2 * Routines for capture options setting
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
39 #include <epan/packet.h>
40 #include <epan/prefs.h>
42 #include "capture_opts.h"
43 #include "ringbuffer.h"
45 #include <wsutil/clopts_common.h>
46 #include <wsutil/cmdarg_err.h>
47 #include <wsutil/file_util.h>
49 #include "caputils/capture_ifinfo.h"
50 #include "caputils/capture-pcap-util.h"
52 static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe);
56 capture_opts_init(capture_options *capture_opts)
58 capture_opts->ifaces = g_array_new(FALSE, FALSE, sizeof(interface_options));
59 capture_opts->all_ifaces = g_array_new(FALSE, FALSE, sizeof(interface_t));
60 capture_opts->num_selected = 0;
61 capture_opts->default_options.name = NULL;
62 capture_opts->default_options.descr = NULL;
63 capture_opts->default_options.cfilter = NULL;
64 capture_opts->default_options.has_snaplen = FALSE;
65 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE;
66 capture_opts->default_options.linktype = -1; /* use interface default */
67 capture_opts->default_options.promisc_mode = TRUE;
68 capture_opts->default_options.if_type = IF_WIRED;
70 capture_opts->default_options.extcap = NULL;
71 capture_opts->default_options.extcap_fifo = NULL;
72 capture_opts->default_options.extcap_args = NULL;
73 capture_opts->default_options.extcap_pid = INVALID_EXTCAP_PID;
75 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
76 capture_opts->default_options.buffer_size = DEFAULT_CAPTURE_BUFFER_SIZE;
78 capture_opts->default_options.monitor_mode = FALSE;
79 #ifdef HAVE_PCAP_REMOTE
80 capture_opts->default_options.src_type = CAPTURE_IFLOCAL;
81 capture_opts->default_options.remote_host = NULL;
82 capture_opts->default_options.remote_port = NULL;
83 capture_opts->default_options.auth_type = CAPTURE_AUTH_NULL;
84 capture_opts->default_options.auth_username = NULL;
85 capture_opts->default_options.auth_password = NULL;
86 capture_opts->default_options.datatx_udp = FALSE;
87 capture_opts->default_options.nocap_rpcap = TRUE;
88 capture_opts->default_options.nocap_local = FALSE;
90 #ifdef HAVE_PCAP_SETSAMPLING
91 capture_opts->default_options.sampling_method = CAPTURE_SAMP_NONE;
92 capture_opts->default_options.sampling_param = 0;
94 capture_opts->saving_to_file = FALSE;
95 capture_opts->save_file = NULL;
96 capture_opts->group_read_access = FALSE;
97 #ifdef PCAP_NG_DEFAULT
98 capture_opts->use_pcapng = TRUE; /* Save as pcap-ng by default */
100 capture_opts->use_pcapng = FALSE; /* Save as pcap by default */
102 capture_opts->real_time_mode = TRUE;
103 capture_opts->show_info = TRUE;
104 capture_opts->quit_after_cap = getenv("WIRESHARK_QUIT_AFTER_CAPTURE") ? TRUE : FALSE;
105 capture_opts->restart = FALSE;
106 capture_opts->orig_save_file = NULL;
108 capture_opts->multi_files_on = FALSE;
109 capture_opts->has_file_duration = FALSE;
110 capture_opts->file_duration = 60; /* 1 min */
111 capture_opts->has_ring_num_files = FALSE;
112 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
114 capture_opts->has_autostop_files = FALSE;
115 capture_opts->autostop_files = 1;
116 capture_opts->has_autostop_packets = FALSE;
117 capture_opts->autostop_packets = 0;
118 capture_opts->has_autostop_filesize = FALSE;
119 capture_opts->autostop_filesize = 1000; /* 1 MB */
120 capture_opts->has_autostop_duration = FALSE;
121 capture_opts->autostop_duration = 60; /* 1 min */
122 capture_opts->capture_comment = NULL;
124 capture_opts->output_to_pipe = FALSE;
125 capture_opts->capture_child = FALSE;
129 /* log content of capture_opts */
131 capture_opts_log(const char *log_domain, GLogLevelFlags log_level, capture_options *capture_opts) {
134 g_log(log_domain, log_level, "CAPTURE OPTIONS :");
136 for (i = 0; i < capture_opts->ifaces->len; i++) {
137 interface_options interface_opts;
139 interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
140 g_log(log_domain, log_level, "Interface name[%02d] : %s", i, interface_opts.name ? interface_opts.name : "(unspecified)");
141 g_log(log_domain, log_level, "Interface description[%02d] : %s", i, interface_opts.descr ? interface_opts.descr : "(unspecified)");
142 g_log(log_domain, log_level, "Console display name[%02d]: %s", i, interface_opts.console_display_name ? interface_opts.console_display_name : "(unspecified)");
143 g_log(log_domain, log_level, "Capture filter[%02d] : %s", i, interface_opts.cfilter ? interface_opts.cfilter : "(unspecified)");
