3 * Copyright (C) 2016 Jakub Zawadzki
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
33 #include <wsutil/wsjsmn.h>
34 #include <wsutil/ws_printf.h>
37 #include <epan/exceptions.h>
38 #include <epan/color_filters.h>
39 #include <epan/prefs.h>
40 #include <epan/prefs-int.h>
41 #include <epan/uat-int.h>
42 #include <wiretap/wtap.h>
44 #include <epan/column.h>
46 #include <epan/stats_tree_priv.h>
47 #include <epan/stat_tap_ui.h>
48 #include <epan/conversation_table.h>
49 #include <epan/export_object.h>
50 #include <epan/follow.h>
52 #include <epan/dissectors/packet-h225.h>
53 #include <epan/rtp_pt.h>
54 #include <ui/voip_calls.h>
55 #include <ui/rtp_stream.h>
56 #include <ui/tap-rtp-common.h>
57 #include <epan/to_str.h>
61 # include <epan/geoip_db.h>
62 # include <wsutil/pint.h>
65 #include <wsutil/glib-compat.h>
66 #include <wsutil/strtoi.h>
71 json_unescape_str(char *input)
81 /* TODO, add more escaping rules */
93 json_find_attr(const char *buf, const jsmntok_t *tokens, int count, const char *attr)
97 for (i = 0; i < count; i += 2)
99 const char *tok_attr = &buf[tokens[i + 0].start];
100 const char *tok_value = &buf[tokens[i + 1].start];
102 if (!strcmp(tok_attr, attr))
110 json_puts_string(const char *str)
118 for (i = 0; str[i]; i++)
143 json_print_base64(const guint8 *data, int len)
146 int base64_state1 = 0;
147 int base64_state2 = 0;
149 gchar buf[(1 / 3 + 1) * 4 + 4 + 1];
153 for (i = 0; i < len; i++)
155 wrote = g_base64_encode_step(&data[i], 1, FALSE, buf, &base64_state1, &base64_state2);
163 wrote = g_base64_encode_close(FALSE, buf, &base64_state1, &base64_state2);
175 struct filter_item *next;
181 static struct filter_item *filter_list = NULL;
183 static const guint8 *
184 sharkd_session_filter_data(const char *filter)
186 struct filter_item *l;
188 for (l = filter_list; l; l = l->next)
190 if (!strcmp(l->filter, filter))
195 guint8 *filtered = NULL;
197 int ret = sharkd_filter(filter, &filtered);
202 l = (struct filter_item *) g_malloc(sizeof(struct filter_item));
203 l->filter = g_strdup(filter);
204 l->filtered = filtered;
206 l->next = filter_list;
214 sharkd_session_process_info_conv_cb(const void* key, void* value, void* userdata)
216 struct register_ct *table = (struct register_ct *) value;
217 int *pi = (int *) userdata;
219 const char *label = (const char*)key;
221 if (get_conversation_packet_func(table))
223 printf("%s{", (*pi) ? "," : "");
224 printf("\"name\":\"Conversation List/%s\"", label);
225 printf(",\"tap\":\"conv:%s\"", label);
231 if (get_hostlist_packet_func(table))
233 printf("%s{", (*pi) ? "," : "");
234 printf("\"name\":\"Endpoint/%s\"", label);
235 printf(",\"tap\":\"endpt:%s\"", label);
244 sharkd_export_object_visit_cb(const void *key _U_, void *value, void *user_data)
246 register_eo_t *eo = (register_eo_t*)value;
247 int *pi = (int *) user_data;
249 const int proto_id = get_eo_proto_id(eo);
250 const char *filter = proto_get_protocol_filter_name(proto_id);
251 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
253 printf("%s{", (*pi) ? "," : "");
254 printf("\"name\":\"Export Object/%s\"", label);
255 printf(",\"tap\":\"eo:%s\"", filter);
263 sharkd_follower_visit_cb(const void *key _U_, void *value, void *user_data)
265 register_follow_t *follower = (register_follow_t*) value;
266 int *pi = (int *) user_data;
268 const int proto_id = get_follow_proto_id(follower);
269 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
270 const char *filter = label; /* correct: get_follow_by_name() is registered by short name */
272 printf("%s{", (*pi) ? "," : "");
273 printf("\"name\":\"Follow/%s\"", label);
274 printf(",\"tap\":\"follow:%s\"", filter);
282 * sharkd_session_process_info()
284 * Process info request
286 * Output object with attributes:
287 * (m) columns - available column formats, array of object with attributes:
288 * 'name' - column name
289 * 'format' - column format-name
291 * (m) stats - available statistics, array of object with attributes:
292 * 'name' - statistic name
293 * 'tap' - sharkd tap-name for statistic
295 * (m) convs - available conversation list, array of object with attributes:
296 * 'name' - conversation name
297 * 'tap' - sharkd tap-name for conversation
299 * (m) eo - available export object list, array of object with attributes:
300 * 'name' - export object name
301 * 'tap' - sharkd tap-name for conversation
303 * (m) taps - available taps, array of object with attributes:
305 * 'tap' - sharkd tap-name
307 * (m) follow - available followers, array of object with attributes:
309 * 'tap' - sharkd tap-name
311 * (m) ftypes - conversation table for FT_ number to string
314 sharkd_session_process_info(void)
318 printf("{\"columns\":[");
319 for (i = 0; i < NUM_COL_FMTS; i++)
321 const char *col_format = col_format_to_string(i);
322 const char *col_descr = col_format_desc(i);
324 printf("%s{", (i) ? "," : "");
325 printf("\"name\":\"%s\"", col_descr);
326 printf(",\"format\":\"%s\"", col_format);
331 printf(",\"stats\":[");
333 GList *cfg_list = stats_tree_get_cfg_list();
335 const char *sepa = "";
337 for (l = cfg_list; l; l = l->next)
339 stats_tree_cfg *cfg = (stats_tree_cfg *) l->data;
342 printf("\"name\":\"%s\"", cfg->name);
343 printf(",\"tap\":\"stat:%s\"", cfg->abbr);
348 g_list_free(cfg_list);
352 printf(",\"ftypes\":[");
353 for (i = 0; i < FT_NUM_TYPES; i++)
357 json_puts_string(ftype_name((ftenum_t) i));
361 printf(",\"version\":");
362 json_puts_string(sharkd_version());
364 printf(",\"convs\":[");
366 conversation_table_iterate_tables(sharkd_session_process_info_conv_cb, &i);
369 printf(",\"taps\":[");
371 printf("{\"name\":\"%s\",\"tap\":\"%s\"}", "RTP streams", "rtp-streams");
377 eo_iterate_tables(sharkd_export_object_visit_cb, &i);
380 printf(",\"follow\":[");
382 follow_iterate_followers(sharkd_follower_visit_cb, &i);
389 * sharkd_session_process_load()
391 * Process load request
394 * (m) file - file to be loaded
396 * Output object with attributes:
397 * (m) err - error code
400 sharkd_session_process_load(const char *buf, const jsmntok_t *tokens, int count)
