#include <netinet/in.h>
#endif
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
#include <signal.h>
#include <errno.h>
-#ifdef HAVE_LIBZ
-#include <zlib.h> /* to get the libz version number */
-#endif
-
#include <wsutil/cmdarg_err.h>
#include <wsutil/crash_info.h>
-#include <wsutil/ws_version_info.h>
+#include <wsutil/strtoi.h>
+#include <ws_version_info.h>
#ifndef HAVE_GETOPT_LONG
#include "wsutil/wsgetopt.h"
#endif
#include "ringbuffer.h"
-#include "version_info.h"
#include "caputils/capture_ifinfo.h"
#include "caputils/capture-pcap-util.h"
#include "caputils/capture-wpcap.h"
#endif /* _WIN32 */
-#include "pcapio.h"
+#include "writecap/pcapio.h"
#ifdef _WIN32
#include <wsutil/unicode-utils.h>
#include <sys/un.h>
#endif
-#ifdef NEED_INET_V6DEFS_H
-# include "wsutil/inet_v6defs.h"
-#endif
-
#include <wsutil/clopts_common.h>
#include <wsutil/privileges.h>
#include "wsutil/tempfile.h"
#include "log.h"
#include "wsutil/file_util.h"
+#include "wsutil/cpu_info.h"
#include "wsutil/os_version_info.h"
+#include "wsutil/str_util.h"
+#include "wsutil/inet_addr.h"
#include "caputils/ws80211_utils.h"
+#ifdef HAVE_EXTCAP
+#include "extcap.h"
+#endif
+
/*
* Get information about libpcap format from "wiretap/libpcap.h".
+ * Get information about pcapng format from "wiretap/pcapng_module.h".
* XXX - can we just use pcap_open_offline() to read the pipe?
*/
#include "wiretap/libpcap.h"
+#include "wiretap/pcapng_module.h"
/**#define DEBUG_DUMPCAP**/
/**#define DEBUG_CHILD_DUMPCAP**/
if (fd < 0)
return;
- written = write(fd, "1", strlen("1"));
+ written = ws_write(fd, "1", strlen("1"));
- close(fd);
+ ws_close(fd);
}
#endif
*/
static const char please_report[] =
"Please report this to the Wireshark developers.\n"
- "http://bugs.wireshark.org/\n"
+ "https://bugs.wireshark.org/\n"
"(This is not a crash; please do not report it as such.)";
/*
*/
static loop_data global_ld;
-
/*
* Timeout, in milliseconds, for reads from the stream of captured packets
* from a capture device.
static void capture_loop_get_errmsg(char *errmsg, int errmsglen, const char *fname,
int err, gboolean is_close);
-static void WS_MSVC_NORETURN exit_main(int err) G_GNUC_NORETURN;
+static void WS_NORETURN exit_main(int err);
static void report_new_capture_file(const char *filename);
static void report_packet_count(unsigned int packet_count);
#ifdef HAVE_PCAP_CREATE
fprintf(output, " -I capture in monitor mode, if available\n");
#endif
-#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
+#ifdef CAN_SET_CAPTURE_BUFFER_SIZE
fprintf(output, " -B <buffer size> size of kernel buffer in MiB (def: %dMiB)\n", DEFAULT_CAPTURE_BUFFER_SIZE);
#endif
fprintf(output, " -y <link type> link layer type (def: first appropriate)\n");
#ifdef HAVE_BPF_IMAGE
fprintf(output, " -d print generated BPF code for capture filter\n");
#endif
- fprintf(output, " -k set channel on wifi interface <freq>,[<type>]\n");
+ fprintf(output, " -k set channel on wifi interface:\n"
+ " <freq>,[<type>],[<center_freq1>],[<center_freq2>]\n");
fprintf(output, " -S print statistics for each interface once per second\n");
fprintf(output, " -M for -D, -L, and -S, produce machine-readable output\n");
fprintf(output, "\n");
}
#endif
-static pcap_t *
-open_capture_device(capture_options *capture_opts
-#ifndef HAVE_PCAP_SET_TSTAMP_PRECISION
- _U_
-#endif
- ,
- interface_options *interface_opts,
- char (*open_err_str)[PCAP_ERRBUF_SIZE])
-{
- pcap_t *pcap_h;
-#ifdef HAVE_PCAP_CREATE
- int err;
-#endif
-#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE)
- struct pcap_rmtauth auth;
-#endif
-
- /* Open the network interface to capture from it.
- Some versions of libpcap may put warnings into the error buffer
- if they succeed; to tell if that's happened, we have to clear
- the error buffer, and check if it's still a null string. */
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Entering open_capture_device().");
- (*open_err_str)[0] = '\0';
-#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE)
- /*
- * If we're opening a remote device, use pcap_open(); that's currently
- * the only open routine that supports remote devices.
- */
- if (strncmp (interface_opts->name, "rpcap://", 8) == 0) {
- auth.type = interface_opts->auth_type == CAPTURE_AUTH_PWD ?
- RPCAP_RMTAUTH_PWD : RPCAP_RMTAUTH_NULL;
- auth.username = interface_opts->auth_username;
- auth.password = interface_opts->auth_password;
-
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_open() using name %s, snaplen %d, promisc_mode %d, datatx_udp %d, nocap_rpcap %d.",
- interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode,
- interface_opts->datatx_udp, interface_opts->nocap_rpcap);
- pcap_h = pcap_open(interface_opts->name, interface_opts->snaplen,
- /* flags */
- (interface_opts->promisc_mode ? PCAP_OPENFLAG_PROMISCUOUS : 0) |
- (interface_opts->datatx_udp ? PCAP_OPENFLAG_DATATX_UDP : 0) |
- (interface_opts->nocap_rpcap ? PCAP_OPENFLAG_NOCAPTURE_RPCAP : 0),
- CAP_READ_TIMEOUT, &auth, *open_err_str);
- if (pcap_h == NULL) {
- /* Error - did pcap actually supply an error message? */
- if ((*open_err_str)[0] == '\0') {
- /* Work around known WinPcap bug wherein no error message is
- filled in on a failure to open an rpcap: URL. */
- g_strlcpy(*open_err_str,
- "Unknown error (pcap bug; actual error cause not reported)",
- sizeof *open_err_str);
- }
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open() returned %p.", (void *)pcap_h);
- } else
-#endif
- {
- /*
- * If we're not opening a remote device, use pcap_create() and
- * pcap_activate() if we have them, so that we can set the buffer
- * size, otherwise use pcap_open_live().
