* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#include "config.h"
+#include <config.h>
#include <stdio.h>
#include <stdlib.h> /* for exit() */
#include <glib.h>
#include <string.h>
-#include <ctype.h>
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#include <netinet/in.h>
#endif
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
#include <signal.h>
#include <errno.h>
+#ifdef HAVE_LIBZ
+#include <zlib.h> /* to get the libz version number */
+#endif
+
+#include <wsutil/cmdarg_err.h>
#include <wsutil/crash_info.h>
-#include <wsutil/copyright_info.h>
+#include <wsutil/ws_diag_control.h>
+#include <wsutil/ws_version_info.h>
-#ifndef HAVE_GETOPT
+#ifndef HAVE_GETOPT_LONG
#include "wsutil/wsgetopt.h"
#endif
#endif
#include "ringbuffer.h"
-#include "clopts_common.h"
-#include "cmdarg_err.h"
-#include "version_info.h"
-#include "capture-pcap-util.h"
+#include "caputils/capture_ifinfo.h"
+#include "caputils/capture-pcap-util.h"
+#include "caputils/capture-pcap-util-int.h"
#ifdef _WIN32
-#include "capture-wpcap.h"
+#include "caputils/capture-wpcap.h"
#endif /* _WIN32 */
#include "pcapio.h"
#ifdef _WIN32
-#include "capture-wpcap.h"
#include <wsutil/unicode-utils.h>
#endif
# include "wsutil/inet_v6defs.h"
#endif
+#include <wsutil/clopts_common.h>
#include <wsutil/privileges.h>
#include "sync_pipe.h"
#include "capture_opts.h"
-#include "capture_session.h"
-#include "capture_ifinfo.h"
-#include "capture_sync.h"
+#include <capchild/capture_session.h>
+#include <capchild/capture_sync.h>
#include "conditions.h"
#include "capture_stop_conditions.h"
#include "wsutil/tempfile.h"
#include "log.h"
#include "wsutil/file_util.h"
+#include "wsutil/os_version_info.h"
+#include "wsutil/str_util.h"
-#include "ws80211_utils.h"
+#include "caputils/ws80211_utils.h"
+
+#ifdef HAVE_EXTCAP
+#include "extcap.h"
+#endif
/*
* Get information about libpcap format from "wiretap/libpcap.h".
ssize_t written _U_;
static const char file[] = "/proc/sys/net/core/bpf_jit_enable";
- fd = open(file, O_WRONLY);
+ fd = ws_open(file, O_WRONLY);
if (fd < 0)
return;
- written = write(fd, "1", strlen("1"));
+ written = ws_write(fd, "1", strlen("1"));
- close(fd);
+ ws_close(fd);
}
#endif
*/
static const char please_report[] =
"Please report this to the Wireshark developers.\n"
- "http://bugs.wireshark.org/\n"
+ "https://bugs.wireshark.org/\n"
"(This is not a crash; please do not report it as such.)";
/*
*/
static loop_data global_ld;
-
/*
* Timeout, in milliseconds, for reads from the stream of captured packets
* from a capture device.
}
static void
-print_usage(gboolean print_ver)
+print_usage(FILE *output)
{
- FILE *output;
-
- if (print_ver) {
- output = stdout;
- fprintf(output,
- "Dumpcap " VERSION "%s\n"
- "Capture network packets and dump them into a pcapng file.\n"
- "See http://www.wireshark.org for more information.\n",
- wireshark_gitversion);
- } else {
- output = stderr;
- }
fprintf(output, "\nUsage: dumpcap [options] ...\n");
fprintf(output, "\n");
fprintf(output, "Capture interface:\n");
#ifdef HAVE_PCAP_CREATE
fprintf(output, " -I capture in monitor mode, if available\n");
#endif
-#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
+#ifdef CAN_SET_CAPTURE_BUFFER_SIZE
fprintf(output, " -B <buffer size> size of kernel buffer in MiB (def: %dMiB)\n", DEFAULT_CAPTURE_BUFFER_SIZE);
#endif
fprintf(output, " -y <link type> link layer type (def: first appropriate)\n");
fprintf(output, "Use Ctrl-C to stop capturing at any time.\n");
}
-static void
-show_version(GString *comp_info_str, GString *runtime_info_str)
-{
- printf(
- "Dumpcap " VERSION "%s\n"
- "\n"
- "%s\n"
- "%s\n"
- "%s\n"
- "See http://www.wireshark.org for more information.\n",
- wireshark_gitversion, get_copyright_info(), comp_info_str->str, runtime_info_str->str);
-}
-
/*
* Report an error in command-line arguments.
+ * If we're a capture child, send a message back to the parent, otherwise
+ * just print it.
*/
-void
-cmdarg_err(const char *fmt, ...)
+static void
+dumpcap_cmdarg_err(const char *fmt, va_list ap)
{
- va_list ap;
-
if (capture_child) {
gchar *msg;
/* Generate a 'special format' message back to parent */
- va_start(ap, fmt);
msg = g_strdup_vprintf(fmt, ap);
sync_pipe_errmsg_to_parent(2, msg, "");
g_free(msg);
- va_end(ap);
} else {
- va_start(ap, fmt);
fprintf(stderr, "dumpcap: ");
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
- va_end(ap);
}
}
/*
* Report additional information for an error in command-line arguments.
+ * If we're a capture child, send a message back to the parent, otherwise
+ * just print it.
*/
-void
-cmdarg_err_cont(const char *fmt, ...)
+static void
+dumpcap_cmdarg_err_cont(const char *fmt, va_list ap)
{
- va_list ap;
-
if (capture_child) {
gchar *msg;
- va_start(ap, fmt);
msg = g_strdup_vprintf(fmt, ap);
sync_pipe_errmsg_to_parent(2, msg, "");
g_free(msg);
- va_end(ap);
} else {
- va_start(ap, fmt);
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
- va_end(ap);
}
}
}
#endif
-static pcap_t *
-open_capture_device(interface_options *interface_opts,
- char (*open_err_str)[PCAP_ERRBUF_SIZE])
-{
- pcap_t *pcap_h;
-#ifdef HAVE_PCAP_CREATE
- int err;
-#endif
-#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE)
- struct pcap_rmtauth auth;
-#endif
-
- /* Open the network interface to capture from it.
- Some versions of libpcap may put warnings into the error buffer
- if they succeed; to tell if that's happened, we have to clear
- the error buffer, and check if it's still a null string. */
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Entering open_capture_device().");
- (*open_err_str)[0] = '\0';
-#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE)
- /*
- * If we're opening a remote device, use pcap_open(); that's currently
- * the only open routine that supports remote devices.
- */
- if (strncmp (interface_opts->name, "rpcap://", 8) == 0) {
- auth.type = interface_opts->auth_type == CAPTURE_AUTH_PWD ?
- RPCAP_RMTAUTH_PWD : RPCAP_RMTAUTH_NULL;
- auth.username = interface_opts->auth_username;
- auth.password = interface_opts->auth_password;
-
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_open() using name %s, snaplen %d, promisc_mode %d, datatx_udp %d, nocap_rpcap %d.",
- interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode,
- interface_opts->datatx_udp, interface_opts->nocap_rpcap);
- pcap_h = pcap_open(interface_opts->name, interface_opts->snaplen,
- /* flags */
- (interface_opts->promisc_mode ? PCAP_OPENFLAG_PROMISCUOUS : 0) |
- (interface_opts->datatx_udp ? PCAP_OPENFLAG_DATATX_UDP : 0) |
- (interface_opts->nocap_rpcap ? PCAP_OPENFLAG_NOCAPTURE_RPCAP : 0),
- CAP_READ_TIMEOUT, &auth, *open_err_str);
- if (pcap_h == NULL) {
- /* Error - did pcap actually supply an error message? */
- if ((*open_err_str)[0] == '\0') {
- /* Work around known WinPcap bug wherein no error message is
- filled in on a failure to open an rpcap: URL. */
- g_strlcpy(*open_err_str,
- "Unknown error (pcap bug; actual error cause not reported)",
- sizeof *open_err_str);
- }
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open() returned %p.", (void *)pcap_h);
- } else
-#endif
- {
- /*
- * If we're not opening a remote device, use pcap_create() and
- * pcap_activate() if we have them, so that we can set the buffer
- * size, otherwise use pcap_open_live().
- */
-#ifdef HAVE_PCAP_CREATE
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_create() using %s.", interface_opts->name);
- pcap_h = pcap_create(interface_opts->name, *open_err_str);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_create() returned %p.", (void *)pcap_h);
- if (pcap_h != NULL) {
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_set_snaplen() with snaplen %d.", interface_opts->snaplen);
- pcap_set_snaplen(pcap_h, interface_opts->snaplen);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_set_promisc() with promisc_mode %d.", interface_opts->promisc_mode);
- pcap_set_promisc(pcap_h, interface_opts->promisc_mode);
- pcap_set_timeout(pcap_h, CAP_READ_TIMEOUT);
-
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "buffersize %d.", interface_opts->buffer_size);
- if (interface_opts->buffer_size != 0) {
- pcap_set_buffer_size(pcap_h, interface_opts->buffer_size * 1024 * 1024);
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "monitor_mode %d.", interface_opts->monitor_mode);
- if (interface_opts->monitor_mode)
- pcap_set_rfmon(pcap_h, 1);
- err = pcap_activate(pcap_h);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_activate() returned %d.", err);
- if (err < 0) {
- /* Failed to activate, set to NULL */
- if (err == PCAP_ERROR)
- g_strlcpy(*open_err_str, pcap_geterr(pcap_h), sizeof *open_err_str);
- else
- g_strlcpy(*open_err_str, pcap_statustostr(err), sizeof *open_err_str);
- pcap_close(pcap_h);
- pcap_h = NULL;
- }
- }
-#else
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open_live() calling using name %s, snaplen %d, promisc_mode %d.",
- interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode);
- pcap_h = pcap_open_live(interface_opts->name, interface_opts->snaplen,
- interface_opts->promisc_mode, CAP_READ_TIMEOUT,
- *open_err_str);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open_live() returned %p.", (void *)pcap_h);
-#endif
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "open_capture_device %s : %s", pcap_h ? "SUCCESS" : "FAILURE", interface_opts->name);
- return pcap_h;
-}
-
static void
get_capture_device_open_failure_messages(const char *open_err_str,
const char *iface,
"\n"
"In order to capture packets, WinPcap must be installed; see\n"
"\n"
- " http://www.winpcap.org/\n"
- "\n"
- "or the mirror at\n"
- "\n"
- " http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/\n"
- "\n"
- "or the mirror at\n"
- "\n"
- " http://winpcap.cs.pu.edu.tw/\n"
+ " https://www.winpcap.org/\n"
"\n"
"for a downloadable version of WinPcap and for instructions on how to install\n"
"WinPcap.");
"\n"
"Help can be found at:\n"
"\n"
- " http://wiki.wireshark.org/WinPcap\n"
- " http://wiki.wireshark.org/CaptureSetup\n",
+ " https://wiki.wireshark.org/WinPcap\n"
+ " https://wiki.wireshark.org/CaptureSetup\n",
iface);
}
#else
#endif /* _WIN32 */
}
-/* Set the data link type on a pcap. */
-static gboolean
-set_pcap_linktype(pcap_t *pcap_h, int linktype, char *name,
- char *errmsg, size_t errmsg_len,
- char *secondary_errmsg, size_t secondary_errmsg_len)
-{
- char *set_linktype_err_str;
-
- if (linktype == -1)
- return TRUE; /* just use the default */
-#ifdef HAVE_PCAP_SET_DATALINK
- if (pcap_set_datalink(pcap_h, linktype) == 0)
- return TRUE; /* no error */
- set_linktype_err_str = pcap_geterr(pcap_h);
-#else
- /* Let them set it to the type it is; reject any other request. */
- if (get_pcap_linktype(pcap_h, name) == linktype)
- return TRUE; /* no error */
- set_linktype_err_str =
- "That DLT isn't one of the DLTs supported by this device";
-#endif
- g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type on interface '%s' (%s).",
- name, set_linktype_err_str);
- /*
- * If the error isn't "XXX is not one of the DLTs supported by this device",
- * tell the user to tell the Wireshark developers about it.