402 const char *tok_file = json_find_attr(buf, tokens, count, "file");
405 fprintf(stderr, "load: filename=%s\n", tok_file);
410 if (sharkd_cf_open(tok_file, WTAP_TYPE_AUTO, FALSE, &err) != CF_OK)
412 printf("{\"err\":%d}\n", err);
418 err = sharkd_load_cap_file();
420 CATCH(OutOfMemoryError)
422 fprintf(stderr, "load: OutOfMemoryError\n");
427 printf("{\"err\":%d}\n", err);
431 * sharkd_session_process_status()
433 * Process status request
435 * Output object with attributes:
436 * (m) frames - count of currently loaded frames
439 sharkd_session_process_status(void)
441 printf("{\"frames\":%d", cfile.count);
446 struct sharkd_analyse_data
448 GHashTable *protocols_set;
449 nstime_t *first_time;
454 sharkd_session_process_analyse_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
456 struct sharkd_analyse_data *analyser = (struct sharkd_analyse_data *) data;
457 frame_data *fdata = pi->fd;
463 if (analyser->first_time == NULL || nstime_cmp(&fdata->abs_ts, analyser->first_time) < 0)
464 analyser->first_time = &fdata->abs_ts;
466 if (analyser->last_time == NULL || nstime_cmp(&fdata->abs_ts, analyser->last_time) > 0)
467 analyser->last_time = &fdata->abs_ts;
471 wmem_list_frame_t *frame;
473 for (frame = wmem_list_head(pi->layers); frame; frame = wmem_list_frame_next(frame))
475 int proto_id = GPOINTER_TO_UINT(wmem_list_frame_data(frame));
477 if (!g_hash_table_lookup_extended(analyser->protocols_set, GUINT_TO_POINTER(proto_id), NULL, NULL))
479 g_hash_table_insert(analyser->protocols_set, GUINT_TO_POINTER(proto_id), GUINT_TO_POINTER(proto_id));
481 if (g_hash_table_size(analyser->protocols_set) != 1)
483 json_puts_string(proto_get_protocol_filter_name(proto_id));
491 * sharkd_session_process_status()
493 * Process analyse request
495 * Output object with attributes:
496 * (m) frames - count of currently loaded frames
497 * (m) protocols - protocol list
498 * (m) first - earliest frame time
499 * (m) last - latest frame time
502 sharkd_session_process_analyse(void)
504 unsigned int framenum;
505 struct sharkd_analyse_data analyser;
507 analyser.first_time = NULL;
508 analyser.last_time = NULL;
509 analyser.protocols_set = g_hash_table_new(NULL /* g_direct_hash() */, NULL /* g_direct_equal */);
511 printf("{\"frames\":%d", cfile.count);
513 printf(",\"protocols\":[");
514 for (framenum = 1; framenum <= cfile.count; framenum++)
515 sharkd_dissect_request(framenum, &sharkd_session_process_analyse_cb, 0, 0, 0, &analyser);
518 if (analyser.first_time)
519 printf(",\"first\":%.9f", nstime_to_sec(analyser.first_time));
521 if (analyser.last_time)
522 printf(",\"last\":%.9f", nstime_to_sec(analyser.last_time));
526 g_hash_table_destroy(analyser.protocols_set);
530 * sharkd_session_process_frames()
532 * Process frames request
535 * (o) filter - filter to be used
536 * (o) range - packet range to be used [TODO]
538 * Output array of frames with attributes:
539 * (m) c - array of column data
540 * (m) num - frame number
541 * (m) i - if frame is ignored
542 * (m) m - if frame is marked
543 * (m) bg - color filter - background color in hex
544 * (m) fg - color filter - foreground color in hex
547 sharkd_session_process_frames(const char *buf, const jsmntok_t *tokens, int count)
549 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
551 const guint8 *filter_data = NULL;
553 const char *frame_sepa = "";
554 unsigned int framenum;
557 column_info *cinfo = &cfile.cinfo;
561 filter_data = sharkd_session_filter_data(tok_filter);
567 for (framenum = 1; framenum <= cfile.count; framenum++)
569 frame_data *fdata = frame_data_sequence_find(cfile.frames, framenum);
571 if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
574 sharkd_dissect_columns(framenum, cinfo, (fdata->color_filter == NULL));
576 printf("%s{\"c\":[", frame_sepa);
577 for (col = 0; col < cinfo->num_cols; ++col)
579 const col_item_t *col_item = &cinfo->columns[col];
584 json_puts_string(col_item->col_data);
586 printf("],\"num\":%u", framenum);
588 if (fdata->flags.ignored)
589 printf(",\"i\":true");
591 if (fdata->flags.marked)
592 printf(",\"m\":true");
594 if (fdata->color_filter)
596 printf(",\"bg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->bg_color));
597 printf(",\"fg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->fg_color));
605 if (cinfo != &cfile.cinfo)
610 sharkd_session_process_tap_stats_node_cb(const stat_node *n)
613 const char *sepa = "";
616 for (node = n->children; node; node = node->next)
618 /* code based on stats_tree_get_values_from_node() */
619 printf("%s{\"name\":\"%s\"", sepa, node->name);
620 printf(",\"count\":%u", node->counter);
621 if (node->counter && ((node->st_flags & ST_FLG_AVERAGE) || node->rng))
623 printf(",\"avg\":%.2f", ((float)node->total) / node->counter);
624 printf(",\"min\":%u", node->minvalue);
625 printf(",\"max\":%u", node->maxvalue);
628 if (node->st->elapsed)
629 printf(",\"rate\":%.4f",((float)node->counter) / node->st->elapsed);
631 if (node->parent && node->parent->counter)
632 printf(",\"perc\":%.2f", (node->counter * 100.0) / node->parent->counter);
633 else if (node->parent == &(node->st->root))
634 printf(",\"perc\":100");
636 if (prefs.st_enable_burstinfo && node->max_burst)
638 if (prefs.st_burst_showcount)
639 printf(",\"burstcount\":%d", node->max_burst);
641 printf(",\"burstrate\":%.4f", ((double)node->max_burst) / prefs.st_burst_windowlen);
643 printf(",\"bursttime\":%.3f", ((double)node->burst_time / 1000.0));
649 sharkd_session_process_tap_stats_node_cb(node);
658 * sharkd_session_process_tap_stats_cb()
663 * (m) type:stats - tap output type
664 * (m) name - stat name
665 * (m) stats - array of object with attributes:
666 * (m) name - stat item name
667 * (m) count - stat item counter
668 * (o) avg - stat item averange value
669 * (o) min - stat item min value
670 * (o) max - stat item max value
671 * (o) rate - stat item rate value (ms)
672 * (o) perc - stat item percentage
673 * (o) burstrate - stat item burst rate
674 * (o) burstcount - stat item burst count
675 * (o) burstttme - stat item burst start
676 * (o) sub - array of object with attributes like in stats node.
