6 * Ethereal - Network traffic analyzer
7 * By Gerald Combs <gerald@ethereal.com>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
40 #ifdef HAVE_SYS_STAT_H
51 typedef int mode_t; /* for win32 */
52 #endif /* __MINGW32__ */
53 #endif /* HAVE_IO_H */
55 #include <epan/address.h>
56 #include <epan/addr_resolv.h>
59 * This has to come after the include of <pcap.h>, as the include of
60 * <pcap.h> might cause <winsock2.h> to be included, and if we've
61 * already included <winsock.h> as a result of including <windows.h>,
62 * we get a bunch of redefinitions.
71 * Collect command-line arguments as a string consisting of the arguments,
72 * separated by spaces.
75 get_args_as_string(int argc, char **argv, int optind)
82 * Find out how long the string will be.
85 for (i = optind; i < argc; i++) {
86 len += strlen(argv[i]);
87 len++; /* space, or '\0' if this is the last argument */
91 * Allocate the buffer for the string.
93 argstring = g_malloc(len);
96 * Now construct the string.
98 strcpy(argstring, "");
101 strcat(argstring, argv[i]);
105 strcat(argstring, " ");
111 setup_tmpdir(const char *dir)
113 size_t len = strlen(dir);
116 /* Append path separator if necessary */
117 if (len != 0 && dir[len - 1] == G_DIR_SEPARATOR) {
121 newdir = g_malloc(len + 2);
123 strcat(newdir, G_DIR_SEPARATOR_S);
129 try_tempfile(char *namebuf, int namebuflen, const char *dir, const char *pfx)
131 static const char suffix[] = "XXXXXXXXXX";
132 int namelen = strlen(dir) + strlen(pfx) + sizeof suffix;
136 if (namebuflen < namelen) {
137 /* Stick in a truncated name, so that if this error is
138 reported with the file name, you at least get
140 g_snprintf(namebuf, namebuflen, "%s%s%s", dir, pfx, suffix);
141 errno = ENAMETOOLONG;
144 strcpy(namebuf, dir);
145 strcat(namebuf, pfx);
146 strcat(namebuf, suffix);
148 /* The Single UNIX Specification doesn't say that "mkstemp()"
149 creates the temporary file with mode rw-------, so we
150 won't assume that all UNIXes will do so; instead, we set
151 the umask to 0077 to take away all group and other
152 permissions, attempt to create the file, and then put
154 old_umask = umask(0077);
155 tmp_fd = mkstemp(namebuf);
160 static const char *tmpdir = NULL;
162 static char *temp = NULL;
164 static const char *E_tmpdir;
167 #define P_tmpdir "/var/tmp"
171 create_tempfile(char *namebuf, int namebuflen, const char *pfx)
175 static gboolean initialized;
178 if ((dir = getenv("TMPDIR")) != NULL)
179 tmpdir = setup_tmpdir(dir);
181 if ((dir = getenv("TEMP")) != NULL)
182 temp = setup_tmpdir(dir);
185 E_tmpdir = setup_tmpdir(P_tmpdir);
189 if (tmpdir != NULL) {
190 fd = try_tempfile(namebuf, namebuflen, tmpdir, pfx);
197 fd = try_tempfile(namebuf, namebuflen, temp, pfx);
203 fd = try_tempfile(namebuf, namebuflen, E_tmpdir, pfx);
207 return try_tempfile(namebuf, namebuflen, G_DIR_SEPARATOR_S "tmp", pfx);
210 /* Compute the difference between two seconds/microseconds time stamps. */
212 compute_timestamp_diff(gint *diffsec, gint *diffusec,
213 guint32 sec1, guint32 usec1, guint32 sec2, guint32 usec2)
216 /* The seconds part of the first time is the same as the seconds
217 part of the second time, so if the microseconds part of the first
218 time is less than the microseconds part of the second time, the
219 first time is before the second time. The microseconds part of
220 the delta should just be the difference between the microseconds
221 part of the first time and the microseconds part of the second
222 time; don't adjust the seconds part of the delta, as it's OK if
223 the microseconds part is negative. */
225 *diffsec = sec1 - sec2;
226 *diffusec = usec1 - usec2;
227 } else if (sec1 <= sec2) {
228 /* The seconds part of the first time is less than the seconds part
229 of the second time, so the first time is before the second time.
231 Both the "seconds" and "microseconds" value of the delta
232 should have the same sign, so if the difference between the
233 microseconds values would be *positive*, subtract 1,000,000
234 from it, and add one to the seconds value. */
235 *diffsec = sec1 - sec2;
236 if (usec2 >= usec1) {
237 *diffusec = usec1 - usec2;
239 *diffusec = (usec1 - 1000000) - usec2;
243 /* Oh, good, we're not caught in a chronosynclastic infindibulum. */
244 *diffsec = sec1 - sec2;
245 if (usec2 <= usec1) {
246 *diffusec = usec1 - usec2;
248 *diffusec = (usec1 + 1000000) - usec2;
254 /* Try to figure out if we're remotely connected, e.g. via ssh or
255 Terminal Server, and create a capture filter that matches aspects of the
256 connection. We match the following environment variables:
258 SSH_CONNECTION (ssh): <remote IP> <remote port> <local IP> <local port>
259 SSH_CLIENT (ssh): <remote IP> <remote port> <local port>
260 REMOTEHOST (tcsh, others?): <remote name>
261 DISPLAY (x11): [remote name]:<display num>
262 CLIENTNAME (terminal server): <remote name>
265 const gchar *get_conn_cfilter(void) {
266 static GString *filter_str = NULL;
267 gchar *env, **tokens;
269 if (filter_str == NULL) {
270 filter_str = g_string_new("");
272 if ((env = getenv("SSH_CONNECTION")) != NULL) {
273 tokens = g_strsplit(env, " ", 4);
275 g_string_sprintf(filter_str, "not (tcp port %s and %s host %s "
276 "and tcp port %s and %s host %s)", tokens[1], host_ip_af(tokens[0]), tokens[0],
277 tokens[3], host_ip_af(tokens[2]), tokens[2]);
278 return filter_str->str;
280 } else if ((env = getenv("SSH_CLIENT")) != NULL) {
281 tokens = g_strsplit(env, " ", 3);
282 g_string_sprintf(filter_str, "not (tcp port %s and %s host %s "
283 "and tcp port %s)", tokens[1], host_ip_af(tokens[0]), tokens[0], tokens[2]);
284 return filter_str->str;
285 } else if ((env = getenv("REMOTEHOST")) != NULL) {
286 if (strcasecmp(env, "localhost") == 0 || strcmp(env, "127.0.0.1") == 0) {
289 g_string_sprintf(filter_str, "not %s host %s", host_ip_af(env), env);
290 return filter_str->str;
291 } else if ((env = getenv("DISPLAY")) != NULL) {
292 tokens = g_strsplit(env, ":", 2);
293 if (tokens[0] && tokens[0][0] != 0) {
294 if (strcasecmp(tokens[0], "localhost") == 0 ||
295 strcmp(tokens[0], "127.0.0.1") == 0) {
298 g_string_sprintf(filter_str, "not %s host %s",
299 host_ip_af(tokens[0]), tokens[0]);
300 return filter_str->str;
302 } else if ((env = getenv("CLIENTNAME")) != NULL) {
303 if (g_strcasecmp("console", env) != 0) {
304 g_string_sprintf(filter_str, "not %s host %s", host_ip_af(env), env);
305 return filter_str->str;