#include <epan/exceptions.h>
#include <epan/epan.h>
-#include <wsutil/clopts_common.h>
-#include <wsutil/cmdarg_err.h>
-#include <wsutil/crash_info.h>
+#include <ui/clopts_common.h>
+#include <ui/cmdarg_err.h>
#include <wsutil/filesystem.h>
#include <wsutil/file_util.h>
#include <wsutil/privileges.h>
#include <wsutil/report_message.h>
+#include <cli_main.h>
#include <version_info.h>
#include <wiretap/wtap_opttypes.h>
#include <wiretap/pcapng.h>
#include <epan/rtd_table.h>
#include <epan/ex-opt.h>
#include <epan/exported_pdu.h>
+#include <epan/secrets.h>
#include "capture_opts.h"
#include "caputils/capture_ifinfo.h"
#ifdef _WIN32
#include "caputils/capture-wpcap.h"
-#include <wsutil/unicode-utils.h>
#endif /* _WIN32 */
#include <capchild/capture_session.h>
#include <capchild/capture_sync.h>
#include <wsutil/str_util.h>
#include <wsutil/utf8_entities.h>
+#include <wsutil/json_dumper.h>
#include "extcap.h"
*/
#define LONGOPT_COLOR (65536+1000)
#define LONGOPT_NO_DUPLICATE_KEYS (65536+1001)
-#ifdef HAVE_JSONGLIB
#define LONGOPT_ELASTIC_MAPPING_FILTER (65536+1002)
-#endif
#if 0
#define tshark_debug(...) g_warning(__VA_ARGS__)
static gboolean no_duplicate_keys = FALSE;
static proto_node_children_grouper_func node_children_grouper = proto_node_group_children_by_unique;
+static json_dumper jdumper;
+
/* The line separator used between packets, changeable via the -S option */
static const char *separator = "";
/*fprintf(output, "\n");*/
fprintf(output, "Output:\n");
+#ifdef PCAP_NG_DEFAULT
+ fprintf(output, " -w <outfile|-> write packets to a pcapng-format file named \"outfile\"\n");
+#else
fprintf(output, " -w <outfile|-> write packets to a pcap-format file named \"outfile\"\n");
+#endif
fprintf(output, " (or to the standard output for \"-\")\n");
fprintf(output, " -C <config profile> start with specified configuration profile\n");
+#ifdef PCAP_NG_DEFAULT
fprintf(output, " -F <output file type> set the output file type, default is pcapng\n");
+#else
+ fprintf(output, " -F <output file type> set the output file type, default is pcap\n");
+#endif
fprintf(output, " an empty \"-F\" option will list the file types\n");
fprintf(output, " -V add output of packet tree (Packet Details)\n");
fprintf(output, " -O <protocols> Only show packet details of these protocols, comma\n");
fprintf(output, " --no-duplicate-keys If -T json is specified, merge duplicate keys in an object\n");
fprintf(output, " into a single key with as value a json array containing all\n");
fprintf(output, " values\n");
-#ifdef HAVE_JSONGLIB
fprintf(output, " --elastic-mapping-filter <protocols> If -G elastic-mapping is specified, put only the\n");
fprintf(output, " specified protocols within the mapping file\n");
-#endif
fprintf(output, "\n");
fprintf(output, "Miscellaneous:\n");
output = stdout;
- fprintf(output, "TShark (Wireshark) %s\n", get_ws_vcs_version_info());
+ fprintf(output, "%s\n", get_appname_and_version());
fprintf(output, "\n");
fprintf(output, "Usage: tshark -G [report]\n");
fprintf(output, " -G column-formats dump column format codes and exit\n");
