* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ * SPDX-License-Identifier: GPL-2.0-or-later
*/
#include <config.h>
#include <glib.h>
-#include <wsutil/wsjsmn.h>
+#include <wsutil/wsjson.h>
#include <wsutil/ws_printf.h>
#include <file.h>
+#include <epan/epan_dissect.h>
#include <epan/exceptions.h>
#include <epan/color_filters.h>
#include <epan/prefs.h>
#include <epan/column.h>
+#include <ui/ssl_key_export.h>
+
+#include <ui/io_graph_item.h>
#include <epan/stats_tree_priv.h>
#include <epan/stat_tap_ui.h>
#include <epan/conversation_table.h>
+#include <epan/sequence_analysis.h>
+#include <epan/expert.h>
#include <epan/export_object.h>
#include <epan/follow.h>
+#include <epan/rtd_table.h>
+#include <epan/srt_table.h>
#include <epan/dissectors/packet-h225.h>
#include <epan/rtp_pt.h>
#include <ui/voip_calls.h>
#include <ui/rtp_stream.h>
#include <ui/tap-rtp-common.h>
+#include <ui/tap-rtp-analysis.h>
#include <epan/to_str.h>
-#ifdef HAVE_GEOIP
-# include <GeoIP.h>
-# include <epan/geoip_db.h>
-# include <wsutil/pint.h>
-#endif
+#include <epan/addr_resolv.h>
+#include <epan/dissectors/packet-rtp.h>
+#include <ui/rtp_media.h>
+#ifdef HAVE_SPEEXDSP
+# include <speex/speex_resampler.h>
+#else
+# include <codecs/speex/speex_resampler.h>
+#endif /* HAVE_SPEEXDSP */
-#include <wsutil/glib-compat.h>
+#include <epan/maxmind_db.h>
+
+#include <wsutil/pint.h>
#include <wsutil/strtoi.h>
+#include "globals.h"
+
#include "sharkd.h"
-static void
-json_unescape_str(char *input)
+struct sharkd_filter_item
{
- char *output = input;
-
- while (*input)
- {
- char ch = *input++;
-
- if (ch == '\\')
- {
- /* TODO, add more escaping rules */
- ch = *input++;
- }
+ guint8 *filtered;
+};
- *output = ch;
- output++;
- }
+static GHashTable *filter_table = NULL;
- *output = '\0';
+static gboolean
+json_unescape_str(char *input)
+{
+ return wsjson_unescape_json_string(input, input);
}
static const char *
}
static void
-json_print_base64(const guint8 *data, int len)
+json_print_base64_step(const guint8 *data, int *state1, int *state2)
{
- int i;
- int base64_state1 = 0;
- int base64_state2 = 0;
- gsize wrote;
gchar buf[(1 / 3 + 1) * 4 + 4 + 1];
+ gsize wrote;
- putchar('"');
-
- for (i = 0; i < len; i++)
- {
- wrote = g_base64_encode_step(&data[i], 1, FALSE, buf, &base64_state1, &base64_state2);
- if (wrote > 0)
- {
- buf[wrote] = '\0';
- printf("%s", buf);
- }
- }
+ if (data)
+ wrote = g_base64_encode_step(data, 1, FALSE, buf, state1, state2);
+ else
+ wrote = g_base64_encode_close(FALSE, buf, state1, state2);
- wrote = g_base64_encode_close(FALSE, buf, &base64_state1, &base64_state2);
if (wrote > 0)
{
buf[wrote] = '\0';
printf("%s", buf);
}
+}
+
+static void
+json_print_base64(const guint8 *data, size_t len)
+{
+ size_t i;
+ int base64_state1 = 0;
+ int base64_state2 = 0;
+
+ putchar('"');
+
+ for (i = 0; i < len; i++)
+ json_print_base64_step(&data[i], &base64_state1, &base64_state2);
+
+ json_print_base64_step(NULL, &base64_state1, &base64_state2);
putchar('"');
}
-struct filter_item
+static void
+sharkd_session_filter_free(gpointer data)
{
- struct filter_item *next;
-
- char *filter;
- guint8 *filtered;
-};
+ struct sharkd_filter_item *l = (struct sharkd_filter_item *) data;
-static struct filter_item *filter_list = NULL;
+ g_free(l->filtered);
+ g_free(l);
+}
static const guint8 *
sharkd_session_filter_data(const char *filter)
{
- struct filter_item *l;
-
- for (l = filter_list; l; l = l->next)
- {
- if (!strcmp(l->filter, filter))
- return l->filtered;
- }
+ struct sharkd_filter_item *l;
+ l = (struct sharkd_filter_item *) g_hash_table_lookup(filter_table, filter);
+ if (!l)
{
guint8 *filtered = NULL;
if (ret == -1)
return NULL;
- l = (struct filter_item *) g_malloc(sizeof(struct filter_item));
- l->filter = g_strdup(filter);
+ l = (struct sharkd_filter_item *) g_malloc(sizeof(struct sharkd_filter_item));
l->filtered = filtered;
- l->next = filter_list;
- filter_list = l;
-
- return filtered;
+ g_hash_table_insert(filter_table, g_strdup(filter), l);
}
+
+ return l->filtered;
+}
+
+static gboolean
+sharkd_rtp_match_init(rtpstream_id_t *id, const char *init_str)
+{
+ gboolean ret = FALSE;
+ char **arr;
+ guint32 tmp_addr_src, tmp_addr_dst;
+ address tmp_src_addr, tmp_dst_addr;
+
+ memset(id, 0, sizeof(*id));
+
+ arr = g_strsplit(init_str, "_", 7); /* pass larger value, so we'll catch incorrect input :) */
+ if (g_strv_length(arr) != 5)
+ goto fail;
+
+ /* TODO, for now only IPv4 */
+ if (!get_host_ipaddr(arr[0], &tmp_addr_src))
+ goto fail;
+
+ if (!ws_strtou16(arr[1], NULL, &id->src_port))
+ goto fail;
+
+ if (!get_host_ipaddr(arr[2], &tmp_addr_dst))
+ goto fail;
+
+ if (!ws_strtou16(arr[3], NULL, &id->dst_port))
+ goto fail;
+
+ if (!ws_hexstrtou32(arr[4], NULL, &id->ssrc))
+ goto fail;
+
+ set_address(&tmp_src_addr, AT_IPv4, 4, &tmp_addr_src);
+ copy_address(&id->src_addr, &tmp_src_addr);
+ set_address(&tmp_dst_addr, AT_IPv4, 4, &tmp_addr_dst);
+ copy_address(&id->dst_addr, &tmp_dst_addr);
+
+ ret = TRUE;
+
+fail:
+ g_strfreev(arr);
+ return ret;
+}
+
+static gboolean
+sharkd_session_process_info_nstat_cb(const void *key, void *value, void *userdata)
+{
+ stat_tap_table_ui *stat_tap = (stat_tap_table_ui *) value;
+ int *pi = (int *) userdata;
+
+ printf("%s{", (*pi) ? "," : "");
+ printf("\"name\":\"%s\"", stat_tap->title);
+ printf(",\"tap\":\"nstat:%s\"", (const char *) key);
+ printf("}");
+
+ *pi = *pi + 1;
+ return FALSE;
}
static gboolean
struct register_ct *table = (struct register_ct *) value;
int *pi = (int *) userdata;
- const char *label = (const char*)key;
+ const char *label = (const char *) key;
if (get_conversation_packet_func(table))
{
return FALSE;
}
+static gboolean
+sharkd_session_seq_analysis_cb(const void *key, void *value, void *userdata)
+{
+ register_analysis_t *analysis = (register_analysis_t *) value;
+ int *pi = (int *) userdata;
+
+ printf("%s{", (*pi) ? "," : "");
+ printf("\"name\":\"%s\"", sequence_analysis_get_ui_name(analysis));
+ printf(",\"tap\":\"seqa:%s\"", (const char *) key);
+ printf("}");
+
+ *pi = *pi + 1;
+ return FALSE;
+}
+
static gboolean
sharkd_export_object_visit_cb(const void *key _U_, void *value, void *user_data)
{
- register_eo_t *eo = (register_eo_t*)value;
+ register_eo_t *eo = (register_eo_t *) value;
int *pi = (int *) user_data;
const int proto_id = get_eo_proto_id(eo);
return FALSE;
}
+static gboolean
+sharkd_srt_visit_cb(const void *key _U_, void *value, void *user_data)
+{
+ register_srt_t *srt = (register_srt_t *) value;
+ int *pi = (int *) user_data;
+
+ const int proto_id = get_srt_proto_id(srt);
+ const char *filter = proto_get_protocol_filter_name(proto_id);
+ const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
+
+ printf("%s{", (*pi) ? "," : "");
+ printf("\"name\":\"Service Response Time/%s\"", label);
+ printf(",\"tap\":\"srt:%s\"", filter);
+ printf("}");
+
+ *pi = *pi + 1;
+ return FALSE;
+}
+
+static gboolean
+sharkd_rtd_visit_cb(const void *key _U_, void *value, void *user_data)
+{
+ register_rtd_t *rtd = (register_rtd_t *) value;
+ int *pi = (int *) user_data;
+
+ const int proto_id = get_rtd_proto_id(rtd);
+ const char *filter = proto_get_protocol_filter_name(proto_id);
+ const char *label = proto_get_protocol_short_name(find_protocol_by_id(proto_id));
+
+ printf("%s{", (*pi) ? "," : "");
+ printf("\"name\":\"Response Time Delay/%s\"", label);
+ printf(",\"tap\":\"rtd:%s\"", filter);
+ printf("}");
+
+ *pi = *pi + 1;
+ return FALSE;
+}
+
static gboolean
sharkd_follower_visit_cb(const void *key _U_, void *value, void *user_data)
{
- register_follow_t *follower = (register_follow_t*) value;
+ register_follow_t *follower = (register_follow_t *) value;
int *pi = (int *) user_data;
const int proto_id = get_follow_proto_id(follower);
*
* (m) eo - available export object list, array of object with attributes:
* 'name' - export object name
- * 'tap' - sharkd tap-name for conversation
+ * 'tap' - sharkd tap-name for eo
+ *
+ * (m) srt - available service response time list, array of object with attributes:
+ * 'name' - service response time name
+ * 'tap' - sharkd tap-name for srt
+ *
+ * (m) rtd - available response time delay list, array of object with attributes:
+ * 'name' - response time delay name
+ * 'tap' - sharkd tap-name for rtd
+ *
+ * (m) seqa - available sequence analysis (flow) list, array of object with attributes:
+ * 'name' - sequence analysis name
+ * 'tap' - sharkd tap-name
*
* (m) taps - available taps, array of object with attributes:
* 'name' - tap name
* 'tap' - sharkd tap-name
-
+ *
* (m) follow - available followers, array of object with attributes:
* 'name' - tap name
* 'tap' - sharkd tap-name
printf(",\"version\":");
json_puts_string(sharkd_version());
+ printf(",\"nstat\":[");
+ i = 0;
+ stat_tap_iterate_tables(sharkd_session_process_info_nstat_cb, &i);
+ printf("]");
+
printf(",\"convs\":[");
i = 0;
conversation_table_iterate_tables(sharkd_session_process_info_conv_cb, &i);
printf("]");
+ printf(",\"seqa\":[");
+ i = 0;
+ sequence_analysis_table_iterate_tables(sharkd_session_seq_analysis_cb, &i);
+ printf("]");
+
printf(",\"taps\":[");
{
printf("{\"name\":\"%s\",\"tap\":\"%s\"}", "RTP streams", "rtp-streams");
+ printf(",{\"name\":\"%s\",\"tap\":\"%s\"}", "Expert Information", "expert");
}
printf("]");
eo_iterate_tables(sharkd_export_object_visit_cb, &i);
printf("]");
+ printf(",\"srt\":[");
+ i = 0;
+ srt_table_iterate_tables(sharkd_srt_visit_cb, &i);
+ printf("]");
+
+ printf(",\"rtd\":[");
+ i = 0;
+ rtd_table_iterate_tables(sharkd_rtd_visit_cb, &i);
+ printf("]");
+
printf(",\"follow\":[");
i = 0;
follow_iterate_followers(sharkd_follower_visit_cb, &i);
* Process status request
*
* Output object with attributes:
- * (m) frames - count of currently loaded frames
+ * (m) frames - count of currently loaded frames
+ * (m) duration - time difference between time of first frame, and last loaded frame
+ * (o) filename - capture filename
+ * (o) filesize - capture filesize
*/
static void
sharkd_session_process_status(void)
{
- printf("{\"frames\":%d", cfile.count);
+ printf("{\"frames\":%u", cfile.count);
+
+ printf(",\"duration\":%.9f", nstime_to_sec(&cfile.elapsed_time));
+
+ if (cfile.filename)
+ {
+ char *name = g_path_get_basename(cfile.filename);
+
+ printf(",\"filename\":");
+ json_puts_string(name);
+ g_free(name);
+ }
+
+ if (cfile.provider.wth)
+ {
+ gint64 file_size = wtap_file_size(cfile.provider.wth, NULL);
+
+ if (file_size > 0)
+ printf(",\"filesize\":%" G_GINT64_FORMAT, file_size);
+ }
printf("}\n");
}
};
static void
-sharkd_session_process_analyse_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
+sharkd_session_process_analyse_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
{
struct sharkd_analyse_data *analyser = (struct sharkd_analyse_data *) data;
+ packet_info *pi = &edt->pi;
frame_data *fdata = pi->fd;
(void) tree;
analyser.last_time = NULL;
analyser.protocols_set = g_hash_table_new(NULL /* g_direct_hash() */, NULL /* g_direct_equal */);
- printf("{\"frames\":%d", cfile.count);
+ printf("{\"frames\":%u", cfile.count);
printf(",\"protocols\":[");
for (framenum = 1; framenum <= cfile.count; framenum++)
- sharkd_dissect_request(framenum, &sharkd_session_process_analyse_cb, 0, 0, 0, &analyser);
+ sharkd_dissect_request(framenum, (framenum != 1) ? 1 : 0, framenum - 1, &sharkd_session_process_analyse_cb, SHARKD_DISSECT_FLAG_NULL, &analyser);
printf("]");
if (analyser.first_time)
g_hash_table_destroy(analyser.protocols_set);
}
+static column_info *
+sharkd_session_create_columns(column_info *cinfo, const char *buf, const jsmntok_t *tokens, int count)
+{
+ const char *columns_custom[32];
+ guint16 columns_fmt[32];
+ gint16 columns_occur[32];
+
+ int i, cols;
+
+ for (i = 0; i < 32; i++)
+ {
+ const char *tok_column;
+ char tok_column_name[64];
+ char *custom_sepa;
+
+ ws_snprintf(tok_column_name, sizeof(tok_column_name), "column%d", i);
+ tok_column = json_find_attr(buf, tokens, count, tok_column_name);
+ if (tok_column == NULL)
+ break;
+
+ columns_custom[i] = NULL;
+ columns_occur[i] = 0;
+
+ if ((custom_sepa = strchr(tok_column, ':')))
+ {
+ *custom_sepa = '\0'; /* XXX, C abuse: discarding-const */
+
+ columns_fmt[i] = COL_CUSTOM;
+ columns_custom[i] = tok_column;
+
+ if (!ws_strtoi16(custom_sepa + 1, NULL, &columns_occur[i]))
+ return NULL;
+ }
+ else
+ {
+ if (!ws_strtou16(tok_column, NULL, &columns_fmt[i]))
+ return NULL;
+
+ if (columns_fmt[i] >= NUM_COL_FMTS)
+ return NULL;
+
+ /* if custom, that it shouldn't be just custom number -> error */
+ if (columns_fmt[i] == COL_CUSTOM)
+ return NULL;
+ }
+ }
+
+ cols = i;
+
+ col_setup(cinfo, cols);
+
+ for (i = 0; i < cols; i++)
+ {
+ col_item_t *col_item = &cinfo->columns[i];
+
+ col_item->col_fmt = columns_fmt[i];
+ col_item->col_title = NULL; /* no need for title */
+
+ if (col_item->col_fmt == COL_CUSTOM)
+ {
+ col_item->col_custom_fields = g_strdup(columns_custom[i]);
+ col_item->col_custom_occurrence = columns_occur[i];
+ }
+
+ col_item->col_fence = 0;
+ }
+
+ col_finalize(cinfo);
+
+ return cinfo;
+}
+
/**
* sharkd_session_process_frames()
*
* Process frames request
*
* Input:
+ * (o) column0...columnXX - requested columns either number in range [0..NUM_COL_FMTS), or custom (syntax <dfilter>:<occurence>).