- */
- if (strstr(set_linktype_err_str, "is not one of the DLTs supported by this device") == NULL)
- g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len, please_report);
- else
- secondary_errmsg[0] = '\0';
- return FALSE;
-}
-
static gboolean
compile_capture_filter(const char *iface, pcap_t *pcap_h,
struct bpf_program *fcode, const char *cfilter)
* third argument to pcap_compile() as a const pointer. Cast
* away the warning.
*/
+DIAG_OFF(cast-qual)
if (pcap_compile(pcap_h, fcode, (char *)cfilter, 1, netmask) < 0)
return FALSE;
+DIAG_ON(cast-qual)
return TRUE;
}
for (j = 0; j < capture_opts->ifaces->len; j++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, j);
- pcap_h = open_capture_device(&interface_opts, &open_err_str);
+ pcap_h = open_capture_device(capture_opts, &interface_opts,
+ CAP_READ_TIMEOUT, &open_err_str);
if (pcap_h == NULL) {
/* Open failed; get messages */
get_capture_device_open_failure_messages(open_err_str,
}
/* Set the link-layer type. */
- if (!set_pcap_linktype(pcap_h, interface_opts.linktype, interface_opts.name,
+ if (!set_pcap_datalink(pcap_h, interface_opts.linktype, interface_opts.name,
errmsg, sizeof errmsg,
secondary_errmsg, sizeof secondary_errmsg)) {
pcap_close(pcap_h);
return get_interface_list(err, err_str);
}
-/*
- * Get the data-link type for a libpcap device.
- * This works around AIX 5.x's non-standard and incompatible-with-the-
- * rest-of-the-universe libpcap.
- */
-static int
-get_pcap_linktype(pcap_t *pch, const char *devicename
-#ifndef _AIX
- _U_
-#endif
-)
-{
- int linktype;
-#ifdef _AIX
- const char *ifacename;
-#endif
-
- linktype = pcap_datalink(pch);
-#ifdef _AIX
-
- /*
- * The libpcap that comes with AIX 5.x uses RFC 1573 ifType values
- * rather than DLT_ values for link-layer types; the ifType values
- * for LAN devices are:
- *
- * Ethernet 6
- * 802.3 7
- * Token Ring 9
- * FDDI 15
- *
- * and the ifType value for a loopback device is 24.
- *
- * The AIX names for LAN devices begin with:
- *
- * Ethernet en
- * 802.3 et
- * Token Ring tr
- * FDDI fi
- *
- * and the AIX names for loopback devices begin with "lo".
- *
- * (The difference between "Ethernet" and "802.3" is presumably
- * whether packets have an Ethernet header, with a packet type,
- * or an 802.3 header, with a packet length, followed by an 802.2
- * header and possibly a SNAP header.)
- *
- * If the device name matches "linktype" interpreted as an ifType
- * value, rather than as a DLT_ value, we will assume this is AIX's
- * non-standard, incompatible libpcap, rather than a standard libpcap,
- * and will map the link-layer type to the standard DLT_ value for
- * that link-layer type, as that's what the rest of Wireshark expects.
- *
- * (This means the capture files won't be readable by a tcpdump
- * linked with AIX's non-standard libpcap, but so it goes. They
- * *will* be readable by standard versions of tcpdump, Wireshark,
- * and so on.)
- *
- * XXX - if we conclude we're using AIX libpcap, should we also
- * set a flag to cause us to assume the time stamps are in
- * seconds-and-nanoseconds form, and to convert them to
- * seconds-and-microseconds form before processing them and
- * writing them out?
- */
-
- /*
- * Find the last component of the device name, which is the
- * interface name.
- */
- ifacename = strchr(devicename, '/');
- if (ifacename == NULL)
- ifacename = devicename;
-
- /* See if it matches any of the LAN device names. */
- if (strncmp(ifacename, "en", 2) == 0) {
- if (linktype == 6) {
- /*
- * That's the RFC 1573 value for Ethernet; map it to DLT_EN10MB.
- */
- linktype = 1;
- }
- } else if (strncmp(ifacename, "et", 2) == 0) {
- if (linktype == 7) {
- /*
- * That's the RFC 1573 value for 802.3; map it to DLT_EN10MB.
- * (libpcap, tcpdump, Wireshark, etc. don't care if it's Ethernet
- * or 802.3.)
- */
- linktype = 1;
- }
- } else if (strncmp(ifacename, "tr", 2) == 0) {
- if (linktype == 9) {
- /*
- * That's the RFC 1573 value for 802.5 (Token Ring); map it to
- * DLT_IEEE802, which is what's used for Token Ring.
- */
- linktype = 6;
- }
- } else if (strncmp(ifacename, "fi", 2) == 0) {
- if (linktype == 15) {
- /*
- * That's the RFC 1573 value for FDDI; map it to DLT_FDDI.
- */
- linktype = 10;
- }
- } else if (strncmp(ifacename, "lo", 2) == 0) {
- if (linktype == 24) {
- /*
- * That's the RFC 1573 value for "software loopback" devices; map it
- * to DLT_NULL, which is what's used for loopback devices on BSD.