fprintf(output, " -G decodes dump \"layer type\"/\"decode as\" associations and exit\n");
fprintf(output, " -G dissector-tables dump dissector table names, types, and properties\n");
-#ifdef HAVE_JSONGLIB
fprintf(output, " -G elastic-mapping dump ElasticSearch mapping file\n");
-#endif
fprintf(output, " -G fieldcount dump count of header fields and exit\n");
fprintf(output, " -G fields dump fields glossary and exit\n");
fprintf(output, " -G ftypes dump field type basic and descriptive names\n");
tap_listeners_require_dissection() || dissect_color;
}
-static int
-real_main(int argc, char *argv[])
+int
+main(int argc, char *argv[])
{
- GString *comp_info_str;
- GString *runtime_info_str;
char *init_progfile_dir_error;
int opt;
static const struct option long_options[] = {
{"export-objects", required_argument, NULL, LONGOPT_EXPORT_OBJECTS},
{"color", no_argument, NULL, LONGOPT_COLOR},
{"no-duplicate-keys", no_argument, NULL, LONGOPT_NO_DUPLICATE_KEYS},
-#ifdef HAVE_JSONGLIB
{"elastic-mapping-filter", required_argument, NULL, LONGOPT_ELASTIC_MAPPING_FILTER},
-#endif
{0, 0, 0, 0 }
};
gboolean arg_error = FALSE;
gchar *err_str;
#else
gboolean capture_option_specified = FALSE;
+ volatile int max_packet_count = 0;
#endif
gboolean quiet = FALSE;
#ifdef PCAP_NG_DEFAULT
gchar *volatile pdu_export_arg = NULL;
char *volatile exp_pdu_filename = NULL;
exp_pdu_t exp_pdu_tap_data;
-#ifdef HAVE_JSONGLIB
const gchar* elastic_mapping_filter = NULL;
-#endif
/*
* The leading + ensures that getopt_long() does not permute the argv[]
#endif /* HAVE_LIBPCAP */
#endif /* _WIN32 */
- /* Get the compile-time version information string */
- comp_info_str = get_compiled_version_info(get_tshark_compiled_version_info,
- epan_get_compiled_version_info);
-
- /* Get the run-time version information string */
- runtime_info_str = get_runtime_version_info(get_tshark_runtime_version_info);
-
- /* Add it to the information to be reported on a crash. */
- ws_add_crash_info("TShark (Wireshark) %s\n"
- "\n"
- "%s"
- "\n"
- "%s",
- get_ws_vcs_version_info(), comp_info_str->str, runtime_info_str->str);
- g_string_free(comp_info_str, TRUE);
- g_string_free(runtime_info_str, TRUE);
+ /* Initialize the version information. */
+ ws_init_version_info("TShark (Wireshark)", get_tshark_compiled_version_info,
+ epan_get_compiled_version_info,
+ get_tshark_runtime_version_info);
/* Fail sometimes. Useful for testing fuzz scripts. */
/* if (g_random_int_range(0, 100) < 5) abort(); */
case 'X':
ex_opt_add(optarg);
break;
-#ifdef HAVE_JSONGLIB
case LONGOPT_ELASTIC_MAPPING_FILTER:
elastic_mapping_filter = optarg;
break;
-#endif
default:
break;
}
write_prefs(NULL);
else if (strcmp(argv[2], "dissector-tables") == 0)
dissector_dump_dissector_tables();
-#ifdef HAVE_JSONGLIB
else if (strcmp(argv[2], "elastic-mapping") == 0)
proto_registrar_dump_elastic(elastic_mapping_filter);
-#endif
else if (strcmp(argv[2], "fieldcount") == 0) {
/* return value for the test suite */
exit_status = proto_registrar_dump_fieldcount();
* file.