144 g_log(log_domain, log_level, "Snap length[%02d] (%u) : %d", i, interface_opts.has_snaplen, interface_opts.snaplen);
145 g_log(log_domain, log_level, "Link Type[%02d] : %d", i, interface_opts.linktype);
146 g_log(log_domain, log_level, "Promiscuous Mode[%02d]: %s", i, interface_opts.promisc_mode?"TRUE":"FALSE");
148 g_log(log_domain, log_level, "Extcap[%02d] : %s", i, interface_opts.extcap ? interface_opts.extcap : "(unspecified)");
149 g_log(log_domain, log_level, "Extcap FIFO[%02d] : %s", i, interface_opts.extcap_fifo ? interface_opts.extcap_fifo : "(unspecified)");
150 g_log(log_domain, log_level, "Extcap PID[%02d] : %d", i, interface_opts.extcap_pid);
152 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
153 g_log(log_domain, log_level, "Buffer size[%02d] : %d (MB)", i, interface_opts.buffer_size);
155 g_log(log_domain, log_level, "Monitor Mode[%02d] : %s", i, interface_opts.monitor_mode?"TRUE":"FALSE");
156 #ifdef HAVE_PCAP_REMOTE
157 g_log(log_domain, log_level, "Capture source[%02d] : %s", i,
158 interface_opts.src_type == CAPTURE_IFLOCAL ? "Local interface" :
159 interface_opts.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
161 if (interface_opts.src_type == CAPTURE_IFREMOTE) {
162 g_log(log_domain, log_level, "Remote host[%02d] : %s", i, interface_opts.remote_host ? interface_opts.remote_host : "(unspecified)");
163 g_log(log_domain, log_level, "Remote port[%02d] : %s", i, interface_opts.remote_port ? interface_opts.remote_port : "(unspecified)");
165 g_log(log_domain, log_level, "Authentication[%02d] : %s", i,
166 interface_opts.auth_type == CAPTURE_AUTH_NULL ? "Null" :
167 interface_opts.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
169 if (interface_opts.auth_type == CAPTURE_AUTH_PWD) {
170 g_log(log_domain, log_level, "Auth username[%02d] : %s", i, interface_opts.auth_username ? interface_opts.auth_username : "(unspecified)");
171 g_log(log_domain, log_level, "Auth password[%02d] : <hidden>", i);
173 g_log(log_domain, log_level, "UDP data tfer[%02d] : %u", i, interface_opts.datatx_udp);
174 g_log(log_domain, log_level, "No cap. RPCAP[%02d] : %u", i, interface_opts.nocap_rpcap);
175 g_log(log_domain, log_level, "No cap. local[%02d] : %u", i, interface_opts.nocap_local);
177 #ifdef HAVE_PCAP_SETSAMPLING
178 g_log(log_domain, log_level, "Sampling meth.[%02d] : %d", i, interface_opts.sampling_method);
179 g_log(log_domain, log_level, "Sampling param.[%02d] : %d", i, interface_opts.sampling_param);
182 g_log(log_domain, log_level, "Interface name[df] : %s", capture_opts->default_options.name ? capture_opts->default_options.name : "(unspecified)");
183 g_log(log_domain, log_level, "Interface Descr[df] : %s", capture_opts->default_options.descr ? capture_opts->default_options.descr : "(unspecified)");
184 g_log(log_domain, log_level, "Capture filter[df] : %s", capture_opts->default_options.cfilter ? capture_opts->default_options.cfilter : "(unspecified)");
185 g_log(log_domain, log_level, "Snap length[df] (%u) : %d", capture_opts->default_options.has_snaplen, capture_opts->default_options.snaplen);
186 g_log(log_domain, log_level, "Link Type[df] : %d", capture_opts->default_options.linktype);
187 g_log(log_domain, log_level, "Promiscuous Mode[df]: %s", capture_opts->default_options.promisc_mode?"TRUE":"FALSE");
189 g_log(log_domain, log_level, "Extcap[df] : %s", capture_opts->default_options.extcap ? capture_opts->default_options.extcap : "(unspecified)");
190 g_log(log_domain, log_level, "Extcap FIFO[df] : %s", capture_opts->default_options.extcap_fifo ? capture_opts->default_options.extcap_fifo : "(unspecified)");
192 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
193 g_log(log_domain, log_level, "Buffer size[df] : %d (MB)", capture_opts->default_options.buffer_size);
195 g_log(log_domain, log_level, "Monitor Mode[df] : %s", capture_opts->default_options.monitor_mode?"TRUE":"FALSE");
196 #ifdef HAVE_PCAP_REMOTE
197 g_log(log_domain, log_level, "Capture source[df] : %s",
198 capture_opts->default_options.src_type == CAPTURE_IFLOCAL ? "Local interface" :
199 capture_opts->default_options.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
201 if (capture_opts->default_options.src_type == CAPTURE_IFREMOTE) {
202 g_log(log_domain, log_level, "Remote host[df] : %s", capture_opts->default_options.remote_host ? capture_opts->default_options.remote_host : "(unspecified)");
