2 * Routines for capture options setting
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
38 #include <epan/packet.h>
39 #include <epan/prefs.h>
41 #include "capture_opts.h"
42 #include "ringbuffer.h"
44 #include <wsutil/clopts_common.h>
45 #include <wsutil/cmdarg_err.h>
46 #include <wsutil/file_util.h>
48 #include "caputils/capture_ifinfo.h"
49 #include "caputils/capture-pcap-util.h"
51 static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe);
55 capture_opts_init(capture_options *capture_opts)
57 capture_opts->ifaces = g_array_new(FALSE, FALSE, sizeof(interface_options));
58 capture_opts->all_ifaces = g_array_new(FALSE, FALSE, sizeof(interface_t));
59 capture_opts->num_selected = 0;
60 capture_opts->default_options.name = NULL;
61 capture_opts->default_options.descr = NULL;
62 capture_opts->default_options.cfilter = NULL;
63 capture_opts->default_options.has_snaplen = FALSE;
64 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE;
65 capture_opts->default_options.linktype = -1; /* use interface default */
66 capture_opts->default_options.promisc_mode = TRUE;
67 capture_opts->default_options.if_type = IF_WIRED;
69 capture_opts->default_options.extcap = NULL;
70 capture_opts->default_options.extcap_fifo = NULL;
71 capture_opts->default_options.extcap_args = NULL;
72 capture_opts->default_options.extcap_pid = INVALID_EXTCAP_PID;
74 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
75 capture_opts->default_options.buffer_size = DEFAULT_CAPTURE_BUFFER_SIZE;
77 capture_opts->default_options.monitor_mode = FALSE;
78 #ifdef HAVE_PCAP_REMOTE
79 capture_opts->default_options.src_type = CAPTURE_IFLOCAL;
80 capture_opts->default_options.remote_host = NULL;
81 capture_opts->default_options.remote_port = NULL;
82 capture_opts->default_options.auth_type = CAPTURE_AUTH_NULL;
83 capture_opts->default_options.auth_username = NULL;
84 capture_opts->default_options.auth_password = NULL;
85 capture_opts->default_options.datatx_udp = FALSE;
86 capture_opts->default_options.nocap_rpcap = TRUE;
87 capture_opts->default_options.nocap_local = FALSE;
89 #ifdef HAVE_PCAP_SETSAMPLING
90 capture_opts->default_options.sampling_method = CAPTURE_SAMP_NONE;
91 capture_opts->default_options.sampling_param = 0;
93 capture_opts->saving_to_file = FALSE;
94 capture_opts->save_file = NULL;
95 capture_opts->group_read_access = FALSE;
96 #ifdef PCAP_NG_DEFAULT
97 capture_opts->use_pcapng = TRUE; /* Save as pcap-ng by default */
99 capture_opts->use_pcapng = FALSE; /* Save as pcap by default */
101 capture_opts->real_time_mode = TRUE;
102 capture_opts->show_info = TRUE;
103 capture_opts->quit_after_cap = getenv("WIRESHARK_QUIT_AFTER_CAPTURE") ? TRUE : FALSE;
104 capture_opts->restart = FALSE;
105 capture_opts->orig_save_file = NULL;
107 capture_opts->multi_files_on = FALSE;
108 capture_opts->has_file_duration = FALSE;
109 capture_opts->file_duration = 60; /* 1 min */
110 capture_opts->has_ring_num_files = FALSE;
111 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
113 capture_opts->has_autostop_files = FALSE;
114 capture_opts->autostop_files = 1;
115 capture_opts->has_autostop_packets = FALSE;
116 capture_opts->autostop_packets = 0;
117 capture_opts->has_autostop_filesize = FALSE;
118 capture_opts->autostop_filesize = 1000; /* 1 MB */
119 capture_opts->has_autostop_duration = FALSE;
120 capture_opts->autostop_duration = 60; /* 1 min */
121 capture_opts->capture_comment = NULL;
123 capture_opts->output_to_pipe = FALSE;
124 capture_opts->capture_child = FALSE;
128 /* log content of capture_opts */
130 capture_opts_log(const char *log_domain, GLogLevelFlags log_level, capture_options *capture_opts) {
133 g_log(log_domain, log_level, "CAPTURE OPTIONS :");
135 for (i = 0; i < capture_opts->ifaces->len; i++) {
136 interface_options interface_opts;
138 interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
139 g_log(log_domain, log_level, "Interface name[%02d] : %s", i, interface_opts.name ? interface_opts.name : "(unspecified)");
140 g_log(log_domain, log_level, "Interface description[%02d] : %s", i, interface_opts.descr ? interface_opts.descr : "(unspecified)");
141 g_log(log_domain, log_level, "Console display name[%02d]: %s", i, interface_opts.console_display_name ? interface_opts.console_display_name : "(unspecified)");
142 g_log(log_domain, log_level, "Capture filter[%02d] : %s", i, interface_opts.cfilter ? interface_opts.cfilter : "(unspecified)");
