#include <locale.h>
#include <limits.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
#include <errno.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-
#ifndef HAVE_GETOPT_LONG
#include "wsutil/wsgetopt.h"
#endif
#include <wsutil/plugins.h>
#include <wsutil/privileges.h>
#include <wsutil/report_err.h>
-#include <wsutil/ws_diag_control.h>
#include "globals.h"
#include <epan/packet.h>
#include <wiretap/pcap-encap.h>
#include <wsutil/clopts_common.h>
-#include <wsutil/ws_version_info.h>
+#include <ws_version_info.h>
#include "caputils/capture-pcap-util.h"
+#ifdef HAVE_EXTCAP
+#include "extcap.h"
+#endif
+
#ifdef HAVE_LIBPCAP
#include <setjmp.h>
#ifdef _WIN32
fprintf(output, " packet encapsulation or protocol\n");
fprintf(output, " -F <field> field to display\n");
fprintf(output, " -n disable all name resolution (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mntC\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtd\"\n");
fprintf(output, " -p use the system's packet header format\n");
fprintf(output, " (which may have 64-bit timestamps)\n");
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
if (err != ERROR_PIPE_BUSY) {
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
- fprintf(stderr, "rawshark: \"%s\" could not be opened: %s (error %d)\n",
+ fprintf(stderr, "rawshark: \"%s\" could not be opened: %s (error %lu)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
err = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_IGNORE_INSERTS,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
- fprintf(stderr, "rawshark: \"%s\" could not be waited for: %s (error %d)\n",
+ fprintf(stderr, "rawshark: \"%s\" could not be waited for: %s (error %lu)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
GPtrArray *disp_fields = g_ptr_array_new();
guint fc;
gboolean skip_pcap_header = FALSE;
-DIAG_OFF(cast-qual)
static const struct option long_options[] = {
- {(char *)"help", no_argument, NULL, 'h'},
- {(char *)"version", no_argument, NULL, 'v'},
+ {"help", no_argument, NULL, 'h'},
+ {"version", no_argument, NULL, 'v'},
{0, 0, 0, 0 }
};
-DIAG_ON(cast-qual)
#define OPTSTRING_INIT "d:F:hlnN:o:pr:R:sS:t:v"
/*
* Attempt to get the pathname of the executable file.
*/
- init_progfile_dir_error = init_progfile_dir(argv[0], (void *)main);
+ init_progfile_dir_error = init_progfile_dir(argv[0], main);
if (init_progfile_dir_error != NULL) {
fprintf(stderr, "rawshark: Can't get pathname of rawshark program: %s.\n",
init_progfile_dir_error);
}
- /*
- * Get credential information for later use.
- */
- init_process_policies();
-
/* nothing more than the standard GLib handler, but without a warning */
log_flags =
G_LOG_LEVEL_WARNING |
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
- epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL);
+ if (!epan_init(register_all_protocols, register_all_protocol_handoffs,
+ NULL, NULL))
+ return 2;
prefs_p = read_prefs(&gpf_open_errno, &gpf_read_errno, &gpf_path,
&pf_open_errno, &pf_read_errno, &pf_path);
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
+ read_disabled_heur_dissector_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
+ &dp_path, &dp_open_errno, &dp_read_errno);
if (gdp_path != NULL) {
if (gdp_open_errno != 0) {
cmdarg_err("Could not open global disabled protocols file\n\"%s\": %s.",
}
#ifdef _WIN32
+ ws_init_dll_search_path();
/* Load Wpcap, if possible */
load_wpcap();
#endif
case 'h': /* Print help and exit */
printf("Rawshark (Wireshark) %s\n"
"Dump and analyze network traffic.\n"
- "See http://www.wireshark.org for more information.\n",
+ "See https://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
exit(0);
line_buffered = TRUE;
