/* Edit capture files. We can delete packets, adjust timestamps, or
* simply convert from one format to another format.
*
- * $Id$
- *
* Originally written by Richard Sharpe.
* Improved by Guy Harris.
* Further improved by Richard Sharpe.
+ *
+ * Copyright 2013, Richard Sharpe <realrichardsharpe[AT]gmail.com>
+ *
+ * $Id$
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#ifdef HAVE_CONFIG_H
#include "config.h"
-#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
/*
* Just make sure we include the prototype for strptime as well
#ifndef __USE_XOPEN
# define __USE_XOPEN
#endif
-#ifndef _XOPEN_SOURCE
-# define _XOPEN_SOURCE
-#endif
#include <time.h>
#include <glib.h>
-#include <glib/gprintf.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
-
-
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#endif
#ifdef _WIN32
+#include <wsutil/file_util.h>
#include <wsutil/unicode-utils.h>
#include <process.h> /* getpid */
#ifdef HAVE_WINSOCK2_H
# include "wsutil/strptime.h"
#endif
+#include <wsutil/privileges.h>
+
+/*
+ * The symbols declared in the below are exported from libwireshark,
+ * but we don't want to link whole libwireshark to editcap.
+ * We link the object directly instead and this needs a little trick
+ * with the WS_BUILD_DLL #define.
+ */
+#define WS_BUILD_DLL
+#define RESET_SYMBOL_EXPORT /* wsutil/wsgetopt.h set export behavior above. */
#include "epan/crypt/md5.h"
#include "epan/plugins.h"
#include "epan/report_err.h"
#include "epan/filesystem.h"
-#include <wsutil/privileges.h>
#include "epan/nstime.h"
+#undef WS_BUILD_DLL
+#define RESET_SYMBOL_EXPORT
#include "svnversion.h"
+#include "ringbuffer.h" /* For RINGBUFFER_MAX_NUM_FILES */
+
/*
* Some globals so we can pass things to various routines
*/
abs_time_to_str_with_sec_resolution(const struct wtap_nstime *abs_time)
{
struct tm *tmp;
- gchar *buf = g_malloc(16);
+ gchar *buf = (gchar *)g_malloc(16);
-#ifdef _MSC_VER
+#if (defined _WIN32) && (_MSC_VER < 1500)
/* calling localtime() on MSVC 2005 with huge values causes it to crash */
/* XXX - find the exact value that still does work */
/* XXX - using _USE_32BIT_TIME_T might be another way to circumvent this problem */
gchar *abs_str;
timestr = abs_time_to_str_with_sec_resolution(time_val);
- g_snprintf(filenum, sizeof(filenum), "%05u", idx);
+ g_snprintf(filenum, sizeof(filenum), "%05u", idx % RINGBUFFER_MAX_NUM_FILES);
abs_str = g_strconcat(fprefix, "_", filenum, "_", timestr, fsuffix, NULL);
g_free(timestr);
save_file = g_strdup(fname);
if (save_file == NULL) {
- g_fprintf(stderr, "editcap: Out of memory\n");
+ fprintf(stderr, "editcap: Out of memory\n");
return FALSE;
}
if (++max_selected >= MAX_SELECTIONS) {
/* Let the user know we stopped selecting */
- g_print("Out of room for packet selections!\n");
+ printf("Out of room for packet selections!\n");
return(FALSE);
}
- g_printf("Add_Selected: %s\n", sel);
+ printf("Add_Selected: %s\n", sel);
if ((locn = strchr(sel, '-')) == NULL) { /* No dash, so a single number? */
- g_print("Not inclusive ...");
+ printf("Not inclusive ...");
selectfrm[max_selected].inclusive = 0;
selectfrm[max_selected].first = atoi(sel);
- g_printf(" %i\n", selectfrm[max_selected].first);
+ printf(" %i\n", selectfrm[max_selected].first);
}
else {
- g_print("Inclusive ...");
+ printf("Inclusive ...");
next = locn + 1;
selectfrm[max_selected].inclusive = 1;
selectfrm[max_selected].first = atoi(sel);
selectfrm[max_selected].second = atoi(next);
- g_printf(" %i, %i\n", selectfrm[max_selected].first, selectfrm[max_selected].second);
+ printf(" %i, %i\n", selectfrm[max_selected].first, selectfrm[max_selected].second);
}
} else {
val = strtol(optarg_str_p, &frac, 10);
