2 * Routines for capture options setting
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
34 #ifdef HAVE_SYS_TYPES_H
35 # include <sys/types.h>
38 #ifdef HAVE_NETINET_IN_H
39 #include <netinet/in.h>
42 #ifdef HAVE_ARPA_INET_H
43 #include <arpa/inet.h>
46 #ifdef HAVE_SYS_SOCKET_H
47 #include <sys/socket.h> /* needed to define AF_ values on UNIX */
50 #ifdef HAVE_WINSOCK2_H
51 #include <winsock2.h> /* needed to define AF_ values on Windows */
54 #ifdef NEED_INET_V6DEFS_H
55 # include "inet_v6defs.h"
60 #include <epan/packet.h>
63 #include "capture_opts.h"
64 #include "ringbuffer.h"
65 #include "clopts_common.h"
66 #include "cmdarg_err.h"
68 #include "capture-pcap-util.h"
69 #include <wiretap/file_util.h>
72 static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe);
76 capture_opts_init(capture_options *capture_opts, void *cfile)
78 capture_opts->cf = cfile;
79 capture_opts->cfilter = g_strdup(""); /* No capture filter string specified */
80 capture_opts->iface = NULL; /* Default is "pick the first interface" */
82 capture_opts->buffer_size = 1; /* 1 MB */
84 capture_opts->has_snaplen = FALSE;
85 capture_opts->snaplen = WTAP_MAX_PACKET_SIZE; /* snapshot length - default is
86 infinite, in effect */
87 capture_opts->promisc_mode = TRUE; /* promiscuous mode is the default */
88 capture_opts->linktype = -1; /* the default linktype */
89 capture_opts->saving_to_file = FALSE;
90 capture_opts->save_file = NULL;
91 capture_opts->real_time_mode = TRUE;
92 capture_opts->show_info = TRUE;
93 capture_opts->quit_after_cap = FALSE;
94 capture_opts->restart = FALSE;
96 capture_opts->multi_files_on = FALSE;
97 capture_opts->has_file_duration = FALSE;
98 capture_opts->file_duration = 60; /* 1 min */
99 capture_opts->has_ring_num_files = FALSE;
100 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
102 capture_opts->has_autostop_files = FALSE;
103 capture_opts->autostop_files = 1;
104 capture_opts->has_autostop_packets = FALSE;
105 capture_opts->autostop_packets = 0;
106 capture_opts->has_autostop_filesize = FALSE;
107 capture_opts->autostop_filesize = 1024; /* 1 MB */
108 capture_opts->has_autostop_duration = FALSE;
109 capture_opts->autostop_duration = 60; /* 1 min */
112 capture_opts->fork_child = -1; /* invalid process handle */
114 capture_opts->signal_pipe_write_fd = -1;
116 capture_opts->state = CAPTURE_STOPPED;
117 capture_opts->output_to_pipe = FALSE;
121 /* log content of capture_opts */
123 capture_opts_log(const char *log_domain, GLogLevelFlags log_level, capture_options *capture_opts) {
124 g_log(log_domain, log_level, "CAPTURE OPTIONS :");
125 g_log(log_domain, log_level, "CFile : 0x%p", capture_opts->cf);
126 g_log(log_domain, log_level, "Filter : %s", capture_opts->cfilter);
127 g_log(log_domain, log_level, "Interface : %s", capture_opts->iface);
129 g_log(log_domain, log_level, "BufferSize : %u (MB)", capture_opts->buffer_size);
131 g_log(log_domain, log_level, "SnapLen (%u): %u", capture_opts->has_snaplen, capture_opts->snaplen);
132 g_log(log_domain, log_level, "Promisc : %u", capture_opts->promisc_mode);
133 g_log(log_domain, log_level, "LinkType : %d", capture_opts->linktype);
134 g_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
135 g_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
136 g_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
137 g_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
138 g_log(log_domain, log_level, "QuitAfterCap : %u", capture_opts->quit_after_cap);
140 g_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
141 g_log(log_domain, log_level, "FileDuration (%u): %u", capture_opts->has_file_duration, capture_opts->file_duration);
142 g_log(log_domain, log_level, "RingNumFiles (%u): %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
144 g_log(log_domain, log_level, "AutostopFiles (%u): %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
145 g_log(log_domain, log_level, "AutostopPackets (%u): %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
146 g_log(log_domain, log_level, "AutostopFilesize(%u): %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
147 g_log(log_domain, log_level, "AutostopDuration(%u): %u", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
149 g_log(log_domain, log_level, "ForkChild : %d", capture_opts->fork_child);
151 g_log(log_domain, log_level, "SignalPipeWrite : %d", capture_opts->signal_pipe_write_fd);
156 * Given a string of the form "<autostop criterion>:<value>", as might appear
