2 * Compare two capture files
3 * Copyright 2008 Vincenzo Condoleo, Christophe Dirac, Reto Ruoss
4 * supported by HSR (Hochschule Rapperswil)
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 0F111-1307, USA.
27 /* This module provides statistics about two merged capture files, to find packet loss,
28 * time delay, ip header checksum errors and order check.
29 * It's also detecting the matching regions of the different files.
30 * After the coloring is set Info column can be sorted to create zebra effect.
32 * The packets are compared by the ip id. MAC or TTL is used to distinct the different files.
46 #include <epan/packet_info.h>
47 #include <epan/epan.h>
48 #include <epan/epan_dissect.h>
49 #include <epan/stat_cmd_args.h>
50 #include <epan/to_str.h>
52 #include <epan/emem.h>
53 #include <epan/packet.h>
54 #include <epan/report_err.h>
55 #include <epan/dissectors/packet-ip.h>
56 #include <epan/nstime.h>
57 #include <epan/in_cksum.h>
59 #include "../stat_menu.h"
60 #include "../simple_dialog.h"
61 #include "../timestats.h"
63 #include "gtk/gui_stat_menu.h"
64 #include "gtk/stock_icons.h"
65 #include "gtk/help_dlg.h"
66 #include "gtk/filter_autocomplete.h"
68 #include "gui_utils.h"
69 #include "dlg_utils.h"
72 #include "filter_dlg.h"
73 #include "service_response_time_table.h"
74 #include "gtkglobals.h"
75 #include "gui_utils.h"
80 #include "color_filters.h"
81 #include "color_dlg.h"
82 #include "new_packet_list.h"
84 #include "gtk/old-gtk-compat.h"
86 /* From colorize convertion */
91 #define WRONG_CHKSUM 0
93 #define MERGED_FILES 2
99 /* information which are needed for the display */
100 typedef struct _for_gui {
103 nstime_t predecessor_time;
104 struct _frame_info *partner;
107 /* each tracked packet */
108 typedef struct _frame_info {
115 nstime_t abs_ts, zebra_time, delta;
118 /* used to keep track of the statistics for an entire program interface */
119 typedef struct _compstat_t {
120 GtkWidget *win, *treeview, *scrolled_win, *statis_label;
121 GtkTreeStore *simple_list;
122 GtkTreeIter iter, child;
123 emem_tree_t *packet_tree, *ip_id_tree, *nr_tree;
124 address eth_dst, eth_src;
125 nstime_t zebra_time, current_time;
129 guint32 start_ongoing_hits, stop_ongoing_hits, start_packet_nr_first, start_packet_nr_second, stop_packet_nr_first, stop_packet_nr_second;
130 guint32 first_file_amount, second_file_amount;
143 /* only one compare window should be open */
144 static gboolean first_window=TRUE;
146 /* allowed variace */
147 static GtkWidget *spin_var_int=NULL;
149 /* start/stop compare */
150 static GtkWidget *spin_start_int, *spin_stop_int;
152 /* to call directly _init */
153 static gdouble compare_variance=0.0;
154 static guint8 compare_start, compare_stop;
155 static gboolean TTL_method=TRUE, ON_method=TRUE;
156 static GtkWidget *radio_TTL, *radio_ON;
159 comparestat_set_title(compstat_t *cs)
163 title=g_strdup_printf("Compare two capture files: %s", cf_get_display_name(&cfile));
164 gtk_window_set_title(GTK_WINDOW(cs->win), title);
168 /* called when new capture starts, when it rescans the packetlist after some prefs have
172 comparestat_reset(void *arg)
176 SET_ADDRESS(&cs->eth_src, AT_ETHER, 0, NULL);
177 SET_ADDRESS(&cs->eth_dst, AT_ETHER, 0, NULL);
179 gtk_tree_store_clear(cs->simple_list);
180 comparestat_set_title(cs);
183 /* This callback is invoked whenever the tap system has seen a packet
184 * we might be interested in.
186 * 0: no updates, no need to call (*draw) later
187 * !0: state has changed, call (*draw) sometime later
190 comparestat_packet(void *arg, packet_info *pinfo, epan_dissect_t *edt _U_, const void *arg2)
193 const ws_ip *ci=arg2;
194 frame_info *fInfo, *fInfoTemp;
196 guint16 computed_cksum=0;
198 /* so this get filled, usually with the first frame */
199 if(cs->eth_dst.len==0) {
200 cs->eth_dst=pinfo->dl_dst;
201 cs->eth_src=pinfo->dl_src;
204 /* Set up the fields of the pseudo-header and create checksum */
205 cksum_vec[0].ptr=&ci->ip_v_hl;
206 cksum_vec[0].len=BYTES;
208 cksum_vec[1].ptr=&ci->ip_p;
210 /* skip header checksum and ip's (because of NAT)*/
211 cksum_vec[2].ptr=ci->ip_dst.data;
212 cksum_vec[2].ptr=cksum_vec[2].ptr+ci->ip_dst.len;
213 /* dynamic computation */
214 cksum_vec[2].len=pinfo->iphdrlen-20;
215 computed_cksum=in_cksum(&cksum_vec[0], 3);
217 /* Set up the new order to create the zebra effect */
218 fInfoTemp=se_tree_lookup32(cs->packet_tree, pinfo->fd->num);
219 if((fInfoTemp!=NULL)){