*/
output_file_name = g_strdup(optarg);
+ } else if (opt == 'c') {
+ max_packet_count = get_positive_int(optarg, "packet count");
} else {
capture_option_specified = TRUE;
arg_error = TRUE;
break;
case 'h': /* Print help and exit */
- printf("TShark (Wireshark) %s\n"
- "Dump and analyze network traffic.\n"
- "See https://www.wireshark.org for more information.\n",
- get_ws_vcs_version_info());
+ show_help_header("Dump and analyze network traffic.");
print_usage(stdout);
exit_status = EXIT_SUCCESS;
goto clean_exit;
break;
}
case 'v': /* Show version and exit */
- comp_info_str = get_compiled_version_info(get_tshark_compiled_version_info,
- epan_get_compiled_version_info);
- runtime_info_str = get_runtime_version_info(get_tshark_runtime_version_info);
- show_version("TShark (Wireshark)", comp_info_str, runtime_info_str);
- g_string_free(comp_info_str, TRUE);
- g_string_free(runtime_info_str, TRUE);
+ show_version();
/* We don't really have to cleanup here, but it's a convenient way to test
* start-up and shut-down of the epan library without any UI-specific
* cruft getting in the way. Makes the results of running
#ifdef HAVE_LIBPCAP
if (!global_capture_opts.saving_to_file) {
+#else
+ if (!output_file_name) {
+#endif
/* We're not saving the capture to a file; if "-q" wasn't specified,
we should print packet information */
if (!quiet)
print_packet_info = TRUE;
} else {
+#ifdef HAVE_LIBPCAP
+ const char *save_file = global_capture_opts.save_file;
+#else
+ const char *save_file = output_file_name;
+#endif
/* We're saving to a file; if we're writing to the standard output.
and we'll also be writing dissected packets to the standard
output, reject the request. At best, we could redirect that
to the standard error; we *can't* write both to the standard
output and have either of them be useful. */
- if (strcmp(global_capture_opts.save_file, "-") == 0 && print_packet_info) {
+ if (strcmp(save_file, "-") == 0 && print_packet_info) {
cmdarg_err("You can't write both raw packet data and dissected packets"
" to the standard output.");
exit_status = INVALID_OPTION;
goto clean_exit;
}
}
-#else
- /* We're not saving the capture to a file; if "-q" wasn't specified,
- we should print packet information */
- if (!quiet)
- print_packet_info = TRUE;
-#endif
#ifndef HAVE_LIBPCAP
if (capture_option_specified)
/* Activate the export PDU tap */
comment = g_strdup_printf("Dump of PDUs from %s", cf_name);
err = exp_pdu_open(&exp_pdu_tap_data, exp_fd, comment);
+ g_free(comment);
if (err != 0) {
cfile_dump_open_failure_message("TShark", exp_pdu_filename, err,
WTAP_FILE_TYPE_SUBTYPE_PCAPNG);
- g_free(comment);
exit_status = INVALID_EXPORT;
goto clean_exit;
}
global_capture_opts.has_autostop_packets ? global_capture_opts.autostop_packets : 0,
global_capture_opts.has_autostop_filesize ? global_capture_opts.autostop_filesize : 0);
#else
- success = process_cap_file(&cfile, output_file_name, out_file_type, out_file_name_res, 0, 0);
+ success = process_cap_file(&cfile, output_file_name, out_file_type, out_file_name_res, max_packet_count, 0);
#endif
}
CATCH(OutOfMemoryError) {
return exit_status;
}
-#ifdef _WIN32
-int
-wmain(int argc, wchar_t *wc_argv[])
-{
- char **argv;
-
- argv = arg_list_utf_16to8(argc, wc_argv);
- return real_main(argc, argv);
-}
-#else
-int
-main(int argc, char *argv[])
-{
- return real_main(argc, argv);
-}
-#endif
-
/*#define USE_BROKEN_G_MAIN_LOOP*/
#ifdef USE_BROKEN_G_MAIN_LOOP
capture_input_new_file(capture_session *cap_session, gchar *new_file)
{
capture_options *capture_opts = cap_session->capture_opts;
- capture_file *cf = (capture_file *) cap_session->cf;
+ capture_file *cf = cap_session->cf;
gboolean is_tempfile;
int err;
/* if we are in real-time mode, open the new file now */
if (do_dissection) {
/* this is probably unecessary, but better safe than sorry */
- ((capture_file *)cap_session->cf)->open_type = WTAP_TYPE_AUTO;
+ cap_session->cf->open_type = WTAP_TYPE_AUTO;
/* Attempt to open the capture file and set up to read from it. */
- switch(cf_open((capture_file *)cap_session->cf, capture_opts->save_file, WTAP_TYPE_AUTO, is_tempfile, &err)) {
+ switch(cf_open(cap_session->cf, capture_opts->save_file, WTAP_TYPE_AUTO, is_tempfile, &err)) {
case CF_OK:
break;
case CF_ERROR:
int err;
gchar *err_info;
gint64 data_offset;
- capture_file *cf = (capture_file *)cap_session->cf;
+ capture_file *cf = cap_session->cf;
gboolean filtering_tap_listeners;
guint tap_flags;
/* capture child detected any packet drops? */
void
-capture_input_drops(capture_session *cap_session _U_, guint32 dropped)
+capture_input_drops(capture_session *cap_session _U_, guint32 dropped, char* interface_name)
{
if (print_packet_counts) {
/* We're printing packet counts to stderr.
if (dropped != 0) {
/* We're printing packet counts to stderr.