- */
- linktype = 0;
- }
- }
-#endif
-
- return linktype;
-}
-
-static data_link_info_t *
-create_data_link_info(int dlt)
-{
- data_link_info_t *data_link_info;
- const char *text;
-
- data_link_info = (data_link_info_t *)g_malloc(sizeof (data_link_info_t));
- data_link_info->dlt = dlt;
- text = pcap_datalink_val_to_name(dlt);
- if (text != NULL)
- data_link_info->name = g_strdup(text);
- else
- data_link_info->name = g_strdup_printf("DLT %d", dlt);
- text = pcap_datalink_val_to_description(dlt);
- if (text != NULL)
- data_link_info->description = g_strdup(text);
- else
- data_link_info->description = NULL;
- return data_link_info;
-}
-
-/*
- * Get the capabilities of a network device.
- */
-static if_capabilities_t *
-get_if_capabilities(const char *devicename, gboolean monitor_mode
-#ifndef HAVE_PCAP_CREATE
- _U_
-#endif
-, char **err_str)
-{
- if_capabilities_t *caps;
- char errbuf[PCAP_ERRBUF_SIZE];
- pcap_t *pch;
-#ifdef HAVE_PCAP_CREATE
- int status;
-#endif
- int deflt;
-#ifdef HAVE_PCAP_LIST_DATALINKS
- int *linktypes;
- int i, nlt;
-#endif
- data_link_info_t *data_link_info;
-
- /*
- * Allocate the interface capabilities structure.
- */
- caps = (if_capabilities_t *)g_malloc(sizeof *caps);
-
- /*
- * WinPcap 4.1.2, and possibly earlier versions, have a bug
- * wherein, when an open with an rpcap: URL fails, the error
- * message for the error is not copied to errbuf and whatever
- * on-the-stack junk is in errbuf is treated as the error
- * message.
- *
- * To work around that (and any other bugs of that sort, we
- * initialize errbuf to an empty string. If we get an error
- * and the string is empty, we report it as an unknown error.
- * (If we *don't* get an error, and the string is *non*-empty,
- * that could be a warning returned, such as "can't turn
- * promiscuous mode on"; we currently don't do so.)
- */
- errbuf[0] = '\0';
-#ifdef HAVE_PCAP_OPEN
- pch = pcap_open(devicename, MIN_PACKET_SIZE, 0, 0, NULL, errbuf);
- caps->can_set_rfmon = FALSE;
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf);
- g_free(caps);
- return NULL;
- }
-#elif defined(HAVE_PCAP_CREATE)
- pch = pcap_create(devicename, errbuf);
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf);
- g_free(caps);
- return NULL;
- }
- status = pcap_can_set_rfmon(pch);
- if (status < 0) {
- /* Error. */
- if (status == PCAP_ERROR)
- *err_str = g_strdup_printf("pcap_can_set_rfmon() failed: %s",
- pcap_geterr(pch));
- else
- *err_str = g_strdup(pcap_statustostr(status));
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
- if (status == 0)
- caps->can_set_rfmon = FALSE;
- else if (status == 1) {
- caps->can_set_rfmon = TRUE;
- if (monitor_mode)
- pcap_set_rfmon(pch, 1);
- } else {
- if (err_str != NULL) {
- *err_str = g_strdup_printf("pcap_can_set_rfmon() returned %d",
- status);
- }
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
-
- status = pcap_activate(pch);
- if (status < 0) {
- /* Error. We ignore warnings (status > 0). */
- if (err_str != NULL) {
- if (status == PCAP_ERROR)
- *err_str = g_strdup_printf("pcap_activate() failed: %s",
- pcap_geterr(pch));
- else
- *err_str = g_strdup(pcap_statustostr(status));
- }
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
-#else
- pch = pcap_open_live(devicename, MIN_PACKET_SIZE, 0, 0, errbuf);
- caps->can_set_rfmon = FALSE;
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf);
- g_free(caps);
- return NULL;
- }
-#endif
- deflt = get_pcap_linktype(pch, devicename);
-#ifdef HAVE_PCAP_LIST_DATALINKS
- nlt = pcap_list_datalinks(pch, &linktypes);
- if (nlt == 0 || linktypes == NULL) {
- pcap_close(pch);
- if (err_str != NULL)
- *err_str = NULL; /* an empty list doesn't mean an error */
- g_free(caps);
- return NULL;
- }
- caps->data_link_types = NULL;
- for (i = 0; i < nlt; i++) {
- data_link_info = create_data_link_info(linktypes[i]);
-
- /*
- * XXX - for 802.11, make the most detailed 802.11
- * version the default, rather than the one the
- * device has as the default?
- */
- if (linktypes[i] == deflt)
- caps->data_link_types = g_list_prepend(caps->data_link_types,
- data_link_info);
- else
- caps->data_link_types = g_list_append(caps->data_link_types,
- data_link_info);
- }
-#ifdef HAVE_PCAP_FREE_DATALINKS
- pcap_free_datalinks(linktypes);
-#else
- /*
- * In Windows, there's no guarantee that if you have a library
- * built with one version of the MSVC++ run-time library, and
- * it returns a pointer to allocated data, you can free that
- * data from a program linked with another version of the
- * MSVC++ run-time library.
- *
- * This is not an issue on UN*X.
