2 * capture info functions
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
33 #include <epan/packet.h>
34 /* XXX - try to remove this later */
35 #include <epan/prefs.h>
36 /* XXX - try to remove this later */
37 #include <epan/filesystem.h>
39 #include "capture_info.h"
41 #include <epan/dissectors/packet-ap1394.h>
42 #include <epan/dissectors/packet-atalk.h>
43 #include <epan/dissectors/packet-atm.h>
44 #include <epan/dissectors/packet-clip.h>
45 #include <epan/dissectors/packet-eth.h>
46 #include <epan/dissectors/packet-fddi.h>
47 #include <epan/dissectors/packet-fr.h>
48 #include <epan/dissectors/packet-null.h>
49 #include <epan/dissectors/packet-ppi.h>
50 #include <epan/dissectors/packet-ppp.h>
51 #include <epan/dissectors/packet-raw.h>
52 #include <epan/dissectors/packet-sll.h>
53 #include <epan/dissectors/packet-tr.h>
54 #include <epan/dissectors/packet-ieee80211.h>
55 #include <epan/dissectors/packet-radiotap.h>
56 #include <epan/dissectors/packet-chdlc.h>
57 #include <epan/dissectors/packet-prism.h>
58 #include <epan/dissectors/packet-ipfc.h>
59 #include <epan/dissectors/packet-arcnet.h>
60 #include <epan/dissectors/packet-enc.h>
61 #include <epan/dissectors/packet-wlancap.h>
63 static void capture_info_packet(
64 packet_counts *counts, gint wtap_linktype, const guchar *pd, guint32 caplen, union wtap_pseudo_header *pseudo_header);
68 typedef struct _info_data {
69 packet_counts counts; /* several packet type counters */
70 struct wtap* wtap; /* current wtap file */
71 capture_info ui; /* user interface data */
75 info_data_t info_data;
79 void capture_info_open(const char *iface)
81 info_data.counts.total = 0;
82 info_data.counts.sctp = 0;
83 info_data.counts.tcp = 0;
84 info_data.counts.udp = 0;
85 info_data.counts.icmp = 0;
86 info_data.counts.ospf = 0;
87 info_data.counts.gre = 0;
88 info_data.counts.ipx = 0;
89 info_data.counts.netbios = 0;
90 info_data.counts.vines = 0;
91 info_data.counts.other = 0;
92 info_data.counts.arp = 0;
94 info_data.wtap = NULL;
95 info_data.ui.counts = &info_data.counts;
97 capture_info_ui_create(&info_data.ui, iface);
102 cf_open_error_message(int err, gchar *err_info, gboolean for_writing,
106 static char errmsg_errno[1024+1];
112 case WTAP_ERR_NOT_REGULAR_FILE:
113 errmsg = "The file \"%s\" is a \"special file\" or socket or other non-regular file.";
116 case WTAP_ERR_FILE_UNKNOWN_FORMAT:
117 /* Seen only when opening a capture file for reading. */
118 errmsg = "The file \"%s\" isn't a capture file in a format TShark understands.";
121 case WTAP_ERR_UNSUPPORTED:
122 /* Seen only when opening a capture file for reading. */
123 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
124 "The file \"%%s\" isn't a capture file in a format TShark understands.\n"
127 errmsg = errmsg_errno;
130 case WTAP_ERR_CANT_WRITE_TO_PIPE:
131 /* Seen only when opening a capture file for writing. */
132 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
133 "The file \"%%s\" is a pipe, and %s capture files can't be "
134 "written to a pipe.", wtap_file_type_string(file_type));
135 errmsg = errmsg_errno;
138 case WTAP_ERR_UNSUPPORTED_FILE_TYPE:
139 /* Seen only when opening a capture file for writing. */
140 errmsg = "TShark doesn't support writing capture files in that format.";
143 case WTAP_ERR_UNSUPPORTED_ENCAP:
145 errmsg = "TShark can't save this capture in that format.";
147 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
148 "The file \"%%s\" is a capture for a network type that TShark doesn't support.\n"
151 errmsg = errmsg_errno;
155 case WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED:
157 errmsg = "TShark can't save this capture in that format.";
159 errmsg = "The file \"%s\" is a capture for a network type that TShark doesn't support.";
162 case WTAP_ERR_BAD_RECORD:
163 /* Seen only when opening a capture file for reading. */
164 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