if (frac == NULL || frac == optarg_str_p || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
if (val < 0) { /* implies '--' since we caught '-' above */
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
}
if (*frac != '.' || end == NULL || end == frac
|| val < 0 || val > ONE_MILLION || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
frac_digits++;
}
}
- time_adj.tv.tv_usec = val;
+ time_adj.tv.tv_usec = (int)val;
}
static void
} else {
val = strtol(optarg_str_p, &frac, 10);
if (frac == NULL || frac == optarg_str_p || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
if (val < 0) { /* implies '--' since we caught '-' above */
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
}
if (*frac != '.' || end == NULL || end == frac
|| val < 0 || val > ONE_MILLION || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time adjustment\n",
optarg_str_p);
exit(1);
}
frac_digits++;
}
}
- strict_time_adj.tv.tv_usec = val;
+ strict_time_adj.tv.tv_usec = (int)val;
}
static void
} else {
val = strtol(optarg_str_p, &frac, 10);
if (frac == NULL || frac == optarg_str_p || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "1: editcap: \"%s\" isn't a valid rel time value\n",
+ fprintf(stderr, "1: editcap: \"%s\" isn't a valid rel time value\n",
optarg_str_p);
exit(1);
}
if (val < 0) { /* implies '--' since we caught '-' above */
- g_fprintf(stderr, "2: editcap: \"%s\" isn't a valid rel time value\n",
+ fprintf(stderr, "2: editcap: \"%s\" isn't a valid rel time value\n",
optarg_str_p);
exit(1);
}
}
if (*frac != '.' || end == NULL || end == frac
|| val < 0 || val > ONE_BILLION || val == LONG_MIN || val == LONG_MAX) {
- g_fprintf(stderr, "3: editcap: \"%s\" isn't a valid rel time value\n",
+ fprintf(stderr, "3: editcap: \"%s\" isn't a valid rel time value\n",
optarg_str_p);
exit(1);
}
frac_digits++;
}
}
- relative_time_window.nsecs = val;
+ relative_time_window.nsecs = (int)val;
}
static gboolean
" (" SVNVERSION " from " SVNPATH ")"
#endif
"\n", VERSION);
- g_fprintf(output, "Edit and/or translate the format of capture files.\n");
- g_fprintf(output, "See http://www.wireshark.org for more information.\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Usage: editcap [options] ... <infile> <outfile> [ <packet#>[-<packet#>] ... ]\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "<infile> and <outfile> must both be present.\n");
- g_fprintf(output, "A single packet or a range of packets can be selected.\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Packet selection:\n");
- g_fprintf(output, " -r keep the selected packets; default is to delete them.\n");
- g_fprintf(output, " -A <start time> only output packets whose timestamp is after (or equal\n");
- g_fprintf(output, " to) the given time (format as YYYY-MM-DD hh:mm:ss).\n");
- g_fprintf(output, " -B <stop time> only output packets whose timestamp is before the\n");
- g_fprintf(output, " given time (format as YYYY-MM-DD hh:mm:ss).\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Duplicate packet removal:\n");
- g_fprintf(output, " -d remove packet if duplicate (window == %d).\n", DEFAULT_DUP_DEPTH);
- g_fprintf(output, " -D <dup window> remove packet if duplicate; configurable <dup window>\n");
- g_fprintf(output, " Valid <dup window> values are 0 to %d.\n", MAX_DUP_DEPTH);
- g_fprintf(output, " NOTE: A <dup window> of 0 with -v (verbose option) is\n");
- g_fprintf(output, " useful to print MD5 hashes.\n");
- g_fprintf(output, " -w <dup time window> remove packet if duplicate packet is found EQUAL TO OR\n");
- g_fprintf(output, " LESS THAN <dup time window> prior to current packet.\n");
- g_fprintf(output, " A <dup time window> is specified in relative seconds\n");
