3 * Copyright (C) 2016 Jakub Zawadzki
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
9 * SPDX-License-Identifier: GPL-2.0-or-later
22 #include <wsutil/wsjson.h>
23 #include <wsutil/ws_printf.h>
24 #include <wsutil/json_dumper.h>
27 #include <epan/epan_dissect.h>
28 #include <epan/exceptions.h>
29 #include <epan/color_filters.h>
30 #include <epan/prefs.h>
31 #include <epan/prefs-int.h>
32 #include <epan/uat-int.h>
33 #include <wiretap/wtap.h>
35 #include <epan/column.h>
37 #include <ui/ssl_key_export.h>
39 #include <ui/io_graph_item.h>
40 #include <epan/stats_tree_priv.h>
41 #include <epan/stat_tap_ui.h>
42 #include <epan/conversation_table.h>
43 #include <epan/sequence_analysis.h>
44 #include <epan/expert.h>
45 #include <epan/export_object.h>
46 #include <epan/follow.h>
47 #include <epan/rtd_table.h>
48 #include <epan/srt_table.h>
50 #include <epan/dissectors/packet-h225.h>
51 #include <epan/rtp_pt.h>
52 #include <ui/voip_calls.h>
53 #include <ui/rtp_stream.h>
54 #include <ui/tap-rtp-common.h>
55 #include <ui/tap-rtp-analysis.h>
56 #include <epan/to_str.h>
58 #include <epan/addr_resolv.h>
59 #include <epan/dissectors/packet-rtp.h>
60 #include <ui/rtp_media.h>
62 # include <speex/speex_resampler.h>
64 # include <codecs/speex/speex_resampler.h>
65 #endif /* HAVE_SPEEXDSP */
67 #include <epan/maxmind_db.h>
69 #include <wsutil/pint.h>
70 #include <wsutil/strtoi.h>
76 struct sharkd_filter_item
78 guint8 *filtered; /* can be NULL if all frames are matching for given filter. */
81 static GHashTable *filter_table = NULL;
83 static json_dumper dumper = {0};
86 json_find_attr(const char *buf, const jsmntok_t *tokens, int count, const char *attr)
90 for (i = 0; i < count; i += 2)
92 const char *tok_attr = &buf[tokens[i + 0].start];
93 const char *tok_value = &buf[tokens[i + 1].start];
95 if (!strcmp(tok_attr, attr))
103 json_print_base64(const guint8 *data, size_t len)
105 json_dumper_begin_base64(&dumper);
106 json_dumper_write_base64(&dumper, data, len);
107 json_dumper_end_base64(&dumper);
110 static void G_GNUC_PRINTF(2, 3)
111 sharkd_json_value_anyf(const char *key, const char *format, ...)
114 json_dumper_set_member_name(&dumper, key);
118 va_start(ap, format);
119 json_dumper_value_va_list(&dumper, format, ap);
125 sharkd_json_value_string(const char *key, const char *str)
128 json_dumper_set_member_name(&dumper, key);
130 json_dumper_value_string(&dumper, str);
134 sharkd_json_value_base64(const char *key, const guint8 *data, size_t len)
137 json_dumper_set_member_name(&dumper, key);
138 json_print_base64(data, len);
141 static void G_GNUC_PRINTF(2, 3)
142 sharkd_json_value_stringf(const char *key, const char *format, ...)
145 json_dumper_set_member_name(&dumper, key);
149 va_start(ap, format);
150 char* sformat = g_strdup_printf("\"%s\"", format);
151 json_dumper_value_va_list(&dumper, sformat, ap);
158 sharkd_json_array_open(const char *key)
161 json_dumper_set_member_name(&dumper, key);
162 json_dumper_begin_array(&dumper);
166 sharkd_json_array_close(void)
168 json_dumper_end_array(&dumper);
172 sharkd_json_simple_reply(int err, const char *errmsg)
174 json_dumper_begin_object(&dumper);
175 sharkd_json_value_anyf("err", "%d", err);
177 sharkd_json_value_string("errmsg", errmsg);
179 json_dumper_end_object(&dumper);
180 json_dumper_finish(&dumper);
184 sharkd_session_filter_free(gpointer data)
186 struct sharkd_filter_item *l = (struct sharkd_filter_item *) data;
192 static const struct sharkd_filter_item *
193 sharkd_session_filter_data(const char *filter)
195 struct sharkd_filter_item *l;
197 l = (struct sharkd_filter_item *) g_hash_table_lookup(filter_table, filter);
200 guint8 *filtered = NULL;
202 int ret = sharkd_filter(filter, &filtered);
207 l = (struct sharkd_filter_item *) g_malloc(sizeof(struct sharkd_filter_item));
208 l->filtered = filtered;
210 g_hash_table_insert(filter_table, g_strdup(filter), l);
217 sharkd_rtp_match_init(rtpstream_id_t *id, const char *init_str)
219 gboolean ret = FALSE;
221 guint32 tmp_addr_src, tmp_addr_dst;
222 address tmp_src_addr, tmp_dst_addr;
224 memset(id, 0, sizeof(*id));
226 arr = g_strsplit(init_str, "_", 7); /* pass larger value, so we'll catch incorrect input :) */
227 if (g_strv_length(arr) != 5)
230 /* TODO, for now only IPv4 */
231 if (!get_host_ipaddr(arr[0], &tmp_addr_src))
234 if (!ws_strtou16(arr[1], NULL, &id->src_port))
237 if (!get_host_ipaddr(arr[2], &tmp_addr_dst))
240 if (!ws_strtou16(arr[3], NULL, &id->dst_port))
243 if (!ws_hexstrtou32(arr[4], NULL, &id->ssrc))
246 set_address(&tmp_src_addr, AT_IPv4, 4, &tmp_addr_src);
247 copy_address(&id->src_addr, &tmp_src_addr);
248 set_address(&tmp_dst_addr, AT_IPv4, 4, &tmp_addr_dst);
249 copy_address(&id->dst_addr, &tmp_dst_addr);
259 sharkd_session_process_info_nstat_cb(const void *key, void *value, void *userdata _U_)
261 stat_tap_table_ui *stat_tap = (stat_tap_table_ui *) value;
263 json_dumper_begin_object(&dumper);
264 sharkd_json_value_string("name", stat_tap->title);
265 sharkd_json_value_stringf("tap", "nstat:%s", (const char *) key);
266 json_dumper_end_object(&dumper);
272 sharkd_session_process_info_conv_cb(const void* key, void* value, void* userdata _U_)
274 struct register_ct *table = (struct register_ct *) value;
276 const char *label = (const char *) key;
278 if (get_conversation_packet_func(table))
280 json_dumper_begin_object(&dumper);
281 sharkd_json_value_stringf("name", "Conversation List/%s", label);
282 sharkd_json_value_stringf("tap", "conv:%s", label);
283 json_dumper_end_object(&dumper);
286 if (get_hostlist_packet_func(table))
288 json_dumper_begin_object(&dumper);
289 sharkd_json_value_stringf("name", "Endpoint/%s", label);
290 sharkd_json_value_stringf("tap", "endpt:%s", label);
291 json_dumper_end_object(&dumper);
297 sharkd_session_seq_analysis_cb(const void *key, void *value, void *userdata _U_)
299 register_analysis_t *analysis = (register_analysis_t *) value;
301 json_dumper_begin_object(&dumper);
302 sharkd_json_value_string("name", sequence_analysis_get_ui_name(analysis));
303 sharkd_json_value_stringf("tap", "seqa:%s", (const char *) key);
304 json_dumper_end_object(&dumper);
310 sharkd_export_object_visit_cb(const void *key _U_, void *value, void *user_data _U_)
312 register_eo_t *eo = (register_eo_t *) value;
314 const int proto_id = get_eo_proto_id(eo);
315 const char *filter = proto_get_protocol_filter_name(proto_id);
316 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
318 json_dumper_begin_object(&dumper);
319 sharkd_json_value_stringf("name", "Export Object/%s", label);
320 sharkd_json_value_stringf("tap", "eo:%s", filter);
321 json_dumper_end_object(&dumper);
327 sharkd_srt_visit_cb(const void *key _U_, void *value, void *user_data _U_)
329 register_srt_t *srt = (register_srt_t *) value;
331 const int proto_id = get_srt_proto_id(srt);
332 const char *filter = proto_get_protocol_filter_name(proto_id);
333 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
335 json_dumper_begin_object(&dumper);
336 sharkd_json_value_stringf("name", "Service Response Time/%s", label);
337 sharkd_json_value_stringf("tap", "srt:%s", filter);
338 json_dumper_end_object(&dumper);
344 sharkd_rtd_visit_cb(const void *key _U_, void *value, void *user_data _U_)
346 register_rtd_t *rtd = (register_rtd_t *) value;
348 const int proto_id = get_rtd_proto_id(rtd);
349 const char *filter = proto_get_protocol_filter_name(proto_id);
350 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
352 json_dumper_begin_object(&dumper);
353 sharkd_json_value_stringf("name", "Response Time Delay/%s", label);
354 sharkd_json_value_stringf("tap", "rtd:%s", filter);
355 json_dumper_end_object(&dumper);
361 sharkd_follower_visit_cb(const void *key _U_, void *value, void *user_data _U_)
363 register_follow_t *follower = (register_follow_t *) value;
365 const int proto_id = get_follow_proto_id(follower);
366 const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
367 const char *filter = label; /* correct: get_follow_by_name() is registered by short name */
369 json_dumper_begin_object(&dumper);
370 sharkd_json_value_stringf("name", "Follow/%s", label);
371 sharkd_json_value_stringf("tap", "follow:%s", filter);
372 json_dumper_end_object(&dumper);
378 * sharkd_session_process_info()
380 * Process info request
382 * Output object with attributes:
383 * (m) version - version number
385 * (m) columns - available column formats, array of object with attributes:
386 * 'name' - column name
387 * 'format' - column format-name
389 * (m) stats - available statistics, array of object with attributes:
390 * 'name' - statistic name
391 * 'tap' - sharkd tap-name for statistic
393 * (m) convs - available conversation list, array of object with attributes:
394 * 'name' - conversation name
395 * 'tap' - sharkd tap-name for conversation
397 * (m) eo - available export object list, array of object with attributes:
398 * 'name' - export object name
399 * 'tap' - sharkd tap-name for eo
401 * (m) srt - available service response time list, array of object with attributes:
402 * 'name' - service response time name
403 * 'tap' - sharkd tap-name for srt
405 * (m) rtd - available response time delay list, array of object with attributes:
406 * 'name' - response time delay name
407 * 'tap' - sharkd tap-name for rtd
409 * (m) seqa - available sequence analysis (flow) list, array of object with attributes:
410 * 'name' - sequence analysis name
411 * 'tap' - sharkd tap-name
413 * (m) taps - available taps, array of object with attributes:
415 * 'tap' - sharkd tap-name
417 * (m) follow - available followers, array of object with attributes:
419 * 'tap' - sharkd tap-name
421 * (m) ftypes - conversation table for FT_ number to string, array of FT_xxx strings.
423 * (m) nstat - available table-based taps, array of object with attributes:
425 * 'tap' - sharkd tap-name
429 sharkd_session_process_info(void)
433 json_dumper_begin_object(&dumper);
435 sharkd_json_array_open("columns");
436 for (i = 0; i < NUM_COL_FMTS; i++)
438 const char *col_format = col_format_to_string(i);
439 const char *col_descr = col_format_desc(i);
441 json_dumper_begin_object(&dumper);
442 sharkd_json_value_string("name", col_descr);
443 sharkd_json_value_string("format", col_format);
444 json_dumper_end_object(&dumper);
446 sharkd_json_array_close();
448 sharkd_json_array_open("stats");
450 GList *cfg_list = stats_tree_get_cfg_list();
453 for (l = cfg_list; l; l = l->next)
455 stats_tree_cfg *cfg = (stats_tree_cfg *) l->data;
457 json_dumper_begin_object(&dumper);
458 sharkd_json_value_string("name", cfg->name);
459 sharkd_json_value_stringf("tap", "stat:%s", cfg->abbr);
460 json_dumper_end_object(&dumper);
463 g_list_free(cfg_list);
465 sharkd_json_array_close();
467 sharkd_json_array_open("ftypes");
468 for (i = 0; i < FT_NUM_TYPES; i++)
469 sharkd_json_value_string(NULL, ftype_name((ftenum_t) i));
470 sharkd_json_array_close();
472 sharkd_json_value_string("version", sharkd_version());
474 sharkd_json_array_open("nstat");
476 stat_tap_iterate_tables(sharkd_session_process_info_nstat_cb, &i);
477 sharkd_json_array_close();
479 sharkd_json_array_open("convs");
481 conversation_table_iterate_tables(sharkd_session_process_info_conv_cb, &i);
482 sharkd_json_array_close();
484 sharkd_json_array_open("seqa");
486 sequence_analysis_table_iterate_tables(sharkd_session_seq_analysis_cb, &i);
487 sharkd_json_array_close();
489 sharkd_json_array_open("taps");
491 json_dumper_begin_object(&dumper);
492 sharkd_json_value_string("name", "RTP streams");
493 sharkd_json_value_string("tap", "rtp-streams");
494 json_dumper_end_object(&dumper);
496 json_dumper_begin_object(&dumper);
497 sharkd_json_value_string("name", "Expert Information");
498 sharkd_json_value_string("tap", "expert");
499 json_dumper_end_object(&dumper);
501 sharkd_json_array_close();
503 sharkd_json_array_open("eo");
505 eo_iterate_tables(sharkd_export_object_visit_cb, &i);
506 sharkd_json_array_close();
508 sharkd_json_array_open("srt");
510 srt_table_iterate_tables(sharkd_srt_visit_cb, &i);
511 sharkd_json_array_close();
513 sharkd_json_array_open("rtd");
515 rtd_table_iterate_tables(sharkd_rtd_visit_cb, &i);
516 sharkd_json_array_close();
518 sharkd_json_array_open("follow");
520 follow_iterate_followers(sharkd_follower_visit_cb, &i);
521 sharkd_json_array_close();
523 json_dumper_end_object(&dumper);
524 json_dumper_finish(&dumper);
528 * sharkd_session_process_load()
530 * Process load request
533 * (m) file - file to be loaded
535 * Output object with attributes:
536 * (m) err - error code
539 sharkd_session_process_load(const char *buf, const jsmntok_t *tokens, int count)
541 const char *tok_file = json_find_attr(buf, tokens, count, "file");
544 fprintf(stderr, "load: filename=%s\n", tok_file);
549 if (sharkd_cf_open(tok_file, WTAP_TYPE_AUTO, FALSE, &err) != CF_OK)
551 sharkd_json_simple_reply(err, NULL);
557 err = sharkd_load_cap_file();
559 CATCH(OutOfMemoryError)
561 fprintf(stderr, "load: OutOfMemoryError\n");
566 sharkd_json_simple_reply(err, NULL);
570 * sharkd_session_process_status()
572 * Process status request
574 * Output object with attributes:
575 * (m) frames - count of currently loaded frames
576 * (m) duration - time difference between time of first frame, and last loaded frame
577 * (o) filename - capture filename
578 * (o) filesize - capture filesize
581 sharkd_session_process_status(void)
583 json_dumper_begin_object(&dumper);
585 sharkd_json_value_anyf("frames", "%u", cfile.count);
586 sharkd_json_value_anyf("duration", "%.9f", nstime_to_sec(&cfile.elapsed_time));
590 char *name = g_path_get_basename(cfile.filename);
592 sharkd_json_value_string("filename", name);
596 if (cfile.provider.wth)
598 gint64 file_size = wtap_file_size(cfile.provider.wth, NULL);
601 sharkd_json_value_anyf("filesize", "%" G_GINT64_FORMAT, file_size);
604 json_dumper_end_object(&dumper);
605 json_dumper_finish(&dumper);
608 struct sharkd_analyse_data
610 GHashTable *protocols_set;
611 nstime_t *first_time;
616 sharkd_session_process_analyse_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
618 struct sharkd_analyse_data *analyser = (struct sharkd_analyse_data *) data;
619 packet_info *pi = &edt->pi;
620 frame_data *fdata = pi->fd;
626 if (analyser->first_time == NULL || nstime_cmp(&fdata->abs_ts, analyser->first_time) < 0)
627 analyser->first_time = &fdata->abs_ts;
629 if (analyser->last_time == NULL || nstime_cmp(&fdata->abs_ts, analyser->last_time) > 0)
630 analyser->last_time = &fdata->abs_ts;
634 wmem_list_frame_t *frame;
636 for (frame = wmem_list_head(pi->layers); frame; frame = wmem_list_frame_next(frame))
638 int proto_id = GPOINTER_TO_UINT(wmem_list_frame_data(frame));
640 if (!g_hash_table_lookup_extended(analyser->protocols_set, GUINT_TO_POINTER(proto_id), NULL, NULL))
642 g_hash_table_insert(analyser->protocols_set, GUINT_TO_POINTER(proto_id), GUINT_TO_POINTER(proto_id));
643 sharkd_json_value_string(NULL, proto_get_protocol_filter_name(proto_id));
651 * sharkd_session_process_status()
653 * Process analyse request
655 * Output object with attributes:
656 * (m) frames - count of currently loaded frames
657 * (m) protocols - protocol list
658 * (m) first - earliest frame time
659 * (m) last - latest frame time
662 sharkd_session_process_analyse(void)
664 unsigned int framenum;
665 struct sharkd_analyse_data analyser;
667 analyser.first_time = NULL;
668 analyser.last_time = NULL;
669 analyser.protocols_set = g_hash_table_new(NULL /* g_direct_hash() */, NULL /* g_direct_equal */);
671 json_dumper_begin_object(&dumper);
673 sharkd_json_value_anyf("frames", "%u", cfile.count);
675 sharkd_json_array_open("protocols");
676 for (framenum = 1; framenum <= cfile.count; framenum++)
677 sharkd_dissect_request(framenum, (framenum != 1) ? 1 : 0, framenum - 1, &sharkd_session_process_analyse_cb, SHARKD_DISSECT_FLAG_NULL, &analyser);
678 sharkd_json_array_close();
680 if (analyser.first_time)
681 sharkd_json_value_anyf("first", "%.9f", nstime_to_sec(analyser.first_time));
683 if (analyser.last_time)
684 sharkd_json_value_anyf("last", "%.9f", nstime_to_sec(analyser.last_time));
686 json_dumper_end_object(&dumper);
687 json_dumper_finish(&dumper);
689 g_hash_table_destroy(analyser.protocols_set);
693 sharkd_session_create_columns(column_info *cinfo, const char *buf, const jsmntok_t *tokens, int count)
695 const char *columns_custom[32];
696 guint16 columns_fmt[32];
697 gint16 columns_occur[32];
701 for (i = 0; i < 32; i++)
703 const char *tok_column;
704 char tok_column_name[64];
707 ws_snprintf(tok_column_name, sizeof(tok_column_name), "column%d", i);
708 tok_column = json_find_attr(buf, tokens, count, tok_column_name);
709 if (tok_column == NULL)
712 columns_custom[i] = NULL;
713 columns_occur[i] = 0;
715 if ((custom_sepa = strchr(tok_column, ':')))
717 *custom_sepa = '\0'; /* XXX, C abuse: discarding-const */
719 columns_fmt[i] = COL_CUSTOM;
720 columns_custom[i] = tok_column;
722 if (!ws_strtoi16(custom_sepa + 1, NULL, &columns_occur[i]))
727 if (!ws_strtou16(tok_column, NULL, &columns_fmt[i]))
730 if (columns_fmt[i] >= NUM_COL_FMTS)
733 /* if custom, that it shouldn't be just custom number -> error */
734 if (columns_fmt[i] == COL_CUSTOM)
741 col_setup(cinfo, cols);
743 for (i = 0; i < cols; i++)
745 col_item_t *col_item = &cinfo->columns[i];
747 col_item->col_fmt = columns_fmt[i];
748 col_item->col_title = NULL; /* no need for title */
750 if (col_item->col_fmt == COL_CUSTOM)
752 col_item->col_custom_fields = g_strdup(columns_custom[i]);
753 col_item->col_custom_occurrence = columns_occur[i];
756 col_item->col_fence = 0;
765 * sharkd_session_process_frames()
767 * Process frames request
770 * (o) column0...columnXX - requested columns either number in range [0..NUM_COL_FMTS), or custom (syntax <dfilter>:<occurence>).
771 * If column0 is not specified default column set will be used.
772 * (o) filter - filter to be used
773 * (o) skip=N - skip N frames
774 * (o) limit=N - show only N frames
775 * (o) refs - list (comma separated) with sorted time reference frame numbers.
777 * Output array of frames with attributes:
778 * (m) c - array of column data
779 * (m) num - frame number
780 * (o) i - if frame is ignored
781 * (o) m - if frame is marked
782 * (o) ct - if frame is commented
783 * (o) bg - color filter - background color in hex
784 * (o) fg - color filter - foreground color in hex
787 sharkd_session_process_frames(const char *buf, const jsmntok_t *tokens, int count)
789 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
790 const char *tok_column = json_find_attr(buf, tokens, count, "column0");
791 const char *tok_skip = json_find_attr(buf, tokens, count, "skip");
792 const char *tok_limit = json_find_attr(buf, tokens, count, "limit");
793 const char *tok_refs = json_find_attr(buf, tokens, count, "refs");
795 const guint8 *filter_data = NULL;
799 guint32 framenum, prev_dis_num = 0;
800 guint32 current_ref_frame = 0, next_ref_frame = G_MAXUINT32;
804 column_info *cinfo = &cfile.cinfo;
805 column_info user_cinfo;
809 memset(&user_cinfo, 0, sizeof(user_cinfo));
810 cinfo = sharkd_session_create_columns(&user_cinfo, buf, tokens, count);
817 const struct sharkd_filter_item *filter_item;
819 filter_item = sharkd_session_filter_data(tok_filter);
822 filter_data = filter_item->filtered;
828 if (!ws_strtou32(tok_skip, NULL, &skip))
835 if (!ws_strtou32(tok_limit, NULL, &limit))
841 if (!ws_strtou32(tok_refs, &tok_refs, &next_ref_frame))
845 sharkd_json_array_open(NULL);
846 for (framenum = 1; framenum <= cfile.count; framenum++)
849 guint32 ref_frame = (framenum != 1) ? 1 : 0;
851 if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
857 prev_dis_num = framenum;
863 if (framenum >= next_ref_frame)
865 current_ref_frame = next_ref_frame;
867 if (*tok_refs != ',')
868 next_ref_frame = G_MAXUINT32;
870 while (*tok_refs == ',' && framenum >= next_ref_frame)
872 current_ref_frame = next_ref_frame;
874 if (!ws_strtou32(tok_refs + 1, &tok_refs, &next_ref_frame))
876 fprintf(stderr, "sharkd_session_process_frames() wrong format for refs: %s\n", tok_refs);
881 if (*tok_refs == '\0' && framenum >= next_ref_frame)
883 current_ref_frame = next_ref_frame;
884 next_ref_frame = G_MAXUINT32;
888 if (current_ref_frame)
889 ref_frame = current_ref_frame;
892 fdata = sharkd_get_frame(framenum);
893 sharkd_dissect_columns(fdata, ref_frame, prev_dis_num, cinfo, (fdata->color_filter == NULL));
895 json_dumper_begin_object(&dumper);
897 sharkd_json_array_open("c");
898 for (col = 0; col < cinfo->num_cols; ++col)
900 const col_item_t *col_item = &cinfo->columns[col];
902 sharkd_json_value_string(NULL, col_item->col_data);
904 sharkd_json_array_close();
906 sharkd_json_value_anyf("num", "%u", framenum);
908 if (fdata->has_user_comment || fdata->has_phdr_comment)
910 if (!fdata->has_user_comment || sharkd_get_user_comment(fdata) != NULL)
911 sharkd_json_value_anyf("ct", "true");
915 sharkd_json_value_anyf("i", "true");
918 sharkd_json_value_anyf("m", "true");
920 if (fdata->color_filter)
922 sharkd_json_value_stringf("bg", "%x", color_t_to_rgb(&fdata->color_filter->bg_color));
923 sharkd_json_value_stringf("fg", "%x", color_t_to_rgb(&fdata->color_filter->fg_color));
926 json_dumper_end_object(&dumper);
927 prev_dis_num = framenum;
929 if (limit && --limit == 0)
932 sharkd_json_array_close();
933 json_dumper_finish(&dumper);
935 if (cinfo != &cfile.cinfo)
940 sharkd_session_process_tap_stats_node_cb(const stat_node *n)
944 sharkd_json_array_open(NULL);
945 for (node = n->children; node; node = node->next)
947 json_dumper_begin_object(&dumper);
949 /* code based on stats_tree_get_values_from_node() */
950 sharkd_json_value_string("name", node->name);
951 sharkd_json_value_anyf("count", "%d", node->counter);
952 if (node->counter && ((node->st_flags & ST_FLG_AVERAGE) || node->rng))
954 switch(node->datatype)
957 sharkd_json_value_anyf("avg", "%.2f", ((float)node->total.int_total) / node->counter);
958 sharkd_json_value_anyf("min", "%d", node->minvalue.int_min);
959 sharkd_json_value_anyf("max", "%d", node->maxvalue.int_max);
962 sharkd_json_value_anyf("avg", "%.2f", node->total.float_total / node->counter);
963 sharkd_json_value_anyf("min", "%f", node->minvalue.float_min);
964 sharkd_json_value_anyf("max", "%f", node->maxvalue.float_max);
969 if (node->st->elapsed)
970 sharkd_json_value_anyf("rate", "%.4f", ((float)node->counter) / node->st->elapsed);
972 if (node->parent && node->parent->counter)
973 sharkd_json_value_anyf("perc", "%.2f", (node->counter * 100.0) / node->parent->counter);
974 else if (node->parent == &(node->st->root))
975 sharkd_json_value_anyf("perc", "100");
977 if (prefs.st_enable_burstinfo && node->max_burst)
979 if (prefs.st_burst_showcount)
980 sharkd_json_value_anyf("burstcount", "%d", node->max_burst);
982 sharkd_json_value_anyf("burstrate", "%.4f", ((double)node->max_burst) / prefs.st_burst_windowlen);
984 sharkd_json_value_anyf("bursttime", "%.3f", (node->burst_time / 1000.0));
989 sharkd_json_value_anyf("sub", NULL);
990 sharkd_session_process_tap_stats_node_cb(node);
992 json_dumper_end_object(&dumper);
994 sharkd_json_array_close();
998 * sharkd_session_process_tap_stats_cb()
1002 * (m) tap - tap name
1003 * (m) type:stats - tap output type
1004 * (m) name - stat name
1005 * (m) stats - array of object with attributes:
1006 * (m) name - stat item name
1007 * (m) count - stat item counter
1008 * (o) avg - stat item averange value
1009 * (o) min - stat item min value
1010 * (o) max - stat item max value
1011 * (o) rate - stat item rate value (ms)
1012 * (o) perc - stat item percentage
1013 * (o) burstrate - stat item burst rate
1014 * (o) burstcount - stat item burst count
1015 * (o) burstttme - stat item burst start
1016 * (o) sub - array of object with attributes like in stats node.
1019 sharkd_session_process_tap_stats_cb(void *psp)
1021 stats_tree *st = (stats_tree *) psp;
1023 json_dumper_begin_object(&dumper);
1025 sharkd_json_value_stringf("tap", "stats:%s", st->cfg->abbr);
1026 sharkd_json_value_string("type", "stats");
1027 sharkd_json_value_string("name", st->cfg->name);
1029 sharkd_json_value_anyf("stats", NULL);
1030 sharkd_session_process_tap_stats_node_cb(&st->root);
1032 json_dumper_end_object(&dumper);
1036 sharkd_session_free_tap_stats_cb(void *psp)
1038 stats_tree *st = (stats_tree *) psp;
1040 stats_tree_free(st);
1043 struct sharkd_expert_tap
1050 * sharkd_session_process_tap_expert_cb()
1052 * Output expert tap:
1054 * (m) tap - tap name
1055 * (m) type:expert - tap output type
1056 * (m) details - array of object with attributes:
1057 * (m) f - frame number, which generated expert information
1060 * (m) m - expert message
1064 sharkd_session_process_tap_expert_cb(void *tapdata)
1066 struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
1069 json_dumper_begin_object(&dumper);
1071 sharkd_json_value_string("tap", "expert");
1072 sharkd_json_value_string("type", "expert");
1074 sharkd_json_array_open("details");
1075 for (list = etd->details; list; list = list->next)
1077 expert_info_t *ei = (expert_info_t *) list->data;
1080 json_dumper_begin_object(&dumper);
1082 sharkd_json_value_anyf("f", "%u", ei->packet_num);
1084 tmp = try_val_to_str(ei->severity, expert_severity_vals);
1086 sharkd_json_value_string("s", tmp);
1088 tmp = try_val_to_str(ei->group, expert_group_vals);
1090 sharkd_json_value_string("g", tmp);
1092 sharkd_json_value_string("m", ei->summary);
1095 sharkd_json_value_string("p", ei->protocol);
1097 json_dumper_end_object(&dumper);
1099 sharkd_json_array_close();
1101 json_dumper_end_object(&dumper);
1104 static tap_packet_status
1105 sharkd_session_packet_tap_expert_cb(void *tapdata, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *pointer)
1107 struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
1108 const expert_info_t *ei = (const expert_info_t *) pointer;
1109 expert_info_t *ei_copy;
1112 return TAP_PACKET_DONT_REDRAW;
1114 ei_copy = g_new(expert_info_t, 1);
1115 /* Note: this is a shallow copy */
1118 /* ei->protocol, ei->summary might be allocated in packet scope, make a copy. */
1119 ei_copy->protocol = g_string_chunk_insert_const(etd->text, ei_copy->protocol);
1120 ei_copy->summary = g_string_chunk_insert_const(etd->text, ei_copy->summary);
1122 etd->details = g_slist_prepend(etd->details, ei_copy);
1124 return TAP_PACKET_REDRAW;
1128 sharkd_session_free_tap_expert_cb(void *tapdata)
1130 struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
1132 g_slist_free_full(etd->details, g_free);
1133 g_string_chunk_free(etd->text);
1138 * sharkd_session_process_tap_flow_cb()
1141 * (m) tap - tap name
1142 * (m) type:flow - tap output type
1143 * (m) nodes - array of strings with node address
1144 * (m) flows - array of object with attributes:
1145 * (m) t - frame time string
1146 * (m) n - array of two numbers with source node index and destination node index
1147 * (m) pn - array of two numbers with source and destination port
1151 sharkd_session_process_tap_flow_cb(void *tapdata)
1153 seq_analysis_info_t *graph_analysis = (seq_analysis_info_t *) tapdata;
1157 sequence_analysis_get_nodes(graph_analysis);
1159 json_dumper_begin_object(&dumper);
1160 sharkd_json_value_stringf("tap", "seqa:%s", graph_analysis->name);
1161 sharkd_json_value_string("type", "flow");
1163 sharkd_json_array_open("nodes");
1164 for (i = 0; i < graph_analysis->num_nodes; i++)
1168 addr_str = address_to_display(NULL, &(graph_analysis->nodes[i]));
1169 sharkd_json_value_string(NULL, addr_str);
1170 wmem_free(NULL, addr_str);
1172 sharkd_json_array_close();
1174 sharkd_json_array_open("flows");
1175 flow_list = g_queue_peek_nth_link(graph_analysis->items, 0);
1178 seq_analysis_item_t *sai = (seq_analysis_item_t *) flow_list->data;
1180 flow_list = g_list_next(flow_list);
1185 json_dumper_begin_object(&dumper);
1187 sharkd_json_value_string("t", sai->time_str);
1188 sharkd_json_value_anyf("n", "[%u,%u]", sai->src_node, sai->dst_node);
1189 sharkd_json_value_anyf("pn", "[%u,%u]", sai->port_src, sai->port_dst);
1192 sharkd_json_value_string("c", sai->comment);
1194 json_dumper_end_object(&dumper);
1196 sharkd_json_array_close();
1198 json_dumper_end_object(&dumper);
1202 sharkd_session_free_tap_flow_cb(void *tapdata)
1204 seq_analysis_info_t *graph_analysis = (seq_analysis_info_t *) tapdata;
1206 sequence_analysis_info_free(graph_analysis);
1209 struct sharkd_conv_tap_data
1213 gboolean resolve_name;
1214 gboolean resolve_port;
1218 sharkd_session_geoip_addr(address *addr, const char *suffix)
1220 const mmdb_lookup_t *lookup = NULL;
1221 gboolean with_geoip = FALSE;
1224 if (addr->type == AT_IPv4)
1228 memcpy(&ip, addr->data, 4);
1229 lookup = maxmind_db_lookup_ipv4(ip);
1231 else if (addr->type == AT_IPv6)
1233 const ws_in6_addr *ip6 = (const ws_in6_addr *) addr->data;
1235 lookup = maxmind_db_lookup_ipv6(ip6);
1238 if (!lookup || !lookup->found)
1241 if (lookup->country)
1243 snprintf(json_key, sizeof(json_key), "geoip_country%s", suffix);
1244 sharkd_json_value_string(json_key, lookup->country);
1248 if (lookup->country_iso)
1250 snprintf(json_key, sizeof(json_key), "geoip_country_iso%s", suffix);
1251 sharkd_json_value_string(json_key, lookup->country_iso);
1257 snprintf(json_key, sizeof(json_key), "geoip_city%s", suffix);
1258 sharkd_json_value_string(json_key, lookup->city);
1264 snprintf(json_key, sizeof(json_key), "geoip_as_org%s", suffix);
1265 sharkd_json_value_string(json_key, lookup->as_org);
1269 if (lookup->as_number > 0)
1271 snprintf(json_key, sizeof(json_key), "geoip_as%s", suffix);
1272 sharkd_json_value_anyf(json_key, "%u", lookup->as_number);
1276 if (lookup->latitude >= -90.0 && lookup->latitude <= 90.0)
1278 snprintf(json_key, sizeof(json_key), "geoip_lat%s", suffix);
1279 sharkd_json_value_anyf(json_key, "%f", lookup->latitude);
1283 if (lookup->longitude >= -180.0 && lookup->longitude <= 180.0)
1285 snprintf(json_key, sizeof(json_key), "geoip_lon%s", suffix);
1286 sharkd_json_value_anyf(json_key, "%f", lookup->longitude);
1293 struct sharkd_analyse_rtp_items
1296 guint32 sequence_num;
1304 double arrive_offset;
1306 /* from tap_rtp_stat_t */
1311 struct sharkd_analyse_rtp
1313 const char *tap_name;
1318 tap_rtp_stat_t statinfo;
1322 sharkd_session_process_tap_rtp_free_cb(void *tapdata)
1324 struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
1326 g_slist_free_full(rtp_req->packets, g_free);
1330 static tap_packet_status
1331 sharkd_session_packet_tap_rtp_analyse_cb(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *pointer)
1333 struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
1334 const struct _rtp_info *rtp_info = (const struct _rtp_info *) pointer;
1336 if (rtpstream_id_equal_pinfo_rtp_info(&rtp_req->id, pinfo, rtp_info))
1338 tap_rtp_stat_t *statinfo = &(rtp_req->statinfo);
1339 struct sharkd_analyse_rtp_items *item;
1341 rtppacket_analyse(statinfo, pinfo, rtp_info);
1343 item = (struct sharkd_analyse_rtp_items *) g_malloc(sizeof(struct sharkd_analyse_rtp_items));
1345 if (!rtp_req->packets)
1346 rtp_req->start_time = nstime_to_sec(&pinfo->abs_ts);
1348 item->frame_num = pinfo->num;
1349 item->sequence_num = rtp_info->info_seq_num;
1350 item->delta = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->delta;
1351 item->jitter = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->jitter;
1352 item->skew = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->skew;
1353 item->bandwidth = statinfo->bandwidth;
1354 item->marker = rtp_info->info_marker_set ? TRUE : FALSE;
1355 item->arrive_offset= nstime_to_sec(&pinfo->abs_ts) - rtp_req->start_time;
1357 item->flags = statinfo->flags;
1358 item->pt = statinfo->pt;
1360 /* XXX, O(n) optimize */
1361 rtp_req->packets = g_slist_append(rtp_req->packets, item);
1364 return TAP_PACKET_REDRAW;
1368 * sharkd_session_process_tap_rtp_analyse_cb()
1370 * Output rtp analyse tap:
1371 * (m) tap - tap name
1372 * (m) type - tap output type
1373 * (m) ssrc - RTP SSRC
1374 * (m) max_delta - Max delta (ms)
1375 * (m) max_delta_nr - Max delta packet #
1376 * (m) max_jitter - Max jitter (ms)
1377 * (m) mean_jitter - Mean jitter (ms)
1378 * (m) max_skew - Max skew (ms)
1379 * (m) total_nr - Total number of RTP packets
1380 * (m) seq_err - Number of sequence errors
1381 * (m) duration - Duration (ms)
1382 * (m) items - array of object with attributes:
1383 * (m) f - frame number
1384 * (m) o - arrive offset
1385 * (m) sn - sequence number
1389 * (m) bw - bandwidth
1390 * (o) s - status string
1391 * (o) t - status type
1392 * (o) mark - rtp mark
1395 sharkd_session_process_tap_rtp_analyse_cb(void *tapdata)
1397 const int RTP_TYPE_CN = 1;
1398 const int RTP_TYPE_ERROR = 2;
1399 const int RTP_TYPE_WARN = 3;
1400 const int RTP_TYPE_PT_EVENT = 4;
1402 const struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
1403 const tap_rtp_stat_t *statinfo = &rtp_req->statinfo;
1407 json_dumper_begin_object(&dumper);
1409 sharkd_json_value_string("tap", rtp_req->tap_name);
1410 sharkd_json_value_string("type", "rtp-analyse");
1411 sharkd_json_value_anyf("ssrc", "%u", rtp_req->id.ssrc);
1413 sharkd_json_value_anyf("max_delta", "%f", statinfo->max_delta);
1414 sharkd_json_value_anyf("max_delta_nr", "%u", statinfo->max_nr);
1415 sharkd_json_value_anyf("max_jitter", "%f", statinfo->max_jitter);
1416 sharkd_json_value_anyf("mean_jitter", "%f", statinfo->mean_jitter);
1417 sharkd_json_value_anyf("max_skew", "%f", statinfo->max_skew);
1418 sharkd_json_value_anyf("total_nr", "%u", statinfo->total_nr);
1419 sharkd_json_value_anyf("seq_err", "%u", statinfo->sequence);
1420 sharkd_json_value_anyf("duration", "%f", statinfo->time - statinfo->start_time);
1422 sharkd_json_array_open("items");
1423 for (l = rtp_req->packets; l; l = l->next)
1425 struct sharkd_analyse_rtp_items *item = (struct sharkd_analyse_rtp_items *) l->data;
1427 json_dumper_begin_object(&dumper);
1429 sharkd_json_value_anyf("f", "%u", item->frame_num);
1430 sharkd_json_value_anyf("o", "%.9f", item->arrive_offset);
1431 sharkd_json_value_anyf("sn", "%u", item->sequence_num);
1432 sharkd_json_value_anyf("d", "%.2f", item->delta);
1433 sharkd_json_value_anyf("j", "%.2f", item->jitter);
1434 sharkd_json_value_anyf("sk", "%.2f", item->skew);
1435 sharkd_json_value_anyf("bw", "%.2f", item->bandwidth);
1437 if (item->pt == PT_CN)
1439 sharkd_json_value_string("s", "Comfort noise (PT=13, RFC 3389)");
1440 sharkd_json_value_anyf("t", "%d", RTP_TYPE_CN);
1442 else if (item->pt == PT_CN_OLD)
1444 sharkd_json_value_string("s", "Comfort noise (PT=19, reserved)");
1445 sharkd_json_value_anyf("t", "%d", RTP_TYPE_CN);
1447 else if (item->flags & STAT_FLAG_WRONG_SEQ)
1449 sharkd_json_value_string("s", "Wrong sequence number");
1450 sharkd_json_value_anyf("t", "%d", RTP_TYPE_ERROR);
1452 else if (item->flags & STAT_FLAG_DUP_PKT)
1454 sharkd_json_value_string("s", "Suspected duplicate (MAC address) only delta time calculated");
1455 sharkd_json_value_anyf("t", "%d", RTP_TYPE_WARN);
1457 else if (item->flags & STAT_FLAG_REG_PT_CHANGE)
1459 sharkd_json_value_stringf("s", "Payload changed to PT=%u%s",
1461 (item->flags & STAT_FLAG_PT_T_EVENT) ? " telephone/event" : "");
1462 sharkd_json_value_anyf("t", "%d", RTP_TYPE_WARN);
1464 else if (item->flags & STAT_FLAG_WRONG_TIMESTAMP)
1466 sharkd_json_value_string("s", "Incorrect timestamp");
1467 sharkd_json_value_anyf("t", "%d", RTP_TYPE_WARN);
1469 else if ((item->flags & STAT_FLAG_PT_CHANGE)
1470 && !(item->flags & STAT_FLAG_FIRST)
1471 && !(item->flags & STAT_FLAG_PT_CN)
1472 && (item->flags & STAT_FLAG_FOLLOW_PT_CN)
1473 && !(item->flags & STAT_FLAG_MARKER))
1475 sharkd_json_value_string("s", "Marker missing?");
1476 sharkd_json_value_anyf("t", "%d", RTP_TYPE_WARN);
1478 else if (item->flags & STAT_FLAG_PT_T_EVENT)
1480 sharkd_json_value_stringf("s", "PT=%u telephone/event", item->pt);
1481 sharkd_json_value_anyf("t", "%d", RTP_TYPE_PT_EVENT);
1483 else if (item->flags & STAT_FLAG_MARKER)
1485 sharkd_json_value_anyf("t", "%d", RTP_TYPE_WARN);
1489 sharkd_json_value_anyf("mark", "1");
1491 json_dumper_end_object(&dumper);
1493 sharkd_json_array_close();
1495 json_dumper_end_object(&dumper);
1499 * sharkd_session_process_tap_conv_cb()
1502 * (m) tap - tap name
1503 * (m) type - tap output type
1504 * (m) proto - protocol short name
1505 * (o) filter - filter string
1506 * (o) geoip - whether GeoIP information is available, boolean
1508 * (o) convs - array of object with attributes:
1509 * (m) saddr - source address
1510 * (m) daddr - destination address
1511 * (o) sport - source port
1512 * (o) dport - destination port
1513 * (m) txf - TX frame count
1514 * (m) txb - TX bytes
1515 * (m) rxf - RX frame count
1516 * (m) rxb - RX bytes
1517 * (m) start - (relative) first packet time
1518 * (m) stop - (relative) last packet time
1519 * (o) filter - conversation filter
1521 * (o) hosts - array of object with attributes:
1522 * (m) host - host address
1523 * (o) port - host port
1524 * (m) txf - TX frame count
1525 * (m) txb - TX bytes
1526 * (m) rxf - RX frame count
1527 * (m) rxb - RX bytes
1530 sharkd_session_process_tap_conv_cb(void *arg)
1532 conv_hash_t *hash = (conv_hash_t *) arg;
1533 const struct sharkd_conv_tap_data *iu = (struct sharkd_conv_tap_data *) hash->user_data;
1535 int proto_with_port;
1540 json_dumper_begin_object(&dumper);
1541 sharkd_json_value_string("tap", iu->type);
1543 if (!strncmp(iu->type, "conv:", 5))
1545 sharkd_json_value_string("type", "conv");
1546 sharkd_json_array_open("convs");
1547 proto = iu->type + 5;
1549 else if (!strncmp(iu->type, "endpt:", 6))
1551 sharkd_json_value_string("type", "host");
1552 sharkd_json_array_open("hosts");
1553 proto = iu->type + 6;
1557 sharkd_json_value_string("type", "err");
1561 proto_with_port = (!strcmp(proto, "TCP") || !strcmp(proto, "UDP") || !strcmp(proto, "SCTP"));
1563 if (iu->hash.conv_array != NULL && !strncmp(iu->type, "conv:", 5))
1565 for (i = 0; i < iu->hash.conv_array->len; i++)
1567 conv_item_t *iui = &g_array_index(iu->hash.conv_array, conv_item_t, i);
1568 char *src_addr, *dst_addr;
1569 char *src_port, *dst_port;
1572 json_dumper_begin_object(&dumper);
1574 sharkd_json_value_string("saddr", (src_addr = get_conversation_address(NULL, &iui->src_address, iu->resolve_name)));
1575 sharkd_json_value_string("daddr", (dst_addr = get_conversation_address(NULL, &iui->dst_address, iu->resolve_name)));
1577 if (proto_with_port)
1579 sharkd_json_value_string("sport", (src_port = get_conversation_port(NULL, iui->src_port, iui->etype, iu->resolve_port)));
1580 sharkd_json_value_string("dport", (dst_port = get_conversation_port(NULL, iui->dst_port, iui->etype, iu->resolve_port)));
1582 wmem_free(NULL, src_port);
1583 wmem_free(NULL, dst_port);
1586 sharkd_json_value_anyf("rxf", "%" G_GUINT64_FORMAT, iui->rx_frames);
1587 sharkd_json_value_anyf("rxb", "%" G_GUINT64_FORMAT, iui->rx_bytes);
1589 sharkd_json_value_anyf("txf", "%" G_GUINT64_FORMAT, iui->tx_frames);
1590 sharkd_json_value_anyf("txb", "%" G_GUINT64_FORMAT, iui->tx_bytes);
1592 sharkd_json_value_anyf("start", "%.9f", nstime_to_sec(&iui->start_time));
1593 sharkd_json_value_anyf("stop", "%.9f", nstime_to_sec(&iui->stop_time));
1595 filter_str = get_conversation_filter(iui, CONV_DIR_A_TO_FROM_B);
1598 sharkd_json_value_string("filter", filter_str);
1602 wmem_free(NULL, src_addr);
1603 wmem_free(NULL, dst_addr);
1605 if (sharkd_session_geoip_addr(&(iui->src_address), "1"))
1607 if (sharkd_session_geoip_addr(&(iui->dst_address), "2"))
1610 json_dumper_end_object(&dumper);
1613 else if (iu->hash.conv_array != NULL && !strncmp(iu->type, "endpt:", 6))
1615 for (i = 0; i < iu->hash.conv_array->len; i++)
1617 hostlist_talker_t *host = &g_array_index(iu->hash.conv_array, hostlist_talker_t, i);
1618 char *host_str, *port_str;
1621 json_dumper_begin_object(&dumper);
1623 sharkd_json_value_string("host", (host_str = get_conversation_address(NULL, &host->myaddress, iu->resolve_name)));
1625 if (proto_with_port)
1627 sharkd_json_value_string("port", (port_str = get_conversation_port(NULL, host->port, host->etype, iu->resolve_port)));
1629 wmem_free(NULL, port_str);
1632 sharkd_json_value_anyf("rxf", "%" G_GUINT64_FORMAT, host->rx_frames);
1633 sharkd_json_value_anyf("rxb", "%" G_GUINT64_FORMAT, host->rx_bytes);
1635 sharkd_json_value_anyf("txf", "%" G_GUINT64_FORMAT, host->tx_frames);
1636 sharkd_json_value_anyf("txb", "%" G_GUINT64_FORMAT, host->tx_bytes);
1638 filter_str = get_hostlist_filter(host);
1641 sharkd_json_value_string("filter", filter_str);
1645 wmem_free(NULL, host_str);
1647 if (sharkd_session_geoip_addr(&(host->myaddress), ""))
1649 json_dumper_end_object(&dumper);
1652 sharkd_json_array_close();
1654 sharkd_json_value_string("proto", proto);
1655 sharkd_json_value_anyf("geoip", with_geoip ? "true" : "false");
1657 json_dumper_end_object(&dumper);
1661 sharkd_session_free_tap_conv_cb(void *arg)
1663 conv_hash_t *hash = (conv_hash_t *) arg;
1664 struct sharkd_conv_tap_data *iu = (struct sharkd_conv_tap_data *) hash->user_data;
1666 if (!strncmp(iu->type, "conv:", 5))
1668 reset_conversation_table_data(hash);
1670 else if (!strncmp(iu->type, "endpt:", 6))
1672 reset_hostlist_table_data(hash);
1679 * sharkd_session_process_tap_nstat_cb()
1682 * (m) tap - tap name
1683 * (m) type - tap output type
1684 * (m) fields: array of objects with attributes:
1687 * (m) tables: array of object with attributes:
1688 * (m) t - table title
1689 * (m) i - array of items
1692 sharkd_session_process_tap_nstat_cb(void *arg)
1694 stat_data_t *stat_data = (stat_data_t *) arg;
1697 json_dumper_begin_object(&dumper);
1698 sharkd_json_value_stringf("tap", "nstat:%s", stat_data->stat_tap_data->cli_string);
1699 sharkd_json_value_string("type", "nstat");
1701 sharkd_json_array_open("fields");
1702 for (i = 0; i < stat_data->stat_tap_data->nfields; i++)
1704 stat_tap_table_item *field = &(stat_data->stat_tap_data->fields[i]);
1706 json_dumper_begin_object(&dumper);
1707 sharkd_json_value_string("c", field->column_name);
1708 json_dumper_end_object(&dumper);
1710 sharkd_json_array_close();
1712 sharkd_json_array_open("tables");
1713 for (i = 0; i < stat_data->stat_tap_data->tables->len; i++)
1715 stat_tap_table *table = g_array_index(stat_data->stat_tap_data->tables, stat_tap_table *, i);
1717 json_dumper_begin_object(&dumper);
1719 sharkd_json_value_string("t", table->title);
1721 sharkd_json_array_open("i");
1722 for (j = 0; j < table->num_elements; j++)
1724 stat_tap_table_item_type *field_data;
1726 field_data = stat_tap_get_field_data(table, j, 0);
1727 if (field_data == NULL || field_data->type == TABLE_ITEM_NONE) /* Nothing for us here */
1730 sharkd_json_array_open(NULL);
1731 for (k = 0; k < table->num_fields; k++)
1733 field_data = stat_tap_get_field_data(table, j, k);
1735 switch (field_data->type)
1737 case TABLE_ITEM_UINT:
1738 sharkd_json_value_anyf(NULL, "%u", field_data->value.uint_value);
1741 case TABLE_ITEM_INT:
1742 sharkd_json_value_anyf(NULL, "%d", field_data->value.int_value);
1745 case TABLE_ITEM_STRING:
1746 sharkd_json_value_string(NULL, field_data->value.string_value);
1749 case TABLE_ITEM_FLOAT:
1750 sharkd_json_value_anyf(NULL, "%f", field_data->value.float_value);
1753 case TABLE_ITEM_ENUM:
1754 sharkd_json_value_anyf(NULL, "%d", field_data->value.enum_value);
1757 case TABLE_ITEM_NONE:
1758 sharkd_json_value_anyf(NULL, "null");
1763 sharkd_json_array_close();
1765 sharkd_json_array_close();
1766 json_dumper_end_object(&dumper);
1768 sharkd_json_array_close();
1770 json_dumper_end_object(&dumper);
1774 sharkd_session_free_tap_nstat_cb(void *arg)
1776 stat_data_t *stat_data = (stat_data_t *) arg;
1778 free_stat_tables(stat_data->stat_tap_data);
1782 * sharkd_session_process_tap_rtd_cb()
1785 * (m) tap - tap name
1786 * (m) type - tap output type
1787 * (m) stats - statistics rows - array object with attributes:
1788 * (m) type - statistic name
1789 * (m) num - number of messages
1790 * (m) min - minimum SRT time
1791 * (m) max - maximum SRT time
1792 * (m) tot - total SRT time
1793 * (m) min_frame - minimal SRT
1794 * (m) max_frame - maximum SRT
1795 * (o) open_req - Open Requests
1796 * (o) disc_rsp - Discarded Responses
1797 * (o) req_dup - Duplicated Requests
1798 * (o) rsp_dup - Duplicated Responses
1799 * (o) open_req - Open Requests
1800 * (o) disc_rsp - Discarded Responses
1801 * (o) req_dup - Duplicated Requests
1802 * (o) rsp_dup - Duplicated Responses
1805 sharkd_session_process_tap_rtd_cb(void *arg)
1807 rtd_data_t *rtd_data = (rtd_data_t *) arg;
1808 register_rtd_t *rtd = (register_rtd_t *) rtd_data->user_data;
1812 const char *filter = proto_get_protocol_filter_name(get_rtd_proto_id(rtd));
1814 /* XXX, some dissectors are having single table and multiple timestats (mgcp, megaco),
1815 * some multiple table and single timestat (radius, h225)
1816 * and it seems that value_string is used one for timestamp-ID, other one for table-ID
1817 * I wonder how it will gonna work with multiple timestats and multiple tables...
1818 * (for usage grep for: register_rtd_table)
1820 const value_string *vs = get_rtd_value_string(rtd);
1822 json_dumper_begin_object(&dumper);
1823 sharkd_json_value_stringf("tap", "rtd:%s", filter);
1824 sharkd_json_value_string("type", "rtd");
1826 if (rtd_data->stat_table.num_rtds == 1)
1828 const rtd_timestat *ms = &rtd_data->stat_table.time_stats[0];
1830 sharkd_json_value_anyf("open_req", "%u", ms->open_req_num);
1831 sharkd_json_value_anyf("disc_rsp", "%u", ms->disc_rsp_num);
1832 sharkd_json_value_anyf("req_dup", "%u", ms->req_dup_num);
1833 sharkd_json_value_anyf("rsp_dup", "%u", ms->rsp_dup_num);
1836 sharkd_json_array_open("stats");
1837 for (i = 0; i < rtd_data->stat_table.num_rtds; i++)
1839 const rtd_timestat *ms = &rtd_data->stat_table.time_stats[i];
1841 for (j = 0; j < ms->num_timestat; j++)
1843 const char *type_str;
1845 if (ms->rtd[j].num == 0)
1848 json_dumper_begin_object(&dumper);
1850 if (rtd_data->stat_table.num_rtds == 1)
1851 type_str = val_to_str_const(j, vs, "Other"); /* 1 table - description per row */
1853 type_str = val_to_str_const(i, vs, "Other"); /* multiple table - description per table */
1854 sharkd_json_value_string("type", type_str);
1856 sharkd_json_value_anyf("num", "%u", ms->rtd[j].num);
1857 sharkd_json_value_anyf("min", "%.9f", nstime_to_sec(&(ms->rtd[j].min)));
1858 sharkd_json_value_anyf("max", "%.9f", nstime_to_sec(&(ms->rtd[j].max)));
1859 sharkd_json_value_anyf("tot", "%.9f", nstime_to_sec(&(ms->rtd[j].tot)));
1860 sharkd_json_value_anyf("min_frame", "%u", ms->rtd[j].min_num);
1861 sharkd_json_value_anyf("max_frame", "%u", ms->rtd[j].max_num);
1863 if (rtd_data->stat_table.num_rtds != 1)
1865 /* like in tshark, display it on every row */
1866 sharkd_json_value_anyf("open_req", "%u", ms->open_req_num);
1867 sharkd_json_value_anyf("disc_rsp", "%u", ms->disc_rsp_num);
1868 sharkd_json_value_anyf("req_dup", "%u", ms->req_dup_num);
1869 sharkd_json_value_anyf("rsp_dup", "%u", ms->rsp_dup_num);
1872 json_dumper_end_object(&dumper);
1875 sharkd_json_array_close();
1877 json_dumper_end_object(&dumper);
1881 sharkd_session_free_tap_rtd_cb(void *arg)
1883 rtd_data_t *rtd_data = (rtd_data_t *) arg;
1885 free_rtd_table(&rtd_data->stat_table);
1890 * sharkd_session_process_tap_srt_cb()
1893 * (m) tap - tap name
1894 * (m) type - tap output type
1896 * (m) tables - array of object with attributes:
1897 * (m) n - table name
1898 * (m) f - table filter
1899 * (o) c - table column name
1900 * (m) r - table rows - array object with attributes:
1902 * (m) idx - procedure index
1903 * (m) num - number of events
1904 * (m) min - minimum SRT time
1905 * (m) max - maximum SRT time
1906 * (m) tot - total SRT time
1909 sharkd_session_process_tap_srt_cb(void *arg)
1911 srt_data_t *srt_data = (srt_data_t *) arg;
1912 register_srt_t *srt = (register_srt_t *) srt_data->user_data;
1914 const char *filter = proto_get_protocol_filter_name(get_srt_proto_id(srt));
1918 json_dumper_begin_object(&dumper);
1919 sharkd_json_value_stringf("tap", "srt:%s", filter);
1920 sharkd_json_value_string("type", "srt");
1922 sharkd_json_array_open("tables");
1923 for (i = 0; i < srt_data->srt_array->len; i++)
1926 srt_stat_table *rst = g_array_index(srt_data->srt_array, srt_stat_table *, i);
1930 json_dumper_begin_object(&dumper);
1933 sharkd_json_value_string("n", rst->name);
1934 else if (rst->short_name)
1935 sharkd_json_value_string("n", rst->short_name);
1937 sharkd_json_value_stringf("n", "table%u", i);
1939 if (rst->filter_string)
1940 sharkd_json_value_string("f", rst->filter_string);
1942 if (rst->proc_column_name)
1943 sharkd_json_value_string("c", rst->proc_column_name);
1945 sharkd_json_array_open("r");
1946 for (j = 0; j < rst->num_procs; j++)
1949 srt_procedure_t *proc = &rst->procedures[j];
1951 if (proc->stats.num == 0)
1954 json_dumper_begin_object(&dumper);
1956 sharkd_json_value_string("n", proc->procedure);
1958 if (rst->filter_string)
1959 sharkd_json_value_anyf("idx", "%d", proc->proc_index);
1961 sharkd_json_value_anyf("num", "%u", proc->stats.num);
1963 sharkd_json_value_anyf("min", "%.9f", nstime_to_sec(&proc->stats.min));
1964 sharkd_json_value_anyf("max", "%.9f", nstime_to_sec(&proc->stats.max));
1965 sharkd_json_value_anyf("tot", "%.9f", nstime_to_sec(&proc->stats.tot));
1967 json_dumper_end_object(&dumper);
1969 sharkd_json_array_close();
1971 json_dumper_end_object(&dumper);
1973 sharkd_json_array_close();
1975 json_dumper_end_object(&dumper);
1979 sharkd_session_free_tap_srt_cb(void *arg)
1981 srt_data_t *srt_data = (srt_data_t *) arg;
1982 register_srt_t *srt = (register_srt_t *) srt_data->user_data;
1984 free_srt_table(srt, srt_data->srt_array);
1985 g_array_free(srt_data->srt_array, TRUE);
1989 struct sharkd_export_object_list
1991 struct sharkd_export_object_list *next;
1998 static struct sharkd_export_object_list *sharkd_eo_list;
2001 * sharkd_session_process_tap_eo_cb()
2004 * (m) tap - tap name
2005 * (m) type - tap output type
2006 * (m) proto - protocol short name
2007 * (m) objects - array of object with attributes:
2008 * (m) pkt - packet number
2009 * (o) hostname - hostname
2010 * (o) type - content type
2011 * (o) filename - filename
2012 * (m) len - object length
2015 sharkd_session_process_tap_eo_cb(void *tapdata)
2017 export_object_list_t *tap_object = (export_object_list_t *) tapdata;
2018 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) tap_object->gui_data;
2022 json_dumper_begin_object(&dumper);
2023 sharkd_json_value_string("tap", object_list->type);
2024 sharkd_json_value_string("type", "eo");
2026 sharkd_json_value_string("proto", object_list->proto);
2028 sharkd_json_array_open("objects");
2029 for (slist = object_list->entries; slist; slist = slist->next)
2031 const export_object_entry_t *eo_entry = (export_object_entry_t *) slist->data;
2033 json_dumper_begin_object(&dumper);
2035 sharkd_json_value_anyf("pkt", "%u", eo_entry->pkt_num);
2037 if (eo_entry->hostname)
2038 sharkd_json_value_string("hostname", eo_entry->hostname);
2040 if (eo_entry->content_type)
2041 sharkd_json_value_string("type", eo_entry->content_type);
2043 if (eo_entry->filename)
2044 sharkd_json_value_string("filename", eo_entry->filename);
2046 sharkd_json_value_stringf("_download", "%s_%d", object_list->type, i);
2048 sharkd_json_value_anyf("len", "%" G_GINT64_FORMAT, eo_entry->payload_len);
2050 json_dumper_end_object(&dumper);
2054 sharkd_json_array_close();
2056 json_dumper_end_object(&dumper);
2060 sharkd_eo_object_list_add_entry(void *gui_data, export_object_entry_t *entry)
2062 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) gui_data;
2064 object_list->entries = g_slist_append(object_list->entries, entry);
2067 static export_object_entry_t *
2068 sharkd_eo_object_list_get_entry(void *gui_data, int row)
2070 struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) gui_data;
2072 return (export_object_entry_t *) g_slist_nth_data(object_list->entries, row);
2076 * sharkd_session_process_tap_rtp_cb()
2078 * Output RTP streams tap:
2079 * (m) tap - tap name
2080 * (m) type - tap output type
2081 * (m) streams - array of object with attributes:
2082 * (m) ssrc - RTP synchronization source identifier
2083 * (m) payload - stream payload
2084 * (m) saddr - source address
2085 * (m) sport - source port
2086 * (m) daddr - destination address
2087 * (m) dport - destination port
2088 * (m) pkts - packets count
2089 * (m) max_delta - max delta (ms)
2090 * (m) max_jitter - max jitter (ms)
2091 * (m) mean_jitter - mean jitter (ms)
2094 * (m) problem - if analyser found the problem
2095 * (m) ipver - address IP version (4 or 6)
2098 sharkd_session_process_tap_rtp_cb(void *arg)
2100 rtpstream_tapinfo_t *rtp_tapinfo = (rtpstream_tapinfo_t *) arg;
2104 json_dumper_begin_object(&dumper);
2105 sharkd_json_value_string("tap", "rtp-streams");
2106 sharkd_json_value_string("type", "rtp-streams");
2108 sharkd_json_array_open("streams");
2109 for (listx = g_list_first(rtp_tapinfo->strinfo_list); listx; listx = listx->next)
2111 rtpstream_info_t *streaminfo = (rtpstream_info_t *) listx->data;
2112 rtpstream_info_calc_t calc;
2114 rtpstream_info_calculate(streaminfo, &calc);
2116 json_dumper_begin_object(&dumper);
2118 sharkd_json_value_anyf("ssrc", "%u", calc.ssrc);
2119 sharkd_json_value_string("payload", calc.all_payload_type_names);
2121 sharkd_json_value_string("saddr", calc.src_addr_str);
2122 sharkd_json_value_anyf("sport", "%u", calc.src_port);
2123 sharkd_json_value_string("daddr", calc.dst_addr_str);
2124 sharkd_json_value_anyf("dport", "%u", calc.dst_port);
2126 sharkd_json_value_anyf("pkts", "%u", calc.packet_count);
2128 sharkd_json_value_anyf("max_delta", "%f",calc.max_delta);
2129 sharkd_json_value_anyf("max_jitter", "%f", calc.max_jitter);
2130 sharkd_json_value_anyf("mean_jitter", "%f", calc.mean_jitter);
2132 sharkd_json_value_anyf("expectednr", "%u", calc.packet_expected);
2133 sharkd_json_value_anyf("totalnr", "%u", calc.total_nr);
2135 sharkd_json_value_anyf("problem", calc.problem ? "true" : "false");
2138 sharkd_json_value_anyf("ipver", "%d", (streaminfo->id.src_addr.type == AT_IPv6) ? 6 : 4);
2140 rtpstream_info_calc_free(&calc);
2142 json_dumper_end_object(&dumper);
2144 sharkd_json_array_close();
2146 json_dumper_end_object(&dumper);
2150 * sharkd_session_process_tap()
2152 * Process tap request
2155 * (m) tap0 - First tap request
2156 * (o) tap1...tap15 - Other tap requests
2158 * Output object with attributes:
2159 * (m) taps - array of object with attributes:
2160 * (m) tap - tap name
2161 * (m) type - tap output type
2163 * for type:stats see sharkd_session_process_tap_stats_cb()
2164 * for type:nstat see sharkd_session_process_tap_nstat_cb()
2165 * for type:conv see sharkd_session_process_tap_conv_cb()
2166 * for type:host see sharkd_session_process_tap_conv_cb()
2167 * for type:rtp-streams see sharkd_session_process_tap_rtp_cb()
2168 * for type:rtp-analyse see sharkd_session_process_tap_rtp_analyse_cb()
2169 * for type:eo see sharkd_session_process_tap_eo_cb()
2170 * for type:expert see sharkd_session_process_tap_expert_cb()
2171 * for type:rtd see sharkd_session_process_tap_rtd_cb()
2172 * for type:srt see sharkd_session_process_tap_srt_cb()
2173 * for type:flow see sharkd_session_process_tap_flow_cb()
2175 * (m) err - error code
2178 sharkd_session_process_tap(char *buf, const jsmntok_t *tokens, int count)
2180 void *taps_data[16];
2181 GFreeFunc taps_free[16];
2185 rtpstream_tapinfo_t rtp_tapinfo =
2186 { NULL, NULL, NULL, NULL, 0, NULL, 0, TAP_ANALYSE, NULL, NULL, NULL, FALSE };
2188 for (i = 0; i < 16; i++)
2191 const char *tok_tap;
2193 void *tap_data = NULL;
2194 GFreeFunc tap_free = NULL;
2195 const char *tap_filter = "";
2196 GString *tap_error = NULL;
2198 ws_snprintf(tapbuf, sizeof(tapbuf), "tap%d", i);
2199 tok_tap = json_find_attr(buf, tokens, count, tapbuf);
2203 if (!strncmp(tok_tap, "stat:", 5))
2205 stats_tree_cfg *cfg = stats_tree_get_cfg_by_abbr(tok_tap + 5);
2210 fprintf(stderr, "sharkd_session_process_tap() stat %s not found\n", tok_tap + 5);
2214 st = stats_tree_new(cfg, NULL, tap_filter);
2216 tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb, NULL);
2218 if (!tap_error && cfg->init)
2222 tap_free = sharkd_session_free_tap_stats_cb;
2224 else if (!strcmp(tok_tap, "expert"))
2226 struct sharkd_expert_tap *expert_tap;
2228 expert_tap = g_new0(struct sharkd_expert_tap, 1);
2229 expert_tap->text = g_string_chunk_new(100);
2231 tap_error = register_tap_listener("expert", expert_tap, NULL, 0, NULL, sharkd_session_packet_tap_expert_cb, sharkd_session_process_tap_expert_cb, NULL);
2233 tap_data = expert_tap;
2234 tap_free = sharkd_session_free_tap_expert_cb;
2236 else if (!strncmp(tok_tap, "seqa:", 5))
2238 seq_analysis_info_t *graph_analysis;
2239 register_analysis_t *analysis;
2240 const char *tap_name;
2241 tap_packet_cb tap_func;
2244 analysis = sequence_analysis_find_by_name(tok_tap + 5);
2247 fprintf(stderr, "sharkd_session_process_tap() seq analysis %s not found\n", tok_tap + 5);
2251 graph_analysis = sequence_analysis_info_new();
2252 graph_analysis->name = tok_tap + 5;
2253 /* TODO, make configurable */
2254 graph_analysis->any_addr = FALSE;
2256 tap_name = sequence_analysis_get_tap_listener_name(analysis);
2257 tap_flags = sequence_analysis_get_tap_flags(analysis);
2258 tap_func = sequence_analysis_get_packet_func(analysis);
2260 tap_error = register_tap_listener(tap_name, graph_analysis, NULL, tap_flags, NULL, tap_func, sharkd_session_process_tap_flow_cb, NULL);
2262 tap_data = graph_analysis;
2263 tap_free = sharkd_session_free_tap_flow_cb;
2265 else if (!strncmp(tok_tap, "conv:", 5) || !strncmp(tok_tap, "endpt:", 6))
2267 struct register_ct *ct = NULL;
2268 const char *ct_tapname;
2269 struct sharkd_conv_tap_data *ct_data;
2270 tap_packet_cb tap_func = NULL;
2272 if (!strncmp(tok_tap, "conv:", 5))
2274 ct = get_conversation_by_proto_id(proto_get_id_by_short_name(tok_tap + 5));
2276 if (!ct || !(tap_func = get_conversation_packet_func(ct)))
2278 fprintf(stderr, "sharkd_session_process_tap() conv %s not found\n", tok_tap + 5);
2282 else if (!strncmp(tok_tap, "endpt:", 6))
2284 ct = get_conversation_by_proto_id(proto_get_id_by_short_name(tok_tap + 6));
2286 if (!ct || !(tap_func = get_hostlist_packet_func(ct)))
2288 fprintf(stderr, "sharkd_session_process_tap() endpt %s not found\n", tok_tap + 6);
2294 fprintf(stderr, "sharkd_session_process_tap() conv/endpt(?): %s not found\n", tok_tap);
2298 ct_tapname = proto_get_protocol_filter_name(get_conversation_proto_id(ct));
2300 ct_data = (struct sharkd_conv_tap_data *) g_malloc0(sizeof(struct sharkd_conv_tap_data));
2301 ct_data->type = tok_tap;
2302 ct_data->hash.user_data = ct_data;
2304 /* XXX: make configurable */
2305 ct_data->resolve_name = TRUE;
2306 ct_data->resolve_port = TRUE;
2308 tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb, NULL);
2310 tap_data = &ct_data->hash;
2311 tap_free = sharkd_session_free_tap_conv_cb;
2313 else if (!strncmp(tok_tap, "nstat:", 6))
2315 stat_tap_table_ui *stat_tap = stat_tap_by_name(tok_tap + 6);
2316 stat_data_t *stat_data;
2320 fprintf(stderr, "sharkd_session_process_tap() nstat=%s not found\n", tok_tap + 6);
2324 stat_tap->stat_tap_init_cb(stat_tap);
2326 stat_data = g_new0(stat_data_t, 1);
2327 stat_data->stat_tap_data = stat_tap;
2328 stat_data->user_data = NULL;
2330 tap_error = register_tap_listener(stat_tap->tap_name, stat_data, tap_filter, 0, NULL, stat_tap->packet_func, sharkd_session_process_tap_nstat_cb, NULL);
2332 tap_data = stat_data;
2333 tap_free = sharkd_session_free_tap_nstat_cb;
2335 else if (!strncmp(tok_tap, "rtd:", 4))
2337 register_rtd_t *rtd = get_rtd_table_by_name(tok_tap + 4);
2338 rtd_data_t *rtd_data;
2343 fprintf(stderr, "sharkd_session_process_tap() rtd=%s not found\n", tok_tap + 4);
2347 rtd_table_get_filter(rtd, "", &tap_filter, &err);
2350 fprintf(stderr, "sharkd_session_process_tap() rtd=%s err=%s\n", tok_tap + 4, err);
2355 rtd_data = g_new0(rtd_data_t, 1);
2356 rtd_data->user_data = rtd;
2357 rtd_table_dissector_init(rtd, &rtd_data->stat_table, NULL, NULL);
2359 tap_error = register_tap_listener(get_rtd_tap_listener_name(rtd), rtd_data, tap_filter, 0, NULL, get_rtd_packet_func(rtd), sharkd_session_process_tap_rtd_cb, NULL);
2361 tap_data = rtd_data;
2362 tap_free = sharkd_session_free_tap_rtd_cb;
2364 else if (!strncmp(tok_tap, "srt:", 4))
2366 register_srt_t *srt = get_srt_table_by_name(tok_tap + 4);
2367 srt_data_t *srt_data;
2372 fprintf(stderr, "sharkd_session_process_tap() srt=%s not found\n", tok_tap + 4);
2376 srt_table_get_filter(srt, "", &tap_filter, &err);
2379 fprintf(stderr, "sharkd_session_process_tap() srt=%s err=%s\n", tok_tap + 4, err);
2384 srt_data = g_new0(srt_data_t, 1);
2385 srt_data->srt_array = g_array_new(FALSE, TRUE, sizeof(srt_stat_table *));
2386 srt_data->user_data = srt;
2387 srt_table_dissector_init(srt, srt_data->srt_array);
2389 tap_error = register_tap_listener(get_srt_tap_listener_name(srt), srt_data, tap_filter, 0, NULL, get_srt_packet_func(srt), sharkd_session_process_tap_srt_cb, NULL);
2391 tap_data = srt_data;
2392 tap_free = sharkd_session_free_tap_srt_cb;
2394 else if (!strncmp(tok_tap, "eo:", 3))
2396 register_eo_t *eo = get_eo_by_name(tok_tap + 3);
2397 export_object_list_t *eo_object;
2398 struct sharkd_export_object_list *object_list;
2402 fprintf(stderr, "sharkd_session_process_tap() eo=%s not found\n", tok_tap + 3);
2406 for (object_list = sharkd_eo_list; object_list; object_list = object_list->next)
2408 if (!strcmp(object_list->type, tok_tap))
2410 g_slist_free_full(object_list->entries, (GDestroyNotify) eo_free_entry);
2411 object_list->entries = NULL;
2418 object_list = g_new(struct sharkd_export_object_list, 1);
2419 object_list->type = g_strdup(tok_tap);
2420 object_list->proto = proto_get_protocol_short_name(find_protocol_by_id(get_eo_proto_id(eo)));
2421 object_list->entries = NULL;
2422 object_list->next = sharkd_eo_list;
2423 sharkd_eo_list = object_list;
2426 eo_object = g_new0(export_object_list_t, 1);
2427 eo_object->add_entry = sharkd_eo_object_list_add_entry;
2428 eo_object->get_entry = sharkd_eo_object_list_get_entry;
2429 eo_object->gui_data = (void *) object_list;
2431 tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb, NULL);
2433 tap_data = eo_object;
2434 tap_free = g_free; /* need to free only eo_object, object_list need to be kept for potential download */
2436 else if (!strcmp(tok_tap, "rtp-streams"))
2438 tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet_cb, sharkd_session_process_tap_rtp_cb, NULL);
2440 tap_data = &rtp_tapinfo;
2441 tap_free = rtpstream_reset_cb;
2443 else if (!strncmp(tok_tap, "rtp-analyse:", 12))
2445 struct sharkd_analyse_rtp *rtp_req;
2447 rtp_req = (struct sharkd_analyse_rtp *) g_malloc0(sizeof(*rtp_req));
2448 if (!sharkd_rtp_match_init(&rtp_req->id, tok_tap + 12))
2450 rtpstream_id_free(&rtp_req->id);
2455 rtp_req->tap_name = tok_tap;
2456 rtp_req->statinfo.first_packet = TRUE;
2457 rtp_req->statinfo.reg_pt = PT_UNDEFINED;
2459 tap_error = register_tap_listener("rtp", rtp_req, tap_filter, 0, NULL, sharkd_session_packet_tap_rtp_analyse_cb, sharkd_session_process_tap_rtp_analyse_cb, NULL);
2462 tap_free = sharkd_session_process_tap_rtp_free_cb;
2466 fprintf(stderr, "sharkd_session_process_tap() %s not recognized\n", tok_tap);
2472 fprintf(stderr, "sharkd_session_process_tap() name=%s error=%s", tok_tap, tap_error->str);
2473 g_string_free(tap_error, TRUE);
2479 taps_data[taps_count] = tap_data;
2480 taps_free[taps_count] = tap_free;
2484 fprintf(stderr, "sharkd_session_process_tap() count=%d\n", taps_count);
2485 if (taps_count == 0)
2488 json_dumper_begin_object(&dumper);
2490 sharkd_json_array_open("taps");
2492 sharkd_json_array_close();
2494 sharkd_json_value_anyf("err", "0");
2496 json_dumper_end_object(&dumper);
2497 json_dumper_finish(&dumper);
2499 for (i = 0; i < taps_count; i++)
2502 remove_tap_listener(taps_data[i]);
2505 taps_free[i](taps_data[i]);
2510 * sharkd_session_process_follow()
2512 * Process follow request
2515 * (m) follow - follow protocol request (e.g. HTTP)
2516 * (m) filter - filter request (e.g. tcp.stream == 1)
2518 * Output object with attributes:
2520 * (m) err - error code
2521 * (m) shost - server host
2522 * (m) sport - server port
2523 * (m) sbytes - server send bytes count
2524 * (m) chost - client host
2525 * (m) cport - client port
2526 * (m) cbytes - client send bytes count
2527 * (o) payloads - array of object with attributes:
2528 * (o) s - set if server sent, else client
2529 * (m) n - packet number
2530 * (m) d - data base64 encoded
2533 sharkd_session_process_follow(char *buf, const jsmntok_t *tokens, int count)
2535 const char *tok_follow = json_find_attr(buf, tokens, count, "follow");
2536 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
2538 register_follow_t *follower;
2541 follow_info_t *follow_info;
2545 if (!tok_follow || !tok_filter)
2548 follower = get_follow_by_name(tok_follow);
2551 fprintf(stderr, "sharkd_session_process_follow() follower=%s not found\n", tok_follow);
2555 /* follow_reset_stream ? */
2556 follow_info = g_new0(follow_info_t, 1);
2557 /* gui_data, filter_out_filter not set, but not used by dissector */
2559 tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL, NULL);
2562 fprintf(stderr, "sharkd_session_process_follow() name=%s error=%s", tok_follow, tap_error->str);
2563 g_string_free(tap_error, TRUE);
2564 g_free(follow_info);
2570 json_dumper_begin_object(&dumper);
2572 sharkd_json_value_anyf("err", "0");
2574 /* Server information: hostname, port, bytes sent */
2575 host = address_to_name(&follow_info->server_ip);
2576 sharkd_json_value_string("shost", host);
2578 port = get_follow_port_to_display(follower)(NULL, follow_info->server_port);
2579 sharkd_json_value_string("sport", port);
2580 wmem_free(NULL, port);
2582 sharkd_json_value_anyf("sbytes", "%u", follow_info->bytes_written[0]);
2584 /* Client information: hostname, port, bytes sent */
2585 host = address_to_name(&follow_info->client_ip);
2586 sharkd_json_value_string("chost", host);
2588 port = get_follow_port_to_display(follower)(NULL, follow_info->client_port);
2589 sharkd_json_value_string("cport", port);
2590 wmem_free(NULL, port);
2592 sharkd_json_value_anyf("cbytes", "%u", follow_info->bytes_written[1]);
2594 if (follow_info->payload)
2596 follow_record_t *follow_record;
2599 sharkd_json_array_open("payloads");
2600 for (cur = g_list_last(follow_info->payload); cur; cur = g_list_previous(cur))
2602 follow_record = (follow_record_t *) cur->data;
2604 json_dumper_begin_object(&dumper);
2606 sharkd_json_value_anyf("n", "%u", follow_record->packet_num);
2607 sharkd_json_value_base64("d", follow_record->data->data, follow_record->data->len);
2609 if (follow_record->is_server)
2610 sharkd_json_value_anyf("s", "%d", 1);
2612 json_dumper_end_object(&dumper);
2614 sharkd_json_array_close();
2617 json_dumper_end_object(&dumper);
2618 json_dumper_finish(&dumper);
2620 remove_tap_listener(follow_info);
2621 follow_info_free(follow_info);
2625 sharkd_session_process_frame_cb_tree(epan_dissect_t *edt, proto_tree *tree, tvbuff_t **tvbs, gboolean display_hidden)
2629 sharkd_json_array_open(NULL);
2630 for (node = tree->first_child; node; node = node->next)
2632 field_info *finfo = PNODE_FINFO(node);
2637 if (!display_hidden && FI_GET_FLAG(finfo, FI_HIDDEN))
2640 json_dumper_begin_object(&dumper);
2644 char label_str[ITEM_LABEL_LENGTH];
2646 label_str[0] = '\0';
2647 proto_item_fill_label(finfo, label_str);
2648 sharkd_json_value_string("l", label_str);
2652 sharkd_json_value_string("l", finfo->rep->representation);
2655 if (finfo->ds_tvb && tvbs && tvbs[0] != finfo->ds_tvb)
2659 for (idx = 1; tvbs[idx]; idx++)
2661 if (tvbs[idx] == finfo->ds_tvb)
2663 sharkd_json_value_anyf("ds", "%d", idx);
2669 if (finfo->start >= 0 && finfo->length > 0)
2670 sharkd_json_value_anyf("h", "[%d,%d]", finfo->start, finfo->length);
2672 if (finfo->appendix_start >= 0 && finfo->appendix_length > 0)
2673 sharkd_json_value_anyf("i", "[%d,%d]", finfo->appendix_start, finfo->appendix_length);
2680 if (finfo->hfinfo->type == FT_PROTOCOL)
2682 sharkd_json_value_string("t", "proto");
2684 else if (finfo->hfinfo->type == FT_FRAMENUM)
2686 sharkd_json_value_string("t", "framenum");
2687 sharkd_json_value_anyf("fnum", "%u", finfo->value.value.uinteger);
2689 else if (FI_GET_FLAG(finfo, FI_URL) && IS_FT_STRING(finfo->hfinfo->type))
2691 char *url = fvalue_to_string_repr(NULL, &finfo->value, FTREPR_DISPLAY, finfo->hfinfo->display);
2693 sharkd_json_value_string("t", "url");
2694 sharkd_json_value_string("url", url);
2695 wmem_free(NULL, url);
2698 filter = proto_construct_match_selected_string(finfo, edt);
2701 sharkd_json_value_string("f", filter);
2702 wmem_free(NULL, filter);
2706 if (FI_GET_FLAG(finfo, FI_GENERATED))
2707 sharkd_json_value_anyf("g", "true");
2709 if (FI_GET_FLAG(finfo, FI_HIDDEN))
2710 sharkd_json_value_anyf("v", "true");
2712 if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
2714 const char *severity = try_val_to_str(FI_GET_FLAG(finfo, PI_SEVERITY_MASK), expert_severity_vals);
2716 g_assert(severity != NULL);
2718 sharkd_json_value_string("s", severity);
2721 if (((proto_tree *) node)->first_child)
2723 if (finfo->tree_type != -1)
2724 sharkd_json_value_anyf("e", "%d", finfo->tree_type);
2726 sharkd_json_value_anyf("n", NULL);
2727 sharkd_session_process_frame_cb_tree(edt, (proto_tree *) node, tvbs, display_hidden);
2730 json_dumper_end_object(&dumper);
2732 sharkd_json_array_close();
2736 sharkd_follower_visit_layers_cb(const void *key _U_, void *value, void *user_data)
2738 register_follow_t *follower = (register_follow_t *) value;
2739 packet_info *pi = (packet_info *) user_data;
2741 const int proto_id = get_follow_proto_id(follower);
2743 guint32 ignore_stream;
2745 if (proto_is_frame_protocol(pi->layers, proto_get_protocol_filter_name(proto_id)))
2747 const char *layer_proto = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
2748 char *follow_filter;
2750 follow_filter = get_follow_conv_func(follower)(pi, &ignore_stream);
2752 json_dumper_begin_array(&dumper);
2753 json_dumper_value_string(&dumper, layer_proto);
2754 json_dumper_value_string(&dumper, follow_filter);
2755 json_dumper_end_array(&dumper);
2757 g_free(follow_filter);
2763 struct sharkd_frame_request_data
2765 gboolean display_hidden;
2769 sharkd_session_process_frame_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
2771 packet_info *pi = &edt->pi;
2772 frame_data *fdata = pi->fd;
2773 const char *pkt_comment = NULL;
2775 const struct sharkd_frame_request_data * const req_data = (const struct sharkd_frame_request_data * const) data;
2776 const gboolean display_hidden = (req_data) ? req_data->display_hidden : FALSE;
2778 json_dumper_begin_object(&dumper);
2780 sharkd_json_value_anyf("err", "0");
2782 if (fdata->has_user_comment)
2783 pkt_comment = sharkd_get_user_comment(fdata);
2784 else if (fdata->has_phdr_comment)
2785 pkt_comment = pi->rec->opt_comment;
2788 sharkd_json_value_string("comment", pkt_comment);
2792 tvbuff_t **tvbs = NULL;
2794 /* arrayize data src, to speedup searching for ds_tvb index */
2795 if (data_src && data_src->next /* only needed if there are more than one data source */)
2797 guint count = g_slist_length((GSList *) data_src);
2800 tvbs = (tvbuff_t **) g_malloc((count + 1) * sizeof(*tvbs));
2802 for (i = 0; i < count; i++)
2804 const struct data_source *src = (const struct data_source *) g_slist_nth_data((GSList *) data_src, i);
2806 tvbs[i] = get_data_source_tvb(src);
2812 sharkd_json_value_anyf("tree", NULL);
2813 sharkd_session_process_frame_cb_tree(edt, tree, tvbs, display_hidden);
2822 sharkd_json_array_open("col");
2823 for (col = 0; col < cinfo->num_cols; ++col)
2825 const col_item_t *col_item = &cinfo->columns[col];
2827 sharkd_json_value_string(NULL, col_item->col_data);
2829 sharkd_json_array_close();
2833 sharkd_json_value_anyf("i", "true");
2836 sharkd_json_value_anyf("m", "true");
2838 if (fdata->color_filter)
2840 sharkd_json_value_stringf("bg", "%x", color_t_to_rgb(&fdata->color_filter->bg_color));
2841 sharkd_json_value_stringf("fg", "%x", color_t_to_rgb(&fdata->color_filter->fg_color));
2846 struct data_source *src = (struct data_source *) data_src->data;
2847 gboolean ds_open = FALSE;
2852 tvb = get_data_source_tvb(src);
2853 length = tvb_captured_length(tvb);
2857 const guchar *cp = tvb_get_ptr(tvb, 0, length);
2859 /* XXX pi.fd->encoding */
2860 sharkd_json_value_base64("bytes", cp, length);
2864 sharkd_json_value_base64("bytes", "", 0);
2867 data_src = data_src->next;
2870 sharkd_json_array_open("ds");
2876 src = (struct data_source *) data_src->data;
2878 json_dumper_begin_object(&dumper);
2881 char *src_name = get_data_source_name(src);
2883 sharkd_json_value_string("name", src_name);
2884 wmem_free(NULL, src_name);
2887 tvb = get_data_source_tvb(src);
2888 length = tvb_captured_length(tvb);
2892 const guchar *cp = tvb_get_ptr(tvb, 0, length);
2894 /* XXX pi.fd->encoding */
2895 sharkd_json_value_base64("bytes", cp, length);
2899 sharkd_json_value_base64("bytes", "", 0);
2902 json_dumper_end_object(&dumper);
2904 data_src = data_src->next;
2907 /* close ds, only if was opened */
2909 sharkd_json_array_close();
2912 sharkd_json_array_open("fol");
2913 follow_iterate_followers(sharkd_follower_visit_layers_cb, pi);
2914 sharkd_json_array_close();
2916 json_dumper_end_object(&dumper);
2917 json_dumper_finish(&dumper);
2920 #define SHARKD_IOGRAPH_MAX_ITEMS 250000 /* 250k limit of items is taken from wireshark-qt, on x86_64 sizeof(io_graph_item_t) is 152, so single graph can take max 36 MB */
2922 struct sharkd_iograph
2926 io_graph_item_unit_t calc_type;
2932 io_graph_item_t *items;
2936 static tap_packet_status
2937 sharkd_iograph_packet(void *g, packet_info *pinfo, epan_dissect_t *edt, const void *dummy _U_)
2939 struct sharkd_iograph *graph = (struct sharkd_iograph *) g;
2941 gboolean update_succeeded;
2943 idx = get_io_graph_index(pinfo, graph->interval);
2944 if (idx < 0 || idx >= SHARKD_IOGRAPH_MAX_ITEMS)
2945 return TAP_PACKET_DONT_REDRAW;
2947 if (idx + 1 > graph->num_items)
2949 if (idx + 1 > graph->space_items)
2951 int new_size = idx + 1024;
2953 graph->items = (io_graph_item_t *) g_realloc(graph->items, sizeof(io_graph_item_t) * new_size);
2954 reset_io_graph_items(&graph->items[graph->space_items], new_size - graph->space_items);
2956 graph->space_items = new_size;
2958 else if (graph->items == NULL)
2960 graph->items = (io_graph_item_t *) g_malloc(sizeof(io_graph_item_t) * graph->space_items);
2961 reset_io_graph_items(graph->items, graph->space_items);
2964 graph->num_items = idx + 1;
2967 update_succeeded = update_io_graph_item(graph->items, idx, pinfo, edt, graph->hf_index, graph->calc_type, graph->interval);
2968 /* XXX - TAP_PACKET_FAILED if the item couldn't be updated, with an error message? */
2969 return update_succeeded ? TAP_PACKET_REDRAW : TAP_PACKET_DONT_REDRAW;
2973 * sharkd_session_process_iograph()
2975 * Process iograph request
2978 * (o) interval - interval time in ms, if not specified: 1000ms
2979 * (m) graph0 - First graph request
2980 * (o) graph1...graph9 - Other graph requests
2981 * (o) filter0 - First graph filter
2982 * (o) filter1...filter9 - Other graph filters
2984 * Graph requests can be one of: "packets", "bytes", "bits", "sum:<field>", "frames:<field>", "max:<field>", "min:<field>", "avg:<field>", "load:<field>",
2985 * if you use variant with <field>, you need to pass field name in filter request.
2987 * Output object with attributes:
2988 * (m) iograph - array of graph results with attributes:
2989 * errmsg - graph cannot be constructed
2990 * items - graph values, zeros are skipped, if value is not a number it's next index encoded as hex string
2993 sharkd_session_process_iograph(char *buf, const jsmntok_t *tokens, int count)
2995 const char *tok_interval = json_find_attr(buf, tokens, count, "interval");
2996 struct sharkd_iograph graphs[10];
2997 gboolean is_any_ok = FALSE;
3000 guint32 interval_ms = 1000; /* default: one per second */
3005 if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0)
3007 fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
3012 for (i = graph_count = 0; i < (int) G_N_ELEMENTS(graphs); i++)
3014 struct sharkd_iograph *graph = &graphs[graph_count];
3016 const char *tok_graph;
3017 const char *tok_filter;
3018 char tok_format_buf[32];
3019 const char *field_name;
3021 snprintf(tok_format_buf, sizeof(tok_format_buf), "graph%d", i);
3022 tok_graph = json_find_attr(buf, tokens, count, tok_format_buf);
3026 snprintf(tok_format_buf, sizeof(tok_format_buf), "filter%d", i);
3027 tok_filter = json_find_attr(buf, tokens, count, tok_format_buf);
3029 if (!strcmp(tok_graph, "packets"))
3030 graph->calc_type = IOG_ITEM_UNIT_PACKETS;
3031 else if (!strcmp(tok_graph, "bytes"))
3032 graph->calc_type = IOG_ITEM_UNIT_BYTES;
3033 else if (!strcmp(tok_graph, "bits"))
3034 graph->calc_type = IOG_ITEM_UNIT_BITS;
3035 else if (g_str_has_prefix(tok_graph, "sum:"))
3036 graph->calc_type = IOG_ITEM_UNIT_CALC_SUM;
3037 else if (g_str_has_prefix(tok_graph, "frames:"))
3038 graph->calc_type = IOG_ITEM_UNIT_CALC_FRAMES;
3039 else if (g_str_has_prefix(tok_graph, "fields:"))
3040 graph->calc_type = IOG_ITEM_UNIT_CALC_FIELDS;
3041 else if (g_str_has_prefix(tok_graph, "max:"))
3042 graph->calc_type = IOG_ITEM_UNIT_CALC_MAX;
3043 else if (g_str_has_prefix(tok_graph, "min:"))
3044 graph->calc_type = IOG_ITEM_UNIT_CALC_MIN;
3045 else if (g_str_has_prefix(tok_graph, "avg:"))
3046 graph->calc_type = IOG_ITEM_UNIT_CALC_AVERAGE;
3047 else if (g_str_has_prefix(tok_graph, "load:"))
3048 graph->calc_type = IOG_ITEM_UNIT_CALC_LOAD;
3052 field_name = strchr(tok_graph, ':');
3054 field_name = field_name + 1;
3056 graph->interval = interval_ms;
3058 graph->hf_index = -1;
3059 graph->error = check_field_unit(field_name, &graph->hf_index, graph->calc_type);
3061 graph->space_items = 0; /* TODO, can avoid realloc()s in sharkd_iograph_packet() by calculating: capture_time / interval */
3062 graph->num_items = 0;
3063 graph->items = NULL;
3066 graph->error = register_tap_listener("frame", graph, tok_filter, TL_REQUIRES_PROTO_TREE, NULL, sharkd_iograph_packet, NULL, NULL);
3070 if (graph->error == NULL)
3074 /* retap only if we have at least one ok */
3078 json_dumper_begin_object(&dumper);
3080 sharkd_json_array_open("iograph");
3081 for (i = 0; i < graph_count; i++)
3083 struct sharkd_iograph *graph = &graphs[i];
3085 json_dumper_begin_object(&dumper);
3089 sharkd_json_value_string("errmsg", graph->error->str);
3090 g_string_free(graph->error, TRUE);
3097 sharkd_json_array_open("items");
3098 for (idx = 0; idx < graph->num_items; idx++)
3102 val = get_io_graph_item(graph->items, graph->calc_type, idx, graph->hf_index, &cfile, graph->interval, graph->num_items);
3104 /* if it's zero, don't display */
3108 /* cause zeros are not printed, need to output index */
3109 if (next_idx != idx)
3110 sharkd_json_value_stringf(NULL, "%x", idx);
3112 sharkd_json_value_anyf(NULL, "%f", val);
3115 sharkd_json_array_close();
3117 json_dumper_end_object(&dumper);
3119 remove_tap_listener(graph);
3120 g_free(graph->items);
3122 sharkd_json_array_close();
3124 json_dumper_end_object(&dumper);
3125 json_dumper_finish(&dumper);
3129 * sharkd_session_process_intervals()
3131 * Process intervals request - generate basic capture file statistics per requested interval.
3134 * (o) interval - interval time in ms, if not specified: 1000ms
3135 * (o) filter - filter for generating interval request
3137 * Output object with attributes:
3138 * (m) intervals - array of intervals, with indexes:
3139 * [0] - index of interval,
3140 * [1] - number of frames during interval,
3141 * [2] - number of bytes during interval.
3143 * (m) last - last interval number.
3144 * (m) frames - total number of frames
3145 * (m) bytes - total number of bytes
3147 * NOTE: If frames are not in order, there might be items with same interval index, or even negative one.
3150 sharkd_session_process_intervals(char *buf, const jsmntok_t *tokens, int count)
3152 const char *tok_interval = json_find_attr(buf, tokens, count, "interval");
3153 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
3155 const guint8 *filter_data = NULL;
3159 unsigned int frames;
3165 guint32 interval_ms = 1000; /* default: one per second */
3167 unsigned int framenum;
3173 if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0)
3175 fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
3182 const struct sharkd_filter_item *filter_item;
3184 filter_item = sharkd_session_filter_data(tok_filter);
3187 filter_data = filter_item->filtered;
3190 st_total.frames = 0;
3198 json_dumper_begin_object(&dumper);
3199 sharkd_json_array_open("intervals");
3201 start_ts = (cfile.count >= 1) ? &(sharkd_get_frame(1)->abs_ts) : NULL;
3203 for (framenum = 1; framenum <= cfile.count; framenum++)
3209 if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
3212 fdata = sharkd_get_frame(framenum);
3214 msec_rel = (fdata->abs_ts.secs - start_ts->secs) * (gint64) 1000 + (fdata->abs_ts.nsecs - start_ts->nsecs) / 1000000;
3215 new_idx = msec_rel / interval_ms;
3221 sharkd_json_value_anyf(NULL, "[%" G_GINT64_FORMAT ",%u,%" G_GUINT64_FORMAT "]", idx, st.frames, st.bytes);
3233 st.bytes += fdata->pkt_len;
3235 st_total.frames += 1;
3236 st_total.bytes += fdata->pkt_len;
3241 sharkd_json_value_anyf(NULL, "[%" G_GINT64_FORMAT ",%u,%" G_GUINT64_FORMAT "]", idx, st.frames, st.bytes);
3243 sharkd_json_array_close();
3245 sharkd_json_value_anyf("last", "%" G_GINT64_FORMAT, max_idx);
3246 sharkd_json_value_anyf("frames", "%u", st_total.frames);
3247 sharkd_json_value_anyf("bytes", "%" G_GUINT64_FORMAT, st_total.bytes);
3249 json_dumper_end_object(&dumper);
3250 json_dumper_finish(&dumper);
3254 * sharkd_session_process_frame()
3256 * Process frame request
3259 * (m) frame - requested frame number
3260 * (o) ref_frame - time reference frame number
3261 * (o) prev_frame - previously displayed frame number
3262 * (o) proto - set if output frame tree
3263 * (o) columns - set if output frame columns
3264 * (o) color - set if output color-filter bg/fg
3265 * (o) bytes - set if output frame bytes
3266 * (o) hidden - set if output hidden tree fields
3268 * Output object with attributes:
3269 * (m) err - 0 if succeed
3270 * (o) tree - array of frame nodes with attributes:
3272 * t: 'proto', 'framenum', 'url' - type of node
3275 * e - subtree ett index
3276 * n - array of subtree nodes
3277 * h - two item array: (item start, item length)
3278 * i - two item array: (appendix start, appendix length)
3279 * p - [RESERVED] two item array: (protocol start, protocol length)
3280 * ds- data src index
3281 * url - only for t:'url', url
3282 * fnum - only for t:'framenum', frame number
3283 * g - if field is generated by Wireshark
3284 * v - if field is hidden
3286 * (o) col - array of column data
3287 * (o) bytes - base64 of frame bytes
3288 * (o) ds - array of other data srcs
3289 * (o) comment - frame comment
3290 * (o) fol - array of follow filters:
3292 * [1] - filter string
3293 * (o) i - if frame is ignored
3294 * (o) m - if frame is marked
3295 * (o) bg - color filter - background color in hex
3296 * (o) fg - color filter - foreground color in hex
3299 sharkd_session_process_frame(char *buf, const jsmntok_t *tokens, int count)
3301 const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
3302 const char *tok_ref_frame = json_find_attr(buf, tokens, count, "ref_frame");
3303 const char *tok_prev_frame = json_find_attr(buf, tokens, count, "prev_frame");
3305 guint32 framenum, ref_frame_num, prev_dis_num;
3306 guint32 dissect_flags = SHARKD_DISSECT_FLAG_NULL;
3307 struct sharkd_frame_request_data req_data;
3309 if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
3312 ref_frame_num = (framenum != 1) ? 1 : 0;
3313 if (tok_ref_frame && (!ws_strtou32(tok_ref_frame, NULL, &ref_frame_num) || ref_frame_num > framenum))
3316 prev_dis_num = framenum - 1;
3317 if (tok_prev_frame && (!ws_strtou32(tok_prev_frame, NULL, &prev_dis_num) || prev_dis_num >= framenum))
3320 if (json_find_attr(buf, tokens, count, "proto") != NULL)
3321 dissect_flags |= SHARKD_DISSECT_FLAG_PROTO_TREE;
3322 if (json_find_attr(buf, tokens, count, "bytes") != NULL)
3323 dissect_flags |= SHARKD_DISSECT_FLAG_BYTES;
3324 if (json_find_attr(buf, tokens, count, "columns") != NULL)
3325 dissect_flags |= SHARKD_DISSECT_FLAG_COLUMNS;
3326 if (json_find_attr(buf, tokens, count, "color") != NULL)
3327 dissect_flags |= SHARKD_DISSECT_FLAG_COLOR;
3329 req_data.display_hidden = (json_find_attr(buf, tokens, count, "v") != NULL);
3331 sharkd_dissect_request(framenum, ref_frame_num, prev_dis_num, &sharkd_session_process_frame_cb, dissect_flags, &req_data);
3335 * sharkd_session_process_check()
3337 * Process check request.
3340 * (o) filter - filter to be checked
3341 * (o) field - field to be checked
3343 * Output object with attributes:
3344 * (m) err - always 0
3345 * (o) filter - 'ok', 'warn' or error message
3346 * (o) field - 'ok', or 'notfound'
3349 sharkd_session_process_check(char *buf, const jsmntok_t *tokens, int count)
3351 const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
3352 const char *tok_field = json_find_attr(buf, tokens, count, "field");
3354 json_dumper_begin_object(&dumper);
3355 sharkd_json_value_anyf("err", "0");
3357 if (tok_filter != NULL)
3359 char *err_msg = NULL;
3362 if (dfilter_compile(tok_filter, &dfp, &err_msg))
3364 const char *s = "ok";
3366 if (dfp && dfilter_deprecated_tokens(dfp))
3369 sharkd_json_value_string("filter", s);
3374 sharkd_json_value_string("filter", err_msg);
3379 if (tok_field != NULL)
3381 header_field_info *hfi = proto_registrar_get_byname(tok_field);
3383 sharkd_json_value_string("field", (hfi) ? "ok" : "notfound");
3386 json_dumper_end_object(&dumper);
3387 json_dumper_finish(&dumper);
3392 struct sharkd_session_process_complete_pref_data
3399 sharkd_session_process_complete_pref_cb(module_t *module, gpointer d)
3401 struct sharkd_session_process_complete_pref_data *data = (struct sharkd_session_process_complete_pref_data *) d;
3403 if (strncmp(data->pref, module->name, strlen(data->pref)) != 0)
3406 json_dumper_begin_object(&dumper);
3407 sharkd_json_value_string("f", module->name);
3408 sharkd_json_value_string("d", module->title);
3409 json_dumper_end_object(&dumper);
3415 sharkd_session_process_complete_pref_option_cb(pref_t *pref, gpointer d)
3417 struct sharkd_session_process_complete_pref_data *data = (struct sharkd_session_process_complete_pref_data *) d;
3418 const char *pref_name = prefs_get_name(pref);
3419 const char *pref_title = prefs_get_title(pref);
3421 if (strncmp(data->pref, pref_name, strlen(data->pref)) != 0)
3424 json_dumper_begin_object(&dumper);
3425 sharkd_json_value_stringf("f", "%s.%s", data->module, pref_name);
3426 sharkd_json_value_string("d", pref_title);
3427 json_dumper_end_object(&dumper);
3429 return 0; /* continue */
3433 * sharkd_session_process_complete()
3435 * Process complete request
3438 * (o) field - field to be completed
3439 * (o) pref - preference to be completed
3441 * Output object with attributes:
3442 * (m) err - always 0
3443 * (o) field - array of object with attributes:
3444 * (m) f - field text
3445 * (o) t - field type (FT_ number)
3446 * (o) n - field name
3447 * (o) pref - array of object with attributes:
3449 * (o) d - pref description
3452 sharkd_session_process_complete(char *buf, const jsmntok_t *tokens, int count)
3454 const char *tok_field = json_find_attr(buf, tokens, count, "field");
3455 const char *tok_pref = json_find_attr(buf, tokens, count, "pref");
3457 json_dumper_begin_object(&dumper);
3458 sharkd_json_value_anyf("err", "0");
3460 if (tok_field != NULL && tok_field[0])
3462 const size_t filter_length = strlen(tok_field);
3463 const int filter_with_dot = !!strchr(tok_field, '.');
3469 sharkd_json_array_open("field");
3471 for (proto_id = proto_get_first_protocol(&proto_cookie); proto_id != -1; proto_id = proto_get_next_protocol(&proto_cookie))
3473 protocol_t *protocol = find_protocol_by_id(proto_id);
3474 const char *protocol_filter;
3475 const char *protocol_name;
3476 header_field_info *hfinfo;
3478 if (!proto_is_protocol_enabled(protocol))
3481 protocol_name = proto_get_protocol_long_name(protocol);
3482 protocol_filter = proto_get_protocol_filter_name(proto_id);
3484 if (strlen(protocol_filter) >= filter_length && !g_ascii_strncasecmp(tok_field, protocol_filter, filter_length))
3486 json_dumper_begin_object(&dumper);
3488 sharkd_json_value_string("f", protocol_filter);
3489 sharkd_json_value_anyf("t", "%d", FT_PROTOCOL);
3490 sharkd_json_value_string("n", protocol_name);
3492 json_dumper_end_object(&dumper);
3495 if (!filter_with_dot)
3498 for (hfinfo = proto_get_first_protocol_field(proto_id, &field_cookie); hfinfo != NULL; hfinfo = proto_get_next_protocol_field(proto_id, &field_cookie))
3500 if (hfinfo->same_name_prev_id != -1) /* ignore duplicate names */
3503 if (strlen(hfinfo->abbrev) >= filter_length && !g_ascii_strncasecmp(tok_field, hfinfo->abbrev, filter_length))
3505 json_dumper_begin_object(&dumper);
3507 sharkd_json_value_string("f", hfinfo->abbrev);
3509 /* XXX, skip displaying name, if there are multiple (to not confuse user) */
3510 if (hfinfo->same_name_next == NULL)
3512 sharkd_json_value_anyf("t", "%d", hfinfo->type);
3513 sharkd_json_value_string("n", hfinfo->name);
3516 json_dumper_end_object(&dumper);
3521 sharkd_json_array_close();
3524 if (tok_pref != NULL && tok_pref[0])
3526 struct sharkd_session_process_complete_pref_data data;
3529 data.module = tok_pref;
3530 data.pref = tok_pref;
3532 sharkd_json_array_open("pref");
3533 if ((dot_sepa = strchr(tok_pref, '.')))
3537 *dot_sepa = '\0'; /* XXX, C abuse: discarding-const */
3538 data.pref = dot_sepa + 1;
3540 pref_mod = prefs_find_module(data.module);
3542 prefs_pref_foreach(pref_mod, sharkd_session_process_complete_pref_option_cb, &data);
3548 prefs_modules_foreach(sharkd_session_process_complete_pref_cb, &data);
3550 sharkd_json_array_close();
3553 json_dumper_end_object(&dumper);
3554 json_dumper_finish(&dumper);
3560 * sharkd_session_process_setcomment()
3562 * Process setcomment request
3565 * (m) frame - frame number
3566 * (o) comment - user comment
3568 * Output object with attributes:
3569 * (m) err - error code: 0 succeed
3572 sharkd_session_process_setcomment(char *buf, const jsmntok_t *tokens, int count)
3574 const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
3575 const char *tok_comment = json_find_attr(buf, tokens, count, "comment");
3581 if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
3584 fdata = sharkd_get_frame(framenum);
3588 ret = sharkd_set_user_comment(fdata, tok_comment);
3590 sharkd_json_simple_reply(ret, NULL);
3594 * sharkd_session_process_setconf()
3596 * Process setconf request
3599 * (m) name - preference name
3600 * (m) value - preference value
3602 * Output object with attributes:
3603 * (m) err - error code: 0 succeed
3606 sharkd_session_process_setconf(char *buf, const jsmntok_t *tokens, int count)
3608 const char *tok_name = json_find_attr(buf, tokens, count, "name");
3609 const char *tok_value = json_find_attr(buf, tokens, count, "value");
3611 char *errmsg = NULL;
3613 prefs_set_pref_e ret;
3615 if (!tok_name || tok_name[0] == '\0' || !tok_value)
3618 ws_snprintf(pref, sizeof(pref), "%s:%s", tok_name, tok_value);
3620 ret = prefs_set_pref(pref, &errmsg);
3622 sharkd_json_simple_reply(ret, errmsg);
3626 struct sharkd_session_process_dumpconf_data
3632 sharkd_session_process_dumpconf_cb(pref_t *pref, gpointer d)
3634 struct sharkd_session_process_dumpconf_data *data = (struct sharkd_session_process_dumpconf_data *) d;
3635 const char *pref_name = prefs_get_name(pref);
3637 char json_pref_key[512];
3639 snprintf(json_pref_key, sizeof(json_pref_key), "%s.%s", data->module->name, pref_name);
3640 json_dumper_set_member_name(&dumper, json_pref_key);
3641 json_dumper_begin_object(&dumper);
3643 switch (prefs_get_type(pref))
3646 case PREF_DECODE_AS_UINT:
3647 sharkd_json_value_anyf("u", "%u", prefs_get_uint_value_real(pref, pref_current));
3648 if (prefs_get_uint_base(pref) != 10)
3649 sharkd_json_value_anyf("ub", "%u", prefs_get_uint_base(pref));
3653 sharkd_json_value_anyf("b", prefs_get_bool_value(pref, pref_current) ? "1" : "0");
3657 case PREF_SAVE_FILENAME:
3658 case PREF_OPEN_FILENAME:
3660 sharkd_json_value_string("s", prefs_get_string_value(pref, pref_current));
3665 const enum_val_t *enums;
3667 sharkd_json_array_open("e");
3668 for (enums = prefs_get_enumvals(pref); enums->name; enums++)
3670 json_dumper_begin_object(&dumper);
3672 sharkd_json_value_anyf("v", "%d", enums->value);
3674 if (enums->value == prefs_get_enum_value(pref, pref_current))
3675 sharkd_json_value_anyf("s", "1");
3677 sharkd_json_value_string("d", enums->description);
3679 json_dumper_end_object(&dumper);
3681 sharkd_json_array_close();
3686 case PREF_DECODE_AS_RANGE:
3688 char *range_str = range_convert_range(NULL, prefs_get_range_value_real(pref, pref_current));
3689 sharkd_json_value_string("r", range_str);
3690 wmem_free(NULL, range_str);
3696 uat_t *uat = prefs_get_uat_value(pref);
3699 sharkd_json_array_open("t");
3700 for (idx = 0; idx < uat->raw_data->len; idx++)
3702 void *rec = UAT_INDEX_PTR(uat, idx);
3705 sharkd_json_array_open(NULL);
3706 for (colnum = 0; colnum < uat->ncols; colnum++)
3708 char *str = uat_fld_tostr(rec, &(uat->fields[colnum]));
3710 sharkd_json_value_string(NULL, str);
3714 sharkd_json_array_close();
3717 sharkd_json_array_close();
3723 case PREF_STATIC_TEXT:
3730 sharkd_json_value_string("t", prefs_get_title(pref));
3733 json_dumper_end_object(&dumper);
3735 return 0; /* continue */
3739 sharkd_session_process_dumpconf_mod_cb(module_t *module, gpointer d)
3741 struct sharkd_session_process_dumpconf_data *data = (struct sharkd_session_process_dumpconf_data *) d;
3743 data->module = module;
3744 prefs_pref_foreach(module, sharkd_session_process_dumpconf_cb, data);
3750 * sharkd_session_process_dumpconf()
3752 * Process dumpconf request
3755 * (o) pref - module, or preference, NULL for all
3757 * Output object with attributes:
3758 * (o) prefs - object with module preferences
3759 * (m) [KEY] - preference name
3760 * (o) u - preference value (for PREF_UINT, PREF_DECODE_AS_UINT)
3761 * (o) ub - preference value suggested base for display (for PREF_UINT, PREF_DECODE_AS_UINT) and if different than 10
3762 * (o) b - preference value (only for PREF_BOOL) (1 true, 0 false)
3763 * (o) s - preference value (for PREF_STRING, PREF_SAVE_FILENAME, PREF_OPEN_FILENAME, PREF_DIRNAME)
3764 * (o) e - preference possible values (only for PREF_ENUM)
3765 * (o) r - preference value (for PREF_RANGE, PREF_DECODE_AS_RANGE)
3766 * (o) t - preference value (only for PREF_UAT)
3769 sharkd_session_process_dumpconf(char *buf, const jsmntok_t *tokens, int count)
3771 const char *tok_pref = json_find_attr(buf, tokens, count, "pref");
3777 struct sharkd_session_process_dumpconf_data data;
3781 json_dumper_begin_object(&dumper);
3783 sharkd_json_value_anyf("prefs", NULL);
3784 json_dumper_begin_object(&dumper);
3785 prefs_modules_foreach(sharkd_session_process_dumpconf_mod_cb, &data);
3786 json_dumper_end_object(&dumper);
3788 json_dumper_end_object(&dumper);
3789 json_dumper_finish(&dumper);
3793 if ((dot_sepa = strchr(tok_pref, '.')))
3795 pref_t *pref = NULL;
3797 *dot_sepa = '\0'; /* XXX, C abuse: discarding-const */
3798 pref_mod = prefs_find_module(tok_pref);
3800 pref = prefs_find_preference(pref_mod, dot_sepa + 1);
3805 struct sharkd_session_process_dumpconf_data data;
3807 data.module = pref_mod;
3809 json_dumper_begin_object(&dumper);
3811 sharkd_json_value_anyf("prefs", NULL);
3812 json_dumper_begin_object(&dumper);
3813 sharkd_session_process_dumpconf_cb(pref, &data);
3814 json_dumper_end_object(&dumper);
3816 json_dumper_end_object(&dumper);
3817 json_dumper_finish(&dumper);
3823 pref_mod = prefs_find_module(tok_pref);
3826 struct sharkd_session_process_dumpconf_data data;
3828 data.module = pref_mod;
3830 json_dumper_begin_object(&dumper);
3832 sharkd_json_value_anyf("prefs", NULL);
3833 json_dumper_begin_object(&dumper);
3834 prefs_pref_foreach(pref_mod, sharkd_session_process_dumpconf_cb, &data);
3835 json_dumper_end_object(&dumper);
3837 json_dumper_end_object(&dumper);
3838 json_dumper_finish(&dumper);
3842 struct sharkd_download_rtp
3850 sharkd_rtp_download_free_items(void *ptr)
3852 rtp_packet_t *rtp_packet = (rtp_packet_t *) ptr;
3854 g_free(rtp_packet->info);
3855 g_free(rtp_packet->payload_data);
3860 sharkd_rtp_download_decode(struct sharkd_download_rtp *req)
3862 /* based on RtpAudioStream::decode() 6e29d874f8b5e6ebc59f661a0bb0dab8e56f122a */
3863 /* TODO, for now only without silence (timing_mode_ = Uninterrupted) */
3865 static const int sample_bytes_ = sizeof(SAMPLE) / sizeof(char);
3867 guint32 audio_out_rate_ = 0;
3868 struct _GHashTable *decoders_hash_ = rtp_decoder_hash_table_new();
3869 struct SpeexResamplerState_ *audio_resampler_ = NULL;
3871 gsize resample_buff_len = 0x1000;
3872 SAMPLE *resample_buff = (SAMPLE *) g_malloc(resample_buff_len);
3873 spx_uint32_t cur_in_rate = 0;
3874 char *write_buff = NULL;
3875 gint64 write_bytes = 0;
3876 unsigned channels = 0;
3877 unsigned sample_rate = 0;
3881 for (l = req->packets; l; l = l->next)
3883 rtp_packet_t *rtp_packet = (rtp_packet_t *) l->data;
3885 SAMPLE *decode_buff = NULL;
3886 size_t decoded_bytes;
3888 decoded_bytes = decode_rtp_packet(rtp_packet, &decode_buff, decoders_hash_, &channels, &sample_rate);
3889 if (decoded_bytes == 0 || sample_rate == 0)
3891 /* We didn't decode anything. Clean up and prep for the next packet. */
3892 g_free(decode_buff);
3896 if (audio_out_rate_ == 0)
3902 /* First non-zero wins */
3903 audio_out_rate_ = sample_rate;
3905 RTP_STREAM_DEBUG("Audio sample rate is %u", audio_out_rate_);
3907 /* write WAVE header */
3908 memset(&wav_hdr, 0, sizeof(wav_hdr));
3909 memcpy(&wav_hdr[0], "RIFF", 4);
3910 memcpy(&wav_hdr[4], "\xFF\xFF\xFF\xFF", 4); /* XXX, unknown */
3911 memcpy(&wav_hdr[8], "WAVE", 4);
3913 memcpy(&wav_hdr[12], "fmt ", 4);
3914 memcpy(&wav_hdr[16], "\x10\x00\x00\x00", 4); /* PCM */
3915 memcpy(&wav_hdr[20], "\x01\x00", 2); /* PCM */
3918 memcpy(&wav_hdr[22], &tmp16, 2);
3920 tmp32 = sample_rate;
3921 memcpy(&wav_hdr[24], &tmp32, 4);
3923 tmp32 = sample_rate * channels * sample_bytes_;
3924 memcpy(&wav_hdr[28], &tmp32, 4);
3926 tmp16 = channels * sample_bytes_;
3927 memcpy(&wav_hdr[32], &tmp16, 2);
3928 /* bits per sample */
3929 tmp16 = 8 * sample_bytes_;
3930 memcpy(&wav_hdr[34], &tmp16, 2);
3932 memcpy(&wav_hdr[36], "data", 4);
3933 memcpy(&wav_hdr[40], "\xFF\xFF\xFF\xFF", 4); /* XXX, unknown */
3935 json_dumper_write_base64(&dumper, wav_hdr, sizeof(wav_hdr));
3938 // Write samples to our file.
3939 write_buff = (char *) decode_buff;
3940 write_bytes = decoded_bytes;
3942 if (audio_out_rate_ != sample_rate)
3944 spx_uint32_t in_len, out_len;
3946 /* Resample the audio to match our previous output rate. */
3947 if (!audio_resampler_)
3949 audio_resampler_ = speex_resampler_init(1, sample_rate, audio_out_rate_, 10, NULL);
3950 speex_resampler_skip_zeros(audio_resampler_);
3951 RTP_STREAM_DEBUG("Started resampling from %u to (out) %u Hz.", sample_rate, audio_out_rate_);
3955 spx_uint32_t audio_out_rate;
3956 speex_resampler_get_rate(audio_resampler_, &cur_in_rate, &audio_out_rate);
3958 if (sample_rate != cur_in_rate)
3960 speex_resampler_set_rate(audio_resampler_, sample_rate, audio_out_rate);
3961 RTP_STREAM_DEBUG("Changed input rate from %u to %u Hz. Out is %u.", cur_in_rate, sample_rate, audio_out_rate_);
3964 in_len = (spx_uint32_t)rtp_packet->info->info_payload_len;
3965 out_len = (audio_out_rate_ * (spx_uint32_t)rtp_packet->info->info_payload_len / sample_rate) + (audio_out_rate_ % sample_rate != 0);
3966 if (out_len * sample_bytes_ > resample_buff_len)
3968 while ((out_len * sample_bytes_ > resample_buff_len))
3969 resample_buff_len *= 2;
3970 resample_buff = (SAMPLE *) g_realloc(resample_buff, resample_buff_len);
3973 speex_resampler_process_int(audio_resampler_, 0, decode_buff, &in_len, resample_buff, &out_len);
3974 write_buff = (char *) resample_buff;
3975 write_bytes = out_len * sample_bytes_;
3978 /* Write the decoded, possibly-resampled audio */
3979 json_dumper_write_base64(&dumper, write_buff, write_bytes);
3981 g_free(decode_buff);
3984 g_free(resample_buff);
3985 g_hash_table_destroy(decoders_hash_);
3988 static tap_packet_status
3989 sharkd_session_packet_download_tap_rtp_cb(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *data)
3991 const struct _rtp_info *rtp_info = (const struct _rtp_info *) data;
3992 struct sharkd_download_rtp *req_rtp = (struct sharkd_download_rtp *) tapdata;
3994 /* do not consider RTP packets without a setup frame */
3995 if (rtp_info->info_setup_frame_num == 0)
3996 return TAP_PACKET_DONT_REDRAW;
3998 if (rtpstream_id_equal_pinfo_rtp_info(&req_rtp->id, pinfo, rtp_info))
4000 rtp_packet_t *rtp_packet;
4002 rtp_packet = g_new0(rtp_packet_t, 1);
4003 rtp_packet->info = (struct _rtp_info *) g_memdup(rtp_info, sizeof(struct _rtp_info));
4005 if (rtp_info->info_all_data_present && rtp_info->info_payload_len != 0)
4006 rtp_packet->payload_data = (guint8 *) g_memdup(&(rtp_info->info_data[rtp_info->info_payload_offset]), rtp_info->info_payload_len);
4008 if (!req_rtp->packets)
4009 req_rtp->start_time = nstime_to_sec(&pinfo->abs_ts);
4011 rtp_packet->frame_num = pinfo->num;
4012 rtp_packet->arrive_offset = nstime_to_sec(&pinfo->abs_ts) - req_rtp->start_time;
4014 /* XXX, O(n) optimize */
4015 req_rtp->packets = g_slist_append(req_rtp->packets, rtp_packet);
4018 return TAP_PACKET_DONT_REDRAW;
4022 * sharkd_session_process_download()
4024 * Process download request
4027 * (m) token - token to download
4029 * Output object with attributes:
4030 * (o) file - suggested name of file
4031 * (o) mime - suggested content type
4032 * (o) data - payload base64 encoded
4035 sharkd_session_process_download(char *buf, const jsmntok_t *tokens, int count)
4037 const char *tok_token = json_find_attr(buf, tokens, count, "token");
4042 if (!strncmp(tok_token, "eo:", 3))
4044 struct sharkd_export_object_list *object_list;
4045 const export_object_entry_t *eo_entry = NULL;
4047 for (object_list = sharkd_eo_list; object_list; object_list = object_list->next)
4049 size_t eo_type_len = strlen(object_list->type);
4051 if (!strncmp(tok_token, object_list->type, eo_type_len) && tok_token[eo_type_len] == '_')
4055 if (sscanf(&tok_token[eo_type_len + 1], "%d", &row) != 1)
4058 eo_entry = (export_object_entry_t *) g_slist_nth_data(object_list->entries, row);
4065 const char *mime = (eo_entry->content_type) ? eo_entry->content_type : "application/octet-stream";
4066 const char *filename = (eo_entry->filename) ? eo_entry->filename : tok_token;
4068 json_dumper_begin_object(&dumper);
4069 sharkd_json_value_string("file", filename);
4070 sharkd_json_value_string("mime", mime);
4071 sharkd_json_value_base64("data", eo_entry->payload_data, (size_t) eo_entry->payload_len);
4072 json_dumper_end_object(&dumper);
4073 json_dumper_finish(&dumper);
4076 else if (!strcmp(tok_token, "ssl-secrets"))
4078 char *str = ssl_export_sessions();
4082 const char *mime = "text/plain";
4083 const char *filename = "keylog.txt";
4085 json_dumper_begin_object(&dumper);
4086 sharkd_json_value_string("file", filename);
4087 sharkd_json_value_string("mime", mime);
4088 sharkd_json_value_base64("data", str, strlen(str));
4089 json_dumper_end_object(&dumper);
4090 json_dumper_finish(&dumper);
4094 else if (!strncmp(tok_token, "rtp:", 4))
4096 struct sharkd_download_rtp rtp_req;
4099 memset(&rtp_req, 0, sizeof(rtp_req));
4100 if (!sharkd_rtp_match_init(&rtp_req.id, tok_token + 4))
4102 fprintf(stderr, "sharkd_session_process_download() rtp tokenizing error %s\n", tok_token);
4106 tap_error = register_tap_listener("rtp", &rtp_req, NULL, 0, NULL, sharkd_session_packet_download_tap_rtp_cb, NULL, NULL);
4109 fprintf(stderr, "sharkd_session_process_download() rtp error=%s", tap_error->str);
4110 g_string_free(tap_error, TRUE);
4115 remove_tap_listener(&rtp_req);
4117 if (rtp_req.packets)
4119 const char *mime = "audio/x-wav";
4120 const char *filename = tok_token;
4122 json_dumper_begin_object(&dumper);
4123 sharkd_json_value_string("file", filename);
4124 sharkd_json_value_string("mime", mime);
4126 sharkd_json_value_anyf("data", NULL);
4127 json_dumper_begin_base64(&dumper);
4128 sharkd_rtp_download_decode(&rtp_req);
4129 json_dumper_end_base64(&dumper);
4131 json_dumper_end_object(&dumper);
4132 json_dumper_finish(&dumper);
4134 g_slist_free_full(rtp_req.packets, sharkd_rtp_download_free_items);
4140 sharkd_session_process(char *buf, const jsmntok_t *tokens, int count)
4144 /* sanity check, and split strings */
4145 if (count < 1 || tokens[0].type != JSMN_OBJECT)
4147 fprintf(stderr, "sanity check(1): [0] not object\n");
4151 /* don't need [0] token */
4157 fprintf(stderr, "sanity check(2): %d not even\n", count);
4161 for (i = 0; i < count; i += 2)
4163 if (tokens[i].type != JSMN_STRING)
4165 fprintf(stderr, "sanity check(3): [%d] not string\n", i);
4169 if (tokens[i + 1].type != JSMN_STRING && tokens[i + 1].type != JSMN_PRIMITIVE)
4171 fprintf(stderr, "sanity check(3a): [%d] wrong type\n", i + 1);
4175 buf[tokens[i + 0].end] = '\0';
4176 buf[tokens[i + 1].end] = '\0';
4178 /* unescape only value, as keys are simple strings */
4179 if (tokens[i + 1].type == JSMN_STRING && !json_decode_string_inplace(&buf[tokens[i + 1].start]))
4181 fprintf(stderr, "sanity check(3b): [%d] cannot unescape string\n", i + 1);
4187 const char *tok_req = json_find_attr(buf, tokens, count, "req");
4191 fprintf(stderr, "sanity check(4): no \"req\".\n");
4195 if (!strcmp(tok_req, "load"))
4196 sharkd_session_process_load(buf, tokens, count);
4197 else if (!strcmp(tok_req, "status"))
4198 sharkd_session_process_status();
4199 else if (!strcmp(tok_req, "analyse"))
4200 sharkd_session_process_analyse();
4201 else if (!strcmp(tok_req, "info"))
4202 sharkd_session_process_info();
4203 else if (!strcmp(tok_req, "check"))
4204 sharkd_session_process_check(buf, tokens, count);
4205 else if (!strcmp(tok_req, "complete"))
4206 sharkd_session_process_complete(buf, tokens, count);
4207 else if (!strcmp(tok_req, "frames"))
4208 sharkd_session_process_frames(buf, tokens, count);
4209 else if (!strcmp(tok_req, "tap"))
4210 sharkd_session_process_tap(buf, tokens, count);
4211 else if (!strcmp(tok_req, "follow"))
4212 sharkd_session_process_follow(buf, tokens, count);
4213 else if (!strcmp(tok_req, "iograph"))
4214 sharkd_session_process_iograph(buf, tokens, count);
4215 else if (!strcmp(tok_req, "intervals"))
4216 sharkd_session_process_intervals(buf, tokens, count);
4217 else if (!strcmp(tok_req, "frame"))
4218 sharkd_session_process_frame(buf, tokens, count);
4219 else if (!strcmp(tok_req, "setcomment"))
4220 sharkd_session_process_setcomment(buf, tokens, count);
4221 else if (!strcmp(tok_req, "setconf"))
4222 sharkd_session_process_setconf(buf, tokens, count);
4223 else if (!strcmp(tok_req, "dumpconf"))
4224 sharkd_session_process_dumpconf(buf, tokens, count);
4225 else if (!strcmp(tok_req, "download"))
4226 sharkd_session_process_download(buf, tokens, count);
4227 else if (!strcmp(tok_req, "bye"))
4230 fprintf(stderr, "::: req = %s\n", tok_req);
4232 /* reply for every command are 0+ lines of JSON reply (outputed above), finished by empty new line */
4233 json_dumper_finish(&dumper);
4236 * We do an explicit fflush after every line, because
4237 * we want output to be written to the socket as soon
4238 * as the line is complete.
4240 * The stream is fully-buffered by default, so it's
4241 * only flushed when the buffer fills or the FILE *
4242 * is closed. On UN*X, we could set it to be line
4243 * buffered, but the MSVC standard I/O routines don't
4244 * support line buffering - they only support *byte*
4245 * buffering, doing a write for every byte written,
4246 * which is too inefficient, and full buffering,
4247 * which is what you get if you request line buffering.
4254 sharkd_session_main(void)
4257 jsmntok_t *tokens = NULL;
4258 int tokens_max = -1;
4260 fprintf(stderr, "Hello in child.\n");
4262 dumper.output_file = stdout;
4264 filter_table = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, sharkd_session_filter_free);
4266 #ifdef HAVE_MAXMINDDB
4267 /* mmdbresolve was stopped before fork(), force starting it */
4268 uat_get_table_by_name("MaxMind Database Paths")->post_update_cb();
4271 while (fgets(buf, sizeof(buf), stdin))
4273 /* every command is line seperated JSON */
4276 ret = json_parse(buf, NULL, 0);
4279 fprintf(stderr, "invalid JSON -> closing\n");
4283 /* fprintf(stderr, "JSON: %d tokens\n", ret); */
4286 if (tokens == NULL || tokens_max < ret)
4289 tokens = (jsmntok_t *) g_realloc(tokens, sizeof(jsmntok_t) * tokens_max);
4292 memset(tokens, 0, ret * sizeof(jsmntok_t));
4294 ret = json_parse(buf, tokens, ret);
4297 fprintf(stderr, "invalid JSON(2) -> closing\n");
4301 #if defined(HAVE_C_ARES) || defined(HAVE_MAXMINDDB)
4302 host_name_lookup_process();
4305 sharkd_session_process(buf, tokens, ret);
4308 g_hash_table_destroy(filter_table);
4315 * Editor modelines - http://www.wireshark.org/tools/modelines.html
4320 * indent-tabs-mode: t
4323 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
4324 * :indentSize=8:tabSize=8:noTabs=false: