*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifdef HAVE_CONFIG_H
#include <epan/column.h>
#include "print.h"
#include <epan/addr_resolv.h>
-#include "util.h"
+#include "ui/util.h"
#include "clopts_common.h"
#include "console_io.h"
#include "cmdarg_err.h"
#include "capture-pcap-util.h"
#ifdef _WIN32
#include "capture-wpcap.h"
-#include "capture_errs.h"
#include <wsutil/unicode-utils.h>
#endif /* _WIN32 */
#include "capture_sync.h"
#endif /* HAVE_LIBPCAP */
#include "log.h"
#include <epan/funnel.h>
+#include "capture_opts.h"
/*
* This is the template for the decode as option; it is shared between the
fprintf(output, " filesize:NUM - switch to next file after NUM KB\n");
fprintf(output, " files:NUM - ringbuffer: replace after NUM files\n");
#endif /* HAVE_LIBPCAP */
-
+#ifdef HAVE_PCAP_REMOTE
+ fprintf(output, "RPCAP options:\n");
+ fprintf(output, " -A <user>:<password> use RPCAP password authentication\n");
+#endif
/*fprintf(output, "\n");*/
fprintf(output, "Input file:\n");
fprintf(output, " -r <infile> set the filename to read from (no pipes or stdin!)\n");
fprintf(output, " -w <outfile|-> write packets to a pcap-format file named \"outfile\"\n");
fprintf(output, " (or to the standard output for \"-\")\n");
fprintf(output, " -C <config profile> start with specified configuration profile\n");
- fprintf(output, " -F <output file type> set the output file type, default is libpcap\n");
+ fprintf(output, " -F <output file type> set the output file type, default is pcapng\n");
fprintf(output, " an empty \"-F\" option will list the file types\n");
fprintf(output, " -V add output of packet tree (Packet Details)\n");
fprintf(output, " -O <protocols> Only show packet details of these protocols, comma\n");
int optind_initial;
gchar *output_only = NULL;
+#ifdef HAVE_PCAP_REMOTE
+#define OPTSTRING_A "A:"
+#else
+#define OPTSTRING_A ""
+#endif
#ifdef HAVE_LIBPCAP
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
#define OPTSTRING_B "B:"
#define OPTSTRING_I ""
#endif
-#define OPTSTRING "2a:A:b:" OPTSTRING_B "c:C:d:De:E:f:F:G:hH:i:" OPTSTRING_I "K:lLnN:o:O:pPqr:R:s:S:t:T:u:vVw:W:xX:y:z:"
+#define OPTSTRING "2a:" OPTSTRING_A "b:" OPTSTRING_B "c:C:d:De:E:f:F:G:hH:i:" OPTSTRING_I "K:lLnN:o:O:pPqr:R:s:S:t:T:u:vVw:W:xX:y:z:"
static const char optstring[] = OPTSTRING;
#endif
register_all_tap_listeners();
- /* Now register the preferences for any non-dissector modules.
- We must do that before we read the preferences as well. */
- prefs_register_modules();
-
/* If invoked with the "-G" flag, we dump out information based on
the argument to the "-G" flag; if no argument is specified,
for backwards compatibility we dump out a glossary of display
pf_path = NULL;
}
- /* Set the name resolution code's flags from the preferences. */
- gbl_resolv_flags = prefs_p->name_resolve;
-
/* Read the disabled protocols file. */
read_disabled_protos_list(&gdp_path, &gdp_open_errno, &gdp_read_errno,
&dp_path, &dp_open_errno, &dp_read_errno);
case 'f': /* capture filter */
case 'i': /* Use interface x */
case 'p': /* Don't capture in promiscuous mode */
+#ifdef HAVE_PCAP_REMOTE
+ case 'A': /* Authentication */
+#endif
#ifdef HAVE_PCAP_CREATE
case 'I': /* Capture in monitor mode, if available */
#endif
#endif
break;
case 'n': /* No name resolution */
- gbl_resolv_flags = RESOLV_NONE;
+ gbl_resolv_flags.mac_name = FALSE;
+ gbl_resolv_flags.network_name = FALSE;
+ gbl_resolv_flags.transport_name = FALSE;
+ gbl_resolv_flags.concurrent_dns = FALSE;
break;
case 'N': /* Select what types of addresses/port #s to resolve */
- if (gbl_resolv_flags == RESOLV_ALL)
- gbl_resolv_flags = RESOLV_NONE;
badopt = string_to_name_resolve(optarg, &gbl_resolv_flags);
if (badopt != '\0') {
cmdarg_err("-N specifies unknown resolving option '%c';",
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
return 0;
- break;
}
case 'O': /* Only output these protocols */
output_only = g_strdup(optarg);
(or get a list of link-layer types for a live capture device);
do we have support for live captures? */
#ifdef HAVE_LIBPCAP
-
-#ifdef _WIN32
- if (!has_wpcap) {
- char *detailed_err;
-
- cmdarg_err("WinPcap couldn't be found.");
- detailed_err = cant_load_winpcap_err("TShark");
- cmdarg_err_cont("%s", detailed_err);
- g_free(detailed_err);
- return 2;
- }
-#endif
-
/* trim the interface name and exit if that failed */
if (!capture_opts_trim_iface(&global_capture_opts,
- (prefs_p->capture_device) ? get_if_name(prefs_p->capture_device) : NULL)) {
+ ((prefs_p->capture_device) && (*prefs_p->capture_device != '\0')) ? get_if_name(prefs_p->capture_device) : NULL)) {
return 2;
}
the capture child to finish; it will report that it finished,
or will exit abnormally, so we'll stop reading from the sync
pipe, pick up the exit status, and quit. */
+ memset(&action, 0, sizeof(action));
action.sa_handler = capture_cleanup;
action.sa_flags = SA_RESTART;
sigemptyset(&action.sa_mask);
void
capture_input_closed(capture_options *capture_opts, gchar *msg)
{
+ capture_file *cf = (capture_file *) capture_opts->cf;
+
if (msg != NULL)
fprintf(stderr, "tshark: %s\n", msg);
report_counts();
- if(capture_opts->cf != NULL && ((capture_file *) capture_opts->cf)->wth != NULL) {
- wtap_close(((capture_file *) capture_opts->cf)->wth);
- if(((capture_file *) capture_opts->cf)->user_saved == FALSE) {
- ws_unlink(((capture_file *) capture_opts->cf)->filename);
+ if(cf != NULL && cf->wth != NULL) {
+ wtap_close(cf->wth);
+ if(cf->is_tempfile) {
+ ws_unlink(cf->filename);
}
}
#ifdef USE_BROKEN_G_MAIN_LOOP
{
frame_data fdlocal;
guint32 framenum;
+ gboolean create_proto_tree = FALSE;
epan_dissect_t edt;
gboolean passed;
run a read filter, or we're going to process taps, set up to
do a dissection and do so. */
if (do_dissection) {
- if (gbl_resolv_flags)
+ if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
+ gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns)
/* Grab any resolved addresses */
host_name_lookup_process(NULL);
+ if (cf->rfcode)
+ create_proto_tree = TRUE;
+
/* The protocol tree will be "visible", i.e., printed, only if we're
printing packet details, which is true if we're printing stuff
("print_packet_info" is true) and we're in verbose mode ("verbose"
is true). */
- epan_dissect_init(&edt, FALSE, FALSE);
+ epan_dissect_init(&edt, create_proto_tree, FALSE);
/* If we're running a read filter, prime the epan_dissect_t with that
filter. */
run a read filter, or we're going to process taps, set up to
do a dissection and do so. */
if (do_dissection) {
- if (gbl_resolv_flags)
+ if (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
+ gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns)
/* Grab any resolved addresses */
host_name_lookup_process(NULL);
char *save_file_string = NULL;
gboolean filtering_tap_listeners;
guint tap_flags;
+ wtapng_section_t *shb_hdr;
+ wtapng_iface_descriptions_t *idb_inf;
+ char appname[100];
+ shb_hdr = wtap_file_get_shb_info(cf->wth);
+ idb_inf = wtap_file_get_idb_info(cf->wth);
#ifdef PCAP_NG_DEFAULT
- linktype = WTAP_ENCAP_PER_PACKET;
+ if (idb_inf->number_of_interfaces > 0) {
+ linktype = WTAP_ENCAP_PER_PACKET;
+ } else {
+ linktype = wtap_file_encap(cf->wth);
+ }
#else
linktype = wtap_file_encap(cf->wth);
#endif
/* Snapshot length of input file not known. */
snapshot_length = WTAP_MAX_PACKET_SIZE;
}
- pdh = wtap_dump_open(save_file, out_file_type, linktype, snapshot_length,
- FALSE /* compressed */, &err);
+ /* If we don't have an application name add Tshark */
+ if(shb_hdr->shb_user_appl == NULL) {
+ g_snprintf(appname, sizeof(appname), "TShark " VERSION "%s", wireshark_svnversion);
+ shb_hdr->shb_user_appl = appname;
+ }
+
+ pdh = wtap_dump_open_ng(save_file, out_file_type, linktype, snapshot_length,
+ FALSE /* compressed */, shb_hdr, idb_inf, &err);
+
+ g_free(idb_inf);
+ idb_inf = NULL;
if (pdh == NULL) {
/* We couldn't set up to write to the capture file. */
break;
}
wtap_dump_close(pdh, &err);
+ g_free(shb_hdr);
exit(2);
}
}
break;
}
wtap_dump_close(pdh, &err);
+ g_free(shb_hdr);
exit(2);
}
}
#endif
switch (err) {
+ case WTAP_ERR_UNSUPPORTED:
+ cmdarg_err("The file \"%s\" contains record data that TShark doesn't support.\n(%s)",
+ cf->filename, err_info);
+ g_free(err_info);
+ break;
+
case WTAP_ERR_UNSUPPORTED_ENCAP:
cmdarg_err("The file \"%s\" has a packet with a network type that TShark doesn't support.\n(%s)",
cf->filename, err_info);
cf->wth = NULL;
g_free(save_file_string);
+ g_free(shb_hdr);
return err;
}
run a read filter, or we're going to process taps, set up to
do a dissection and do so. */
if (do_dissection) {
- if (print_packet_info && gbl_resolv_flags)
+ if (print_packet_info && (gbl_resolv_flags.mac_name || gbl_resolv_flags.network_name ||
+ gbl_resolv_flags.transport_name || gbl_resolv_flags.concurrent_dns))
/* Grab any resolved addresses */
host_name_lookup_process(NULL);
switch (output_action) {
case WRITE_TEXT:
+ /* Only initialize the fields that are actually used in proto_tree_print.
+ * This is particularly important for .range, as that's heap memory which
+ * we would otherwise have to g_free().
print_args.to_file = TRUE;
print_args.format = print_format;
print_args.print_summary = !verbose;
- print_args.print_hex = verbose && print_hex;
print_args.print_formfeed = FALSE;
- print_args.print_dissections = verbose ? print_dissections_expanded : print_dissections_none;
-
- /* init the packet range */
packet_range_init(&print_args.range);
+ */
+ print_args.print_hex = verbose && print_hex;
+ print_args.print_dissections = verbose ? print_dissections_expanded : print_dissections_none;
if (!proto_tree_print(&print_args, edt, print_stream))
return FALSE;
/* Indicate whether it's a permanent or temporary file. */
cf->is_tempfile = is_tempfile;
- /* If it's a temporary capture buffer file, mark it as not saved. */
- cf->user_saved = !is_tempfile;
+ /* No user changes yet. */
+ cf->unsaved_changes = FALSE;
cf->cd_t = wtap_file_type(cf->wth);
cf->count = 0;
errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
break;
+ case WTAP_ERR_RANDOM_OPEN_PIPE:
+ /* Seen only when opening a capture file for reading. */
+ errmsg = "The file \"%s\" is a pipe or FIFO; TShark can't read pipe or FIFO files in two-pass mode.";
+ break;
+
case WTAP_ERR_FILE_UNKNOWN_FORMAT:
/* Seen only when opening a capture file for reading. */
errmsg = "The file \"%s\" isn't a capture file in a format TShark understands.";
errmsg = "A full header couldn't be written to the file \"%s\".";
break;
+ case WTAP_ERR_COMPRESSION_NOT_SUPPORTED:
+ errmsg = "This file type cannot be written as a compressed file.";
+ break;
+
case WTAP_ERR_DECOMPRESS:
/* Seen only when opening a capture file for reading. */
g_snprintf(errmsg_errno, sizeof(errmsg_errno),
git.samba.org / metze / wireshark / wip.git / blobdiff