220 col_set_time(pinfo->cinfo, COL_INFO, &fInfoTemp->zebra_time, "ZebraTime");
223 /* collect all packet infos */
224 fInfo=(frame_info*)se_alloc(sizeof(frame_info));
225 fInfo->fg=(for_gui*)se_alloc(sizeof(for_gui));
226 fInfo->fg->partner=NULL;
228 fInfo->fg->cksum=computed_cksum;
229 fInfo->num=pinfo->fd->num;
231 fInfo->ip_ttl=ci->ip_ttl;
232 fInfo->dl_dst=pinfo->dl_dst;
233 fInfo->abs_ts=pinfo->fd->abs_ts;
235 nstime_set_zero(&fInfo->zebra_time);
236 nstime_set_zero(&fInfo->fg->predecessor_time);
237 se_tree_insert32(cs->packet_tree, pinfo->fd->num, fInfo);
239 if(cf_get_packet_count(&cfile)==abs(fInfo->num)){
240 nstime_set_unset(&cs->current_time);
247 /* Find equal packets, same IP-Id, count them and make time statistics */
249 call_foreach_count_ip_id(gpointer value, gpointer arg)
251 compstat_t *cs=(compstat_t*)arg;
252 frame_info *fInfo=(frame_info*)value, *fInfoTemp;
256 /* we only need one value out of pinfo we use a temp one */
257 packet_info *pinfo=(packet_info*)ep_alloc(sizeof(packet_info));
258 pinfo->fd=(frame_data*)ep_alloc(sizeof(frame_data));
259 pinfo->fd->num = fInfo->num;
261 fInfoTemp=se_tree_lookup32(cs->ip_id_tree, fInfo->id);
263 /* Detect ongoing package loss */
264 if((cs->last_hit==FALSE)&&(cs->start_ongoing_hits>compare_start)&&(cs->stop_ongoing_hits<compare_stop)){
265 cs->stop_ongoing_hits++;
266 cs->stop_packet_nr_first=fInfo->num;
267 } else if(cs->stop_ongoing_hits<compare_stop){
268 cs->stop_ongoing_hits=0;
269 cs->stop_packet_nr_first=G_MAXINT32;
274 se_tree_insert32(cs->ip_id_tree, fInfo->id, fInfo);
276 /* Detect ongoing package hits, special behavior if start is set to 0 */
277 if((cs->last_hit||(compare_start==0))&&(cs->start_ongoing_hits<compare_start||(compare_start==0))){
278 if((compare_start==0)&&(cs->start_ongoing_hits!=0)){
279 /* start from the first packet so allready set */
281 cs->start_ongoing_hits++;
282 /* Take the lower number */
283 cs->start_packet_nr_first=fInfoTemp->num;
284 cs->start_packet_nr_second=fInfo->num;
286 } else if(cs->start_ongoing_hits<compare_start){
287 cs->start_ongoing_hits=0;
288 cs->start_packet_nr_first=G_MAXINT32;
292 fInfo->fg->count=fInfoTemp->fg->count + 1;
293 if(fInfoTemp->fg->cksum!=fInfo->fg->cksum){
294 fInfo->fg->cksum=WRONG_CHKSUM;
295 fInfoTemp->fg->cksum=WRONG_CHKSUM;
298 fInfo->fg->partner=fInfoTemp;
299 /* Create time statistic */
300 if(fInfo->fg->count==MERGED_FILES){
301 nstime_delta(&delta, &fInfo->abs_ts, &fInfoTemp->abs_ts);
302 /* Set delta in both packets */
303 nstime_set_zero(&fInfoTemp->delta);
304 nstime_add(&fInfoTemp->delta, &delta);
305 nstime_set_zero(&fInfo->delta);
306 nstime_add(&fInfo->delta, &delta);
307 time_stat_update(&cs->stats, &delta, pinfo);
309 se_tree_insert32(cs->ip_id_tree, fInfo->id, fInfo);
313 if(TTL_method && (fInfo->num<TTL_SEARCH)){
314 for(i=0; i < cs->ip_ttl_list->len; i++){
315 if(g_array_index(cs->ip_ttl_list, guint8, i) == fInfo->ip_ttl){
319 g_array_append_val(cs->ip_ttl_list, fInfo->ip_ttl);
325 /*Create new numbering in the Info column, to create a zebra effect */
327 call_foreach_new_order(gpointer value, gpointer arg)
329 compstat_t *cs=(compstat_t*)arg;
330 frame_info *fInfo=(frame_info*)value, *fInfoTemp;
332 /* overwrite Info column for new ordering */
333 fInfoTemp=se_tree_lookup32(cs->nr_tree, fInfo->id);
335 if(TTL_method==FALSE){
336 if((ADDRESSES_EQUAL(&cs->eth_dst, &fInfo->dl_dst)) || (ADDRESSES_EQUAL(&cs->eth_src, &fInfo->dl_dst))){
337 se_tree_insert32(cs->nr_tree, fInfo->id, fInfo);
338 fInfo->zebra_time=cs->zebra_time;
339 cs->zebra_time.nsecs=cs->zebra_time.nsecs + MERGED_FILES;
341 cs->zebra_time.nsecs++;
342 se_tree_insert32(cs->nr_tree, fInfo->id, fInfo);
343 fInfo->zebra_time=cs->zebra_time;
344 cs->zebra_time.nsecs++;
347 if((g_array_index(cs->ip_ttl_list, guint8, 0)==fInfo->ip_ttl) || (g_array_index(cs->ip_ttl_list, guint8, 1)==fInfo->ip_ttl)){
348 se_tree_insert32(cs->nr_tree, fInfo->id, fInfo);
349 fInfo->zebra_time=cs->zebra_time;
350 cs->zebra_time.nsecs=cs->zebra_time.nsecs + MERGED_FILES;
352 cs->zebra_time.nsecs++;
353 se_tree_insert32(cs->nr_tree, fInfo->id, fInfo);
354 fInfo->zebra_time=cs->zebra_time;
355 cs->zebra_time.nsecs++;
360 if(TTL_method==FALSE){
361 if(((ADDRESSES_EQUAL(&cs->eth_dst, &fInfo->dl_dst)) || (ADDRESSES_EQUAL(&cs->eth_src, &fInfo->dl_dst)))&&(!fmod(fInfoTemp->zebra_time.nsecs,MERGED_FILES))){
362 fInfo->zebra_time.nsecs=fInfoTemp->zebra_time.nsecs;
364 fInfo->zebra_time.nsecs=fInfoTemp->zebra_time.nsecs+1;
367 if(((g_array_index(cs->ip_ttl_list, guint8, 0)==fInfo->ip_ttl) || (g_array_index(cs->ip_ttl_list, guint8, 1)==fInfo->ip_ttl))&&(!fmod(fInfoTemp->zebra_time.nsecs,MERGED_FILES))){
368 fInfo->zebra_time.nsecs=fInfoTemp->zebra_time.nsecs;
370 fInfo->zebra_time.nsecs=fInfoTemp->zebra_time.nsecs+1;
375 /* count packets of file */
376 if(fmod(fInfo->zebra_time.nsecs, MERGED_FILES)){
377 cs->first_file_amount++;
379 cs->second_file_amount++;
383 if(!nstime_is_unset(&cs->current_time)){
384 fInfo->fg->predecessor_time.nsecs=cs->current_time.nsecs;
387 cs->current_time.nsecs=fInfo->zebra_time.nsecs;
392 /* calculate scopes if not set yet */
394 call_foreach_merge_settings(gpointer value, gpointer arg)
396 compstat_t *cs=(compstat_t*)arg;
397 frame_info *fInfo=(frame_info*)value, *fInfoTemp=NULL;
398 guint32 tot_packet_amount=cs->first_file_amount+cs->second_file_amount, swap;
400 if((fInfo->num==tot_packet_amount)&&(cs->stop_packet_nr_first!=G_MAXINT32)){
401 /* calculate missing stop number */
402 swap=cs->stop_packet_nr_first;
403 cs->stop_packet_nr_first=tot_packet_amount-cs->second_file_amount;;
404 cs->stop_packet_nr_second=swap;
407 if((fInfo->num==tot_packet_amount)&&(cs->stop_packet_nr_first==G_MAXINT32)&&(cs->start_packet_nr_first!=G_MAXINT32)){
408 fInfoTemp=se_tree_lookup32(cs->packet_tree, cs->start_packet_nr_first);
410 fprintf(stderr,"ERROR: Incorrect start number\n");
412 if(fInfoTemp && fmod(fInfoTemp->zebra_time.nsecs, 2)){
414 cs->stop_packet_nr_first=cs->start_packet_nr_first+abs(cs->second_file_amount-(cs->start_packet_nr_second-cs->first_file_amount));
415 if(cs->stop_packet_nr_first>(tot_packet_amount-cs->second_file_amount)){
416 cs->stop_packet_nr_first=tot_packet_amount-cs->second_file_amount;
418 /*this only happens if we have too many MAC's or TTL*/
419 if(cs->stop_packet_nr_first>cs->start_packet_nr_second){
420 cs->stop_packet_nr_first=cs->start_packet_nr_second-1;
422 fInfoTemp=se_tree_lookup32(cs->packet_tree, cs->stop_packet_nr_first);
423 while((fInfoTemp!=NULL)?fmod(!fInfoTemp->zebra_time.nsecs, 2):TRUE){
424 cs->stop_packet_nr_first--;
425 fInfoTemp=se_tree_lookup32(cs->packet_tree, cs->stop_packet_nr_first);
428 /*this only happens if we have too many MAC's or TTL*/
429 cs->stop_packet_nr_first=cs->first_file_amount+cs->start_packet_nr_first;
430 if(cs->stop_packet_nr_first>tot_packet_amount-cs->first_file_amount){
431 cs->stop_packet_nr_first=tot_packet_amount-cs->first_file_amount;
433 fInfoTemp=se_tree_lookup32(cs->packet_tree, cs->stop_packet_nr_first);
434 while((fInfoTemp!=NULL)?fmod(fInfoTemp->zebra_time.nsecs, 2):TRUE){
435 cs->stop_packet_nr_first--;
436 fInfoTemp=se_tree_lookup32(cs->packet_tree, cs->stop_packet_nr_first);
439 /* set second stop location */
440 cs->stop_packet_nr_second=cs->start_packet_nr_second+abs(cs->stop_packet_nr_first-cs->start_packet_nr_first);
441 if(cs->stop_packet_nr_second>tot_packet_amount){
442 cs->stop_packet_nr_second=tot_packet_amount;
447 if(fInfo->num==tot_packet_amount&&compare_start!=0&&compare_stop!=0){
448 if(cs->start_packet_nr_first==G_MAXINT32){
449 report_failure("Start point couldn't be set. Please choose a lower start number.");
457 /* build gtk-tree of lost, delayed, checksum error and wrong order Packets*/
459 call_foreach_print_ip_tree(gpointer value, gpointer user_data)
461 frame_info *fInfo=(frame_info*)value;
462 compstat_t *cs=(compstat_t*)user_data;
463 gdouble delta, average;
464 gboolean show_it=FALSE;
466 delta=fabs(get_average(&fInfo->delta,1));
467 average=fabs(get_average(&cs->stats.tot, cs->stats.num));
469 /* special case if both are set to zero ignore start and stop numbering */
470 if(compare_start!=0&&compare_stop!=0){
471 /* check out if packet is in searched scope */
472 if((cs->start_packet_nr_first<fInfo->num)&&(cs->stop_packet_nr_first>fInfo->num)){
475 /* so we won't miss the other file */
476 if((fInfo->num>cs->start_packet_nr_second)&&(fInfo->num<cs->stop_packet_nr_second)){
484 /* Create the gtk tree */
486 if((fInfo->fg->count<MERGED_FILES)){
487 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
488 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "Lost packet", COUNT, fInfo->fg->count, DELTA, 0.0, -1);
491 if(fInfo->fg->count > MERGED_FILES){
492 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
493 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "More than two packets", COUNT, fInfo->fg->count, DELTA, 0.0, -1);
494 if(fInfo->fg->cksum == WRONG_CHKSUM) {
495 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, &cs->iter);