143 g_log(log_domain, log_level, "Snap length[%02d] (%u) : %d", i, interface_opts.has_snaplen, interface_opts.snaplen);
144 g_log(log_domain, log_level, "Link Type[%02d] : %d", i, interface_opts.linktype);
145 g_log(log_domain, log_level, "Promiscuous Mode[%02d]: %s", i, interface_opts.promisc_mode?"TRUE":"FALSE");
147 g_log(log_domain, log_level, "Extcap[%02d] : %s", i, interface_opts.extcap ? interface_opts.extcap : "(unspecified)");
148 g_log(log_domain, log_level, "Extcap FIFO[%02d] : %s", i, interface_opts.extcap_fifo ? interface_opts.extcap_fifo : "(unspecified)");
149 g_log(log_domain, log_level, "Extcap PID[%02d] : %d", i, interface_opts.extcap_pid);
151 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
152 g_log(log_domain, log_level, "Buffer size[%02d] : %d (MB)", i, interface_opts.buffer_size);
154 g_log(log_domain, log_level, "Monitor Mode[%02d] : %s", i, interface_opts.monitor_mode?"TRUE":"FALSE");
155 #ifdef HAVE_PCAP_REMOTE
156 g_log(log_domain, log_level, "Capture source[%02d] : %s", i,
157 interface_opts.src_type == CAPTURE_IFLOCAL ? "Local interface" :
158 interface_opts.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
160 if (interface_opts.src_type == CAPTURE_IFREMOTE) {
161 g_log(log_domain, log_level, "Remote host[%02d] : %s", i, interface_opts.remote_host ? interface_opts.remote_host : "(unspecified)");
162 g_log(log_domain, log_level, "Remote port[%02d] : %s", i, interface_opts.remote_port ? interface_opts.remote_port : "(unspecified)");
164 g_log(log_domain, log_level, "Authentication[%02d] : %s", i,
165 interface_opts.auth_type == CAPTURE_AUTH_NULL ? "Null" :
166 interface_opts.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
168 if (interface_opts.auth_type == CAPTURE_AUTH_PWD) {
169 g_log(log_domain, log_level, "Auth username[%02d] : %s", i, interface_opts.auth_username ? interface_opts.auth_username : "(unspecified)");
170 g_log(log_domain, log_level, "Auth password[%02d] : <hidden>", i);
172 g_log(log_domain, log_level, "UDP data tfer[%02d] : %u", i, interface_opts.datatx_udp);
173 g_log(log_domain, log_level, "No cap. RPCAP[%02d] : %u", i, interface_opts.nocap_rpcap);
174 g_log(log_domain, log_level, "No cap. local[%02d] : %u", i, interface_opts.nocap_local);
176 #ifdef HAVE_PCAP_SETSAMPLING
177 g_log(log_domain, log_level, "Sampling meth.[%02d] : %d", i, interface_opts.sampling_method);
178 g_log(log_domain, log_level, "Sampling param.[%02d] : %d", i, interface_opts.sampling_param);
181 g_log(log_domain, log_level, "Interface name[df] : %s", capture_opts->default_options.name ? capture_opts->default_options.name : "(unspecified)");
182 g_log(log_domain, log_level, "Interface Descr[df] : %s", capture_opts->default_options.descr ? capture_opts->default_options.descr : "(unspecified)");
183 g_log(log_domain, log_level, "Capture filter[df] : %s", capture_opts->default_options.cfilter ? capture_opts->default_options.cfilter : "(unspecified)");
184 g_log(log_domain, log_level, "Snap length[df] (%u) : %d", capture_opts->default_options.has_snaplen, capture_opts->default_options.snaplen);
185 g_log(log_domain, log_level, "Link Type[df] : %d", capture_opts->default_options.linktype);
186 g_log(log_domain, log_level, "Promiscuous Mode[df]: %s", capture_opts->default_options.promisc_mode?"TRUE":"FALSE");
188 g_log(log_domain, log_level, "Extcap[df] : %s", capture_opts->default_options.extcap ? capture_opts->default_options.extcap : "(unspecified)");
189 g_log(log_domain, log_level, "Extcap FIFO[df] : %s", capture_opts->default_options.extcap_fifo ? capture_opts->default_options.extcap_fifo : "(unspecified)");
191 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
192 g_log(log_domain, log_level, "Buffer size[df] : %d (MB)", capture_opts->default_options.buffer_size);
194 g_log(log_domain, log_level, "Monitor Mode[df] : %s", capture_opts->default_options.monitor_mode?"TRUE":"FALSE");
195 #ifdef HAVE_PCAP_REMOTE
196 g_log(log_domain, log_level, "Capture source[df] : %s",
197 capture_opts->default_options.src_type == CAPTURE_IFLOCAL ? "Local interface" :
198 capture_opts->default_options.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
200 if (capture_opts->default_options.src_type == CAPTURE_IFREMOTE) {
201 g_log(log_domain, log_level, "Remote host[df] : %s", capture_opts->default_options.remote_host ? capture_opts->default_options.remote_host : "(unspecified)");
