/* XXX - try to remove this later */
#include "ui_util.h"
/* XXX - try to remove this later */
+#include "util.h"
+#include "alert_box.h"
+#include "log.h"
+#include "file_util.h"
#include <epan/dissectors/packet-ap1394.h>
#include <epan/dissectors/packet-clip.h>
#include <epan/dissectors/packet-eth.h>
#include <epan/dissectors/packet-fddi.h>
+#include <epan/dissectors/packet-fr.h>
#include <epan/dissectors/packet-null.h>
#include <epan/dissectors/packet-ppp.h>
#include <epan/dissectors/packet-raw.h>
-
/*
* We don't want to do a "select()" on the pcap_t's file descriptor on
* BSD (because "select()" doesn't work correctly on BPF devices on at
gboolean from_cap_pipe; /* TRUE if we are capturing data from a capture pipe */
#ifndef _WIN32
struct pcap_hdr cap_pipe_hdr;
+ struct pcaprec_modified_hdr cap_pipe_rechdr;
int cap_pipe_fd; /* the file descriptor of the capture pipe */
gboolean cap_pipe_modified; /* TRUE if data in the pipe uses modified pcap headers */
gboolean cap_pipe_byte_swapped; /* TRUE if data in the pipe is byte swapped */
*/
#define CAP_READ_TIMEOUT 250
-static void capture_loop_packet_cb(guchar *user, const struct pcap_pkthdr *phdr,
- const guchar *pd);
+static void capture_loop_packet_cb(u_char *user, const struct pcap_pkthdr *phdr,
+ const u_char *pd);
static void capture_loop_popup_errmsg(capture_options *capture_opts, const char *errmsg);
static void capture_loop_get_errmsg(char *errmsg, int errmsglen, const char *fname,
int err, gboolean is_close);
fd_set rfds;
struct timeval timeout;
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "cap_pipe_open_live: %s", pipename);
+
/*
* XXX Ethereal blocks until we return
*/
if (strcmp(pipename, "-") == 0)
fd = 0; /* read from stdin */
else {
- if (stat(pipename, &pipe_stat) < 0) {
+ if (eth_stat(pipename, &pipe_stat) < 0) {
if (errno == ENOENT || errno == ENOTDIR)
ld->cap_pipe_err = PIPNEXIST;
else {
}
return -1;
}
- fd = open(pipename, O_RDONLY | O_NONBLOCK);
+ fd = eth _open(pipename, O_RDONLY | O_NONBLOCK, 0000 /* no creation so don't matter */);
if (fd == -1) {
g_snprintf(errmsg, errmsgl,
"The capture session could not be initiated "
return fd;
error:
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "cap_pipe_open_live: error %s", errmsg);
ld->cap_pipe_err = PIPERR;
- close(fd);
+ eth_close(fd);
return -1;
}
enum { PD_REC_HDR_READ, PD_DATA_READ, PD_PIPE_EOF, PD_PIPE_ERR,
PD_ERR } result;
+
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "cap_pipe_dispatch");
+#endif
+
switch (ld->cap_pipe_state) {
case STATE_EXPECT_REC_HDR:
phdr.caplen = rechdr->hdr.incl_len;
phdr.len = rechdr->hdr.orig_len;
- capture_loop_packet_cb((guchar *)ld, &phdr, data);
+ capture_loop_packet_cb((u_char *)ld, &phdr, data);
ld->cap_pipe_state = STATE_EXPECT_REC_HDR;
return 1;
WSADATA wsaData;
#else
static const char ppamsg[] = "can't find PPA for ";
- char *libpcap_warn;
+ const char *libpcap_warn;
#endif
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_input : %s", capture_opts->iface);
+
/* Initialize Windows Socket if we are in a WIN32 OS
This needs to be done before querying the interface for network/netmask */
#ifdef _WIN32
} else {
/* We couldn't open "iface" as a network device. */
#ifdef _WIN32
- /* On Windows, we don't support capturing on pipes, so we give up.
