2 * Capture options (all parameters needed to do the actual capture)
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 * Capture options (all parameters needed to do the actual capture)
30 #ifndef __CAPTURE_OPTS_H__
31 #define __CAPTURE_OPTS_H__
33 #ifdef HAVE_SYS_TYPES_H
34 # include <sys/types.h> /* for gid_t */
37 #include <caputils/capture_ifinfo.h>
41 #endif /* __cplusplus */
45 * We do not currently have long options corresponding to all short
46 * options; we should probably pick appropriate option names for them.
48 * For long options with no corresponding short options, we define values
49 * outside the range of ASCII graphic characters, make that the last
50 * component of the entry for the long option, and have a case for that
51 * option in the switch statement.
54 * for tshark, we're using a leading - in the optstring to prevent getopt()
55 * from permuting the argv[] entries, in this case, unknown argv[] entries
56 * will be returned as parameters to a dummy-option 1.
57 * In short: we must not use 1 here, which is another reason to use
58 * values outside the range of ASCII graphic characters.
60 #define LONGOPT_NUM_CAP_COMMENT 128
63 * Non-capture long-only options should start here, to avoid collision
64 * with capture options.
66 #define MIN_NON_CAPTURE_LONGOPT 129
67 #define LONGOPT_DISABLE_PROTOCOL 130
68 #define LONGOPT_ENABLE_HEURISTIC 131
69 #define LONGOPT_DISABLE_HEURISTIC 132
72 * Options for capturing common to all capturing programs.
74 #ifdef HAVE_PCAP_REMOTE
75 #define OPTSTRING_A "A:"
77 #define OPTSTRING_A ""
80 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
81 #define LONGOPT_BUFFER_SIZE \
82 {(char *)"buffer-size", required_argument, NULL, 'B'},
83 #define OPTSTRING_B "B:"
85 #define LONGOPT_BUFFER_SIZE
86 #define OPTSTRING_B ""
89 #ifdef HAVE_PCAP_CREATE
90 #define LONGOPT_MONITOR_MODE {(char *)"monitor-mode", no_argument, NULL, 'I'},
91 #define OPTSTRING_I "I"
93 #define LONGOPT_MONITOR_MODE
94 #define OPTSTRING_I ""
97 #define LONGOPT_CAPTURE_COMMON \
98 {(char *)"capture-comment", required_argument, NULL, LONGOPT_NUM_CAP_COMMENT}, \
99 {(char *)"autostop", required_argument, NULL, 'a'}, \
100 {(char *)"ring-buffer", required_argument, NULL, 'b'}, \
101 LONGOPT_BUFFER_SIZE \
102 {(char *)"list-interfaces", no_argument, NULL, 'D'}, \
103 {(char *)"interface", required_argument, NULL, 'i'}, \
104 LONGOPT_MONITOR_MODE \
105 {(char *)"list-data-link-types", no_argument, NULL, 'L'}, \
106 {(char *)"no-promiscuous-mode", no_argument, NULL, 'p'}, \
107 {(char *)"snapshot-length", required_argument, NULL, 's'}, \
108 {(char *)"linktype", required_argument, NULL, 'y'}, \
109 {(char *)"disable-protocol", required_argument, NULL, LONGOPT_DISABLE_PROTOCOL }, \
110 {(char *)"enable-heuristic", required_argument, NULL, LONGOPT_ENABLE_HEURISTIC }, \
111 {(char *)"disable-heuristic", required_argument, NULL, LONGOPT_DISABLE_HEURISTIC },
113 #define OPTSTRING_CAPTURE_COMMON \
114 "a:" OPTSTRING_A "b:" OPTSTRING_B "c:Df:i:" OPTSTRING_I "Lps:y:"
116 #ifdef HAVE_PCAP_REMOTE
117 /* Type of capture source */
119 CAPTURE_IFLOCAL, /**< Local network interface */
120 CAPTURE_IFREMOTE /**< Remote network interface */
123 /* Type of RPCAPD Authentication */
125 CAPTURE_AUTH_NULL, /**< No authentication */
126 CAPTURE_AUTH_PWD /**< User/password authentication */
129 #ifdef HAVE_PCAP_SETSAMPLING
131 * Method of packet sampling (dropping some captured packets),
132 * may require additional integer parameter, marked here as N
135 CAPTURE_SAMP_NONE, /**< No sampling - capture all packets */
136 CAPTURE_SAMP_BY_COUNT, /**< Counter-based sampling -
137 capture 1 packet from every N */
138 CAPTURE_SAMP_BY_TIMER /**< Timer-based sampling -
139 capture no more than 1 packet
144 #ifdef HAVE_PCAP_REMOTE
145 struct remote_host_info {
146 gchar *remote_host; /**< Host name or network address for remote capturing */
147 gchar *remote_port; /**< TCP port of remote RPCAP server */
148 gint auth_type; /**< Authentication type */
149 gchar *auth_username; /**< Remote authentication parameters */
150 gchar *auth_password; /**< Remote authentication parameters */
152 gboolean nocap_rpcap;
153 gboolean nocap_local;
157 gchar *r_host; /**< Host name or network address for remote capturing */
158 gchar *remote_port; /**< TCP port of remote RPCAP server */
159 gint auth_type; /**< Authentication type */
160 gchar *auth_username; /**< Remote authentication parameters */
161 gchar *auth_password; /**< Remote authentication parameters */
164 typedef struct remote_options_tag {
165 capture_source src_type;
166 struct remote_host_info remote_host_opts;
167 #ifdef HAVE_PCAP_SETSAMPLING
168 capture_sampling sampling_method;
172 #endif /* HAVE_PCAP_REMOTE */
174 typedef struct interface_tag {
177 gchar *friendly_name;
185 gboolean has_snaplen;
188 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
191 #ifdef HAVE_PCAP_CREATE
192 gboolean monitor_mode_enabled;
193 gboolean monitor_mode_supported;
195 #ifdef HAVE_PCAP_REMOTE
196 remote_options remote_opts;
198 guint32 last_packets;
205 /* External capture cached data */
206 GHashTable *external_cap_args_settings;
210 typedef struct link_row_tag {
216 #define INVALID_EXTCAP_PID INVALID_HANDLE_VALUE
218 #define INVALID_EXTCAP_PID (GPid)-1