202 g_log(log_domain, log_level, "Remote port[df] : %s", capture_opts->default_options.remote_port ? capture_opts->default_options.remote_port : "(unspecified)");
204 g_log(log_domain, log_level, "Authentication[df] : %s",
205 capture_opts->default_options.auth_type == CAPTURE_AUTH_NULL ? "Null" :
206 capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
208 if (capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD) {
209 g_log(log_domain, log_level, "Auth username[df] : %s", capture_opts->default_options.auth_username ? capture_opts->default_options.auth_username : "(unspecified)");
210 g_log(log_domain, log_level, "Auth password[df] : <hidden>");
212 g_log(log_domain, log_level, "UDP data tfer[df] : %u", capture_opts->default_options.datatx_udp);
213 g_log(log_domain, log_level, "No cap. RPCAP[df] : %u", capture_opts->default_options.nocap_rpcap);
214 g_log(log_domain, log_level, "No cap. local[df] : %u", capture_opts->default_options.nocap_local);
216 #ifdef HAVE_PCAP_SETSAMPLING
217 g_log(log_domain, log_level, "Sampling meth. [df] : %d", capture_opts->default_options.sampling_method);
218 g_log(log_domain, log_level, "Sampling param.[df] : %d", capture_opts->default_options.sampling_param);
220 g_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
221 g_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
222 g_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
223 g_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
224 g_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
225 g_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
226 g_log(log_domain, log_level, "QuitAfterCap : %u", capture_opts->quit_after_cap);
228 g_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
229 g_log(log_domain, log_level, "FileDuration (%u) : %u", capture_opts->has_file_duration, capture_opts->file_duration);
230 g_log(log_domain, log_level, "RingNumFiles (%u) : %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
232 g_log(log_domain, log_level, "AutostopFiles (%u) : %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
233 g_log(log_domain, log_level, "AutostopPackets (%u) : %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
234 g_log(log_domain, log_level, "AutostopFilesize(%u) : %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
235 g_log(log_domain, log_level, "AutostopDuration(%u) : %u", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
239 * Given a string of the form "<autostop criterion>:<value>", as might appear
240 * as an argument to a "-a" option, parse it and set the criterion in
241 * question. Return an indication of whether it succeeded or failed
245 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
249 colonp = strchr(autostoparg, ':');
257 * Skip over any white space (there probably won't be any, but
258 * as we allow it in the preferences file, we might as well
261 while (g_ascii_isspace(*p))
265 * Put the colon back, so if our caller uses, in an
266 * error message, the string they passed us, the message
272 if (strcmp(autostoparg,"duration") == 0) {
273 capture_opts->has_autostop_duration = TRUE;
274 capture_opts->autostop_duration = get_positive_int(p,"autostop duration");
275 } else if (strcmp(autostoparg,"filesize") == 0) {
276 capture_opts->has_autostop_filesize = TRUE;
277 capture_opts->autostop_filesize = get_positive_int(p,"autostop filesize");
278 } else if (strcmp(autostoparg,"files") == 0) {
279 capture_opts->multi_files_on = TRUE;
280 capture_opts->has_autostop_files = TRUE;
281 capture_opts->autostop_files = get_positive_int(p,"autostop files");
285 *colonp = ':'; /* put the colon back */
290 * Given a string of the form "<ring buffer file>:<duration>", as might appear
291 * as an argument to a "-b" option, parse it and set the arguments in
292 * question. Return an indication of whether it succeeded or failed
296 get_ring_arguments(capture_options *capture_opts, const char *arg)
298 gchar *p = NULL, *colonp;
300 colonp = strchr(arg, ':');
308 * Skip over any white space (there probably won't be any, but
309 * as we allow it in the preferences file, we might as well
312 while (g_ascii_isspace(*p))
316 * Put the colon back, so if our caller uses, in an
317 * error message, the string they passed us, the message
324 if (strcmp(arg,"files") == 0) {
325 capture_opts->has_ring_num_files = TRUE;
326 capture_opts->ring_num_files = get_positive_int(p, "number of ring buffer files");