- */
-#ifdef HAVE_PCAP_CREATE
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_create() using %s.", interface_opts->name);
- pcap_h = pcap_create(interface_opts->name, *open_err_str);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_create() returned %p.", (void *)pcap_h);
- if (pcap_h != NULL) {
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_set_snaplen() with snaplen %d.", interface_opts->snaplen);
- pcap_set_snaplen(pcap_h, interface_opts->snaplen);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Calling pcap_set_promisc() with promisc_mode %d.", interface_opts->promisc_mode);
- pcap_set_promisc(pcap_h, interface_opts->promisc_mode);
- pcap_set_timeout(pcap_h, CAP_READ_TIMEOUT);
-
-#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION
- /*
- * If we're writing pcap-ng files, try to enable
- * nanosecond-resolution capture; any code that
- * can read pcap-ng files must be able to handle
- * nanosecond-resolution time stamps.
- *
- * If we're writing pcap files, don't try to enable
- * nanosecond-resolution capture, as not all code
- * that reads pcap files recognizes the nanosecond-
- * resolution pcap file magic number.
- */
- if (capture_opts->use_pcapng)
- request_high_resolution_timestamp(pcap_h);
-#endif /* HAVE_PCAP_SET_TSTAMP_PRECISION */
-
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "buffersize %d.", interface_opts->buffer_size);
- if (interface_opts->buffer_size != 0) {
- pcap_set_buffer_size(pcap_h, interface_opts->buffer_size * 1024 * 1024);
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "monitor_mode %d.", interface_opts->monitor_mode);
- if (interface_opts->monitor_mode)
- pcap_set_rfmon(pcap_h, 1);
- err = pcap_activate(pcap_h);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_activate() returned %d.", err);
- if (err < 0) {
- /* Failed to activate, set to NULL */
- if (err == PCAP_ERROR)
- g_strlcpy(*open_err_str, pcap_geterr(pcap_h), sizeof *open_err_str);
- else
- g_strlcpy(*open_err_str, pcap_statustostr(err), sizeof *open_err_str);
- pcap_close(pcap_h);
- pcap_h = NULL;
- }
- }
-#else
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open_live() calling using name %s, snaplen %d, promisc_mode %d.",
- interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode);
- pcap_h = pcap_open_live(interface_opts->name, interface_opts->snaplen,
- interface_opts->promisc_mode, CAP_READ_TIMEOUT,
- *open_err_str);
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "pcap_open_live() returned %p.", (void *)pcap_h);
-#endif
- }
- g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "open_capture_device %s : %s", pcap_h ? "SUCCESS" : "FAILURE", interface_opts->name);
- return pcap_h;
-}
-
static void
get_capture_device_open_failure_messages(const char *open_err_str,
const char *iface,
"\n"
"In order to capture packets, WinPcap must be installed; see\n"
"\n"
- " http://www.winpcap.org/\n"
- "\n"
- "or the mirror at\n"
- "\n"
- " http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/\n"
- "\n"
- "or the mirror at\n"
- "\n"
- " http://winpcap.cs.pu.edu.tw/\n"
+ " https://www.winpcap.org/\n"
"\n"
"for a downloadable version of WinPcap and for instructions on how to install\n"
"WinPcap.");
"Please check that \"%s\" is the proper interface.\n"
"\n"
"\n"
- "Help can be found at:\n"
+ "Help can be found on the following pages:\n"
"\n"
- " http://wiki.wireshark.org/WinPcap\n"
- " http://wiki.wireshark.org/CaptureSetup\n",
+ " https://wiki.wireshark.org/WinPcap\n"
+ " https://wiki.wireshark.org/CaptureSetup\n",
iface);
}
#else
#endif /* _WIN32 */
}
-/* Set the data link type on a pcap. */
-static gboolean
-set_pcap_linktype(pcap_t *pcap_h, int linktype, char *name,
- char *errmsg, size_t errmsg_len,
- char *secondary_errmsg, size_t secondary_errmsg_len)
-{
- char *set_linktype_err_str;
-
- if (linktype == -1)
- return TRUE; /* just use the default */
-#ifdef HAVE_PCAP_SET_DATALINK
- if (pcap_set_datalink(pcap_h, linktype) == 0)
- return TRUE; /* no error */
- set_linktype_err_str = pcap_geterr(pcap_h);
-#else
- /* Let them set it to the type it is; reject any other request. */
- if (get_pcap_linktype(pcap_h, name) == linktype)
- return TRUE; /* no error */
- set_linktype_err_str =
- "That DLT isn't one of the DLTs supported by this device";
-#endif
- g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type on interface '%s' (%s).",
- name, set_linktype_err_str);
- /*
- * If the error isn't "XXX is not one of the DLTs supported by this device",
- * tell the user to tell the Wireshark developers about it.
- */
- if (strstr(set_linktype_err_str, "is not one of the DLTs supported by this device") == NULL)
- g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len, please_report);
- else
- secondary_errmsg[0] = '\0';
- return FALSE;
-}
-
static gboolean
compile_capture_filter(const char *iface, pcap_t *pcap_h,
struct bpf_program *fcode, const char *cfilter)
* third argument to pcap_compile() as a const pointer. Cast
* away the warning.
*/
+DIAG_OFF(cast-qual)
if (pcap_compile(pcap_h, fcode, (char *)cfilter, 1, netmask) < 0)
return FALSE;
+DIAG_ON(cast-qual)
return TRUE;
}
for (j = 0; j < capture_opts->ifaces->len; j++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, j);
- pcap_h = open_capture_device(capture_opts, &interface_opts, &open_err_str);
+ pcap_h = open_capture_device(capture_opts, &interface_opts,
+ CAP_READ_TIMEOUT, &open_err_str);
if (pcap_h == NULL) {
/* Open failed; get messages */
get_capture_device_open_failure_messages(open_err_str,
}
/* Set the link-layer type. */
- if (!set_pcap_linktype(pcap_h, interface_opts.linktype, interface_opts.name,
+ if (!set_pcap_datalink(pcap_h, interface_opts.linktype, interface_opts.name,
errmsg, sizeof errmsg,
secondary_errmsg, sizeof secondary_errmsg)) {
pcap_close(pcap_h);
return get_interface_list(err, err_str);
}
-/*
- * Get the data-link type for a libpcap device.
- * This works around AIX 5.x's non-standard and incompatible-with-the-
- * rest-of-the-universe libpcap.
- */
-static int
-get_pcap_linktype(pcap_t *pch, const char *devicename
-#ifndef _AIX
- _U_
-#endif
-)
-{
- int linktype;
-#ifdef _AIX
- const char *ifacename;
-#endif
-
- linktype = pcap_datalink(pch);
-#ifdef _AIX
-
- /*
- * The libpcap that comes with AIX 5.x uses RFC 1573 ifType values
- * rather than DLT_ values for link-layer types; the ifType values
- * for LAN devices are:
- *
- * Ethernet 6
- * 802.3 7
- * Token Ring 9
- * FDDI 15
- *
- * and the ifType value for a loopback device is 24.
- *
- * The AIX names for LAN devices begin with:
- *
- * Ethernet en
- * 802.3 et
- * Token Ring tr
- * FDDI fi
- *
- * and the AIX names for loopback devices begin with "lo".
