ui/summary.c

   1 /* summary.c
   2  * Routines for capture file summary info
   3  *
   4  * Wireshark - Network traffic analyzer
   5  * By Gerald Combs <gerald@wireshark.org>
   6  * Copyright 1998 Gerald Combs
   7  *
   8  * SPDX-License-Identifier: GPL-2.0-or-later
   9  */
  10
  11 #include <config.h>
  12
  13 #include <wiretap/pcap-encap.h>
  14 #include <wiretap/wtap_opttypes.h>
  15 #include <wiretap/pcapng.h>
  16
  17 #include <epan/packet.h>
  18 #include "cfile.h"
  19 #include "ui/summary.h"
  20
  21 static void
  22 tally_frame_data(frame_data *cur_frame, summary_tally *sum_tally)
  23 {
  24   double cur_time;
  25
  26   sum_tally->bytes += cur_frame->pkt_len;
  27   if (cur_frame->flags.passed_dfilter){
  28     sum_tally->filtered_count++;
  29     sum_tally->filtered_bytes += cur_frame->pkt_len;
  30   }
  31   if (cur_frame->flags.marked){
  32     sum_tally->marked_count++;
  33     sum_tally->marked_bytes += cur_frame->pkt_len;
  34   }
  35   if (cur_frame->flags.ignored){
  36     sum_tally->ignored_count++;
  37   }
  38
  39   if (cur_frame->flags.has_ts) {
  40     /* This packet has a time stamp. */
  41     cur_time = nstime_to_sec(&cur_frame->abs_ts);
  42
  43     sum_tally->packet_count_ts++;
  44     if (cur_time < sum_tally->start_time) {
  45       sum_tally->start_time = cur_time;
  46     }
  47     if (cur_time > sum_tally->stop_time){
  48       sum_tally->stop_time = cur_time;
  49     }
  50     if (cur_frame->flags.passed_dfilter){
  51       sum_tally->filtered_count_ts++;
  52       /*
  53        * If we've seen one filtered packet, this is the first
  54        * one.
  55        */
  56       if (sum_tally->filtered_count == 1){
  57         sum_tally->filtered_start= cur_time;
  58         sum_tally->filtered_stop = cur_time;
  59       } else {
  60         if (cur_time < sum_tally->filtered_start) {
  61           sum_tally->filtered_start = cur_time;
  62         }
  63         if (cur_time > sum_tally->filtered_stop) {
  64           sum_tally->filtered_stop = cur_time;
  65         }
  66       }
  67     }
  68     if (cur_frame->flags.marked){
  69       sum_tally->marked_count_ts++;
  70       /*
  71        * If we've seen one marked packet, this is the first
  72        * one.
  73        */
  74       if (sum_tally->marked_count == 1){
  75         sum_tally->marked_start= cur_time;
  76         sum_tally->marked_stop = cur_time;
  77       } else {
  78         if (cur_time < sum_tally->marked_start) {
  79           sum_tally->marked_start = cur_time;
  80         }
  81         if (cur_time > sum_tally->marked_stop) {
  82           sum_tally->marked_stop = cur_time;
  83         }
  84       }
  85     }
  86   }
  87 }
  88
  89 void
  90 summary_fill_in(capture_file *cf, summary_tally *st)
  91 {
  92   frame_data    *first_frame, *cur_frame;
  93   guint32        framenum;
  94   iface_options iface;
  95   guint i;
  96   wtapng_iface_descriptions_t* idb_info;
  97   wtap_block_t wtapng_if_descr;
  98   wtapng_if_descr_mandatory_t *wtapng_if_descr_mand;
  99   wtap_block_t if_stats;
 100   guint64 isb_ifdrop;
 101   char* if_string;
 102   wtapng_if_descr_filter_t* if_filter;
 103
 104   st->packet_count_ts = 0;
 105   st->start_time = 0;
 106   st->stop_time = 0;
 107   st->bytes = 0;
 108   st->filtered_count = 0;
 109   st->filtered_count_ts = 0;
 110   st->filtered_start = 0;
 111   st->filtered_stop = 0;
 112   st->filtered_bytes = 0;
 113   st->marked_count = 0;
 114   st->marked_count_ts = 0;
 115   st->marked_start = 0;
 116   st->marked_stop = 0;
 117   st->marked_bytes = 0;
 118   st->ignored_count = 0;
 119
 120   /* initialize the tally */
 121   if (cf->count != 0) {
 122     first_frame = frame_data_sequence_find(cf->provider.frames, 1);
 123     st->start_time = nstime_to_sec(&first_frame->abs_ts);
 124     st->stop_time = nstime_to_sec(&first_frame->abs_ts);
 125
 126     for (framenum = 1; framenum <= cf->count; framenum++) {
 127       cur_frame = frame_data_sequence_find(cf->provider.frames, framenum);