327 } else if (strcmp(arg,"filesize") == 0) {
328 capture_opts->has_autostop_filesize = TRUE;
329 capture_opts->autostop_filesize = get_positive_int(p, "ring buffer filesize");
330 } else if (strcmp(arg,"duration") == 0) {
331 capture_opts->has_file_duration = TRUE;
332 capture_opts->file_duration = get_positive_int(p, "ring buffer duration");
335 *colonp = ':'; /* put the colon back */
339 #ifdef HAVE_PCAP_SETSAMPLING
341 * Given a string of the form "<sampling type>:<value>", as might appear
342 * as an argument to a "-m" option, parse it and set the arguments in
343 * question. Return an indication of whether it succeeded or failed
347 get_sampling_arguments(capture_options *capture_opts, const char *arg)
349 gchar *p = NULL, *colonp;
351 colonp = strchr(arg, ':');
358 while (g_ascii_isspace(*p))
365 if (strcmp(arg, "count") == 0) {
366 if (capture_opts->ifaces->len > 0) {
367 interface_options interface_opts;
369 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
370 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
371 interface_opts.sampling_method = CAPTURE_SAMP_BY_COUNT;
372 interface_opts.sampling_param = get_positive_int(p, "sampling count");
373 g_array_append_val(capture_opts->ifaces, interface_opts);
375 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_COUNT;
376 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling count");
378 } else if (strcmp(arg, "timer") == 0) {
379 if (capture_opts->ifaces->len > 0) {
380 interface_options interface_opts;
382 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
383 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
384 interface_opts.sampling_method = CAPTURE_SAMP_BY_TIMER;
385 interface_opts.sampling_param = get_positive_int(p, "sampling timer");
386 g_array_append_val(capture_opts->ifaces, interface_opts);
388 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_TIMER;
389 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling timer");
397 #ifdef HAVE_PCAP_REMOTE
399 * Given a string of the form "<username>:<password>", as might appear
400 * as an argument to a "-A" option, parse it and set the arguments in
401 * question. Return an indication of whether it succeeded or failed
405 get_auth_arguments(capture_options *capture_opts, const char *arg)
407 gchar *p = NULL, *colonp;
409 colonp = strchr(arg, ':');
416 while (g_ascii_isspace(*p))
419 if (capture_opts->ifaces->len > 0) {
420 interface_options interface_opts;
422 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
423 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
424 interface_opts.auth_type = CAPTURE_AUTH_PWD;
425 interface_opts.auth_username = g_strdup(arg);
426 interface_opts.auth_password = g_strdup(p);
427 g_array_append_val(capture_opts->ifaces, interface_opts);
429 capture_opts->default_options.auth_type = CAPTURE_AUTH_PWD;
430 capture_opts->default_options.auth_username = g_strdup(arg);
431 capture_opts->default_options.auth_password = g_strdup(p);
439 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
447 interface_options interface_opts;
450 * If the argument is a number, treat it as an index into the list
451 * of adapters, as printed by "tshark -D".
453 * This should be OK on UNIX systems, as interfaces shouldn't have
454 * names that begin with digits. It can be useful on Windows, where
455 * more than one interface can have the same name.
457 adapter_index = strtol(optarg_str_p, &p, 10);
458 if (p != NULL && *p == '\0') {
459 if (adapter_index < 0) {
460 cmdarg_err("The specified adapter index is a negative number");
463 if (adapter_index > INT_MAX) {
464 cmdarg_err("The specified adapter index is too large (greater than %d)",
468 if (adapter_index == 0) {
469 cmdarg_err("There is no interface with that adapter index");
472 if_list = capture_interface_list(&err, &err_str, NULL);
473 if (if_list == NULL) {
475 cmdarg_err("There are no interfaces on which a capture can be done");
477 cmdarg_err("%s", err_str);
482 if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
483 if (if_info == NULL) {
484 cmdarg_err("There is no interface with that adapter index");
487 interface_opts.name = g_strdup(if_info->name);
488 if (if_info->friendly_name != NULL) {
490 * We have a friendly name for the interface, so display that
491 * instead of the interface name/guid.
493 * XXX - on UN*X, the interface name is not quite so ugly,
494 * and might be more familiar to users; display them both?
