#include <wsutil/tempfile.h>
#include <wsutil/file_util.h>
#include <wsutil/filesystem.h>
-#include <wsutil/ws_version_info.h>
+#include <ws_version_info.h>
#include <wiretap/merge.h>
#include <epan/dfilter/dfilter-macro.h>
#include <epan/strutil.h>
#include <epan/addr_resolv.h>
+#include <epan/color_filters.h>
-#include "color.h"
-#include "color_filters.h"
#include "cfile.h"
#include "file.h"
#include "fileset.h"
void *criterion);
static match_result match_binary(capture_file *cf, frame_data *fdata,
void *criterion);
+static match_result match_regex(capture_file *cf, frame_data *fdata,
+ void *criterion);
static match_result match_dfilter(capture_file *cf, frame_data *fdata,
void *criterion);
static match_result match_marked(capture_file *cf, frame_data *fdata,
cf->prev_cap = NULL;
cf->cum_bytes = 0;
- /* Adjust timestamp precision if auto is selected, col width will be adjusted */
- cf_timestamp_auto_precision(cf);
- /* XXX needed ? */
packet_list_queue_draw();
cf_callback_invoke(cf_cb_file_opened, cf);
cf_read_status_t
cf_read(capture_file *cf, gboolean reloading)
{
- int err;
- gchar *err_info;
+ int err = 0;
+ gchar *err_info = NULL;
gchar *name_ptr;
- progdlg_t *progbar = NULL;
+ progdlg_t *volatile progbar = NULL;
GTimeVal start_time;
epan_dissect_t edt;
dfilter_t *dfcode;
epan_dissect_init(&edt, cf->epan, create_proto_tree, FALSE);
TRY {
-#ifdef HAVE_LIBPCAP
- int displayed_once = 0;
-#endif
int count = 0;
gint64 size;
if (progbar != NULL) {
progbar_val = calc_progbar_val(cf, size, file_pos, status_str, sizeof(status_str));
/* update the packet bar content on the first run or frequently on very large files */
-#ifdef HAVE_LIBPCAP
- if (progbar_quantum > 500000 || displayed_once == 0) {
- if ((auto_scroll_live || displayed_once == 0 || cf->displayed_count < 1000) && cf->count != 0) {
- displayed_once = 1;
- packets_bar_update();
- }
- }
-#endif /* HAVE_LIBPCAP */
update_progress_dlg(progbar, progbar_val, status_str);
+ packets_bar_update();
}
progbar_nextstep += progbar_quantum;
}
if (dfcode != NULL) {
epan_dissect_prime_dfilter(edt, dfcode);
}
+#if 0
+ /* Prepare coloring rules, this ensures that display filter rules containing
+ * frame.color_rule references are still processed.
+ * TODO: actually detect that situation or maybe apply other optimizations? */
+ if (edt->tree && color_filters_used()) {
+ color_filters_prime_edt(edt);
+ fdata->flags.need_colorize = 1;
+ }
+#endif
/* Dissect the frame. */
epan_dissect_run_with_taps(edt, cf->cd_t, phdr, frame_tvbuff_new(fdata, buf), fdata, cinfo);
int out_fd;
int err = 0;
gchar *err_info = NULL;
- int err_fileno;
+ guint err_fileno;
merge_result status;
merge_progress_callback_t cb;
if (out_fd == -1)
err = errno;
} else {
- out_fd = create_tempfile(&tmpname, "wireshark");
+ out_fd = create_tempfile(&tmpname, "wireshark", NULL);
if (out_fd == -1)
err = errno;
out_filename = g_strdup(tmpname);
/* 'reset' dissection session */
epan_free(cf->epan);
+ if (cf->edt && cf->edt->pi.fd) {
+ /* All pointers in "per frame proto data" for the currently selected
+ packet are allocated in wmem_file_scope() and deallocated in epan_free().
+ Free them here to avoid unintended usage in packet_list_clear(). */
+ frame_data_destroy(cf->edt->pi.fd);
+ }
cf->epan = ws_epan_new(cf);
cf->cinfo.epan = cf->epan;
+ /* A new Lua tap listener may be registered in lua_prime_all_fields()
+ called via epan_new() / init_dissection() when reloading Lua plugins. */
+ if (!create_proto_tree && have_filtering_tap_listeners()) {
+ create_proto_tree = TRUE;
+ }
+
/* We need to redissect the packets so we have to discard our old
* packet list store. */
packet_list_clear();
/*
- * Scan trough all frame data and recalculate the ref time
+ * Scan through all frame data and recalculate the ref time
* without rereading the file.
