*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
+#include "config.h"
#include <stdio.h>
#include <glib.h>
#include <gmodule.h>
-#ifdef HAVE_LIBPCAP
-#include <pcap.h>
-#endif
+#include <epan/strutil.h>
+#include "capture_ifinfo.h"
#include "capture-pcap-util.h"
#include "capture-pcap-util-int.h"
+#include "capture-wpcap.h"
+
+#include <wsutil/file_util.h>
/* XXX - yes, I know, I should move cppmagic.h to a generic location. */
#include "tools/lemon/cppmagic.h"
static int (*p_pcap_datalink) (pcap_t *);
static int (*p_pcap_setfilter) (pcap_t *, struct bpf_program *);
static char* (*p_pcap_geterr) (pcap_t *);
-static int (*p_pcap_compile) (pcap_t *, struct bpf_program *, char *, int,
+static int (*p_pcap_compile) (pcap_t *, struct bpf_program *, const char *, int,
+ bpf_u_int32);
+static int (*p_pcap_compile_nopcap) (int, int, struct bpf_program *, const char *, int,
bpf_u_int32);
-#ifdef WPCAP_CONSTIFIED
static int (*p_pcap_lookupnet) (const char *, bpf_u_int32 *, bpf_u_int32 *,
char *);
static pcap_t* (*p_pcap_open_live) (const char *, int, int, int, char *);
-#else
-static int (*p_pcap_lookupnet) (char *, bpf_u_int32 *, bpf_u_int32 *,
- char *);
-static pcap_t* (*p_pcap_open_live) (char *, int, int, int, char *);
-#endif
static int (*p_pcap_loop) (pcap_t *, int, pcap_handler, guchar *);
+#ifdef HAVE_PCAP_OPEN_DEAD
+static pcap_t* (*p_pcap_open_dead) (int, int);
+#endif
static void (*p_pcap_freecode) (struct bpf_program *);
#ifdef HAVE_PCAP_FINDALLDEVS
static int (*p_pcap_findalldevs) (pcap_if_t **, char *);
#ifdef HAVE_PCAP_DATALINK_VAL_TO_NAME
static const char *(*p_pcap_datalink_val_to_name) (int);
#endif
+#ifdef HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION
+static const char *(*p_pcap_datalink_val_to_description) (int);
+#endif
#ifdef HAVE_PCAP_BREAKLOOP
static void (*p_pcap_breakloop) (pcap_t *);
#endif
static struct pcap_samp* (*p_pcap_setsampling)(pcap_t *);
#endif
+#ifdef HAVE_PCAP_LIST_DATALINKS
+static int (*p_pcap_list_datalinks)(pcap_t *, int **);
+#endif
+
+#ifdef HAVE_PCAP_SET_DATALINK
+static int (*p_pcap_set_datalink)(pcap_t *, int);
+#endif
+
+#ifdef HAVE_PCAP_FREE_DATALINKS
+static int (*p_pcap_free_datalinks)(int *);
+#endif
+
+#ifdef HAVE_BPF_IMAGE
+static char *(*p_bpf_image) (const struct bpf_insn *, int);
+#endif
+
typedef struct {
const char *name;
gpointer *ptr;
SYM(pcap_setfilter, FALSE),
SYM(pcap_geterr, FALSE),
SYM(pcap_compile, FALSE),
+ SYM(pcap_compile_nopcap, FALSE),
SYM(pcap_lookupnet, FALSE),
#ifdef HAVE_PCAP_REMOTE
SYM(pcap_open, FALSE),
SYM(pcap_findalldevs_ex, FALSE),
SYM(pcap_createsrcstr, FALSE),
-#else
+#endif
SYM(pcap_open_live, FALSE),
+#ifdef HAVE_PCAP_OPEN_DEAD
+ SYM(pcap_open_dead, FALSE),
#endif
#ifdef HAVE_PCAP_SETSAMPLING