+ * If column0 is not specified default column set will be used.
* (o) filter - filter to be used
- * (o) range - packet range to be used [TODO]
+ * (o) skip=N - skip N frames
+ * (o) limit=N - show only N frames
+ * (o) refs - list (comma separated) with sorted time reference frame numbers.
*
* Output array of frames with attributes:
* (m) c - array of column data
* (m) num - frame number
- * (m) i - if frame is ignored
- * (m) m - if frame is marked
- * (m) bg - color filter - background color in hex
- * (m) fg - color filter - foreground color in hex
+ * (o) i - if frame is ignored
+ * (o) m - if frame is marked
+ * (o) ct - if frame is commented
+ * (o) bg - color filter - background color in hex
+ * (o) fg - color filter - foreground color in hex
*/
static void
sharkd_session_process_frames(const char *buf, const jsmntok_t *tokens, int count)
{
const char *tok_filter = json_find_attr(buf, tokens, count, "filter");
+ const char *tok_column = json_find_attr(buf, tokens, count, "column0");
+ const char *tok_skip = json_find_attr(buf, tokens, count, "skip");
+ const char *tok_limit = json_find_attr(buf, tokens, count, "limit");
+ const char *tok_refs = json_find_attr(buf, tokens, count, "refs");
const guint8 *filter_data = NULL;
const char *frame_sepa = "";
- unsigned int framenum;
int col;
+ guint32 framenum, prev_dis_num = 0;
+ guint32 current_ref_frame = 0, next_ref_frame = G_MAXUINT32;
+ guint32 skip;
+ guint32 limit;
+
column_info *cinfo = &cfile.cinfo;
+ column_info user_cinfo;
+
+ if (tok_column)
+ {
+ memset(&user_cinfo, 0, sizeof(user_cinfo));
+ cinfo = sharkd_session_create_columns(&user_cinfo, buf, tokens, count);
+ if (!cinfo)
+ return;
+ }
if (tok_filter)
{
return;
}
+ skip = 0;
+ if (tok_skip)
+ {
+ if (!ws_strtou32(tok_skip, NULL, &skip))
+ return;
+ }
+
+ limit = 0;
+ if (tok_limit)
+ {
+ if (!ws_strtou32(tok_limit, NULL, &limit))
+ return;
+ }
+
+ if (tok_refs)
+ {
+ if (!ws_strtou32(tok_refs, &tok_refs, &next_ref_frame))
+ return;
+ }
+
printf("[");
for (framenum = 1; framenum <= cfile.count; framenum++)
{
- frame_data *fdata = frame_data_sequence_find(cfile.frames, framenum);
+ frame_data *fdata;
+ guint32 ref_frame = (framenum != 1) ? 1 : 0;
if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
continue;
- sharkd_dissect_columns(framenum, cinfo, (fdata->color_filter == NULL));
+ if (skip)
+ {
+ skip--;
+ prev_dis_num = framenum;
+ continue;
+ }
+
+ if (tok_refs)
+ {
+ if (framenum >= next_ref_frame)
+ {
+ current_ref_frame = next_ref_frame;
+
+ if (*tok_refs != ',')
+ next_ref_frame = G_MAXUINT32;
+
+ while (*tok_refs == ',' && framenum >= next_ref_frame)
+ {
+ current_ref_frame = next_ref_frame;
+
+ if (!ws_strtou32(tok_refs + 1, &tok_refs, &next_ref_frame))
+ {
+ fprintf(stderr, "sharkd_session_process_frames() wrong format for refs: %s\n", tok_refs);
+ break;
+ }
+ }
+ }
+
+ if (current_ref_frame)
+ ref_frame = current_ref_frame;
+ }
+
+ fdata = sharkd_get_frame(framenum);
+ sharkd_dissect_columns(fdata, ref_frame, prev_dis_num, cinfo, (fdata->color_filter == NULL));
printf("%s{\"c\":[", frame_sepa);
for (col = 0; col < cinfo->num_cols; ++col)
}
printf("],\"num\":%u", framenum);
+ if (fdata->flags.has_user_comment || fdata->flags.has_phdr_comment)
+ {
+ if (!fdata->flags.has_user_comment || sharkd_get_user_comment(fdata) != NULL)
+ printf(",\"ct\":true");
+ }
+
if (fdata->flags.ignored)
printf(",\"i\":true");
printf("}");
frame_sepa = ",";
+ prev_dis_num = framenum;
+
+ if (limit && --limit == 0)
+ break;
}
printf("]\n");
{
/* code based on stats_tree_get_values_from_node() */
printf("%s{\"name\":\"%s\"", sepa, node->name);
- printf(",\"count\":%u", node->counter);
+ printf(",\"count\":%d", node->counter);
if (node->counter && ((node->st_flags & ST_FLG_AVERAGE) || node->rng))
{
printf(",\"avg\":%.2f", ((float)node->total) / node->counter);
- printf(",\"min\":%u", node->minvalue);
- printf(",\"max\":%u", node->maxvalue);
+ printf(",\"min\":%d", node->minvalue);
+ printf(",\"max\":%d", node->maxvalue);
}
if (node->st->elapsed)
stats_tree_free(st);
}
-struct sharkd_conv_tap_data
+struct sharkd_expert_tap
{
- const char *type;
- conv_hash_t hash;
- gboolean resolve_name;
- gboolean resolve_port;
+ GSList *details;
+ GStringChunk *text;
};
-static int
-sharkd_session_geoip_addr(address *addr, const char *suffix)
+/**
+ * sharkd_session_process_tap_expert_cb()
+ *
+ * Output expert tap:
+ *
+ * (m) tap - tap name
+ * (m) type:expert - tap output type
+ * (m) details - array of object with attributes:
+ * (m) f - frame number, which generated expert information
+ * (o) s - severity
+ * (o) g - group
+ * (m) m - expert message
+ * (o) p - protocol
+ */
+static void
+sharkd_session_process_tap_expert_cb(void *tapdata)
{
- int with_geoip = 0;
+ struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
+ GSList *list;
+ const char *sepa = "";
- (void) addr;
- (void) suffix;
+ printf("{\"tap\":\"%s\",\"type\":\"%s\"", "expert", "expert");
-#ifdef HAVE_GEOIP
- if (addr->type == AT_IPv4)
+ printf(",\"details\":[");
+ for (list = etd->details; list; list = list->next)
{
- guint32 ip = pntoh32(addr->data);
+ expert_info_t *ei = (expert_info_t *) list->data;
+ const char *tmp;
- guint num_dbs = geoip_db_num_dbs();
- guint dbnum;
+ printf("%s{", sepa);
+
+ printf("\"f\":%u,", ei->packet_num);
+
+ tmp = try_val_to_str(ei->severity, expert_severity_vals);
+ if (tmp)
+ printf("\"s\":\"%s\",", tmp);
+
+ tmp = try_val_to_str(ei->group, expert_group_vals);
+ if (tmp)
+ printf("\"g\":\"%s\",", tmp);
- for (dbnum = 0; dbnum < num_dbs; dbnum++)
+ printf("\"m\":");
+ json_puts_string(ei->summary);
+ printf(",");
+
+ if (ei->protocol)
{
- const char *geoip_key = NULL;
- char *geoip_val;
+ printf("\"p\":");
+ json_puts_string(ei->protocol);
+ }
- int db_type = geoip_db_type(dbnum);
+ printf("}");
+ sepa = ",";
+ }
+ printf("]");
- switch (db_type)
- {
- case GEOIP_COUNTRY_EDITION:
- geoip_key = "geoip_country";
- break;
+ printf("},");
+}
- case GEOIP_CITY_EDITION_REV0:
- case GEOIP_CITY_EDITION_REV1:
- geoip_key = "geoip_city";
- break;
+static gboolean
+sharkd_session_packet_tap_expert_cb(void *tapdata, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *pointer)
+{
+ struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
+ const expert_info_t *ei = (const expert_info_t *) pointer;
+ expert_info_t *ei_copy;
- case GEOIP_ORG_EDITION:
- geoip_key = "geoip_org";
- break;
+ if (ei == NULL)
+ return FALSE;
- case GEOIP_ISP_EDITION:
- geoip_key = "geoip_isp";
- break;
+ ei_copy = g_new(expert_info_t, 1);
+ /* Note: this is a shallow copy */
+ *ei_copy = *ei;
- case GEOIP_ASNUM_EDITION:
- geoip_key = "geoip_as";
- break;
+ /* ei->protocol, ei->summary might be allocated in packet scope, make a copy. */
+ ei_copy->protocol = g_string_chunk_insert_const(etd->text, ei_copy->protocol);
+ ei_copy->summary = g_string_chunk_insert_const(etd->text, ei_copy->summary);
- case WS_LAT_FAKE_EDITION:
- geoip_key = "geoip_lat";
- break;
+ etd->details = g_slist_prepend(etd->details, ei_copy);
- case WS_LON_FAKE_EDITION:
- geoip_key = "geoip_lon";
- break;
- }
+ return TRUE;
+}
- if (geoip_key && (geoip_val = geoip_db_lookup_ipv4(dbnum, ip, NULL)))
- {
- printf(",\"%s%s\":", geoip_key, suffix);
- json_puts_string(geoip_val);
- with_geoip = 1;
- }
- }
+static void
+sharkd_session_free_tap_expert_cb(void *tapdata)
+{
+ struct sharkd_expert_tap *etd = (struct sharkd_expert_tap *) tapdata;
+
+ g_slist_free_full(etd->details, g_free);
+ g_string_chunk_free(etd->text);
+ g_free(etd);
+}
+
+/**
+ * sharkd_session_process_tap_flow_cb()
+ *
+ * Output flow tap:
+ * (m) tap - tap name
+ * (m) type:flow - tap output type
+ * (m) nodes - array of strings with node address
+ * (m) flows - array of object with attributes:
+ * (m) t - frame time string
+ * (m) n - array of two numbers with source node index and destination node index
+ * (m) pn - array of two numbers with source and destination port
+ * (o) c - comment
+ */
+static void
+sharkd_session_process_tap_flow_cb(void *tapdata)
+{
+ seq_analysis_info_t *graph_analysis = (seq_analysis_info_t *) tapdata;
+ GList *flow_list;
+ guint i;
+
+ const char *sepa = "";
+
+ sequence_analysis_get_nodes(graph_analysis);
+
+ printf("{\"tap\":\"seqa:%s\",\"type\":\"%s\"", graph_analysis->name, "flow");
+
+ printf(",\"nodes\":[");
+ for (i = 0; i < graph_analysis->num_nodes; i++)
+ {
+ char *addr_str;
+
+ if (i)
+ printf(",");
+
+ addr_str = address_to_display(NULL, &(graph_analysis->nodes[i]));
+ json_puts_string(addr_str);
+ wmem_free(NULL, addr_str);
}
-#ifdef HAVE_GEOIP_V6
- if (addr->type == AT_IPv6)
+ printf("]");
+
+ printf(",\"flows\":[");
+
+ flow_list = g_queue_peek_nth_link(graph_analysis->items, 0);
+ while (flow_list)
{
- const struct e_in6_addr *ip6 = (const struct e_in6_addr *) addr->data;
+ seq_analysis_item_t *sai = (seq_analysis_item_t *) flow_list->data;
- guint num_dbs = geoip_db_num_dbs();
- guint dbnum;
+ flow_list = g_list_next(flow_list);
- for (dbnum = 0; dbnum < num_dbs; dbnum++)
+ if (!sai->display)
+ continue;
+
+ printf("%s{", sepa);
+
+ printf("\"t\":\"%s\"", sai->time_str);
+ printf(",\"n\":[%u,%u]", sai->src_node, sai->dst_node);
+ printf(",\"pn\":[%u,%u]", sai->port_src, sai->port_dst);
+
+ if (sai->comment)
{
- const char *geoip_key = NULL;
- char *geoip_val;
+ printf(",\"c\":");
+ json_puts_string(sai->comment);
+ }
- int db_type = geoip_db_type(dbnum);
+ printf("}");
+ sepa = ",";
+ }
- switch (db_type)
- {
- case GEOIP_COUNTRY_EDITION_V6:
- geoip_key = "geoip_country";
- break;
-#if NUM_DB_TYPES > 31
- case GEOIP_CITY_EDITION_REV0_V6:
- case GEOIP_CITY_EDITION_REV1_V6:
- geoip_key = "geoip_city";
- break;
+ printf("]");
- case GEOIP_ORG_EDITION_V6:
- geoip_key = "geoip_org";
- break;
+ printf("},");
+}
- case GEOIP_ISP_EDITION_V6:
- geoip_key = "geoip_isp";
- break;
+static void
+sharkd_session_free_tap_flow_cb(void *tapdata)
+{