- g_fprintf(output, " (e.g. 0.000001).\n");
- g_fprintf(output, "\n");
- g_fprintf(output, " NOTE: The use of the 'Duplicate packet removal' options with\n");
- g_fprintf(output, " other editcap options except -v may not always work as expected.\n");
- g_fprintf(output, " Specifically the -r, -t or -S options will very likely NOT have the\n");
- g_fprintf(output, " desired effect if combined with the -d, -D or -w.\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Packet manipulation:\n");
- g_fprintf(output, " -s <snaplen> truncate each packet to max. <snaplen> bytes of data.\n");
- g_fprintf(output, " -C <choplen> chop each packet by <choplen> bytes. Positive values\n");
- g_fprintf(output, " chop at the packet beginning, negative values at the\n");
- g_fprintf(output, " packet end.\n");
- g_fprintf(output, " -t <time adjustment> adjust the timestamp of each packet;\n");
- g_fprintf(output, " <time adjustment> is in relative seconds (e.g. -0.5).\n");
- g_fprintf(output, " -S <strict adjustment> adjust timestamp of packets if necessary to insure\n");
- g_fprintf(output, " strict chronological increasing order. The <strict\n");
- g_fprintf(output, " adjustment> is specified in relative seconds with\n");
- g_fprintf(output, " values of 0 or 0.000001 being the most reasonable.\n");
- g_fprintf(output, " A negative adjustment value will modify timestamps so\n");
- g_fprintf(output, " that each packet's delta time is the absolute value\n");
- g_fprintf(output, " of the adjustment specified. A value of -0 will set\n");
- g_fprintf(output, " all packets to the timestamp of the first packet.\n");
- g_fprintf(output, " -E <error probability> set the probability (between 0.0 and 1.0 incl.)\n");
- g_fprintf(output, " that a particular packet byte will be randomly changed.\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Output File(s):\n");
- g_fprintf(output, " -c <packets per file> split the packet output to different files\n");
- g_fprintf(output, " based on uniform packet counts\n");
- g_fprintf(output, " with a maximum of <packets per file> each.\n");
- g_fprintf(output, " -i <seconds per file> split the packet output to different files\n");
- g_fprintf(output, " based on uniform time intervals\n");
- g_fprintf(output, " with a maximum of <seconds per file> each.\n");
- g_fprintf(output, " -F <capture type> set the output file type; default is pcapng.\n");
- g_fprintf(output, " an empty \"-F\" option will list the file types.\n");
- g_fprintf(output, " -T <encap type> set the output file encapsulation type;\n");
- g_fprintf(output, " default is the same as the input file.\n");
- g_fprintf(output, " an empty \"-T\" option will list the encapsulation types.\n");
- g_fprintf(output, "\n");
- g_fprintf(output, "Miscellaneous:\n");
- g_fprintf(output, " -h display this help and exit.\n");
- g_fprintf(output, " -v verbose output.\n");
- g_fprintf(output, " If -v is used with any of the 'Duplicate Packet\n");
- g_fprintf(output, " Removal' options (-d, -D or -w) then Packet lengths\n");
- g_fprintf(output, " and MD5 hashes are printed to standard-out.\n");
- g_fprintf(output, "\n");
+ fprintf(output, "Edit and/or translate the format of capture files.\n");
+ fprintf(output, "See http://www.wireshark.org for more information.\n");
+ fprintf(output, "\n");
+ fprintf(output, "Usage: editcap [options] ... <infile> <outfile> [ <packet#>[-<packet#>] ... ]\n");
+ fprintf(output, "\n");
+ fprintf(output, "<infile> and <outfile> must both be present.\n");
+ fprintf(output, "A single packet or a range of packets can be selected.\n");
+ fprintf(output, "\n");
+ fprintf(output, "Packet selection:\n");
+ fprintf(output, " -r keep the selected packets; default is to delete them.\n");
+ fprintf(output, " -A <start time> only output packets whose timestamp is after (or equal\n");
+ fprintf(output, " to) the given time (format as YYYY-MM-DD hh:mm:ss).\n");
+ fprintf(output, " -B <stop time> only output packets whose timestamp is before the\n");
+ fprintf(output, " given time (format as YYYY-MM-DD hh:mm:ss).\n");
+ fprintf(output, "\n");
+ fprintf(output, "Duplicate packet removal:\n");
+ fprintf(output, " -d remove packet if duplicate (window == %d).\n", DEFAULT_DUP_DEPTH);
+ fprintf(output, " -D <dup window> remove packet if duplicate; configurable <dup window>\n");
+ fprintf(output, " Valid <dup window> values are 0 to %d.\n", MAX_DUP_DEPTH);
+ fprintf(output, " NOTE: A <dup window> of 0 with -v (verbose option) is\n");
+ fprintf(output, " useful to print MD5 hashes.\n");
+ fprintf(output, " -w <dup time window> remove packet if duplicate packet is found EQUAL TO OR\n");
+ fprintf(output, " LESS THAN <dup time window> prior to current packet.\n");
+ fprintf(output, " A <dup time window> is specified in relative seconds\n");
+ fprintf(output, " (e.g. 0.000001).\n");
+ fprintf(output, "\n");
+ fprintf(output, " NOTE: The use of the 'Duplicate packet removal' options with\n");
+ fprintf(output, " other editcap options except -v may not always work as expected.\n");
+ fprintf(output, " Specifically the -r, -t or -S options will very likely NOT have the\n");
+ fprintf(output, " desired effect if combined with the -d, -D or -w.\n");
+ fprintf(output, "\n");
+ fprintf(output, "Packet manipulation:\n");
+ fprintf(output, " -s <snaplen> truncate each packet to max. <snaplen> bytes of data.\n");
+ fprintf(output, " -C <choplen> chop each packet by <choplen> bytes. Positive values\n");
+ fprintf(output, " chop at the packet beginning, negative values at the\n");
+ fprintf(output, " packet end.\n");
+ fprintf(output, " -t <time adjustment> adjust the timestamp of each packet;\n");
+ fprintf(output, " <time adjustment> is in relative seconds (e.g. -0.5).\n");
+ fprintf(output, " -S <strict adjustment> adjust timestamp of packets if necessary to insure\n");
+ fprintf(output, " strict chronological increasing order. The <strict\n");
+ fprintf(output, " adjustment> is specified in relative seconds with\n");
+ fprintf(output, " values of 0 or 0.000001 being the most reasonable.\n");
+ fprintf(output, " A negative adjustment value will modify timestamps so\n");
+ fprintf(output, " that each packet's delta time is the absolute value\n");
+ fprintf(output, " of the adjustment specified. A value of -0 will set\n");
+ fprintf(output, " all packets to the timestamp of the first packet.\n");
+ fprintf(output, " -E <error probability> set the probability (between 0.0 and 1.0 incl.)\n");
+ fprintf(output, " that a particular packet byte will be randomly changed.\n");
+ fprintf(output, "\n");
+ fprintf(output, "Output File(s):\n");
+ fprintf(output, " -c <packets per file> split the packet output to different files\n");
+ fprintf(output, " based on uniform packet counts\n");
+ fprintf(output, " with a maximum of <packets per file> each.\n");
+ fprintf(output, " -i <seconds per file> split the packet output to different files\n");
+ fprintf(output, " based on uniform time intervals\n");
+ fprintf(output, " with a maximum of <seconds per file> each.\n");
+ fprintf(output, " -F <capture type> set the output file type; default is pcapng.\n");
+ fprintf(output, " an empty \"-F\" option will list the file types.\n");
+ fprintf(output, " -T <encap type> set the output file encapsulation type;\n");
+ fprintf(output, " default is the same as the input file.\n");
+ fprintf(output, " an empty \"-T\" option will list the encapsulation types.\n");
+ fprintf(output, "\n");
+ fprintf(output, "Miscellaneous:\n");
+ fprintf(output, " -h display this help and exit.\n");
+ fprintf(output, " -v verbose output.\n");
+ fprintf(output, " If -v is used with any of the 'Duplicate Packet\n");
+ fprintf(output, " Removal' options (-d, -D or -w) then Packet lengths\n");
+ fprintf(output, " and MD5 hashes are printed to standard-out.\n");
+ fprintf(output, "\n");
}
struct string_elem {
static void
string_elem_print(gpointer data, gpointer not_used _U_)
{
- g_fprintf(stderr, " %s - %s\n",
+ fprintf(stderr, " %s - %s\n",
((struct string_elem *)data)->sstr,
((struct string_elem *)data)->lstr);
}
struct string_elem *captypes;
GSList *list = NULL;
- captypes = g_malloc(sizeof(struct string_elem) * WTAP_NUM_FILE_TYPES);
- g_fprintf(stderr, "editcap: The available capture file types for the \"-F\" flag are:\n");
+ captypes = g_new(struct string_elem,WTAP_NUM_FILE_TYPES);
+ fprintf(stderr, "editcap: The available capture file types for the \"-F\" flag are:\n");
for (i = 0; i < WTAP_NUM_FILE_TYPES; i++) {
if (wtap_dump_can_open(i)) {
captypes[i].sstr = wtap_file_type_short_string(i);
struct string_elem *encaps;
GSList *list = NULL;
- encaps = g_malloc(sizeof(struct string_elem) * WTAP_NUM_ENCAP_TYPES);
- g_fprintf(stderr, "editcap: The available encapsulation types for the \"-T\" flag are:\n");
+ encaps = (struct string_elem *)g_malloc(sizeof(struct string_elem) * WTAP_NUM_ENCAP_TYPES);
+ fprintf(stderr, "editcap: The available encapsulation types for the \"-T\" flag are:\n");
for (i = 0; i < WTAP_NUM_ENCAP_TYPES; i++) {
encaps[i].sstr = wtap_encap_short_string(i);
if (encaps[i].sstr != NULL) {
guint32 snaplen = 0; /* No limit */
int choplen = 0; /* No chop */
wtap_dumper *pdh = NULL;
- int count = 1;
- unsigned duplicate_count = 0;
+ unsigned int count = 1;
+ unsigned int duplicate_count = 0;
gint64 data_offset;
struct wtap_pkthdr snap_phdr;
const struct wtap_pkthdr *phdr;
int err_type;
+ wtapng_section_t *shb_hdr;
+ wtapng_iface_descriptions_t *idb_inf;
guint8 *buf;
guint32 read_count = 0;
int split_packet_count = 0;
nstime_t block_start;
gchar *fprefix = NULL;
gchar *fsuffix = NULL;
+ char appname[100];
#ifdef HAVE_PLUGINS
char* init_progfile_dir_error;
#ifdef _WIN32
arg_list_utf_16to8(argc, argv);
+ create_app_running_mutex();
#endif /* _WIN32 */
/*
#ifdef HAVE_PLUGINS
/* Register wiretap plugins */
if ((init_progfile_dir_error = init_progfile_dir(argv[0], main))) {
- g_warning("capinfos: init_progfile_dir(): %s", init_progfile_dir_error);
+ g_warning("editcap: init_progfile_dir(): %s", init_progfile_dir_error);
g_free(init_progfile_dir_error);
} else {
init_report_err(failure_message,NULL,NULL,NULL);
case 'E':
err_prob = strtod(optarg, &p);
if (p == optarg || err_prob < 0.0 || err_prob > 1.0) {
- g_fprintf(stderr, "editcap: probability \"%s\" must be between 0.0 and 1.0\n",
+ fprintf(stderr, "editcap: probability \"%s\" must be between 0.0 and 1.0\n",
optarg);
exit(1);
}
case 'F':
out_file_type = wtap_short_string_to_file_type(optarg);
if (out_file_type < 0) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid capture file type\n\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid capture file type\n\n",
optarg);
list_capture_types();
exit(1);
break;
case 'c':
- split_packet_count = strtol(optarg, &p, 10);
+ split_packet_count = (int)strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid packet count\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid packet count\n",
optarg);
exit(1);
}
if (split_packet_count <= 0) {
- g_fprintf(stderr, "editcap: \"%d\" packet count must be larger than zero\n",
+ fprintf(stderr, "editcap: \"%d\" packet count must be larger than zero\n",
