capture_info.c

   1 /* capture_info.c
   2  * capture info functions
   3  *
   4  * Wireshark - Network traffic analyzer
   5  * By Gerald Combs <gerald@wireshark.org>
   6  * Copyright 1998 Gerald Combs
   7  *
   8  * This program is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU General Public License
  10  * as published by the Free Software Foundation; either version 2
  11  * of the License, or (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22
  23 #include <config.h>
  24
  25 #ifdef HAVE_LIBPCAP
  26
  27 #include <glib.h>
  28
  29 #include <epan/packet.h>
  30 #include <wiretap/wtap.h>
  31
  32 #include "capture_info.h"
  33
  34 #include <epan/capture_dissectors.h>
  35
  36 #include <wsutil/filesystem.h>
  37
  38 /* open the info */
  39 void capture_info_open(capture_session *cap_session, info_data_t* cap_info)
  40 {
  41     if (cap_info->counts.counts_hash != NULL)
  42     {
  43         /* Clean up any previous lists of packet counts */
  44         g_hash_table_destroy(cap_info->counts.counts_hash);
  45     }
  46     cap_info->counts.counts_hash = g_hash_table_new_full( g_direct_hash, g_direct_equal, NULL, g_free );
  47     cap_info->counts.other = 0;
  48     cap_info->counts.total = 0;
  49
  50     cap_info->wtap = NULL;
  51     cap_info->ui.counts = &cap_info->counts;
  52
  53     capture_info_ui_create(&cap_info->ui, cap_session);
  54 }
  55
  56
  57 static const char *
  58 cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
  59                       int file_type)
  60 {
  61     const char *errmsg;
  62     static char errmsg_errno[1024+1];
  63
  64     if (err < 0) {
  65         /* Wiretap error. */
  66         switch (err) {
  67
  68         case WTAP_ERR_NOT_REGULAR_FILE:
  69             errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
  70             break;
  71
  72         case WTAP_ERR_FILE_UNKNOWN_FORMAT:
  73             /* Seen only when opening a capture file for reading. */
  74             errmsg = "The file \"%s\" isn't a capture file in a format Wireshark understands.";
  75             break;
  76
  77         case WTAP_ERR_UNSUPPORTED:
  78             /* Seen only when opening a capture file for reading. */
  79             g_snprintf(errmsg_errno, sizeof(errmsg_errno),
  80                        "The file \"%%s\" contains record data that Wireshark doesn't support.\n"
  81                        "(%s)", err_info != NULL ? err_info : "no information supplied");
  82             g_free(err_info);
  83             errmsg = errmsg_errno;
  84             break;
  85
  86         case WTAP_ERR_CANT_WRITE_TO_PIPE:
  87             /* Seen only when opening a capture file for writing. */
  88             g_snprintf(errmsg_errno, sizeof(errmsg_errno),
  89                        "The file \"%%s\" is a pipe, and %s capture files can't be "
  90                        "written to a pipe.", wtap_file_type_subtype_string(file_type));
  91             errmsg = errmsg_errno;
  92             break;
  93
  94         case WTAP_ERR_UNWRITABLE_FILE_TYPE:
  95             /* Seen only when opening a capture file for writing. */
  96             errmsg = "Wireshark doesn't support writing capture files in that format.";
  97             break;
  98
  99         case WTAP_ERR_UNWRITABLE_ENCAP:
 100             /* Seen only when opening a capture file for writing. */
 101             errmsg = "Wireshark can't save this capture in that format.";
 102             break;
 103
 104         case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
 105             if (for_writing)
 106                 errmsg = "Wireshark can't save this capture in that format.";
 107             else
 108                 errmsg = "The file \"%s\" is a capture for a network type that Wireshark doesn't support.";
 109             break;
 110
 111         case WTAP_ERR_BAD_FILE:
 112             /* Seen only when opening a capture file for reading. */
 113             g_snprintf(errmsg_errno, sizeof(errmsg_errno),
 114                        "The file \"%%s\" appears to be damaged or corrupt.\n"
 115                        "(%s)", err_info != NULL ? err_info : "no information supplied");
 116             g_free(err_info);
 117             errmsg = errmsg_errno;
 118             break;
 119
 120         case WTAP_ERR_CANT_OPEN:
 121             if (for_writing)