203 g_log(log_domain, log_level, "Remote port[df] : %s", capture_opts->default_options.remote_port ? capture_opts->default_options.remote_port : "(unspecified)");
205 g_log(log_domain, log_level, "Authentication[df] : %s",
206 capture_opts->default_options.auth_type == CAPTURE_AUTH_NULL ? "Null" :
207 capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
209 if (capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD) {
210 g_log(log_domain, log_level, "Auth username[df] : %s", capture_opts->default_options.auth_username ? capture_opts->default_options.auth_username : "(unspecified)");
211 g_log(log_domain, log_level, "Auth password[df] : <hidden>");
213 g_log(log_domain, log_level, "UDP data tfer[df] : %u", capture_opts->default_options.datatx_udp);
214 g_log(log_domain, log_level, "No cap. RPCAP[df] : %u", capture_opts->default_options.nocap_rpcap);
215 g_log(log_domain, log_level, "No cap. local[df] : %u", capture_opts->default_options.nocap_local);
217 #ifdef HAVE_PCAP_SETSAMPLING
218 g_log(log_domain, log_level, "Sampling meth. [df] : %d", capture_opts->default_options.sampling_method);
219 g_log(log_domain, log_level, "Sampling param.[df] : %d", capture_opts->default_options.sampling_param);
221 g_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
222 g_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
223 g_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
224 g_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
225 g_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
226 g_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
227 g_log(log_domain, log_level, "QuitAfterCap : %u", capture_opts->quit_after_cap);
229 g_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
230 g_log(log_domain, log_level, "FileDuration (%u) : %u", capture_opts->has_file_duration, capture_opts->file_duration);
231 g_log(log_domain, log_level, "RingNumFiles (%u) : %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
233 g_log(log_domain, log_level, "AutostopFiles (%u) : %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
234 g_log(log_domain, log_level, "AutostopPackets (%u) : %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
235 g_log(log_domain, log_level, "AutostopFilesize(%u) : %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
236 g_log(log_domain, log_level, "AutostopDuration(%u) : %u", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
240 * Given a string of the form "<autostop criterion>:<value>", as might appear
241 * as an argument to a "-a" option, parse it and set the criterion in
242 * question. Return an indication of whether it succeeded or failed
246 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
250 colonp = strchr(autostoparg, ':');
258 * Skip over any white space (there probably won't be any, but
259 * as we allow it in the preferences file, we might as well
262 while (isspace((guchar)*p))
266 * Put the colon back, so if our caller uses, in an
267 * error message, the string they passed us, the message
273 if (strcmp(autostoparg,"duration") == 0) {
274 capture_opts->has_autostop_duration = TRUE;
275 capture_opts->autostop_duration = get_positive_int(p,"autostop duration");
276 } else if (strcmp(autostoparg,"filesize") == 0) {
277 capture_opts->has_autostop_filesize = TRUE;
278 capture_opts->autostop_filesize = get_positive_int(p,"autostop filesize");
279 } else if (strcmp(autostoparg,"files") == 0) {
280 capture_opts->multi_files_on = TRUE;
281 capture_opts->has_autostop_files = TRUE;
282 capture_opts->autostop_files = get_positive_int(p,"autostop files");
286 *colonp = ':'; /* put the colon back */
291 * Given a string of the form "<ring buffer file>:<duration>", as might appear
292 * as an argument to a "-b" option, parse it and set the arguments in
293 * question. Return an indication of whether it succeeded or failed
297 get_ring_arguments(capture_options *capture_opts, const char *arg)
299 gchar *p = NULL, *colonp;
301 colonp = strchr(arg, ':');
309 * Skip over any white space (there probably won't be any, but
310 * as we allow it in the preferences file, we might as well
313 while (isspace((guchar)*p))
317 * Put the colon back, so if our caller uses, in an
318 * error message, the string they passed us, the message
325 if (strcmp(arg,"files") == 0) {
326 capture_opts->has_ring_num_files = TRUE;
327 capture_opts->ring_num_files = get_positive_int(p, "number of ring buffer files");