- *
- * See the mail threads starting at
- *
- * http://www.winpcap.org/pipermail/winpcap-users/2006-September/001421.html
- *
- * and
- *
- * http://www.winpcap.org/pipermail/winpcap-users/2008-May/002498.html
- */
-#ifndef _WIN32
-#define xx_free free /* hack so checkAPIs doesn't complain */
- xx_free(linktypes);
-#endif /* _WIN32 */
-#endif /* HAVE_PCAP_FREE_DATALINKS */
-#else /* HAVE_PCAP_LIST_DATALINKS */
-
- data_link_info = create_data_link_info(deflt);
- caps->data_link_types = g_list_append(caps->data_link_types,
- data_link_info);
-#endif /* HAVE_PCAP_LIST_DATALINKS */
-
- pcap_close(pch);
-
- if (err_str != NULL)
- *err_str = NULL;
- return caps;
-}
-
#define ADDRSTRLEN 46 /* Covers IPv4 & IPv6 */
/*
* Output a machine readable list of the interfaces
printf("\tloopback");
else
printf("\tnetwork");
-
+#ifdef HAVE_EXTCAP
+ printf("\t%s", if_info->extcap);
+#endif
printf("\n");
}
}
if_list = get_interface_list(&err, &err_str);
if (if_list == NULL) {
- switch (err) {
- case CANT_GET_INTERFACE_LIST:
- case DONT_HAVE_PCAP:
+ if (err == 0)
+ cmdarg_err("There are no interfaces on which a capture can be done");
+ else {
cmdarg_err("%s", err_str);
g_free(err_str);
- break;
-
- case NO_INTERFACES_FOUND:
- cmdarg_err("There are no interfaces on which a capture can be done");
- break;
}
return err;
}
for (if_entry = g_list_first(if_list); if_entry != NULL; if_entry = g_list_next(if_entry)) {
if_info = (if_info_t *)if_entry->data;
+
+#ifdef __linux__
+ /* On Linux nf* interfaces don't collect stats properly and don't allows multiple
+ * connections. We avoid collecting stats on them.
+ */
+ if (!strncmp(if_info->name, "nf", 2)) {
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Skipping interface %s for stats",
+ if_info->name);
+ continue;
+ }
+#endif
+
#ifdef HAVE_PCAP_OPEN
pch = pcap_open(if_info->name, MIN_PACKET_SIZE, 0, 0, NULL, errbuf);
#else
{
/* Don't print this if we're a capture child. */
if (!capture_child && reportit) {
- fprintf(stderr, "\rPackets captured: %u\n", global_ld.packet_count);
+ fprintf(stderr, "\rPackets captured: %d\n", global_ld.packet_count);
/* stderr could be line buffered */
fflush(stderr);
}
goto fail_invalid;
}
- strncpy(buf, sockname, len);
+ g_snprintf ( buf,(gulong)len + 1, "%s", sockname );
buf[len] = '\0';
if (inet_pton(AF_INET, buf, &sa.sin_addr) <= 0) {
goto fail_invalid;
}
sa.sin_family = AF_INET;
- sa.sin_port = htons((u_short)port);
+ sa.sin_port = g_htons((u_short)port);
if (((fd = (int)socket(AF_INET, SOCK_STREAM, 0)) < 0) ||
(connect(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0)) {
if (errorText)
LocalFree(errorText);
#else
- " %d: %s", errno, strerror(errno));
+ " %d: %s", errno, g_strerror(errno));
#endif
pcap_opts->cap_pipe_err = PIPERR;
#else /* _WIN32 */
char *pncopy, *pos;
wchar_t *err_str;
+ interface_options interface_opts;
+#ifdef HAVE_EXTCAP
+ char* extcap_pipe_name;
+ gboolean extcap_pipe;
+#endif
#endif
ssize_t b;
int fd = -1, sel_ret;
size_t bytes_read;
guint32 magic = 0;
-
pcap_opts->cap_pipe_fd = -1;
#ifdef _WIN32
pcap_opts->cap_pipe_h = INVALID_HANDLE_VALUE;
#endif
+
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "cap_pipe_open_live: %s", pipename);
/*
return;
}
+ interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, 0);
+#ifdef HAVE_EXTCAP
+ extcap_pipe_name = g_strconcat("\\\\.\\pipe\\", EXTCAP_PIPE_PREFIX, NULL);
+ extcap_pipe = strstr(interface_opts.name, extcap_pipe_name) ? TRUE : FALSE;
+ g_free(extcap_pipe_name);
+#endif
+
/* Wait for the pipe to appear */
while (1) {
- pcap_opts->cap_pipe_h = CreateFile(utf_8to16(pipename), GENERIC_READ, 0, NULL,
- OPEN_EXISTING, 0, NULL);
+
+#ifdef HAVE_EXTCAP
+ if(extcap_pipe)
+ pcap_opts->cap_pipe_h = GetStdHandle(STD_INPUT_HANDLE);
+ else
+#endif
+ pcap_opts->cap_pipe_h = CreateFile(utf_8to16(pipename), GENERIC_READ, 0, NULL,
+ OPEN_EXISTING, 0, NULL);
if (pcap_opts->cap_pipe_h != INVALID_HANDLE_VALUE)
break;
if (!WaitNamedPipe(utf_8to16(pipename), 30 * 1000)) {
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS,
- NULL, GetLastError(), 0, (LPTSTR) &err_str, 0, NULL);
+ NULL, GetLastError(), 0, (LPTSTR) &err_str, 0, NULL);
g_snprintf(errmsg, errmsgl,
"The capture session on \"%s\" timed out during "
"pipe open: %s (error %d)",
guint i;
#ifdef _WIN32
int err;
- gchar *sync_secondary_msg_str;
WORD wVersionRequested;
WSADATA wsaData;
#endif
/* XXX - opening Winsock on tshark? */
- /* Initialize Windows Socket if we are in a WIN32 OS
+ /* Initialize Windows Socket if we are in a Win32 OS
This needs to be done before querying the interface for network/netmask */
#ifdef _WIN32
/* XXX - do we really require 1.1 or earlier?