SYM(pcap_setsampling, TRUE),
#ifdef HAVE_PCAP_DATALINK_VAL_TO_NAME
SYM(pcap_datalink_val_to_name, TRUE),
#endif
+#ifdef HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION
+ SYM(pcap_datalink_val_to_description, TRUE),
+#endif
#ifdef HAVE_PCAP_BREAKLOOP
/*
* We don't try to work around the lack of this at
SYM(pcap_lib_version, TRUE),
SYM(pcap_setbuff, TRUE),
SYM(pcap_next_ex, TRUE),
+#ifdef HAVE_PCAP_LIST_DATALINKS
+ SYM(pcap_list_datalinks, FALSE),
+#endif
+#ifdef HAVE_PCAP_SET_DATALINK
+ SYM(pcap_set_datalink, FALSE),
+#endif
+#ifdef HAVE_PCAP_FREE_DATALINKS
+ SYM(pcap_free_datalinks, TRUE),
+#endif
+#ifdef HAVE_BPF_IMAGE
+ SYM(bpf_image, FALSE),
+#endif
{ NULL, NULL, FALSE }
};
GModule *wh; /* wpcap handle */
const symbol_table_t *sym;
- wh = g_module_open("wpcap", 0);
+ wh = ws_module_open("wpcap.dll", 0);
if (!wh) {
return;
has_wpcap = TRUE;
}
+/*
+ * The official list of WinPcap mirrors is at
+ * http://www.winpcap.org/misc/mirrors.htm
+ */
+char *
+cant_load_winpcap_err(const char *app_name)
+{
+ return g_strdup_printf(
+"Unable to load WinPcap (wpcap.dll); %s will not be able to capture\n"
+"packets.\n"
+"\n"
+"In order to capture packets, WinPcap must be installed; see\n"
+"\n"
+" http://www.winpcap.org/\n"
+"\n"
+"or the mirror at\n"
+"\n"
+" http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/\n"
+"\n"
+"or the mirror at\n"
+"\n"
+" http://winpcap.cs.pu.edu.tw/\n"
+"\n"
+"for a downloadable version of WinPcap and for instructions on how to install\n"
+"WinPcap.",
+ app_name);
+}
+
char*
pcap_lookupdev (char *a)
{
- g_assert(has_wpcap);
+ if (!has_wpcap) {
+ return NULL;
+ }
return p_pcap_lookupdev(a);
}
return p_pcap_datalink(a);
}
+#ifdef HAVE_PCAP_SET_DATALINK
+int
+pcap_set_datalink(pcap_t *p, int dlt)
+{
+ g_assert(has_wpcap);
+ return p_pcap_set_datalink(p, dlt);
+}
+#endif
+
int
pcap_setfilter(pcap_t *a, struct bpf_program *b)
{
}
int
-pcap_compile(pcap_t *a, struct bpf_program *b, char *c, int d,
+pcap_compile(pcap_t *a, struct bpf_program *b, const char *c, int d,
bpf_u_int32 e)
{
g_assert(has_wpcap);
}
int
-#ifdef WPCAP_CONSTIFIED
+pcap_compile_nopcap(int a, int b, struct bpf_program *c, const char *d, int e,
+ bpf_u_int32 f)
+{
+ g_assert(has_wpcap);
+ return p_pcap_compile_nopcap(a, b, c, d, e, f);
+}
+
+int
pcap_lookupnet(const char *a, bpf_u_int32 *b, bpf_u_int32 *c, char *d)
-#else
-pcap_lookupnet(char *a, bpf_u_int32 *b, bpf_u_int32 *c, char *d)
-#endif
{
g_assert(has_wpcap);
return p_pcap_lookupnet(a, b, c, d);
}
pcap_t*
-#ifdef WPCAP_CONSTIFIED
pcap_open_live(const char *a, int b, int c, int d, char *e)
-#else
-pcap_open_live(char *a, int b, int c, int d, char *e)
+{
+ if (!has_wpcap) {
+ g_snprintf(e, PCAP_ERRBUF_SIZE,
+ "unable to load WinPcap (wpcap.dll); can't open %s to capture",