679 sharkd_session_process_tap_stats_cb(void *psp)
681 stats_tree *st = (stats_tree *) psp;
683 printf("{\"tap\":\"stats:%s\",\"type\":\"stats\"", st->cfg->abbr);
685 printf(",\"name\":\"%s\",\"stats\":", st->cfg->name);
686 sharkd_session_process_tap_stats_node_cb(&st->root);
691 sharkd_session_free_tap_stats_cb(void *psp)
693 stats_tree *st = (stats_tree *) psp;
698 struct sharkd_conv_tap_data
702 gboolean resolve_name;
703 gboolean resolve_port;
707 sharkd_session_geoip_addr(address *addr, const char *suffix)
715 if (addr->type == AT_IPv4)
717 guint32 ip = pntoh32(addr->data);
719 guint num_dbs = geoip_db_num_dbs();
722 for (dbnum = 0; dbnum < num_dbs; dbnum++)
724 const char *geoip_key = NULL;
727 int db_type = geoip_db_type(dbnum);
731 case GEOIP_COUNTRY_EDITION:
732 geoip_key = "geoip_country";
735 case GEOIP_CITY_EDITION_REV0:
736 case GEOIP_CITY_EDITION_REV1:
737 geoip_key = "geoip_city";
740 case GEOIP_ORG_EDITION:
741 geoip_key = "geoip_org";
744 case GEOIP_ISP_EDITION:
745 geoip_key = "geoip_isp";
748 case GEOIP_ASNUM_EDITION:
749 geoip_key = "geoip_as";
752 case WS_LAT_FAKE_EDITION:
753 geoip_key = "geoip_lat";
756 case WS_LON_FAKE_EDITION:
757 geoip_key = "geoip_lon";
761 if (geoip_key && (geoip_val = geoip_db_lookup_ipv4(dbnum, ip, NULL)))
763 printf(",\"%s%s\":", geoip_key, suffix);
764 json_puts_string(geoip_val);
770 if (addr->type == AT_IPv6)
772 const struct e_in6_addr *ip6 = (const struct e_in6_addr *) addr->data;
774 guint num_dbs = geoip_db_num_dbs();
777 for (dbnum = 0; dbnum < num_dbs; dbnum++)
779 const char *geoip_key = NULL;
782 int db_type = geoip_db_type(dbnum);
786 case GEOIP_COUNTRY_EDITION_V6:
787 geoip_key = "geoip_country";
789 #if NUM_DB_TYPES > 31
790 case GEOIP_CITY_EDITION_REV0_V6:
791 case GEOIP_CITY_EDITION_REV1_V6:
792 geoip_key = "geoip_city";
795 case GEOIP_ORG_EDITION_V6:
796 geoip_key = "geoip_org";
799 case GEOIP_ISP_EDITION_V6:
800 geoip_key = "geoip_isp";
803 case GEOIP_ASNUM_EDITION_V6:
804 geoip_key = "geoip_as";
806 #endif /* DB_NUM_TYPES */
807 case WS_LAT_FAKE_EDITION:
808 geoip_key = "geoip_lat";
811 case WS_LON_FAKE_EDITION:
812 geoip_key = "geoip_lon";
816 if (geoip_key && (geoip_val = geoip_db_lookup_ipv6(dbnum, *ip6, NULL)))
818 printf(",\"%s%s\":", geoip_key, suffix);
819 json_puts_string(geoip_val);
824 #endif /* HAVE_GEOIP_V6 */
825 #endif /* HAVE_GEOIP */
831 * sharkd_session_process_tap_conv_cb()
835 * (m) type - tap output type
836 * (m) proto - protocol short name
837 * (o) filter - filter string
839 * (o) convs - array of object with attributes:
840 * (m) saddr - source address
841 * (m) daddr - destination address
842 * (o) sport - source port
843 * (o) dport - destination port
844 * (m) txf - TX frame count
846 * (m) rxf - RX frame count
848 * (m) start - (relative) first packet time
849 * (m) stop - (relative) last packet time
851 * (o) hosts - array of object with attributes:
852 * (m) host - host address
853 * (o) port - host port
854 * (m) txf - TX frame count
856 * (m) rxf - RX frame count
860 sharkd_session_process_tap_conv_cb(void *arg)
862 conv_hash_t *hash = (conv_hash_t *) arg;
863 const struct sharkd_conv_tap_data *iu = (struct sharkd_conv_tap_data *) hash->user_data;
870 if (!strncmp(iu->type, "conv:", 5))
872 printf("{\"tap\":\"%s\",\"type\":\"conv\"", iu->type);
873 printf(",\"convs\":[");
874 proto = iu->type + 5;
876 else if (!strncmp(iu->type, "endpt:", 6))
878 printf("{\"tap\":\"%s\",\"type\":\"host\"", iu->type);
879 printf(",\"hosts\":[");
880 proto = iu->type + 6;
884 printf("{\"tap\":\"%s\",\"type\":\"err\"", iu->type);
888 proto_with_port = (!strcmp(proto, "TCP") || !strcmp(proto, "UDP") || !strcmp(proto, "SCTP"));
890 if (iu->hash.conv_array != NULL && !strncmp(iu->type, "conv:", 5))
892 for (i = 0; i < iu->hash.conv_array->len; i++)
894 conv_item_t *iui = &g_array_index(iu->hash.conv_array, conv_item_t, i);
895 char *src_addr, *dst_addr;
896 char *src_port, *dst_port;
899 printf("%s{", i ? "," : "");
901 printf("\"saddr\":\"%s\"", (src_addr = get_conversation_address(NULL, &iui->src_address, iu->resolve_name)));
902 printf(",\"daddr\":\"%s\"", (dst_addr = get_conversation_address(NULL, &iui->dst_address, iu->resolve_name)));
906 printf(",\"sport\":\"%s\"", (src_port = get_conversation_port(NULL, iui->src_port, iui->ptype, iu->resolve_port)));
907 printf(",\"dport\":\"%s\"", (dst_port = get_conversation_port(NULL, iui->dst_port, iui->ptype, iu->resolve_port)));
909 wmem_free(NULL, src_port);
910 wmem_free(NULL, dst_port);
913 printf(",\"rxf\":%" G_GUINT64_FORMAT, iui->rx_frames);
914 printf(",\"rxb\":%" G_GUINT64_FORMAT, iui->rx_bytes);
916 printf(",\"txf\":%" G_GUINT64_FORMAT, iui->tx_frames);
917 printf(",\"txb\":%" G_GUINT64_FORMAT, iui->tx_bytes);
919 printf(",\"start\":%.9f", nstime_to_sec(&iui->start_time));
920 printf(",\"stop\":%.9f", nstime_to_sec(&iui->stop_time));
922 filter_str = get_conversation_filter(iui, CONV_DIR_A_TO_FROM_B);
925 printf(",\"filter\":\"%s\"", filter_str);
929 wmem_free(NULL, src_addr);
930 wmem_free(NULL, dst_addr);
932 if (sharkd_session_geoip_addr(&(iui->src_address), "1"))
934 if (sharkd_session_geoip_addr(&(iui->dst_address), "2"))
940 else if (iu->hash.conv_array != NULL && !strncmp(iu->type, "endpt:", 6))
942 for (i = 0; i < iu->hash.conv_array->len; i++)
944 hostlist_talker_t *host = &g_array_index(iu->hash.conv_array, hostlist_talker_t, i);
945 char *host_str, *port_str;
948 printf("%s{", i ? "," : "");
950 printf("\"host\":\"%s\"", (host_str = get_conversation_address(NULL, &host->myaddress, iu->resolve_name)));
954 printf(",\"port\":\"%s\"", (port_str = get_conversation_port(NULL, host->port, host->ptype, iu->resolve_port)));
956 wmem_free(NULL, port_str);
959 printf(",\"rxf\":%" G_GUINT64_FORMAT, host->rx_frames);
960 printf(",\"rxb\":%" G_GUINT64_FORMAT, host->rx_bytes);
962 printf(",\"txf\":%" G_GUINT64_FORMAT, host->tx_frames);
963 printf(",\"txb\":%" G_GUINT64_FORMAT, host->tx_bytes);
965 filter_str = get_hostlist_filter(host);
968 printf(",\"filter\":\"%s\"", filter_str);
972 wmem_free(NULL, host_str);
974 if (sharkd_session_geoip_addr(&(host->myaddress), ""))
980 printf("],\"proto\":\"%s\",\"geoip\":%s},", proto, with_geoip ? "true" : "false");
984 sharkd_session_free_tap_conv_cb(void *arg)
986 conv_hash_t *hash = (conv_hash_t *) arg;
987 struct sharkd_conv_tap_data *iu = (struct sharkd_conv_tap_data *) hash->user_data;
989 if (!strncmp(iu->type, "conv:", 5))
991 reset_conversation_table_data(hash);
993 else if (!strncmp(iu->type, "endpt:", 6))
995 reset_hostlist_table_data(hash);
1001 struct sharkd_export_object_list
1003 struct sharkd_export_object_list *next;
1010 static struct sharkd_export_object_list *sharkd_eo_list;
1013 * sharkd_session_process_tap_eo_cb()
1016 * (m) tap - tap name
1017 * (m) type - tap output type