496 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
498 /* fallback to the interface name */
499 interface_opts.console_display_name = g_strdup(if_info->name);
501 free_interface_list(if_list);
502 } else if (capture_opts->capture_child) {
503 /* In Wireshark capture child mode, thus proper device name is supplied. */
504 /* No need for trying to match it for friendly names. */
505 interface_opts.name = g_strdup(optarg_str_p);
506 interface_opts.console_display_name = g_strdup(optarg_str_p);
509 * Retrieve the interface list so that we can search for the
510 * specified option amongst both the interface names and the
511 * friendly names and so that we find the friendly name even
512 * if an interface name was specified.
514 * If we can't get the list, just use the specified option as
515 * the interface name, so that the user can try specifying an
516 * interface explicitly for testing purposes.
518 if_list = capture_interface_list(&err, NULL, NULL);
519 if (if_list != NULL) {
520 /* try and do an exact match (case insensitive) */
525 for (if_entry = g_list_first(if_list); if_entry != NULL;
526 if_entry = g_list_next(if_entry))
528 if_info = (if_info_t *)if_entry->data;
529 /* exact name check */
530 if (g_ascii_strcasecmp(if_info->name, optarg_str_p) == 0) {
531 /* exact match on the interface name, use that for displaying etc */
532 interface_opts.name = g_strdup(if_info->name);
534 if (if_info->friendly_name != NULL) {
536 * If we have a friendly name, use that for the
537 * console display name, as it is the basis for
538 * the auto generated temp filename.
540 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
542 interface_opts.console_display_name = g_strdup(if_info->name);
548 /* exact friendly name check */
549 if (if_info->friendly_name != NULL &&
550 g_ascii_strcasecmp(if_info->friendly_name, optarg_str_p) == 0) {
551 /* exact match - use the friendly name for display */
552 interface_opts.name = g_strdup(if_info->name);
553 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
559 /* didn't find, attempt a case insensitive prefix match of the friendly name*/
561 size_t prefix_length;
563 prefix_length = strlen(optarg_str_p);
564 for (if_entry = g_list_first(if_list); if_entry != NULL;
565 if_entry = g_list_next(if_entry))
567 if_info = (if_info_t *)if_entry->data;
569 if (if_info->friendly_name != NULL &&
570 g_ascii_strncasecmp(if_info->friendly_name, optarg_str_p, prefix_length) == 0) {
571 /* prefix match - use the friendly name for display */
572 interface_opts.name = g_strdup(if_info->name);
573 interface_opts.console_display_name = g_strdup(if_info->friendly_name);
581 * We didn't find the interface in the list; just use
582 * the specified name, so that, for example, if an
583 * interface doesn't show up in the list for some
584 * reason, the user can try specifying it explicitly
585 * for testing purposes.
587 interface_opts.name = g_strdup(optarg_str_p);
588 interface_opts.console_display_name = g_strdup(optarg_str_p);
590 free_interface_list(if_list);
592 interface_opts.name = g_strdup(optarg_str_p);
593 interface_opts.console_display_name = g_strdup(optarg_str_p);
597 /* We don't set iface_descr here because doing so requires
598 * capture_ui_utils.c which requires epan/prefs.c which is
599 * probably a bit too much dependency for here...
601 interface_opts.descr = g_strdup(capture_opts->default_options.descr);
602 interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
603 interface_opts.snaplen = capture_opts->default_options.snaplen;
604 interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
605 interface_opts.linktype = capture_opts->default_options.linktype;
606 interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
607 interface_opts.if_type = capture_opts->default_options.if_type;
609 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
610 interface_opts.extcap_fifo = g_strdup(capture_opts->default_options.extcap_fifo);
611 interface_opts.extcap_args = NULL;
612 interface_opts.extcap_pid = INVALID_EXTCAP_PID;
614 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
615 interface_opts.buffer_size = capture_opts->default_options.buffer_size;
617 interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
618 #ifdef HAVE_PCAP_REMOTE
619 interface_opts.src_type = capture_opts->default_options.src_type;
620 interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
621 interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
622 interface_opts.auth_type = capture_opts->default_options.auth_type;
623 interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
624 interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
625 interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
626 interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
627 interface_opts.nocap_local = capture_opts->default_options.nocap_local;
629 #ifdef HAVE_PCAP_SETSAMPLING
630 interface_opts.sampling_method = capture_opts->default_options.sampling_method;
631 interface_opts.sampling_param = capture_opts->default_options.sampling_param;
634 g_array_append_val(capture_opts->ifaces, interface_opts);
641 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p, gboolean *start_capture)
646 case LONGOPT_NUM_CAP_COMMENT: /* capture comment */
647 if (capture_opts->capture_comment) {
648 cmdarg_err("--capture-comment can be set only once per file");
651 capture_opts->capture_comment = g_strdup(optarg_str_p);
653 case 'a': /* autostop criteria */
654 if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
655 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
659 #ifdef HAVE_PCAP_REMOTE
661 if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