157 * as an argument to a "-a" option, parse it and set the criterion in
158 * question. Return an indication of whether it succeeded or failed
162 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
166 colonp = strchr(autostoparg, ':');
174 * Skip over any white space (there probably won't be any, but
175 * as we allow it in the preferences file, we might as well
178 while (isspace((guchar)*p))
182 * Put the colon back, so if our caller uses, in an
183 * error message, the string they passed us, the message
189 if (strcmp(autostoparg,"duration") == 0) {
190 capture_opts->has_autostop_duration = TRUE;
191 capture_opts->autostop_duration = get_positive_int(p,"autostop duration");
192 } else if (strcmp(autostoparg,"filesize") == 0) {
193 capture_opts->has_autostop_filesize = TRUE;
194 capture_opts->autostop_filesize = get_positive_int(p,"autostop filesize");
195 } else if (strcmp(autostoparg,"files") == 0) {
196 capture_opts->multi_files_on = TRUE;
197 capture_opts->has_autostop_files = TRUE;
198 capture_opts->autostop_files = get_positive_int(p,"autostop files");
202 *colonp = ':'; /* put the colon back */
207 * Given a string of the form "<ring buffer file>:<duration>", as might appear
208 * as an argument to a "-b" option, parse it and set the arguments in
209 * question. Return an indication of whether it succeeded or failed
213 get_ring_arguments(capture_options *capture_opts, const char *arg)
215 gchar *p = NULL, *colonp;
217 colonp = strchr(arg, ':');
225 * Skip over any white space (there probably won't be any, but
226 * as we allow it in the preferences file, we might as well
229 while (isspace((guchar)*p))
233 * Put the colon back, so if our caller uses, in an
234 * error message, the string they passed us, the message
241 if (strcmp(arg,"files") == 0) {
242 capture_opts->has_ring_num_files = TRUE;
243 capture_opts->ring_num_files = get_natural_int(p, "number of ring buffer files");
244 } else if (strcmp(arg,"filesize") == 0) {
245 capture_opts->has_autostop_filesize = TRUE;
246 capture_opts->autostop_filesize = get_positive_int(p, "ring buffer filesize");
247 } else if (strcmp(arg,"duration") == 0) {
248 capture_opts->has_file_duration = TRUE;
249 capture_opts->file_duration = get_positive_int(p, "ring buffer duration");
252 *colonp = ':'; /* put the colon back */
258 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg)
269 * If the argument is a number, treat it as an index into the list
270 * of adapters, as printed by "tshark -D".
272 * This should be OK on UNIX systems, as interfaces shouldn't have
273 * names that begin with digits. It can be useful on Windows, where
274 * more than one interface can have the same name.
276 adapter_index = strtol(optarg, &p, 10);
277 if (p != NULL && *p == '\0') {
278 if (adapter_index < 0) {
279 cmdarg_err("The specified adapter index is a negative number");
282 if (adapter_index > INT_MAX) {
283 cmdarg_err("The specified adapter index is too large (greater than %d)",
287 if (adapter_index == 0) {
288 cmdarg_err("There is no interface with that adapter index");
291 if_list = get_interface_list(&err, &err_str);
292 if (if_list == NULL) {
295 case CANT_GET_INTERFACE_LIST:
296 cmdarg_err("%s", err_str);
300 case NO_INTERFACES_FOUND:
301 cmdarg_err("There are no interfaces on which a capture can be done");
306 if_info = g_list_nth_data(if_list, adapter_index - 1);
307 if (if_info == NULL) {
308 cmdarg_err("There is no interface with that adapter index");
311 capture_opts->iface = g_strdup(if_info->name);
312 free_interface_list(if_list);
314 capture_opts->iface = g_strdup(optarg);
321 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg, gboolean *start_capture)
326 case 'a': /* autostop criteria */
327 if (set_autostop_criterion(capture_opts, optarg) == FALSE) {
328 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg);
332 case 'b': /* Ringbuffer option */
333 capture_opts->multi_files_on = TRUE;
334 if (get_ring_arguments(capture_opts, optarg) == FALSE) {
335 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg);
340 case 'B': /* Buffer size */
341 capture_opts->buffer_size = get_positive_int(optarg, "buffer size");
344 case 'c': /* Capture n packets */
345 capture_opts->has_autostop_packets = TRUE;
346 capture_opts->autostop_packets = get_positive_int(optarg, "packet count");
348 case 'f': /* capture filter */
349 if (capture_opts->has_cfilter) {
350 cmdarg_err("More than one -f argument specified");
353 capture_opts->has_cfilter = TRUE;
354 g_free(capture_opts->cfilter);