* XXX - do we need a progres bar or is this fast enough?
*/
const char *string1, const char *string2, gboolean terminate_is_stop,
gboolean (*callback)(capture_file *, frame_data *,
struct wtap_pkthdr *, const guint8 *, void *),
- void *callback_args)
+ void *callback_args,
+ gboolean show_progress_bar)
{
guint32 framenum;
frame_data *fdata;
longer than the standard time to create it (otherwise, for a
large file, we might take considerably longer than that standard
time in order to get to the next progress bar step). */
- if (progbar == NULL)
+ if (show_progress_bar && progbar == NULL)
progbar = delayed_create_progress_dlg(cf->window, string1, string2,
terminate_is_stop,
&cf->stop_flag,
ret = process_specified_records(cf, &range, "Recalculating statistics on",
"all packets", TRUE, retap_packet,
- &callback_args);
+ &callback_args, TRUE);
epan_dissect_cleanup(&callback_args.edt);
}
cf_print_status_t
-cf_print_packets(capture_file *cf, print_args_t *print_args)
+cf_print_packets(capture_file *cf, print_args_t *print_args,
+ gboolean show_progress_bar)
{
print_callback_args_t callback_args;
gint data_width;
proto_tree_needed =
callback_args.print_args->print_dissections != print_dissections_none ||
callback_args.print_args->print_hex ||
- have_custom_cols(&cf->cinfo);
+ have_custom_cols(&cf->cinfo) || have_field_extractors();
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
/* Iterate through the list of packets, printing the packets we were
told to print. */
ret = process_specified_records(cf, &print_args->range, "Printing",
"selected packets", TRUE, print_packet,
- &callback_args);
+ &callback_args, show_progress_bar);
epan_dissect_cleanup(&callback_args.edt);
g_free(callback_args.header_line_buf);
g_free(callback_args.line_buf);
typedef struct {
FILE *fh;
epan_dissect_t edt;
+ print_args_t *print_args;
} write_packet_callback_args_t;
static gboolean
epan_dissect_run(&args->edt, cf->cd_t, phdr, frame_tvbuff_new(fdata, pd), fdata, NULL);
/* Write out the information in that tree. */
- write_pdml_proto_tree(&args->edt, args->fh);
+ write_pdml_proto_tree(NULL, NULL, &args->edt, args->fh);
epan_dissect_reset(&args->edt);
}
callback_args.fh = fh;
+ callback_args.print_args = print_args;
epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
/* Iterate through the list of packets, printing the packets we were
told to print. */
ret = process_specified_records(cf, &print_args->range, "Writing PDML",
"selected packets", TRUE,
- write_pdml_packet, &callback_args);
+ write_pdml_packet, &callback_args, TRUE);
epan_dissect_cleanup(&callback_args.edt);
}
callback_args.fh = fh;
+ callback_args.print_args = print_args;
/* Fill in the column information, only create the protocol tree
- if having custom columns. */
- proto_tree_needed = have_custom_cols(&cf->cinfo);
+ if having custom columns or field extractors. */
+ proto_tree_needed = have_custom_cols(&cf->cinfo) || have_field_extractors();
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
/* Iterate through the list of packets, printing the packets we were
told to print. */
ret = process_specified_records(cf, &print_args->range, "Writing PSML",
"selected packets", TRUE,
- write_psml_packet, &callback_args);
+ write_psml_packet, &callback_args, TRUE);
epan_dissect_cleanup(&callback_args.edt);
}
callback_args.fh = fh;
+ callback_args.print_args = print_args;
- /* only create the protocol tree if having custom columns. */
- proto_tree_needed = have_custom_cols(&cf->cinfo);