- *
- * (The difference between "Ethernet" and "802.3" is presumably
- * whether packets have an Ethernet header, with a packet type,
- * or an 802.3 header, with a packet length, followed by an 802.2
- * header and possibly a SNAP header.)
- *
- * If the device name matches "linktype" interpreted as an ifType
- * value, rather than as a DLT_ value, we will assume this is AIX's
- * non-standard, incompatible libpcap, rather than a standard libpcap,
- * and will map the link-layer type to the standard DLT_ value for
- * that link-layer type, as that's what the rest of Wireshark expects.
- *
- * (This means the capture files won't be readable by a tcpdump
- * linked with AIX's non-standard libpcap, but so it goes. They
- * *will* be readable by standard versions of tcpdump, Wireshark,
- * and so on.)
- *
- * XXX - if we conclude we're using AIX libpcap, should we also
- * set a flag to cause us to assume the time stamps are in
- * seconds-and-nanoseconds form, and to convert them to
- * seconds-and-microseconds form before processing them and
- * writing them out?
- */
-
- /*
- * Find the last component of the device name, which is the
- * interface name.
- */
- ifacename = strchr(devicename, '/');
- if (ifacename == NULL)
- ifacename = devicename;
-
- /* See if it matches any of the LAN device names. */
- if (strncmp(ifacename, "en", 2) == 0) {
- if (linktype == 6) {
- /*
- * That's the RFC 1573 value for Ethernet; map it to DLT_EN10MB.
- */
- linktype = 1;
- }
- } else if (strncmp(ifacename, "et", 2) == 0) {
- if (linktype == 7) {
- /*
- * That's the RFC 1573 value for 802.3; map it to DLT_EN10MB.
- * (libpcap, tcpdump, Wireshark, etc. don't care if it's Ethernet
- * or 802.3.)
- */
- linktype = 1;
- }
- } else if (strncmp(ifacename, "tr", 2) == 0) {
- if (linktype == 9) {
- /*
- * That's the RFC 1573 value for 802.5 (Token Ring); map it to
- * DLT_IEEE802, which is what's used for Token Ring.
- */
- linktype = 6;
- }
- } else if (strncmp(ifacename, "fi", 2) == 0) {
- if (linktype == 15) {
- /*
- * That's the RFC 1573 value for FDDI; map it to DLT_FDDI.
- */
- linktype = 10;
- }
- } else if (strncmp(ifacename, "lo", 2) == 0) {
- if (linktype == 24) {
- /*
- * That's the RFC 1573 value for "software loopback" devices; map it
- * to DLT_NULL, which is what's used for loopback devices on BSD.
- */
- linktype = 0;
- }
- }
-#endif
-
- return linktype;
-}
-
-static data_link_info_t *
-create_data_link_info(int dlt)
-{
- data_link_info_t *data_link_info;
- const char *text;
-
- data_link_info = (data_link_info_t *)g_malloc(sizeof (data_link_info_t));
- data_link_info->dlt = dlt;
- text = pcap_datalink_val_to_name(dlt);
- if (text != NULL)
- data_link_info->name = g_strdup(text);
- else
- data_link_info->name = g_strdup_printf("DLT %d", dlt);
- text = pcap_datalink_val_to_description(dlt);
- if (text != NULL)
- data_link_info->description = g_strdup(text);
- else
- data_link_info->description = NULL;
- return data_link_info;
-}
-
-/*
- * Get the capabilities of a network device.
- */
-static if_capabilities_t *
-get_if_capabilities(const char *devicename, gboolean monitor_mode
-#ifndef HAVE_PCAP_CREATE
- _U_
-#endif
-, char **err_str)
-{
- if_capabilities_t *caps;
- char errbuf[PCAP_ERRBUF_SIZE];
- pcap_t *pch;
-#ifdef HAVE_PCAP_CREATE
- int status;
-#endif
- int deflt;
-#ifdef HAVE_PCAP_LIST_DATALINKS
- int *linktypes;
- int i, nlt;
-#endif
- data_link_info_t *data_link_info;
-
- /*
- * Allocate the interface capabilities structure.
- */
- caps = (if_capabilities_t *)g_malloc(sizeof *caps);
-
- /*
- * WinPcap 4.1.2, and possibly earlier versions, have a bug
- * wherein, when an open with an rpcap: URL fails, the error
- * message for the error is not copied to errbuf and whatever
- * on-the-stack junk is in errbuf is treated as the error
- * message.
- *
- * To work around that (and any other bugs of that sort, we
- * initialize errbuf to an empty string. If we get an error
- * and the string is empty, we report it as an unknown error.
- * (If we *don't* get an error, and the string is *non*-empty,
- * that could be a warning returned, such as "can't turn
- * promiscuous mode on"; we currently don't do so.)
- */
- errbuf[0] = '\0';
-#ifdef HAVE_PCAP_OPEN
- pch = pcap_open(devicename, MIN_PACKET_SIZE, 0, 0, NULL, errbuf);
- caps->can_set_rfmon = FALSE;
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf);
- g_free(caps);
- return NULL;
- }
-#elif defined(HAVE_PCAP_CREATE)
- pch = pcap_create(devicename, errbuf);
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf);
- g_free(caps);
- return NULL;
- }
- status = pcap_can_set_rfmon(pch);
- if (status < 0) {
- /* Error. */
- if (status == PCAP_ERROR)
- *err_str = g_strdup_printf("pcap_can_set_rfmon() failed: %s",
- pcap_geterr(pch));
- else
- *err_str = g_strdup(pcap_statustostr(status));
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
- if (status == 0)
- caps->can_set_rfmon = FALSE;
- else if (status == 1) {
- caps->can_set_rfmon = TRUE;
- if (monitor_mode)
- pcap_set_rfmon(pch, 1);
- } else {
- if (err_str != NULL) {
- *err_str = g_strdup_printf("pcap_can_set_rfmon() returned %d",
- status);
- }
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
-
- status = pcap_activate(pch);
- if (status < 0) {
- /* Error. We ignore warnings (status > 0). */
- if (err_str != NULL) {
- if (status == PCAP_ERROR)
- *err_str = g_strdup_printf("pcap_activate() failed: %s",
- pcap_geterr(pch));
- else
- *err_str = g_strdup(pcap_statustostr(status));
- }
- pcap_close(pch);
- g_free(caps);
- return NULL;
- }
-#else
- pch = pcap_open_live(devicename, MIN_PACKET_SIZE, 0, 0, errbuf);
- caps->can_set_rfmon = FALSE;
- if (pch == NULL) {
- if (err_str != NULL)
- *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf);
- g_free(caps);
- return NULL;
- }
-#endif
- deflt = get_pcap_linktype(pch, devicename);
-#ifdef HAVE_PCAP_LIST_DATALINKS
- nlt = pcap_list_datalinks(pch, &linktypes);
- if (nlt == 0 || linktypes == NULL) {
- pcap_close(pch);
- if (err_str != NULL)
- *err_str = NULL; /* an empty list doesn't mean an error */
- g_free(caps);
- return NULL;
- }
- caps->data_link_types = NULL;
- for (i = 0; i < nlt; i++) {
- data_link_info = create_data_link_info(linktypes[i]);
-
- /*
- * XXX - for 802.11, make the most detailed 802.11
- * version the default, rather than the one the
- * device has as the default?
- */
- if (linktypes[i] == deflt)
- caps->data_link_types = g_list_prepend(caps->data_link_types,
- data_link_info);
- else
- caps->data_link_types = g_list_append(caps->data_link_types,
- data_link_info);
- }
-#ifdef HAVE_PCAP_FREE_DATALINKS
- pcap_free_datalinks(linktypes);
-#else
- /*
- * In Windows, there's no guarantee that if you have a library
- * built with one version of the MSVC++ run-time library, and
- * it returns a pointer to allocated data, you can free that
- * data from a program linked with another version of the
- * MSVC++ run-time library.
- *
- * This is not an issue on UN*X.
- *
- * See the mail threads starting at
- *
- * http://www.winpcap.org/pipermail/winpcap-users/2006-September/001421.html
- *
- * and
- *
- * http://www.winpcap.org/pipermail/winpcap-users/2008-May/002498.html
- */
-#ifndef _WIN32
-#define xx_free free /* hack so checkAPIs doesn't complain */
- xx_free(linktypes);
-#endif /* _WIN32 */
-#endif /* HAVE_PCAP_FREE_DATALINKS */
-#else /* HAVE_PCAP_LIST_DATALINKS */
-
- data_link_info = create_data_link_info(deflt);
- caps->data_link_types = g_list_append(caps->data_link_types,
- data_link_info);
-#endif /* HAVE_PCAP_LIST_DATALINKS */
-
- pcap_close(pch);
-
- if (err_str != NULL)
- *err_str = NULL;
- return caps;
-}
-
#define ADDRSTRLEN 46 /* Covers IPv4 & IPv6 */
/*
* Output a machine readable list of the interfaces
if_addr = (if_addr_t *)addr->data;
switch(if_addr->ifat_type) {
case IF_AT_IPv4:
- if (inet_ntop(AF_INET, &if_addr->addr.ip4_addr, addr_str,
+ if (ws_inet_ntop4(&if_addr->addr.ip4_addr, addr_str,
ADDRSTRLEN)) {
printf("%s", addr_str);
} else {
}
break;
case IF_AT_IPv6:
- if (inet_ntop(AF_INET6, &if_addr->addr.ip6_addr,
+ if (ws_inet_ntop6(&if_addr->addr.ip6_addr,
addr_str, ADDRSTRLEN)) {
printf("%s", addr_str);
} else {
for (if_entry = g_list_first(if_list); if_entry != NULL; if_entry = g_list_next(if_entry)) {
if_info = (if_info_t *)if_entry->data;
+
+#ifdef __linux__
+ /* On Linux nf* interfaces don't collect stats properly and don't allows multiple
+ * connections. We avoid collecting stats on them.
+ */
+ if (!strncmp(if_info->name, "nf", 2)) {
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Skipping interface %s for stats",
+ if_info->name);
+ continue;
+ }
+#endif
+
#ifdef HAVE_PCAP_OPEN
pch = pcap_open(if_info->name, MIN_PACKET_SIZE, 0, 0, NULL, errbuf);
#else
{
/* Don't print this if we're a capture child. */
if (!capture_child && reportit) {
- fprintf(stderr, "\rPackets captured: %u\n", global_ld.packet_count);
+ fprintf(stderr, "\rPackets captured: %d\n", global_ld.packet_count);
/* stderr could be line buffered */
fflush(stderr);
}
g_snprintf ( buf,(gulong)len + 1, "%s", sockname );
buf[len] = '\0';
- if (inet_pton(AF_INET, buf, &sa.sin_addr) <= 0) {
+ if (!ws_inet_pton4(buf, (guint32 *)&sa.sin_addr)) {
goto fail_invalid;
}
#else /* _WIN32 */
char *pncopy, *pos;
wchar_t *err_str;
+#ifdef HAVE_EXTCAP
+ char* extcap_pipe_name;
+#endif
+#endif
+#ifdef HAVE_EXTCAP
+ gboolean extcap_pipe = FALSE;
interface_options interface_opts;
#endif
ssize_t b;
#ifdef _WIN32
pcap_opts->cap_pipe_h = INVALID_HANDLE_VALUE;
#endif
+
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "cap_pipe_open_live: %s", pipename);
/*
return;
}
} else {
+
+#ifdef HAVE_EXTCAP
+ interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, 0);
+#endif
+
#ifndef _WIN32
+#ifdef HAVE_EXTCAP
+ if ( g_strrstr(interface_opts.name, EXTCAP_PIPE_PREFIX) != NULL )
+ extcap_pipe = TRUE;
+#endif
+
if (ws_stat64(pipename, &pipe_stat) < 0) {
if (errno == ENOENT || errno == ENOTDIR)
pcap_opts->cap_pipe_err = PIPNEXIST;
else {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated "
- "due to error getting information on pipe/socket: %s", g_strerror(errno));
+ "due to error getting information on pipe/socket: %s.", g_strerror(errno));
pcap_opts->cap_pipe_err = PIPERR;
}
return;
if (fd == -1) {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated "
- "due to error on pipe open: %s", g_strerror(errno));
+ "due to error on pipe open: %s.", g_strerror(errno));
pcap_opts->cap_pipe_err = PIPERR;
return;
}
if (fd == -1) {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated "
- "due to error on socket create: %s", g_strerror(errno));
+ "due to error on socket create: %s.", g_strerror(errno));
pcap_opts->cap_pipe_err = PIPERR;
return;
}
/* Path name too long */
g_snprintf(errmsg, errmsgl,
"The capture session coud not be initiated "
- "due to error on socket connect: Path name too long");
+ "due to error on socket connect: Path name too long.");
pcap_opts->cap_pipe_err = PIPERR;
ws_close(fd);
return;
if (b == -1) {
g_snprintf(errmsg, errmsgl,
"The capture session coud not be initiated "
- "due to error on socket connect: %s", g_strerror(errno));
+ "due to error on socket connect: %s.", g_strerror(errno));
pcap_opts->cap_pipe_err = PIPERR;
ws_close(fd);
return;
} else {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated because\n"
- "\"%s\" is neither an interface nor a socket nor a pipe", pipename);
+ "\"%s\" is neither an interface nor a socket nor a pipe.", pipename);
pcap_opts->cap_pipe_err = PIPERR;
}
return;
}
+
#else /* _WIN32 */
#define PIPE_STR "\\pipe\\"
/* Under Windows, named pipes _must_ have the form
if (!pos) {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated because\n"
- "\"%s\" is neither an interface nor a pipe", pipename);
+ "\"%s\" is neither an interface nor a pipe.", pipename);
pcap_opts->cap_pipe_err = PIPNEXIST;
return;
}
-
- interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, 0);
+#ifdef HAVE_EXTCAP
+ extcap_pipe_name = g_strconcat("\\\\.\\pipe\\", EXTCAP_PIPE_PREFIX, NULL);
+ extcap_pipe = strstr(interface_opts.name, extcap_pipe_name) ? TRUE : FALSE;
+ g_free(extcap_pipe_name);
+#endif
/* Wait for the pipe to appear */
while (1) {
- if(strncmp(interface_opts.name,"\\\\.\\pipe\\",9)== 0)
+#ifdef HAVE_EXTCAP
+ if(extcap_pipe)
pcap_opts->cap_pipe_h = GetStdHandle(STD_INPUT_HANDLE);
else
+#endif
pcap_opts->cap_pipe_h = CreateFile(utf_8to16(pipename), GENERIC_READ, 0, NULL,
OPEN_EXISTING, 0, NULL);
NULL, GetLastError(), 0, (LPTSTR) &err_str, 0, NULL);
g_snprintf(errmsg, errmsgl,
"The capture session on \"%s\" could not be started "
- "due to error on pipe open: %s (error %d)",
+ "due to error on pipe open: %s (error %d).",
pipename, utf_16to8(err_str), GetLastError());
LocalFree(err_str);
pcap_opts->cap_pipe_err = PIPERR;
NULL, GetLastError(), 0, (LPTSTR) &err_str, 0, NULL);
g_snprintf(errmsg, errmsgl,
"The capture session on \"%s\" timed out during "
- "pipe open: %s (error %d)",
+ "pipe open: %s (error %d).",
pipename, utf_16to8(err_str), GetLastError());
LocalFree(err_str);
pcap_opts->cap_pipe_err = PIPERR;
bytes_read = 0;
while (bytes_read < sizeof magic) {
if (fd == -1) {
- g_snprintf(errmsg, errmsgl, "Invalid file descriptor");
+ g_snprintf(errmsg, errmsgl, "Invalid file descriptor.");
goto error;
}
sel_ret = cap_pipe_select(fd);
if (sel_ret < 0) {
g_snprintf(errmsg, errmsgl,
- "Unexpected error from select: %s", g_strerror(errno));
+ "Unexpected error from select: %s.", g_strerror(errno));
goto error;
} else if (sel_ret > 0) {
b = cap_pipe_read(fd, ((char *)&magic)+bytes_read,
sizeof magic-bytes_read,
pcap_opts->from_cap_socket);
+#ifdef HAVE_EXTCAP
+ /* jump messaging, if extcap had an error, stderr will provide the correct message */
+ if (extcap_pipe && b <= 0)
+ goto error;
+#endif
if (b <= 0) {
if (b == 0)
- g_snprintf(errmsg, errmsgl, "End of file on pipe magic during open");
+ g_snprintf(errmsg, errmsgl, "End of file on pipe magic during open.");
else
- g_snprintf(errmsg, errmsgl, "Error on pipe magic during open: %s",
+ g_snprintf(errmsg, errmsgl, "Error on pipe magic during open: %s.",
g_strerror(errno));
goto error;
}
/* We don't have to worry about cap_pipe_read_mtx here */
g_async_queue_push(pcap_opts->cap_pipe_pending_q, pcap_opts->cap_pipe_buf);
g_async_queue_pop(pcap_opts->cap_pipe_done_q);
+ /* jump messaging, if extcap had an error, stderr will provide the correct message */
+ if (pcap_opts->cap_pipe_bytes_read <= 0 && extcap_pipe)
+ goto error;
+
if (pcap_opts->cap_pipe_bytes_read <= 0) {
if (pcap_opts->cap_pipe_bytes_read == 0)
- g_snprintf(errmsg, errmsgl, "End of file on pipe magic during open");
+ g_snprintf(errmsg, errmsgl, "End of file on pipe magic during open.");
else
- g_snprintf(errmsg, errmsgl, "Error on pipe magic during open: %s",
+ g_snprintf(errmsg, errmsgl, "Error on pipe magic during open: %s.",
g_strerror(errno));
goto error;
}
pcap_opts->cap_pipe_byte_swapped = TRUE;
pcap_opts->cap_pipe_modified = TRUE;
break;
+ case BLOCK_TYPE_SHB:
+ /* This isn't pcap, it's pcapng. We don't yet support
+ reading it. */
+ g_snprintf(errmsg, errmsgl, "Capturing from a pipe doesn't support pcapng format.");
+ goto error;
default:
- /* Not a "libpcap" type we know about. */
- g_snprintf(errmsg, errmsgl, "Unrecognized libpcap format");
+ /* Not a pcap type we know about, or not pcap at all. */
+ g_snprintf(errmsg, errmsgl, "Unrecognized libpcap format or not libpcap data.");
goto error;
}
sel_ret = cap_pipe_select(fd);
if (sel_ret < 0) {
g_snprintf(errmsg, errmsgl,
- "Unexpected error from select: %s", g_strerror(errno));
+ "Unexpected error from select: %s.", g_strerror(errno));
goto error;
} else if (sel_ret > 0) {
b = cap_pipe_read(fd, ((char *)hdr)+bytes_read,
pcap_opts->from_cap_socket);
if (b <= 0) {
if (b == 0)
- g_snprintf(errmsg, errmsgl, "End of file on pipe header during open");
+ g_snprintf(errmsg, errmsgl, "End of file on pipe header during open.");
else
- g_snprintf(errmsg, errmsgl, "Error on pipe header during open: %s",
+ g_snprintf(errmsg, errmsgl, "Error on pipe header during open: %s.",
g_strerror(errno));
goto error;
}
g_async_queue_pop(pcap_opts->cap_pipe_done_q);
if (pcap_opts->cap_pipe_bytes_read <= 0) {
if (pcap_opts->cap_pipe_bytes_read == 0)
- g_snprintf(errmsg, errmsgl, "End of file on pipe header during open");
+ g_snprintf(errmsg, errmsgl, "End of file on pipe header during open.");
else
- g_snprintf(errmsg, errmsgl, "Error on pipe header header during open: %s",
+ g_snprintf(errmsg, errmsgl, "Error on pipe header header during open: %s.",
g_strerror(errno));
goto error;
}
guint i;
#ifdef _WIN32
int err;
- gchar *sync_secondary_msg_str;
WORD wVersionRequested;
WSADATA wsaData;
#endif
/* XXX - opening Winsock on tshark? */
- /* Initialize Windows Socket if we are in a WIN32 OS
+ /* Initialize Windows Socket if we are in a Win32 OS
This needs to be done before querying the interface for network/netmask */
#ifdef _WIN32
/* XXX - do we really require 1.1 or earlier?