355 capture_opts->cfilter = g_strdup(optarg);
357 case 'H': /* Hide capture info dialog box */
358 capture_opts->show_info = FALSE;
360 case 'i': /* Use interface x */
361 status = capture_opts_add_iface_opt(capture_opts, optarg);
366 case 'k': /* Start capture immediately */
367 *start_capture = TRUE;
369 /*case 'l':*/ /* Automatic scrolling in live capture mode */
370 case 'p': /* Don't capture in promiscuous mode */
371 capture_opts->promisc_mode = FALSE;
373 case 'Q': /* Quit after capture (just capture to file) */
374 capture_opts->quit_after_cap = TRUE;
375 *start_capture = TRUE; /*** -Q implies -k !! ***/
377 case 's': /* Set the snapshot (capture) length */
378 capture_opts->has_snaplen = TRUE;
379 capture_opts->snaplen = get_positive_int(optarg, "snapshot length");
381 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
382 capture_opts->real_time_mode = TRUE;
384 case 'w': /* Write to capture file x */
385 capture_opts->saving_to_file = TRUE;
386 g_free(capture_opts->save_file);
387 #if defined _WIN32 && (GLIB_MAJOR_VERSION > 2 || (GLIB_MAJOR_VERSION == 2 && GLIB_MINOR_VERSION >= 6))
388 /* since GLib 2.6, we need to convert filenames to utf8 for Win32 */
389 capture_opts->save_file = g_locale_to_utf8(optarg, -1, NULL, NULL, NULL);
391 capture_opts->save_file = g_strdup(optarg);
393 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
396 case 'y': /* Set the pcap data link type */
397 #ifdef HAVE_PCAP_DATALINK_NAME_TO_VAL
398 capture_opts->linktype = linktype_name_to_val(optarg);
399 if (capture_opts->linktype == -1) {
400 cmdarg_err("The specified data link type \"%s\" isn't valid",
404 #else /* HAVE_PCAP_DATALINK_NAME_TO_VAL */
405 /* we can't get the type name, just treat it as a number */
406 capture_opts->linktype = get_natural_int(optarg, "data link type");
407 #endif /* HAVE_PCAP_DATALINK_NAME_TO_VAL */
410 /* the caller is responsible to send us only the right opt's */
411 g_assert_not_reached();
418 * If you change the output format of this function, you MUST update
419 * capture_sync.c:sync_linktype_list_open() accordingly!
422 capture_opts_list_link_layer_types(capture_options *capture_opts, gboolean machine_readable)
424 gchar *err_str, *desc_str;
425 GList *lt_list, *lt_entry;
426 data_link_info_t *data_link_info;
428 /* Get the list of link-layer types for the capture device. */
429 lt_list = get_pcap_linktype_list(capture_opts->iface, &err_str);
430 if (lt_list == NULL) {
431 if (err_str != NULL) {
432 cmdarg_err("The list of data link types for the capture device \"%s\" could not be obtained (%s)."
433 "Please check to make sure you have sufficient permissions, and that\n"
434 "you have the proper interface or pipe specified.\n", capture_opts->iface, err_str);
437 cmdarg_err("The capture device \"%s\" has no data link types.", capture_opts->iface);
440 if (machine_readable) { /* tab-separated values to stdout */
441 for (lt_entry = lt_list; lt_entry != NULL; lt_entry = g_list_next(lt_entry)) {
442 data_link_info = lt_entry->data;
443 if (data_link_info->description != NULL)
444 desc_str = data_link_info->description;
446 desc_str = "(not supported)";
447 printf("%d\t%s\t%s\n", data_link_info->dlt, data_link_info->name,
451 cmdarg_err_cont("Data link types (use option -y to set):");
452 for (lt_entry = lt_list; lt_entry != NULL;
453 lt_entry = g_list_next(lt_entry)) {
454 data_link_info = lt_entry->data;
455 cmdarg_err_cont(" %s", data_link_info->name);
456 if (data_link_info->description != NULL)
457 cmdarg_err_cont(" (%s)", data_link_info->description);
459 cmdarg_err_cont(" (not supported)");
463 free_pcap_linktype_list(lt_list);
468 /* Return an ASCII-formatted list of interfaces. */
469 #define ADDRSTRLEN 46 /* Covers IPv4 & IPv6 */
471 capture_opts_list_interfaces(gboolean machine_readable)
481 char addr_str[ADDRSTRLEN];
483 if_list = get_interface_list(&err, &err_str);
484 if (if_list == NULL) {
486 case CANT_GET_INTERFACE_LIST:
487 cmdarg_err("%s", err_str);
491 case NO_INTERFACES_FOUND:
492 cmdarg_err("There are no interfaces on which a capture can be done");
498 i = 1; /* Interface id number */
499 for (if_entry = g_list_first(if_list); if_entry != NULL;
500 if_entry = g_list_next(if_entry)) {
501 if_info = if_entry->data;
502 printf("%d. %s", i++, if_info->name);
504 if (!machine_readable) {
505 /* Add the description if it exists */
506 if (if_info->description != NULL)
507 printf(" (%s)", if_info->description);
510 * Add the contents of the if_entry struct in a parseable format.