split_packet_count);
exit(1);
}
break;
case 'C':
- choplen = strtol(optarg, &p, 10);
+ choplen = (int)strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid chop length\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid chop length\n",
optarg);
exit(1);
}
case 'D':
dup_detect = TRUE;
dup_detect_by_time = FALSE;
- dup_window = strtol(optarg, &p, 10);
+ dup_window = (int)strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid duplicate window value\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid duplicate window value\n",
optarg);
exit(1);
}
if (dup_window < 0 || dup_window > MAX_DUP_DEPTH) {
- g_fprintf(stderr, "editcap: \"%d\" duplicate window value must be between 0 and %d inclusive.\n",
+ fprintf(stderr, "editcap: \"%d\" duplicate window value must be between 0 and %d inclusive.\n",
dup_window, MAX_DUP_DEPTH);
exit(1);
}
break;
case 's':
- snaplen = strtol(optarg, &p, 10);
+ snaplen = (guint32)strtol(optarg, &p, 10);
if (p == optarg || *p != '\0') {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid snapshot length\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid snapshot length\n",
optarg);
exit(1);
}
case 'T':
out_frame_type = wtap_short_string_to_encap(optarg);
if (out_frame_type < 0) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid encapsulation type\n\n",
+ fprintf(stderr, "editcap: \"%s\" isn't a valid encapsulation type\n\n",
optarg);
list_encap_types();
exit(1);
case 'i': /* break capture file based on time interval */
secs_per_block = atoi(optarg);
if(secs_per_block <= 0) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time interval\n\n", optarg);
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time interval\n\n", optarg);
exit(1);
}
break;
memset(&starttm,0,sizeof(struct tm));
if(!strptime(optarg,"%Y-%m-%d %T",&starttm)) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg);
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg);
exit(1);
}
memset(&stoptm,0,sizeof(struct tm));
if(!strptime(optarg,"%Y-%m-%d %T",&stoptm)) {
- g_fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg);
+ fprintf(stderr, "editcap: \"%s\" isn't a valid time format\n\n", optarg);
exit(1);
}
check_startstop = TRUE;
}
#ifdef DEBUG
- g_printf("Optind = %i, argc = %i\n", optind, argc);
+ printf("Optind = %i, argc = %i\n", optind, argc);
#endif
if ((argc - optind) < 1) {
nstime_set_unset(&block_start);
if (starttime > stoptime) {
- g_fprintf(stderr, "editcap: start time is after the stop time\n");
+ fprintf(stderr, "editcap: start time is after the stop time\n");
exit(1);
}
if (split_packet_count > 0 && secs_per_block > 0) {
- g_fprintf(stderr, "editcap: can't split on both packet count and time interval\n");
- g_fprintf(stderr, "editcap: at the same time\n");
+ fprintf(stderr, "editcap: can't split on both packet count and time interval\n");
+ fprintf(stderr, "editcap: at the same time\n");
exit(1);
}
wth = wtap_open_offline(argv[optind], &err, &err_info, FALSE);
if (!wth) {
- g_fprintf(stderr, "editcap: Can't open %s: %s\n", argv[optind],
+ fprintf(stderr, "editcap: Can't open %s: %s\n", argv[optind],
wtap_strerror(err));
switch (err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
- g_fprintf(stderr, "(%s)\n", err_info);
+ fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
}
if (verbose) {
- g_fprintf(stderr, "File %s is a %s capture file.\n", argv[optind],
+ fprintf(stderr, "File %s is a %s capture file.\n", argv[optind],
wtap_file_type_string(wtap_file_type(wth)));
}
+ shb_hdr = wtap_file_get_shb_info(wth);
+ idb_inf = wtap_file_get_idb_info(wth);
+
/*
* Now, process the rest, if any ... we only write if there is an extra
* argument or so ...
} else
filename = g_strdup(argv[optind+1]);
- pdh = wtap_dump_open(filename, out_file_type, out_frame_type,
+ /* If we don't have an application name add Editcap */
+ if(shb_hdr->shb_user_appl == NULL) {
+ g_snprintf(appname, sizeof(appname), "Editcap " VERSION);
+ shb_hdr->shb_user_appl = appname;
+ }
+
+ pdh = wtap_dump_open_ng(filename, out_file_type, out_frame_type,
snaplen ? MIN(snaplen, wtap_snapshot_length(wth)) : wtap_snapshot_length(wth),
- FALSE /* compressed */, &err);
+ FALSE /* compressed */, shb_hdr, idb_inf, &err);
+
if (pdh == NULL) {
- g_fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
+ fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
phdr->ts.nsecs >= block_start.nsecs )) { /* time for the next file */
if (!wtap_dump_close(pdh, &err)) {
- g_fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
+ fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
g_assert(filename);
if (verbose) {
- g_fprintf(stderr, "Continuing writing in file %s\n", filename);
+ fprintf(stderr, "Continuing writing in file %s\n", filename);
}
- pdh = wtap_dump_open(filename, out_file_type, out_frame_type,
+ pdh = wtap_dump_open_ng(filename, out_file_type, out_frame_type,
snaplen ? MIN(snaplen, wtap_snapshot_length(wth)) : wtap_snapshot_length(wth),
- FALSE /* compressed */, &err);
+ FALSE /* compressed */, shb_hdr, idb_inf, &err);
if (pdh == NULL) {
- g_fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
+ fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
if (written_count > 0 &&
written_count % split_packet_count == 0) {
if (!wtap_dump_close(pdh, &err)) {
- g_fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
+ fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
g_assert(filename);
if (verbose) {
- g_fprintf(stderr, "Continuing writing in file %s\n", filename);
+ fprintf(stderr, "Continuing writing in file %s\n", filename);
}
- pdh = wtap_dump_open(filename, out_file_type, out_frame_type,
+ pdh = wtap_dump_open_ng(filename, out_file_type, out_frame_type,
snaplen ? MIN(snaplen, wtap_snapshot_length(wth)) : wtap_snapshot_length(wth),
- FALSE /* compressed */, &err);
+ FALSE /* compressed */, shb_hdr, idb_inf, &err);
if (pdh == NULL) {
- g_fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
+ fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
if ( ts_okay && ((!selected(count) && !keep_em) || (selected(count) && keep_em)) ) {
if (verbose && !dup_detect && !dup_detect_by_time)
- g_printf("Packet: %u\n", count);
+ printf("Packet: %u\n", count);
/* We simply write it, perhaps after truncating it; we could do other
things, like modify it. */
* situation since trace files usually have packets in
* chronological order (oldest to newest).
*/
- /* g_printf("++out of order, need to adjust this packet!\n"); */
+ /* printf("++out of order, need to adjust this packet!\n"); */
snap_phdr = *phdr;
snap_phdr.ts.secs = previous_time.secs + strict_time_adj.tv.tv_sec;
snap_phdr.ts.nsecs = previous_time.nsecs;
if (dup_detect) {
if (is_duplicate(buf, phdr->caplen)) {
if (verbose) {
- g_fprintf(stdout, "Skipped: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
+ fprintf(stdout, "Skipped: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
for (i = 0; i < 16; i++) {
- g_fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
+ fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
}
- g_fprintf(stdout, "\n");
+ fprintf(stdout, "\n");
}
duplicate_count++;
count++;
continue;
} else {
if (verbose) {
- g_fprintf(stdout, "Packet: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
+ fprintf(stdout, "Packet: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
for (i = 0; i < 16; i++) {
- g_fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
+ fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
}
- g_fprintf(stdout, "\n");
+ fprintf(stdout, "\n");
}
}
}
if (is_duplicate_rel_time(buf, phdr->caplen, ¤t)) {
if (verbose) {
- g_fprintf(stdout, "Skipped: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
+ fprintf(stdout, "Skipped: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
for (i = 0; i < 16; i++) {
- g_fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
+ fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
}
- g_fprintf(stdout, "\n");
+ fprintf(stdout, "\n");
}
duplicate_count++;
count++;
continue;
} else {
if (verbose) {
- g_fprintf(stdout, "Packet: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
+ fprintf(stdout, "Packet: %u, Len: %u, MD5 Hash: ", count, phdr->caplen);
for (i = 0; i < 16; i++) {
- g_fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
+ fprintf(stdout, "%02x", (unsigned char)fd_hash[cur_dup_entry].digest[i]);
}
- g_fprintf(stdout, "\n");
+ fprintf(stdout, "\n");
}
}
}
}
}
- if (!wtap_dump(pdh, phdr, wtap_pseudoheader(wth), buf, &err)) {
+ if (!wtap_dump(pdh, phdr, buf, &err)) {
switch (err) {
case WTAP_ERR_UNSUPPORTED_ENCAP:
* This is a problem with the particular frame we're writing;
* note that, and give the frame number.