1018 * (m) proto - protocol short name
1019 * (m) objects - array of object with attributes:
1020 * (m) pkt - packet number
1021 * (o) hostname - hostname
1022 * (o) type - content type
1023 * (o) filename - filename
1024 * (m) len - object length
1027 sharkd_session_process_tap_eo_cb(void *tapdata)
1029 export_object_list_t *tap_object = (export_object_list_t *) tapdata;
1030 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list*) tap_object->gui_data;
1034 printf("{\"tap\":\"%s\",\"type\":\"eo\"", object_list->type);
1035 printf(",\"proto\":\"%s\"", object_list->proto);
1036 printf(",\"objects\":[");
1038 for (slist = object_list->entries; slist; slist = slist->next)
1040 const export_object_entry_t *eo_entry = (export_object_entry_t *) slist->data;
1042 printf("%s{", i ? "," : "");
1044 printf("\"pkt\":%u", eo_entry->pkt_num);
1046 if (eo_entry->hostname)
1048 printf(",\"hostname\":");
1049 json_puts_string(eo_entry->hostname);
1052 if (eo_entry->content_type)
1054 printf(",\"type\":");
1055 json_puts_string(eo_entry->content_type);
1058 if (eo_entry->filename)
1060 printf(",\"filename\":");
1061 json_puts_string(eo_entry->filename);
1064 printf(",\"_download\":\"%s_%d\"", object_list->type, i);
1066 printf(",\"len\":%" G_GUINT64_FORMAT, eo_entry->payload_len);
1077 sharkd_eo_object_list_add_entry(void *gui_data, export_object_entry_t *entry)
1079 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) gui_data;
1081 object_list->entries = g_slist_append(object_list->entries, entry);
1084 static export_object_entry_t *
1085 sharkd_eo_object_list_get_entry(void *gui_data, int row)
1087 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) gui_data;
1089 return (export_object_entry_t *) g_slist_nth_data(object_list->entries, row);
1093 * sharkd_session_process_tap_rtp_cb()
1095 * Output RTP streams tap:
1096 * (m) tap - tap name
1097 * (m) type - tap output type
1098 * (m) streams - array of object with attributes:
1099 * (m) ssrc - RTP synchronization source identifier
1100 * (m) payload - stream payload
1101 * (m) saddr - source address
1102 * (m) sport - source port
1103 * (m) daddr - destination address
1104 * (m) dport - destination port
1105 * (m) pkts - packets count
1106 * (m) max_delta - max delta (ms)
1107 * (m) max_jitter - max jitter (ms)
1108 * (m) mean_jitter - mean jitter (ms)
1111 * (m) problem - if analyser found the problem
1112 * (m) ipver - address IP version (4 or 6)
1115 sharkd_session_process_tap_rtp_cb(void *arg)
1117 rtpstream_tapinfo_t *rtp_tapinfo = (rtpstream_tapinfo_t *) arg;
1120 const char *sepa = "";
1122 printf("{\"tap\":\"%s\",\"type\":\"%s\"", "rtp-streams", "rtp-streams");
1124 printf(",\"streams\":[");
1125 for (listx = g_list_first(rtp_tapinfo->strinfo_list); listx; listx = listx->next)
1127 rtp_stream_info_t *streaminfo = (rtp_stream_info_t *) listx->data;
1129 char *src_addr, *dst_addr;
1133 src_addr = address_to_display(NULL, &(streaminfo->src_addr));
1134 dst_addr = address_to_display(NULL, &(streaminfo->dest_addr));
1136 if (streaminfo->payload_type_name != NULL)
1137 payload = wmem_strdup(NULL, streaminfo->payload_type_name);
1139 payload = val_to_str_ext_wmem(NULL, streaminfo->payload_type, &rtp_payload_type_short_vals_ext, "Unknown (%u)");
1141 printf("%s{\"ssrc\":%u", sepa, streaminfo->ssrc);
1142 printf(",\"payload\":\"%s\"", payload);
1144 printf(",\"saddr\":\"%s\"", src_addr);
1145 printf(",\"sport\":%u", streaminfo->src_port);
1147 printf(",\"daddr\":\"%s\"", dst_addr);
1148 printf(",\"dport\":%u", streaminfo->dest_port);
1150 printf(",\"pkts\":%u", streaminfo->packet_count);
1152 printf(",\"max_delta\":%f", streaminfo->rtp_stats.max_delta);
1153 printf(",\"max_jitter\":%f", streaminfo->rtp_stats.max_jitter);
1154 printf(",\"mean_jitter\":%f", streaminfo->rtp_stats.mean_jitter);
1156 expected = (streaminfo->rtp_stats.stop_seq_nr + streaminfo->rtp_stats.cycles * 65536) - streaminfo->rtp_stats.start_seq_nr + 1;
1157 printf(",\"expectednr\":%u", expected);
1158 printf(",\"totalnr\":%u", streaminfo->rtp_stats.total_nr);
1160 printf(",\"problem\":%s", streaminfo->problem ? "true" : "false");
1163 printf(",\"ipver\":%d", (streaminfo->src_addr.type == AT_IPv6) ? 6 : 4);
1165 wmem_free(NULL, src_addr);
1166 wmem_free(NULL, dst_addr);
1167 wmem_free(NULL, payload);
1176 * sharkd_session_process_tap()
1178 * Process tap request
1181 * (m) tap0 - First tap request
1182 * (o) tap1...tap15 - Other tap requests
1184 * Output object with attributes:
1185 * (m) taps - array of object with attributes:
1186 * (m) tap - tap name
1187 * (m) type - tap output type
1189 * for type:stats see sharkd_session_process_tap_stats_cb()
1190 * for type:conv see sharkd_session_process_tap_conv_cb()
1191 * for type:host see sharkd_session_process_tap_conv_cb()
1192 * for type:rtp-streams see sharkd_session_process_tap_rtp_cb()
1193 * for type:eo see sharkd_session_process_tap_eo_cb()
1195 * (m) err - error code
1198 sharkd_session_process_tap(char *buf, const jsmntok_t *tokens, int count)
1200 void *taps_data[16];
1201 GFreeFunc taps_free[16];
1205 rtpstream_tapinfo_t rtp_tapinfo =
1206 {NULL, NULL, NULL, NULL, 0, NULL, 0, TAP_ANALYSE, NULL, NULL, NULL, FALSE};
1208 for (i = 0; i < 16; i++)
1211 const char *tok_tap;
1213 void *tap_data = NULL;
1214 GFreeFunc tap_free = NULL;
1215 const char *tap_filter = "";
1216 GString *tap_error = NULL;
1218 ws_snprintf(tapbuf, sizeof(tapbuf), "tap%d", i);
1219 tok_tap = json_find_attr(buf, tokens, count, tapbuf);
1223 if (!strncmp(tok_tap, "stat:", 5))
1225 stats_tree_cfg *cfg = stats_tree_get_cfg_by_abbr(tok_tap + 5);
1230 fprintf(stderr, "sharkd_session_process_tap() stat %s not found\n", tok_tap + 5);
1234 st = stats_tree_new(cfg, NULL, tap_filter);
1236 tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb);
1238 if (!tap_error && cfg->init)
1242 tap_free = sharkd_session_free_tap_stats_cb;
1244 else if (!strncmp(tok_tap, "conv:", 5) || !strncmp(tok_tap, "endpt:", 6))
1246 struct register_ct *ct = NULL;
1247 const char *ct_tapname;
1248 struct sharkd_conv_tap_data *ct_data;
1249 tap_packet_cb tap_func = NULL;
1251 if (!strncmp(tok_tap, "conv:", 5))
1253 ct = get_conversation_by_proto_id(proto_get_id_by_short_name(tok_tap + 5));
1255 if (!ct || !(tap_func = get_conversation_packet_func(ct)))
1257 fprintf(stderr, "sharkd_session_process_tap() conv %s not found\n", tok_tap + 5);
1261 else if (!strncmp(tok_tap, "endpt:", 6))
1263 ct = get_conversation_by_proto_id(proto_get_id_by_short_name(tok_tap + 6));
1265 if (!ct || !(tap_func = get_hostlist_packet_func(ct)))
1267 fprintf(stderr, "sharkd_session_process_tap() endpt %s not found\n", tok_tap + 6);
1273 fprintf(stderr, "sharkd_session_process_tap() conv/endpt(?): %s not found\n", tok_tap);
1277 ct_tapname = proto_get_protocol_filter_name(get_conversation_proto_id(ct));