g_array_append_val(ld->pcaps, pcap_opts);
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_input : %s", interface_opts.name);
- pcap_opts->pcap_h = open_capture_device(capture_opts, &interface_opts, &open_err_str);
+ pcap_opts->pcap_h = open_capture_device(capture_opts, &interface_opts,
+ CAP_READ_TIMEOUT, &open_err_str);
if (pcap_opts->pcap_h != NULL) {
/* we've opened "iface" as a network device */
pcap_opts->ts_nsec = have_high_resolution_timestamp(pcap_opts->pcap_h);
#endif
-#ifdef _WIN32
- /* try to set the capture buffer size */
- if (interface_opts.buffer_size > 1 &&
- pcap_setbuff(pcap_opts->pcap_h, interface_opts.buffer_size * 1024 * 1024) != 0) {
- sync_secondary_msg_str = g_strdup_printf(
- "The capture buffer size of %d MiB seems to be too high for your machine,\n"
- "the default of %d MiB will be used.\n"
- "\n"
- "Nonetheless, the capture is started.\n",
- interface_opts.buffer_size, DEFAULT_CAPTURE_BUFFER_SIZE);
- report_capture_error("Couldn't set the capture buffer size.",
- sync_secondary_msg_str);
- g_free(sync_secondary_msg_str);
- }
-#endif
-
#if defined(HAVE_PCAP_SETSAMPLING)
if (interface_opts.sampling_method != CAPTURE_SAMP_NONE) {
struct pcap_samp *samp;
#endif
/* setting the data link type only works on real interfaces */
- if (!set_pcap_linktype(pcap_opts->pcap_h, interface_opts.linktype, interface_opts.name,
+ if (!set_pcap_datalink(pcap_opts->pcap_h, interface_opts.linktype,
+ interface_opts.name,
errmsg, errmsg_len,
secondary_errmsg, secondary_errmsg_len)) {
return FALSE;
}
- pcap_opts->linktype = get_pcap_linktype(pcap_opts->pcap_h, interface_opts.name);
+ pcap_opts->linktype = get_pcap_datalink(pcap_opts->pcap_h, interface_opts.name);
} else {
/* We couldn't open "iface" as a network device. */
/* Try to open it as a pipe */
if (pcap_opts->cap_pipe_h == INVALID_HANDLE_VALUE) {
#endif
if (pcap_opts->cap_pipe_err == PIPNEXIST) {
- /* Pipe doesn't exist, so output message for interface */
+ /*
+ * We tried opening as an interface, and that failed,
+ * so we tried to open it as a pipe, but the pipe
+ * doesn't exist. Report the error message for
+ * the interface.
+ */
get_capture_device_open_failure_messages(open_err_str,
interface_opts.name,
errmsg,
}
if (ld->pdh) {
if (capture_opts->use_pcapng) {
- char appname[100];
- GString *os_info_str;
+ char *appname;
+ GString *cpu_info_str;
+ GString *os_info_str;
+ cpu_info_str = g_string_new("");
os_info_str = g_string_new("");
+ get_cpu_info(cpu_info_str);
get_os_version_info(os_info_str);
- g_snprintf(appname, sizeof(appname), "Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
+ appname = g_strdup_printf("Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
successful = pcapng_write_session_header_block(ld->pdh,
- (const char *)capture_opts->capture_comment, /* Comment*/
- NULL, /* HW*/
- os_info_str->str, /* OS*/
+ (const char *)capture_opts->capture_comment, /* Comment */
+ cpu_info_str->str, /* HW */
+ os_info_str->str, /* OS */
appname,
-1, /* section_length */
&ld->bytes_written,
&err);
+ g_free(appname);
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
/*
* WinPcap's remote capturing feature doesn't work with pcap_dispatch(),
- * see http://wiki.wireshark.org/CaptureSetup_2fWinPcapRemote
+ * see https://wiki.wireshark.org/CaptureSetup_2fWinPcapRemote
* This should be fixed in the WinPcap 4.0 alpha release.
*
* For reference, an example remote interface:
{
char *tmpname;
gchar *capfile_name;
- gchar *prefix;
+ gchar *prefix, *suffix;
gboolean is_tempfile;
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_output: %s",
/* Choose a random name for the temporary capture buffer */
if (global_capture_opts.ifaces->len > 1) {
prefix = g_strdup_printf("wireshark_%d_interfaces", global_capture_opts.ifaces->len);
+ if (capture_opts->use_pcapng) {
+ suffix = ".pcapng";
+ }else{
+ suffix = ".pcap";
+ }
} else {
gchar *basename;
basename = g_path_get_basename(g_array_index(global_capture_opts.ifaces, interface_options, 0).console_display_name);
g_string_free(iface, TRUE);
}
#endif
- /* generate the temp file name prefix...