+ seq_analysis_info_t *graph_analysis = (seq_analysis_info_t *) tapdata;
- case GEOIP_ASNUM_EDITION_V6:
- geoip_key = "geoip_as";
- break;
-#endif /* DB_NUM_TYPES */
- case WS_LAT_FAKE_EDITION:
- geoip_key = "geoip_lat";
- break;
+ sequence_analysis_info_free(graph_analysis);
+}
- case WS_LON_FAKE_EDITION:
- geoip_key = "geoip_lon";
- break;
- }
+struct sharkd_conv_tap_data
+{
+ const char *type;
+ conv_hash_t hash;
+ gboolean resolve_name;
+ gboolean resolve_port;
+};
- if (geoip_key && (geoip_val = geoip_db_lookup_ipv6(dbnum, *ip6, NULL)))
- {
- printf(",\"%s%s\":", geoip_key, suffix);
- json_puts_string(geoip_val);
- with_geoip = 1;
- }
- }
+static gboolean
+sharkd_session_geoip_addr(address *addr, const char *suffix)
+{
+ const mmdb_lookup_t *lookup = NULL;
+ gboolean with_geoip = FALSE;
+
+ if (addr->type == AT_IPv4)
+ {
+ guint32 ip;
+
+ memcpy(&ip, addr->data, 4);
+ lookup = maxmind_db_lookup_ipv4(ip);
+ }
+ else if (addr->type == AT_IPv6)
+ {
+ const ws_in6_addr *ip6 = (const ws_in6_addr *) addr->data;
+
+ lookup = maxmind_db_lookup_ipv6(ip6);
+ }
+
+ if (!lookup || !lookup->found)
+ return FALSE;
+
+ if (lookup->country)
+ {
+ printf(",\"geoip_country%s\":", suffix);
+ json_puts_string(lookup->country);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->country_iso)
+ {
+ printf(",\"geoip_country_iso%s\":", suffix);
+ json_puts_string(lookup->country_iso);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->city)
+ {
+ printf(",\"geoip_city%s\":", suffix);
+ json_puts_string(lookup->city);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->as_org)
+ {
+ printf(",\"geoip_as_org%s\":", suffix);
+ json_puts_string(lookup->as_org);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->as_number > 0)
+ {
+ printf(",\"geoip_as%s\":%u", suffix, lookup->as_number);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->latitude >= -90.0 && lookup->latitude <= 90.0)
+ {
+ printf(",\"geoip_lat%s\":%f", suffix, lookup->latitude);
+ with_geoip = TRUE;
+ }
+
+ if (lookup->longitude >= -180.0 && lookup->longitude <= 180.0)
+ {
+ printf(",\"geoip_lon%s\":%f", suffix, lookup->longitude);
+ with_geoip = TRUE;
}
-#endif /* HAVE_GEOIP_V6 */
-#endif /* HAVE_GEOIP */
return with_geoip;
}
+struct sharkd_analyse_rtp_items
+{
+ guint32 frame_num;
+ guint32 sequence_num;
+
+ double delta;
+ double jitter;
+ double skew;
+ double bandwidth;
+ gboolean marker;
+
+ double arrive_offset;
+
+ /* from tap_rtp_stat_t */
+ guint32 flags;
+ guint16 pt;
+};
+
+struct sharkd_analyse_rtp
+{
+ const char *tap_name;
+ rtpstream_id_t id;
+
+ GSList *packets;
+ double start_time;
+ tap_rtp_stat_t statinfo;
+};
+
+static void
+sharkd_session_process_tap_rtp_free_cb(void *tapdata)
+{
+ struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
+
+ g_slist_free_full(rtp_req->packets, g_free);
+ g_free(rtp_req);
+}
+
+static gboolean
+sharkd_session_packet_tap_rtp_analyse_cb(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *pointer)
+{
+ struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
+ const struct _rtp_info *rtp_info = (const struct _rtp_info *) pointer;
+
+ if (rtpstream_id_equal_pinfo_rtp_info(&rtp_req->id, pinfo, rtp_info))
+ {
+ tap_rtp_stat_t *statinfo = &(rtp_req->statinfo);
+ struct sharkd_analyse_rtp_items *item;
+
+ rtppacket_analyse(statinfo, pinfo, rtp_info);
+
+ item = (struct sharkd_analyse_rtp_items *) g_malloc(sizeof(struct sharkd_analyse_rtp_items));
+
+ if (!rtp_req->packets)
+ rtp_req->start_time = nstime_to_sec(&pinfo->abs_ts);
+
+ item->frame_num = pinfo->num;
+ item->sequence_num = rtp_info->info_seq_num;
+ item->delta = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->delta;
+ item->jitter = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->jitter;
+ item->skew = (statinfo->flags & STAT_FLAG_FIRST) ? 0.0 : statinfo->skew;
+ item->bandwidth = statinfo->bandwidth;
+ item->marker = rtp_info->info_marker_set ? TRUE : FALSE;
+ item->arrive_offset= nstime_to_sec(&pinfo->abs_ts) - rtp_req->start_time;
+
+ item->flags = statinfo->flags;
+ item->pt = statinfo->pt;
+
+ /* XXX, O(n) optimize */
+ rtp_req->packets = g_slist_append(rtp_req->packets, item);
+ }
+
+ return TRUE;
+}
+
+/**
+ * sharkd_session_process_tap_rtp_analyse_cb()
+ *
+ * Output rtp analyse tap:
+ * (m) tap - tap name
+ * (m) type - tap output type
+ * (m) ssrc - RTP SSRC
+ * (m) max_delta - Max delta (ms)
+ * (m) max_delta_nr - Max delta packet #
+ * (m) max_jitter - Max jitter (ms)
+ * (m) mean_jitter - Mean jitter (ms)
+ * (m) max_skew - Max skew (ms)
+ * (m) total_nr - Total number of RTP packets
+ * (m) seq_err - Number of sequence errors
+ * (m) duration - Duration (ms)
+ * (m) items - array of object with attributes:
+ * (m) f - frame number
+ * (m) o - arrive offset
+ * (m) sn - sequence number
+ * (m) d - delta
+ * (m) j - jitter
+ * (m) sk - skew
+ * (m) bw - bandwidth
+ * (o) s - status string
+ * (o) t - status type
+ * (o) mark - rtp mark
+ */
+static void
+sharkd_session_process_tap_rtp_analyse_cb(void *tapdata)
+{
+ const int RTP_TYPE_CN = 1;
+ const int RTP_TYPE_ERROR = 2;
+ const int RTP_TYPE_WARN = 3;
+ const int RTP_TYPE_PT_EVENT = 4;
+
+ const struct sharkd_analyse_rtp *rtp_req = (struct sharkd_analyse_rtp *) tapdata;
+ const tap_rtp_stat_t *statinfo = &rtp_req->statinfo;
+
+ const char *sepa = "";
+ GSList *l;
+
+ printf("{\"tap\":\"%s\",\"type\":\"rtp-analyse\"", rtp_req->tap_name);
+
+ printf(",\"ssrc\":%u", rtp_req->id.ssrc);
+
+ printf(",\"max_delta\":%f", statinfo->max_delta);
+ printf(",\"max_delta_nr\":%u", statinfo->max_nr);
+ printf(",\"max_jitter\":%f", statinfo->max_jitter);
+ printf(",\"mean_jitter\":%f", statinfo->mean_jitter);
+ printf(",\"max_skew\":%f", statinfo->max_skew);
+ printf(",\"total_nr\":%u", statinfo->total_nr);
+ printf(",\"seq_err\":%u", statinfo->sequence);
+ printf(",\"duration\":%f", statinfo->time - statinfo->start_time);
+
+ printf(",\"items\":[");
+ for (l = rtp_req->packets; l; l = l->next)
+ {
+ struct sharkd_analyse_rtp_items *item = (struct sharkd_analyse_rtp_items *) l->data;
+
+ printf("%s{", sepa);
+
+ printf("\"f\":%u", item->frame_num);
+ printf(",\"o\":%.9f", item->arrive_offset);
+ printf(",\"sn\":%u", item->sequence_num);
+ printf(",\"d\":%.2f", item->delta);
+ printf(",\"j\":%.2f", item->jitter);
+ printf(",\"sk\":%.2f", item->skew);
+ printf(",\"bw\":%.2f", item->bandwidth);
+
+ if (item->pt == PT_CN)
+ printf(",\"s\":\"%s\",\"t\":%d", "Comfort noise (PT=13, RFC 3389)", RTP_TYPE_CN);
+ else if (item->pt == PT_CN_OLD)
+ printf(",\"s\":\"%s\",\"t\":%d", "Comfort noise (PT=19, reserved)", RTP_TYPE_CN);
+ else if (item->flags & STAT_FLAG_WRONG_SEQ)
+ printf(",\"s\":\"%s\",\"t\":%d", "Wrong sequence number", RTP_TYPE_ERROR);
+ else if (item->flags & STAT_FLAG_DUP_PKT)
+ printf(",\"s\":\"%s\",\"t\":%d", "Suspected duplicate (MAC address) only delta time calculated", RTP_TYPE_WARN);
+ else if (item->flags & STAT_FLAG_REG_PT_CHANGE)
+ printf(",\"s\":\"Payload changed to PT=%u%s\",\"t\":%d",
+ item->pt,
+ (item->flags & STAT_FLAG_PT_T_EVENT) ? " telephone/event" : "",
+ RTP_TYPE_WARN);
+ else if (item->flags & STAT_FLAG_WRONG_TIMESTAMP)
+ printf(",\"s\":\"%s\",\"t\":%d", "Incorrect timestamp", RTP_TYPE_WARN);
+ else if ((item->flags & STAT_FLAG_PT_CHANGE)
+ && !(item->flags & STAT_FLAG_FIRST)
+ && !(item->flags & STAT_FLAG_PT_CN)
+ && (item->flags & STAT_FLAG_FOLLOW_PT_CN)
+ && !(item->flags & STAT_FLAG_MARKER))
+ {
+ printf(",\"s\":\"%s\",\"t\":%d", "Marker missing?", RTP_TYPE_WARN);
+ }
+ else if (item->flags & STAT_FLAG_PT_T_EVENT)
+ printf(",\"s\":\"PT=%u telephone/event\",\"t\":%d", item->pt, RTP_TYPE_PT_EVENT);
+ else if (item->flags & STAT_FLAG_MARKER)
+ printf(",\"t\":%d", RTP_TYPE_WARN);
+
+ if (item->marker)
+ printf(",\"mark\":1");
+
+ printf("}");
+ sepa = ",";
+ }
+ printf("]");
+
+ printf("},");
+}
+
/**
* sharkd_session_process_tap_conv_cb()
*
if (proto_with_port)
{
- printf(",\"sport\":\"%s\"", (src_port = get_conversation_port(NULL, iui->src_port, iui->ptype, iu->resolve_port)));
- printf(",\"dport\":\"%s\"", (dst_port = get_conversation_port(NULL, iui->dst_port, iui->ptype, iu->resolve_port)));
+ printf(",\"sport\":\"%s\"", (src_port = get_conversation_port(NULL, iui->src_port, iui->etype, iu->resolve_port)));
+ printf(",\"dport\":\"%s\"", (dst_port = get_conversation_port(NULL, iui->dst_port, iui->etype, iu->resolve_port)));
wmem_free(NULL, src_port);
wmem_free(NULL, dst_port);
if (proto_with_port)
{
- printf(",\"port\":\"%s\"", (port_str = get_conversation_port(NULL, host->port, host->ptype, iu->resolve_port)));
+ printf(",\"port\":\"%s\"", (port_str = get_conversation_port(NULL, host->port, host->etype, iu->resolve_port)));
wmem_free(NULL, port_str);
}
reset_hostlist_table_data(hash);
}
- g_free(iu);
+ g_free(iu);
+}
+
+/**
+ * sharkd_session_process_tap_nstat_cb()
+ *
+ * Output nstat tap:
+ * (m) tap - tap name
+ * (m) type - tap output type
+ * (m) fields: array of objects with attributes:
+ * (m) c - name
+ *
+ * (m) tables: array of object with attributes:
+ * (m) t - table title
+ * (m) i - array of items
+ */
+static void
+sharkd_session_process_tap_nstat_cb(void *arg)
+{
+ stat_data_t *stat_data = (stat_data_t *) arg;
+ guint i, j, k;
+
+ printf("{\"tap\":\"nstat:%s\",\"type\":\"nstat\"", stat_data->stat_tap_data->cli_string);
+
+ printf(",\"fields\":[");
+ for (i = 0; i < stat_data->stat_tap_data->nfields; i++)
+ {
+ stat_tap_table_item *field = &(stat_data->stat_tap_data->fields[i]);
+
+ if (i)
+ printf(",");
+
+ printf("{");
+
+ printf("\"c\":");
+ json_puts_string(field->column_name);
+
+ printf("}");
+ }
+ printf("]");
+
+ printf(",\"tables\":[");
+ for (i = 0; i < stat_data->stat_tap_data->tables->len; i++)
+ {
+ stat_tap_table *table = g_array_index(stat_data->stat_tap_data->tables, stat_tap_table *, i);
+ const char *sepa = "";
+
+ if (i)
+ printf(",");
+
+ printf("{");
+
+ printf("\"t\":");
+ printf("\"%s\"", table->title);
+
