 2) {
fprintf(stderr, "Must specify input and output filename\n");
- help(argv[0]);
+ usage();
}
if (strcmp(argv[optind], "-")) {
- input_filename = strdup(argv[optind]);
- input_file = fopen(input_filename, "rb");
+ input_filename = g_strdup(argv[optind]);
+ input_file = ws_fopen(input_filename, "rb");
if (!input_file) {
fprintf(stderr, "Cannot open file [%s] for reading: %s\n",
- input_filename, strerror(errno));
+ input_filename, g_strerror(errno));
exit(-1);
}
} else {
}
if (strcmp(argv[optind+1], "-")) {
- output_filename = strdup(argv[optind+1]);
- output_file = fopen(output_filename, "wb");
+ output_filename = g_strdup(argv[optind+1]);
+ output_file = ws_fopen(output_filename, "wb");
if (!output_file) {
fprintf(stderr, "Cannot open file [%s] for writing: %s\n",
- output_filename, strerror(errno));
+ output_filename, g_strerror(errno));
exit(-1);
}
} else {
}
ts_sec = time(0); /* initialize to current time */
+ timecode_default = *localtime(&ts_sec);
+ timecode_default.tm_isdst = -1; /* Unknown for now, depends on time given to the strptime() function */
/* Display summary of our state */
if (!quiet) {
}
}
-int main(int argc, char *argv[])
+int
+main(int argc, char *argv[])
{
parse_options(argc, argv);
yylex();
write_current_packet();
+ fclose(input_file);
+ fclose(output_file);
if (debug)
fprintf(stderr, "\n-------------------------\n");
if (!quiet) {
- fprintf(stderr, "Read %ld potential packets, wrote %ld packets\n",
- num_packets_read, num_packets_written);
+ fprintf(stderr, "Read %ld potential packet%s, wrote %ld packet%s\n",
+ num_packets_read, (num_packets_read==1) ?"":"s",
+ num_packets_written, (num_packets_written==1)?"":"s");
}
return 0;
}