662 cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
667 case 'b': /* Ringbuffer option */
668 capture_opts->multi_files_on = TRUE;
669 if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
670 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
674 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
675 case 'B': /* Buffer size */
676 if (capture_opts->ifaces->len > 0) {
677 interface_options interface_opts;
679 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
680 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
681 interface_opts.buffer_size = get_positive_int(optarg_str_p, "buffer size");
682 g_array_append_val(capture_opts->ifaces, interface_opts);
684 capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
688 case 'c': /* Capture n packets */
689 capture_opts->has_autostop_packets = TRUE;
690 capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
692 case 'f': /* capture filter */
693 if (capture_opts->ifaces->len > 0) {
694 interface_options interface_opts;
696 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
697 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
698 g_free(interface_opts.cfilter);
699 interface_opts.cfilter = g_strdup(optarg_str_p);
700 g_array_append_val(capture_opts->ifaces, interface_opts);
702 g_free(capture_opts->default_options.cfilter);
703 capture_opts->default_options.cfilter = g_strdup(optarg_str_p);
706 case 'g': /* enable group read access on the capture file(s) */
707 capture_opts->group_read_access = TRUE;
709 case 'H': /* Hide capture info dialog box */
710 capture_opts->show_info = FALSE;
712 case 'i': /* Use interface x */
713 status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
718 #ifdef HAVE_PCAP_CREATE
719 case 'I': /* Capture in monitor mode */
720 if (capture_opts->ifaces->len > 0) {
721 interface_options interface_opts;
723 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
724 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
725 interface_opts.monitor_mode = TRUE;
726 g_array_append_val(capture_opts->ifaces, interface_opts);
728 capture_opts->default_options.monitor_mode = TRUE;
732 case 'k': /* Start capture immediately */
733 *start_capture = TRUE;
735 /*case 'l':*/ /* Automatic scrolling in live capture mode */
736 #ifdef HAVE_PCAP_SETSAMPLING
738 if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
739 cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
744 case 'n': /* Use pcapng format */
745 capture_opts->use_pcapng = TRUE;
747 case 'p': /* Don't capture in promiscuous mode */
748 if (capture_opts->ifaces->len > 0) {
749 interface_options interface_opts;
751 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
752 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
753 interface_opts.promisc_mode = FALSE;
754 g_array_append_val(capture_opts->ifaces, interface_opts);
756 capture_opts->default_options.promisc_mode = FALSE;
759 case 'P': /* Use pcap format */
760 capture_opts->use_pcapng = FALSE;
762 #ifdef HAVE_PCAP_REMOTE
764 if (capture_opts->ifaces->len > 0) {
765 interface_options interface_opts;
767 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
768 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
769 interface_opts.nocap_rpcap = FALSE;
770 g_array_append_val(capture_opts->ifaces, interface_opts);
772 capture_opts->default_options.nocap_rpcap = FALSE;
776 case 's': /* Set the snapshot (capture) length */
777 snaplen = get_natural_int(optarg_str_p, "snapshot length");
779 * Make a snapshot length of 0 equivalent to the maximum packet
780 * length, mirroring what tcpdump does.
783 snaplen = WTAP_MAX_PACKET_SIZE;
784 if (capture_opts->ifaces->len > 0) {
785 interface_options interface_opts;
787 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
788 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
789 interface_opts.has_snaplen = TRUE;
790 interface_opts.snaplen = snaplen;
791 g_array_append_val(capture_opts->ifaces, interface_opts);
793 capture_opts->default_options.snaplen = snaplen;
794 capture_opts->default_options.has_snaplen = TRUE;
797 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
798 capture_opts->real_time_mode = TRUE;
800 #ifdef HAVE_PCAP_REMOTE
802 if (capture_opts->ifaces->len > 0) {
803 interface_options interface_opts;
805 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
806 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
807 interface_opts.datatx_udp = TRUE;
808 g_array_append_val(capture_opts->ifaces, interface_opts);
810 capture_opts->default_options.datatx_udp = TRUE;
814 case 'w': /* Write to capture file x */
815 capture_opts->saving_to_file = TRUE;
816 g_free(capture_opts->save_file);
817 capture_opts->save_file = g_strdup(optarg_str_p);
818 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
820 case 'y': /* Set the pcap data link type */
821 if (capture_opts->ifaces->len > 0) {
822 interface_options interface_opts;
824 interface_opts = g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
825 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, capture_opts->ifaces->len - 1);
826 interface_opts.linktype = linktype_name_to_val(optarg_str_p);
827 if (interface_opts.linktype == -1) {
828 cmdarg_err("The specified data link type \"%s\" isn't valid",
832 g_array_append_val(capture_opts->ifaces, interface_opts);
834 capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
835 if (capture_opts->default_options.linktype == -1) {
836 cmdarg_err("The specified data link type \"%s\" isn't valid",
843 /* the caller is responsible to send us only the right opt's */
844 g_assert_not_reached();
851 capture_opts_print_if_capabilities(if_capabilities_t *caps, char *name,