 128       tally_frame_data(cur_frame, st);
 129     }
 130   }
 131
 132   st->filename = cf->filename;
 133   st->file_length = cf->f_datalen;
 134   st->file_type = cf->cd_t;
 135   st->iscompressed = cf->iscompressed;
 136   st->is_tempfile = cf->is_tempfile;
 137   st->file_encap_type = cf->lnk_t;
 138   st->packet_encap_types = cf->linktypes;
 139   st->snap = cf->snap;
 140   st->elapsed_time = nstime_to_sec(&cf->elapsed_time);
 141   st->packet_count = cf->count;
 142   st->drops_known = cf->drops_known;
 143   st->drops = cf->drops;
 144   st->dfilter = cf->dfilter;
 145
 146   st->ifaces  = g_array_new(FALSE, FALSE, sizeof(iface_options));
 147   idb_info = wtap_file_get_idb_info(cf->provider.wth);
 148   for (i = 0; i < idb_info->interface_data->len; i++) {
 149     wtapng_if_descr = g_array_index(idb_info->interface_data, wtap_block_t, i);
 150     wtapng_if_descr_mand = (wtapng_if_descr_mandatory_t*)wtap_block_get_mandatory_data(wtapng_if_descr);
 151     if (wtap_block_get_custom_option_value(wtapng_if_descr, OPT_IDB_FILTER, (void**)&if_filter) == WTAP_OPTTYPE_SUCCESS) {
 152       iface.cfilter = g_strdup(if_filter->if_filter_str);
 153     } else {
 154       iface.cfilter = NULL;
 155     }
 156     if (wtap_block_get_string_option_value(wtapng_if_descr, OPT_IDB_NAME, &if_string) == WTAP_OPTTYPE_SUCCESS) {
 157       iface.name = g_strdup(if_string);
 158     } else {
 159       iface.name = NULL;
 160     }
 161     if (wtap_block_get_string_option_value(wtapng_if_descr, OPT_IDB_DESCR, &if_string) == WTAP_OPTTYPE_SUCCESS) {
 162       iface.descr = g_strdup(if_string);
 163     } else {
 164       iface.descr = NULL;
 165     }
 166     iface.drops_known = FALSE;
 167     iface.drops = 0;
 168     iface.snap = wtapng_if_descr_mand->snap_len;
 169     iface.encap_type = wtapng_if_descr_mand->wtap_encap;
 170     iface.isb_comment = NULL;
 171     if(wtapng_if_descr_mand->num_stat_entries == 1){
 172       /* dumpcap only writes one ISB, only handle that for now */
 173       if_stats = g_array_index(wtapng_if_descr_mand->interface_statistics, wtap_block_t, 0);
 174       if (wtap_block_get_uint64_option_value(if_stats, OPT_ISB_IFDROP, &isb_ifdrop) == WTAP_OPTTYPE_SUCCESS) {
 175         iface.drops_known = TRUE;
 176         iface.drops = isb_ifdrop;
 177       }
 178       /* XXX: this doesn't get used, and might need to be g_strdup'ed when it does */
 179       /* XXX - support multiple comments */
 180       if (wtap_block_get_nth_string_option_value(if_stats, OPT_COMMENT, 0, &iface.isb_comment) != WTAP_OPTTYPE_SUCCESS) {
 181         iface.isb_comment = NULL;
 182       }
 183     }
 184     g_array_append_val(st->ifaces, iface);
 185   }
 186   g_free(idb_info);
 187 }
 188
 189 #ifdef HAVE_LIBPCAP
 190 void
 191 summary_fill_in_capture(capture_file *cf,capture_options *capture_opts, summary_tally *st)
 192 {
 193   iface_options iface;
 194   interface_t *device;
 195   guint i;
 196
 197   if (st->ifaces->len == 0) {
 198     /*
 199      * XXX - do this only if we have a live capture.
 200      */
 201     for (i = 0; i < capture_opts->all_ifaces->len; i++) {
 202       device = &g_array_index(capture_opts->all_ifaces, interface_t, i);
 203       if (!device->selected) {
 204         continue;
 205       }
 206       iface.cfilter = g_strdup(device->cfilter);
 207       iface.name = g_strdup(device->name);
 208       iface.descr = g_strdup(device->display_name);
 209       iface.drops_known = cf->drops_known;
 210       iface.drops = cf->drops;
 211       iface.snap = device->snaplen;
 212       iface.encap_type = wtap_pcap_encap_to_wtap_encap(device->active_dlt);
 213       g_array_append_val(st->ifaces, iface);
 214     }
 215   }
 216 }
 217 #endif
 218
 219 /*
 220  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
 221  *
 222  * Local Variables:
 223  * c-basic-offset: 2
 224  * tab-width: 8
 225  * indent-tabs-mode: nil
 226  * End:
 227  *
 228  * ex: set shiftwidth=2 tabstop=8 expandtab:
 229  * :indentSize=2:tabSize=8:noTabs=true:
 230  */