1279 ct_data = (struct sharkd_conv_tap_data *) g_malloc0(sizeof(struct sharkd_conv_tap_data));
1280 ct_data->type = tok_tap;
1281 ct_data->hash.user_data = ct_data;
1283 /* XXX: make configurable */
1284 ct_data->resolve_name = TRUE;
1285 ct_data->resolve_port = TRUE;
1287 tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb);
1289 tap_data = &ct_data->hash;
1290 tap_free = sharkd_session_free_tap_conv_cb;
1292 else if (!strncmp(tok_tap, "eo:", 3))
1294 register_eo_t *eo = get_eo_by_name(tok_tap + 3);
1295 export_object_list_t *eo_object;
1296 struct sharkd_export_object_list *object_list;
1300 fprintf(stderr, "sharkd_session_process_tap() eo=%s not found\n", tok_tap + 3);
1304 for (object_list = sharkd_eo_list; object_list; object_list = object_list->next)
1306 if (!strcmp(object_list->type, tok_tap))
1308 g_slist_free_full(object_list->entries, (GDestroyNotify) eo_free_entry);
1309 object_list->entries = NULL;
1316 object_list = g_new(struct sharkd_export_object_list, 1);
1317 object_list->type = g_strdup(tok_tap);
1318 object_list->proto = proto_get_protocol_short_name(find_protocol_by_id(get_eo_proto_id(eo)));
1319 object_list->entries = NULL;
1320 object_list->next = sharkd_eo_list;
1321 sharkd_eo_list = object_list;
1324 eo_object = g_new0(export_object_list_t, 1);
1325 eo_object->add_entry = sharkd_eo_object_list_add_entry;
1326 eo_object->get_entry = sharkd_eo_object_list_get_entry;
1327 eo_object->gui_data = (void *) object_list;
1329 tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb);
1331 tap_data = eo_object;
1332 tap_free = g_free; /* need to free only eo_object, object_list need to be kept for potential download */
1334 else if (!strcmp(tok_tap, "rtp-streams"))
1336 tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet, sharkd_session_process_tap_rtp_cb);
1338 tap_data = &rtp_tapinfo;
1339 tap_free = rtpstream_reset_cb;
1343 fprintf(stderr, "sharkd_session_process_tap() %s not recognized\n", tok_tap);
1349 fprintf(stderr, "sharkd_session_process_tap() name=%s error=%s", tok_tap, tap_error->str);
1350 g_string_free(tap_error, TRUE);
1356 taps_data[taps_count] = tap_data;
1357 taps_free[taps_count] = tap_free;
1361 fprintf(stderr, "sharkd_session_process_tap() count=%d\n", taps_count);
1362 if (taps_count == 0)
1365 printf("{\"taps\":[");
1367 printf("null],\"err\":0}\n");
1369 for (i = 0; i < taps_count; i++)
1372 remove_tap_listener(taps_data[i]);
1375 taps_free[i](taps_data[i]);
1380 * sharkd_session_process_follow()
1382 * Process follow request
1385 * (m) follow - follow protocol request (e.g. HTTP)
1386 * (m) filter - filter request (e.g. tcp.stream == 1)
1388 * Output object with attributes:
1390 * (m) err - error code
1391 * (m) shost - server host
1392 * (m) sport - server port
1393 * (m) sbytes - server send bytes count
1394 * (m) chost - client host
1395 * (m) cport - client port
1396 * (m) cbytes - client send bytes count
1397 * (o) payloads - array of object with attributes:
1398 * (o) s - set if server sent, else client
1399 * (m) n - packet number
1400 * (m) d - data base64 encoded
1403 sharkd_session_process_follow(char *buf, const jsmntok_t *tokens, int count)
1405 const char *tok_follow = json_find_attr(buf, tokens, count, "follow");
1406 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
1408 register_follow_t *follower;
1411 follow_info_t *follow_info;
1415 if (!tok_follow || !tok_filter)
1418 follower = get_follow_by_name(tok_follow);
1421 fprintf(stderr, "sharkd_session_process_follow() follower=%s not found\n", tok_follow);
1425 /* follow_reset_stream ? */
1426 follow_info = g_new0(follow_info_t, 1);
1427 /* gui_data, filter_out_filter not set, but not used by dissector */
1429 tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL);
1432 fprintf(stderr, "sharkd_session_process_follow() name=%s error=%s", tok_follow, tap_error->str);
1433 g_string_free(tap_error, TRUE);
1434 g_free(follow_info);
1442 printf("\"err\":0");
1444 /* Server information: hostname, port, bytes sent */
1445 host = address_to_name(&follow_info->server_ip);
1446 printf(",\"shost\":");
1447 json_puts_string(host);
1449 port = get_follow_port_to_display(follower)(NULL, follow_info->server_port);
1450 printf(",\"sport\":");
1451 json_puts_string(port);
1452 wmem_free(NULL, port);
1454 printf(",\"sbytes\":%u", follow_info->bytes_written[0]);
1456 /* Client information: hostname, port, bytes sent */
1457 host = address_to_name(&follow_info->client_ip);
1458 printf(",\"chost\":");
1459 json_puts_string(host);
1461 port = get_follow_port_to_display(follower)(NULL, follow_info->client_port);
1462 printf(",\"cport\":");
1463 json_puts_string(port);
1464 wmem_free(NULL, port);
1466 printf(",\"cbytes\":%u", follow_info->bytes_written[1]);
1468 if (follow_info->payload)
1470 follow_record_t *follow_record;
1472 const char *sepa = "";
1474 printf(",\"payloads\":[");
1476 for (cur = follow_info->payload; cur; cur = g_list_next(cur))
1478 follow_record = (follow_record_t *) cur->data;
1480 printf("%s{", sepa);
1482 printf("\"n\":%u", follow_record->packet_num);
1485 json_print_base64(follow_record->data->data, follow_record->data->len);
1487 if (follow_record->is_server)
1488 printf(",\"s\":%d", 1);
1499 remove_tap_listener(follow_info);
1500 follow_info_free(follow_info);
1504 sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
1507 const char *sepa = "";
1510 for (node = tree->first_child; node; node = node->next)
1512 field_info *finfo = PNODE_FINFO(node);
1517 /* XXX, for now always skip hidden */
1518 if (FI_GET_FLAG(finfo, FI_HIDDEN))
1521 printf("%s{", sepa);
1526 char label_str[ITEM_LABEL_LENGTH];
1528 label_str[0] = '\0';
1529 proto_item_fill_label(finfo, label_str);
1530 json_puts_string(label_str);
1534 json_puts_string(finfo->rep->representation);
1537 if (finfo->ds_tvb && tvbs && tvbs[0] != finfo->ds_tvb)
1541 for (idx = 1; tvbs[idx]; idx++)
1543 if (tvbs[idx] == finfo->ds_tvb)
1545 printf(",\"ds\":%d", idx);
1551 if (finfo->start >= 0 && finfo->length > 0)
1552 printf(",\"h\":[%u,%u]", finfo->start, finfo->length);
1554 if (finfo->appendix_start >= 0 && finfo->appendix_length > 0)
1555 printf(",\"i\":[%u,%u]", finfo->appendix_start, finfo->appendix_length);
1560 if (finfo->hfinfo->type == FT_PROTOCOL)
1562 printf(",\"t\":\"proto\"");
1564 else if (finfo->hfinfo->type == FT_FRAMENUM)
1566 printf(",\"t\":\"framenum\",\"fnum\":%u", finfo->value.value.uinteger);
1568 else if (FI_GET_FLAG(finfo, FI_URL) && IS_FT_STRING(finfo->hfinfo->type))
1570 char *url = fvalue_to_string_repr(NULL, &finfo->value, FTREPR_DISPLAY, finfo->hfinfo->display);
1572 printf(",\"t\":\"url\",\"url\":");
1573 json_puts_string(url);
1574 wmem_free(NULL, url);
1578 if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
1580 const char *severity = NULL;