+ printf(",\"i\":[");
+ for (j = 0; j < table->num_elements; j++)
+ {
+ stat_tap_table_item_type *field_data;
+
+ field_data = stat_tap_get_field_data(table, j, 0);
+ if (field_data == NULL || field_data->type == TABLE_ITEM_NONE) /* Nothing for us here */
+ continue;
+
+ printf("%s[", sepa);
+ for (k = 0; k < table->num_fields; k++)
+ {
+ field_data = stat_tap_get_field_data(table, j, k);
+
+ if (k)
+ printf(",");
+
+ switch (field_data->type)
+ {
+ case TABLE_ITEM_UINT:
+ printf("%u", field_data->value.uint_value);
+ break;
+
+ case TABLE_ITEM_INT:
+ printf("%d", field_data->value.int_value);
+ break;
+
+ case TABLE_ITEM_STRING:
+ json_puts_string(field_data->value.string_value);
+ break;
+
+ case TABLE_ITEM_FLOAT:
+ printf("%f", field_data->value.float_value);
+ break;
+
+ case TABLE_ITEM_ENUM:
+ printf("%d", field_data->value.enum_value);
+ break;
+
+ case TABLE_ITEM_NONE:
+ printf("null");
+ break;
+ }
+ }
+
+ printf("]");
+ sepa = ",";
+ }
+ printf("]");
+ printf("}");
+ }
+
+ printf("]},");
+}
+
+static void
+sharkd_session_free_tap_nstat_cb(void *arg)
+{
+ stat_data_t *stat_data = (stat_data_t *) arg;
+
+ free_stat_tables(stat_data->stat_tap_data);
+}
+
+/**
+ * sharkd_session_process_tap_rtd_cb()
+ *
+ * Output rtd tap:
+ * (m) tap - tap name
+ * (m) type - tap output type
+ * (m) stats - statistics rows - array object with attributes:
+ * (m) type - statistic name
+ * (m) num - number of messages
+ * (m) min - minimum SRT time
+ * (m) max - maximum SRT time
+ * (m) tot - total SRT time
+ * (m) min_frame - minimal SRT
+ * (m) max_frame - maximum SRT
+ * (o) open_req - Open Requests
+ * (o) disc_rsp - Discarded Responses
+ * (o) req_dup - Duplicated Requests
+ * (o) rsp_dup - Duplicated Responses
+ * (o) open_req - Open Requests
+ * (o) disc_rsp - Discarded Responses
+ * (o) req_dup - Duplicated Requests
+ * (o) rsp_dup - Duplicated Responses
+ */
+static void
+sharkd_session_process_tap_rtd_cb(void *arg)
+{
+ rtd_data_t *rtd_data = (rtd_data_t *) arg;
+ register_rtd_t *rtd = (register_rtd_t *) rtd_data->user_data;
+
+ guint i, j;
+
+ const char *filter = proto_get_protocol_filter_name(get_rtd_proto_id(rtd));
+
+ /* XXX, some dissectors are having single table and multiple timestats (mgcp, megaco),
+ * some multiple table and single timestat (radius, h225)
+ * and it seems that value_string is used one for timestamp-ID, other one for table-ID
+ * I wonder how it will gonna work with multiple timestats and multiple tables...
+ * (for usage grep for: register_rtd_table)
+ */
+ const value_string *vs = get_rtd_value_string(rtd);
+ const char *sepa = "";
+
+ printf("{\"tap\":\"rtd:%s\",\"type\":\"rtd\"", filter);
+
+ if (rtd_data->stat_table.num_rtds == 1)
+ {
+ const rtd_timestat *ms = &rtd_data->stat_table.time_stats[0];
+
+ printf(",\"open_req\":%u", ms->open_req_num);
+ printf(",\"disc_rsp\":%u", ms->disc_rsp_num);
+ printf(",\"req_dup\":%u", ms->req_dup_num);
+ printf(",\"rsp_dup\":%u", ms->rsp_dup_num);
+ }
+
+ printf(",\"stats\":[");
+ for (i = 0; i < rtd_data->stat_table.num_rtds; i++)
+ {
+ const rtd_timestat *ms = &rtd_data->stat_table.time_stats[i];
+
+ for (j = 0; j < ms->num_timestat; j++)
+ {
+ const char *type_str;
+
+ if (ms->rtd[j].num == 0)
+ continue;
+
+ printf("%s{", sepa);
+
+ if (rtd_data->stat_table.num_rtds == 1)
+ type_str = val_to_str_const(j, vs, "Other"); /* 1 table - description per row */
+ else
+ type_str = val_to_str_const(i, vs, "Other"); /* multiple table - description per table */
+ printf("\"type\":");
+ json_puts_string(type_str);
+
+ printf(",\"num\":%u", ms->rtd[j].num);
+ printf(",\"min\":%.9f", nstime_to_sec(&(ms->rtd[j].min)));
+ printf(",\"max\":%.9f", nstime_to_sec(&(ms->rtd[j].max)));
+ printf(",\"tot\":%.9f", nstime_to_sec(&(ms->rtd[j].tot)));
+ printf(",\"min_frame\":%u", ms->rtd[j].min_num);
+ printf(",\"max_frame\":%u", ms->rtd[j].max_num);
+
+ if (rtd_data->stat_table.num_rtds != 1)
+ {
+ /* like in tshark, display it on every row */
+ printf(",\"open_req\":%u", ms->open_req_num);
+ printf(",\"disc_rsp\":%u", ms->disc_rsp_num);
+ printf(",\"req_dup\":%u", ms->req_dup_num);
+ printf(",\"rsp_dup\":%u", ms->rsp_dup_num);
+ }
+
+ printf("}");
+ sepa = ",";
+ }
+ }
+ printf("]},");
+}
+
+static void
+sharkd_session_free_tap_rtd_cb(void *arg)
+{
+ rtd_data_t *rtd_data = (rtd_data_t *) arg;
+
+ free_rtd_table(&rtd_data->stat_table);
+ g_free(rtd_data);
+}
+
+/**
+ * sharkd_session_process_tap_srt_cb()
+ *
+ * Output srt tap:
+ * (m) tap - tap name
+ * (m) type - tap output type
+ *
+ * (m) tables - array of object with attributes:
+ * (m) n - table name
+ * (m) f - table filter
+ * (o) c - table column name
+ * (m) r - table rows - array object with attributes:
+ * (m) n - row name
+ * (m) idx - procedure index
+ * (m) num - number of events
+ * (m) min - minimum SRT time
+ * (m) max - maximum SRT time
+ * (m) tot - total SRT time
+ */
+static void
+sharkd_session_process_tap_srt_cb(void *arg)
+{
+ srt_data_t *srt_data = (srt_data_t *) arg;
+ register_srt_t *srt = (register_srt_t *) srt_data->user_data;
+
+ const char *filter = proto_get_protocol_filter_name(get_srt_proto_id(srt));
+
+ guint i;
+
+ printf("{\"tap\":\"srt:%s\",\"type\":\"srt\"", filter);
+
+ printf(",\"tables\":[");
+ for (i = 0; i < srt_data->srt_array->len; i++)
+ {
+ /* SRT table */
+ srt_stat_table *rst = g_array_index(srt_data->srt_array, srt_stat_table *, i);
+ const char *sepa = "";
+
+ int j;
+
+ if (i)
+ printf(",");
+ printf("{");
+
+ printf("\"n\":");
+ if (rst->name)
+ json_puts_string(rst->name);
+ else if (rst->short_name)
+ json_puts_string(rst->short_name);
+ else
+ printf("\"table%u\"", i);
+
+ if (rst->filter_string)
+ {
+ printf(",\"f\":");
+ json_puts_string(rst->filter_string);
+ }
+
+ if (rst->proc_column_name)
+ {
+ printf(",\"c\":");
+ json_puts_string(rst->proc_column_name);
+ }
+
+ printf(",\"r\":[");
+ for (j = 0; j < rst->num_procs; j++)
+ {
+ /* SRT row */
+ srt_procedure_t *proc = &rst->procedures[j];
+
+ if (proc->stats.num == 0)
+ continue;
+
+ printf("%s{", sepa);
+
+ printf("\"n\":");
+ json_puts_string(proc->procedure);
+
+ if (rst->filter_string)
+ printf(",\"idx\":%d", proc->proc_index);
+
+ printf(",\"num\":%u", proc->stats.num);
+
+ printf(",\"min\":%.9f", nstime_to_sec(&proc->stats.min));
+ printf(",\"max\":%.9f", nstime_to_sec(&proc->stats.max));
+ printf(",\"tot\":%.9f", nstime_to_sec(&proc->stats.tot));
+
+ printf("}");
+ sepa = ",";
+ }
+ printf("]}");
+ }
+
+ printf("]},");
+}
+
+static void
+sharkd_session_free_tap_srt_cb(void *arg)
+{
+ srt_data_t *srt_data = (srt_data_t *) arg;
+ register_srt_t *srt = (register_srt_t *) srt_data->user_data;
+
+ free_srt_table(srt, srt_data->srt_array);
+ g_array_free(srt_data->srt_array, TRUE);
+ g_free(srt_data);
}
struct sharkd_export_object_list
sharkd_session_process_tap_eo_cb(void *tapdata)
{
export_object_list_t *tap_object = (export_object_list_t *) tapdata;
- struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list*) tap_object->gui_data;
+ struct sharkd_export_object_list *object_list = (struct sharkd_export_object_list *) tap_object->gui_data;
GSList *slist;
int i = 0;
printf(",\"_download\":\"%s_%d\"", object_list->type, i);
- printf(",\"len\":%" G_GUINT64_FORMAT, eo_entry->payload_len);
+ printf(",\"len\":%" G_GINT64_FORMAT, eo_entry->payload_len);
printf("}");
printf(",\"streams\":[");
for (listx = g_list_first(rtp_tapinfo->strinfo_list); listx; listx = listx->next)
{
- rtp_stream_info_t *streaminfo = (rtp_stream_info_t *) listx->data;
+ rtpstream_info_calc_t calc;
+ rtpstream_info_t *streaminfo = (rtpstream_info_t *) listx->data;
- char *src_addr, *dst_addr;
- char *payload;
- guint32 expected;
+ rtpstream_info_calculate(streaminfo, &calc);
- src_addr = address_to_display(NULL, &(streaminfo->src_addr));
- dst_addr = address_to_display(NULL, &(streaminfo->dest_addr));
+ printf("%s{\"ssrc\":%u", sepa, calc.ssrc);
+ printf(",\"payload\":\"%s\"", calc.all_payload_type_names);
- if (streaminfo->payload_type_name != NULL)
- payload = wmem_strdup(NULL, streaminfo->payload_type_name);
- else
- payload = val_to_str_ext_wmem(NULL, streaminfo->payload_type, &rtp_payload_type_short_vals_ext, "Unknown (%u)");
-
- printf("%s{\"ssrc\":%u", sepa, streaminfo->ssrc);
- printf(",\"payload\":\"%s\"", payload);
+ printf(",\"saddr\":\"%s\"", calc.src_addr_str);
+ printf(",\"sport\":%u", calc.src_port);
- printf(",\"saddr\":\"%s\"", src_addr);
- printf(",\"sport\":%u", streaminfo->src_port);
+ printf(",\"daddr\":\"%s\"", calc.dst_addr_str);
+ printf(",\"dport\":%u", calc.dst_port);
- printf(",\"daddr\":\"%s\"", dst_addr);
- printf(",\"dport\":%u", streaminfo->dest_port);
+ printf(",\"pkts\":%u", calc.packet_count);
- printf(",\"pkts\":%u", streaminfo->packet_count);
+ printf(",\"max_delta\":%f",calc.max_delta);
+ printf(",\"max_jitter\":%f", calc.max_jitter);
+ printf(",\"mean_jitter\":%f", calc.mean_jitter);
- printf(",\"max_delta\":%f", streaminfo->rtp_stats.max_delta);
- printf(",\"max_jitter\":%f", streaminfo->rtp_stats.max_jitter);
- printf(",\"mean_jitter\":%f", streaminfo->rtp_stats.mean_jitter);
+ printf(",\"expectednr\":%u", calc.packet_expected);
+ printf(",\"totalnr\":%u", calc.total_nr);
- expected = (streaminfo->rtp_stats.stop_seq_nr + streaminfo->rtp_stats.cycles * 65536) - streaminfo->rtp_stats.start_seq_nr + 1;
- printf(",\"expectednr\":%u", expected);
- printf(",\"totalnr\":%u", streaminfo->rtp_stats.total_nr);
-
- printf(",\"problem\":%s", streaminfo->problem ? "true" : "false");
+ printf(",\"problem\":%s", calc.problem? "true" : "false");
/* for filter */
- printf(",\"ipver\":%d", (streaminfo->src_addr.type == AT_IPv6) ? 6 : 4);
+ printf(",\"ipver\":%d", (streaminfo->id.src_addr.type == AT_IPv6) ? 6 : 4);
- wmem_free(NULL, src_addr);
- wmem_free(NULL, dst_addr);
- wmem_free(NULL, payload);
+ rtpstream_info_calc_free(&calc);
printf("}");
sepa = ",";
* (m) type - tap output type
* ...