+ a);
+ return NULL;
+ }
+ return p_pcap_open_live(a, b, c, d, e);
+}
+
+#ifdef HAVE_PCAP_OPEN_DEAD
+pcap_t*
+pcap_open_dead(int a, int b)
+{
+ if (!has_wpcap) {
+ return NULL;
+ }
+ return p_pcap_open_dead(a, b);
+}
#endif
+
+#ifdef HAVE_BPF_IMAGE
+char *
+bpf_image(const struct bpf_insn *a, int b)
{
- g_assert(has_wpcap);
- return p_pcap_open_live(a, b, c, d, e);
+ if (!has_wpcap) {
+ return NULL;
+ }
+ return p_bpf_image(a, b);
}
+#endif
#ifdef HAVE_PCAP_REMOTE
pcap_t*
pcap_open(const char *a, int b, int c, int d, struct pcap_rmtauth *e, char *f)
{
- g_assert(has_wpcap);
+ if (!has_wpcap) {
+ g_snprintf(f, PCAP_ERRBUF_SIZE,
+ "unable to load WinPcap (wpcap.dll); can't open %s to capture",
+ a);
+ return NULL;
+ }
return p_pcap_open(a, b, c, d, e, f);
}
}
#endif
-#if defined(HAVE_PCAP_DATALINK_NAME_TO_VAL) || defined(HAVE_PCAP_DATALINK_VAL_TO_NAME)
+#if defined(HAVE_PCAP_DATALINK_NAME_TO_VAL) || defined(HAVE_PCAP_DATALINK_VAL_TO_NAME) || defined(HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION)
/*
* Table of DLT_ types, names, and descriptions, for use if the version
* of WinPcap we have installed lacks "pcap_datalink_name_to_val()"
#endif
#ifdef DLT_HDLC
DLT_CHOICE(DLT_HDLC, "Cisco HDLC"),
+#endif
+#ifdef DLT_PPI
+ DLT_CHOICE(DLT_PPI, "Per-Packet Information"),
#endif
DLT_CHOICE_SENTINEL
};
-#endif /* defined(HAVE_PCAP_DATALINK_NAME_TO_VAL) || defined(HAVE_PCAP_DATALINK_VAL_TO_NAME) */
+#endif /* defined(HAVE_PCAP_DATALINK_NAME_TO_VAL) || defined(HAVE_PCAP_DATALINK_VAL_TO_NAME) || defined(HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION */
#ifdef HAVE_PCAP_DATALINK_NAME_TO_VAL
int
}
#endif
+#ifdef HAVE_PCAP_LIST_DATALINKS
+int
+pcap_list_datalinks(pcap_t *p, int **ddlt)
+{
+ g_assert(has_wpcap);
+ return p_pcap_list_datalinks(p, ddlt);
+}
+#endif
+
+#ifdef HAVE_PCAP_FREE_DATALINKS
+void
+pcap_free_datalinks(int *ddlt)
+{
+ g_assert(has_wpcap);
+
+ /*
+ * If we don't have pcap_free_datalinks() in WinPcap,
+ * we don't free the memory - we can't use free(), as
+ * we might not have been built with the same version
+ * of the C runtime library as WinPcap was, and, if we're
+ * not, free() isn't guaranteed to work on something
+ * allocated by WinPcap.
+ */
+ if (p_pcap_free_datalinks != NULL)
+ p_pcap_free_datalinks(ddlt);
+}
+#endif
+
#ifdef HAVE_PCAP_DATALINK_VAL_TO_NAME
const char *
pcap_datalink_val_to_name(int dlt)
}
#endif
+#ifdef HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION
+const char *
+pcap_datalink_val_to_description(int dlt)
+{
+ int i;
+
+ g_assert(has_wpcap);
+
+ if (p_pcap_datalink_val_to_description != NULL)
+ return p_pcap_datalink_val_to_description(dlt);
+ else {
+ /*
+ * We don't have it in WinPcap; do it ourselves.