1582 switch (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
1585 severity = "comment";
1604 g_assert(severity != NULL);
1606 printf(",\"s\":\"%s\"", severity);
1609 if (((proto_tree *) node)->first_child) {
1610 if (finfo->tree_type != -1)
1611 printf(",\"e\":%d", finfo->tree_type);
1613 sharkd_session_process_frame_cb_tree((proto_tree *) node, tvbs);
1623 sharkd_follower_visit_layers_cb(const void *key _U_, void *value, void *user_data)
1625 register_follow_t *follower = (register_follow_t *) value;
1626 packet_info *pi = (packet_info *) user_data;
1628 const int proto_id = get_follow_proto_id(follower);
1630 guint32 ignore_stream;
1632 if (proto_is_frame_protocol(pi->layers, proto_get_protocol_filter_name(proto_id)))
1634 const char *layer_proto = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
1635 char *follow_filter;
1637 follow_filter = get_follow_conv_func(follower)(pi, &ignore_stream);
1639 printf(",[\"%s\",", layer_proto);
1640 json_puts_string(follow_filter);
1643 g_free(follow_filter);
1650 sharkd_session_process_frame_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
1657 printf("\"err\":0");
1661 tvbuff_t **tvbs = NULL;
1663 printf(",\"tree\":");
1665 /* arrayize data src, to speedup searching for ds_tvb index */
1666 if (data_src && data_src->next /* only needed if there are more than one data source */)
1668 guint count = g_slist_length((GSList *) data_src);
1671 tvbs = (tvbuff_t **) g_malloc((count + 1) * sizeof(*tvbs));
1673 for (i = 0; i < count; i++)
1675 struct data_source *src = (struct data_source *) g_slist_nth_data((GSList *) data_src, i);
1677 tvbs[i] = get_data_source_tvb(src);
1683 sharkd_session_process_frame_cb_tree(tree, tvbs);
1692 printf(",\"col\":[");
1693 for (col = 0; col < cinfo->num_cols; ++col)
1695 const col_item_t *col_item = &cinfo->columns[col];
1697 printf("%s\"%s\"", (col) ? "," : "", col_item->col_data);
1704 struct data_source *src = (struct data_source *)data_src->data;
1705 const char *ds_sepa = NULL;
1710 tvb = get_data_source_tvb(src);
1711 length = tvb_captured_length(tvb);
1713 printf(",\"bytes\":");
1716 const guchar *cp = tvb_get_ptr(tvb, 0, length);
1718 /* XXX pi.fd->flags.encoding */
1719 json_print_base64(cp, length);
1723 json_print_base64("", 0);
1726 data_src = data_src->next;
1729 printf(",\"ds\":[");
1735 src = (struct data_source *)data_src->data;
1738 char *src_name = get_data_source_name(src);
1740 printf("%s{\"name\":", ds_sepa);
1741 json_puts_string(src_name);
1742 wmem_free(NULL, src_name);
1745 tvb = get_data_source_tvb(src);
1746 length = tvb_captured_length(tvb);
1748 printf(",\"bytes\":");
1751 const guchar *cp = tvb_get_ptr(tvb, 0, length);
1753 /* XXX pi.fd->flags.encoding */
1754 json_print_base64(cp, length);
1758 json_print_base64("", 0);
1764 data_src = data_src->next;
1767 /* close ds, only if was opened */
1768 if (ds_sepa != NULL)
1772 printf(",\"fol\":[0");
1773 follow_iterate_followers(sharkd_follower_visit_layers_cb, pi);
1780 * sharkd_session_process_intervals()
1782 * Process intervals request - generate basic capture file statistics per requested interval.
1785 * (o) interval - interval time in ms, if not specified: 1000ms
1786 * (o) filter - filter for generating interval request
1788 * Output object with attributes:
1789 * (m) intervals - array of intervals, with indexes:
1790 * [0] - index of interval,
1791 * [1] - number of frames during interval,
1792 * [2] - number of bytes during interval.
1794 * (m) last - last interval number.
1795 * (m) frames - total number of frames
1796 * (m) bytes - total number of bytes
1798 * NOTE: If frames are not in order, there might be items with same interval index, or even negative one.
1801 sharkd_session_process_intervals(char *buf, const jsmntok_t *tokens, int count)
1803 const char *tok_interval = json_find_attr(buf, tokens, count, "interval");
1804 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
1806 const guint8 *filter_data = NULL;
1810 unsigned int frames;
1814 nstime_t *start_ts = NULL;
1816 guint32 interval_ms = 1000; /* default: one per second */
1818 const char *sepa = "";
1819 unsigned int framenum;
1824 if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0) {
1825 fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
1832 filter_data = sharkd_session_filter_data(tok_filter);
1837 st_total.frames = 0;
1845 printf("{\"intervals\":[");
1847 for (framenum = 1; framenum <= cfile.count; framenum++)
1849 frame_data *fdata = frame_data_sequence_find(cfile.frames, framenum);
1853 if (start_ts == NULL)
1854 start_ts = &fdata->abs_ts;
1856 if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
1859 msec_rel = (fdata->abs_ts.secs - start_ts->secs) * (gint64) 1000 + (fdata->abs_ts.nsecs - start_ts->nsecs) / 1000000;
1860 new_idx = msec_rel / interval_ms;
1866 printf("%s[%" G_GINT64_FORMAT ",%u,%" G_GUINT64_FORMAT "]", sepa, idx, st.frames, st.bytes);
1879 st.bytes += fdata->pkt_len;
1881 st_total.frames += 1;
1882 st_total.bytes += fdata->pkt_len;
1887 printf("%s[%" G_GINT64_FORMAT ",%u,%" G_GUINT64_FORMAT "]", sepa, idx, st.frames, st.bytes);
1891 printf("],\"last\":%" G_GINT64_FORMAT ",\"frames\":%u,\"bytes\":%" G_GUINT64_FORMAT "}\n", max_idx, st_total.frames, st_total.bytes);
1895 * sharkd_session_process_frame()
1897 * Process frame request
1900 * (m) frame - requested frame number
1901 * (o) proto - set if output frame tree
1902 * (o) columns - set if output frame columns
1903 * (o) bytes - set if output frame bytes
1905 * Output object with attributes:
1906 * (m) err - 0 if succeed
1907 * (o) tree - array of frame nodes with attributes:
1909 * t: 'proto', 'framenum', 'url' - type of node
1911 * e - subtree ett index
1912 * n - array of subtree nodes
1913 * h - two item array: (item start, item length)
1914 * i - two item array: (appendix start, appendix length)
1915 * p - [RESERVED] two item array: (protocol start, protocol length)
1916 * ds- data src index
1917 * url - only for t:'url', url
1918 * fnum - only for t:'framenum', frame number
1920 * (o) col - array of column data
1921 * (o) bytes - base64 of frame bytes
1922 * (o) ds - array of other data srcs
1923 * (o) fol - array of follow filters:
1925 * [1] - filter string
1928 sharkd_session_process_frame(char *buf, const jsmntok_t *tokens, int count)
1930 const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
1931 int tok_proto = (json_find_attr(buf, tokens, count, "proto") != NULL);
1932 int tok_bytes = (json_find_attr(buf, tokens, count, "bytes") != NULL);
1933 int tok_columns = (json_find_attr(buf, tokens, count, "columns") != NULL);
1937 if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
1940 sharkd_dissect_request(framenum, &sharkd_session_process_frame_cb, tok_bytes, tok_columns, tok_proto, NULL);
1944 * sharkd_session_process_check()
1946 * Process check request.