496 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, IP_ID, fInfo->id, PROBLEM, "IP header checksum incorrect", COUNT, fInfo->fg->count, DELTA, 0.0, -1);
499 if(fInfo->fg->count == MERGED_FILES){
500 if(fInfo->fg->cksum == WRONG_CHKSUM) {
501 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
502 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "IP header checksum incorrect", COUNT, fInfo->fg->count, DELTA, delta, -1);
503 if(((delta < (average-cs->stats.variance)) || (delta > (average+cs->stats.variance))) && (delta > 0.0) && (cs->stats.variance!=0)){
504 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, &cs->iter);
505 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, IP_ID, fInfo->id, PROBLEM, "Late arrival", COUNT, fInfo->fg->count, DELTA, delta, -1);
507 if((nstime_cmp(&fInfo->fg->predecessor_time, &fInfo->zebra_time)>0||nstime_cmp(&fInfo->fg->partner->fg->predecessor_time, &fInfo->fg->partner->zebra_time)>0) && (fInfo->zebra_time.nsecs!=MERGED_FILES) && ON_method){
508 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, &cs->iter);
509 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, IP_ID, fInfo->id, PROBLEM, "Out of order", COUNT, fInfo->fg->count, DELTA, delta, -1);
511 } else if(((delta < (average-cs->stats.variance)) || (delta > (average+cs->stats.variance))) && (delta > 0.0) && (cs->stats.variance!=0)) {
512 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
513 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "Late arrival", COUNT, fInfo->fg->count, DELTA, delta, -1);
514 if((nstime_cmp(&fInfo->fg->predecessor_time, &fInfo->zebra_time)>0||nstime_cmp(&fInfo->fg->partner->fg->predecessor_time, &fInfo->fg->partner->zebra_time)>0) && fInfo->zebra_time.nsecs != MERGED_FILES && ON_method){
515 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, &cs->iter);
516 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->child, IP_ID, fInfo->id, PROBLEM, "Out of order", COUNT, fInfo->fg->count, DELTA, delta, -1);
518 } else if((nstime_cmp(&fInfo->fg->predecessor_time, &fInfo->zebra_time)>0||nstime_cmp(&fInfo->fg->partner->fg->predecessor_time, &fInfo->fg->partner->zebra_time)>0) && fInfo->zebra_time.nsecs != MERGED_FILES && ON_method){
519 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
520 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "Out of order", COUNT, fInfo->fg->count, DELTA, delta, -1);
527 /* since the gtk2 implementation of tap is multithreaded we must protect
528 * remove_tap_listener() from modifying the list while draw_tap_listener()
529 * is running. the other protected block is in main.c
531 * there should not be any other critical regions in gtk2
534 win_destroy_cb(GtkWindow *win _U_, gpointer data)
536 compstat_t *cs=(compstat_t *)data;
538 protect_thread_critical_region();
539 remove_tap_listener(cs);
540 unprotect_thread_critical_region();
543 gtk_tree_store_clear(cs->simple_list);
547 /* this may be called any time, perhaps once every 3 seconds or so.
550 comparestat_draw(void *arg)
552 compstat_t *cs = arg;
553 GString *filter_str = g_string_new("");
554 const gchar *statis_string;
556 guint32 first_file_amount, second_file_amount;
558 /* inital steps, clear all data before start*/
559 cs->zebra_time.secs=0;
560 cs->zebra_time.nsecs=1;
561 nstime_set_unset(&cs->current_time);
562 cs->ip_ttl_list=g_array_new(FALSE, FALSE, sizeof(guint8));
564 cs->start_ongoing_hits=0;
565 cs->stop_ongoing_hits=0;
566 cs->start_packet_nr_first=G_MAXINT32;
567 cs->start_packet_nr_second=G_MAXINT32;
568 cs->stop_packet_nr_first=G_MAXINT32;
569 cs->stop_packet_nr_second=G_MAXINT32;
570 cs->first_file_amount=0;
571 cs->second_file_amount=0;
573 time_stat_init(&cs->stats);
575 /* no need to do anything no file is open*/
576 if(cf_get_packet_count(&cfile)==0){
577 /* add statistic string */
578 statis_string=g_strdup_printf("No file open");
579 gtk_label_set_text((GtkLabel *) cs->statis_label, statis_string);
583 /* not using g_free, because struct is managed by se binarytrees */
584 cs->ip_id_tree=se_tree_create(EMEM_TREE_TYPE_RED_BLACK, "ip_id_tree");
585 emem_tree_foreach(cs->packet_tree, call_foreach_count_ip_id, cs);
587 /* set up TTL choice if only one number found */
588 if(TTL_method&&cs->ip_ttl_list->len==1){
589 g_array_append_val(cs->ip_ttl_list, g_array_index(cs->ip_ttl_list, guint8, 1));
592 emem_tree_foreach(cs->packet_tree, call_foreach_new_order,cs);
593 emem_tree_foreach(cs->packet_tree, call_foreach_merge_settings, cs);
595 /* remembering file amounts */
596 first_file_amount=cs->first_file_amount;
597 second_file_amount=cs->second_file_amount;
598 /* reset after numbering */
599 cs->nr_tree=se_tree_create(EMEM_TREE_TYPE_RED_BLACK, "nr_tree");
600 /* microsecond precision for Info column*/
601 timestamp_set_precision(TS_PREC_AUTO_NSEC);
603 nstime_set_unset(&cs->current_time);
605 /* set color filter, in Routing environment */
606 if(TTL_method&&cs->ip_ttl_list->len!=0){
607 g_string_printf(filter_str, "%s %i %s %i", "ip.ttl ==", g_array_index(cs->ip_ttl_list, guint8, 0), "|| ip.ttl ==", g_array_index(cs->ip_ttl_list, guint8, 1));
608 } else if(cs->eth_dst.len!=0&&cs->eth_src.len!=0){
609 g_string_printf(filter_str, "%s %s %s %s", "eth.dst==", ep_address_to_str(&cs->eth_dst), "|| eth.dst==", ep_address_to_str(&cs->eth_src));
611 color_filters_set_tmp(COLOR_N, filter_str->str, FALSE);
612 new_packet_list_colorize_packets();
614 cs->stats.variance=compare_variance;
616 /* add statistic string */
617 statis_string=g_strdup_printf("Compare Statistics: \nNumber of packets total:%i 1st file:%i, 2nd file:%i\nScopes:\t start:%i stop:%i\nand:\t start:%i stop:%i\nEqual packets: %i \nAllowed variation: %f \nAverage time difference: %f", cf_get_packet_count(&cfile), first_file_amount, second_file_amount, cs->start_packet_nr_first, cs->stop_packet_nr_first, cs->start_packet_nr_second, cs->stop_packet_nr_second, cs->stats.num, cs->stats.variance, fabs(get_average(&cs->stats.tot, cs->stats.num)));
618 gtk_label_set_text((GtkLabel *) cs->statis_label, statis_string);
620 /* add start and stop of scanning */
621 if(cs->start_packet_nr_first!=G_MAXINT32&&compare_start!=0&&compare_stop!=0){
622 fInfo=se_tree_lookup32(cs->packet_tree, cs->start_packet_nr_first);
624 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
625 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "Start scanning", COUNT, 0, DELTA, 0.0, -1);
628 if(cs->stop_packet_nr_first!=G_MAXINT32&&compare_start!=0&&compare_stop!=0){
629 fInfo=se_tree_lookup32(cs->packet_tree, cs->stop_packet_nr_first);
631 gtk_tree_store_append(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, NULL);
632 gtk_tree_store_set(GTK_TREE_STORE(gtk_tree_view_get_model(GTK_TREE_VIEW(cs->treeview))), &cs->iter, IP_ID, fInfo->id, PROBLEM, "Stop scanning", COUNT, 0, DELTA, 0.0, -1);
636 emem_tree_foreach(cs->ip_id_tree, call_foreach_print_ip_tree, cs);
637 g_string_free(filter_str, TRUE);
638 g_array_free(cs->ip_ttl_list, TRUE);
641 /* called when a tree row is (un)selected in the popup window */
643 new_tree_view_selection_changed(GtkTreeSelection *sel, gpointer user_data)
649 /* Because it could be zero */
652 compstat_t *cs=(compstat_t*)user_data;
654 /* if something is selected */
655 if(gtk_tree_selection_get_selected(sel, &model, &iter)){
656 gtk_tree_model_get(model, &iter, 0, &id, 1, &problem, -1);
658 /* The id is not enough to find the start or the end packet */
659 if(strcmp("Start scanning",problem)==0){
660 cf_goto_frame(&cfile, cs->start_packet_nr_first);
663 if(strcmp("Stop scanning",problem)==0){
664 cf_goto_frame(&cfile, cs->stop_packet_nr_first);
667 fInfo=se_tree_lookup32(cs->ip_id_tree, id);
669 cf_goto_frame(&cfile, fInfo->num);
675 /* add three columns to the GtkTreeView. All three of the columns will be
676 * displayed as text*/
678 setup_tree_view(GtkWidget *treeview)
680 GtkCellRenderer *renderer;
681 GtkTreeViewColumn *column;
682 /* Create a new GtkCellRendererText, add it to the tree view column and
683 * append the column to the tree view. */
684 renderer=gtk_cell_renderer_text_new ();
685 column=gtk_tree_view_column_new_with_attributes("IP ID", renderer, "text", IP_ID, NULL);
686 gtk_tree_view_append_column(GTK_TREE_VIEW (treeview), column);
687 renderer=gtk_cell_renderer_text_new ();
688 column=gtk_tree_view_column_new_with_attributes("Problem", renderer, "text", PROBLEM, NULL);
689 gtk_tree_view_append_column(GTK_TREE_VIEW (treeview), column);
690 renderer=gtk_cell_renderer_text_new ();
691 column=gtk_tree_view_column_new_with_attributes("Count", renderer, "text", COUNT, NULL);
692 gtk_tree_view_append_column(GTK_TREE_VIEW (treeview), column);
693 renderer=gtk_cell_renderer_text_new ();
694 column=gtk_tree_view_column_new_with_attributes("Delta", renderer, "text", DELTA, NULL);
695 gtk_tree_view_append_column(GTK_TREE_VIEW (treeview), column);
698 /* when called, this function will create a new instance of gtk2-comparestat.