511 * Each if_entry element is tab-separated. Addresses are comma-
514 /* XXX - Make sure our description doesn't contain a tab */
515 if (if_info->description != NULL)
516 printf("\t%s\t", if_info->description);
520 for(ip_addr = g_slist_nth(if_info->ip_addr, 0); ip_addr != NULL;
521 ip_addr = g_slist_next(ip_addr)) {
522 if (ip_addr != g_slist_nth(if_info->ip_addr, 0))
525 if_addr = ip_addr->data;
526 switch(if_addr->type) {
528 if (inet_ntop(AF_INET, &if_addr->ip_addr.ip4_addr, addr_str,
532 printf("<unknown IPv4>");
536 if (inet_ntop(AF_INET6, &if_addr->ip_addr.ip6_addr,
537 addr_str, ADDRSTRLEN)) {
540 printf("<unknown IPv6>");
544 printf("<type unknown %u>", if_addr->type);
548 if (if_info->loopback)
549 printf("\tloopback");
556 free_interface_list(if_list);
562 void capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
564 if (capture_opts->snaplen < 1)
565 capture_opts->snaplen = WTAP_MAX_PACKET_SIZE;
566 else if (capture_opts->snaplen < snaplen_min)
567 capture_opts->snaplen = snaplen_min;
571 void capture_opts_trim_ring_num_files(capture_options *capture_opts)
573 /* Check the value range of the ring_num_files parameter */
574 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES)
575 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
576 #if RINGBUFFER_MIN_NUM_FILES > 0
577 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
578 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
583 gboolean capture_opts_trim_iface(capture_options *capture_opts, const char *capture_device)
591 /* Did the user specify an interface to use? */
592 if (capture_opts->iface == NULL) {
593 /* No - is a default specified in the preferences file? */
594 if (capture_device != NULL) {
596 capture_opts->iface = g_strdup(capture_device);
598 /* No - pick the first one from the list of interfaces. */
599 if_list = get_interface_list(&err, &err_str);
600 if (if_list == NULL) {
603 case CANT_GET_INTERFACE_LIST:
604 cmdarg_err("%s", err_str);
608 case NO_INTERFACES_FOUND:
609 cmdarg_err("There are no interfaces on which a capture can be done");
614 if_info = if_list->data; /* first interface */
615 capture_opts->iface = g_strdup(if_info->name);
616 free_interface_list(if_list);
626 #define S_IFIFO _S_IFIFO
629 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
632 /* copied from filesystem.c */
633 static int capture_opts_test_for_fifo(const char *path)
637 if (eth_stat(path, &statb) < 0)
640 if (S_ISFIFO(statb.st_mode))
646 static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe)
652 if (save_file != NULL) {
653 /* We're writing to a capture file. */
654 if (strcmp(save_file, "-") == 0) {
655 /* Writing to stdout. */
656 /* XXX - should we check whether it's a pipe? It's arguably
657 silly to do "-w - >output_file" rather than "-w output_file",
658 but by not checking we might be violating the Principle Of
659 Least Astonishment. */
662 /* not writing to stdout, test for a FIFO (aka named pipe) */
663 err = capture_opts_test_for_fifo(save_file);
666 case ENOENT: /* it doesn't exist, so we'll be creating it,
667 and it won't be a FIFO */
668 case 0: /* found it, but it's not a FIFO */
671 case ESPIPE: /* it is a FIFO */
675 default: /* couldn't stat it */
676 cmdarg_err("Error testing whether capture file is a pipe: %s",
686 #endif /* HAVE_LIBPCAP */
git.samba.org / metze / wireshark / wip.git / blob