if ((use_threads == FALSE) &&
(capture_opts->ifaces->len > 1)) {
g_snprintf(errmsg, (gulong) errmsg_len,
- "Using threads is required for capturing on multiple interfaces!");
+ "Using threads is required for capturing on multiple interfaces.");
return FALSE;
}
g_array_append_val(ld->pcaps, pcap_opts);
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_input : %s", interface_opts.name);
- pcap_opts->pcap_h = open_capture_device(&interface_opts, &open_err_str);
+ pcap_opts->pcap_h = open_capture_device(capture_opts, &interface_opts,
+ CAP_READ_TIMEOUT, &open_err_str);
if (pcap_opts->pcap_h != NULL) {
/* we've opened "iface" as a network device */
-#ifdef _WIN32
- /* try to set the capture buffer size */
- if (interface_opts.buffer_size > 1 &&
- pcap_setbuff(pcap_opts->pcap_h, interface_opts.buffer_size * 1024 * 1024) != 0) {
- sync_secondary_msg_str = g_strdup_printf(
- "The capture buffer size of %d MiB seems to be too high for your machine,\n"
- "the default of %d MiB will be used.\n"
- "\n"
- "Nonetheless, the capture is started.\n",
- interface_opts.buffer_size, DEFAULT_CAPTURE_BUFFER_SIZE);
- report_capture_error("Couldn't set the capture buffer size!",
- sync_secondary_msg_str);
- g_free(sync_secondary_msg_str);
- }
+
+#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
+ /* Find out if we're getting nanosecond-precision time stamps */
+ pcap_opts->ts_nsec = have_high_resolution_timestamp(pcap_opts->pcap_h);
#endif
#if defined(HAVE_PCAP_SETSAMPLING)
#endif
/* setting the data link type only works on real interfaces */
- if (!set_pcap_linktype(pcap_opts->pcap_h, interface_opts.linktype, interface_opts.name,
+ if (!set_pcap_datalink(pcap_opts->pcap_h, interface_opts.linktype,
+ interface_opts.name,
errmsg, errmsg_len,
secondary_errmsg, secondary_errmsg_len)) {
return FALSE;
}
- pcap_opts->linktype = get_pcap_linktype(pcap_opts->pcap_h, interface_opts.name);
+ pcap_opts->linktype = get_pcap_datalink(pcap_opts->pcap_h, interface_opts.name);
} else {
/* We couldn't open "iface" as a network device. */
/* Try to open it as a pipe */
if (pcap_opts->cap_pipe_h == INVALID_HANDLE_VALUE) {
#endif
if (pcap_opts->cap_pipe_err == PIPNEXIST) {
- /* Pipe doesn't exist, so output message for interface */
+ /*
+ * We tried opening as an interface, and that failed,
+ * so we tried to open it as a pipe, but the pipe
+ * doesn't exist. Report the error message for
+ * the interface.
+ */
get_capture_device_open_failure_messages(open_err_str,
interface_opts.name,
errmsg,
if ((capture_opts->use_pcapng == FALSE) &&
(capture_opts->ifaces->len > 1)) {
g_snprintf(errmsg, errmsg_len,
- "Using PCAPNG is required for capturing on multiple interfaces! Use the -n option.");
+ "Using PCAPNG is required for capturing on multiple interfaces. Use the -n option.");
return FALSE;
}
}
if (ld->pdh) {
if (capture_opts->use_pcapng) {
- char appname[100];
- GString *os_info_str;
+ char *appname;
+ GString *os_info_str;
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
- g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_gitversion);
+ appname = g_strdup_printf("Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
successful = pcapng_write_session_header_block(ld->pdh,
(const char *)capture_opts->capture_comment, /* Comment*/
NULL, /* HW*/
-1, /* section_length */
&ld->bytes_written,
&err);
+ g_free(appname);
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
/*
* WinPcap's remote capturing feature doesn't work with pcap_dispatch(),
- * see http://wiki.wireshark.org/CaptureSetup_2fWinPcapRemote
+ * see https://wiki.wireshark.org/CaptureSetup_2fWinPcapRemote
* This should be fixed in the WinPcap 4.0 alpha release.
*
* For reference, an example remote interface:
if (capture_opts->multi_files_on) {
if (cnd_autostop_files != NULL &&
- cnd_eval(cnd_autostop_files, ++global_ld.autostop_files)) {
+ cnd_eval(cnd_autostop_files, (guint64)++global_ld.autostop_files)) {
/* no files left: stop here */
global_ld.go = FALSE;
return FALSE;
/* File switch succeeded: reset the conditions */
global_ld.bytes_written = 0;
if (capture_opts->use_pcapng) {
- char appname[100];
- GString *os_info_str;
+ char *appname;
+ GString *os_info_str;
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
- g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_gitversion);
+ appname = g_strdup_printf("Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
successful = pcapng_write_session_header_block(global_ld.pdh,
NULL, /* Comment */
NULL, /* HW */
-1, /* section_length */
&(global_ld.bytes_written),
&global_ld.err);
+ g_free(appname);
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
static gboolean
capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct pcap_stat *stats)
{
-#ifdef WIN32
+#ifdef _WIN32
DWORD upd_time, cur_time; /* GetTickCount() returns a "DWORD" (which is 'unsigned long') */
#else
struct timeval upd_time, cur_time;
if (capture_opts->has_autostop_files)
cnd_autostop_files =
- cnd_new(CND_CLASS_CAPTURESIZE, capture_opts->autostop_files);
+ cnd_new(CND_CLASS_CAPTURESIZE, (guint64)capture_opts->autostop_files);
}
/* init the time values */
-#ifdef WIN32
+#ifdef _WIN32
upd_time = GetTickCount();
#else
gettimeofday(&upd_time, NULL);
#endif
start_time = create_timestamp();
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture loop running!");
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture loop running.");