328 } else if (strcmp(arg,"filesize") == 0) {
329 capture_opts->has_autostop_filesize = TRUE;
330 capture_opts->autostop_filesize = get_positive_int(p, "ring buffer filesize");
331 } else if (strcmp(arg,"duration") == 0) {
332 capture_opts->has_file_duration = TRUE;
333 capture_opts->file_duration = get_positive_int(p, "ring buffer duration");
336 *colonp = ':'; /* put the colon back */
340 #ifdef HAVE_PCAP_SETSAMPLING
342 * Given a string of the form "<sampling type>:<value>", as might appear
343 * as an argument to a "-m" option, parse it and set the arguments in
344 * question. Return an indication of whether it succeeded or failed
348 get_sampling_arguments(capture_options *capture_opts, const char *arg)
350 gchar *p = NULL, *colonp;
352 colonp = strchr(arg, ':');
359 while (isspace((guchar)*p))
366 if (strcmp(arg, "count") == 0) {
367 if (capture_opts->ifaces->len > 0) {
368 interface_options interface_opts;
370 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
371 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
372 interface_opts.sampling_method = CAPTURE_SAMP_BY_COUNT;
373 interface_opts.sampling_param = get_positive_int(p, "sampling count");
374 g_array_append_val(capture_opts->ifaces, interface_opts);
376 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_COUNT;
377 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling count");
379 } else if (strcmp(arg, "timer") == 0) {
380 if (capture_opts->ifaces->len > 0) {
381 interface_options interface_opts;
383 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
384 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
385 interface_opts.sampling_method = CAPTURE_SAMP_BY_TIMER;
386 interface_opts.sampling_param = get_positive_int(p, "sampling timer");
387 g_array_append_val(capture_opts->ifaces, interface_opts);
389 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_TIMER;
390 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling timer");
398 #ifdef HAVE_PCAP_REMOTE
400 * Given a string of the form "<username>:<password>", as might appear
401 * as an argument to a "-A" option, parse it and set the arguments in
402 * question. Return an indication of whether it succeeded or failed
406 get_auth_arguments(capture_options *capture_opts, const char *arg)
408 gchar *p = NULL, *colonp;
410 colonp = strchr(arg, ':');
417 while (isspace((guchar)*p))
420 if (capture_opts->ifaces->len > 0) {
421 interface_options interface_opts;
423 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
424 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
425 interface_opts.auth_type = CAPTURE_AUTH_PWD;
426 interface_opts.auth_username = g_strdup(arg);
427 interface_opts.auth_password = g_strdup(p);
428 g_array_append_val(capture_opts->ifaces, interface_opts);
430 capture_opts->default_options.auth_type = CAPTURE_AUTH_PWD;
431 capture_opts->default_options.auth_username = g_strdup(arg);
432 capture_opts->default_options.auth_password = g_strdup(p);
440 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
448 interface_options interface_opts;
451 * If the argument is a number, treat it as an index into the list
452 * of adapters, as printed by "tshark -D".
454 * This should be OK on UNIX systems, as interfaces shouldn't have
455 * names that begin with digits. It can be useful on Windows, where
456 * more than one interface can have the same name.
458 adapter_index = strtol(optarg_str_p, &p, 10);
459 if (p != NULL && *p == '\0') {
460 if (adapter_index < 0) {
461 cmdarg_err("The specified adapter index is a negative number");
464 if (adapter_index > INT_MAX) {
465 cmdarg_err("The specified adapter index is too large (greater than %d)",
469 if (adapter_index == 0) {
470 cmdarg_err("There is no interface with that adapter index");
473 if_list = capture_interface_list(&err, &err_str, NULL);
474 if (if_list == NULL) {
476 cmdarg_err("There are no interfaces on which a capture can be done");
478 cmdarg_err("%s", err_str);
483 if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
484 if (if_info == NULL) {
485 cmdarg_err("There is no interface with that adapter index");
488 interface_opts.name = g_strdup(if_info->name);
489 if (if_info->friendly_name != NULL) {
491 * We have a friendly name for the interface, so display that
492 * instead of the interface name/guid.
494 * XXX - on UN*X, the interface name is not quite so ugly,
495 * and might be more familiar to users; display them both?