1949 * (o) filter - filter to be checked
1951 * Output object with attributes:
1952 * (m) err - always 0
1953 * (o) filter - 'ok', 'warn' or error message
1956 sharkd_session_process_check(char *buf, const jsmntok_t *tokens, int count)
1958 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
1960 printf("{\"err\":0");
1961 if (tok_filter != NULL)
1963 char *err_msg = NULL;
1966 if (dfilter_compile(tok_filter, &dfp, &err_msg))
1968 const char *s = "ok";
1970 if (dfilter_deprecated_tokens(dfp))
1973 printf(",\"filter\":\"%s\"", s);
1978 printf(",\"filter\":");
1979 json_puts_string(err_msg);
1988 struct sharkd_session_process_complete_pref_data
1996 sharkd_session_process_complete_pref_cb(module_t *module, gpointer d)
1998 struct sharkd_session_process_complete_pref_data *data = (struct sharkd_session_process_complete_pref_data *) d;
2000 if (strncmp(data->pref, module->name, strlen(data->pref)) != 0)
2003 printf("%s{\"f\":\"%s\",\"d\":\"%s\"}", data->sepa, module->name, module->title);
2010 sharkd_session_process_complete_pref_option_cb(pref_t *pref, gpointer d)
2012 struct sharkd_session_process_complete_pref_data *data = (struct sharkd_session_process_complete_pref_data *) d;
2013 const char *pref_name = prefs_get_name(pref);
2014 const char *pref_title = prefs_get_title(pref);
2016 if (strncmp(data->pref, pref_name, strlen(data->pref)) != 0)
2019 printf("%s{\"f\":\"%s.%s\",\"d\":\"%s\"}", data->sepa, data->module, pref_name, pref_title);
2022 return 0; /* continue */
2026 * sharkd_session_process_complete()
2028 * Process complete request
2031 * (o) field - field to be completed
2032 * (o) pref - preference to be completed
2034 * Output object with attributes:
2035 * (m) err - always 0
2036 * (o) field - array of object with attributes:
2037 * (m) f - field text
2038 * (o) t - field type (FT_ number)
2039 * (o) n - field name
2040 * (o) pref - array of object with attributes:
2042 * (o) d - pref description
2045 sharkd_session_process_complete(char *buf, const jsmntok_t *tokens, int count)
2047 const char *tok_field = json_find_attr(buf, tokens, count, "field");
2048 const char *tok_pref = json_find_attr(buf, tokens, count, "pref");
2050 printf("{\"err\":0");
2051 if (tok_field != NULL && tok_field[0])
2053 const size_t filter_length = strlen(tok_field);
2054 const int filter_with_dot = !!strchr(tok_field, '.');
2059 const char *sepa = "";
2061 printf(",\"field\":[");
2063 for (proto_id = proto_get_first_protocol(&proto_cookie); proto_id != -1; proto_id = proto_get_next_protocol(&proto_cookie))
2065 protocol_t *protocol = find_protocol_by_id(proto_id);
2066 const char *protocol_filter;
2067 const char *protocol_name;
2068 header_field_info *hfinfo;
2070 if (!proto_is_protocol_enabled(protocol))
2073 protocol_name = proto_get_protocol_long_name(protocol);
2074 protocol_filter = proto_get_protocol_filter_name(proto_id);
2076 if (strlen(protocol_filter) >= filter_length && !g_ascii_strncasecmp(tok_field, protocol_filter, filter_length))
2078 printf("%s{", sepa);
2081 json_puts_string(protocol_filter);
2082 printf(",\"t\":%d", FT_PROTOCOL);
2084 json_puts_string(protocol_name);
2090 if (!filter_with_dot)
2093 for (hfinfo = proto_get_first_protocol_field(proto_id, &field_cookie); hfinfo != NULL; hfinfo = proto_get_next_protocol_field(proto_id, &field_cookie))
2095 if (hfinfo->same_name_prev_id != -1) /* ignore duplicate names */
2098 if (strlen(hfinfo->abbrev) >= filter_length && !g_ascii_strncasecmp(tok_field, hfinfo->abbrev, filter_length))
2100 printf("%s{", sepa);
2103 json_puts_string(hfinfo->abbrev);
2105 /* XXX, skip displaying name, if there are multiple (to not confuse user) */
2106 if (hfinfo->same_name_next == NULL)
2108 printf(",\"t\":%d", hfinfo->type);
2110 json_puts_string(hfinfo->name);
2122 if (tok_pref != NULL && tok_pref[0])
2124 struct sharkd_session_process_complete_pref_data data;
2127 data.module = tok_pref;
2128 data.pref = tok_pref;
2131 printf(",\"pref\":[");
2133 if ((dot_sepa = strchr(tok_pref, '.')))
2137 *dot_sepa = '\0'; /* XXX, C abuse: discarding-const */
2138 data.pref = dot_sepa + 1;
2140 pref_mod = prefs_find_module(data.module);
2142 prefs_pref_foreach(pref_mod, sharkd_session_process_complete_pref_option_cb, &data);
2148 prefs_modules_foreach(sharkd_session_process_complete_pref_cb, &data);
2160 * sharkd_session_process_setconf()
2162 * Process setconf request
2165 * (m) name - preference name
2166 * (m) value - preference value
2168 * Output object with attributes:
2169 * (m) err - error code: 0 succeed
2172 sharkd_session_process_setconf(char *buf, const jsmntok_t *tokens, int count)
2174 const char *tok_name = json_find_attr(buf, tokens, count, "name");
2175 const char *tok_value = json_find_attr(buf, tokens, count, "value");
2178 prefs_set_pref_e ret;
2180 if (!tok_name || tok_name[0] == '\0' || !tok_value)
2183 ws_snprintf(pref, sizeof(pref), "%s:%s", tok_name, tok_value);
2185 ret = prefs_set_pref(pref);
2186 printf("{\"err\":%d}\n", ret);
2189 struct sharkd_session_process_dumpconf_data
2196 sharkd_session_process_dumpconf_cb(pref_t *pref, gpointer d)
2198 struct sharkd_session_process_dumpconf_data *data = (struct sharkd_session_process_dumpconf_data *) d;
2199 const char *pref_name = prefs_get_name(pref);
2201 printf("%s\"%s.%s\":{", data->sepa, data->module->name, pref_name);
2203 switch (prefs_get_type(pref))
2206 case PREF_DECODE_AS_UINT:
2207 printf("\"u\":%u", prefs_get_uint_value_real(pref, pref_current));
2208 if (prefs_get_uint_base(pref) != 10)
2209 printf(",\"ub\":%d", prefs_get_uint_base(pref));
2213 printf("\"b\":%s", prefs_get_bool_value(pref, pref_current) ? "1" : "0");
2218 json_puts_string(prefs_get_string_value(pref, pref_current));
2223 const enum_val_t *enums;
2224 const char *enum_sepa = "";
2227 for (enums = prefs_get_enumvals(pref); enums->name; enums++)
2229 printf("%s{\"v\":%d", enum_sepa, enums->value);
2231 if (enums->value == prefs_get_enum_value(pref, pref_current))
2235 json_puts_string(enums->description);
2245 case PREF_DECODE_AS_RANGE:
2247 char *range_str = range_convert_range(NULL, prefs_get_range_value_real(pref, pref_current));
2248 printf("\"r\":\"%s\"", range_str);
2249 wmem_free(NULL, range_str);
2256 case PREF_STATIC_TEXT:
2264 json_puts_string(prefs_get_title(pref));
2270 return 0; /* continue */
2274 sharkd_session_process_dumpconf_mod_cb(module_t *module, gpointer d)
2276 struct sharkd_session_process_dumpconf_data *data = (struct sharkd_session_process_dumpconf_data *) d;
2278 data->module = module;
2279 prefs_pref_foreach(module, sharkd_session_process_dumpconf_cb, data);
2285 * sharkd_session_process_dumpconf()
2287 * Process dumpconf request
2290 * (o) pref - module, or preference, NULL for all
2292 * Output object with attributes:
2293 * (o) prefs - object with module preferences
2294 * (m) [KEY] - preference name
2295 * (o) u - preference value (only for PREF_UINT)
2296 * (o) ub - preference value suggested base for display (only for PREF_UINT) and if different than 10
2297 * (o) b - preference value (only for PREF_BOOL) (1 true, 0 false)
2298 * (o) s - preference value (only for PREF_STRING)
2299 * (o) e - preference possible values (only for PREF_ENUM)
2300 * (o) r - preference value (only for PREF_RANGE)
2301 * (o) t - preference value (only for PREF_UAT)
2304 sharkd_session_process_dumpconf(char *buf, const jsmntok_t *tokens, int count)
2306 const char *tok_pref = json_find_attr(buf, tokens, count, "pref");
2312 struct sharkd_session_process_dumpconf_data data;
2317 printf("{\"prefs\":{");
2318 prefs_modules_foreach(sharkd_session_process_dumpconf_mod_cb, &data);
2323 if ((dot_sepa = strchr(tok_pref, '.')))