break;
case 'n': /* No name resolution */
- gbl_resolv_flags.mac_name = FALSE;
- gbl_resolv_flags.network_name = FALSE;
- gbl_resolv_flags.transport_name = FALSE;
- gbl_resolv_flags.concurrent_dns = FALSE;
+ disable_name_resolution();
break;
case 'N': /* Select what types of addresses/port #s to resolve */
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
if (badopt != '\0') {
- cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'm', 'n', and 't'",
+ cmdarg_err("-N specifies unknown resolving option '%c'; valid options are 'd', m', 'n', 'N', and 't'",
badopt);
exit(1);
}
/* disabled protocols as per configuration file */
if (gdp_path == NULL && dp_path == NULL) {
set_disabled_protos_list();
+ set_disabled_heur_dissector_list();
}
/* Build the column format array */
g_free(err_msg);
epan_free(cfile.epan);
epan_cleanup();
+#ifdef HAVE_EXTCAP
+ extcap_cleanup();
+#endif
exit(2);
}
n_rfcodes++;
if (raw_cf_open(&cfile, pipe_name) != CF_OK) {
epan_free(cfile.epan);
epan_cleanup();
+#ifdef HAVE_EXTCAP
+ extcap_cleanup();
+#endif
exit(2);
}
size_t bytes_left = sizeof(struct pcap_hdr) + sizeof(guint32);
gchar buf[sizeof(struct pcap_hdr) + sizeof(guint32)];
while (bytes_left != 0) {
- ssize_t bytes = read(fd, buf, (int)bytes_left);
+ ssize_t bytes = ws_read(fd, buf, (int)bytes_left);
if (bytes <= 0) {
cmdarg_err("Not enough bytes for pcap header.");
exit(2);
if (!load_cap_file(&cfile)) {
epan_free(cfile.epan);
epan_cleanup();
+#ifdef HAVE_EXTCAP
+ extcap_cleanup();
+#endif
exit(2);
}
} else {
epan_free(cfile.epan);
epan_cleanup();
-
+#ifdef HAVE_EXTCAP
+ extcap_cleanup();
+#endif
return 0;
}
/* Copied from capture_loop.c */
while (bytes_needed > 0) {
- bytes_read = read(fd, ptr, (int)bytes_needed);
+ bytes_read = ws_read(fd, ptr, (int)bytes_needed);
if (bytes_read == 0) {
*err = 0;
*err_info = NULL;
ptr = pd;
while (bytes_needed > 0) {
- bytes_read = read(fd, ptr, (int)bytes_needed);
+ bytes_read = ws_read(fd, ptr, (int)bytes_needed);
if (bytes_read == 0) {
*err = WTAP_ERR_SHORT_READ;
*err_info = NULL;
passed = TRUE;
/* Print a one-line summary */
- printf(" %u", passed ? 1 : 0);
+ printf(" %d", passed ? 1 : 0);
}
printf(" -\n");
static const char* ftenum_to_string(header_field_info *hfi)
{
+ const char* str;
if (!hfi) {
return "n.a.";
}
return "FT_STRING";
}
- switch(hfi->type) {
- case FT_NONE:
- return "FT_NONE";
- case FT_PROTOCOL:
- return "FT_PROTOCOL";
- case FT_BOOLEAN:
- return "FT_BOOLEAN";
- case FT_UINT8:
- return "FT_UINT8";
- case FT_UINT16:
- return "FT_UINT16";
- case FT_UINT24:
- return "FT_UINT24";
- case FT_UINT32:
- return "FT_UINT32";
- case FT_UINT64:
- return "FT_UINT64";
- case FT_INT8:
- return "FT_INT8";
- case FT_INT16:
- return "FT_INT16";
- case FT_INT24:
- return "FT_INT24";
- case FT_INT32:
- return "FT_INT32";
- case FT_INT64:
- return "FT_INT64";
- case FT_FLOAT:
- return "FT_FLOAT";
- case FT_DOUBLE:
- return "FT_DOUBLE";
- case FT_ABSOLUTE_TIME:
- return "FT_ABSOLUTE_TIME";
- case FT_RELATIVE_TIME:
- return "FT_RELATIVE_TIME";
- case FT_STRING:
- return "FT_STRING";
- case FT_STRINGZ:
- return "FT_STRINGZ";
- case FT_UINT_STRING:
- return "FT_UINT_STRING";
- case FT_ETHER:
- return "FT_ETHER";
- case FT_BYTES:
- return "FT_BYTES";
- case FT_UINT_BYTES:
- return "FT_UINT_BYTES";
- case FT_IPv4:
- return "FT_IPv4";
- case FT_IPv6:
- return "FT_IPv6";
- case FT_IPXNET:
- return "FT_IPXNET";
- case FT_FRAMENUM:
- return "FT_FRAMENUM";
- case FT_PCRE:
- return "FT_PCRE";
- case FT_GUID:
- return "FT_GUID";
- case FT_OID:
- return "FT_OID";
- case FT_REL_OID:
- return "FT_REL_OID";
- case FT_SYSTEM_ID:
- return "FT_SYSTEM_ID";
- case FT_STRINGZPAD:
- return "FT_STRIGZPAD";