497 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
499 /* fallback to the interface name */
500 interface_opts.console_display_name = g_strdup(if_info->name);
502 free_interface_list(if_list);
503 } else if (capture_opts->capture_child) {
504 /* In Wireshark capture child mode, thus proper device name is supplied. */
505 /* No need for trying to match it for friendly names. */
506 interface_opts.name = g_strdup(optarg_str_p);
507 interface_opts.console_display_name = g_strdup(optarg_str_p);
510 * Retrieve the interface list so that we can search for the
511 * specified option amongst both the interface names and the
512 * friendly names and so that we find the friendly name even
513 * if an interface name was specified.
515 * If we can't get the list, just use the specified option as
516 * the interface name, so that the user can try specifying an
517 * interface explicitly for testing purposes.
519 if_list = capture_interface_list(&err, NULL, NULL);
520 if (if_list != NULL) {
521 /* try and do an exact match (case insensitive) */
526 for (if_entry = g_list_first(if_list); if_entry != NULL;
527 if_entry = g_list_next(if_entry))
529 if_info = (if_info_t *)if_entry->data;
530 /* exact name check */
531 if (g_ascii_strcasecmp(if_info->name, optarg_str_p) == 0) {
532 /* exact match on the interface name, use that for displaying etc */
533 interface_opts.name = g_strdup(if_info->name);
535 if (if_info->friendly_name != NULL) {
537 * If we have a friendly name, use that for the
538 * console display name, as it is the basis for
539 * the auto generated temp filename.
541 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
543 interface_opts.console_display_name = g_strdup(if_info->name);
549 /* exact friendly name check */
550 if (if_info->friendly_name != NULL &&
551 g_ascii_strcasecmp(if_info->friendly_name, optarg_str_p) == 0) {
552 /* exact match - use the friendly name for display */
553 interface_opts.name = g_strdup(if_info->name);
554 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
560 /* didn't find, attempt a case insensitive prefix match of the friendly name*/
562 size_t prefix_length;
564 prefix_length = strlen(optarg_str_p);
565 for (if_entry = g_list_first(if_list); if_entry != NULL;
566 if_entry = g_list_next(if_entry))
568 if_info = (if_info_t *)if_entry->data;
570 if (if_info->friendly_name != NULL &&
571 g_ascii_strncasecmp(if_info->friendly_name, optarg_str_p, prefix_length) == 0) {
572 /* prefix match - use the friendly name for display */
573 interface_opts.name = g_strdup(if_info->name);
574 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
582 * We didn't find the interface in the list; just use
583 * the specified name, so that, for example, if an
584 * interface doesn't show up in the list for some
585 * reason, the user can try specifying it explicitly
586 * for testing purposes.
588 interface_opts.name = g_strdup(optarg_str_p);
589 interface_opts.console_display_name = g_strdup(optarg_str_p);
591 free_interface_list(if_list);
593 interface_opts.name = g_strdup(optarg_str_p);
594 interface_opts.console_display_name = g_strdup(optarg_str_p);
598 /* We don't set iface_descr here because doing so requires
599 * capture_ui_utils.c which requires epan/prefs.c which is
600 * probably a bit too much dependency for here...
602 interface_opts.descr = g_strdup(capture_opts->default_options.descr);
603 interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
604 interface_opts.snaplen = capture_opts->default_options.snaplen;
605 interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
606 interface_opts.linktype = capture_opts->default_options.linktype;
607 interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
608 interface_opts.if_type = capture_opts->default_options.if_type;
610 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
611 interface_opts.extcap_fifo = g_strdup(capture_opts->default_options.extcap_fifo);
612 interface_opts.extcap_args = NULL;
613 interface_opts.extcap_pid = INVALID_EXTCAP_PID;
615 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
616 interface_opts.buffer_size = capture_opts->default_options.buffer_size;
618 interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
619 #ifdef HAVE_PCAP_REMOTE
620 interface_opts.src_type = capture_opts->default_options.src_type;
621 interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
622 interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
623 interface_opts.auth_type = capture_opts->default_options.auth_type;
624 interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
625 interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