- If this is a child process that does the capturing in sync
- mode or fork mode, it shouldn't do any UI stuff until we pop up the
- capture-progress window, and, since we couldn't start the
- capture, we haven't popped it up. */
- if (!capture_opts->capture_child) {
- main_window_update();
- }
+ /* On Windows, we don't support capturing on pipes, so we give up. */
/* On Win32 OSes, the capture devices are probably available to all
users; don't warn about permissions problems.
Do, however, warn that WAN devices aren't supported. */
g_snprintf(errmsg, errmsg_len,
-"The capture session could not be initiated (%s).\n"
+"%sThe capture session could not be initiated!%s\n"
+"\n"
+"(%s)\n"
+"\n"
"Please check that you have the proper interface specified.\n"
"\n"
+"Help can be found at: http://wiki.ethereal.com/CaptureSetup\n"
+"\n"
+"WinPcap does not support 64-bit Windows, so you will not be able to capture\n"
+"traffic with Tethereal on 64-bit Windows. You will have to use some other\n"
+"tool to capture traffic, such as netcap; see\n"
+"\n"
+" http://support.microsoft.com/?id=310875\n"
+"\n"
+"for information about netcap.\n"
+"\n"
"Note that version 3.0 of WinPcap, and earlier versions of WinPcap, don't\n"
-"support capturing on PPP/WAN interfaces in Windows NT 4.0, Windows 2000,\n"
-"Windows XP, or Windows Server 2003. WinPcap 3.1 has experimental support\n"
-"for it on Windows 2000, Windows XP, and Windows Server 2003, but has no\n"
-"support for it on Windows NT 4.0. WinPcap 3.1 is currently in beta, so\n"
-"using it might introduce bugs not present in WinPcap 3.0; you should report\n"
-"all problems you see to the WinPcap developers, so they can try to fix\n"
-"them before the final WinPcap 3.1 release.",
- open_err_str);
+"support capturing on PPP/WAN interfaces on Windows NT 4.0 / 2000 / XP /\n"
+"Server 2003.\n"
+"WinPcap 3.1 has support for it on Windows 2000 / XP / Server 2003, but has no\n"
+"support for it on Windows NT 4.0 or Windows Vista (Beta 1).",
+ simple_dialog_primary_start(), simple_dialog_primary_end(),
+ open_err_str);
return FALSE;
#else
/* try to open iface as a pipe */
if (ld->cap_pipe_fd == -1) {
- /* If this is a child process that does the capturing in sync
- * mode or fork mode, it shouldn't do any UI stuff until we pop up the
- * capture-progress window, and, since we couldn't start the
- * capture, we haven't popped it up.