/* WOW, everything is prepared! */
/* please fasten your seat belts, we will enter now the actual capture loop */
*/
#define DUMPCAP_UPD_TIME 500
-#ifdef WIN32
+#ifdef _WIN32
cur_time = GetTickCount(); /* Note: wraps to 0 if sys runs for 49.7 days */
if ((cur_time - upd_time) > DUMPCAP_UPD_TIME) { /* wrap just causes an extra update */
#else
/* close the input file (pcap or capture pipe) */
capture_loop_close_input(&global_ld);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture loop stopped!");
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture loop stopped.");
/* ok, if the write and the close were successful. */
return write_ok && close_ok;
return ret;
}
+static void
+get_dumpcap_compiled_info(GString *str)
+{
+ /* Capture libraries */
+ g_string_append(str, ", ");
+ get_compiled_caplibs_version(str);
+
+ /* LIBZ */
+ g_string_append(str, ", ");
+#ifdef HAVE_LIBZ
+ g_string_append(str, "with libz ");
+#ifdef ZLIB_VERSION
+ g_string_append(str, ZLIB_VERSION);
+#else /* ZLIB_VERSION */
+ g_string_append(str, "(version unknown)");
+#endif /* ZLIB_VERSION */
+#else /* HAVE_LIBZ */
+ g_string_append(str, "without libz");
+#endif /* HAVE_LIBZ */
+}
+
+static void
+get_dumpcap_runtime_info(GString *str)
+{
+ /* Capture libraries */
+ g_string_append(str, ", ");
+ get_runtime_caplibs_version(str);
+
+ /* zlib */
+#if defined(HAVE_LIBZ) && !defined(_WIN32)
+ g_string_append_printf(str, ", with libz %s", zlibVersion());
+#endif
+}
+
/* And now our feature presentation... [ fade to music ] */
int
main(int argc, char *argv[])
GString *runtime_info_str;
int opt;
static const struct option long_options[] = {
- {(char *)"help", no_argument, NULL, 'h'},
- {(char *)"version", no_argument, NULL, 'v'},
+ {"help", no_argument, NULL, 'h'},
+ {"version", no_argument, NULL, 'v'},
LONGOPT_CAPTURE_COMMON
{0, 0, 0, 0 }
};
#endif
GString *str;
- /* Assemble the compile-time version information string */
- comp_info_str = g_string_new("Compiled ");
- get_compiled_version_info(comp_info_str, NULL, NULL);
+ cmdarg_err_init(dumpcap_cmdarg_err, dumpcap_cmdarg_err_cont);
- /* Assemble the run-time version information string */
- runtime_info_str = g_string_new("Running ");
- get_runtime_version_info(runtime_info_str, NULL);
+ /* Get the compile-time version information string */
+ comp_info_str = get_compiled_version_info(NULL, get_dumpcap_compiled_info);
+
+ /* Get the run-time version information string */
+ runtime_info_str = get_runtime_version_info(get_dumpcap_runtime_info);
/* Add it to the information to be reported on a crash. */
- ws_add_crash_info("Dumpcap " VERSION "%s\n"
+ ws_add_crash_info("Dumpcap (Wireshark) %s\n"
"\n"
"%s"
"\n"
"%s",
- wireshark_gitversion, comp_info_str->str, runtime_info_str->str);
+ get_ws_vcs_version_info(), comp_info_str->str, runtime_info_str->str);
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
#ifdef DEBUG_CHILD_DUMPCAP
if ((debug_log = ws_fopen("dumpcap_debug_log.tmp","w")) == NULL) {
- fprintf (stderr, "Unable to open debug log file !\n");
+ fprintf (stderr, "Unable to open debug log file .\n");
exit (1);
}
#endif
/* This behaviour will apparently be changed in the kernel */
/* to allow the kill (signal) in this case. */
/* See the following for details: */
- /* http://www.mail-archive.com/ [wrapped] */
+ /* https://www.mail-archive.com/ [wrapped] */
/* linux-security-module@vger.kernel.org/msg02913.html */
/* */
/* It is therefore conceivable that if dumpcap somehow hangs */
/* Set the initial values in the capture options. This might be overwritten
by the command line parameters. */
capture_opts_init(&global_capture_opts);
-
/* We always save to a file - if no file was specified, we save to a
temporary file. */
global_capture_opts.saving_to_file = TRUE;
while ((opt = getopt_long(argc, argv, OPTSTRING, long_options, NULL)) != -1) {
switch (opt) {
case 'h': /* Print help and exit */
- print_usage(TRUE);
+ printf("Dumpcap (Wireshark) %s\n"
+ "Capture network packets and dump them into a pcapng or pcap file.\n"
+ "See https://www.wireshark.org for more information.\n",
+ get_ws_vcs_version_info());
+ print_usage(stdout);
exit_main(0);
break;
case 'v': /* Show version and exit */
{
- show_version(comp_info_str, runtime_info_str);
+ show_version("Dumpcap (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
exit_main(0);
#ifdef HAVE_PCAP_SETSAMPLING
case 'm': /* Sampling */
#endif
-#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
+#ifdef CAN_SET_CAPTURE_BUFFER_SIZE
case 'B': /* Buffer size */
-#endif /* _WIN32 or HAVE_PCAP_CREATE */
+#endif
#ifdef HAVE_PCAP_CREATE
case 'I': /* Monitor mode */
#endif
break;
/*** all non capture option specific ***/
case 'D': /* Print a list of capture devices and exit */
- list_interfaces = TRUE;
- run_once_args++;
+ if (!list_interfaces) {
+ list_interfaces = TRUE;
+ run_once_args++;
+ }
break;
case 'L': /* Print list of link-layer types and exit */
- list_link_layer_types = TRUE;
- run_once_args++;
+ if (!list_link_layer_types) {
+ list_link_layer_types = TRUE;
+ run_once_args++;
+ }
break;
#ifdef HAVE_BPF_IMAGE
case 'd': /* Print BPF code for capture filter and exit */
- print_bpf_code = TRUE;
- run_once_args++;
+ if (!print_bpf_code) {
+ print_bpf_code = TRUE;
+ run_once_args++;
+ }
break;
#endif
case 'S': /* Print interface statistics once a second */
- print_statistics = TRUE;