626 interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
627 interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
628 interface_opts.nocap_local = capture_opts->default_options.nocap_local;
630 #ifdef HAVE_PCAP_SETSAMPLING
631 interface_opts.sampling_method = capture_opts->default_options.sampling_method;
632 interface_opts.sampling_param = capture_opts->default_options.sampling_param;
635 g_array_append_val(capture_opts->ifaces, interface_opts);
642 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p, gboolean *start_capture)
647 case LONGOPT_NUM_CAP_COMMENT: /* capture comment */
648 if (capture_opts->capture_comment) {
649 cmdarg_err("--capture-comment can be set only once per file");
652 capture_opts->capture_comment = g_strdup(optarg_str_p);
654 case 'a': /* autostop criteria */
655 if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
656 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
660 #ifdef HAVE_PCAP_REMOTE
662 if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
663 cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
668 case 'b': /* Ringbuffer option */
669 capture_opts->multi_files_on = TRUE;
670 if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
671 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
675 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
676 case 'B': /* Buffer size */
677 if (capture_opts->ifaces->len > 0) {
678 interface_options interface_opts;
680 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
681 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
682 interface_opts.buffer_size = get_positive_int(optarg_str_p, "buffer size");
683 g_array_append_val(capture_opts->ifaces, interface_opts);
685 capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
689 case 'c': /* Capture n packets */
690 capture_opts->has_autostop_packets = TRUE;
691 capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
693 case 'f': /* capture filter */
694 if (capture_opts->ifaces->len > 0) {
695 interface_options interface_opts;
697 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
698 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
699 g_free(interface_opts.cfilter);
700 interface_opts.cfilter = g_strdup(optarg_str_p);
701 g_array_append_val(capture_opts->ifaces, interface_opts);
703 g_free(capture_opts->default_options.cfilter);
704 capture_opts->default_options.cfilter = g_strdup(optarg_str_p);
707 case 'g': /* enable group read access on the capture file(s) */
708 capture_opts->group_read_access = TRUE;
710 case 'H': /* Hide capture info dialog box */
711 capture_opts->show_info = FALSE;
713 case 'i': /* Use interface x */
714 status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
719 #ifdef HAVE_PCAP_CREATE
720 case 'I': /* Capture in monitor mode */
721 if (capture_opts->ifaces->len > 0) {
722 interface_options interface_opts;
724 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
725 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
726 interface_opts.monitor_mode = TRUE;
727 g_array_append_val(capture_opts->ifaces, interface_opts);
729 capture_opts->default_options.monitor_mode = TRUE;
733 case 'k': /* Start capture immediately */
734 *start_capture = TRUE;
736 /*case 'l':*/ /* Automatic scrolling in live capture mode */
737 #ifdef HAVE_PCAP_SETSAMPLING
739 if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
740 cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
745 case 'n': /* Use pcapng format */
746 capture_opts->use_pcapng = TRUE;
748 case 'p': /* Don't capture in promiscuous mode */
749 if (capture_opts->ifaces->len > 0) {
750 interface_options interface_opts;
752 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
753 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
754 interface_opts.promisc_mode = FALSE;
755 g_array_append_val(capture_opts->ifaces, interface_opts);
757 capture_opts->default_options.promisc_mode = FALSE;
760 case 'P': /* Use pcap format */
761 capture_opts->use_pcapng = FALSE;
763 #ifdef HAVE_PCAP_REMOTE
765 if (capture_opts->ifaces->len > 0) {
766 interface_options interface_opts;
768 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
769 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
770 interface_opts.nocap_rpcap = FALSE;
771 g_array_append_val(capture_opts->ifaces, interface_opts);
773 capture_opts->default_options.nocap_rpcap = FALSE;
777 case 's': /* Set the snapshot (capture) length */
778 snaplen = get_natural_int(optarg_str_p, "snapshot length");
780 * Make a snapshot length of 0 equivalent to the maximum packet
781 * length, mirroring what tcpdump does.