- */
- if (!capture_opts->capture_child) {
- main_window_update();
- }
-
if (ld->cap_pipe_err == PIPNEXIST) {
/* Pipe doesn't exist, so output message for interface */
}
#ifdef MUST_DO_SELECT
- if (!ld->from_cap_pipe) ld->pcap_fd = pcap_fileno(ld->pcap_h);
+ if (!ld->from_cap_pipe) {
+#ifdef HAVE_PCAP_GET_SELECTABLE_FD
+ ld->pcap_fd = pcap_get_selectable_fd(ld->pcap_h);
+#else
+ ld->pcap_fd = pcap_fileno(ld->pcap_h);
+#endif
+ }
#endif
/* Does "open_err_str" contain a non-empty string? If so, "pcap_open_live()"
/* open the capture input file (pcap or capture pipe) */
static void capture_loop_close_input(loop_data *ld) {
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_close_input");
+
#ifndef _WIN32
/* if open, close the capture pipe "input file" */
if (ld->cap_pipe_fd >= 0) {
g_assert(ld->from_cap_pipe);
- close(ld->cap_pipe_fd);
+ eth_close(ld->cap_pipe_fd);
}
#endif
gchar lookup_net_err_str[PCAP_ERRBUF_SIZE];
struct bpf_program fcode;
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_init_filter: %s", cfilter);
+
/* capture filters only work on real interfaces */
if (cfilter && !ld->from_cap_pipe) {
/* A capture filter was specified; set it up. */
}
if (pcap_compile(ld->pcap_h, &fcode, cfilter, 1, netmask) < 0) {
dfilter_t *rfcode = NULL;
+ gchar *safe_cfilter = simple_dialog_format_message(cfilter);
+ gchar *safe_cfilter_error_msg = simple_dialog_format_message(
+ pcap_geterr(ld->pcap_h));
+
/* filter string invalid, did the user tried a display filter? */
if (dfilter_compile(cfilter, &rfcode) && rfcode != NULL) {
g_snprintf(errmsg, errmsg_len,
"so you can't use most display filter expressions as capture filters.\n"
"\n"
"See the help for a description of the capture filter syntax.",
- simple_dialog_primary_start(), cfilter, simple_dialog_primary_end(),
- pcap_geterr(ld->pcap_h));
+ simple_dialog_primary_start(), safe_cfilter,
+ simple_dialog_primary_end(), safe_cfilter_error_msg);
dfilter_free(rfcode);
} else {
g_snprintf(errmsg, errmsg_len,
"\n"
"That string isn't a valid capture filter (%s).\n"
"See the help for a description of the capture filter syntax.",
- simple_dialog_primary_start(), cfilter, simple_dialog_primary_end(),
- pcap_geterr(ld->pcap_h));
+ simple_dialog_primary_start(), safe_cfilter,
+ simple_dialog_primary_end(), safe_cfilter_error_msg);
}
+ g_free(safe_cfilter_error_msg);
+ g_free(safe_cfilter);
return FALSE;
}
if (pcap_setfilter(ld->pcap_h, &fcode) < 0) {
g_snprintf(errmsg, errmsg_len, "Can't install filter (%s).",
pcap_geterr(ld->pcap_h));
+#ifdef HAVE_PCAP_FREECODE
+ pcap_freecode(&fcode);
+#endif
return FALSE;
}
+#ifdef HAVE_PCAP_FREECODE
+ pcap_freecode(&fcode);
+#endif
}
return TRUE;
/* open the wiretap part of the capture output file */
-static int capture_loop_open_wiretap_output(capture_options *capture_opts, loop_data *ld, char *errmsg, int errmsg_len) {
+static int capture_loop_init_wiretap_output(capture_options *capture_opts, int save_file_fd, loop_data *ld, char *errmsg, int errmsg_len) {
int pcap_encap;
int file_snaplen;
int err;
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_init_wiretap_output");
+
/* get packet encapsulation type and snaplen */
#ifndef _WIN32
if (ld->from_cap_pipe) {
ld->wtap_pdh = ringbuf_init_wtap_dump_fdopen(WTAP_FILE_PCAP, ld->wtap_linktype,