Send a newline so that we move to the line after the packet count. */
- fprintf(stderr, "%u packet%s dropped\n", dropped, plurality(dropped, "", "s"));
+ if (interface_name != NULL) {
+ fprintf(stderr, "%u packet%s dropped from %s\n", dropped, plurality(dropped, "", "s"), interface_name);
+ } else {
+ fprintf(stderr, "%u packet%s dropped\n", dropped, plurality(dropped, "", "s"));
+ }
}
}
void
capture_input_closed(capture_session *cap_session, gchar *msg)
{
- capture_file *cf = (capture_file *) cap_session->cf;
+ capture_file *cf = cap_session->cf;
if (msg != NULL)
fprintf(stderr, "tshark: %s\n", msg);
if (dissect_color) {
color_filters_prime_edt(edt);
- fdata->flags.need_colorize = 1;
+ fdata->need_colorize = 1;
}
epan_dissect_run_with_taps(edt, cf->cd_t, rec,
if (edt) {
epan_dissect_reset(edt);
}
- return passed || fdata->flags.dependent_of_displayed;
+ return passed || fdata->dependent_of_displayed;
}
static gboolean
gboolean out_file_name_res, int max_packet_count, gint64 max_byte_count)
{
gboolean success = TRUE;
- gint linktype;
- int snapshot_length;
wtap_dumper *pdh;
guint32 framenum;
int err = 0, err_pass1 = 0;
gint64 data_offset;
gboolean filtering_tap_listeners;
guint tap_flags;
- wtapng_dump_params ng_params = WTAPNG_DUMP_PARAMS_INIT;
+ wtap_dump_params params = WTAP_DUMP_PARAMS_INIT;
wtap_rec rec;
Buffer buf;
epan_dissect_t *edt = NULL;
- char *shb_user_appl;
+ char *shb_user_appl;
wtap_rec_init(&rec);
if (save_file != NULL) {
/* Set up to write to the capture file. */
- snapshot_length = wtap_snapshot_length(cf->provider.wth);
- if (snapshot_length == 0) {
- /* Snapshot length of input file not known. */
- snapshot_length = WTAP_MAX_PACKET_SIZE_STANDARD;
- }
- tshark_debug("tshark: snapshot_length = %d", snapshot_length);
-
- wtap_dump_params_init(&ng_params, cf->provider.wth);
-#ifdef PCAP_NG_DEFAULT
- if (ng_params.idb_inf->interface_data->len > 1) {
- linktype = WTAP_ENCAP_PER_PACKET;
- } else {
- linktype = wtap_file_encap(cf->provider.wth);
- }
-#else
- linktype = wtap_file_encap(cf->provider.wth);
-#endif
+ wtap_dump_params_init(¶ms, cf->provider.wth);
/* If we don't have an application name add Tshark */
- if (wtap_block_get_string_option_value(g_array_index(ng_params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, &shb_user_appl) != WTAP_OPTTYPE_SUCCESS) {
+ if (wtap_block_get_string_option_value(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, &shb_user_appl) != WTAP_OPTTYPE_SUCCESS) {
/* this is free'd by wtap_block_free() later */
- wtap_block_add_string_option_format(g_array_index(ng_params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, "TShark (Wireshark) %s", get_ws_vcs_version_info());
+ wtap_block_add_string_option_format(g_array_index(params.shb_hdrs, wtap_block_t, 0), OPT_SHB_USERAPPL, "%s", get_appname_and_version());
}
- if (linktype != WTAP_ENCAP_PER_PACKET &&
- out_file_type == WTAP_FILE_TYPE_SUBTYPE_PCAP) {
- tshark_debug("tshark: writing PCAP format to %s", save_file);
- if (strcmp(save_file, "-") == 0) {
- /* Write to the standard output. */
- pdh = wtap_dump_open_stdout(out_file_type, linktype,
- snapshot_length, FALSE /* compressed */, NULL, &err);
- } else {
- pdh = wtap_dump_open(save_file, out_file_type, linktype,
- snapshot_length, FALSE /* compressed */, NULL, &err);
- }
- }
- else {
- tshark_debug("tshark: writing format type %d, to %s", out_file_type, save_file);
- if (strcmp(save_file, "-") == 0) {
- /* Write to the standard output. */
- pdh = wtap_dump_open_stdout(out_file_type, linktype,
- snapshot_length, FALSE /* compressed */, &ng_params, &err);
- } else {
- pdh = wtap_dump_open(save_file, out_file_type, linktype,
- snapshot_length, FALSE /* compressed */, &ng_params, &err);
- }
+ tshark_debug("tshark: writing format type %d, to %s", out_file_type, save_file);
+ if (strcmp(save_file, "-") == 0) {
+ /* Write to the standard output. */
+ pdh = wtap_dump_open_stdout(out_file_type, WTAP_UNCOMPRESSED, ¶ms,
+ &err);
+ } else {
+ pdh = wtap_dump_open(save_file, out_file_type, WTAP_UNCOMPRESSED, ¶ms,
+ &err);
}
- g_free(ng_params.idb_inf);
- ng_params.idb_inf = NULL;
+ g_free(params.idb_inf);
+ params.idb_inf = NULL;
if (pdh == NULL) {
/* We couldn't set up to write to the capture file. */
err, err_info, framenum,
out_file_type);
wtap_dump_close(pdh, &err);
- wtap_dump_params_cleanup(&ng_params);
+ wtap_dump_params_cleanup(¶ms);
exit(2);
}
}
cfile_write_failure_message("TShark", cf->filename, save_file,
err, err_info, framenum, out_file_type);
wtap_dump_close(pdh, &err);
- wtap_dump_params_cleanup(&ng_params);
+ wtap_dump_params_cleanup(¶ms);
exit(2);
}
}
wtap_close(cf->provider.wth);
cf->provider.wth = NULL;
- wtap_dump_params_cleanup(&ng_params);
+ wtap_dump_params_cleanup(¶ms);
return success;
}
if (dissect_color) {
color_filters_prime_edt(edt);
- fdata.flags.need_colorize = 1;
+ fdata.need_colorize = 1;
}
epan_dissect_run_with_taps(edt, cf->cd_t, rec,
case WRITE_JSON:
case WRITE_JSON_RAW:
- write_json_preamble(stdout);
+ jdumper = write_json_preamble(stdout);
return !ferror(stdout);
case WRITE_EK:
- return !ferror(stdout);
+ return TRUE;
default:
g_assert_not_reached();
if (print_details) {
write_json_proto_tree(output_fields, print_dissections_expanded,
print_hex, protocolfilter, protocolfilter_flags,
- edt, &cf->cinfo, node_children_grouper, stdout);
+ edt, &cf->cinfo, node_children_grouper, &jdumper);
return !ferror(stdout);
}
break;
if (print_details) {
write_json_proto_tree(output_fields, print_dissections_none, TRUE,
protocolfilter, protocolfilter_flags,
- edt, &cf->cinfo, node_children_grouper, stdout);
+ edt, &cf->cinfo, node_children_grouper, &jdumper);
return !ferror(stdout);
}
break;
case WRITE_JSON:
case WRITE_JSON_RAW:
- write_json_finale(stdout);
+ write_json_finale(&jdumper);
return !ferror(stdout);
case WRITE_EK:
- return !ferror(stdout);
+ return TRUE;
default:
g_assert_not_reached();
wtap_set_cb_new_ipv4(cf->provider.wth, add_ipv4_name);
wtap_set_cb_new_ipv6(cf->provider.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
+ wtap_set_cb_new_secrets(cf->provider.wth, secrets_wtap_callback);
return CF_OK;