- run_once_args++;
+ if (!print_statistics) {
+ print_statistics = TRUE;
+ run_once_args++;
+ }
break;
case 'k': /* Set wireless channel */
- set_chan = TRUE;
- set_chan_arg = optarg;
- run_once_args++;
- break;
+ if (!set_chan) {
+ set_chan = TRUE;
+ set_chan_arg = optarg;
+ run_once_args++;
+ } else {
+ cmdarg_err("Only one -k flag may be specified");
+ arg_error = TRUE;
+ }
+ break;
case 'M': /* For -D, -L, and -S, print machine-readable output */
machine_readable = TRUE;
break;
pcap_queue_packet_limit = 1000;
}
if (arg_error) {
- print_usage(FALSE);
+ print_usage(stderr);
exit_main(1);
}
if (run_once_args > 1) {
- cmdarg_err("Only one of -D, -L, or -S may be supplied.");
+#ifdef HAVE_BPF_IMAGE
+ cmdarg_err("Only one of -D, -L, -d, -k, or -S may be supplied.");
+#else
+ cmdarg_err("Only one of -D, -L, -k, or -S may be supplied.");
+#endif
exit_main(1);
} else if (run_once_args == 1) {
/* We're supposed to print some information, rather than
if_list = capture_interface_list(&err, &err_str,NULL);
if (if_list == NULL) {
- switch (err) {
- case CANT_GET_INTERFACE_LIST:
- case DONT_HAVE_PCAP:
- cmdarg_err("%s", err_str);
- g_free(err_str);
- exit_main(2);
- break;
-
- case NO_INTERFACES_FOUND:
+ if (err == 0) {
/*
* If we're being run by another program, just give them
* an empty list of interfaces, don't report this as
cmdarg_err("There are no interfaces on which a capture can be done");
exit_main(2);
}
- break;
+ } else {
+ cmdarg_err("%s", err_str);
+ g_free(err_str);
+ exit_main(2);
}
}
exit_main(status);
}
+ if (list_link_layer_types) {
+ /* Get the list of link-layer types for the capture device. */
+ if_capabilities_t *caps;
+ gchar *err_str;
+ guint ii;
+
+ for (ii = 0; ii < global_capture_opts.ifaces->len; ii++) {
+ interface_options interface_opts;
+
+ interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, ii);
+
+ caps = get_if_capabilities(&interface_opts, &err_str);
+ if (caps == NULL) {
+ cmdarg_err("The capabilities of the capture device \"%s\" could not be obtained (%s).\n"
+ "Please check to make sure you have sufficient permissions, and that\n"
+ "you have the proper interface or pipe specified.", interface_opts.name, err_str);
+ g_free(err_str);
+ exit_main(2);
+ }
+ if (caps->data_link_types == NULL) {
+ cmdarg_err("The capture device \"%s\" has no data link types.", interface_opts.name);
+ exit_main(2);
+ }
+ if (machine_readable) /* tab-separated values to stdout */
+ /* XXX: We need to change the format and adopt consumers */
+ print_machine_readable_if_capabilities(caps);
+ else
+ /* XXX: We might want to print also the interface name */
+ capture_opts_print_if_capabilities(caps, interface_opts.name,
+ interface_opts.monitor_mode);
+ free_if_capabilities(caps);
+ }
+ exit_main(0);
+ }
+
+ /* We're supposed to do a capture, or print the BPF code for a filter. */
+
/* Let the user know what interfaces were chosen. */
if (capture_child) {
for (j = 0; j < global_capture_opts.ifaces->len; j++) {
g_string_free(str, TRUE);
}
- if (list_link_layer_types) {
- /* Get the list of link-layer types for the capture device. */
- if_capabilities_t *caps;
- gchar *err_str;
- guint ii;
-
- for (ii = 0; ii < global_capture_opts.ifaces->len; ii++) {
- interface_options interface_opts;
-
- interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, ii);
- caps = get_if_capabilities(interface_opts.name,
- interface_opts.monitor_mode, &err_str);
- if (caps == NULL) {
- cmdarg_err("The capabilities of the capture device \"%s\" could not be obtained (%s).\n"
- "Please check to make sure you have sufficient permissions, and that\n"
- "you have the proper interface or pipe specified.", interface_opts.name, err_str);
- g_free(err_str);
- exit_main(2);
- }
- if (caps->data_link_types == NULL) {
- cmdarg_err("The capture device \"%s\" has no data link types.", interface_opts.name);
- exit_main(2);
- }
- if (machine_readable) /* tab-separated values to stdout */
- /* XXX: We need to change the format and adopt consumers */
- print_machine_readable_if_capabilities(caps);
- else
- /* XXX: We might want to print also the interface name */
- capture_opts_print_if_capabilities(caps, interface_opts.name,
- interface_opts.monitor_mode);
- free_if_capabilities(caps);
- }
- exit_main(0);
- }
-
- /* We're supposed to do a capture, or print the BPF code for a filter.
- Process the snapshot length, as that affects the generated BPF code. */
+ /* Process the snapshot length, as that affects the generated BPF code. */
capture_opts_trim_snaplen(&global_capture_opts, MIN_PACKET_SIZE);
#ifdef HAVE_BPF_IMAGE
fflush(stderr);
/* Now start the capture. */
-
if (capture_loop_start(&global_capture_opts, &stats_known, &stats) == TRUE) {
/* capture ok */
exit_main(0);
level = "Dbg ";
break;
default:
- fprintf(stderr, "unknown log_level %u\n", log_level);
+ fprintf(stderr, "unknown log_level %d\n", log_level);
level = NULL;
g_assert_not_reached();
}
*/
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
cmdarg_err(
- "Invalid capture filter \"%s\" for interface '%s'!\n"
+ "Invalid capture filter \"%s\" for interface '%s'.\n"
"\n"
"That string isn't a valid capture filter (%s).\n"
"See the User's Guide for a description of the capture filter syntax.",
}
#endif
-
-
-
-
/*
- * Editor modelines - http://www.wireshark.org/tools/modelines.html
+ * Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 4