852 gboolean monitor_mode)
855 data_link_info_t *data_link_info;
857 if (caps->can_set_rfmon)
858 printf("Data link types of interface %s when %sin monitor mode (use option -y to set):\n",
859 name, monitor_mode ? "" : "not ");
861 printf("Data link types of interface %s (use option -y to set):\n", name);
862 for (lt_entry = caps->data_link_types; lt_entry != NULL;
863 lt_entry = g_list_next(lt_entry)) {
864 data_link_info = (data_link_info_t *)lt_entry->data;
865 printf(" %s", data_link_info->name);
866 if (data_link_info->description != NULL)
867 printf(" (%s)", data_link_info->description);
869 printf(" (not supported)");
874 /* Print an ASCII-formatted list of interfaces. */
876 capture_opts_print_interfaces(GList *if_list)
882 i = 1; /* Interface id number */
883 for (if_entry = g_list_first(if_list); if_entry != NULL;
884 if_entry = g_list_next(if_entry)) {
885 if_info = (if_info_t *)if_entry->data;
886 printf("%d. %s", i++, if_info->name);
888 /* Print the interface friendly name, if it exists;
889 if not fall back to vendor description, if it exists. */
890 if (if_info->friendly_name != NULL){
891 printf(" (%s)", if_info->friendly_name);
893 if (if_info->vendor_description != NULL)
894 printf(" (%s)", if_info->vendor_description);
902 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
905 interface_options interface_opts;
907 if (capture_opts->ifaces->len > 0) {
908 for (i = 0; i < capture_opts->ifaces->len; i++) {
909 interface_opts = g_array_index(capture_opts->ifaces, interface_options, 0);
910 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, 0);
911 if (interface_opts.snaplen < 1)
912 interface_opts.snaplen = WTAP_MAX_PACKET_SIZE;
913 else if (interface_opts.snaplen < snaplen_min)
914 interface_opts.snaplen = snaplen_min;
915 g_array_append_val(capture_opts->ifaces, interface_opts);
918 if (capture_opts->default_options.snaplen < 1)
919 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE;
920 else if (capture_opts->default_options.snaplen < snaplen_min)
921 capture_opts->default_options.snaplen = snaplen_min;
927 capture_opts_trim_ring_num_files(capture_options *capture_opts)
929 /* Check the value range of the ring_num_files parameter */
930 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
931 cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
932 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
933 } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
934 cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
936 #if RINGBUFFER_MIN_NUM_FILES > 0
937 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
938 cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
939 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
944 * If no interface was specified explicitly, pick a default.
947 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
948 const char *capture_device)
952 /* Did the user specify an interface to use? */
953 if (capture_opts->num_selected != 0 || capture_opts->ifaces->len != 0) {
954 /* yes they did, return immediately - nothing further to do here */
958 /* No - is a default specified in the preferences file? */
959 if (capture_device != NULL) {
961 status = capture_opts_add_iface_opt(capture_opts, capture_device);
964 /* No default in preferences file, just pick the first interface from the list of interfaces. */
965 return capture_opts_add_iface_opt(capture_opts, "1");
969 #define S_IFIFO _S_IFIFO
972 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
975 /* copied from filesystem.c */
977 capture_opts_test_for_fifo(const char *path)
981 if (ws_stat64(path, &statb) < 0)
984 if (S_ISFIFO(statb.st_mode))
991 capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe)
997 if (save_file != NULL) {
998 /* We're writing to a capture file. */
999 if (strcmp(save_file, "-") == 0) {
1000 /* Writing to stdout. */
1001 /* XXX - should we check whether it's a pipe? It's arguably
1002 silly to do "-w - >output_file" rather than "-w output_file",
1003 but by not checking we might be violating the Principle Of
1004 Least Astonishment. */
1007 /* not writing to stdout, test for a FIFO (aka named pipe) */
1008 err = capture_opts_test_for_fifo(save_file);
1011 case ENOENT: /* it doesn't exist, so we'll be creating it,
1012 and it won't be a FIFO */
1013 case 0: /* found it, but it's not a FIFO */
1016 case ESPIPE: /* it is a FIFO */
1020 default: /* couldn't stat it */
1021 break; /* ignore: later attempt to open */
1022 /* will generate a nice msg */
1031 capture_opts_del_iface(capture_options *capture_opts, guint if_index)
1033 interface_options interface_opts;
1035 interface_opts = g_array_index(capture_opts->ifaces, interface_options, if_index);
1036 /* XXX - check if found? */
1038 g_free(interface_opts.name);
1039 g_free(interface_opts.descr);
1040 if (interface_opts.console_display_name != NULL)
1041 g_free(interface_opts.console_display_name);
1042 g_free(interface_opts.cfilter);
1044 g_free(interface_opts.extcap);
1045 g_free(interface_opts.extcap_fifo);
1046 if (interface_opts.extcap_args)
1047 g_hash_table_unref(interface_opts.extcap_args);
1048 if (interface_opts.extcap_pid != INVALID_EXTCAP_PID)
1049 g_spawn_close_pid(interface_opts.extcap_pid);
1051 #ifdef HAVE_PCAP_REMOTE
1052 if (interface_opts.src_type == CAPTURE_IFREMOTE) {
1053 g_free(interface_opts.remote_host);
1054 g_free(interface_opts.remote_port);
1055 g_free(interface_opts.auth_username);
1056 g_free(interface_opts.auth_password);
1059 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, if_index);
1065 * Add all non-hidden selected interfaces in the "all interfaces" list
1066 * to the list of interfaces for the capture.