+ */
+ for (i = 0; dlt_choices[i].name != NULL; i++) {
+ if (dlt_choices[i].dlt == dlt)
+ return (dlt_choices[i].description);
+ }
+ return NULL;
+ }
+}
+#endif
+
#ifdef HAVE_PCAP_BREAKLOOP
void pcap_breakloop(pcap_t *a)
{
GList *
get_interface_list(int *err, char **err_str)
{
-#ifdef HAVE_PCAP_REMOTE
- char source[PCAP_BUF_SIZE];
-#else
GList *il = NULL;
wchar_t *names;
char *win95names;
char ascii_name[MAX_WIN_IF_NAME_LEN + 1];
char ascii_desc[MAX_WIN_IF_NAME_LEN + 1];
int i, j;
-#endif
char errbuf[PCAP_ERRBUF_SIZE];
-#ifdef HAVE_PCAP_REMOTE
- if (p_pcap_createsrcstr(source, PCAP_SRC_IFLOCAL, NULL, NULL,
- NULL, errbuf) == -1) {
- *err = CANT_GET_INTERFACE_LIST;
- if (err_str != NULL)
- *err_str = cant_get_if_list_error_message(errbuf);
- return NULL;
- }
- return get_interface_list_findalldevs_ex(source, NULL, err, err_str);
-#else
+ if (!has_wpcap) {
+ /*
+ * We don't have WinPcap, so we can't get a list of
+ * interfaces.
+ */
+ *err = DONT_HAVE_PCAP;
+ *err_str = cant_load_winpcap_err("you");
+ return NULL;
+ }
#ifdef HAVE_PCAP_FINDALLDEVS
if (p_pcap_findalldevs != NULL)
j = 0;
while (names[i] != 0) {
if (j < MAX_WIN_IF_NAME_LEN)
- ascii_name[j++] = (char) names[i++];
+ ascii_name[j++] = (char) names[i++];
}
ascii_name[j] = '\0';
i++;
il = g_list_append(il,
- if_info_new(ascii_name, ascii_desc));
+ if_info_new(ascii_name, ascii_desc, FALSE));
}
} else {
/*
* that interface's description.
*/
il = g_list_append(il,
- if_info_new(&win95names[i], desc));
+ if_info_new(&win95names[i], desc, FALSE));
/*
* Skip to the next description.
}
return il;
-#endif /* HAVE_PCAP_REMOTE */
}
/*
void
get_compiled_pcap_version(GString *str)
{
- g_string_append(str, "with WinPcap (version unknown)");
+ g_string_append(str, "with WinPcap (" STRINGIFY(PCAP_VERSION) ")");
}
/*
* not and, if we have it and we have "pcap_lib_version()",
* what version we have.
*/
- GModule *handle; /* handle returned by dlopen */
+ GModule *handle; /* handle returned by ws_module_open */
static gchar *packetVer;
gchar *blankp;
if (has_wpcap) {
- g_string_sprintfa(str, "with ");
+ g_string_append_printf(str, "with ");
if (p_pcap_lib_version != NULL)
- g_string_sprintfa(str, p_pcap_lib_version());
+ g_string_append_printf(str, p_pcap_lib_version());
else {
/*
* An alternative method of obtaining the version
*/
if (packetVer == NULL) {
packetVer = "version unknown";
- handle = g_module_open("Packet.dll", 0);
+ handle = ws_module_open("packet.dll", 0);
if (handle != NULL) {
if (g_module_symbol(handle,
"PacketLibraryVersion",
g_module_close(handle);
}
}
- g_string_sprintfa(str, "WinPcap (%s)", packetVer);
+ g_string_append_printf(str, "WinPcap (%s)", packetVer);
}
} else
g_string_append(str, "without WinPcap");