* for type:stats see sharkd_session_process_tap_stats_cb()
+ * for type:nstat see sharkd_session_process_tap_nstat_cb()
* for type:conv see sharkd_session_process_tap_conv_cb()
* for type:host see sharkd_session_process_tap_conv_cb()
* for type:rtp-streams see sharkd_session_process_tap_rtp_cb()
+ * for type:rtp-analyse see sharkd_session_process_tap_rtp_analyse_cb()
* for type:eo see sharkd_session_process_tap_eo_cb()
+ * for type:expert see sharkd_session_process_tap_expert_cb()
+ * for type:rtd see sharkd_session_process_tap_rtd_cb()
+ * for type:srt see sharkd_session_process_tap_srt_cb()
+ * for type:flow see sharkd_session_process_tap_flow_cb()
*
* (m) err - error code
*/
int i;
rtpstream_tapinfo_t rtp_tapinfo =
- {NULL, NULL, NULL, NULL, 0, NULL, 0, TAP_ANALYSE, NULL, NULL, NULL, FALSE};
+ { NULL, NULL, NULL, NULL, 0, NULL, 0, TAP_ANALYSE, NULL, NULL, NULL, FALSE };
for (i = 0; i < 16; i++)
{
st = stats_tree_new(cfg, NULL, tap_filter);
- tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb);
+ tap_error = register_tap_listener(st->cfg->tapname, st, st->filter, st->cfg->flags, stats_tree_reset, stats_tree_packet, sharkd_session_process_tap_stats_cb, NULL);
if (!tap_error && cfg->init)
cfg->init(st);
tap_data = st;
tap_free = sharkd_session_free_tap_stats_cb;
}
+ else if (!strcmp(tok_tap, "expert"))
+ {
+ struct sharkd_expert_tap *expert_tap;
+
+ expert_tap = g_new0(struct sharkd_expert_tap, 1);
+ expert_tap->text = g_string_chunk_new(100);
+
+ tap_error = register_tap_listener("expert", expert_tap, NULL, 0, NULL, sharkd_session_packet_tap_expert_cb, sharkd_session_process_tap_expert_cb, NULL);
+
+ tap_data = expert_tap;
+ tap_free = sharkd_session_free_tap_expert_cb;
+ }
+ else if (!strncmp(tok_tap, "seqa:", 5))
+ {
+ seq_analysis_info_t *graph_analysis;
+ register_analysis_t *analysis;
+ const char *tap_name;
+ tap_packet_cb tap_func;
+ guint tap_flags;
+
+ analysis = sequence_analysis_find_by_name(tok_tap + 5);
+ if (!analysis)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() seq analysis %s not found\n", tok_tap + 5);
+ continue;
+ }
+
+ graph_analysis = sequence_analysis_info_new();
+ graph_analysis->name = tok_tap + 5;
+ /* TODO, make configurable */
+ graph_analysis->any_addr = FALSE;
+
+ tap_name = sequence_analysis_get_tap_listener_name(analysis);
+ tap_flags = sequence_analysis_get_tap_flags(analysis);
+ tap_func = sequence_analysis_get_packet_func(analysis);
+
+ tap_error = register_tap_listener(tap_name, graph_analysis, NULL, tap_flags, NULL, tap_func, sharkd_session_process_tap_flow_cb, NULL);
+
+ tap_data = graph_analysis;
+ tap_free = sharkd_session_free_tap_flow_cb;
+ }
else if (!strncmp(tok_tap, "conv:", 5) || !strncmp(tok_tap, "endpt:", 6))
{
struct register_ct *ct = NULL;
ct_data->resolve_name = TRUE;
ct_data->resolve_port = TRUE;
- tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb);
+ tap_error = register_tap_listener(ct_tapname, &ct_data->hash, tap_filter, 0, NULL, tap_func, sharkd_session_process_tap_conv_cb, NULL);
tap_data = &ct_data->hash;
tap_free = sharkd_session_free_tap_conv_cb;
}
+ else if (!strncmp(tok_tap, "nstat:", 6))
+ {
+ stat_tap_table_ui *stat_tap = stat_tap_by_name(tok_tap + 6);
+ stat_data_t *stat_data;
+
+ if (!stat_tap)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() nstat=%s not found\n", tok_tap + 6);
+ continue;
+ }
+
+ stat_tap->stat_tap_init_cb(stat_tap);
+
+ stat_data = g_new0(stat_data_t, 1);
+ stat_data->stat_tap_data = stat_tap;
+ stat_data->user_data = NULL;
+
+ tap_error = register_tap_listener(stat_tap->tap_name, stat_data, tap_filter, 0, NULL, stat_tap->packet_func, sharkd_session_process_tap_nstat_cb, NULL);
+
+ tap_data = stat_data;
+ tap_free = sharkd_session_free_tap_nstat_cb;
+ }
+ else if (!strncmp(tok_tap, "rtd:", 4))
+ {
+ register_rtd_t *rtd = get_rtd_table_by_name(tok_tap + 4);
+ rtd_data_t *rtd_data;
+ char *err;
+
+ if (!rtd)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() rtd=%s not found\n", tok_tap + 4);
+ continue;
+ }
+
+ rtd_table_get_filter(rtd, "", &tap_filter, &err);
+ if (err != NULL)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() rtd=%s err=%s\n", tok_tap + 4, err);
+ g_free(err);
+ continue;
+ }
+
+ rtd_data = g_new0(rtd_data_t, 1);
+ rtd_data->user_data = rtd;
+ rtd_table_dissector_init(rtd, &rtd_data->stat_table, NULL, NULL);
+
+ tap_error = register_tap_listener(get_rtd_tap_listener_name(rtd), rtd_data, tap_filter, 0, NULL, get_rtd_packet_func(rtd), sharkd_session_process_tap_rtd_cb, NULL);
+
+ tap_data = rtd_data;
+ tap_free = sharkd_session_free_tap_rtd_cb;
+ }
+ else if (!strncmp(tok_tap, "srt:", 4))
+ {
+ register_srt_t *srt = get_srt_table_by_name(tok_tap + 4);
+ srt_data_t *srt_data;
+ char *err;
+
+ if (!srt)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() srt=%s not found\n", tok_tap + 4);
+ continue;
+ }
+
+ srt_table_get_filter(srt, "", &tap_filter, &err);
+ if (err != NULL)
+ {
+ fprintf(stderr, "sharkd_session_process_tap() srt=%s err=%s\n", tok_tap + 4, err);
+ g_free(err);
+ continue;
+ }
+
+ srt_data = g_new0(srt_data_t, 1);
+ srt_data->srt_array = g_array_new(FALSE, TRUE, sizeof(srt_stat_table *));
+ srt_data->user_data = srt;
+ srt_table_dissector_init(srt, srt_data->srt_array);
+
+ tap_error = register_tap_listener(get_srt_tap_listener_name(srt), srt_data, tap_filter, 0, NULL, get_srt_packet_func(srt), sharkd_session_process_tap_srt_cb, NULL);
+
+ tap_data = srt_data;
+ tap_free = sharkd_session_free_tap_srt_cb;
+ }
else if (!strncmp(tok_tap, "eo:", 3))
{
register_eo_t *eo = get_eo_by_name(tok_tap + 3);
eo_object->get_entry = sharkd_eo_object_list_get_entry;
eo_object->gui_data = (void *) object_list;
- tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb);
+ tap_error = register_tap_listener(get_eo_tap_listener_name(eo), eo_object, NULL, 0, NULL, get_eo_packet_func(eo), sharkd_session_process_tap_eo_cb, NULL);
tap_data = eo_object;
tap_free = g_free; /* need to free only eo_object, object_list need to be kept for potential download */
}
else if (!strcmp(tok_tap, "rtp-streams"))
{
- tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet, sharkd_session_process_tap_rtp_cb);
+ tap_error = register_tap_listener("rtp", &rtp_tapinfo, tap_filter, 0, rtpstream_reset_cb, rtpstream_packet_cb, sharkd_session_process_tap_rtp_cb, NULL);
tap_data = &rtp_tapinfo;
tap_free = rtpstream_reset_cb;
}
+ else if (!strncmp(tok_tap, "rtp-analyse:", 12))
+ {
+ struct sharkd_analyse_rtp *rtp_req;
+
+ rtp_req = (struct sharkd_analyse_rtp *) g_malloc0(sizeof(*rtp_req));
+ if (!sharkd_rtp_match_init(&rtp_req->id, tok_tap + 12))
+ {
+ rtpstream_id_free(&rtp_req->id);
+ g_free(rtp_req);
+ continue;
+ }
+
+ rtp_req->tap_name = tok_tap;
+ rtp_req->statinfo.first_packet = TRUE;
+ rtp_req->statinfo.reg_pt = PT_UNDEFINED;
+
+ tap_error = register_tap_listener("rtp", rtp_req, tap_filter, 0, NULL, sharkd_session_packet_tap_rtp_analyse_cb, sharkd_session_process_tap_rtp_analyse_cb, NULL);
+
+ tap_data = rtp_req;
+ tap_free = sharkd_session_process_tap_rtp_free_cb;
+ }
else
{
fprintf(stderr, "sharkd_session_process_tap() %s not recognized\n", tok_tap);
follow_info = g_new0(follow_info_t, 1);
/* gui_data, filter_out_filter not set, but not used by dissector */
- tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL);
+ tap_error = register_tap_listener(get_follow_tap_string(follower), follow_info, tok_filter, 0, NULL, get_follow_tap_handler(follower), NULL, NULL);
if (tap_error)
{
fprintf(stderr, "sharkd_session_process_follow() name=%s error=%s", tok_follow, tap_error->str);
printf(",\"payloads\":[");
- for (cur = follow_info->payload; cur; cur = g_list_next(cur))
+ for (cur = g_list_last(follow_info->payload); cur; cur = g_list_previous(cur))
{
follow_record = (follow_record_t *) cur->data;
}
static void
-sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
+sharkd_session_process_frame_cb_tree(epan_dissect_t *edt, proto_tree *tree, tvbuff_t **tvbs, gboolean display_hidden)
{
proto_node *node;
const char *sepa = "";
if (!finfo)
continue;
- /* XXX, for now always skip hidden */
- if (FI_GET_FLAG(finfo, FI_HIDDEN))
+ if (!display_hidden && FI_GET_FLAG(finfo, FI_HIDDEN))
continue;
printf("%s{", sepa);
}
if (finfo->start >= 0 && finfo->length > 0)
- printf(",\"h\":[%u,%u]", finfo->start, finfo->length);
+ printf(",\"h\":[%d,%d]", finfo->start, finfo->length);
if (finfo->appendix_start >= 0 && finfo->appendix_length > 0)
- printf(",\"i\":[%u,%u]", finfo->appendix_start, finfo->appendix_length);
+ printf(",\"i\":[%d,%d]", finfo->appendix_start, finfo->appendix_length);
if (finfo->hfinfo)
{
+ char *filter;
+
if (finfo->hfinfo->type == FT_PROTOCOL)
{
printf(",\"t\":\"proto\"");
json_puts_string(url);
wmem_free(NULL, url);
}
- }
-
- if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
- {
- const char *severity = NULL;
- switch (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
+ filter = proto_construct_match_selected_string(finfo, edt);
+ if (filter)
{
- case PI_COMMENT:
- severity = "comment";
- break;
+ printf(",\"f\":");
+ json_puts_string(filter);
+ wmem_free(NULL, filter);
+ }
+ }
- case PI_CHAT:
- severity = "chat";
- break;
+ if (FI_GET_FLAG(finfo, FI_GENERATED))
+ {
+ printf(",\"g\":true");
+ }
- case PI_NOTE:
- severity = "note";
- break;
+ if (FI_GET_FLAG(finfo, FI_HIDDEN))
+ {
+ printf(",\"v\":true");
+ }
- case PI_WARN:
- severity = "warn";
- break;
+ if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
+ {
+ const char *severity = try_val_to_str(FI_GET_FLAG(finfo, PI_SEVERITY_MASK), expert_severity_vals);
- case PI_ERROR:
- severity = "error";
- break;
- }
g_assert(severity != NULL);
printf(",\"s\":\"%s\"", severity);
}
- if (((proto_tree *) node)->first_child) {
+ if (((proto_tree *) node)->first_child)
+ {
if (finfo->tree_type != -1)
printf(",\"e\":%d", finfo->tree_type);
printf(",\"n\":");
- sharkd_session_process_frame_cb_tree((proto_tree *) node, tvbs);
+ sharkd_session_process_frame_cb_tree(edt, (proto_tree *) node, tvbs, display_hidden);
}
printf("}");
return FALSE;
}
+struct sharkd_frame_request_data
+{
+ gboolean display_hidden;
+};
+
static void
-sharkd_session_process_frame_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
+sharkd_session_process_frame_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
{
- (void) pi;
- (void) data;
+ packet_info *pi = &edt->pi;
+ frame_data *fdata = pi->fd;
+ const char *pkt_comment = NULL;
+ const struct sharkd_frame_request_data * const req_data = (const struct sharkd_frame_request_data * const) data;
+ const gboolean display_hidden = (req_data) ? req_data->display_hidden : FALSE;
printf("{");
printf("\"err\":0");
+ if (fdata->flags.has_user_comment)
+ pkt_comment = sharkd_get_user_comment(fdata);
+ else if (fdata->flags.has_phdr_comment)
+ pkt_comment = pi->rec->opt_comment;
+
+ if (pkt_comment)
+ {
+ printf(",\"comment\":");
+ json_puts_string(pkt_comment);
+ }
+
if (tree)
{
tvbuff_t **tvbs = NULL;
guint count = g_slist_length((GSList *) data_src);
guint i;
- tvbs = (tvbuff_t **) g_malloc((count + 1) * sizeof(*tvbs));
+ tvbs = (tvbuff_t **) g_malloc((count + 1) * sizeof(*tvbs));
+
+ for (i = 0; i < count; i++)
+ {
+ const struct data_source *src = (const struct data_source *) g_slist_nth_data((GSList *) data_src, i);
+
+ tvbs[i] = get_data_source_tvb(src);
+ }
+
+ tvbs[count] = NULL;
+ }
+
+ sharkd_session_process_frame_cb_tree(edt, tree, tvbs, display_hidden);
+
+ g_free(tvbs);
+ }
+
+ if (cinfo)
+ {
+ int col;
+
+ printf(",\"col\":[");
+ for (col = 0; col < cinfo->num_cols; ++col)
+ {
+ const col_item_t *col_item = &cinfo->columns[col];
+
+ printf("%s\"%s\"", (col) ? "," : "", col_item->col_data);
+ }
+ printf("]");
+ }
+
+ if (fdata->flags.ignored)
+ printf(",\"i\":true");
+
+ if (fdata->flags.marked)
+ printf(",\"m\":true");
+
+ if (fdata->color_filter)
+ {
+ printf(",\"bg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->bg_color));
+ printf(",\"fg\":\"%x\"", color_t_to_rgb(&fdata->color_filter->fg_color));
+ }
+
+ if (data_src)
+ {
+ struct data_source *src = (struct data_source *) data_src->data;
+ const char *ds_sepa = NULL;
+
+ tvbuff_t *tvb;
+ guint length;
+
+ tvb = get_data_source_tvb(src);
+ length = tvb_captured_length(tvb);
+
+ printf(",\"bytes\":");
+ if (length != 0)
+ {
+ const guchar *cp = tvb_get_ptr(tvb, 0, length);
+
+ /* XXX pi.fd->flags.encoding */
+ json_print_base64(cp, length);
+ }
+ else
+ {
+ json_print_base64("", 0);
+ }
+
+ data_src = data_src->next;
+ if (data_src)
+ {
+ printf(",\"ds\":[");
+ ds_sepa = "";
+ }
+
+ while (data_src)
+ {
+ src = (struct data_source *) data_src->data;
+
+ {
+ char *src_name = get_data_source_name(src);
+
+ printf("%s{\"name\":", ds_sepa);
+ json_puts_string(src_name);
+ wmem_free(NULL, src_name);
+ }
+
+ tvb = get_data_source_tvb(src);
+ length = tvb_captured_length(tvb);
+
+ printf(",\"bytes\":");
+ if (length != 0)
+ {
+ const guchar *cp = tvb_get_ptr(tvb, 0, length);
+
+ /* XXX pi.fd->flags.encoding */
+ json_print_base64(cp, length);
+ }
+ else
+ {
+ json_print_base64("", 0);
+ }
+
+ printf("}");
+ ds_sepa = ",";
+
+ data_src = data_src->next;
+ }
+
+ /* close ds, only if was opened */
+ if (ds_sepa != NULL)
+ printf("]");
+ }
+
+ printf(",\"fol\":[0");
+ follow_iterate_followers(sharkd_follower_visit_layers_cb, pi);
+ printf("]");
+
+ printf("}\n");
+}
+
+#define SHARKD_IOGRAPH_MAX_ITEMS 250000 /* 250k limit of items is taken from wireshark-qt, on x86_64 sizeof(io_graph_item_t) is 152, so single graph can take max 36 MB */
+
+struct sharkd_iograph
+{
+ /* config */
+ int hf_index;
+ io_graph_item_unit_t calc_type;
+ guint32 interval;
+
+ /* result */
+ int space_items;
+ int num_items;
+ io_graph_item_t *items;
+ GString *error;
+};
+
+static gboolean
+sharkd_iograph_packet(void *g, packet_info *pinfo, epan_dissect_t *edt, const void *dummy _U_)
+{
+ struct sharkd_iograph *graph = (struct sharkd_iograph *) g;
+ int idx;
+
+ idx = get_io_graph_index(pinfo, graph->interval);
+ if (idx < 0 || idx >= SHARKD_IOGRAPH_MAX_ITEMS)
+ return FALSE;
+
+ if (idx + 1 > graph->num_items)
+ {
+ if (idx + 1 > graph->space_items)
+ {
+ int new_size = idx + 1024;
+
+ graph->items = (io_graph_item_t *) g_realloc(graph->items, sizeof(io_graph_item_t) * new_size);
+ reset_io_graph_items(&graph->items[graph->space_items], new_size - graph->space_items);
+
+ graph->space_items = new_size;
+ }
+ else if (graph->items == NULL)
+ {
+ graph->items = (io_graph_item_t *) g_malloc(sizeof(io_graph_item_t) * graph->space_items);
+ reset_io_graph_items(graph->items, graph->space_items);
+ }
+
+ graph->num_items = idx + 1;
+ }
+
+ return update_io_graph_item(graph->items, idx, pinfo, edt, graph->hf_index, graph->calc_type, graph->interval);
+}
+
+/**
+ * sharkd_session_process_iograph()
+ *
+ * Process iograph request
+ *
+ * Input:
+ * (o) interval - interval time in ms, if not specified: 1000ms
+ * (m) graph0 - First graph request
+ * (o) graph1...graph9 - Other graph requests
+ * (o) filter0 - First graph filter
+ * (o) filter1...filter9 - Other graph filters
+ *
+ * Graph requests can be one of: "packets", "bytes", "bits", "sum:<field>", "frames:<field>", "max:<field>", "min:<field>", "avg:<field>", "load:<field>",
+ * if you use variant with <field>, you need to pass field name in filter request.