file_snaplen, &err);
} else {
- ld->wtap_pdh = wtap_dump_fdopen(capture_opts->save_file_fd, WTAP_FILE_PCAP,
- ld->wtap_linktype, file_snaplen, &err);
+ ld->wtap_pdh = wtap_dump_fdopen(save_file_fd, WTAP_FILE_PCAP,
+ ld->wtap_linktype, file_snaplen, FALSE /* compressed */, &err);
}
if (ld->wtap_pdh == NULL) {
}
static gboolean capture_loop_close_output(capture_options *capture_opts, loop_data *ld, int *err_close) {
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_close_output");
+
if (capture_opts->multi_files_on) {
return ringbuf_wtap_dump_close(&capture_opts->save_file, err_close);
} else {
fd_set set1;
struct timeval timeout;
int sel_ret;
- struct pcaprec_modified_hdr rechdr;
guchar pcap_data[WTAP_MAX_PACKET_SIZE];
#endif
#ifndef _WIN32
- /* dispatch from capture pipe */
if (ld->from_cap_pipe) {
+ /* dispatch from capture pipe */
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: from capture pipe");
+#endif
FD_ZERO(&set1);
FD_SET(ld->cap_pipe_fd, &set1);
timeout.tv_sec = 0;
/*
* "select()" says we can read from the pipe without blocking
*/
- inpkts = cap_pipe_dispatch(ld->cap_pipe_fd, ld, &ld->cap_pipe_hdr, &rechdr, pcap_data,
+ inpkts = cap_pipe_dispatch(ld->cap_pipe_fd, ld, &ld->cap_pipe_hdr, &ld->cap_pipe_rechdr, pcap_data,
errmsg, errmsg_len);
if (inpkts < 0) {
ld->go = FALSE;
else
#endif /* _WIN32 */
{
- /* dispatch from pcap using select */
+ /* dispatch from pcap */
#ifdef MUST_DO_SELECT
/*
* Sigh. The semantics of the read timeout argument to
* at least on some versions of some flavors of BSD, the timer
* doesn't start until a read is done, so it won't expire if
* only a "select()" or "poll()" is posted.
+ *
+ * If we have "pcap_get_selectable_fd()", we use it to get the
+ * descriptor on which to select; if that's -1, it means there
+ * is no descriptor on which you can do a "select()" (perhaps
+ * because you're capturing on a special device, and that device's
+ * driver unfortunately doesn't support "select()", in which case
+ * we don't do the select - which means Ethereal might block,
+ * unable to accept user input, until a packet arrives. If
+ * that's unacceptable, plead with whoever supplies the software
+ * for that device to add "select()" support.
*/
- FD_ZERO(&set1);
- FD_SET(ld->pcap_fd, &set1);
- timeout.tv_sec = 0;
- timeout.tv_usec = CAP_READ_TIMEOUT*1000;
- sel_ret = select(ld->pcap_fd+1, &set1, NULL, NULL, &timeout);
- if (sel_ret > 0) {
- /*
- * "select()" says we can read from it without blocking; go for
- * it.
- */
- inpkts = pcap_dispatch(ld->pcap_h, 1, capture_loop_packet_cb, (gchar *)ld);
- if (inpkts < 0) {
- ld->pcap_err = TRUE;
- ld->go = FALSE;
- }
- } else {
- inpkts = 0;
- if (sel_ret < 0 && errno != EINTR) {
- g_snprintf(errmsg, errmsg_len,
- "Unexpected error from select: %s", strerror(errno));
- capture_loop_popup_errmsg(capture_opts, errmsg);
- ld->go = FALSE;
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: from pcap_dispatch with select");
+#endif
+ if (ld->pcap_fd != -1) {
+ FD_ZERO(&set1);
+ FD_SET(ld->pcap_fd, &set1);
+ timeout.tv_sec = 0;
+ timeout.tv_usec = CAP_READ_TIMEOUT*1000;
+ sel_ret = select(ld->pcap_fd+1, &set1, NULL, NULL, &timeout);
+ if (sel_ret > 0) {
+ /*
+ * "select()" says we can read from it without blocking; go for
+ * it.