701 gtk_comparestat_init(const char *optarg, void* userdata _U_)
706 GtkWidget *stat_label;
707 GtkWidget *filter_label;
713 gint start, stop,ttl, order, pos=0;
714 const char *filter=NULL;
715 GString *error_string;
717 if(sscanf(optarg,"compare,%d,%d,%d,%d,%lf%n",&start, &stop, &ttl, &order, &variance, &pos)==5){
719 if(*(optarg+pos)==',')
727 fprintf(stderr, "wireshark: invalid \"-z compare,<start>,<stop>,<ttl[0|1]>,<order[0|1]>,<variance>[,<filter>]\" argument\n");
731 compare_variance=variance;
737 cs=g_malloc(sizeof(compstat_t));
738 nstime_set_unset(&cs->current_time);
739 cs->ip_ttl_list=g_array_new(FALSE, FALSE, sizeof(guint8));
741 cs->start_ongoing_hits=0;
742 cs->stop_ongoing_hits=0;
743 cs->start_packet_nr_first=G_MAXINT32;
744 cs->start_packet_nr_second=G_MAXINT32;
745 cs->stop_packet_nr_first=G_MAXINT32;
746 cs->stop_packet_nr_second=G_MAXINT32;
747 cs->first_file_amount=0;
748 cs->second_file_amount=0;
750 cs->zebra_time.secs=0;
751 cs->zebra_time.nsecs=1;
752 cs->nr_tree=se_tree_create(EMEM_TREE_TYPE_RED_BLACK, "nr_tree");
753 /* microsecond precision */
754 timestamp_set_precision(TS_PREC_AUTO_NSEC);
756 /* transient_for top_level */
757 cs->win=dlg_window_new("compare-stat");
758 gtk_window_set_destroy_with_parent (GTK_WINDOW(cs->win), TRUE);
759 gtk_window_set_default_size(GTK_WINDOW(cs->win), 550, 400);
760 comparestat_set_title(cs);
762 vbox=gtk_vbox_new(FALSE, 3);
763 gtk_container_add(GTK_CONTAINER(cs->win), vbox);
764 gtk_container_set_border_width(GTK_CONTAINER(vbox), 12);
766 title_string = g_strdup_printf("Compare two capture files: %s", cf_get_display_name(&cfile));
767 stat_label=gtk_label_new(title_string);
768 g_free(title_string);
769 gtk_box_pack_start(GTK_BOX(vbox), stat_label, FALSE, FALSE, 0);
771 filter_string = g_strdup_printf("Filter: %s", filter ? filter : "");
772 filter_label=gtk_label_new(filter_string);
773 g_free(filter_string);
774 gtk_label_set_line_wrap(GTK_LABEL(filter_label), TRUE);
775 gtk_box_pack_start(GTK_BOX(vbox), filter_label, FALSE, FALSE, 0);
777 /* add statistik info to Window */
778 cs->statis_label=gtk_label_new("Statistics:");
779 gtk_label_set_line_wrap(GTK_LABEL(cs->statis_label), TRUE);
780 gtk_box_pack_start(GTK_BOX(vbox), cs->statis_label, FALSE, FALSE, 0);
782 /* we must display TOP LEVEL Widget before calling simple_list_new */
783 gtk_widget_show_all(cs->win);
785 cs->treeview=gtk_tree_view_new();
786 setup_tree_view(cs->treeview);
788 /* create a newtree model with four columns */
789 cs->simple_list=gtk_tree_store_new(COLUMNS, G_TYPE_INT, G_TYPE_STRING, G_TYPE_INT, G_TYPE_DOUBLE);
791 /* add the tree model to the tree view and unreference it so that the model will
792 * be destroyed along with the tree view. */
793 gtk_tree_view_set_model(GTK_TREE_VIEW (cs->treeview), GTK_TREE_MODEL (cs->simple_list));
794 g_object_unref(cs->simple_list);
796 /* call this method when row is chosen*/
797 gtk_tree_selection_set_mode(gtk_tree_view_get_selection(GTK_TREE_VIEW(cs->treeview)),GTK_SELECTION_SINGLE);
798 g_signal_connect(gtk_tree_view_get_selection(GTK_TREE_VIEW(cs->treeview)), "changed", G_CALLBACK(new_tree_view_selection_changed), cs);
800 /* list with scrollbar's */
801 cs->scrolled_win=gtk_scrolled_window_new(NULL, NULL);
802 gtk_scrolled_window_set_policy (GTK_SCROLLED_WINDOW(cs->scrolled_win), GTK_POLICY_AUTOMATIC, GTK_POLICY_AUTOMATIC);
803 gtk_container_add(GTK_CONTAINER(cs->scrolled_win), cs->treeview);
804 gtk_box_pack_start(GTK_BOX(vbox), cs->scrolled_win, TRUE, TRUE, 0);
806 /* create a Hash to count the packets with the same ip.id */
807 cs->packet_tree=se_tree_create(EMEM_TREE_TYPE_RED_BLACK, "Packet_info_tree");
809 error_string=register_tap_listener("ip", cs, filter, 0, comparestat_reset, comparestat_packet, comparestat_draw);
811 simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s", error_string->str);
812 g_string_free(error_string, TRUE);
813 gtk_tree_store_clear(cs->simple_list);
819 bbox = dlg_button_row_new(GTK_STOCK_CLOSE, GTK_STOCK_HELP, NULL);
820 gtk_box_pack_end(GTK_BOX(vbox), bbox, FALSE, FALSE, 0);
822 close_bt = g_object_get_data(G_OBJECT(bbox), GTK_STOCK_CLOSE);
823 window_set_cancel_button(cs->win, close_bt, window_cancel_button_cb);
825 help_bt = g_object_get_data(G_OBJECT(bbox), GTK_STOCK_HELP);