+ *
+ * Output object with attributes:
+ * (m) iograph - array of graph results with attributes:
+ * errmsg - graph cannot be constructed
+ * items - graph values, zeros are skipped, if value is not a number it's next index encoded as hex string
+ */
+static void
+sharkd_session_process_iograph(char *buf, const jsmntok_t *tokens, int count)
+{
+ const char *tok_interval = json_find_attr(buf, tokens, count, "interval");
+ struct sharkd_iograph graphs[10];
+ gboolean is_any_ok = FALSE;
+ int graph_count;
+
+ guint32 interval_ms = 1000; /* default: one per second */
+ int i;
+
+ if (tok_interval)
+ {
+ if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0)
+ {
+ fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
+ return;
+ }
+ }
+
+ for (i = graph_count = 0; i < (int) G_N_ELEMENTS(graphs); i++)
+ {
+ struct sharkd_iograph *graph = &graphs[graph_count];
+
+ const char *tok_graph;
+ const char *tok_filter;
+ char tok_format_buf[32];
+ const char *field_name;
+
+ snprintf(tok_format_buf, sizeof(tok_format_buf), "graph%d", i);
+ tok_graph = json_find_attr(buf, tokens, count, tok_format_buf);
+ if (!tok_graph)
+ break;
+
+ snprintf(tok_format_buf, sizeof(tok_format_buf), "filter%d", i);
+ tok_filter = json_find_attr(buf, tokens, count, tok_format_buf);
+
+ if (!strcmp(tok_graph, "packets"))
+ graph->calc_type = IOG_ITEM_UNIT_PACKETS;
+ else if (!strcmp(tok_graph, "bytes"))
+ graph->calc_type = IOG_ITEM_UNIT_BYTES;
+ else if (!strcmp(tok_graph, "bits"))
+ graph->calc_type = IOG_ITEM_UNIT_BITS;
+ else if (g_str_has_prefix(tok_graph, "sum:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_SUM;
+ else if (g_str_has_prefix(tok_graph, "frames:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_FRAMES;
+ else if (g_str_has_prefix(tok_graph, "fields:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_FIELDS;
+ else if (g_str_has_prefix(tok_graph, "max:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_MAX;
+ else if (g_str_has_prefix(tok_graph, "min:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_MIN;
+ else if (g_str_has_prefix(tok_graph, "avg:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_AVERAGE;
+ else if (g_str_has_prefix(tok_graph, "load:"))
+ graph->calc_type = IOG_ITEM_UNIT_CALC_LOAD;
+ else
+ break;
+
+ field_name = strchr(tok_graph, ':');
+ if (field_name)
+ field_name = field_name + 1;
- for (i = 0; i < count; i++)
- {
- struct data_source *src = (struct data_source *) g_slist_nth_data((GSList *) data_src, i);
+ graph->interval = interval_ms;
- tvbs[i] = get_data_source_tvb(src);
- }
+ graph->hf_index = -1;
+ graph->error = check_field_unit(field_name, &graph->hf_index, graph->calc_type);
- tvbs[count] = NULL;
- }
+ graph->space_items = 0; /* TODO, can avoid realloc()s in sharkd_iograph_packet() by calculating: capture_time / interval */
+ graph->num_items = 0;
+ graph->items = NULL;
- sharkd_session_process_frame_cb_tree(tree, tvbs);
+ if (!graph->error)
+ graph->error = register_tap_listener("frame", graph, tok_filter, TL_REQUIRES_PROTO_TREE, NULL, sharkd_iograph_packet, NULL, NULL);
- g_free(tvbs);
- }
+ graph_count++;
- if (cinfo)
- {
- int col;
+ if (graph->error == NULL)
+ is_any_ok = TRUE;
+ }
- printf(",\"col\":[");
- for (col = 0; col < cinfo->num_cols; ++col)
- {
- const col_item_t *col_item = &cinfo->columns[col];
+ /* retap only if we have at least one ok */
+ if (is_any_ok)
+ sharkd_retap();
- printf("%s\"%s\"", (col) ? "," : "", col_item->col_data);
- }
- printf("]");
- }
+ printf("{\"iograph\":[");
- if (data_src)
+ for (i = 0; i < graph_count; i++)
{
- struct data_source *src = (struct data_source *)data_src->data;
- const char *ds_sepa = NULL;
-
- tvbuff_t *tvb;
- guint length;
+ struct sharkd_iograph *graph = &graphs[i];
- tvb = get_data_source_tvb(src);
- length = tvb_captured_length(tvb);
+ if (i)
+ printf(",");
+ printf("{");
- printf(",\"bytes\":");
- if (length != 0)
+ if (graph->error)
{
- const guchar *cp = tvb_get_ptr(tvb, 0, length);
-
- /* XXX pi.fd->flags.encoding */
- json_print_base64(cp, length);
+ printf("\"errmsg\":");
+ json_puts_string(graph->error->str);
+ g_string_free(graph->error, TRUE);
}
else
{
- json_print_base64("", 0);
- }
-
- data_src = data_src->next;
- if (data_src)
- {
- printf(",\"ds\":[");
- ds_sepa = "";
- }
-
- while (data_src)
- {
- src = (struct data_source *)data_src->data;
+ int idx;
+ int next_idx = 0;
+ const char *sepa = "";
+ printf("\"items\":[");
+ for (idx = 0; idx < graph->num_items; idx++)
{
- char *src_name = get_data_source_name(src);
-
- printf("%s{\"name\":", ds_sepa);
- json_puts_string(src_name);
- wmem_free(NULL, src_name);
- }
+ double val;
- tvb = get_data_source_tvb(src);
- length = tvb_captured_length(tvb);
+ val = get_io_graph_item(graph->items, graph->calc_type, idx, graph->hf_index, &cfile, graph->interval, graph->num_items);
- printf(",\"bytes\":");
- if (length != 0)
- {
- const guchar *cp = tvb_get_ptr(tvb, 0, length);
+ /* if it's zero, don't display */
+ if (val == 0.0)
+ continue;
- /* XXX pi.fd->flags.encoding */
- json_print_base64(cp, length);
- }
- else
- {
- json_print_base64("", 0);
- }
+ printf("%s", sepa);
- printf("}");
- ds_sepa = ",";
+ /* cause zeros are not printed, need to output index */
+ if (next_idx != idx)
+ printf("\"%x\",", idx);
- data_src = data_src->next;
+ printf("%f", val);
+ next_idx = idx + 1;
+ sepa = ",";
+ }
+ printf("]");
}
+ printf("}");
- /* close ds, only if was opened */
- if (ds_sepa != NULL)
- printf("]");
+ remove_tap_listener(graph);
+ g_free(graph->items);
}
- printf(",\"fol\":[0");
- follow_iterate_followers(sharkd_follower_visit_layers_cb, pi);
- printf("]");
-
- printf("}\n");
+ printf("]}\n");
}
/**
guint64 bytes;
} st, st_total;
- nstime_t *start_ts = NULL;
+ nstime_t *start_ts;
guint32 interval_ms = 1000; /* default: one per second */
gint64 idx;
gint64 max_idx = 0;
- if (tok_interval) {
- if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0) {
+ if (tok_interval)
+ {
+ if (!ws_strtou32(tok_interval, NULL, &interval_ms) || interval_ms == 0)
+ {
fprintf(stderr, "Invalid interval parameter: %s.\n", tok_interval);
return;
}
printf("{\"intervals\":[");
+ start_ts = (cfile.count >= 1) ? &(sharkd_get_frame(1)->abs_ts) : NULL;
+
for (framenum = 1; framenum <= cfile.count; framenum++)
{
- frame_data *fdata = frame_data_sequence_find(cfile.frames, framenum);
+ frame_data *fdata;
gint64 msec_rel;
gint64 new_idx;
- if (start_ts == NULL)
- start_ts = &fdata->abs_ts;
-
if (filter_data && !(filter_data[framenum / 8] & (1 << (framenum % 8))))
continue;
+ fdata = sharkd_get_frame(framenum);
+
msec_rel = (fdata->abs_ts.secs - start_ts->secs) * (gint64) 1000 + (fdata->abs_ts.nsecs - start_ts->nsecs) / 1000000;
new_idx = msec_rel / interval_ms;
*
* Input:
* (m) frame - requested frame number
+ * (o) ref_frame - time reference frame number
+ * (o) prev_frame - previously displayed frame number
* (o) proto - set if output frame tree
* (o) columns - set if output frame columns
+ * (o) color - set if output color-filter bg/fg
* (o) bytes - set if output frame bytes
+ * (o) hidden - set if output hidden tree fields
*
* Output object with attributes:
* (m) err - 0 if succeed
* (o) tree - array of frame nodes with attributes:
* l - label
* t: 'proto', 'framenum', 'url' - type of node
+ * f - filter string
* s - severity
* e - subtree ett index
* n - array of subtree nodes
* ds- data src index
* url - only for t:'url', url
* fnum - only for t:'framenum', frame number
+ * g - if field is generated by Wireshark
+ * v - if field is hidden
*
* (o) col - array of column data
* (o) bytes - base64 of frame bytes
* (o) ds - array of other data srcs
+ * (o) comment - frame comment
* (o) fol - array of follow filters:
* [0] - protocol
* [1] - filter string
+ * (o) i - if frame is ignored
+ * (o) m - if frame is marked
+ * (o) bg - color filter - background color in hex
+ * (o) fg - color filter - foreground color in hex
*/
static void
sharkd_session_process_frame(char *buf, const jsmntok_t *tokens, int count)