784 snaplen = WTAP_MAX_PACKET_SIZE;
785 if (capture_opts->ifaces->len > 0) {
786 interface_options interface_opts;
788 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
789 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
790 interface_opts.has_snaplen = TRUE;
791 interface_opts.snaplen = snaplen;
792 g_array_append_val(capture_opts->ifaces, interface_opts);
794 capture_opts->default_options.snaplen = snaplen;
795 capture_opts->default_options.has_snaplen = TRUE;
798 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
799 capture_opts->real_time_mode = TRUE;
801 #ifdef HAVE_PCAP_REMOTE
803 if (capture_opts->ifaces->len > 0) {
804 interface_options interface_opts;
806 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
807 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
808 interface_opts.datatx_udp = TRUE;
809 g_array_append_val(capture_opts->ifaces, interface_opts);
811 capture_opts->default_options.datatx_udp = TRUE;
815 case 'w': /* Write to capture file x */
816 capture_opts->saving_to_file = TRUE;
817 g_free(capture_opts->save_file);
818 capture_opts->save_file = g_strdup(optarg_str_p);
819 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
821 case 'y': /* Set the pcap data link type */
822 if (capture_opts->ifaces->len > 0) {
823 interface_options interface_opts;
825 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
826 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
827 interface_opts.linktype = linktype_name_to_val(optarg_str_p);
828 if (interface_opts.linktype == -1) {
829 cmdarg_err("The specified data link type \"%s\" isn't valid",
833 g_array_append_val(capture_opts->ifaces, interface_opts);
835 capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
836 if (capture_opts->default_options.linktype == -1) {
837 cmdarg_err("The specified data link type \"%s\" isn't valid",
844 /* the caller is responsible to send us only the right opt's */
845 g_assert_not_reached();
852 capture_opts_print_if_capabilities(if_capabilities_t *caps, char *name,
853 gboolean monitor_mode)
856 data_link_info_t *data_link_info;
858 if (caps->can_set_rfmon)
859 printf("Data link types of interface %s when %sin monitor mode (use option -y to set):\n",
860 name, monitor_mode ? "" : "not ");
862 printf("Data link types of interface %s (use option -y to set):\n", name);
863 for (lt_entry = caps->data_link_types; lt_entry != NULL;
864 lt_entry = g_list_next(lt_entry)) {
865 data_link_info = (data_link_info_t *)lt_entry->data;
866 printf(" %s", data_link_info->name);
867 if (data_link_info->description != NULL)
868 printf(" (%s)", data_link_info->description);
870 printf(" (not supported)");
875 /* Print an ASCII-formatted list of interfaces. */
877 capture_opts_print_interfaces(GList *if_list)
883 i = 1; /* Interface id number */
884 for (if_entry = g_list_first(if_list); if_entry != NULL;
885 if_entry = g_list_next(if_entry)) {
886 if_info = (if_info_t *)if_entry->data;
887 printf("%d. %s", i++, if_info->name);
889 /* Print the interface friendly name, if it exists;
890 if not fall back to vendor description, if it exists. */
891 if (if_info->friendly_name != NULL){
892 printf(" (%s)", if_info->friendly_name);
894 if (if_info->vendor_description != NULL)
895 printf(" (%s)", if_info->vendor_description);
903 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
906 interface_options interface_opts;
908 if (capture_opts->ifaces->len > 0) {
909 for (i = 0; i < capture_opts->ifaces->len; i++) {
910 interface_opts = g_array_index(capture_opts->ifaces, interface_options, 0);
911 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, 0);
912 if (interface_opts.snaplen < 1)
913 interface_opts.snaplen = WTAP_MAX_PACKET_SIZE;
914 else if (interface_opts.snaplen < snaplen_min)
915 interface_opts.snaplen = snaplen_min;
916 g_array_append_val(capture_opts->ifaces, interface_opts);
919 if (capture_opts->default_options.snaplen < 1)
920 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE;
921 else if (capture_opts->default_options.snaplen < snaplen_min)
922 capture_opts->default_options.snaplen = snaplen_min;
928 capture_opts_trim_ring_num_files(capture_options *capture_opts)
930 /* Check the value range of the ring_num_files parameter */
931 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
932 cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
933 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
934 } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
935 cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
937 #if RINGBUFFER_MIN_NUM_FILES > 0
938 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
939 cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
940 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
945 * If no interface was specified explicitly, pick a default.
948 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
949 const char *capture_device)
953 /* Did the user specify an interface to use? */
954 if (capture_opts->num_selected != 0 || capture_opts->ifaces->len != 0) {
955 /* yes they did, return immediately - nothing further to do here */
959 /* No - is a default specified in the preferences file? */