- * It would be nice if we could specify a pcapng/pcap filename suffix,
- * create_tempfile() however currently uses mkstemp() which doesn't allow this - one day perhaps*/
+ /* generate the temp file name prefix and suffix */
if (capture_opts->use_pcapng) {
- prefix = g_strconcat("wireshark_pcapng_", basename, NULL);
+ prefix = g_strconcat("wireshark_", basename, NULL);
+ suffix = ".pcapng";
}else{
- prefix = g_strconcat("wireshark_pcap_", basename, NULL);
+ prefix = g_strconcat("wireshark_", basename, NULL);
+ suffix = ".pcap";
}
g_free(basename);
}
- *save_file_fd = create_tempfile(&tmpname, prefix);
+ *save_file_fd = create_tempfile(&tmpname, prefix, suffix);
g_free(prefix);
capfile_name = g_strdup(tmpname);
is_tempfile = TRUE;
if (capture_opts->multi_files_on) {
if (cnd_autostop_files != NULL &&
- cnd_eval(cnd_autostop_files, ++global_ld.autostop_files)) {
+ cnd_eval(cnd_autostop_files, (guint64)++global_ld.autostop_files)) {
/* no files left: stop here */
global_ld.go = FALSE;
return FALSE;
/* File switch succeeded: reset the conditions */
global_ld.bytes_written = 0;
if (capture_opts->use_pcapng) {
- char appname[100];
- GString *os_info_str;
+ char *appname;
+ GString *cpu_info_str;
+ GString *os_info_str;
+ cpu_info_str = g_string_new("");
os_info_str = g_string_new("");
+ get_cpu_info(cpu_info_str);
get_os_version_info(os_info_str);
- g_snprintf(appname, sizeof(appname), "Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
+ appname = g_strdup_printf("Dumpcap (Wireshark) %s", get_ws_vcs_version_info());
successful = pcapng_write_session_header_block(global_ld.pdh,
- NULL, /* Comment */
- NULL, /* HW */
+ (const char *)capture_opts->capture_comment, /* Comment */
+ cpu_info_str->str, /* HW */
os_info_str->str, /* OS */
appname,
- -1, /* section_length */
+ -1, /* section_length */
&(global_ld.bytes_written),
&global_ld.err);
+ g_free(appname);
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
static gboolean
capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct pcap_stat *stats)
{
-#ifdef WIN32
+#ifdef _WIN32
DWORD upd_time, cur_time; /* GetTickCount() returns a "DWORD" (which is 'unsigned long') */
#else
struct timeval upd_time, cur_time;
if (capture_opts->has_autostop_files)
cnd_autostop_files =
- cnd_new(CND_CLASS_CAPTURESIZE, capture_opts->autostop_files);
+ cnd_new(CND_CLASS_CAPTURESIZE, (guint64)capture_opts->autostop_files);
}
/* init the time values */
-#ifdef WIN32
+#ifdef _WIN32
upd_time = GetTickCount();
#else
gettimeofday(&upd_time, NULL);
*/
#define DUMPCAP_UPD_TIME 500
-#ifdef WIN32
+#ifdef _WIN32
cur_time = GetTickCount(); /* Note: wraps to 0 if sys runs for 49.7 days */
if ((cur_time - upd_time) > DUMPCAP_UPD_TIME) { /* wrap just causes an extra update */
#else
static int
set_80211_channel(const char *iface, const char *opt)
{
- int freq = 0, type, ret;
+ guint32 freq = 0;
+ int type = -1;
+ guint32 center_freq1 = 0;
+ guint32 center_freq2 = 0;
+ int args;
+ int ret = 0;
gchar **options = NULL;
- options = g_strsplit_set(opt, ",", 2);
+ options = g_strsplit_set(opt, ",", 4);
+ for (args = 0; options[args]; args++);
if (options[0])
- freq = atoi(options[0]);
+ freq = get_nonzero_guint32(options[0], "802.11 channel frequency");
- if (options[1]) {
+ if (args >= 1 && options[1]) {
type = ws80211_str_to_chan_type(options[1]);
if (type == -1) {
+ cmdarg_err("\"%s\" is not a valid 802.11 channel type", options[1]);
ret = EINVAL;
goto out;
}
}
- else
- type = -1;
+
+ if (args >= 2 && options[2])
+ center_freq1 = get_nonzero_guint32(options[2], "VHT center frequency");
+
+ if (args >= 3 && options[3])
+ center_freq2 = get_nonzero_guint32(options[3], "VHT center frequency 2");
ret = ws80211_init();
if (ret) {
ret = 2;
goto out;
}
- ret = ws80211_set_freq(iface, freq, type);
+ ret = ws80211_set_freq(iface, freq, type, center_freq1, center_freq2);
if (ret) {
cmdarg_err("%d: Failed to set channel: %s\n", abs(ret), g_strerror(abs(ret)));
if (capture_child)
pipe_write_block(2, SP_SUCCESS, NULL);
- ret = 0;
out:
g_strfreev(options);
/* Capture libraries */
g_string_append(str, ", ");
get_compiled_caplibs_version(str);
-
- /* LIBZ */
- g_string_append(str, ", ");
-#ifdef HAVE_LIBZ
- g_string_append(str, "with libz ");
-#ifdef ZLIB_VERSION
- g_string_append(str, ZLIB_VERSION);
-#else /* ZLIB_VERSION */
- g_string_append(str, "(version unknown)");
-#endif /* ZLIB_VERSION */
-#else /* HAVE_LIBZ */
- g_string_append(str, "without libz");
-#endif /* HAVE_LIBZ */
}
static void
/* Capture libraries */
g_string_append(str, ", ");
get_runtime_caplibs_version(str);
-
- /* zlib */
-#if defined(HAVE_LIBZ) && !defined(_WIN32)
- g_string_append_printf(str, ", with libz %s", zlibVersion());
-#endif
}
/* And now our feature presentation... [ fade to music ] */
GString *runtime_info_str;
int opt;
static const struct option long_options[] = {
- {(char *)"help", no_argument, NULL, 'h'},
- {(char *)"version", no_argument, NULL, 'v'},
+ {"help", no_argument, NULL, 'h'},
+ {"version", no_argument, NULL, 'v'},
LONGOPT_CAPTURE_COMMON
{0, 0, 0, 0 }
};
cmdarg_err_init(dumpcap_cmdarg_err, dumpcap_cmdarg_err_cont);
- /* Assemble the compile-time version information string */
- comp_info_str = g_string_new("Compiled ");
- get_compiled_version_info(comp_info_str, NULL, get_dumpcap_compiled_info);
+ /* Get the compile-time version information string */
+ comp_info_str = get_compiled_version_info(NULL, get_dumpcap_compiled_info);
- /* Assemble the run-time version information string */
- runtime_info_str = g_string_new("Running ");
- get_runtime_version_info(runtime_info_str, get_dumpcap_runtime_info);
+ /* Get the run-time version information string */
+ runtime_info_str = get_runtime_version_info(get_dumpcap_runtime_info);
/* Add it to the information to be reported on a crash. */
ws_add_crash_info("Dumpcap (Wireshark) %s\n"
"\n"
"%s",
get_ws_vcs_version_info(), comp_info_str->str, runtime_info_str->str);
+ g_string_free(comp_info_str, TRUE);
+ g_string_free(runtime_info_str, TRUE);
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
/* This behaviour will apparently be changed in the kernel */
/* to allow the kill (signal) in this case. */
/* See the following for details: */
- /* http://www.mail-archive.com/ [wrapped] */
+ /* https://www.mail-archive.com/ [wrapped] */
/* linux-security-module@vger.kernel.org/msg02913.html */
/* */
/* It is therefore conceivable that if dumpcap somehow hangs */
case 'h': /* Print help and exit */
printf("Dumpcap (Wireshark) %s\n"
"Capture network packets and dump them into a pcapng or pcap file.\n"
- "See http://www.wireshark.org for more information.\n",
+ "See https://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
exit_main(0);
break;
case 'v': /* Show version and exit */
- {
+ comp_info_str = get_compiled_version_info(NULL, get_dumpcap_compiled_info);
+ runtime_info_str = get_runtime_version_info(get_dumpcap_runtime_info);
show_version("Dumpcap (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
exit_main(0);
break;
- }
/*** capture option specific ***/
case 'a': /* autostop criteria */
case 'b': /* Ringbuffer option */
#ifdef HAVE_PCAP_SETSAMPLING
case 'm': /* Sampling */
#endif
-#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
+#ifdef CAN_SET_CAPTURE_BUFFER_SIZE
case 'B': /* Buffer size */
-#endif /* _WIN32 or HAVE_PCAP_CREATE */
+#endif
#ifdef HAVE_PCAP_CREATE
case 'I': /* Monitor mode */
#endif
break;
/*** all non capture option specific ***/
case 'D': /* Print a list of capture devices and exit */
- list_interfaces = TRUE;
- run_once_args++;
+ if (!list_interfaces) {
+ list_interfaces = TRUE;
+ run_once_args++;
+ }
break;
case 'L': /* Print list of link-layer types and exit */
- list_link_layer_types = TRUE;
- run_once_args++;
+ if (!list_link_layer_types) {
+ list_link_layer_types = TRUE;
+ run_once_args++;
+ }
break;
#ifdef HAVE_BPF_IMAGE
case 'd': /* Print BPF code for capture filter and exit */
- print_bpf_code = TRUE;
- run_once_args++;
+ if (!print_bpf_code) {
+ print_bpf_code = TRUE;
+ run_once_args++;
+ }
break;
#endif
case 'S': /* Print interface statistics once a second */
- print_statistics = TRUE;
- run_once_args++;
+ if (!print_statistics) {
+ print_statistics = TRUE;
+ run_once_args++;
+ }
break;
case 'k': /* Set wireless channel */
- set_chan = TRUE;
- set_chan_arg = optarg;
- run_once_args++;
- break;
+ if (!set_chan) {
+ set_chan = TRUE;
+ set_chan_arg = optarg;
+ run_once_args++;
+ } else {
+ cmdarg_err("Only one -k flag may be specified");
+ arg_error = TRUE;
+ }
+ break;
case 'M': /* For -D, -L, and -S, print machine-readable output */
machine_readable = TRUE;
break;
}
if (run_once_args > 1) {
- cmdarg_err("Only one of -D, -L, or -S may be supplied.");
+#ifdef HAVE_BPF_IMAGE
+ cmdarg_err("Only one of -D, -L, -d, -k, or -S may be supplied.");
+#else
+ cmdarg_err("Only one of -D, -L, -k, or -S may be supplied.");
+#endif
exit_main(1);
} else if (run_once_args == 1) {
/* We're supposed to print some information, rather than
exit_main(status);
}
+ if (list_link_layer_types) {
+ /* Get the list of link-layer types for the capture device. */
+ if_capabilities_t *caps;
+ gchar *err_str;
+ guint ii;
+
+ for (ii = 0; ii < global_capture_opts.ifaces->len; ii++) {
+ interface_options interface_opts;
+
+ interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, ii);
+
+ caps = get_if_capabilities(&interface_opts, &err_str);
+ if (caps == NULL) {
+ cmdarg_err("The capabilities of the capture device \"%s\" could not be obtained (%s).\n"
+ "Please check to make sure you have sufficient permissions, and that\n"
+ "you have the proper interface or pipe specified.", interface_opts.name, err_str);
+ g_free(err_str);
+ exit_main(2);
+ }
+ if (caps->data_link_types == NULL) {
+ cmdarg_err("The capture device \"%s\" has no data link types.", interface_opts.name);
+ exit_main(2);
+ }
+ if (machine_readable) /* tab-separated values to stdout */
+ /* XXX: We need to change the format and adopt consumers */
+ print_machine_readable_if_capabilities(caps);
+ else
+ /* XXX: We might want to print also the interface name */
+ capture_opts_print_if_capabilities(caps, interface_opts.name,
+ interface_opts.monitor_mode);
+ free_if_capabilities(caps);
+ }
+ exit_main(0);
+ }
+
+ /* We're supposed to do a capture, or print the BPF code for a filter. */
+
/* Let the user know what interfaces were chosen. */
if (capture_child) {
for (j = 0; j < global_capture_opts.ifaces->len; j++) {
g_string_free(str, TRUE);
}
- if (list_link_layer_types) {
- /* Get the list of link-layer types for the capture device. */
- if_capabilities_t *caps;
- gchar *err_str;
- guint ii;
-
- for (ii = 0; ii < global_capture_opts.ifaces->len; ii++) {
- interface_options interface_opts;
-
- interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, ii);
-
- caps = get_if_capabilities(interface_opts.name,
- interface_opts.monitor_mode, &err_str);
- if (caps == NULL) {
- cmdarg_err("The capabilities of the capture device \"%s\" could not be obtained (%s).\n"
- "Please check to make sure you have sufficient permissions, and that\n"
- "you have the proper interface or pipe specified.", interface_opts.name, err_str);
- g_free(err_str);
- exit_main(2);
- }
- if (caps->data_link_types == NULL) {
- cmdarg_err("The capture device \"%s\" has no data link types.", interface_opts.name);
- exit_main(2);
- }
- if (machine_readable) /* tab-separated values to stdout */
- /* XXX: We need to change the format and adopt consumers */
- print_machine_readable_if_capabilities(caps);
- else
- /* XXX: We might want to print also the interface name */
- capture_opts_print_if_capabilities(caps, interface_opts.name,
- interface_opts.monitor_mode);
- free_if_capabilities(caps);
- }
- exit_main(0);
- }
-
- /* We're supposed to do a capture, or print the BPF code for a filter.
- Process the snapshot length, as that affects the generated BPF code. */
+ /* Process the snapshot length, as that affects the generated BPF code. */
capture_opts_trim_snaplen(&global_capture_opts, MIN_PACKET_SIZE);
#ifdef HAVE_BPF_IMAGE
#endif
}
- /* create a "timestamp" */
- time(&curr);
- today = localtime(&curr);
-
switch(log_level & G_LOG_LEVEL_MASK) {
case G_LOG_LEVEL_ERROR:
level = "Err ";
level = "Dbg ";
break;
default:
- fprintf(stderr, "unknown log_level %u\n", log_level);
+ fprintf(stderr, "unknown log_level %d\n", log_level);
level = NULL;
g_assert_not_reached();
}
/* normal user messages without additional infos */
msg = g_strdup_printf("%s\n", message);
} else {
+ /* create a "timestamp" */
+ time(&curr);
+ today = localtime(&curr);
+
/* info/debug messages with additional infos */
- msg = g_strdup_printf("%02u:%02u:%02u %8s %s %s\n",
- today->tm_hour, today->tm_min, today->tm_sec,
- log_domain != NULL ? log_domain : "",
- level, message);
+ if (today != NULL)
+ msg = g_strdup_printf("%02u:%02u:%02u %8s %s %s\n",
+ today->tm_hour, today->tm_min, today->tm_sec,
+ log_domain != NULL ? log_domain : "",
+ level, message);
+ else
+ msg = g_strdup_printf("Time not representable %8s %s %s\n",
+ log_domain != NULL ? log_domain : "",
+ level, message);
}
/* DEBUG & INFO msgs (if we're debugging today) */
}
#endif
-
-
-
-
/*
- * Editor modelines - http://www.wireshark.org/tools/modelines.html
+ * Editor modelines - https://www.wireshark.org/tools/modelines.html
*
* Local variables:
* c-basic-offset: 4
git.samba.org / metze / wireshark / wip.git / blobdiff