+ */
+ inpkts = pcap_dispatch(ld->pcap_h, 1, capture_loop_packet_cb, (u_char *)ld);
+ if (inpkts < 0) {
+ ld->pcap_err = TRUE;
+ ld->go = FALSE;
+ }
+ } else {
+ inpkts = 0;
+ if (sel_ret < 0 && errno != EINTR) {
+ g_snprintf(errmsg, errmsg_len,
+ "Unexpected error from select: %s", strerror(errno));
+ capture_loop_popup_errmsg(capture_opts, errmsg);
+ ld->go = FALSE;
+ }
}
}
+ else
+#endif /* MUST_DO_SELECT */
+ {
+ /* dispatch from pcap without select */
+#if 1
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: from pcap_dispatch");
+#endif
+ inpkts = pcap_dispatch(ld->pcap_h, 1, capture_loop_packet_cb, (u_char *) ld);
+ if (inpkts < 0) {
+ ld->pcap_err = TRUE;
+ ld->go = FALSE;
+ }
#else
- /* dispatch from pcap without select */
- inpkts = pcap_dispatch(ld->pcap_h, 1, capture_loop_packet_cb, (gchar *) ld);
- if (inpkts < 0) {
- ld->pcap_err = TRUE;
- ld->go = FALSE;
+ {
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: from pcap_next_ex");
+#endif
+ /* XXX - this is currently unused, as there is some confusion with pcap_next_ex() vs. pcap_dispatch() */
+
+ /* WinPcap's remote capturing feature doesn't work, see http://wiki.ethereal.com/CaptureSetup_2fWinPcapRemote */
+ /* for reference, an example remote interface: rpcap://[1.2.3.4]/\Device\NPF_{39993D68-7C9B-4439-A329-F2D888DA7C5C} */
+
+ /* emulate dispatch from pcap */
+ int in;
+ struct pcap_pkthdr *pkt_header;
+ u_char *pkt_data;
+
+ inpkts = 0;
+ while( (in = pcap_next_ex(ld->pcap_h, &pkt_header, &pkt_data)) == 1) {
+ capture_loop_packet_cb( (u_char *) ld, pkt_header, pkt_data);
+ inpkts++;
+ }
+
+ if(in < 0) {
+ ld->pcap_err = TRUE;
+ ld->go = FALSE;
+ inpkts = in;
+ }
+ }
+#endif
}
-#endif /* MUST_DO_SELECT */
}
+#ifdef LOG_CAPTURE_VERBOSE
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: %d new packet%s", inpkts, plurality(inpkts, "", "s"));
+#endif
+
return inpkts;
}
+/* open the output file (temporary/specified name/ringbuffer) */
+/* Returns TRUE if the file opened successfully, FALSE otherwise. */
+static gboolean
+capture_loop_open_output(capture_options *capture_opts, int *save_file_fd,
+ char *errmsg, int errmsg_len) {
+
+ char tmpname[128+1];
+ gchar *capfile_name;
+ gboolean is_tempfile;
+
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_output: %s",
+ (capture_opts->save_file) ? capture_opts->save_file : "");
+
+ if (capture_opts->save_file != NULL) {
+ /* We return to the caller while the capture is in progress.
+ * Therefore we need to take a copy of save_file in
+ * case the caller destroys it after we return.
+ */
+ capfile_name = g_strdup(capture_opts->save_file);
+ if (capture_opts->multi_files_on) {
+ /* ringbuffer is enabled */
+ *save_file_fd = ringbuf_init(capfile_name,
+ (capture_opts->has_ring_num_files) ? capture_opts->ring_num_files : 0);
+
+ /* we need the ringbuf name */
+ if(*save_file_fd != -1) {
+ g_free(capfile_name);
+ capfile_name = g_strdup(ringbuf_current_filename());
+ }
+ } else {
+ /* Try to open/create the specified file for use as a capture buffer. */
+ *save_file_fd = open(capfile_name, O_RDWR|O_BINARY|O_TRUNC|O_CREAT,
+ 0600);
+ }
+ is_tempfile = FALSE;
+ } else {
+ /* Choose a random name for the temporary capture buffer */
+ *save_file_fd = create_tempfile(tmpname, sizeof tmpname, "ether");
+ capfile_name = g_strdup(tmpname);
+ is_tempfile = TRUE;
+ }
+
+ /* did we fail to open the output file? */
+ if (*save_file_fd == -1) {
+ if (is_tempfile) {
+ g_snprintf(errmsg, errmsg_len,
+ "The temporary file to which the capture would be saved (\"%s\") "
+ "could not be opened: %s.", capfile_name, strerror(errno));
+ } else {
+ if (capture_opts->multi_files_on) {
+ ringbuf_error_cleanup();
+ }
+
+ g_snprintf(errmsg, errmsg_len,
+ "The file to which the capture would be saved (\"%s\") "
+ "could not be opened: %s.", capfile_name,
+ strerror(errno));
+
+ /*open_failure_alert_box(capfile_name, errno, TRUE);*/
+ }
+ g_free(capfile_name);
+ return FALSE;
+ }
+
+ if(capture_opts->save_file != NULL) {
+ g_free(capture_opts->save_file);
+ }
+ capture_opts->save_file = capfile_name;
+ /* capture_opts.save_file is "g_free"ed later, which is equivalent to
+ "g_free(capfile_name)". */
+
+ return TRUE;
+}
+
+
+#ifndef _WIN32
+static void
+capture_loop_stop_signal_handler(int signo _U_)
+{
+ capture_loop_stop();
+}
+#endif
+
+#ifdef _WIN32
+#define TIME_GET() GetTickCount()
+#else
+#define TIME_GET() time(NULL)
+#endif
+
/*
* This needs to be static, so that the SIGUSR1 handler can clear the "go"
* flag.
gboolean close_ok;
capture_info capture_ui;
char errmsg[4096+1];
-
- gboolean show_info = capture_opts->show_info || !capture_opts->sync_mode;
+ int save_file_fd;
/* init the loop data */
ld.pcap_fd = 0;
#endif
+#ifndef _WIN32
+ /*
+ * Catch SIGUSR1, so that we exit cleanly if the parent process
+ * kills us with it due to the user selecting "Capture->Stop".
+ */
+ signal(SIGUSR1, capture_loop_stop_signal_handler);
+#endif
+
/* We haven't yet gotten the capture statistics. */
*stats_known = FALSE;
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture child starting ...");
+ capture_opts_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, capture_opts);
+
+ /* open the output file (temporary/specified name/ringbuffer) */
+ if (!capture_loop_open_output(capture_opts, &save_file_fd, errmsg, sizeof(errmsg))) {
+ goto error;
+ }
/* open the "input file" from network interface or capture pipe */
if (!capture_loop_open_input(capture_opts, &ld, errmsg, sizeof(errmsg))) {
}
/* open the wiretap part of the output file (the output file is already open) */
- if (!capture_loop_open_wiretap_output(capture_opts, &ld, errmsg, sizeof(errmsg))) {
+ if (!capture_loop_init_wiretap_output(capture_opts, save_file_fd, &ld, errmsg, sizeof(errmsg))) {
goto error;
}
in other places as well - and I don't think that works all the
time in any case, due to libpcap bugs. */
- if (capture_opts->capture_child) {
- /* Well, we should be able to start capturing.
-
- This is the child process for a sync mode capture, so sync out
- the capture file, so the header makes it to the file system,
- and send a "capture started successfully and capture file created"
- message to our parent so that they'll open the capture file and
- update its windows to indicate that we have a live capture in
- progress. */
- fflush(wtap_dump_file(ld.wtap_pdh));
- sync_pipe_capstart_to_parent();
- }
+ /* Well, we should be able to start capturing.
+
+ Sync out the capture file, so the header makes it to the file system,
+ and send a "capture started successfully and capture file created"
+ message to our parent so that they'll open the capture file and
+ update its windows to indicate that we have a live capture in
+ progress. */
+ wtap_dump_flush(ld.wtap_pdh);
+ sync_pipe_filename_to_parent(capture_opts->save_file);
/* initialize capture stop (and alike) conditions */
init_capture_stop_conditions();
/* create stop conditions */
if (capture_opts->has_autostop_filesize)
cnd_autostop_size =
- cnd_new(CND_CLASS_CAPTURESIZE,(long)capture_opts->autostop_filesize);
+ cnd_new(CND_CLASS_CAPTURESIZE,(long)capture_opts->autostop_filesize * 1024);
if (capture_opts->has_autostop_duration)
cnd_autostop_duration =
cnd_new(CND_CLASS_TIMEOUT,(gint32)capture_opts->autostop_duration);
}
/* start capture info dialog */
- if(show_info) {
+ if(capture_opts->show_info) {
capture_ui.callback_data = &ld;
capture_ui.counts = &ld.counts;
capture_info_create(&capture_ui, capture_opts->iface);
}
/* init the time values */
- start_time = time(NULL);
- upd_time = time(NULL);
+ start_time = TIME_GET();
+ upd_time = TIME_GET();
+
+
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture child running!");
/* WOW, everything is prepared! */
/* please fasten your seat belts, we will enter now the actual capture loop */
/* dispatch incoming packets */
inpkts = capture_loop_dispatch(capture_opts, &ld, errmsg, sizeof(errmsg));
+ main_window_update();
+
+#ifdef _WIN32
+ /* some news from our parent (signal pipe)? -> just stop the capture */
+ {
+ HANDLE handle;
+ DWORD avail = 0;
+ gboolean result;
+
+
+ handle = (HANDLE) _get_osfhandle (0);
+ result = PeekNamedPipe(handle, NULL, 0, NULL, &avail, NULL);
+
+ if(!result || avail > 0) {
+ ld.go = FALSE;
+ /*g_warning("loop closing");*/
+ }
+ }
+#endif
+
if (inpkts > 0) {
ld.packets_sync_pipe += inpkts;
}
/* Switch to the next ringbuffer file */
- if (ringbuf_switch_file(&ld.wtap_pdh, &capture_opts->save_file, &capture_opts->save_file_fd, &ld.err)) {
+ if (ringbuf_switch_file(&ld.wtap_pdh, &capture_opts->save_file, &save_file_fd, &ld.err)) {
/* File switch succeeded: reset the conditions */
cnd_reset(cnd_autostop_size);
if (cnd_file_duration) {
cnd_reset(cnd_file_duration);
}
+ wtap_dump_flush(ld.wtap_pdh);
+ sync_pipe_filename_to_parent(capture_opts->save_file);
+ ld.packets_sync_pipe = 0;
} else {
/* File switch failed: stop here */
ld.go = FALSE;
} /* inpkts */
/* Only update once a second so as not to overload slow displays */
- cur_time = time(NULL);
- if (cur_time > upd_time) {
- upd_time = cur_time;
+ cur_time = TIME_GET();
+#ifdef _WIN32
+ if ( (cur_time - upd_time) > 500) {
+#else
+ if (cur_time - upd_time > 0) {
+#endif
+ upd_time = cur_time;
/*if (pcap_stats(pch, stats) >= 0) {
*stats_known = TRUE;
}*/
/* calculate and display running time */
- if(show_info) {
+ if(capture_opts->show_info) {
cur_time -= start_time;
+#ifdef _WIN32
+ capture_ui.running_time = cur_time / 1000;
+#else
capture_ui.running_time = cur_time;
+#endif
capture_ui.new_packets = ld.packets_sync_pipe;
capture_info_update(&capture_ui);
}
/* Let the parent process know. */
if (ld.packets_sync_pipe) {
/* do sync here */
- fflush(wtap_dump_file(ld.wtap_pdh));
+ wtap_dump_flush(ld.wtap_pdh);
- if (capture_opts->capture_child) {
- /* This is the child process for a sync mode capture, so send
- our parent a message saying we've written out "ld.sync_packets"
+ /* Send our parent a message saying we've written out "ld.sync_packets"