221 typedef struct interface_options_tag {
222 gchar *name; /* the name of the interface provided to winpcap/libpcap to specify the interface */
224 gchar *console_display_name; /* the name displayed in the console, also the basis for autonamed pcap filenames */
226 gboolean has_snaplen;
229 gboolean promisc_mode;
230 interface_type if_type;
234 GHashTable *extcap_args;
235 GPid extcap_pid; /* pid of running process or INVALID_EXTCAP_PID */
236 guint extcap_child_watch;
238 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
241 gboolean monitor_mode;
242 #ifdef HAVE_PCAP_REMOTE
243 capture_source src_type;
246 capture_auth auth_type;
247 gchar *auth_username;
248 gchar *auth_password;
250 gboolean nocap_rpcap;
251 gboolean nocap_local;
253 #ifdef HAVE_PCAP_SETSAMPLING
254 capture_sampling sampling_method;
259 /** Capture options coming from user interface */
260 typedef struct capture_options_tag {
262 GArray *ifaces; /**< the interfaces to use for the
263 next capture, entries are of
264 type interface_options */
265 GArray *all_ifaces; /**< all interfaces, entries are
266 of type interface_t */
267 int ifaces_err; /**< if all_ifaces is null, the error
268 when it was fetched, if any */
269 gchar *ifaces_err_info; /**< error string for that error */
273 * Options to be applied to all interfaces.
275 * Some of these can be set from the GUI, others can't; setting
276 * the link-layer header type, for example, doesn't necessarily
277 * make sense, as different interfaces may support different sets
278 * of link-layer header types.
280 * Some that can't be set from the GUI can be set from the command
281 * line, by specifying them before any interface is specified.
282 * This includes the link-layer header type, so if somebody asks
283 * for a link-layer header type that an interface on which they're
284 * capturing doesn't support, we should report an error and fail
287 * These can be overridden per-interface.
289 interface_options default_options;
291 gboolean saving_to_file; /**< TRUE if capture is writing to a file */
292 gchar *save_file; /**< the capture file name */
293 gboolean group_read_access; /**< TRUE is group read permission needs to be set */
294 gboolean use_pcapng; /**< TRUE if file format is pcapng */
297 gboolean real_time_mode; /**< Update list of packets in real time */
298 gboolean show_info; /**< show the info dialog */
299 gboolean quit_after_cap; /**< Makes a "capture only mode". Implies -k */
300 gboolean restart; /**< restart after closing is done */
301 gchar *orig_save_file; /**< the original capture file name (saved for a restart) */
303 /* multiple files (and ringbuffer) */
304 gboolean multi_files_on; /**< TRUE if ring buffer in use */
306 gboolean has_file_duration; /**< TRUE if ring duration specified */
307 gint32 file_duration; /**< Switch file after n seconds */
308 gboolean has_ring_num_files; /**< TRUE if ring num_files specified */
309 guint32 ring_num_files; /**< Number of multiple buffer files */
311 /* autostop conditions */
312 gboolean has_autostop_files; /**< TRUE if maximum number of capture files
314 gint32 autostop_files; /**< Maximum number of capture files */
316 gboolean has_autostop_packets; /**< TRUE if maximum packet count is
318 int autostop_packets; /**< Maximum packet count */
319 gboolean has_autostop_filesize; /**< TRUE if maximum capture file size
321 guint32 autostop_filesize; /**< Maximum capture file size */
322 gboolean has_autostop_duration; /**< TRUE if maximum capture duration
324 gint32 autostop_duration; /**< Maximum capture duration */
326 gchar *capture_comment; /** capture comment to write to the
329 /* internally used (don't touch from outside) */
330 gboolean output_to_pipe; /**< save_file is a pipe (named or stdout) */
331 gboolean capture_child; /**< hidden option: Wireshark child mode */
334 /* initialize the capture_options with some reasonable values */
336 capture_opts_init(capture_options *capture_opts);
338 /* set a command line option value */
340 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg, gboolean *start_capture);
342 /* log content of capture_opts */
344 capture_opts_log(const char *log_domain, GLogLevelFlags log_level, capture_options *capture_opts);
346 /* print interface capabilities, including link layer types */
348 capture_opts_print_if_capabilities(if_capabilities_t *caps, char *name,
349 gboolean monitor_mode);
351 /* print list of interfaces */
353 capture_opts_print_interfaces(GList *if_list);
355 /* trim the snaplen entry */
357 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min);
359 /* trim the ring_num_files entry */
361 capture_opts_trim_ring_num_files(capture_options *capture_opts);
363 /* pick default interface if none was specified */
365 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
366 const char *capture_device);
369 capture_opts_del_iface(capture_options *capture_opts, guint if_index);
372 collect_ifaces(capture_options *capture_opts);
374 /* Default capture buffer size in Mbytes. */
375 #define DEFAULT_CAPTURE_BUFFER_SIZE 2
379 #endif /* __cplusplus */
381 #endif /* capture_opts.h */
384 * Editor modelines - http://www.wireshark.org/tools/modelines.html
389 * indent-tabs-mode: nil
392 * vi: set shiftwidth=4 tabstop=8 expandtab:
393 * :indentSize=4:tabSize=8:noTabs=true: