summary.c

   1 /* summary.c
   2  * Routines for capture file summary info
   3  *
   4  * Wireshark - Network traffic analyzer
   5  * By Gerald Combs <gerald@wireshark.org>
   6  * Copyright 1998 Gerald Combs
   7  *
   8  * This program is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU General Public License
  10  * as published by the Free Software Foundation; either version 2
  11  * of the License, or (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22
  23 #include <config.h>
  24
  25 #include <wiretap/pcap-encap.h>
  26 #include <wiretap/wtap_opttypes.h>
  27 #include <wiretap/pcapng.h>
  28
  29 #include <epan/packet.h>
  30 #include "cfile.h"
  31 #include "summary.h"
  32 #if 0
  33 #include "ui/capture_ui_utils.h"
  34 #endif
  35
  36
  37 static void
  38 tally_frame_data(frame_data *cur_frame, summary_tally *sum_tally)
  39 {
  40   double cur_time;
  41
  42   sum_tally->bytes += cur_frame->pkt_len;
  43   if (cur_frame->flags.passed_dfilter){
  44     sum_tally->filtered_count++;
  45     sum_tally->filtered_bytes += cur_frame->pkt_len;
  46   }
  47   if (cur_frame->flags.marked){
  48     sum_tally->marked_count++;
  49     sum_tally->marked_bytes += cur_frame->pkt_len;
  50   }
  51   if (cur_frame->flags.ignored){
  52     sum_tally->ignored_count++;
  53   }
  54
  55   if (cur_frame->flags.has_ts) {
  56     /* This packet has a time stamp. */
  57     cur_time = nstime_to_sec(&cur_frame->abs_ts);
  58
  59     sum_tally->packet_count_ts++;
  60     if (cur_time < sum_tally->start_time) {
  61       sum_tally->start_time = cur_time;
  62     }
  63     if (cur_time > sum_tally->stop_time){
  64       sum_tally->stop_time = cur_time;
  65     }
  66     if (cur_frame->flags.passed_dfilter){
  67       sum_tally->filtered_count_ts++;
  68       /*
  69        * If we've seen one filtered packet, this is the first
  70        * one.
  71        */
  72       if (sum_tally->filtered_count == 1){
  73         sum_tally->filtered_start= cur_time;
  74         sum_tally->filtered_stop = cur_time;
  75       } else {
  76         if (cur_time < sum_tally->filtered_start) {
  77           sum_tally->filtered_start = cur_time;
  78         }
  79         if (cur_time > sum_tally->filtered_stop) {
  80           sum_tally->filtered_stop = cur_time;
  81         }
  82       }
  83     }
  84     if (cur_frame->flags.marked){
  85       sum_tally->marked_count_ts++;
  86       /*
  87        * If we've seen one marked packet, this is the first
  88        * one.
  89        */
  90       if (sum_tally->marked_count == 1){
  91         sum_tally->marked_start= cur_time;
  92         sum_tally->marked_stop = cur_time;
  93       } else {
  94         if (cur_time < sum_tally->marked_start) {
  95           sum_tally->marked_start = cur_time;
  96         }
  97         if (cur_time > sum_tally->marked_stop) {
  98           sum_tally->marked_stop = cur_time;
  99         }
 100       }
 101     }
 102   }
 103 }
 104
 105 void
 106 summary_fill_in(capture_file *cf, summary_tally *st)
 107 {
 108   frame_data    *first_frame, *cur_frame;
 109   guint32        framenum;
 110   wtap_optionblock_t shb_inf;
 111   iface_options iface;
 112   guint i;
 113   wtapng_iface_descriptions_t* idb_info;
 114   wtap_optionblock_t wtapng_if_descr;
 115   wtapng_if_descr_mandatory_t *wtapng_if_descr_mand;
 116   wtap_optionblock_t if_stats;
 117   guint64 isb_ifdrop;
 118   char* if_string;
 119   wtapng_if_descr_filter_t* if_filter;
 120
 121   st->packet_count_ts = 0;
 122   st->start_time = 0;
 123   st->stop_time = 0;
 124   st->bytes = 0;
 125   st->filtered_count = 0;
 126   st->filtered_count_ts = 0;
 127   st->filtered_start = 0;
 128   st->filtered_stop = 0;
 129   st->filtered_bytes = 0;
 130   st->marked_count = 0;
 131   st->marked_count_ts = 0;
 132   st->marked_start = 0;
 133   st->marked_stop = 0;
 134   st->marked_bytes = 0;
 135   st->ignored_count = 0;
 136
 137   /* initialize the tally */
 138   if (cf->count != 0) {
 139     first_frame = frame_data_sequence_find(cf->frames, 1);
 140     st->start_time = nstime_to_sec(&first_frame->abs_ts);
 141     st->stop_time = nstime_to_sec(&first_frame->abs_ts);
 142
 143     for (framenum = 1; framenum <= cf->count; framenum++) {
 144       cur_frame = frame_data_sequence_find(cf->frames, framenum);
 145       tally_frame_data(cur_frame, st);
 146     }
 147   }
 148
 149   st->filename = cf->filename;
 150   st->file_length = cf->f_datalen;
 151   st->file_type = cf->cd_t;
 152   st->iscompressed = cf->iscompressed;
 153   st->is_tempfile = cf->is_tempfile;
 154   st->file_encap_type = cf->lnk_t;
 155   st->packet_encap_types = cf->linktypes;
 156   st->has_snap = cf->has_snap;
 157   st->snap = cf->snap;
 158   st->elapsed_time = nstime_to_sec(&cf->elapsed_time);
 159   st->packet_count = cf->count;
 160   st->drops_known = cf->drops_known;
 161   st->drops = cf->drops;
 162   st->dfilter = cf->dfilter;
 163
 164   /* Get info from SHB */
 165   shb_inf = wtap_file_get_shb(cf->wth);
 166   if(shb_inf == NULL){
 167     st->opt_comment    = NULL;
 168     st->shb_hardware   = NULL;
 169     st->shb_os         = NULL;
 170     st->shb_user_appl  = NULL;
 171   }else{
 172     wtap_optionblock_get_option_string(shb_inf, OPT_COMMENT, &st->opt_comment);
 173     wtap_optionblock_get_option_string(shb_inf, OPT_SHB_HARDWARE, &st->shb_hardware);
 174     wtap_optionblock_get_option_string(shb_inf, OPT_SHB_OS, &st->shb_os);
 175     wtap_optionblock_get_option_string(shb_inf, OPT_SHB_USERAPPL, (char**)&st->shb_user_appl);
 176   }
 177
 178   st->ifaces  = g_array_new(FALSE, FALSE, sizeof(iface_options));
 179   idb_info = wtap_file_get_idb_info(cf->wth);
 180   for (i = 0; i < idb_info->interface_data->len; i++) {
 181     wtapng_if_descr = g_array_index(idb_info->interface_data, wtap_optionblock_t, i);
 182     wtapng_if_descr_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(wtapng_if_descr);
 183     wtap_optionblock_get_option_custom(wtapng_if_descr, OPT_IDB_FILTER, (void**)&if_filter);
 184     iface.cfilter = g_strdup(if_filter->if_filter_str);
 185     wtap_optionblock_get_option_string(wtapng_if_descr, OPT_IDB_NAME, &if_string);
 186     iface.name = g_strdup(if_string);
 187     wtap_optionblock_get_option_string(wtapng_if_descr, OPT_IDB_DESCR, &if_string);
 188     iface.descr = g_strdup(if_string);
 189     iface.drops_known = FALSE;
 190     iface.drops = 0;
 191     iface.snap = wtapng_if_descr_mand->snap_len;
 192     iface.has_snap = (iface.snap != 65535);
 193     iface.encap_type = wtapng_if_descr_mand->wtap_encap;
 194     iface.isb_comment = NULL;
 195     if(wtapng_if_descr_mand->num_stat_entries == 1){
 196       /* dumpcap only writes one ISB, only handle that for now */
 197       if_stats = g_array_index(wtapng_if_descr_mand->interface_statistics, wtap_optionblock_t, 0);
 198       wtap_optionblock_get_option_uint64(if_stats, OPT_ISB_IFDROP, &isb_ifdrop);
 199       if (isb_ifdrop != G_GUINT64_CONSTANT(0xFFFFFFFFFFFFFFFF)) {
 200         iface.drops_known = TRUE;
 201         iface.drops = isb_ifdrop;
 202       }
 203       /* XXX: this doesn't get used, and might need to be g_strdup'ed when it does */
 204       wtap_optionblock_get_option_string(if_stats, OPT_COMMENT, &iface.isb_comment);
 205     }
 206     g_array_append_val(st->ifaces, iface);
 207   }
 208   g_free(idb_info);
 209 }
 210
 211 #ifdef HAVE_LIBPCAP
 212 void
 213 summary_fill_in_capture(capture_file *cf,capture_options *capture_opts, summary_tally *st)
 214 {
 215   iface_options iface;
 216   interface_t device;
 217   guint i;
 218
 219   if (st->ifaces->len == 0) {
 220     /*
 221      * XXX - do this only if we have a live capture.
 222      */
 223     for (i = 0; i < capture_opts->all_ifaces->len; i++) {
 224       device = g_array_index(capture_opts->all_ifaces, interface_t, i);
 225       if (!device.selected) {
 226         continue;
 227       }
 228       iface.cfilter = g_strdup(device.cfilter);
 229       iface.name = g_strdup(device.name);
 230       iface.descr = g_strdup(device.display_name);
 231       iface.drops_known = cf->drops_known;
 232       iface.drops = cf->drops;
 233       iface.has_snap = device.has_snaplen;
 234       iface.snap = device.snaplen;
 235       iface.encap_type = wtap_pcap_encap_to_wtap_encap(device.active_dlt);
 236       g_array_append_val(st->ifaces, iface);
 237     }
 238   }
 239 }
 240 #endif
 241
 242 /*
 243  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html
 244  *
 245  * Local Variables:
 246  * c-basic-offset: 2
 247  * tab-width: 8
 248  * indent-tabs-mode: nil
 249  * End:
 250  *
 251  * ex: set shiftwidth=2 tabstop=8 expandtab:
 252  * :indentSize=2:tabSize=8:noTabs=true:
 253  */