2 * capture info functions
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
8 * SPDX-License-Identifier: GPL-2.0+
17 #include <epan/packet.h>
18 #include <wiretap/wtap.h>
20 #include "capture_info.h"
22 #include <epan/capture_dissectors.h>
24 #include <wsutil/filesystem.h>
28 cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
32 static char errmsg_errno[1024+1];
38 case WTAP_ERR_NOT_REGULAR_FILE:
39 errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
42 case WTAP_ERR_FILE_UNKNOWN_FORMAT:
43 /* Seen only when opening a capture file for reading. */
44 errmsg = "The file \"%s\" isn't a capture file in a format Wireshark understands.";
47 case WTAP_ERR_UNSUPPORTED:
48 /* Seen only when opening a capture file for reading. */
49 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
50 "The file \"%%s\" contains record data that Wireshark doesn't support.\n"
51 "(%s)", err_info != NULL ? err_info : "no information supplied");
53 errmsg = errmsg_errno;
56 case WTAP_ERR_CANT_WRITE_TO_PIPE:
57 /* Seen only when opening a capture file for writing. */
58 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
59 "The file \"%%s\" is a pipe, and %s capture files can't be "
60 "written to a pipe.", wtap_file_type_subtype_string(file_type));
61 errmsg = errmsg_errno;
64 case WTAP_ERR_UNWRITABLE_FILE_TYPE:
65 /* Seen only when opening a capture file for writing. */
66 errmsg = "Wireshark doesn't support writing capture files in that format.";
69 case WTAP_ERR_UNWRITABLE_ENCAP:
70 /* Seen only when opening a capture file for writing. */
71 errmsg = "Wireshark can't save this capture in that format.";
74 case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
76 errmsg = "Wireshark can't save this capture in that format.";
78 errmsg = "The file \"%s\" is a capture for a network type that Wireshark doesn't support.";
81 case WTAP_ERR_BAD_FILE:
82 /* Seen only when opening a capture file for reading. */
83 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
84 "The file \"%%s\" appears to be damaged or corrupt.\n"
85 "(%s)", err_info != NULL ? err_info : "no information supplied");
87 errmsg = errmsg_errno;
90 case WTAP_ERR_CANT_OPEN:
92 errmsg = "The file \"%s\" could not be created for some unknown reason.";
94 errmsg = "The file \"%s\" could not be opened for some unknown reason.";
97 case WTAP_ERR_SHORT_READ:
98 errmsg = "The file \"%s\" appears to have been cut short"
99 " in the middle of a packet or other data.";
102 case WTAP_ERR_SHORT_WRITE:
103 errmsg = "A full header couldn't be written to the file \"%s\".";
106 case WTAP_ERR_DECOMPRESS:
107 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
108 "The compressed file \"%%s\" appears to be damaged or corrupt.\n"
109 "(%s)", err_info != NULL ? err_info : "no information supplied");
111 errmsg = errmsg_errno;
115 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
116 "The file \"%%s\" could not be %s: %s.",
117 for_writing ? "created" : "opened",
119 errmsg = errmsg_errno;
123 errmsg = file_open_error_message(err, for_writing);
127 /* new file arrived */
128 gboolean capture_info_new_file(const char *new_filename, info_data_t* cap_info)
135 if(cap_info->wtap != NULL) {
136 wtap_close(cap_info->wtap);
139 cap_info->wtap = wtap_open_offline(new_filename, WTAP_TYPE_AUTO, &err, &err_info, FALSE);
140 if (!cap_info->wtap) {
141 err_msg = g_strdup_printf(cf_open_error_message(err, err_info, FALSE, WTAP_FILE_TYPE_SUBTYPE_UNKNOWN),
143 g_warning("capture_info_new_file: %d (%s)", err, err_msg);
151 capture_info_packet(info_data_t* cap_info, gint wtap_linktype, const guchar *pd, guint32 caplen, union wtap_pseudo_header *pseudo_header)
153 capture_packet_info_t cpinfo;
155 /* Setup the capture packet structure */
156 cpinfo.counts = cap_info->counts.counts_hash;
158 cap_info->counts.total++;
159 if (!try_capture_dissector("wtap_encap", wtap_linktype, pd, 0, caplen, &cpinfo, pseudo_header))
160 cap_info->counts.other++;
163 /* new packets arrived */
164 void capture_info_new_packets(int to_read, info_data_t* cap_info)
169 struct wtap_pkthdr *phdr;
170 union wtap_pseudo_header *pseudo_header;
175 cap_info->ui.new_packets = to_read;
177 /*g_warning("new packets: %u", to_read);*/
179 while (to_read > 0) {
180 wtap_cleareof(cap_info->wtap);
181 if (wtap_read(cap_info->wtap, &err, &err_info, &data_offset)) {
182 phdr = wtap_phdr(cap_info->wtap);
183 pseudo_header = &phdr->pseudo_header;
184 wtap_linktype = phdr->pkt_encap;
185 buf = wtap_buf_ptr(cap_info->wtap);
187 capture_info_packet(cap_info, wtap_linktype, buf, phdr->caplen, pseudo_header);
189 /*g_warning("new packet");*/
194 capture_info_ui_update(&cap_info->ui);
199 void capture_info_close(info_data_t* cap_info)
201 capture_info_ui_destroy(&cap_info->ui);
203 wtap_close(cap_info->wtap);
206 #endif /* HAVE_LIBPCAP */
209 * Editor modelines - http://www.wireshark.org/tools/modelines.html
214 * indent-tabs-mode: nil
217 * vi: set shiftwidth=4 tabstop=8 expandtab:
218 * :indentSize=4:tabSize=8:noTabs=true: