#include "epan/oids.h"
#endif
#include "epan/maxmind_db.h"
-#include "epan/register.h"
#include <epan/epan_dissect.h>
#include <epan/tap.h>
#include <epan/stat_tap_ui.h>
#include "caputils/capture_ifinfo.h"
#ifdef _WIN32
#include "caputils/capture-wpcap.h"
-#include <wsutil/os_version_info.h>
#include <wsutil/unicode-utils.h>
#endif /* _WIN32 */
#include <capchild/capture_session.h>
*/
#define LONGOPT_COLOR (65536+1000)
#define LONGOPT_NO_DUPLICATE_KEYS (65536+1001)
+#ifdef HAVE_JSONGLIB
+#define LONGOPT_ELASTIC_MAPPING_FILTER (65536+1002)
+#endif
#if 0
#define tshark_debug(...) g_warning(__VA_ARGS__)
}
static void
-string_elem_print(gpointer data, gpointer not_used _U_)
+string_elem_print(gpointer data)
{
fprintf(stderr, " %s - %s\n",
((struct string_elem *)data)->sstr,
list = g_slist_insert_sorted(list, &captypes[i], string_compare);
}
}
- g_slist_foreach(list, string_elem_print, NULL);
- g_slist_free(list);
+ g_slist_free_full(list, string_elem_print);
g_free(captypes);
}
captypes[i].lstr = (open_routines[i].type == OPEN_INFO_MAGIC) ? magic : heuristic;
list = g_slist_insert_sorted(list, &captypes[i], string_compare);
}
- g_slist_foreach(list, string_elem_print, NULL);
- g_slist_free(list);
+ g_slist_free_full(list, string_elem_print);
g_free(captypes);
}
fprintf(output, " -Y <display filter> packet displaY filter in Wireshark display filter\n");
fprintf(output, " syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
- fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtCd\"\n");
+ fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mnNtdv\"\n");
fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE);
fprintf(output, " \"Decode As\", see the man page for details\n");
fprintf(output, " Example: tcp.port==8888,http\n");
fprintf(output, " (Note that attributes are nonstandard)\n");
fprintf(output, " --no-duplicate-keys If -T json is specified, merge duplicate keys in an object\n");
fprintf(output, " into a single key with as value a json array containing all\n");
- fprintf(output, " values");
+ fprintf(output, " values\n");
+#ifdef HAVE_JSONGLIB
+ fprintf(output, " --elastic-mapping-filter <protocols> If -G elastic-mapping is specified, put only the\n");
+ fprintf(output, " specified protocols within the mapping file\n");
+#endif
fprintf(output, "\n");
fprintf(output, "Miscellaneous:\n");
fprintf(output, " -G column-formats dump column format codes and exit\n");
fprintf(output, " -G decodes dump \"layer type\"/\"decode as\" associations and exit\n");
fprintf(output, " -G dissector-tables dump dissector table names, types, and properties\n");
+#ifdef HAVE_JSONGLIB
+ fprintf(output, " -G elastic-mapping dump ElasticSearch mapping file\n");
+#endif
fprintf(output, " -G fieldcount dump count of header fields and exit\n");
fprintf(output, " -G fields dump fields glossary and exit\n");
fprintf(output, " -G ftypes dump field type basic and descriptive names\n");
tap_listeners_require_dissection() || dissect_color;
}
-int
-main(int argc, char *argv[])
+static int
+real_main(int argc, char *argv[])
{
GString *comp_info_str;
GString *runtime_info_str;
{"export-objects", required_argument, NULL, LONGOPT_EXPORT_OBJECTS},
{"color", no_argument, NULL, LONGOPT_COLOR},
{"no-duplicate-keys", no_argument, NULL, LONGOPT_NO_DUPLICATE_KEYS},
+#ifdef HAVE_JSONGLIB
+ {"elastic-mapping-filter", required_argument, NULL, LONGOPT_ELASTIC_MAPPING_FILTER},
+#endif
{0, 0, 0, 0 }
};
gboolean arg_error = FALSE;
int log_flags;
gchar *output_only = NULL;
gchar *volatile pdu_export_arg = NULL;
- const char *volatile exp_pdu_filename = NULL;
+ char *volatile exp_pdu_filename = NULL;
exp_pdu_t exp_pdu_tap_data;
+#ifdef HAVE_JSONGLIB
+ const gchar* elastic_mapping_filter = NULL;
+#endif
/*
* The leading + ensures that getopt_long() does not permute the argv[]
cmdarg_err_init(failure_warning_message, failure_message_cont);
#ifdef _WIN32
- arg_list_utf_16to8(argc, argv);
create_app_running_mutex();
#endif /* _WIN32 */
* Attempt to get the pathname of the directory containing the
* executable file.
*/
- init_progfile_dir_error = init_progfile_dir(argv[0], main);
+ init_progfile_dir_error = init_progfile_dir(argv[0]);
if (init_progfile_dir_error != NULL) {
fprintf(stderr,
"tshark: Can't get pathname of directory containing the tshark program: %s.\n"
#ifdef HAVE_LIBPCAP
/* Load wpcap if possible. Do this before collecting the run-time version information */
load_wpcap();
-
- /* Warn the user if npf.sys isn't loaded. */
- if (!npf_sys_is_running() && get_windows_major_version() >= 6) {
- fprintf(stderr, "The NPF driver isn't running. You may have trouble "
- "capturing or\nlisting interfaces.\n");
- }
#endif /* HAVE_LIBPCAP */
#endif /* _WIN32 */
case 'X':
ex_opt_add(optarg);
break;
+#ifdef HAVE_JSONGLIB
+ case LONGOPT_ELASTIC_MAPPING_FILTER:
+ elastic_mapping_filter = optarg;
+ break;
+#endif
default:
break;
}
"-G" flag, as the "-G" flag dumps information registered by the
dissectors, and we must do it before we read the preferences, in
case any dissectors register preferences. */
- if (!epan_init(register_all_protocols, register_all_protocol_handoffs, NULL,
- NULL)) {
+ if (!epan_init(NULL, NULL, TRUE)) {
exit_status = INIT_FAILED;
goto clean_exit;
}
write_prefs(NULL);
else if (strcmp(argv[2], "dissector-tables") == 0)
dissector_dump_dissector_tables();
+#ifdef HAVE_JSONGLIB
+ else if (strcmp(argv[2], "elastic-mapping") == 0)
+ proto_registrar_dump_elastic(elastic_mapping_filter);
+#endif
else if (strcmp(argv[2], "fieldcount") == 0) {
/* return value for the test suite */
exit_status = proto_registrar_dump_fieldcount();
* Output file name, if we're reading a file and writing to another
* file.
*/
- output_file_name = optarg;
+ output_file_name = g_strdup(optarg);
} else {
capture_option_specified = TRUE;
arg_error = TRUE;
goto clean_exit;
}
- exp_fd = ws_open(exp_pdu_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
- if (exp_fd == -1) {
+ if (strcmp(exp_pdu_filename, "-") == 0) {
+ /* Write to the standard output. */
+ exp_fd = 1;
+ } else {
+ exp_fd = ws_open(exp_pdu_filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
+ if (exp_fd == -1) {
cmdarg_err("%s: %s", exp_pdu_filename, file_open_error_message(errno, TRUE));
exit_status = INVALID_FILE;
goto clean_exit;
+ }
}
/* Activate the export PDU tap */
exit_status = 2;
}
g_free(pdu_export_arg);
+ g_free(exp_pdu_filename);
}
} else {
tshark_debug("tshark: no capture file specified");
or get a list of link-layer types for a live capture device;
do we have support for live captures? */
#ifdef HAVE_LIBPCAP
+#ifdef _WIN32
+ /* Warn the user if npf.sys isn't loaded. */
+ if (!npf_sys_is_running()) {
+ fprintf(stderr, "The NPF driver isn't running. You may have trouble "
+ "capturing or\nlisting interfaces.\n");
+ }
+#endif /* _WIN32 */
+
/* if no interface was specified, pick a default */
exit_status = capture_opts_default_iface_if_necessary(&global_capture_opts,
((prefs_p->capture_device) && (*prefs_p->capture_device != '\0')) ? get_if_name(prefs_p->capture_device) : NULL);
#endif
}
- g_free(cf_name);
-
if (cfile.provider.frames != NULL) {
free_frame_data_sequence(cfile.provider.frames);
cfile.provider.frames = NULL;
}
draw_tap_listeners(TRUE);
+ /* Memory cleanup */
+ reset_tap_listeners();
funnel_dump_all_text_windows();
epan_free(cfile.epan);
epan_cleanup();
output_fields = NULL;
clean_exit:
+ g_free(cf_name);
destroy_print_stream(print_stream);
#ifdef HAVE_LIBPCAP
capture_opts_cleanup(&global_capture_opts);
+#else
+ g_free(output_file_name);
#endif
col_cleanup(&cfile.cinfo);
free_filter_lists();
wtap_cleanup();
free_progdirs();
cf_close(&cfile);
+ dfilter_free(dfcode);
return exit_status;
}
+#ifdef _WIN32
+int
+wmain(int argc, wchar_t *wc_argv[])
+{
+ char **argv;
+
+ argv = arg_list_utf_16to8(argc, wc_argv);
+ return real_main(argc, argv);
+}
+#else
+int
+main(int argc, char *argv[])
+{
+ return real_main(argc, argv);
+}
+#endif
+
/*#define USE_BROKEN_G_MAIN_LOOP*/
#ifdef USE_BROKEN_G_MAIN_LOOP
if (!ret)
return FALSE;
+ /*
+ * Force synchronous resolution of IP addresses; we're doing only
+ * one pass, so we can't do it in the background and fix up past
+ * dissections.
+ */
+ set_resolution_synchrony(TRUE);
+
/* the actual capture loop
*
* XXX - glib doesn't seem to provide any event based loop handling.
from the dissection or running taps on the packet; if we're doing
any of that, we'll do it in the second pass.) */
if (edt) {
- if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
- gbl_resolv_flags.transport_name)
- /* Grab any resolved addresses */
- host_name_lookup_process();
-
/* If we're running a read filter, prime the epan_dissect_t with that
filter. */
if (cf->rfcode)
passes over the packets; that's the pass where we print
packet information or run taps.) */
if (edt) {
- if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
- gbl_resolv_flags.transport_name)
- /* Grab any resolved addresses */
- host_name_lookup_process();
-
/* If we're running a display filter, prime the epan_dissect_t with that
filter. */
if (cf->dfcode)
edt = epan_dissect_new(cf->epan, create_proto_tree, print_packet_info && print_details);
}
+ /*
+ * Force synchronous resolution of IP addresses; in this pass, we
+ * can't do it in the background and fix up past dissections.
+ */
+ set_resolution_synchrony(TRUE);
+
for (framenum = 1; err == 0 && framenum <= cf->count; framenum++) {
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
if (wtap_seek_read(cf->provider.wth, fdata->file_off, &rec, &buf, &err,
edt = epan_dissect_new(cf->epan, create_proto_tree, print_packet_info && print_details);
}
+ /*
+ * Force synchronous resolution of IP addresses; we're doing only
+ * one pass, so we can't do it in the background and fix up past
+ * dissections.
+ */
+ set_resolution_synchrony(TRUE);
+
while (wtap_read(cf->provider.wth, &err, &err_info, &data_offset)) {
framenum++;
over the packets, so, if we'll be printing packet information
or running taps, we'll be doing it here.) */
if (edt) {
- if (print_packet_info && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
- gbl_resolv_flags.transport_name))
- /* Grab any resolved addresses */
- host_name_lookup_process();
-
/* If we're running a filter, prime the epan_dissect_t with that
filter. */
if (cf->dfcode)
/* The open succeeded. Fill in the information for this file. */
- /* Create new epan session for dissection. */
- epan_free(cf->epan);
- cf->epan = tshark_epan_new(cf);
-
cf->provider.wth = wth;
cf->f_datalen = 0; /* not used, but set it anyway */
cf->provider.prev_dis = NULL;
cf->provider.prev_cap = NULL;
- cf->state = FILE_READ_IN_PROGRESS;
+ /* Create new epan session for dissection. */
+ epan_free(cf->epan);
+ cf->epan = tshark_epan_new(cf);
wtap_set_cb_new_ipv4(cf->provider.wth, add_ipv4_name);
wtap_set_cb_new_ipv6(cf->provider.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
git.samba.org / metze / wireshark / wip.git / blobdiff