960 if (capture_device != NULL) {
962 status = capture_opts_add_iface_opt(capture_opts, capture_device);
965 /* No default in preferences file, just pick the first interface from the list of interfaces. */
966 return capture_opts_add_iface_opt(capture_opts, "1");
970 #define S_IFIFO _S_IFIFO
973 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
976 /* copied from filesystem.c */
978 capture_opts_test_for_fifo(const char *path)
982 if (ws_stat64(path, &statb) < 0)
985 if (S_ISFIFO(statb.st_mode))
992 capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe)
998 if (save_file != NULL) {
999 /* We're writing to a capture file. */
1000 if (strcmp(save_file, "-") == 0) {
1001 /* Writing to stdout. */
1002 /* XXX - should we check whether it's a pipe? It's arguably
1003 silly to do "-w - >output_file" rather than "-w output_file",
1004 but by not checking we might be violating the Principle Of
1005 Least Astonishment. */
1008 /* not writing to stdout, test for a FIFO (aka named pipe) */
1009 err = capture_opts_test_for_fifo(save_file);
1012 case ENOENT: /* it doesn't exist, so we'll be creating it,
1013 and it won't be a FIFO */
1014 case 0: /* found it, but it's not a FIFO */
1017 case ESPIPE: /* it is a FIFO */
1021 default: /* couldn't stat it */
1022 break; /* ignore: later attempt to open */
1023 /* will generate a nice msg */
1032 capture_opts_del_iface(capture_options *capture_opts, guint if_index)
1034 interface_options interface_opts;
1036 interface_opts = g_array_index(capture_opts->ifaces, interface_options, if_index);
1037 /* XXX - check if found? */
1039 g_free(interface_opts.name);
1040 g_free(interface_opts.descr);
1041 if (interface_opts.console_display_name != NULL)
1042 g_free(interface_opts.console_display_name);
1043 g_free(interface_opts.cfilter);
1045 g_free(interface_opts.extcap);
1046 g_free(interface_opts.extcap_fifo);
1047 if (interface_opts.extcap_args)
1048 g_hash_table_unref(interface_opts.extcap_args);
1049 if (interface_opts.extcap_pid != INVALID_EXTCAP_PID)
1050 g_spawn_close_pid(interface_opts.extcap_pid);
1052 #ifdef HAVE_PCAP_REMOTE
1053 if (interface_opts.src_type == CAPTURE_IFREMOTE) {
1054 g_free(interface_opts.remote_host);
1055 g_free(interface_opts.remote_port);
1056 g_free(interface_opts.auth_username);
1057 g_free(interface_opts.auth_password);
1060 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, if_index);
1066 * Add all non-hidden selected interfaces in the "all interfaces" list
1067 * to the list of interfaces for the capture.
1070 collect_ifaces(capture_options *capture_opts)
1074 interface_options interface_opts;
1076 /* Empty out the existing list of interfaces. */
1077 for (i = capture_opts->ifaces->len; i != 0; i--)
1078 capture_opts_del_iface(capture_opts, i-1);
1080 /* Now fill the list up again. */
1081 for (i = 0; i < capture_opts->all_ifaces->len; i++) {
1082 device = g_array_index(capture_opts->all_ifaces, interface_t, i);
1083 if (!device.hidden && device.selected) {
1084 interface_opts.name = g_strdup(device.name);
1085 interface_opts.descr = g_strdup(device.display_name);
1086 interface_opts.console_display_name = g_strdup(device.name);
1087 interface_opts.linktype = device.active_dlt;
1088 interface_opts.cfilter = g_strdup(device.cfilter);
1089 interface_opts.snaplen = device.snaplen;
1090 interface_opts.has_snaplen = device.has_snaplen;
1091 interface_opts.promisc_mode = device.pmode;
1092 interface_opts.if_type = device.if_info.type;
1094 interface_opts.extcap = g_strdup(device.if_info.extcap);
1095 interface_opts.extcap_fifo = NULL;
1096 interface_opts.extcap_args = device.external_cap_args_settings;
1097 interface_opts.extcap_pid = INVALID_EXTCAP_PID;
1098 if (interface_opts.extcap_args)
1099 g_hash_table_ref(interface_opts.extcap_args);
1101 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
1102 interface_opts.buffer_size = device.buffer;
1104 #ifdef HAVE_PCAP_CREATE
1105 interface_opts.monitor_mode = device.monitor_mode_enabled;
1107 #ifdef HAVE_PCAP_REMOTE
1108 interface_opts.src_type = CAPTURE_IFREMOTE;
1109 interface_opts.remote_host = g_strdup(device.remote_opts.remote_host_opts.remote_host);
1110 interface_opts.remote_port = g_strdup(device.remote_opts.remote_host_opts.remote_port);
1111 interface_opts.auth_type = device.remote_opts.remote_host_opts.auth_type;
1112 interface_opts.auth_username = g_strdup(device.remote_opts.remote_host_opts.auth_username);
1113 interface_opts.auth_password = g_strdup(device.remote_opts.remote_host_opts.auth_password);
1114 interface_opts.datatx_udp = device.remote_opts.remote_host_opts.datatx_udp;
1115 interface_opts.nocap_rpcap = device.remote_opts.remote_host_opts.nocap_rpcap;
1116 interface_opts.nocap_local = device.remote_opts.remote_host_opts.nocap_local;
1118 #ifdef HAVE_PCAP_SETSAMPLING
1119 interface_opts.sampling_method = device.remote_opts.sampling_method;
1120 interface_opts.sampling_param = device.remote_opts.sampling_param;
1122 g_array_append_val(capture_opts->ifaces, interface_opts);
1130 #endif /* HAVE_LIBPCAP */
git.samba.org / metze / wireshark / wip.git / blob