+ /* only create the protocol tree if having custom columns or field extractors. */
+ proto_tree_needed = have_custom_cols(&cf->cinfo) || have_field_extractors();
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
/* Iterate through the list of packets, printing the packets we were
told to print. */
ret = process_specified_records(cf, &print_args->range, "Writing CSV",
"selected packets", TRUE,
- write_csv_packet, &callback_args);
+ write_csv_packet, &callback_args, TRUE);
epan_dissect_cleanup(&callback_args.edt);
}
callback_args.fh = fh;
+ callback_args.print_args = print_args;
epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
/* Iterate through the list of packets, printing the packets we were
told to print. */
ret = process_specified_records(cf, &print_args->range,
- "Writing C Arrays",
- "selected packets", TRUE,
- carrays_write_packet, &callback_args);
+ "Writing C Arrays",
+ "selected packets", TRUE,
+ carrays_write_packet, &callback_args, TRUE);
+
+ epan_dissect_cleanup(&callback_args.edt);
+
+ switch (ret) {
+ case PSP_FINISHED:
+ /* Completed successfully. */
+ break;
+ case PSP_STOPPED:
+ /* Well, the user decided to abort the printing. */
+ break;
+ case PSP_FAILED:
+ /* Error while printing. */
+ fclose(fh);
+ return CF_PRINT_WRITE_ERROR;
+ }
+
+ fclose(fh);
+ return CF_PRINT_OK;
+}
+
+static gboolean
+write_json_packet(capture_file *cf, frame_data *fdata,
+ struct wtap_pkthdr *phdr, const guint8 *pd,
+ void *argsp)
+{
+ write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
+
+ /* Create the protocol tree, but don't fill in the column information. */
+ epan_dissect_run(&args->edt, cf->cd_t, phdr, frame_tvbuff_new(fdata, pd), fdata, NULL);
+
+ /* Write out the information in that tree. */
+ write_json_proto_tree(NULL, args->print_args, NULL, &args->edt, args->fh);
+
+ epan_dissect_reset(&args->edt);
+
+ return !ferror(args->fh);
+}
+
+cf_print_status_t
+cf_write_json_packets(capture_file *cf, print_args_t *print_args)
+{
+ write_packet_callback_args_t callback_args;
+ FILE *fh;
+ psp_return_t ret;
+
+ fh = ws_fopen(print_args->file, "w");
+ if (fh == NULL)
+ return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
+
+ write_json_preamble(fh);
+ if (ferror(fh)) {
+ fclose(fh);
+ return CF_PRINT_WRITE_ERROR;
+ }
+
+ callback_args.fh = fh;
+ callback_args.print_args = print_args;
+ epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
+
+ /* Iterate through the list of packets, printing the packets we were
+ told to print. */
+ ret = process_specified_records(cf, &print_args->range, "Writing PDML",
+ "selected packets", TRUE,
+ write_json_packet, &callback_args, TRUE);
epan_dissect_cleanup(&callback_args.edt);
switch (ret) {
+
case PSP_FINISHED:
/* Completed successfully. */
break;
+
case PSP_STOPPED:
/* Well, the user decided to abort the printing. */
break;
+
case PSP_FAILED:
/* Error while printing. */
fclose(fh);
return CF_PRINT_WRITE_ERROR;
}
+ write_json_finale(fh);
+ if (ferror(fh)) {
+ fclose(fh);
+ return CF_PRINT_WRITE_ERROR;
+ }
+
+ /* XXX - check for an error */
fclose(fh);
+
return CF_PRINT_OK;
}
proto_item_fill_label(fi, label_str);
}
- /* Does that label match? */
- label_len = strlen(label_ptr);
- for (i = 0; i < label_len; i++) {
- c_char = label_ptr[i];
- if (cf->case_type)
- c_char = g_ascii_toupper(c_char);
- if (c_char == string[c_match]) {
- c_match++;
- if (c_match == string_len) {
- /* No need to look further; we have a match */
- mdata->frame_matched = TRUE;