826 g_signal_connect(help_bt, "clicked", G_CALLBACK(topic_cb), (gpointer)HELP_STATS_COMPARE_FILES_DIALOG);
828 g_signal_connect(cs->win, "delete_event", G_CALLBACK(window_delete_event_cb), NULL);
829 g_signal_connect(cs->win, "destroy", G_CALLBACK(win_destroy_cb), cs);
831 gtk_widget_show_all(cs->win);
832 window_present(cs->win);
834 cf_retap_packets(&cfile);
837 static GtkWidget *dlg=NULL;
838 static GtkWidget *filter_entry;
841 comparestat_start_button_clicked(GtkWidget *item _U_, gpointer data _U_)
846 compare_start=gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(spin_start_int));
847 compare_stop=gtk_spin_button_get_value_as_int(GTK_SPIN_BUTTON(spin_stop_int));
848 compare_variance=gtk_spin_button_get_value(GTK_SPIN_BUTTON(spin_var_int));
849 if(gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(radio_TTL))){
854 if(gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(radio_ON))){
860 str = g_string_new("compare");
861 g_string_append_printf(str, ",%d,%d,%d,%d,%lf",compare_start, compare_stop, TTL_method, ON_method, compare_variance);
862 filter=gtk_entry_get_text(GTK_ENTRY(filter_entry));
864 g_string_append_printf(str, ",%s", filter);
868 first_window = FALSE;
869 gtk_comparestat_init(str->str,NULL);
871 report_failure("cannot open more than one compare of the same type at once");
874 g_string_free(str, TRUE);
878 dlg_destroy_cb(GtkWidget *w _U_, gpointer user_data _U_)
883 /* create and show first view of this module
885 #ifdef MAIN_MENU_USE_UIMANAGER
887 gtk_comparestat_cb(GtkAction *action _U_, gpointer user_data _U_)
890 gtk_comparestat_cb(GtkWidget *w _U_, gpointer d _U_)
893 GtkAdjustment *start_integer, *stop_integer, *var_integer;
895 GtkWidget *spin_start_label, *spin_stop_label, *spin_start_box, *spin_stop_box;
896 GtkWidget *spin_var_box, *spin_var_label;
897 GtkWidget *order_box, *radio_MAC, *order_label;
898 GtkWidget *differ_box, *radio_OFF, *differ_label;
899 GtkWidget *filter_box, *filter_bt;
900 GtkWidget *bbox, *start_button, *cancel_button;
902 static construct_args_t args = {
903 "Compare statistics",
909 /* if the window is already open, bring it to front */
911 gdk_window_raise(gtk_widget_get_window(dlg));
915 dlg=dlg_window_new("Wireshark: Compare two capture files");
916 gtk_window_set_default_size(GTK_WINDOW(dlg), 300, -1);
918 dlg_box=gtk_vbox_new(FALSE, 10);
919 gtk_container_set_border_width(GTK_CONTAINER(dlg_box), 10);
920 gtk_container_add(GTK_CONTAINER(dlg), dlg_box);
921 gtk_widget_show(dlg_box);
924 spin_start_box=gtk_hbox_new(FALSE, 10);
925 spin_stop_box=gtk_hbox_new(FALSE, 10);
928 gtk_container_set_border_width(GTK_CONTAINER(spin_start_box), 1);
929 spin_start_label=gtk_label_new("Start compare:");
930 gtk_box_pack_start(GTK_BOX(spin_start_box), spin_start_label, FALSE, FALSE, 0);
931 gtk_widget_show(spin_start_label);
932 gtk_container_set_border_width(GTK_CONTAINER(spin_stop_box), 1);
933 spin_stop_label=gtk_label_new("Stop compare: ");
934 gtk_box_pack_start(GTK_BOX(spin_stop_box), spin_stop_label, FALSE, FALSE, 0);
935 gtk_widget_show(spin_stop_label);
937 /* create adjustments. Spans between 0 and 100, starting at 0 and
938 * moves in increments of 1 */
939 start_integer=GTK_ADJUSTMENT(gtk_adjustment_new(0.0, 0.0, 100.0, 1.0, 5.0, 0.0));
940 stop_integer=GTK_ADJUSTMENT(gtk_adjustment_new(0.0, 0.0, 100.0, 1.0, 5.0, 0.0));
942 /* create spin button. Not displaying decimal */
943 spin_start_int=gtk_spin_button_new(start_integer, 1.0, 0);
944 spin_stop_int=gtk_spin_button_new(stop_integer, 1.0, 0);
947 gtk_box_pack_start(GTK_BOX(spin_start_box), spin_start_int, TRUE, TRUE, 0);
948 gtk_box_pack_start(GTK_BOX(spin_stop_box), spin_stop_int, TRUE, TRUE, 0);
950 gtk_box_pack_start(GTK_BOX(dlg_box), spin_start_box, FALSE, FALSE, 0);
951 gtk_widget_show(spin_start_box);
952 gtk_box_pack_start(GTK_BOX(dlg_box), spin_stop_box, FALSE, FALSE, 0);
953 gtk_widget_show(spin_stop_box);
956 differ_box=gtk_hbox_new(FALSE, 10);
959 gtk_container_set_border_width(GTK_CONTAINER(differ_box), 1);
960 differ_label=gtk_label_new("Endpoint distinction:");
961 gtk_box_pack_start(GTK_BOX(differ_box), differ_label, FALSE, FALSE, 0);
962 gtk_widget_show(differ_label);
964 /* create radio buttons */
965 radio_MAC=gtk_radio_button_new_with_label (NULL, "MAC");
966 radio_TTL=gtk_radio_button_new_with_label_from_widget (GTK_RADIO_BUTTON(radio_MAC), "TTL");