1069 collect_ifaces(capture_options *capture_opts)
1073 interface_options interface_opts;
1075 /* Empty out the existing list of interfaces. */
1076 for (i = capture_opts->ifaces->len; i != 0; i--)
1077 capture_opts_del_iface(capture_opts, i-1);
1079 /* Now fill the list up again. */
1080 for (i = 0; i < capture_opts->all_ifaces->len; i++) {
1081 device = g_array_index(capture_opts->all_ifaces, interface_t, i);
1082 if (!device.hidden && device.selected) {
1083 interface_opts.name = g_strdup(device.name);
1084 interface_opts.descr = g_strdup(device.display_name);
1085 interface_opts.console_display_name = g_strdup(device.name);
1086 interface_opts.linktype = device.active_dlt;
1087 interface_opts.cfilter = g_strdup(device.cfilter);
1088 interface_opts.snaplen = device.snaplen;
1089 interface_opts.has_snaplen = device.has_snaplen;
1090 interface_opts.promisc_mode = device.pmode;
1091 interface_opts.if_type = device.if_info.type;
1093 interface_opts.extcap = g_strdup(device.if_info.extcap);
1094 interface_opts.extcap_fifo = NULL;
1095 interface_opts.extcap_args = device.external_cap_args_settings;
1096 interface_opts.extcap_pid = INVALID_EXTCAP_PID;
1097 if (interface_opts.extcap_args)
1098 g_hash_table_ref(interface_opts.extcap_args);
1100 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
1101 interface_opts.buffer_size = device.buffer;
1103 #ifdef HAVE_PCAP_CREATE
1104 interface_opts.monitor_mode = device.monitor_mode_enabled;
1106 #ifdef HAVE_PCAP_REMOTE
1107 interface_opts.src_type = CAPTURE_IFREMOTE;
1108 interface_opts.remote_host = g_strdup(device.remote_opts.remote_host_opts.remote_host);
1109 interface_opts.remote_port = g_strdup(device.remote_opts.remote_host_opts.remote_port);
1110 interface_opts.auth_type = device.remote_opts.remote_host_opts.auth_type;
1111 interface_opts.auth_username = g_strdup(device.remote_opts.remote_host_opts.auth_username);
1112 interface_opts.auth_password = g_strdup(device.remote_opts.remote_host_opts.auth_password);
1113 interface_opts.datatx_udp = device.remote_opts.remote_host_opts.datatx_udp;
1114 interface_opts.nocap_rpcap = device.remote_opts.remote_host_opts.nocap_rpcap;
1115 interface_opts.nocap_local = device.remote_opts.remote_host_opts.nocap_local;
1117 #ifdef HAVE_PCAP_SETSAMPLING
1118 interface_opts.sampling_method = device.remote_opts.sampling_method;
1119 interface_opts.sampling_param = device.remote_opts.sampling_param;
1121 g_array_append_val(capture_opts->ifaces, interface_opts);
1129 #endif /* HAVE_LIBPCAP */
1132 * Editor modelines - http://www.wireshark.org/tools/modelines.html
1137 * indent-tabs-mode: nil
1140 * vi: set shiftwidth=4 tabstop=8 expandtab:
1141 * :indentSize=4:tabSize=8:noTabs=true:
git.samba.org / metze / wireshark / wip.git / blob