- case FT_NUM_TYPES:
- return "FT_NUM_TYPES";
- default:
- return "n.a.";
- };
-}
-
-static const char* absolute_time_display_e_to_string(absolute_time_display_e atd)
-{
- switch(atd) {
- case ABSOLUTE_TIME_LOCAL:
- return "ABSOLUTE_TIME_LOCAL";
- case ABSOLUTE_TIME_UTC:
- return "ABSOLUTE_TIME_UTC";
- default:
- return "n.a.";
+ str = ftype_name(hfi->type);
+ if (str == NULL) {
+ str = "n.a.";
}
+
+ return str;
}
-static const char* field_display_e_to_string(field_display_e bd)
+static void field_display_to_string(header_field_info *hfi, char* buf, int size)
{
- switch(bd) {
- case BASE_NONE:
- return "BASE_NONE";
- case BASE_DEC:
- return "BASE_DEC";
- case BASE_HEX:
- return "BASE_HEX";
- case BASE_OCT:
- return "BASE_OCT";
- case BASE_DEC_HEX:
- return "BASE_DEC_HEX";
- case BASE_HEX_DEC:
- return "BASE_HEX_DEC";
- default:
- return "n.a.";
+ if (hfi->type != FT_BOOLEAN)
+ {
+ g_strlcpy(buf, proto_field_display_to_string(hfi->display), size);
+ }
+ else
+ {
+ g_snprintf(buf, size, "(Bit count: %d)", hfi->display);
}
}
static gboolean print_field_value(field_info *finfo, int cmd_line_index)
{
header_field_info *hfinfo;
- static char *fs_buf = NULL;
- char *fs_ptr = fs_buf;
+ char *fs_buf = NULL;
+ char *fs_ptr = NULL;
static GString *label_s = NULL;
- int fs_buf_len = FIELD_STR_INIT_LEN, fs_len;
+ int fs_len;
guint i;
string_fmt_t *sf;
guint32 uvalue;
hfinfo = finfo->hfinfo;
- if (!fs_buf) {
- fs_buf = (char *)g_malloc(fs_buf_len + 1);
- fs_ptr = fs_buf;
- }
-
if (!label_s) {
label_s = g_string_new("");
}
* e.g: ip.hdr_len
*/
fs_len = fvalue_string_repr_len(&finfo->value, FTREPR_DFILTER, finfo->hfinfo->display);
- while (fs_buf_len < fs_len) {
- fs_buf_len *= 2;
- fs_buf = (char *)g_realloc(fs_buf, fs_buf_len + 1);
- fs_ptr = fs_buf;
- }
- fvalue_to_string_repr(&finfo->value,
- FTREPR_DFILTER, finfo->hfinfo->display,
- fs_buf);
+ fs_buf = fvalue_to_string_repr(NULL, &finfo->value,
+ FTREPR_DFILTER, finfo->hfinfo->display);
+ fs_ptr = fs_buf;
/* String types are quoted. Remove them. */
if (IS_FT_STRING(finfo->value.ftype->ftype) && fs_len > 2) {
case SF_STRVAL:
switch(hfinfo->type) {
case FT_BOOLEAN:
- uvalue = fvalue_get_uinteger(&finfo->value);
+ uvalue64 = fvalue_get_uinteger64(&finfo->value);
tfstring = (const struct true_false_string*) hfinfo->strings;
- g_string_append(label_s, uvalue ? tfstring->true_string : tfstring->false_string);
+ g_string_append(label_s, uvalue64 ? tfstring->true_string : tfstring->false_string);
break;
case FT_INT8:
case FT_INT16:
}
}
}
- printf(" %u=\"%s\"", cmd_line_index, label_s->str);
+ printf(" %d=\"%s\"", cmd_line_index, label_s->str);
+ wmem_free(NULL, fs_buf);
return TRUE;
}
if(finfo->value.ftype->val_to_string_repr)
{
- printf(" %u=\"%s\"", cmd_line_index, fs_ptr);
+ printf(" %d=\"%s\"", cmd_line_index, fs_ptr);
+ wmem_free(NULL, fs_buf);
return TRUE;
}
* e.g. http
* We return n.a.
*/
- printf(" %u=\"n.a.\"", cmd_line_index);
+ printf(" %d=\"n.a.\"", cmd_line_index);
return TRUE;
}
pci_t *rs;
header_field_info *hfi;
GString *error_string;
+ char hfibuf[100];
hfi=proto_registrar_get_byname(field);
if(!hfi){
exit(1);
}
- switch (hfi->type) {
-
- case FT_ABSOLUTE_TIME:
- printf("%u %s %s - ",
- g_cmd_line_index,
- ftenum_to_string(hfi),
- absolute_time_display_e_to_string((absolute_time_display_e)hfi->display));
- break;
-
- default:
- printf("%u %s %s - ",
- g_cmd_line_index,
- ftenum_to_string(hfi),
- field_display_e_to_string((field_display_e)hfi->display));
- break;
- }
+ field_display_to_string(hfi, hfibuf, sizeof(hfibuf));
+ printf("%d %s %s - ",
+ g_cmd_line_index,
+ ftenum_to_string(hfi),
+ hfibuf);
rs=(pci_t *)g_malloc(sizeof(pci_t));
rs->hf_index=hfi->id;