- mdata->finfo = fi;
- return;
- }
- } else
- c_match = 0;
+ if (cf->regex) {
+ if (g_regex_match(cf->regex, label_ptr, (GRegexMatchFlags) 0, NULL)) {
+ mdata->frame_matched = TRUE;
+ mdata->finfo = fi;
+ return;
+ }
+ } else {
+ /* Does that label match? */
+ label_len = strlen(label_ptr);
+ for (i = 0; i < label_len; i++) {
+ c_char = label_ptr[i];
+ if (cf->case_type)
+ c_char = g_ascii_toupper(c_char);
+ if (c_char == string[c_match]) {
+ c_match++;
+ if (c_match == string_len) {
+ /* No need to look further; we have a match */
+ mdata->frame_matched = TRUE;
+ mdata->finfo = fi;
+ return;
+ }
+ } else
+ c_match = 0;
+ }
}
/* Recurse into the subtree, if it exists */
/* Found it. See if we match. */
info_column = edt.pi.cinfo->columns[colx].col_data;
info_column_len = strlen(info_column);
- for (i = 0; i < info_column_len; i++) {
- c_char = info_column[i];
- if (cf->case_type)
- c_char = g_ascii_toupper(c_char);
- if (c_char == string[c_match]) {
- c_match++;
- if (c_match == string_len) {
- result = MR_MATCHED;
- break;
- }
- } else
- c_match = 0;
+ if (cf->regex) {
+ if (g_regex_match(cf->regex, info_column, (GRegexMatchFlags) 0, NULL)) {
+ result = MR_MATCHED;
+ break;
+ }
+ } else {
+ for (i = 0; i < info_column_len; i++) {
+ c_char = info_column[i];
+ if (cf->case_type)
+ c_char = g_ascii_toupper(c_char);
+ if (c_char == string[c_match]) {
+ c_match++;
+ if (c_match == string_len) {
+ result = MR_MATCHED;
+ break;
+ }
+ } else
+ c_match = 0;
+ }
}
break;
}
info.data = string;
info.data_len = string_size;
- /* String or hex search? */
- if (cf->string) {
+ /* Regex, String or hex search? */
+ if (cf->regex) {
+ /* Regular Expression search */
+ return find_packet(cf, match_regex, NULL, dir);
+ } else if (cf->string) {
/* String search - what type of string? */
switch (cf->scs_type) {
result = MR_MATCHED;
cf->search_pos = i; /* Save the position of the last character
for highlighting the field. */
+ cf->search_len = (guint32)textlen;
break;
}
}
result = MR_MATCHED;
cf->search_pos = i; /* Save the position of the last character
for highlighting the field. */
+ cf->search_len = (guint32)textlen;
break;
}
}
result = MR_MATCHED;
cf->search_pos = i; /* Save the position of the last character
for highlighting the field. */
+ cf->search_len = (guint32)textlen;
break;
}
i += 1;
result = MR_MATCHED;
cf->search_pos = i; /* Save the position of the last character
for highlighting the field. */
+ cf->search_len = (guint32)datalen;
break;
}
}
return result;
}
+static match_result
+match_regex(capture_file *cf, frame_data *fdata, void *criterion _U_)
+{
+ match_result result = MR_NOTMATCHED;
+ GMatchInfo *match_info = NULL;
+
+ /* Load the frame's data. */
+ if (!cf_read_record(cf, fdata)) {
+ /* Attempt to get the packet failed. */
+ return MR_ERROR;
+ }
+
+ if (g_regex_match_full(cf->regex, ws_buffer_start_ptr(&cf->buf), fdata->cap_len,
+ 0, (GRegexMatchFlags) 0, &match_info, NULL))
+ {
+ gint start_pos = 0, end_pos = 0;
+ g_match_info_fetch_pos (match_info, 0, &start_pos, &end_pos);
+ cf->search_pos = end_pos - 1;
+ cf->search_len = end_pos - start_pos;
+ result = MR_MATCHED;
+ }
+ return result;
+}
+
gboolean
cf_find_packet_dfilter(capture_file *cf, dfilter_t *sfcode,
search_direction dir)
found = packet_list_select_row_from_data(new_fd);
cf->search_in_progress = FALSE;
cf->search_pos = 0; /* Reset the position */
+ cf->search_len = 0; /* Reset length */
if (!found) {
/* We didn't find a row corresponding to this frame.