 122                 errmsg = "The file \"%s\" could not be created for some unknown reason.";
 123             else
 124                 errmsg = "The file \"%s\" could not be opened for some unknown reason.";
 125             break;
 126
 127         case WTAP_ERR_SHORT_READ:
 128             errmsg = "The file \"%s\" appears to have been cut short"
 129                 " in the middle of a packet or other data.";
 130             break;
 131
 132         case WTAP_ERR_SHORT_WRITE:
 133             errmsg = "A full header couldn't be written to the file \"%s\".";
 134             break;
 135
 136         case WTAP_ERR_DECOMPRESS:
 137             g_snprintf(errmsg_errno, sizeof(errmsg_errno),
 138                        "The compressed file \"%%s\" appears to be damaged or corrupt.\n"
 139                        "(%s)", err_info != NULL ? err_info : "no information supplied");
 140             g_free(err_info);
 141             errmsg = errmsg_errno;
 142             break;
 143
 144         default:
 145             g_snprintf(errmsg_errno, sizeof(errmsg_errno),
 146                        "The file \"%%s\" could not be %s: %s.",
 147                        for_writing ? "created" : "opened",
 148                        wtap_strerror(err));
 149             errmsg = errmsg_errno;
 150             break;
 151         }
 152     } else
 153         errmsg = file_open_error_message(err, for_writing);
 154     return errmsg;
 155 }
 156
 157 /* new file arrived */
 158 gboolean capture_info_new_file(const char *new_filename, info_data_t* cap_info)
 159 {
 160     int err;
 161     gchar *err_info;
 162     gchar *err_msg;
 163
 164
 165     if(cap_info->wtap != NULL) {
 166         wtap_close(cap_info->wtap);
 167     }
 168
 169     cap_info->wtap = wtap_open_offline(new_filename, WTAP_TYPE_AUTO, &err, &err_info, FALSE);
 170     if (!cap_info->wtap) {
 171         err_msg = g_strdup_printf(cf_open_error_message(err, err_info, FALSE, WTAP_FILE_TYPE_SUBTYPE_UNKNOWN),
 172                                   new_filename);
 173         g_warning("capture_info_new_file: %d (%s)", err, err_msg);
 174         g_free (err_msg);
 175         return FALSE;
 176     } else
 177         return TRUE;
 178 }
 179
 180 static void
 181 capture_info_packet(info_data_t* cap_info, gint wtap_linktype, const guchar *pd, guint32 caplen, union wtap_pseudo_header *pseudo_header)
 182 {
 183     capture_packet_info_t cpinfo;
 184
 185     /* Setup the capture packet structure */
 186     cpinfo.counts = cap_info->counts.counts_hash;
 187
 188     cap_info->counts.total++;
 189     if (!try_capture_dissector("wtap_encap", wtap_linktype, pd, 0, caplen, &cpinfo, pseudo_header))
 190         cap_info->counts.other++;
 191 }
 192
 193 /* new packets arrived */
 194 void capture_info_new_packets(int to_read, info_data_t* cap_info)
 195 {
 196     int err;
 197     gchar *err_info;
 198     gint64 data_offset;
 199     struct wtap_pkthdr *phdr;
 200     union wtap_pseudo_header *pseudo_header;
 201     int wtap_linktype;
 202     const guchar *buf;
 203
 204
 205     cap_info->ui.new_packets = to_read;
 206
 207     /*g_warning("new packets: %u", to_read);*/
 208
 209     while (to_read > 0) {
 210         wtap_cleareof(cap_info->wtap);
 211         if (wtap_read(cap_info->wtap, &err, &err_info, &data_offset)) {
 212             phdr = wtap_phdr(cap_info->wtap);
 213             pseudo_header = &phdr->pseudo_header;
 214             wtap_linktype = phdr->pkt_encap;
 215             buf = wtap_buf_ptr(cap_info->wtap);
 216
 217             capture_info_packet(cap_info, wtap_linktype, buf, phdr->caplen, pseudo_header);
 218
 219             /*g_warning("new packet");*/
 220             to_read--;
 221         }
 222     }
 223
 224     capture_info_ui_update(&cap_info->ui);
 225 }
 226
 227
 228 /* close the info */
 229 void capture_info_close(info_data_t* cap_info)
 230 {
 231     capture_info_ui_destroy(&cap_info->ui);
 232     if(cap_info->wtap)
 233         wtap_close(cap_info->wtap);
 234 }
 235
 236 #endif /* HAVE_LIBPCAP */
 237
 238 /*
 239  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
 240  *
 241  * Local variables:
 242  * c-basic-offset: 4
 243  * tab-width: 8
 244  * indent-tabs-mode: nil
 245  * End:
 246  *
 247  * vi: set shiftwidth=4 tabstop=8 expandtab:
 248  * :indentSize=4:tabSize=8:noTabs=true:
 249  */