{
const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
- int tok_proto = (json_find_attr(buf, tokens, count, "proto") != NULL);
- int tok_bytes = (json_find_attr(buf, tokens, count, "bytes") != NULL);
- int tok_columns = (json_find_attr(buf, tokens, count, "columns") != NULL);
-
- guint32 framenum;
+ const char *tok_ref_frame = json_find_attr(buf, tokens, count, "ref_frame");
+ const char *tok_prev_frame = json_find_attr(buf, tokens, count, "prev_frame");
+ guint32 framenum, ref_frame_num, prev_dis_num;
+ guint32 dissect_flags = SHARKD_DISSECT_FLAG_NULL;
+ if (json_find_attr(buf, tokens, count, "proto") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_PROTO_TREE;
+ if (json_find_attr(buf, tokens, count, "bytes") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_BYTES;
+ if (json_find_attr(buf, tokens, count, "columns") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_COLUMNS;
+ if (json_find_attr(buf, tokens, count, "color") != NULL)
+ dissect_flags |= SHARKD_DISSECT_FLAG_COLOR;
if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
return;
- sharkd_dissect_request(framenum, &sharkd_session_process_frame_cb, tok_bytes, tok_columns, tok_proto, NULL);
+ ref_frame_num = (framenum != 1) ? 1 : 0;
+ if (tok_ref_frame && (!ws_strtou32(tok_ref_frame, NULL, &ref_frame_num) || ref_frame_num > framenum))
+ return;
+
+ prev_dis_num = framenum - 1;
+ if (tok_prev_frame && (!ws_strtou32(tok_prev_frame, NULL, &prev_dis_num) || prev_dis_num >= framenum))
+ return;
+
+ struct sharkd_frame_request_data req_data;
+ req_data.display_hidden = (json_find_attr(buf, tokens, count, "v") != NULL);
+
+ sharkd_dissect_request(framenum, ref_frame_num, prev_dis_num, &sharkd_session_process_frame_cb, dissect_flags, &req_data);
}
/**
return 0;
}
+/**
+ * sharkd_session_process_setcomment()
+ *
+ * Process setcomment request
+ *
+ * Input:
+ * (m) frame - frame number
+ * (o) comment - user comment
+ *
+ * Output object with attributes:
+ * (m) err - error code: 0 succeed
+ */
+static void
+sharkd_session_process_setcomment(char *buf, const jsmntok_t *tokens, int count)
+{
+ const char *tok_frame = json_find_attr(buf, tokens, count, "frame");
+ const char *tok_comment = json_find_attr(buf, tokens, count, "comment");
+
+ guint32 framenum;
+ frame_data *fdata;
+ int ret;
+
+ if (!tok_frame || !ws_strtou32(tok_frame, NULL, &framenum) || framenum == 0)
+ return;
+
+ fdata = sharkd_get_frame(framenum);
+ if (!fdata)
+ return;
+
+ ret = sharkd_set_user_comment(fdata, tok_comment);
+ printf("{\"err\":%d}\n", ret);
+}
+
/**
* sharkd_session_process_setconf()
*
const char *tok_name = json_find_attr(buf, tokens, count, "name");
const char *tok_value = json_find_attr(buf, tokens, count, "value");
char pref[4096];
+ char *errmsg = NULL;
prefs_set_pref_e ret;
ws_snprintf(pref, sizeof(pref), "%s:%s", tok_name, tok_value);
- ret = prefs_set_pref(pref);
- printf("{\"err\":%d}\n", ret);
+ ret = prefs_set_pref(pref, &errmsg);
+ printf("{\"err\":%d", ret);
+ if (errmsg)
+ {
+ /* Add error message for some syntax errors. */
+ printf(",\"errmsg\":");
+ json_puts_string(errmsg);
+ }
+ printf("}\n");
+ g_free(errmsg);
}
struct sharkd_session_process_dumpconf_data
case PREF_DECODE_AS_UINT:
printf("\"u\":%u", prefs_get_uint_value_real(pref, pref_current));
if (prefs_get_uint_base(pref) != 10)
- printf(",\"ub\":%d", prefs_get_uint_base(pref));
+ printf(",\"ub\":%u", prefs_get_uint_base(pref));
break;
case PREF_BOOL:
break;
case PREF_STRING:
+ case PREF_SAVE_FILENAME:
+ case PREF_OPEN_FILENAME:
+ case PREF_DIRNAME:
printf("\"s\":");
json_puts_string(prefs_get_string_value(pref, pref_current));
break;
}
case PREF_UAT:
+ {
+ uat_t *uat = prefs_get_uat_value(pref);
+ guint idx;
+
+ printf("\"t\":[");
+ for (idx = 0; idx < uat->raw_data->len; idx++)
+ {
+ void *rec = UAT_INDEX_PTR(uat, idx);
+ guint colnum;
+
+ if (idx)
+ printf(",");
+
+ printf("[");
+ for (colnum = 0; colnum < uat->ncols; colnum++)
+ {
+ char *str = uat_fld_tostr(rec, &(uat->fields[colnum]));
+
+ if (colnum)
+ printf(",");
+
+ json_puts_string(str);
+ g_free(str);
+ }
+
+ printf("]");
+ }
+
+ printf("]");
+ break;
+ }
+
case PREF_COLOR:
case PREF_CUSTOM:
case PREF_STATIC_TEXT:
* Output object with attributes:
* (o) prefs - object with module preferences
* (m) [KEY] - preference name
- * (o) u - preference value (only for PREF_UINT)
- * (o) ub - preference value suggested base for display (only for PREF_UINT) and if different than 10
+ * (o) u - preference value (for PREF_UINT, PREF_DECODE_AS_UINT)
+ * (o) ub - preference value suggested base for display (for PREF_UINT, PREF_DECODE_AS_UINT) and if different than 10
* (o) b - preference value (only for PREF_BOOL) (1 true, 0 false)
- * (o) s - preference value (only for PREF_STRING)
+ * (o) s - preference value (for PREF_STRING, PREF_SAVE_FILENAME, PREF_OPEN_FILENAME, PREF_DIRNAME)
* (o) e - preference possible values (only for PREF_ENUM)
- * (o) r - preference value (only for PREF_RANGE)
+ * (o) r - preference value (for PREF_RANGE, PREF_DECODE_AS_RANGE)
* (o) t - preference value (only for PREF_UAT)
*/
static void
printf("{\"prefs\":{");
prefs_pref_foreach(pref_mod, sharkd_session_process_dumpconf_cb, &data);
printf("}}\n");
- }
+ }
+}
+
+struct sharkd_download_rtp
+{
+ rtpstream_id_t id;
+ GSList *packets;
+ double start_time;
+};
+
+static void
+sharkd_rtp_download_free_items(void *ptr)
+{
+ rtp_packet_t *rtp_packet = (rtp_packet_t *) ptr;
+
+ g_free(rtp_packet->info);
+ g_free(rtp_packet->payload_data);
+ g_free(rtp_packet);
+}
+
+static void
+sharkd_rtp_download_decode(struct sharkd_download_rtp *req)
+{
+ /* based on RtpAudioStream::decode() 6e29d874f8b5e6ebc59f661a0bb0dab8e56f122a */
+ /* TODO, for now only without silence (timing_mode_ = Uninterrupted) */
+
+ static const int sample_bytes_ = sizeof(SAMPLE) / sizeof(char);
+
+ guint32 audio_out_rate_ = 0;
+ struct _GHashTable *decoders_hash_ = rtp_decoder_hash_table_new();
+ struct SpeexResamplerState_ *audio_resampler_ = NULL;
+
+ gsize resample_buff_len = 0x1000;
+ SAMPLE *resample_buff = (SAMPLE *) g_malloc(resample_buff_len);
+ spx_uint32_t cur_in_rate = 0;
+ char *write_buff = NULL;
+ gint64 write_bytes = 0;
+ unsigned channels = 0;
+ unsigned sample_rate = 0;
+
+ int i;
+ int base64_state1 = 0;
+ int base64_state2 = 0;
+
+ GSList *l;
+
+ for (l = req->packets; l; l = l->next)
+ {
+ rtp_packet_t *rtp_packet = (rtp_packet_t *) l->data;
+
+ SAMPLE *decode_buff = NULL;
+ size_t decoded_bytes;
+
+ decoded_bytes = decode_rtp_packet(rtp_packet, &decode_buff, decoders_hash_, &channels, &sample_rate);
+ if (decoded_bytes == 0 || sample_rate == 0)
+ {
+ /* We didn't decode anything. Clean up and prep for the next packet. */
+ g_free(decode_buff);
+ continue;
+ }
+
+ if (audio_out_rate_ == 0)
+ {
+ guint32 tmp32;
+ guint16 tmp16;
+ char wav_hdr[44];
+
+ /* First non-zero wins */
+ audio_out_rate_ = sample_rate;
+
+ RTP_STREAM_DEBUG("Audio sample rate is %u", audio_out_rate_);
+
+ /* write WAVE header */
+ memset(&wav_hdr, 0, sizeof(wav_hdr));
+ memcpy(&wav_hdr[0], "RIFF", 4);
+ memcpy(&wav_hdr[4], "\xFF\xFF\xFF\xFF", 4); /* XXX, unknown */
+ memcpy(&wav_hdr[8], "WAVE", 4);
+
+ memcpy(&wav_hdr[12], "fmt ", 4);
+ memcpy(&wav_hdr[16], "\x10\x00\x00\x00", 4); /* PCM */
+ memcpy(&wav_hdr[20], "\x01\x00", 2); /* PCM */
+ /* # channels */
+ tmp16 = channels;
+ memcpy(&wav_hdr[22], &tmp16, 2);
+ /* sample rate */
+ tmp32 = sample_rate;
+ memcpy(&wav_hdr[24], &tmp32, 4);
+ /* byte rate */
+ tmp32 = sample_rate * channels * sample_bytes_;
+ memcpy(&wav_hdr[28], &tmp32, 4);
+ /* block align */
+ tmp16 = channels * sample_bytes_;
+ memcpy(&wav_hdr[32], &tmp16, 2);
+ /* bits per sample */
+ tmp16 = 8 * sample_bytes_;
+ memcpy(&wav_hdr[34], &tmp16, 2);
+
+ memcpy(&wav_hdr[36], "data", 4);
+ memcpy(&wav_hdr[40], "\xFF\xFF\xFF\xFF", 4); /* XXX, unknown */
+
+ for (i = 0; i < (int) sizeof(wav_hdr); i++)
+ json_print_base64_step(&wav_hdr[i], &base64_state1, &base64_state2);
+ }
+
+ // Write samples to our file.
+ write_buff = (char *) decode_buff;
+ write_bytes = decoded_bytes;
+
+ if (audio_out_rate_ != sample_rate)
+ {
+ spx_uint32_t in_len, out_len;
+
+ /* Resample the audio to match our previous output rate. */
+ if (!audio_resampler_)
+ {
+ audio_resampler_ = speex_resampler_init(1, sample_rate, audio_out_rate_, 10, NULL);
+ speex_resampler_skip_zeros(audio_resampler_);
+ RTP_STREAM_DEBUG("Started resampling from %u to (out) %u Hz.", sample_rate, audio_out_rate_);
+ }
+ else
+ {
+ spx_uint32_t audio_out_rate;
+ speex_resampler_get_rate(audio_resampler_, &cur_in_rate, &audio_out_rate);
+
+ if (sample_rate != cur_in_rate)
+ {
+ speex_resampler_set_rate(audio_resampler_, sample_rate, audio_out_rate);
+ RTP_STREAM_DEBUG("Changed input rate from %u to %u Hz. Out is %u.", cur_in_rate, sample_rate, audio_out_rate_);
+ }
+ }
+ in_len = (spx_uint32_t)rtp_packet->info->info_payload_len;
+ out_len = (audio_out_rate_ * (spx_uint32_t)rtp_packet->info->info_payload_len / sample_rate) + (audio_out_rate_ % sample_rate != 0);
+ if (out_len * sample_bytes_ > resample_buff_len)
+ {
+ while ((out_len * sample_bytes_ > resample_buff_len))
+ resample_buff_len *= 2;
+ resample_buff = (SAMPLE *) g_realloc(resample_buff, resample_buff_len);
+ }
+
+ speex_resampler_process_int(audio_resampler_, 0, decode_buff, &in_len, resample_buff, &out_len);
+ write_buff = (char *) resample_buff;
+ write_bytes = out_len * sample_bytes_;
+ }
+
+ /* Write the decoded, possibly-resampled audio */
+ for (i = 0; i < write_bytes; i++)
+ json_print_base64_step(&write_buff[i], &base64_state1, &base64_state2);
+
+ g_free(decode_buff);
+ }
+
+ json_print_base64_step(NULL, &base64_state1, &base64_state2);
+
+ g_free(resample_buff);
+ g_hash_table_destroy(decoders_hash_);
+}
+
+static gboolean
+sharkd_session_packet_download_tap_rtp_cb(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *data)
+{
+ const struct _rtp_info *rtp_info = (const struct _rtp_info *) data;
+ struct sharkd_download_rtp *req_rtp = (struct sharkd_download_rtp *) tapdata;
+
+ /* do not consider RTP packets without a setup frame */
+ if (rtp_info->info_setup_frame_num == 0)
+ return FALSE;
+
+ if (rtpstream_id_equal_pinfo_rtp_info(&req_rtp->id, pinfo, rtp_info))
+ {
+ rtp_packet_t *rtp_packet;
+
+ rtp_packet = g_new0(rtp_packet_t, 1);
+ rtp_packet->info = (struct _rtp_info *) g_memdup(rtp_info, sizeof(struct _rtp_info));
+
+ if (rtp_info->info_all_data_present && rtp_info->info_payload_len != 0)
+ rtp_packet->payload_data = (guint8 *) g_memdup(&(rtp_info->info_data[rtp_info->info_payload_offset]), rtp_info->info_payload_len);
+
+ if (!req_rtp->packets)
+ req_rtp->start_time = nstime_to_sec(&pinfo->abs_ts);
+
+ rtp_packet->frame_num = pinfo->num;
+ rtp_packet->arrive_offset = nstime_to_sec(&pinfo->abs_ts) - req_rtp->start_time;
+
+ /* XXX, O(n) optimize */
+ req_rtp->packets = g_slist_append(req_rtp->packets, rtp_packet);
+ }
+
+ return FALSE;
}
/**
{
int row;
- sscanf(&tok_token[eo_type_len + 1], "%d", &row);
+ if (sscanf(&tok_token[eo_type_len + 1], "%d", &row) != 1)
+ break;
eo_entry = (export_object_entry_t *) g_slist_nth_data(object_list->entries, row);
break;
printf(",\"mime\":");
json_puts_string(mime);
printf(",\"data\":");
- json_print_base64(eo_entry->payload_data, (int) eo_entry->payload_len); /* XXX, export object will be truncated if >= 2^31 */
+ json_print_base64(eo_entry->payload_data, (size_t)(eo_entry->payload_len));
+ printf("}\n");
+ }
+ }
+ else if (!strcmp(tok_token, "ssl-secrets"))
+ {
+ char *str = ssl_export_sessions();
+
+ if (str)
+ {
+ const char *mime = "text/plain";
+ const char *filename = "keylog.txt";
+
+ printf("{\"file\":");
+ json_puts_string(filename);
+ printf(",\"mime\":");
+ json_puts_string(mime);
+ printf(",\"data\":");
+ json_print_base64(str, strlen(str));
+ printf("}\n");
+ }
+ g_free(str);
+ }
+ else if (!strncmp(tok_token, "rtp:", 4))
+ {
+ struct sharkd_download_rtp rtp_req;
+ GString *tap_error;
+
+ memset(&rtp_req, 0, sizeof(rtp_req));
+ if (!sharkd_rtp_match_init(&rtp_req.id, tok_token + 4))
+ {
+ fprintf(stderr, "sharkd_session_process_download() rtp tokenizing error %s\n", tok_token);
+ return;
+ }
+
+ tap_error = register_tap_listener("rtp", &rtp_req, NULL, 0, NULL, sharkd_session_packet_download_tap_rtp_cb, NULL, NULL);
+ if (tap_error)
+ {
+ fprintf(stderr, "sharkd_session_process_download() rtp error=%s", tap_error->str);
+ g_string_free(tap_error, TRUE);
+ return;
+ }
+
+ sharkd_retap();
+ remove_tap_listener(&rtp_req);
+
+ if (rtp_req.packets)
+ {
+ const char *mime = "audio/x-wav";
+ const char *filename = tok_token;
+
+ printf("{\"file\":");
+ json_puts_string(filename);
+ printf(",\"mime\":");
+ json_puts_string(mime);
+
+ printf(",\"data\":");
+ putchar('"');
+ sharkd_rtp_download_decode(&rtp_req);
+ putchar('"');
+
printf("}\n");
+
+ g_slist_free_full(rtp_req.packets, sharkd_rtp_download_free_items);
}
}
}
return;
}
+ if (tokens[i + 1].type != JSMN_STRING && tokens[i + 1].type != JSMN_PRIMITIVE)
+ {
+ fprintf(stderr, "sanity check(3a): [%d] wrong type\n", i + 1);
+ return;
+ }
+
buf[tokens[i + 0].end] = '\0';
buf[tokens[i + 1].end] = '\0';
- json_unescape_str(&buf[tokens[i + 0].start]);
- json_unescape_str(&buf[tokens[i + 1].start]);
+ /* unescape only value, as keys are simple strings */
+ if (tokens[i + 1].type == JSMN_STRING && !json_unescape_str(&buf[tokens[i + 1].start]))
+ {
+ fprintf(stderr, "sanity check(3b): [%d] cannot unescape string\n", i + 1);
+ return;
+ }
}
{
sharkd_session_process_tap(buf, tokens, count);
else if (!strcmp(tok_req, "follow"))
sharkd_session_process_follow(buf, tokens, count);
+ else if (!strcmp(tok_req, "iograph"))
+ sharkd_session_process_iograph(buf, tokens, count);
else if (!strcmp(tok_req, "intervals"))
sharkd_session_process_intervals(buf, tokens, count);
else if (!strcmp(tok_req, "frame"))
sharkd_session_process_frame(buf, tokens, count);
+ else if (!strcmp(tok_req, "setcomment"))
+ sharkd_session_process_setcomment(buf, tokens, count);
else if (!strcmp(tok_req, "setconf"))
sharkd_session_process_setconf(buf, tokens, count);
else if (!strcmp(tok_req, "dumpconf"))
int
sharkd_session_main(void)
{
- char buf[16 * 1024];
+ char buf[2 * 1024];
jsmntok_t *tokens = NULL;
int tokens_max = -1;
fprintf(stderr, "Hello in child.\n");
+ filter_table = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, sharkd_session_filter_free);
+
+#ifdef HAVE_MAXMINDDB
+ /* mmdbresolve was stopped before fork(), force starting it */
+ uat_get_table_by_name("MaxMind Database Paths")->post_update_cb();
+#endif
+
while (fgets(buf, sizeof(buf), stdin))
{
/* every command is line seperated JSON */
int ret;
- ret = wsjsmn_parse(buf, NULL, 0);
+ ret = wsjson_parse(buf, NULL, 0);
if (ret < 0)
{
fprintf(stderr, "invalid JSON -> closing\n");
memset(tokens, 0, ret * sizeof(jsmntok_t));
- ret = wsjsmn_parse(buf, tokens, ret);
+ ret = wsjson_parse(buf, tokens, ret);
if (ret < 0)
{
fprintf(stderr, "invalid JSON(2) -> closing\n");
return 2;
}
+#if defined(HAVE_C_ARES) || defined(HAVE_MAXMINDDB)
+ host_name_lookup_process();
+#endif
+
sharkd_session_process(buf, tokens, ret);
}
+ g_hash_table_destroy(filter_table);
g_free(tokens);
return 0;