165 "The file \"%%s\" appears to be damaged or corrupt.\n"
168 errmsg = errmsg_errno;
171 case WTAP_ERR_CANT_OPEN:
173 errmsg = "The file \"%s\" could not be created for some unknown reason.";
175 errmsg = "The file \"%s\" could not be opened for some unknown reason.";
178 case WTAP_ERR_SHORT_READ:
179 errmsg = "The file \"%s\" appears to have been cut short"
180 " in the middle of a packet or other data.";
183 case WTAP_ERR_SHORT_WRITE:
184 errmsg = "A full header couldn't be written to the file \"%s\".";
188 g_snprintf(errmsg_errno, sizeof(errmsg_errno),
189 "The file \"%%s\" could not be %s: %s.",
190 for_writing ? "created" : "opened",
192 errmsg = errmsg_errno;
196 errmsg = file_open_error_message(err, for_writing);
200 /* new file arrived */
201 gboolean capture_info_new_file(const char *new_filename)
205 char err_msg[2048+1];
208 if(info_data.wtap != NULL) {
209 wtap_close(info_data.wtap);
212 info_data.wtap = wtap_open_offline(new_filename, &err, &err_info, FALSE);
213 if (!info_data.wtap) {
214 g_snprintf(err_msg, sizeof err_msg,
215 cf_open_error_message(err, err_info, FALSE, WTAP_FILE_PCAP),
217 g_warning("capture_info_new_file: %d (%s)", err, err_msg);
224 /* new packets arrived */
225 void capture_info_new_packets(int to_read)
230 const struct wtap_pkthdr *phdr;
231 union wtap_pseudo_header *pseudo_header;
236 info_data.ui.new_packets = to_read;
238 /*g_warning("new packets: %u", to_read);*/
240 while (to_read != 0 && (wtap_read(info_data.wtap, &err, &err_info, &data_offset))) {
241 phdr = wtap_phdr(info_data.wtap);
242 pseudo_header = wtap_pseudoheader(info_data.wtap);
243 wtap_linktype = phdr->pkt_encap;
244 buf = wtap_buf_ptr(info_data.wtap);
246 capture_info_packet(&info_data.counts, wtap_linktype, buf, phdr->caplen, pseudo_header);
248 /*g_warning("new packet");*/
252 capture_info_ui_update(&info_data.ui);
257 void capture_info_close(void)
259 capture_info_ui_destroy(&info_data.ui);
261 wtap_close(info_data.wtap);
266 capture_info_packet(packet_counts *counts, gint wtap_linktype, const guchar *pd, guint32 caplen, union wtap_pseudo_header *pseudo_header)
269 switch (wtap_linktype) {
270 case WTAP_ENCAP_ETHERNET:
271 capture_eth(pd, 0, caplen, counts);
273 case WTAP_ENCAP_FDDI:
274 case WTAP_ENCAP_FDDI_BITSWAPPED:
275 capture_fddi(pd, caplen, counts);
277 case WTAP_ENCAP_PRISM_HEADER:
278 capture_prism(pd, 0, caplen, counts);
280 case WTAP_ENCAP_TOKEN_RING:
281 capture_tr(pd, 0, caplen, counts);
283 case WTAP_ENCAP_NULL:
284 capture_null(pd, caplen, counts);
287 capture_ppp_hdlc(pd, 0, caplen, counts);
289 case WTAP_ENCAP_RAW_IP:
290 capture_raw(pd, caplen, counts);
293 capture_sll(pd, caplen, counts);
295 case WTAP_ENCAP_LINUX_ATM_CLIP:
296 capture_clip(pd, caplen, counts);
298 case WTAP_ENCAP_IEEE_802_11:
299 case WTAP_ENCAP_IEEE_802_11_WITH_RADIO:
300 capture_ieee80211(pd, 0, caplen, counts);
302 case WTAP_ENCAP_IEEE_802_11_WLAN_RADIOTAP:
303 capture_radiotap(pd, 0, caplen, counts);
305 case WTAP_ENCAP_IEEE_802_11_WLAN_AVS:
306 capture_wlancap(pd, 0, caplen, counts);
308 case WTAP_ENCAP_CHDLC:
309 capture_chdlc(pd, 0, caplen, counts);
311 case WTAP_ENCAP_LOCALTALK:
312 capture_llap(counts);
314 case WTAP_ENCAP_ATM_PDUS:
315 capture_atm(pseudo_header, pd, caplen, counts);
317 case WTAP_ENCAP_IP_OVER_FC:
318 capture_ipfc(pd, caplen, counts);
320 case WTAP_ENCAP_ARCNET:
321 capture_arcnet(pd, caplen, counts, FALSE, TRUE);
323 case WTAP_ENCAP_ARCNET_LINUX:
324 capture_arcnet(pd, caplen, counts, TRUE, FALSE);
326 case WTAP_ENCAP_APPLE_IP_OVER_IEEE1394:
327 capture_ap1394(pd, 0, caplen, counts);
329 case WTAP_ENCAP_FRELAY:
330 case WTAP_ENCAP_FRELAY_WITH_PHDR:
331 capture_fr(pd, 0, caplen, counts);
334 capture_enc(pd, caplen, counts);
337 capture_ppi(pd, caplen, counts);
339 /* XXX - some ATM drivers on FreeBSD might prepend a 4-byte ATM
340 pseudo-header to DLT_ATM_RFC1483, with LLC header following;
341 we might have to implement that at some point. */
346 #endif /* HAVE_LIBPCAP */