967 gtk_box_pack_start(GTK_BOX(differ_box), radio_MAC, TRUE, TRUE, 0);
968 gtk_box_pack_start(GTK_BOX(differ_box), radio_TTL, TRUE, TRUE, 0);
969 gtk_widget_show(radio_MAC);
970 gtk_widget_show(radio_TTL);
972 gtk_box_pack_start(GTK_BOX(dlg_box), differ_box, FALSE, FALSE, 0);
973 gtk_widget_show(differ_box);
976 order_box=gtk_hbox_new(FALSE, 10);
979 gtk_container_set_border_width(GTK_CONTAINER(order_box), 1);
980 order_label=gtk_label_new("Check order: ");
981 gtk_box_pack_start(GTK_BOX(order_box), order_label, FALSE, FALSE, 0);
982 gtk_widget_show(order_label);
984 /* create radio buttons */
985 radio_ON=gtk_radio_button_new_with_label (NULL, "On");
986 radio_OFF=gtk_radio_button_new_with_label_from_widget (GTK_RADIO_BUTTON(radio_ON), "Off");
987 gtk_box_pack_start(GTK_BOX(order_box), radio_ON, TRUE, TRUE, 0);
988 gtk_box_pack_start(GTK_BOX(order_box), radio_OFF, TRUE, TRUE, 0);
989 gtk_widget_show(radio_ON);
990 gtk_widget_show(radio_OFF);
992 gtk_box_pack_start(GTK_BOX(dlg_box), order_box, FALSE, FALSE, 0);
993 gtk_widget_show(order_box);
996 spin_var_box=gtk_hbox_new(FALSE, 10);
999 gtk_container_set_border_width(GTK_CONTAINER(spin_var_box), 1);
1000 spin_var_label=gtk_label_new("Time variance (sec +/-):");
1001 gtk_box_pack_start(GTK_BOX(spin_var_box), spin_var_label, FALSE, FALSE, 0);
1002 gtk_widget_show(spin_var_label);
1004 /* create adjustments. Spans between 0 and 100, starting at 0 and
1005 * moves in increments of 1 */
1006 var_integer=GTK_ADJUSTMENT(gtk_adjustment_new(0.0, 0.0, 100.0, 1.0, 5.0, 0.0));
1008 /* create spin button. Not displaying decimal */
1009 spin_var_int=gtk_spin_button_new(var_integer, 0.0, 2);
1012 gtk_box_pack_start(GTK_BOX(spin_var_box), spin_var_int, TRUE, TRUE, 0);
1013 gtk_widget_show(spin_var_int);
1015 gtk_box_pack_start(GTK_BOX(dlg_box), spin_var_box, FALSE, FALSE, 0);
1016 gtk_widget_show(spin_var_box);
1019 filter_box=gtk_hbox_new(FALSE, 3);
1022 filter_bt=gtk_button_new_from_stock(WIRESHARK_STOCK_DISPLAY_FILTER_ENTRY);
1023 g_signal_connect(filter_bt, "clicked", G_CALLBACK(display_filter_construct_cb), &args);
1024 gtk_box_pack_start(GTK_BOX(filter_box), filter_bt, FALSE, TRUE, 0);
1025 gtk_widget_show(filter_bt);
1028 filter_entry=gtk_entry_new();
1029 g_signal_connect(filter_entry, "changed", G_CALLBACK(filter_te_syntax_check_cb), NULL);
1030 g_object_set_data(G_OBJECT(filter_box), E_FILT_AUTOCOMP_PTR_KEY, NULL);
1031 g_signal_connect(filter_entry, "key-press-event", G_CALLBACK (filter_string_te_key_pressed_cb), NULL);
1032 g_signal_connect(dlg, "key-press-event", G_CALLBACK (filter_parent_dlg_key_pressed_cb), NULL);
1034 /* filter prefs dialog */
1035 g_object_set_data(G_OBJECT(filter_bt), E_FILT_TE_PTR_KEY, filter_entry);
1036 /* filter prefs dialog */
1038 gtk_box_pack_start(GTK_BOX(filter_box), filter_entry, TRUE, TRUE, 0);
1039 filter=gtk_entry_get_text(GTK_ENTRY(main_display_filter_widget));
1041 gtk_entry_set_text(GTK_ENTRY(filter_entry), filter);
1043 gtk_widget_show(filter_entry);
1045 gtk_box_pack_start(GTK_BOX(dlg_box), filter_box, TRUE, TRUE, 0);
1046 gtk_widget_show(filter_box);
1049 bbox = dlg_button_row_new(WIRESHARK_STOCK_CREATE_STAT, GTK_STOCK_CANCEL, NULL);
1050 gtk_box_pack_start(GTK_BOX(dlg_box), bbox, FALSE, FALSE, 0);
1051 gtk_widget_show(bbox);
1053 start_button = g_object_get_data(G_OBJECT(bbox), WIRESHARK_STOCK_CREATE_STAT);
1054 g_signal_connect_swapped(start_button, "clicked", G_CALLBACK(comparestat_start_button_clicked), NULL);
1056 cancel_button = g_object_get_data(G_OBJECT(bbox), GTK_STOCK_CANCEL);
1057 window_set_cancel_button(dlg, cancel_button, window_cancel_button_cb);
1059 /* give the initial focus to the "filter" entry box. */
1060 gtk_widget_grab_focus(filter_entry);
1062 gtk_widget_grab_default(start_button );
1064 g_signal_connect(dlg, "delete_event", G_CALLBACK(window_delete_event_cb), NULL);
1065 g_signal_connect(dlg, "destroy", G_CALLBACK(dlg_destroy_cb), NULL);
1067 gtk_widget_show_all(dlg);
1068 window_present(dlg);
1073 register_tap_listener_gtkcomparestat(void)
1075 register_stat_cmd_arg("compare", gtk_comparestat_init, NULL);
1077 #ifdef MAIN_MENU_USE_UIMANAGER
1079 register_stat_menu_item("Compare...", REGISTER_STAT_GROUP_UNSORTED, gtk_comparestat_cb, NULL, NULL, NULL);
git.samba.org / obnox / wireshark / wip.git / blob