packets to the capture file. */
sync_pipe_packet_count_to_parent(ld.packets_sync_pipe);
- }
ld.packets_sync_pipe = 0;
}
}
/* Switch to the next ringbuffer file */
- if (ringbuf_switch_file(&ld.wtap_pdh, &capture_opts->save_file, &capture_opts->save_file_fd, &ld.err)) {
+ if (ringbuf_switch_file(&ld.wtap_pdh, &capture_opts->save_file, &save_file_fd, &ld.err)) {
/* file switch succeeded: reset the conditions */
cnd_reset(cnd_file_duration);
if(cnd_autostop_size)
cnd_reset(cnd_autostop_size);
+ wtap_dump_flush(ld.wtap_pdh);
+ sync_pipe_filename_to_parent(capture_opts->save_file);
+ ld.packets_sync_pipe = 0;
} else {
/* File switch failed: stop here */
ld.go = FALSE;
} /* while (ld.go) */
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture child stopping ...");
+
/* close capture info dialog */
- if(show_info) {
+ if(capture_opts->show_info) {
capture_info_destroy(&capture_ui);
}
dropped. */
if (pcap_stats(ld.pcap_h, stats) >= 0) {
*stats_known = TRUE;
- if (capture_opts->capture_child) {
- /* Let the parent process know. */
- sync_pipe_drops_to_parent(stats->ps_drop);
- }
+ /* Let the parent process know. */
+ sync_pipe_drops_to_parent(stats->ps_drop);
} else {
g_snprintf(errmsg, sizeof(errmsg),
"Can't get packet-drop statistics: %s",
/* close the input file (pcap or capture pipe) */
capture_loop_close_input(&ld);
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture child stopped!");
+
/* ok, if the write and the close were successful. */
return write_ok && close_ok;
} else {
/* We can't use the save file, and we have no wtap_dump stream
to close in order to close it, so close the FD directly. */
- close(capture_opts->save_file_fd);
+ eth_close(save_file_fd);
/* We couldn't even start the capture, so get rid of the capture
file. */
- unlink(capture_opts->save_file); /* silently ignore error */
+ eth_unlink(capture_opts->save_file); /* silently ignore error */
g_free(capture_opts->save_file);
}
capture_opts->save_file = NULL;
/* close the input file (pcap or cap_pipe) */
capture_loop_close_input(&ld);
+ g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture child stopped with error");
+
return FALSE;
}
}
static void
-capture_loop_popup_errmsg(capture_options *capture_opts, const char *errmsg)
+capture_loop_popup_errmsg(capture_options *capture_opts _U_, const char *errmsg)
{
- if (capture_opts->capture_child) {
- /* This is the child process for a sync mode capture.
- Send the error message to our parent, so they can display a
+ /* Send the error message to our parent, so they can display a
dialog box containing it. */
sync_pipe_errmsg_to_parent(errmsg);
- } else {
- /* Display the dialog box ourselves; there's no parent. */
- simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s", errmsg);
- }
}
/* one packet was captured, process it */
static void
-capture_loop_packet_cb(guchar *user, const struct pcap_pkthdr *phdr,
- const guchar *pd)
+capture_loop_packet_cb(u_char *user, const struct pcap_pkthdr *phdr,
+ const u_char *pd)
{
struct wtap_pkthdr whdr;
union wtap_pseudo_header pseudo_header;
case WTAP_ENCAP_APPLE_IP_OVER_IEEE1394:
capture_ap1394(pd, 0, whdr.caplen, &ld->counts);
break;
+ case WTAP_ENCAP_FRELAY:
+ case WTAP_ENCAP_FRELAY_WITH_PHDR:
+ capture_fr(pd, 0, whdr.caplen, &ld->counts);
+ break;
/* XXX - some ATM drivers on FreeBSD might prepend a 4-byte ATM
pseudo-header to DLT_ATM_RFC1483, with LLC header following;
we might have to implement that at some point. */
git.samba.org / obnox / wireshark / wip.git / blobdiff