2325 pref_t *pref = NULL;
2327 *dot_sepa = '\0'; /* XXX, C abuse: discarding-const */
2328 pref_mod = prefs_find_module(tok_pref);
2330 pref = prefs_find_preference(pref_mod, dot_sepa + 1);
2335 struct sharkd_session_process_dumpconf_data data;
2337 data.module = pref_mod;
2340 printf("{\"prefs\":{");
2341 sharkd_session_process_dumpconf_cb(pref, &data);
2348 pref_mod = prefs_find_module(tok_pref);
2351 struct sharkd_session_process_dumpconf_data data;
2353 data.module = pref_mod;
2356 printf("{\"prefs\":{");
2357 prefs_pref_foreach(pref_mod, sharkd_session_process_dumpconf_cb, &data);
2363 * sharkd_session_process_download()
2365 * Process download request
2368 * (m) token - token to download
2370 * Output object with attributes:
2371 * (o) file - suggested name of file
2372 * (o) mime - suggested content type
2373 * (o) data - payload base64 encoded
2376 sharkd_session_process_download(char *buf, const jsmntok_t *tokens, int count)
2378 const char *tok_token = json_find_attr(buf, tokens, count, "token");
2383 if (!strncmp(tok_token, "eo:", 3))
2385 struct sharkd_export_object_list *object_list;
2386 const export_object_entry_t *eo_entry = NULL;
2388 for (object_list = sharkd_eo_list; object_list; object_list = object_list->next)
2390 size_t eo_type_len = strlen(object_list->type);
2392 if (!strncmp(tok_token, object_list->type, eo_type_len) && tok_token[eo_type_len] == '_')
2396 sscanf(&tok_token[eo_type_len + 1], "%d", &row);
2398 eo_entry = (export_object_entry_t *) g_slist_nth_data(object_list->entries, row);
2405 const char *mime = (eo_entry->content_type) ? eo_entry->content_type : "application/octet-stream";
2406 const char *filename = (eo_entry->filename) ? eo_entry->filename : tok_token;
2408 printf("{\"file\":");
2409 json_puts_string(filename);
2410 printf(",\"mime\":");
2411 json_puts_string(mime);
2412 printf(",\"data\":");
2413 json_print_base64(eo_entry->payload_data, (int) eo_entry->payload_len); /* XXX, export object will be truncated if >= 2^31 */
2420 sharkd_session_process(char *buf, const jsmntok_t *tokens, int count)
2424 /* sanity check, and split strings */
2425 if (count < 1 || tokens[0].type != JSMN_OBJECT)
2427 fprintf(stderr, "sanity check(1): [0] not object\n");
2431 /* don't need [0] token */
2437 fprintf(stderr, "sanity check(2): %d not even\n", count);
2441 for (i = 0; i < count; i += 2)
2443 if (tokens[i].type != JSMN_STRING)
2445 fprintf(stderr, "sanity check(3): [%d] not string\n", i);
2449 buf[tokens[i + 0].end] = '\0';
2450 buf[tokens[i + 1].end] = '\0';
2452 json_unescape_str(&buf[tokens[i + 0].start]);
2453 json_unescape_str(&buf[tokens[i + 1].start]);
2457 const char *tok_req = json_find_attr(buf, tokens, count, "req");
2461 fprintf(stderr, "sanity check(4): no \"req\".\n");
2465 if (!strcmp(tok_req, "load"))
2466 sharkd_session_process_load(buf, tokens, count);
2467 else if (!strcmp(tok_req, "status"))
2468 sharkd_session_process_status();
2469 else if (!strcmp(tok_req, "analyse"))
2470 sharkd_session_process_analyse();
2471 else if (!strcmp(tok_req, "info"))
2472 sharkd_session_process_info();
2473 else if (!strcmp(tok_req, "check"))
2474 sharkd_session_process_check(buf, tokens, count);
2475 else if (!strcmp(tok_req, "complete"))
2476 sharkd_session_process_complete(buf, tokens, count);
2477 else if (!strcmp(tok_req, "frames"))
2478 sharkd_session_process_frames(buf, tokens, count);
2479 else if (!strcmp(tok_req, "tap"))
2480 sharkd_session_process_tap(buf, tokens, count);
2481 else if (!strcmp(tok_req, "follow"))
2482 sharkd_session_process_follow(buf, tokens, count);
2483 else if (!strcmp(tok_req, "intervals"))
2484 sharkd_session_process_intervals(buf, tokens, count);
2485 else if (!strcmp(tok_req, "frame"))
2486 sharkd_session_process_frame(buf, tokens, count);
2487 else if (!strcmp(tok_req, "setconf"))
2488 sharkd_session_process_setconf(buf, tokens, count);
2489 else if (!strcmp(tok_req, "dumpconf"))
2490 sharkd_session_process_dumpconf(buf, tokens, count);
2491 else if (!strcmp(tok_req, "download"))
2492 sharkd_session_process_download(buf, tokens, count);
2493 else if (!strcmp(tok_req, "bye"))
2496 fprintf(stderr, "::: req = %s\n", tok_req);
2498 /* reply for every command are 0+ lines of JSON reply (outputed above), finished by empty new line */
2502 * We do an explicit fflush after every line, because
2503 * we want output to be written to the socket as soon
2504 * as the line is complete.
2506 * The stream is fully-buffered by default, so it's
2507 * only flushed when the buffer fills or the FILE *
2508 * is closed. On UN*X, we could set it to be line
2509 * buffered, but the MSVC standard I/O routines don't
2510 * support line buffering - they only support *byte*
2511 * buffering, doing a write for every byte written,
2512 * which is too inefficient, and full buffering,
2513 * which is what you get if you request line buffering.
2520 sharkd_session_main(void)
2522 char buf[16 * 1024];
2523 jsmntok_t *tokens = NULL;
2524 int tokens_max = -1;
2526 fprintf(stderr, "Hello in child.\n");
2528 while (fgets(buf, sizeof(buf), stdin))
2530 /* every command is line seperated JSON */
2533 ret = wsjsmn_parse(buf, NULL, 0);
2536 fprintf(stderr, "invalid JSON -> closing\n");
2540 /* fprintf(stderr, "JSON: %d tokens\n", ret); */
2543 if (tokens == NULL || tokens_max < ret)
2546 tokens = (jsmntok_t *) g_realloc(tokens, sizeof(jsmntok_t) * tokens_max);
2549 memset(tokens, 0, ret * sizeof(jsmntok_t));
2551 ret = wsjsmn_parse(buf, tokens, ret);
2554 fprintf(stderr, "invalid JSON(2) -> closing\n");
2558 sharkd_session_process(buf, tokens, ret);
2567 * Editor modelines - http://www.wireshark.org/tools/modelines.html
2572 * indent-tabs-mode: t
2575 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
2576 * :indentSize=8:tabSize=8:noTabs=false: