#include <glib.h>
-#include <wsutil/wsjsmn.h>
+#include <wsutil/wsjson.h>
#include <wsutil/ws_printf.h>
#include <file.h>
#include <ui/ssl_key_export.h>
+#include <ui/io_graph_item.h>
#include <epan/stats_tree_priv.h>
#include <epan/stat_tap_ui.h>
#include <epan/conversation_table.h>
#include <ui/voip_calls.h>
#include <ui/rtp_stream.h>
#include <ui/tap-rtp-common.h>
+#include <ui/tap-rtp-analysis.h>
#include <epan/to_str.h>
#include <epan/addr_resolv.h>
# include <codecs/speex/speex_resampler.h>
#endif /* HAVE_SPEEXDSP */
-#ifdef HAVE_GEOIP
-# include <GeoIP.h>
-# include <epan/geoip_db.h>
-# include <wsutil/pint.h>
-#endif
+#include <epan/maxmind_db.h>
-#include <wsutil/glib-compat.h>
+#include <wsutil/pint.h>
#include <wsutil/strtoi.h>
#include "globals.h"
static gboolean
json_unescape_str(char *input)
{
- return wsjsmn_unescape_json_string(input, input);
+ return wsjson_unescape_json_string(input, input);
}
static const char *
return l->filtered;
}
-struct sharkd_rtp_match
-{
- guint32 addr_src, addr_dst;
- address src_addr;
- address dst_addr;
- guint16 src_port;
- guint16 dst_port;
- guint32 ssrc;
-};
-
static gboolean
-sharkd_rtp_match_init(struct sharkd_rtp_match *req, const char *init_str)
+sharkd_rtp_match_init(rtpstream_id_t *id, const char *init_str)
{
gboolean ret = FALSE;
char **arr;
+ guint32 tmp_addr_src, tmp_addr_dst;
+ address tmp_src_addr, tmp_dst_addr;
+
+ memset(id, 0, sizeof(*id));
arr = g_strsplit(init_str, "_", 7); /* pass larger value, so we'll catch incorrect input :) */
if (g_strv_length(arr) != 5)
goto fail;
/* TODO, for now only IPv4 */
- if (!get_host_ipaddr(arr[0], &req->addr_src))
+ if (!get_host_ipaddr(arr[0], &tmp_addr_src))
goto fail;
- if (!ws_strtou16(arr[1], NULL, &req->src_port))
+ if (!ws_strtou16(arr[1], NULL, &id->src_port))
goto fail;
- if (!get_host_ipaddr(arr[2], &req->addr_dst))
+ if (!get_host_ipaddr(arr[2], &tmp_addr_dst))
goto fail;
- if (!ws_strtou16(arr[3], NULL, &req->dst_port))
+ if (!ws_strtou16(arr[3], NULL, &id->dst_port))
goto fail;
- if (!ws_hexstrtou32(arr[4], NULL, &req->ssrc))
+ if (!ws_hexstrtou32(arr[4], NULL, &id->ssrc))
goto fail;
- set_address(&req->src_addr, AT_IPv4, 4, &req->addr_src);
- set_address(&req->dst_addr, AT_IPv4, 4, &req->addr_dst);
+ set_address(&tmp_src_addr, AT_IPv4, 4, &tmp_addr_src);
+ copy_address(&id->src_addr, &tmp_src_addr);
+ set_address(&tmp_dst_addr, AT_IPv4, 4, &tmp_addr_dst);
+ copy_address(&id->dst_addr, &tmp_dst_addr);
+
ret = TRUE;
fail:
return ret;
}
-static gboolean
-sharkd_rtp_match_check(const struct sharkd_rtp_match *req, const packet_info *pinfo, const struct _rtp_info *rtp_info)
-{
- if (rtp_info->info_sync_src == req->ssrc &&
- pinfo->srcport == req->src_port &&
- pinfo->destport == req->dst_port &&
- addresses_equal(&pinfo->src, &req->src_addr) &&
- addresses_equal(&pinfo->dst, &req->dst_addr))
- {
- return TRUE;
- }
-
- return FALSE;
-}
-
static gboolean
sharkd_session_process_info_nstat_cb(const void *key, void *value, void *userdata)
{
printf(",\"protocols\":[");
for (framenum = 1; framenum <= cfile.count; framenum++)
- sharkd_dissect_request(framenum, (framenum != 1) ? 1 : 0, framenum - 1, &sharkd_session_process_analyse_cb, 0, 0, 0, &analyser);
+ sharkd_dissect_request(framenum, (framenum != 1) ? 1 : 0, framenum - 1, &sharkd_session_process_analyse_cb, SHARKD_DISSECT_FLAG_NULL, &analyser);
printf("]");
if (analyser.first_time)
gboolean resolve_port;
};
-static int
+static gboolean
sharkd_session_geoip_addr(address *addr, const char *suffix)
{
- int with_geoip = 0;
-
- (void) addr;
- (void) suffix;
+ const mmdb_lookup_t *lookup = NULL;
+ gboolean with_geoip = FALSE;
-#ifdef HAVE_GEOIP
if (addr->type == AT_IPv4)
{
- guint32 ip = pntoh32(addr->data);
-
- guint num_dbs = geoip_db_num_dbs();
- guint dbnum;
-
- for (dbnum = 0; dbnum < num_dbs; dbnum++)
- {
- const char *geoip_key = NULL;
- char *geoip_val;
-
- int db_type = geoip_db_type(dbnum);
-
- switch (db_type)
- {
- case GEOIP_COUNTRY_EDITION:
- geoip_key = "geoip_country";
- break;
+ guint32 ip;
- case GEOIP_CITY_EDITION_REV0:
- case GEOIP_CITY_EDITION_REV1:
- geoip_key = "geoip_city";
- break;
-
- case GEOIP_ORG_EDITION:
- geoip_key = "geoip_org";
- break;
-
- case GEOIP_ISP_EDITION:
- geoip_key = "geoip_isp";
- break;
-
- case GEOIP_ASNUM_EDITION:
- geoip_key = "geoip_as";
- break;
-
- case WS_LAT_FAKE_EDITION:
- geoip_key = "geoip_lat";
- break;
-
- case WS_LON_FAKE_EDITION:
- geoip_key = "geoip_lon";
- break;
- }
-
- if (geoip_key && (geoip_val = geoip_db_lookup_ipv4(dbnum, ip, NULL)))
- {
- printf(",\"%s%s\":", geoip_key, suffix);
- json_puts_string(geoip_val);
- with_geoip = 1;
- }
- }
+ memcpy(&ip, addr->data, 4);
+ lookup = maxmind_db_lookup_ipv4(ip);
}
-#ifdef HAVE_GEOIP_V6
- if (addr->type == AT_IPv6)
+ else if (addr->type == AT_IPv6)
{
const ws_in6_addr *ip6 = (const ws_in6_addr *) addr->data;
- guint num_dbs = geoip_db_num_dbs();
- guint dbnum;
+ lookup = maxmind_db_lookup_ipv6(ip6);
+ }
- for (dbnum = 0; dbnum < num_dbs; dbnum++)
- {
- const char *geoip_key = NULL;
- char *geoip_val;
+ if (!lookup || !lookup->found)
+ return FALSE;
- int db_type = geoip_db_type(dbnum);
+ if (lookup->country)
+ {
+ printf(",\"geoip_country%s\":", suffix);
+ json_puts_string(lookup->country);
+ with_geoip = TRUE;
+ }
- switch (db_type)
- {
- case GEOIP_COUNTRY_EDITION_V6:
- geoip_key = "geoip_country";
- break;
-#if NUM_DB_TYPES > 31
- case GEOIP_CITY_EDITION_REV0_V6:
- case GEOIP_CITY_EDITION_REV1_V6:
- geoip_key = "geoip_city";
- break;
+ if (lookup->country_iso)
+ {
+ printf(",\"geoip_country_iso%s\":", suffix);
+ json_puts_string(lookup->country_iso);
+ with_geoip = TRUE;
+ }
- case GEOIP_ORG_EDITION_V6:
- geoip_key = "geoip_org";
- break;
+ if (lookup->city)
+ {
+ printf(",\"geoip_city%s\":", suffix);
+ json_puts_string(lookup->city);
+ with_geoip = TRUE;
+ }
- case GEOIP_ISP_EDITION_V6:
- geoip_key = "geoip_isp";
- break;
+ if (lookup->as_org)
+ {
+ printf(",\"geoip_as_org%s\":", suffix);
+ json_puts_string(lookup->as_org);
+ with_geoip = TRUE;
+ }
- case GEOIP_ASNUM_EDITION_V6:
- geoip_key = "geoip_as";
- break;
-#endif /* DB_NUM_TYPES */
- case WS_LAT_FAKE_EDITION:
- geoip_key = "geoip_lat";
- break;
+ if (lookup->as_number > 0)
+ {
+ printf(",\"geoip_as%s\":%u", suffix, lookup->as_number);
+ with_geoip = TRUE;
+ }
- case WS_LON_FAKE_EDITION:
- geoip_key = "geoip_lon";
- break;
- }
+ if (lookup->latitude >= -90.0 && lookup->latitude <= 90.0)
+ {
+ printf(",\"geoip_lat%s\":%f", suffix, lookup->latitude);
+ with_geoip = TRUE;
+ }
- if (geoip_key && (geoip_val = geoip_db_lookup_ipv6(dbnum, *ip6, NULL)))
- {
- printf(",\"%s%s\":", geoip_key, suffix);
- json_puts_string(geoip_val);
- with_geoip = 1;
- }
- }
+ if (lookup->longitude >= -180.0 && lookup->longitude <= 180.0)
+ {
+ printf(",\"geoip_lon%s\":%f", suffix, lookup->longitude);
+ with_geoip = TRUE;
}
-#endif /* HAVE_GEOIP_V6 */
-#endif /* HAVE_GEOIP */
return with_geoip;
}
struct sharkd_analyse_rtp
{
const char *tap_name;
- struct sharkd_rtp_match rtp;
+ rtpstream_id_t id;
GSList *packets;
double start_time;
sharkd_session_packet_tap_rtp_analyse_cb(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *pointer)
{
struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
- const struct _rtp_info *rtpinfo = (const struct _rtp_info *) pointer;
+ const struct _rtp_info *rtp_info = (const struct _rtp_info *) pointer;
- if (sharkd_rtp_match_check(&rtp_req->rtp, pinfo, rtpinfo))
+ if (rtpstream_id_equal_pinfo_rtp_info(&rtp_req->id, pinfo, rtp_info))
{
tap_rtp_stat_t *statinfo = &(rtp_req->statinfo);
struct sharkd_analyse_rtp_items *item;
- rtp_packet_analyse(statinfo, pinfo, rtpinfo);
+ rtppacket_analyse(statinfo, pinfo, rtp_info);
item = (struct sharkd_analyse_rtp_items *) g_malloc(sizeof(struct sharkd_analyse_rtp_items));
rtp_req->start_time = nstime_to_sec(&pinfo->abs_ts);
item->frame_num = pinfo->num;
- item->sequence_num = rtpinfo->info_seq_num;
+ item->sequence_num = rtp_info->info_seq_num;
item->delta = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->delta;
item->jitter = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->jitter;
item->skew = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->skew;
item->bandwidth = statinfo->bandwidth;
- item->marker = rtpinfo->info_marker_set ? TRUE : FALSE;
+ item->marker = rtp_info->info_marker_set ? TRUE : FALSE;
item->arrive_offset= nstime_to_sec(&pinfo->abs_ts) - rtp_req->start_time;
item->flags = statinfo->flags;
printf("{\"tap\":\"%s\",\"type\":\"rtp-analyse\"", rtp_req->tap_name);
- printf(",\"ssrc\":%u", rtp_req->rtp.ssrc);
+ printf(",\"ssrc\":%u", rtp_req->id.ssrc);
printf(",\"max_delta\":%f", statinfo->max_delta);
printf(",\"max_delta_nr\":%u", statinfo->max_nr);
break;
case TABLE_ITEM_INT:
- printf("%d", field_data->value.uint_value);
+ printf("%d", field_data->value.int_value);
break;
case TABLE_ITEM_STRING:
{
stat_data_t *stat_data = (stat_data_t *) arg;
- free_stat_tables(stat_data->stat_tap_data, NULL, NULL);
+ free_stat_tables(stat_data->stat_tap_data);
}
/**
{
rtd_data_t *rtd_data = (rtd_data_t *) arg;
- free_rtd_table(&rtd_data->stat_table, NULL, NULL);
+ free_rtd_table(&rtd_data->stat_table);
g_free(rtd_data);
}
srt_data_t *srt_data = (srt_data_t *) arg;
register_srt_t *srt = (register_srt_t *) srt_data->user_data;
- free_srt_table(srt, srt_data->srt_array, NULL, NULL);
+ free_srt_table(srt, srt_data->srt_array);
g_array_free(srt_data->srt_array, TRUE);
g_free(srt_data);
}
printf(",\"streams\":[");
for (listx = g_list_first(rtp_tapinfo->strinfo_list); listx; listx = listx->next)
{
- rtp_stream_info_t *streaminfo = (rtp_stream_info_t *) listx->data;
+ rtpstream_info_calc_t calc;
+ rtpstream_info_t *streaminfo = (rtpstream_info_t *) listx->data;
- char *src_addr, *dst_addr;
- char *payload;
- guint32 expected;
-
- src_addr = address_to_display(NULL, &(streaminfo->src_addr));
- dst_addr = address_to_display(NULL, &(streaminfo->dest_addr));
-
- if (streaminfo->payload_type_name != NULL)
- payload = wmem_strdup(NULL, streaminfo->payload_type_name);
- else
- payload = val_to_str_ext_wmem(NULL, streaminfo->payload_type, &rtp_payload_type_short_vals_ext, "Unknown (%u)");
+ rtpstream_info_calculate(streaminfo, &calc);
- printf("%s{\"ssrc\":%u", sepa, streaminfo->ssrc);
- printf(",\"payload\":\"%s\"", payload);
+ printf("%s{\"ssrc\":%u", sepa, calc.ssrc);
+ printf(",\"payload\":\"%s\"", calc.all_payload_type_names);
- printf(",\"saddr\":\"%s\"", src_addr);
- printf(",\"sport\":%u", streaminfo->src_port);
+ printf(",\"saddr\":\"%s\"", calc.src_addr_str);
+ printf(",\"sport\":%u", calc.src_port);
- printf(",\"daddr\":\"%s\"", dst_addr);
- printf(",\"dport\":%u", streaminfo->dest_port);
+ printf(",\"daddr\":\"%s\"", calc.dst_addr_str);
+ printf(",\"dport\":%u", calc.dst_port);
- printf(",\"pkts\":%u", streaminfo->packet_count);
+ printf(",\"pkts\":%u", calc.packet_count);
- printf(",\"max_delta\":%f", streaminfo->rtp_stats.max_delta);
- printf(",\"max_jitter\":%f", streaminfo->rtp_stats.max_jitter);
- printf(",\"mean_jitter\":%f", streaminfo->rtp_stats.mean_jitter);
+ printf(",\"max_delta\":%f",calc.max_delta);
+ printf(",\"max_jitter\":%f", calc.max_jitter);
+ printf(",\"mean_jitter\":%f", calc.mean_jitter);
- expected = (streaminfo->rtp_stats.stop_seq_nr + streaminfo->rtp_stats.cycles * 65536) - streaminfo->rtp_stats.start_seq_nr + 1;
- printf(",\"expectednr\":%u", expected);
- printf(",\"totalnr\":%u", streaminfo->rtp_stats.total_nr);
+ printf(",\"expectednr\":%u", calc.packet_expected);
+ printf(",\"totalnr\":%u", calc.total_nr);
- printf(",\"problem\":%s", streaminfo->problem ? "true" : "false");
+ printf(",\"problem\":%s", calc.problem? "true" : "false");
/* for filter */
- printf(",\"ipver\":%d", (streaminfo->src_addr.type == AT_IPv6) ? 6 : 4);
+ printf(",\"ipver\":%d", (streaminfo->id.src_addr.type == AT_IPv6) ? 6 : 4);
- wmem_free(NULL, src_addr);
- wmem_free(NULL, dst_addr);
- wmem_free(NULL, payload);
+ rtpstream_info_calc_free(&calc);
printf("}");
sepa = ",";
st = stats_tree_new(cfg, NULL, tap_filter);
- tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb);
+ tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb, NULL);
if (!tap_error && cfg->init)
cfg->init(st);
expert_tap = g_new0(struct sharkd_expert_tap, 1);
expert_tap->text = g_string_chunk_new(100);
- tap_error = register_tap_listener("expert", expert_tap, NULL, 0, NULL, sharkd_session_packet_tap_expert_cb, sharkd_session_process_tap_expert_cb);
+ tap_error = register_tap_listener("expert", expert_tap, NULL, 0, NULL, sharkd_session_packet_tap_expert_cb, sharkd_session_process_tap_expert_cb, NULL);
tap_data = expert_tap;
tap_free = sharkd_session_free_tap_expert_cb;
tap_flags = sequence_analysis_get_tap_flags(analysis);
tap_func = sequence_analysis_get_packet_func(analysis);
- tap_error = register_tap_listener(tap_name, graph_analysis, NULL, tap_flags, NULL, tap_func, sharkd_session_process_tap_flow_cb);
+ tap_error = register_tap_listener(tap_name, graph_analysis, NULL, tap_flags, NULL, tap_func, sharkd_session_process_tap_flow_cb, NULL);
tap_data = graph_analysis;
tap_free = sharkd_session_free_tap_flow_cb;
ct_data->resolve_name = TRUE;
ct_data->resolve_port = TRUE;
- tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb);
+ tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb, NULL);
tap_data = &ct_data->hash;
tap_free = sharkd_session_free_tap_conv_cb;
continue;
}
- stat_tap->stat_tap_init_cb(stat_tap, NULL, NULL);
+ stat_tap->stat_tap_init_cb(stat_tap);
stat_data = g_new0(stat_data_t, 1);
stat_data->stat_tap_data = stat_tap;
stat_data->user_data = NULL;
- tap_error = register_tap_listener(stat_tap->tap_name, stat_data, tap_filter, 0, NULL, stat_tap->packet_func, sharkd_session_process_tap_nstat_cb);
+ tap_error = register_tap_listener(stat_tap->tap_name, stat_data, tap_filter, 0, NULL, stat_tap->packet_func, sharkd_session_process_tap_nstat_cb, NULL);
tap_data = stat_data;
tap_free = sharkd_session_free_tap_nstat_cb;
rtd_data->user_data = rtd;
rtd_table_dissector_init(rtd, &rtd_data->stat_table, NULL, NULL);
- tap_error = register_tap_listener(get_rtd_tap_listener_name(rtd), rtd_data, tap_filter, 0, NULL, get_rtd_packet_func(rtd), sharkd_session_process_tap_rtd_cb);
+ tap_error = register_tap_listener(get_rtd_tap_listener_name(rtd), rtd_data, tap_filter, 0, NULL, get_rtd_packet_func(rtd), sharkd_session_process_tap_rtd_cb, NULL);
tap_data = rtd_data;
tap_free = sharkd_session_free_tap_rtd_cb;
srt_data = g_new0(srt_data_t, 1);
srt_data->srt_array = g_array_new(FALSE, TRUE, sizeof(srt_stat_table *));
srt_data->user_data = srt;
- srt_table_dissector_init(srt, srt_data->srt_array, NULL, NULL);
+ srt_table_dissector_init(srt, srt_data->srt_array);
- tap_error = register_tap_listener(get_srt_tap_listener_name(srt), srt_data, tap_filter, 0, NULL, get_srt_packet_func(srt), sharkd_session_process_tap_srt_cb);
+ tap_error = register_tap_listener(get_srt_tap_listener_name(srt), srt_data, tap_filter, 0, NULL, get_srt_packet_func(srt), sharkd_session_process_tap_srt_cb, NULL);
tap_data = srt_data;
tap_free = sharkd_session_free_tap_srt_cb;
eo_object->get_entry = sharkd_eo_object_list_get_entry;
eo_object->gui_data = (void *) object_list;
- tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb);
+ tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb, NULL);
tap_data = eo_object;
tap_free = g_free; /* need to free only eo_object, object_list need to be kept for potential download */
}
else if (!strcmp(tok_tap, "rtp-streams"))
{
- tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet, sharkd_session_process_tap_rtp_cb);
+ tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet_cb, sharkd_session_process_tap_rtp_cb, NULL);
tap_data = &rtp_tapinfo;
tap_free = rtpstream_reset_cb;
struct sharkd_analyse_rtp *rtp_req;
rtp_req = (struct sharkd_analyse_rtp *) g_malloc0(sizeof(*rtp_req));
- if (!sharkd_rtp_match_init(&rtp_req->rtp, tok_tap + 12))
+ if (!sharkd_rtp_match_init(&rtp_req->id, tok_tap + 12))
{
+ rtpstream_id_free(&rtp_req->id);
g_free(rtp_req);
continue;
}
rtp_req->statinfo.first_packet = TRUE;
rtp_req->statinfo.reg_pt = PT_UNDEFINED;
- tap_error = register_tap_listener("rtp", rtp_req, tap_filter, 0, NULL, sharkd_session_packet_tap_rtp_analyse_cb, sharkd_session_process_tap_rtp_analyse_cb);
+ tap_error = register_tap_listener("rtp", rtp_req, tap_filter, 0, NULL, sharkd_session_packet_tap_rtp_analyse_cb, sharkd_session_process_tap_rtp_analyse_cb, NULL);
tap_data = rtp_req;
tap_free = sharkd_session_process_tap_rtp_free_cb;
follow_info = g_new0(follow_info_t, 1);
/* gui_data, filter_out_filter not set, but not used by dissector */
- tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL);
+ tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL, NULL);
if (tap_error)
{
fprintf(stderr, "sharkd_session_process_follow() name=%s error=%s", tok_follow, tap_error->str);
printf(",\"payloads\":[");
- for (cur = follow_info->payload; cur; cur = g_list_next(cur))
+ for (cur = g_list_last(follow_info->payload); cur; cur = g_list_previous(cur))
{
follow_record = (follow_record_t *) cur->data;
}
static void
-sharkd_session_process_frame_cb_tree(epan_dissect_t *edt, proto_tree *tree, tvbuff_t **tvbs)
+sharkd_session_process_frame_cb_tree(epan_dissect_t *edt, proto_tree *tree, tvbuff_t **tvbs, gboolean display_hidden)
{
proto_node *node;
const char *sepa = "";
if (!finfo)
continue;
- /* XXX, for now always skip hidden */
- if (FI_GET_FLAG(finfo, FI_HIDDEN))
+ if (!display_hidden && FI_GET_FLAG(finfo, FI_HIDDEN))
continue;
printf("%s{", sepa);
}
}
+ if (FI_GET_FLAG(finfo, FI_GENERATED))
+ {
+ printf(",\"g\":true");
+ }
+
+ if (FI_GET_FLAG(finfo, FI_HIDDEN))
+ {
+ printf(",\"v\":true");
+ }
+
if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
{
const char *severity = try_val_to_str(FI_GET_FLAG(finfo, PI_SEVERITY_MASK), expert_severity_vals);
if (finfo->tree_type != -1)
printf(",\"e\":%d", finfo->tree_type);
printf(",\"n\":");
- sharkd_session_process_frame_cb_tree(edt, (proto_tree *) node, tvbs);
+ sharkd_session_process_frame_cb_tree(edt, (proto_tree *) node, tvbs, display_hidden);
}
printf("}");
return FALSE;
}
+struct sharkd_frame_request_data
+{
+ gboolean display_hidden;
+};
+
static void
sharkd_session_process_frame_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
{
frame_data *fdata = pi->fd;
const char *pkt_comment = NULL;
- (void) data;
-
+ const struct sharkd_frame_request_data * const req_data = (const struct sharkd_frame_request_data * const) data;
+ const gboolean display_hidden = (req_data) ? req_data->display_hidden : FALSE;
printf("{");
printf("\"err\":0");
for (i = 0; i < count; i++)
{
- struct data_source *src = (struct data_source *) g_slist_nth_data((GSList *) data_src, i);
+ const struct data_source *src = (const struct data_source *) g_slist_nth_data((GSList *) data_src, i);
tvbs[i] = get_data_source_tvb(src);
}
tvbs[count] = NULL;
}
- sharkd_session_process_frame_cb_tree(edt, tree, tvbs);
+ sharkd_session_process_frame_cb_tree(edt, tree, tvbs, display_hidden);
g_free(tvbs);
}
printf("]");
}
+ if (fdata->flags.ignored)
+ printf(",\"i\":true");
+
+ if (fdata->flags.marked)
+ printf(",\"m\":true");
+
+ if (fdata->color_filter)
+ {
+ printf(",\"bg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->bg_color));
+ printf(",\"fg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->fg_color));
+ }
+
if (data_src)
{
struct data_source *src = (struct data_source *) data_src->data;
printf("}\n");
}
+#define SHARKD_IOGRAPH_MAX_ITEMS 250000 /* 250k limit of items is taken from wireshark-qt, on x86_64 sizeof(io_graph_item_t) is 152, so single graph can take max 36 MB */
+
+struct sharkd_iograph
+{
+ /* config */
+ int hf_index;
+ io_graph_item_unit_t calc_type;
+ guint32 interval;
+
+ /* result */
+ int space_items;
+ int num_items;
+ io_graph_item_t *items;
+ GString *error;
+};
+
+static gboolean
+sharkd_iograph_packet(void *g, packet_info *pinfo, epan_dissect_t *edt, const void *dummy _U_)
+{
+ struct sharkd_iograph *graph = (struct sharkd_iograph *) g;
+ int idx;
+
+ idx = get_io_graph_index(pinfo, graph->interval);
+ if (idx < 0 || idx >= SHARKD_IOGRAPH_MAX_ITEMS)
+ return FALSE;
+
+ if (idx + 1 > graph->num_items)
+ {
+ if (idx + 1 > graph->space_items)
+ {
+ int new_size = idx + 1024;
+
+ graph->items = (io_graph_item_t *) g_realloc(graph->items, sizeof(io_graph_item_t) * new_size);
+ reset_io_graph_items(&graph->items[graph->space_items], new_size - graph->space_items);
+
+ graph->space_items = new_size;
+ }
+ else if (graph->items == NULL)
+ {
+ graph->items = (io_graph_item_t *) g_malloc(sizeof(io_graph_item_t) * graph->space_items);
+ reset_io_graph_items(graph->items, graph->space_items);
+ }
+
+ graph->num_items = idx + 1;
+ }
+
+ return update_io_graph_item(graph->items, idx, pinfo, edt, graph->hf_index, graph->calc_type, graph->interval);
+}
+
+/**
+ * sharkd_session_process_iograph()
+ *
+ * Process iograph request
+ *
+ * Input:
+ * (o) interval - interval time in ms, if not specified: 1000ms
+ * (m) graph0 - First graph request
+ * (o) graph1...graph9 - Other graph requests
+ * (o) filter0 - First graph filter
+ * (o) filter1...filter9 - Other graph filters
+ *
+ * Graph requests can be one of: "packets", "bytes", "bits", "sum:<field>", "frames:<field>", "max:<field>", "min:<field>", "avg:<field>", "load:<field>",
+ * if you use variant with <field>, you need to pass field name in filter request.