*/
- g_fprintf(stderr, "editcap: Frame %u of \"%s\" has a network type that can't be saved in a file with that format\n.",
+ fprintf(stderr, "editcap: Frame %u of \"%s\" has a network type that can't be saved in a file with that format\n.",
read_count, argv[optind]);
break;
default:
- g_fprintf(stderr, "editcap: Error writing to %s: %s\n",
+ fprintf(stderr, "editcap: Error writing to %s: %s\n",
filename, wtap_strerror(err));
break;
}
count++;
}
+
g_free(fprefix);
g_free(fsuffix);
if (err != 0) {
/* Print a message noting that the read failed somewhere along the line. */
- g_fprintf(stderr,
+ fprintf(stderr,
"editcap: An error occurred while reading \"%s\": %s.\n",
argv[optind], wtap_strerror(err));
switch (err) {
case WTAP_ERR_UNSUPPORTED:
case WTAP_ERR_UNSUPPORTED_ENCAP:
case WTAP_ERR_BAD_FILE:
- g_fprintf(stderr, "(%s)\n", err_info);
+ fprintf(stderr, "(%s)\n", err_info);
g_free(err_info);
break;
}
g_free (filename);
filename = g_strdup(argv[optind+1]);
- pdh = wtap_dump_open(filename, out_file_type, out_frame_type,
+ pdh = wtap_dump_open_ng(filename, out_file_type, out_frame_type,
snaplen ? MIN(snaplen, wtap_snapshot_length(wth)): wtap_snapshot_length(wth),
- FALSE /* compressed */, &err);
+ FALSE /* compressed */, shb_hdr, idb_inf, &err);
if (pdh == NULL) {
- g_fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
+ fprintf(stderr, "editcap: Can't open or create %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
}
+ g_free(idb_inf);
+ idb_inf = NULL;
+
if (!wtap_dump_close(pdh, &err)) {
- g_fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
+ fprintf(stderr, "editcap: Error writing to %s: %s\n", filename,
wtap_strerror(err));
exit(2);
}
+ g_free(shb_hdr);
g_free(filename);
}
if (dup_detect) {
- g_fprintf(stdout, "%u packet%s seen, %u packet%s skipped with duplicate window of %u packets.\n",
+ fprintf(stdout, "%u packet%s seen, %u packet%s skipped with duplicate window of %u packets.\n",
count - 1, plurality(count - 1, "", "s"),
duplicate_count, plurality(duplicate_count, "", "s"), dup_window);
} else if (dup_detect_by_time) {
- g_fprintf(stdout, "%u packet%s seen, %u packet%s skipped with duplicate time window equal to or less than %ld.%09ld seconds.\n",
+ fprintf(stdout, "%u packet%s seen, %u packet%s skipped with duplicate time window equal to or less than %ld.%09ld seconds.\n",
count - 1, plurality(count - 1, "", "s"),
duplicate_count, plurality(duplicate_count, "", "s"),
(long)relative_time_window.secs, (long int)relative_time_window.nsecs);