This means that the frame isn't being displayed currently,
{
frame_data *fdata;
+ if (cf == NULL || cf->frames == NULL) {
+ /* we don't have a loaded capture file - fix for bugs 11810 & 11989 */
+ statusbar_push_temporary_msg("There is no file loaded");
+ return FALSE; /* we failed to go to that packet */
+ }
+
fdata = frame_data_sequence_find(cf->frames, fnumber);
if (fdata == NULL) {
hdr.presence_flags |= WTAP_HAS_INTERFACE_ID;
if (phdr->presence_flags & WTAP_HAS_PACK_FLAGS)
hdr.presence_flags |= WTAP_HAS_PACK_FLAGS;
- hdr.ts.secs = fdata->abs_ts.secs;
- hdr.ts.nsecs = fdata->abs_ts.nsecs;
+ hdr.ts = phdr->ts;
hdr.caplen = phdr->caplen;
hdr.len = phdr->len;
- hdr.pkt_encap = fdata->lnk_t;
+ hdr.pkt_encap = phdr->pkt_encap;
/* pcapng */
hdr.interface_id = phdr->interface_id; /* identifier of the interface. */
/* options */
guint32 framenum;
frame_data *fdata;
int count = 0;
-#ifdef HAVE_LIBPCAP
- int displayed_once = 0;
-#endif
/* Close the old handle. */
wtap_close(cf->wth);
if (progbar != NULL) {
progbar_val = calc_progbar_val(cf, size, cf->f_datalen, status_str, sizeof(status_str));
/* update the packet bar content on the first run or frequently on very large files */
-#ifdef HAVE_LIBPCAP
- if (progbar_quantum > 500000 || displayed_once == 0) {
- if ((auto_scroll_live || displayed_once == 0 || cf->displayed_count < 1000) && cf->count != 0) {
- displayed_once = 1;
- packets_bar_update();
- }
- }
-#endif /* HAVE_LIBPCAP */
update_progress_dlg(progbar, progbar_val, status_str);
+ packets_bar_update();
}
progbar_nextstep += progbar_quantum;
}
or moving the capture file, we have to do it by writing the packets
out in Wiretap. */
- wtapng_section_t *shb_hdr = NULL;
+ GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
- wtapng_name_res_t *nrb_hdr = NULL;
+ GArray *nrb_hdrs = NULL;
int encap;
/* XXX: what free's this shb_hdr? */
- shb_hdr = wtap_file_get_shb_for_new_file(cf->wth);
+ shb_hdrs = wtap_file_get_shb_for_new_file(cf->wth);
idb_inf = wtap_file_get_idb_info(cf->wth);
- nrb_hdr = wtap_file_get_nrb_for_new_file(cf->wth);
+ nrb_hdrs = wtap_file_get_nrb_for_new_file(cf->wth);
/* Determine what file encapsulation type we should use. */
encap = wtap_dump_file_encap_type(cf->linktypes);
from which we're reading the packets that we're writing!) */
fname_new = g_strdup_printf("%s~", fname);
pdh = wtap_dump_open_ng(fname_new, save_format, encap, cf->snap,
- compressed, shb_hdr, idb_inf, nrb_hdr, &err);
+ compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
} else {
pdh = wtap_dump_open_ng(fname, save_format, encap, cf->snap,
- compressed, shb_hdr, idb_inf, nrb_hdr, &err);
+ compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
}
g_free(idb_inf);
idb_inf = NULL;
callback_args.fname = fname;
callback_args.file_type = save_format;
switch (process_specified_records(cf, NULL, "Saving", "packets",
- TRUE, save_record, &callback_args)) {
+ TRUE, save_record, &callback_args, TRUE)) {
case PSP_FINISHED:
/* Completed successfully. */
int err;
wtap_dumper *pdh;
save_callback_args_t callback_args;
- wtapng_section_t *shb_hdr = NULL;
+ GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
- wtapng_name_res_t *nrb_hdr = NULL;
+ GArray *nrb_hdrs = NULL;
int encap;
cf_callback_invoke(cf_cb_file_export_specified_packets_started, (gpointer)fname);
and then write it out if it's one of the specified ones. */
/* XXX: what free's this shb_hdr? */
- shb_hdr = wtap_file_get_shb_for_new_file(cf->wth);
+ shb_hdrs = wtap_file_get_shb_for_new_file(cf->wth);
idb_inf = wtap_file_get_idb_info(cf->wth);
- nrb_hdr = wtap_file_get_nrb_for_new_file(cf->wth);
+ nrb_hdrs = wtap_file_get_nrb_for_new_file(cf->wth);
/* Determine what file encapsulation type we should use. */
encap = wtap_dump_file_encap_type(cf->linktypes);
from which we're reading the packets that we're writing!) */
fname_new = g_strdup_printf("%s~", fname);
pdh = wtap_dump_open_ng(fname_new, save_format, encap, cf->snap,
- compressed, shb_hdr, idb_inf, nrb_hdr, &err);
+ compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
} else {
pdh = wtap_dump_open_ng(fname, save_format, encap, cf->snap,
- compressed, shb_hdr, idb_inf, nrb_hdr, &err);
+ compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
}
g_free(idb_inf);
idb_inf = NULL;
callback_args.fname = fname;
callback_args.file_type = save_format;
switch (process_specified_records(cf, range, "Writing", "specified records",
- TRUE, save_record, &callback_args)) {
+ TRUE, save_record, &callback_args, TRUE)) {
case PSP_FINISHED:
/* Completed successfully. */
git.samba.org / metze / wireshark / wip.git / blobdiff