+ *
+ * Output object with attributes:
+ * (m) iograph - array of graph results with attributes:
+ * errmsg - graph cannot be constructed
+ * items - graph values, zeros are skipped, if value is not a number it's next index encoded as hex string
+ */
+static void
+sharkd_session_process_iograph(char *buf, const jsmntok_t *tokens, int count)
+{
+ const char *tok_interval = json_find_attr(buf, tokens, count, "interval");
+ struct sharkd_iograph graphs[10];
+ gboolean is_any_ok = FALSE;
+ int graph_count;
+
+ guint32 interval_ms = 1000; /* default: one per second */
+ int i;
+
+ if (tok_interval)
+ {
+ if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0)
+ {
+ fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
+ return;
+ }
+ }
+
+ for (i = graph_count = 0; i < (int) G_N_ELEMENTS(graphs); i++)
+ {
+ struct sharkd_iograph *graph = &graphs[graph_count];
+
+ const char *tok_graph;
+ const char *tok_filter;
+ char tok_format_buf[32];
+ const char *field_name;
+
+ snprintf(tok_format_buf, sizeof(tok_format_buf), "graph%d", i);
+ tok_graph = json_find_attr(buf, tokens, count, tok_format_buf);
+ if (!tok_graph)
+ break;
+
+ snprintf(tok_format_buf, sizeof(tok_format_buf), "filter%d", i);
+ tok_filter = json_find_attr(buf, tokens, count, tok_format_buf);
+
+ if (!strcmp(tok_graph, "packets"))
+ graph->calc_type = IOG_ITEM_UNIT_PACKETS;
+ else if (!strcmp(tok_graph, "bytes"))
+ graph->calc_type = IOG_ITEM_UNIT_BYTES;
+ else if (!strcmp(tok_graph, "bits"))
+ graph->calc_type = IOG_ITEM_UNIT_BITS;
+ else if (g_str_has_prefix(tok_graph, "sum:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_SUM;
+ else if (g_str_has_prefix(tok_graph, "frames:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_FRAMES;
+ else if (g_str_has_prefix(tok_graph, "fields:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_FIELDS;
+ else if (g_str_has_prefix(tok_graph, "max:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_MAX;
+ else if (g_str_has_prefix(tok_graph, "min:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_MIN;
+ else if (g_str_has_prefix(tok_graph, "avg:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_AVERAGE;
+ else if (g_str_has_prefix(tok_graph, "load:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_LOAD;
+ else
+ break;
+
+ field_name = strchr(tok_graph, ':');
+ if (field_name)
+ field_name = field_name + 1;
+
+ graph->interval = interval_ms;
+
+ graph->hf_index = -1;
+ graph->error = check_field_unit(field_name, &graph->hf_index, graph->calc_type);
+
+ graph->space_items = 0; /* TODO, can avoid realloc()s in sharkd_iograph_packet() by calculating: capture_time / interval */
+ graph->num_items = 0;
+ graph->items = NULL;
+
+ if (!graph->error)
+ graph->error = register_tap_listener("frame", graph, tok_filter, TL_REQUIRES_PROTO_TREE, NULL, sharkd_iograph_packet, NULL, NULL);
+
+ graph_count++;
+
+ if (graph->error == NULL)
+ is_any_ok = TRUE;
+ }
+
+ /* retap only if we have at least one ok */
+ if (is_any_ok)
+ sharkd_retap();
+
+ printf("{\"iograph\":[");
+
+ for (i = 0; i < graph_count; i++)
+ {
+ struct sharkd_iograph *graph = &graphs[i];
+
+ if (i)
+ printf(",");
+ printf("{");
+
+ if (graph->error)
+ {
+ printf("\"errmsg\":");
+ json_puts_string(graph->error->str);
+ g_string_free(graph->error, TRUE);
+ }
+ else
+ {
+ int idx;
+ int next_idx = 0;
+ const char *sepa = "";
+
+ printf("\"items\":[");
+ for (idx = 0; idx < graph->num_items; idx++)
+ {
+ double val;
+
+ val = get_io_graph_item(graph->items, graph->calc_type, idx, graph->hf_index, &cfile, graph->interval, graph->num_items);
+
+ /* if it's zero, don't display */
+ if (val == 0.0)
+ continue;
+
+ printf("%s", sepa);
+
+ /* cause zeros are not printed, need to output index */
+ if (next_idx != idx)
+ printf("\"%x\",", idx);
+
+ printf("%f", val);
+ next_idx = idx + 1;
+ sepa = ",";
+ }
+ printf("]");
+ }
+ printf("}");
+
+ remove_tap_listener(graph);
+ g_free(graph->items);
+ }
+
+ printf("]}\n");
+}
+
/**
* sharkd_session_process_intervals()
*
* (o) prev_frame - previously displayed frame number
* (o) proto - set if output frame tree
* (o) columns - set if output frame columns
+ * (o) color - set if output color-filter bg/fg
* (o) bytes - set if output frame bytes
+ * (o) hidden - set if output hidden tree fields
*
* Output object with attributes:
* (m) err - 0 if succeed
* ds- data src index
* url - only for t:'url', url
* fnum - only for t:'framenum', frame number
+ * g - if field is generated by Wireshark
+ * v - if field is hidden
*
* (o) col - array of column data
* (o) bytes - base64 of frame bytes
* (o) fol - array of follow filters:
* [0] - protocol
* [1] - filter string
+ * (o) i - if frame is ignored
+ * (o) m - if frame is marked
+ * (o) bg - color filter - background color in hex
+ * (o) fg - color filter - foreground color in hex
*/
static void
sharkd_session_process_frame(char *buf, const jsmntok_t *tokens, int count)
const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
const char *tok_ref_frame = json_find_attr(buf, tokens, count, "ref_frame");
const char *tok_prev_frame = json_find_attr(buf, tokens, count, "prev_frame");
- int tok_proto = (json_find_attr(buf, tokens, count, "proto") != NULL);
- int tok_bytes = (json_find_attr(buf, tokens, count, "bytes") != NULL);
- int tok_columns = (json_find_attr(buf, tokens, count, "columns") != NULL);
-
guint32 framenum, ref_frame_num, prev_dis_num;
+ guint32 dissect_flags = SHARKD_DISSECT_FLAG_NULL;
+ if (json_find_attr(buf, tokens, count, "proto") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_PROTO_TREE;
+ if (json_find_attr(buf, tokens, count, "bytes") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_BYTES;
+ if (json_find_attr(buf, tokens, count, "columns") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_COLUMNS;
+ if (json_find_attr(buf, tokens, count, "color") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_COLOR;
if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
return;
if (tok_prev_frame && (!ws_strtou32(tok_prev_frame, NULL, &prev_dis_num) || prev_dis_num >= framenum))
return;
- sharkd_dissect_request(framenum, ref_frame_num, prev_dis_num, &sharkd_session_process_frame_cb, tok_bytes, tok_columns, tok_proto, NULL);
+ struct sharkd_frame_request_data req_data;
+ req_data.display_hidden = (json_find_attr(buf, tokens, count, "v") != NULL);
+
+ sharkd_dissect_request(framenum, ref_frame_num, prev_dis_num, &sharkd_session_process_frame_cb, dissect_flags, &req_data);
}
/**
struct sharkd_download_rtp
{
- struct sharkd_rtp_match rtp;
+ rtpstream_id_t id;
GSList *packets;
double start_time;
};
if (rtp_info->info_setup_frame_num == 0)
return FALSE;
- if (sharkd_rtp_match_check(&req_rtp->rtp, pinfo, rtp_info))
+ if (rtpstream_id_equal_pinfo_rtp_info(&req_rtp->id, pinfo, rtp_info))
{
rtp_packet_t *rtp_packet;
GString *tap_error;
memset(&rtp_req, 0, sizeof(rtp_req));
- if (!sharkd_rtp_match_init(&rtp_req.rtp, tok_token + 4))
+ if (!sharkd_rtp_match_init(&rtp_req.id, tok_token + 4))
{
fprintf(stderr, "sharkd_session_process_download() rtp tokenizing error %s\n", tok_token);
return;
}
- tap_error = register_tap_listener("rtp", &rtp_req, NULL, 0, NULL, sharkd_session_packet_download_tap_rtp_cb, NULL);
+ tap_error = register_tap_listener("rtp", &rtp_req, NULL, 0, NULL, sharkd_session_packet_download_tap_rtp_cb, NULL, NULL);
if (tap_error)
{
fprintf(stderr, "sharkd_session_process_download() rtp error=%s", tap_error->str);
sharkd_session_process_tap(buf, tokens, count);
else if (!strcmp(tok_req, "follow"))
sharkd_session_process_follow(buf, tokens, count);
+ else if (!strcmp(tok_req, "iograph"))
+ sharkd_session_process_iograph(buf, tokens, count);
else if (!strcmp(tok_req, "intervals"))
sharkd_session_process_intervals(buf, tokens, count);
else if (!strcmp(tok_req, "frame"))
filter_table = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, sharkd_session_filter_free);
+#ifdef HAVE_MAXMINDDB
+ /* mmdbresolve was stopped before fork(), force starting it */
+ uat_get_table_by_name("MaxMind Database Paths")->post_update_cb();
+#endif
+
while (fgets(buf, sizeof(buf), stdin))
{
/* every command is line seperated JSON */
int ret;
- ret = wsjsmn_parse(buf, NULL, 0);
+ ret = wsjson_parse(buf, NULL, 0);
if (ret < 0)
{
fprintf(stderr, "invalid JSON -> closing\n");
memset(tokens, 0, ret * sizeof(jsmntok_t));
- ret = wsjsmn_parse(buf, tokens, ret);
+ ret = wsjson_parse(buf, tokens, ret);
if (ret < 0)
{
fprintf(stderr, "invalid JSON(2) -> closing\n");
return 2;
}
+#if defined(HAVE_C_ARES) || defined(HAVE_MAXMINDDB)
+ host_name_lookup_process();
+#endif
+
sharkd_session_process(buf, tokens, ret);
}